The CSSF published on March 18 a new frequently-asked questions document on the completion and transmission of the AML/CFT compliance officer’s summary report, as defined in articles 42 (6) and 42 (7) of the amended CSSF Regulation 12-02 of December 14, 2012 on measures to curb money laundering and financing of terrorism.

Who is required to prepare and submit the report?

The compliance officer (in French, responsable du contrôle) of Luxembourg AIFMs, Luxembourg-domiciled investment funds that have appointed a foreign AIFM and self-managed funds are required to prepare the report and present it to the entity’s management board, and submit it to the CSSF. The report must be dated and signed by the compliance officer (RC). It must be prepared even if the inquiries and due diligence carried out by the RC revealed no shortcomings.

When and how should the report be submitted?

The AML/CFT RC report must be submitted within five months following the end of the entity’s financial year either via e-file or Sofie for entities subject to CSSF Circular 19/708, or via the edesk module for registered AIFMs.

What should the report contain?

The AML/CFT report should be a consistent and accurate description of the work performed by the RC and of related findings.

For entities subject to CSSF Circular 18/698, the report must at least:

  • Results of the identification and assessment of money laundering and financing of terrorism risks and measures taken to mitigate them, as well as the AIFM’s risk level tolerance.
  • Results of due diligence conducted on clients, fund initiators, portfolio managers to whom management is delegated and investment advisers, including ongoing due diligence.
  • Results of enhanced due diligence conducted on intermediaries acting on behalf of their clients in accordance with the provisions of article 3 of CSSF Regulation 12-02, including ongoing due diligence.
  • Results of enhanced due diligence on individuals identified as politically exposed persons in according to article 3-2(4)(d) of the amended law of November 12, 2004 on money laundering and financing of terrorism.
  • Results of due diligence conducted on fund assets, including ongoing due diligence.
  • Monitoring any positions blocked due to AML/CFT concerns in the registers of fund unit-holders and/or intermediaries involved in the marketing of funds.
  • Periodic review of all business relationships according to their risk level.
  • In cases of delegation of tasks relating to professional obligations to third parties, results of monitoring carried out on the compliance of services provided by the third parties, not only with legal and regulatory provisions but also the contractual provisions; and where relevant, reasons why the fund manager has chosen new third parties during the year.
  • Statistical history concerning transactions identified as suspicious that inform the number of suspicious transaction cases reported to the Financial Intelligence Unit by the fund manager, as well as the total volume of funds involved.
  • Statistical history concerning transactions reported due to financial sanctions relating to financing of terrorism and those relating to implementation of United Nations Security Council resolutions and acts adopted by the European Union as well as the volume of funds involved.
  • The number of identified breaches of AML/CFT professional obligations, even if the number is zero.
  • The number of AML/CFT actions carried out notably as a result of Circular CSSF 18/698, from the work of the RC, the internal audit, external audit or CSSF’s inspections., with a description of the main actions, and the deadline for their implementation, under article 7(2) of the Grand-Ducal Regulation of February 1, 2010 and article 42(5) of CSSF regulation 12-02. If the number is zero, this must be clearly stated.

The report must be accompanied by documentation on the identification, assessment and mitigation of money laundering and financing of terrorism risks.

For entities not subject to CSSF Circular 18/698, the AML/CFT RC report should cover at least cover the following:

  • Overall residual money laundering and financing of terrorism risk assessment, including risk appetite, identified risks and mitigation measures put in place, emerging risks and their severity in terms of impact.
  • Results of AML/CFT due diligence on investors.
  • Results of AML/CFT due diligence on high-risk clients such as politically exposed persons, if any.
  • Results of AML/CFT due diligence on fund initiators, including group initiators.
  • Results of AML/CFT due diligence on investment advisors, if any.
  • Results of AML/CFT due diligence on distributors, if any.
  • Results of AML/CFT due diligence on delegates and service providers such as registrars and transfer agents or external portfolio managers, if any.
  • Results of AML/CFT due diligence on cross-border intermediaries, if any.
  • Results of AML/CFT due diligence on assets.
  • Results of AML/CFT due diligence on blocked accounts, if any.
  • Results of targeted financial sanctions screening.
  • Outcome of verification by the RC that all appropriate staff have been trained on AML/CFT issues.
  • List of co-operation with Luxembourg authorities on AML/CFT issues.
  • Dedicated money laundering and financing of terrorism shortcomings section, including remediation plan, if any.

What is the RC’s liability in the event of failure to submit the report?

A professional who fails to provide the AML/CFT report may be subject to sanctions as detailed in article 8-4 of the amended AML law of November 12, 2004.

If a recently appointed RC identifies that the outgoing RC failed to file the annual AML/CFT report, the CSSF expects the incoming RC to ensure that the report is submitted. Additionally, if the new RC finds that the exiting RC has performed no AML/CFT due diligence, the CSSF expects the entity’s board to submit a letter to explain the situation and the oversight performed by the board or compliance manager (RR) on the work of the outgoing RC.

What about entities being dissolved and placed in non-judicial liquidation?

Entities being dissolved and placed in non-judicial liquidation must submit the AML/CFT report to the CSSF until the effective start date of liquidation. AML/CFT reports are no longer required after the start of liquidation. However, since money laundering and financing of terrorism risks remain present during the liquidation, the liquidator is responsible for the entity’s AML/CFT controls, notably regarding co-operation with the authorities.

The CSSF’s FAQ can be found at: https://www.cssf.lu/wp-content/uploads/FAQ_RC_Report.pdf