At a conference on December 3, 2019, Luxembourg’s Financial Sector Supervisory Authority (CSSF) has underlined to members of the country’s investment fund industry the need for improvement in aspects of controls designed to curb money laundering and the financing of terrorism.

Noting that Luxembourg is Europe’s largest fund centre in terms of assets under management, the CSSF notes that the country’s National Risk Assessment on Money Laundering and Terrorist Financing risks in December 2018 indicated that the investment fund sector carried a high risk because of the variety of entities involved, the high volume of retail and institutional investors and of the international scope of its business.

As the responsible authority designated by Luxembourg’s Anti-Money Laundering legislation of 12 November 2004 (the “AML Law”) for the oversight of money laundering and financing of terrorism controls on the part of registered alternative investment fund managers and self-managed non-alternative investment funds, the CSSF conducted in 2019 a survey designed to collect Anti-Money Laundering / Counter Financing Terrorism (AML/CFT) relevant data, and perform AML/CFT scoring of supervised entities

It concluded from the results that while most of the managers and funds surveyed possessed a sound framework for AML/CFT controls, there were some outliers, and discussions with industry members had identified areas for improvement or where further guidance was required.

Beneficial owner

The CSSF emphasises that there is always at least one beneficial owner and it is always an individual. In the case of corporate entities, senior executives should be treated as the beneficial owners if no other individuals meet the description or if there is any doubt regarding the identified persons as to the accuracy of their identification (see Article 1(7) of the AML Law).


The regulator says procedures are the crucial building blocks of an efficient AML/CFT control framework, to ensure coherent and homogeneous controls commensurate with the entity’s risks. Therefore, there is no one-size-fits-all procedure; they should be customised and continuously updated in the light of changes to the regulatory framework and to the circumstances of entities themselves (see Article 4(1) of the AML Law).

Risk-based approach

A risk-based approach should be employed to optimise the use of resources and ensure that controls are commensurate with the inherent risks faced by the entity – the higher the risk, the more stringent the controls required. The CSSF notes that at the end of 2018 some registered AIFMs and self-managed non-AIFs did not have a risk-based approach in place, although it is mandatory, not optional (see Article 2-2 of the AML Law).

AML/CFT training

On its own, the mere implementation of AML/CFT training is not sufficient – it must be tailored to the services offered by the entities and adapted to the characteristics and requirements of the fund industry. Given the sector’s inherent high risk, the CSSF regards annual training as mandatory, and says it expects to see a significant improvement in terms of training curriculums over the coming year (see Article 4 of the AML Law).

Name screening on targeted financial sanctions

The CSSF says analysis of the questionnaire results revealed that the frequency of screening of names in connection with the targeted financial sanctions list, including for example those of the European Union and United Nations, needs to be improved to ensure that confirmed matches are notified by the professionals immediately to the competent authorities.


Transaction monitoring

The regulator underlines that transaction monitoring is vital to identify unusual transactions raising potential suspicion of money laundering or financing of terrorism that require investigation, and must be performed on all investors, not just those considered at highest risk. If monitoring is delegated to a third party, usually the Registrar Transfer Agent, the professional retains legal responsibility and must conduct oversight of the delegated provider.

Cooperation with the Financial Intelligence Unit

Under Article 5 of the AML Law, professionals must communicate any suspicion of money laundering or financing of terrorism to Luxembourg’s Financial Intelligence Unit without delay. To do so, they must be registered on the GoAML platform, which requires a LuxTrust token.

(See the Financial Intelligence Unit’s website,

The CSSF launched a fresh online survey collecting standardised key information concerning ML/TF risks to which the professionals under supervision are exposed and the implementation of related risk mitigation and targeted financial sanctions measures, on February 3, 2020. Responses for fund sector entities must be submitted through the CSSF eDesk portal, by 15 March 2020, by a member of the management body of the entity, preferably the AML/CFT Compliance Officer who is responsible for AML/CFT compliance.