From full-blown crisis situations to evaluating the compliance framework, today's experts can advise on the right reflexes to adopt when working with the authorities to ensure good process management.

What kind of shift are we seeing on the market?

Véronique Hoffeld: There is a focus on corporate governance and AML (Anti-Money Laundering). When it comes to crisis management, regulated actors want to know how to deal with the authorities, potential fines or liabilities. The non-regulated sector is concerned with financial issues or difficult shareholders.

Anne-Marie Nicolas: We are shifting towards crisis mode and giving more strategic legal advice about debt-restructurings, bankruptcy and handling shareholders or investors, including bondholders. Over the past 2-3 years, Luxembourg directors have become increasingly aware of the risks, their potential liability and how to mitigate exposure to risk. In crisis management, personal liability means that they have to be more involved than they may be used to.

What is the severity of non-compliance with regulations?

Henri Dupong: PFS (Professionals of the Financial Sector) are exposed to administrative sanctions, as well as criminal penalties. It is important to take all necessary care to comply with legal regulations in daily business but also crisis situations where decisions have to be taken very quickly.

Michael Schweiger: Fines are on the rise, but the risks are much bigger than that and not always quantifiable. You have to consider the reputational risk, as well as the wider stakeholder risk. Non-compliance can have a harmful, long-lasting impact on prospective customers and talent acquisition.

Can you provide examples of difficult situations?

Michael S.: Cases of fraud or personal misconduct involve issues at multiple internal levels but it's equally important to think about what creditors, clients and social media will be saying! It all happens quickly and can be overwhelming. Experts can step in to coordinate and deal with each aspect simultaneously. As a board member, this might be the first time you are dealing with this issue and having someone with experience is a key differentiator.

Anne-Marie N.: We often assume the role of arbitrator between a Luxembourg board and the mother company, usually located in a different jurisdiction and subject to different regulations. This leads to a mismatch in governance cultures. It can be difficult for foreign managers to understand their obligations in Luxembourg, which is especially important in any crisis situation with regulators or creditors.

Michael S.: Providing incomplete information or data "dumping" to the CSSF or the CAA (insurance regulator) does not constitute a crisis in itself but can quickly generate confusion and frustration. It's about being able to deliver within a compressed timeframe and knowing your own limits. Dialogue with the regulator and support from advisors is key.

What is the best way to be prepared?

Anne-Marie N.: Data management is crucial. If you know in advance whom to release what information to, you will mitigate a lot of the liability exposure. Most actors don't have the right internal framework to properly compile or release data, let alone to document or trace it. Traceability of decision-making and reporting is the best defense a board and senior executives can have.

Michael S.: Ongoing technical training at an executive level is a top agenda item for regulators and an excellent way to ensure those responsible are informed and prepared.

Henri D.: In case of an onsite inspection or a dawn raid, it is imperative to have an internal procedure on how and when to react. It is important to contact a lawyer immediately who will be able to assist at the right moment and understand the data management in these difficult circumstances.

First published in Paperjam.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.