The Luxembourg Law of 13 February 2018 ("Amending Law"), which entered into force on 18 February 2018, introduces amendments to, among others, the Luxembourg Law of 12 November 2004 on the fight against money laundering and terrorist financing, as amended ("2004 Law").
The Amending Law partially transposes Directives 2015/849 ("4th AML Directive"), inter alia aiming at aligning the European regulatory framework with the decisions taken by the Financial Action Task Force (FATF) in 2012. The qualification of certain tax crimes as predicate offences falling within the scope of the 2004 Law, as provided for by the 4th AML Directive, became effective as from 1 January 2017 (please see our Newsletter May 2017).
It should be noted that the provisions of the 4th AML Directive regarding the implementation of a register of beneficial owners and a register of trusts are not covered by the Amending Law but are treated separately in two other bills of law: Bill of Law 7217 (register of beneficial owners) and Bill of Law 7216 (register of trusts).
Key changes arising from the Amending Law are as follows:
- Amended definition of
beneficial owner of corporate entities and trusts
The Amending Law changes the approach regarding the determination of beneficial ownership.
(i) In the case of corporate entities, the formerly existing ownership threshold of more than 25% is now merely construed as an indication, i.e. depending on the circumstances, a natural person holding less (or more) than 25% may have to be considered as beneficial owner. The concept of beneficial owner will also include – to the extent all possible means having been exhausted and provided there are no grounds for suspicion - where a beneficial owner cannot positively be identified, the senior managing person(s) of the professional.
(ii) For trusts and similar arrangements, it is now provided that all participants to the arrangement, being the settlor, the trustee, the protector (if any), the beneficiaries and any such other natural person exercising ultimate control over the trust (by means of direct or indirect ownership or by other means), must be identified. In this specific case the previously existing threshold of at least 25% for beneficiaries of trusts is no longer applicable.
- Setting of different
thresholds with respect to the carrying out of customer due
The threshold triggering the obligation to carry out customer due diligence measures of EUR 15,000 for occasional transactions (in a single operation or operations that appear to be linked) is maintained. A new threshold of EUR 1,000 is introduced for transactions constituting a transfer of funds1 as well as a threshold of EUR 2000 for providers of gambling services upon the collection of winnings, the wagering of a stake, or both. For persons trading in goods the threshold by which they enter into the scope of the 2004 Law is lowered to cash payments of EUR 10,000.
- Enhanced requirement for
professionals to carry out a risk assessment
Professionals have to attach particular importance to the assessment of the risk of money laundering and terrorist financing pertaining to their respective field of activity, taking into account certain risk factors, including those relating to its customers, countries or geographic areas, products, services, transactions or delivery channels. This assessment has to be documented and updated and the professional must be able to demonstrate to the competent authorities that the measures are appropriate in view of the identified risks. The Amending Law provides for non-exhaustive lists of risk factors and risk variables to be taken into account when determining the application of simplified or enhanced due diligence measures.
- Requirements regarding (local
and foreign) politically exposed persons
There is no longer a distinction between domestic and foreign PEPs when applying enhanced due diligence measures with respect to transactions or business relationships with these persons. It should be noted that the definition of PEP has been extended to encompass, inter alia, directors and members of the board of an international organisation, and now specifically includes also brothers and sisters in the definition of 'family members' of a PEP.
- Emphasis on data protection
requirements and employee training
The Amending Law enhances data protection requirements, inter alia by prohibiting the processing of personal data for any purpose other than the preventing of money laundering and terrorist financing, e.g. for commercial purposes. Employees have to be made aware of these obligations.
Professionals are required to implement appropriate procedures to allow their employees to report internally breaches of the obligations under the 2004 Law through a specific, independent and anonymous channel.
- Record-keeping of documents
and information at the request of competent
In some specific cases, the competent authorities may demand to retain information and documents for an additional five-year period (compared to the initial five-year period).
- Increased sanctions and new
injunction and sanction powers for Supervisory
The Amending Law now specifically lists the (i) Commission de surveillance du secteur financier (CSSF), (ii) Commissariat aux assurances (CAA) and (iii) Administration de l'enregistrement et des domains (AED) as supervisory authorities (autorités de contrôle) (the "Supervisory Authorities") in addition to several Self-Regulatory Bodies (organismes d'autorégulation).
(a) Injunction and other administrative measures of Supervisory Authorities
Such powers include, amongst others, the possibility to impose a temporary prohibition of professional activity of the professional as well as members of the management body and employees or the request of freezing and/or sequestration of assets.
Enhanced administrative sanctions and measures may also be taken by the Supervisory Authorities, such as warnings, reprimands, public statements, administrative fines, or withdrawal or suspension of the authorisation, which may affect the professional as well as the members of the management body and any such other persons responsible for the non-compliance by the professional of its obligations.
(b) Publication of sanctions:
Every sanction decision of a Supervisory Authority, which can no longer be challenged before court, shall be published on their official website. Contrary to the former situation, the publication may not be made immediately after the decision (current exceptions to the publication are maintained). The publication shall include the type and nature of the non-compliance and the identity of the individuals and legal entities responsible therefor.
- Increase of criminal
Generally, the Amending Law increases the penalty for infringement of the legal provisions by providing for a monetary fine of EUR 12,500 to EUR 5 million.
1. as defined pursuant to Article 3, point 9 of Regulation EU 2015/847
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.