Luxembourg is emerging as a key investment jurisdiction for asset managers, especially with the possibility of a hard Brexit looming. As it jostles with Ireland for poll position as the fund domicile jurisdiction of choice in the EU, reports suggest that the number of people working in the Luxembourg investment industry grew by 10 percent in 2017. It is therefore paramount that we stay up to date with the latest updates to local regulation and compliance.
New rules have been issued by Luxembourg’s regulator the Commission de Surveillance du Secteur Financier (CSSF), setting out the authorisation and organisation of fund managers in the country. The changes signify and reinforce Luxembourg’s clear intention to establish itself as a transparent jurisdiction with good governance and controls.
Take a look at each of the latest changes impacting the regulatory landscape in Luxembourg, covering the following:
Overview of Luxembourg Laws & Circulars
On 06 June 2018, the CSSF issued a new Law, commonly referred to as the SFT law.
It focuses on implementing the European Securities Financing Transactions Regulation 2015/2365 (“SFT Regulation”) and amends existing UCI, AIFM and insurance sector law’s – entering in to force on 12 June 2018 .
18/695 (only in French) – Update of table B 4.6 “Persons responsible for certain functions and activities“.
18/694, 5 July, pertains to the FATF statements concerning jurisdictions whose AML/ CTF regime present either (i) strategic deficiencies or (ii) requires the application of enhanced due diligence measures or (iii) is not satisfactory
18/693 – Adoption of the Guidelines of the European Banking Authority on connected clients under Article 4(1)(39) of Regulation (EU) No 575/2013 (EBA/GL/2017/15) was published by the CSSF.
18/688 – Guidelines issued by the European Securities and Markets Authority (ESMA) on the process for the calculation of indicators used to determine the most relevant currencies in which settlement takes place.
18/690 – Guidelines of the European Securities and Markets Authority (ESMA) on the management body of market operators and data reporting services providers.
The Background Surrounding the New Circular 18/698
The new CSSF Circular replaces the existing CSSF Circular 12/546. It includes the compliance and internal control requirements previously outlined in CSSF Circular 04/156 and IML Circular 98/143, both no longer applicable.
It also extends the initial scope the “Investment Fund Managers” (“IFMs” or “gestionnaires de fonds d’investssement”), including UCITS management companies and AIFMs.
“Best Practices” have been formalized into regulatory requirements and add specific new expectations to the following areas:
In summary, this CSSF circular delivers further clarity around scope by defining key function and key responsibilities.
Entities in Scope of the Circular
Definitions & Abbreviations
The circular comes with comprehensive definitions expanding the standard legal and regulatory references, such as:
Governance Obligations & Framework
Board of Directors:
New requirement: The IFM Governing Body must be composed of at least 3 FTE resident’s in Luxembourg, including Senior Management (Conducting Officers) and other staff members.
Delegation of Duties & Oversight
The Circular confirmed that the below activities can be delegated by the IFM:
*These two activities can only be delegated separately, otherwise there is a conflict of interests.
Delegation of functions from IFM to TA (registration services) supports the following:
The Three Lines of Defense
Three key points relating to the three lines of defense are found in the Circular Part II, (points 131 to 133) :
Other key references in Part II (points from 155 to 158):
Reporting Requirements of the Second Line of Defense
Adequacy and effectiveness of risk management is to be submitted once a year, at the latest 5 months following the end of the financial year of the IFM.
Compliance is to cover recommendations, problems, deficiencies and irregularities identified. The report shall specify the degree of severity and propose the corrective actions. Amongst other things the report needs to list the results if EDD, presence of PEPs, blocked accounts, etc. (subsection 126.96.36.199, point 318).
This report is also to be submitted to the CSSF once a year, at the latest 5 months following the end of the financial year of the IFM.
Reporting Requirements of the Third Line of Defense
The internal audit must cover all recommendations, problems, deficiencies and irregularities identified. It must also specify the degree of severity and propose corrective actions to the management and the governing bodies of the IFM as required.
The report must cover a multi-year period (3 years) and address the following items (amongst others):
AML/CTF Obligations – New Business & Products
AML/CTF obligations are not only applicable to the IFM but also to the entity carrying out the registrar function (TA).
The IFM is subject to Regulation 12-02:
The new Circular also encourage the IFMs to monitor FATF publications.
AML obligations required by the AML Law and October 2010 law must be effectively implemented (and also applied to any UCIs managed) by the IFM. They must also be monitored and verified on regular basis.
In the instances where the AML/CTF is delegated to a third party (registrar agent), the IFM is still considered liable.
Conditions of IFM Approval
An IFM will be entitled to obtain or maintain authorisation from the CSSF in the following instances:
Any change in the structure must be promptly notified to the CSSF.
Other Highlights of the Circular
It provides an alignment of the risk management requirements for AIFs and UCITS and also addresses specific sections around the application of the European Market Infrastructure Regulation (EMIR) and Money Market Fund Regulation (MMFR).
The exchange of information between the IFM and the depositary:
Never miss an update – Click Here to sign up to receive the latest Apex Regulatory Updates in your inbox as soon as they are released.
Contact our compliance department: Sonja Maria Hilkhuijsen, Global Head of Compliance and Data Protection | Francesca Nasini, Global Compliance and Data Protection Officer: [email protected]
Click Here for more about Apex Luxembourg.
By clicking the button you confirming that you’re agree with our following Terms and Conditions