Registered AIFMs and internally managed non-AIFs: the CSSF’s reminder of your AML/CFT obligations
10 December 2019
On 5 December 2019, the CSSF issued a summary of the AML/CFT Conference it held on 3 December 2019. The conference was specifically addressed to registered AIFMs and internally managed non-AIFs (the Entities).
First, the CSSF reiterates that these Entities are under the supervision of the CSSF for AML/CFT purposes, pursuant to article 2-1 (1) of the AML Law. In this context, in early 2019 the CSSF sent an AML/CFT questionnaire/ survey to these Entities to collect AML/CFT data for the year 2018.
After reviewing the responses, the CSSF found that generally speaking Entities had a sound AML/CFT framework with certain deficiencies. In particular the CSSF has identified the following areas for improvement:
- Identification of beneficial owners: there is always a beneficial owner – who must be a natural person. In this respect, note that the definition of beneficial owners provides that senior managing officials are the beneficial owners at last resort for corporate entities.
- Tailor-made procedure: the CSSF stresses the importance for Entities (i) to have in place tailor-made AML/CFT procedures and (ii) to update these procedures following internal and/or regulatory changes.
- Duty to perform a Risk Based Approach (RBA): Entities must perform ML/FT risk assessments and adapt the controls to the level of ML/FT risks. An RBA should be used by Entities to optimise their resources and enhance control of those areas that present higher risks.
- Annual and tailor-made AML/CFT training: Entities must ensure they provide AML/CFT training at least once a year for their staff, as the investment fund sector presents a high ML/FT risk. The CSSF has noted that training has so far neither been sufficiently focused on the services offered by Entities nor adapted to the fund industry. The CSSF expects to see significant improvements in this area.
- Increase name-screening frequency on targeted financial sanctions: the CSSF expects professionals to increase the frequency of name screening against EU and UN sanctions lists and to notify the competent authorities immediately in cases of confirmed hits.
- Transactions monitoring on all investors: Entities need to continuously monitor the transactions of all investors (and not only some of them) in order to detect unusual transactions. An oversight must be conducted over their delegate (typically the transfer agent) in cases of delegation.
- Registration on GoAML and cooperation with the Financial Intelligence Unit (FIU): Entities must without delay communicate any ML/FT suspicions to the Luxembourg FIU. As mentioned in a previous alert2, it requires Entities to be registered on the GoAML platform with a LuxTrust token.
Finally, the CSSF draws the attention of Entities to the release of the next AML/CFT questionnaire for the year 2019. As indicated in a previous alert3, completion of the survey must be made via e-Desk, which will also require a LuxTrust token.
If you would like to discuss any of the issues raised in this article, please speak to your usual contact at Allen & Overy or one of the contacts listed at the end of this publication.
2. Have you registered on GoAML? (August 2019)
3. Important clarifications for the Luxembourg fund industry on AML/CFT requirements (28 November 2019)