CSSF updates address outsourcing arrangements and ML-TF risks

The Financial Sector Supervisory Commission of Luxembourg (CSSF) released a new template on the outsourcing of critical or important information and communication technology (ICT) arrangements. CSSF also published a circular on annual online questionnaire on financial crime for 2022, along with the feedback and key takeaways from the 2023 Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) conference (held on January 30, 2023) for specialized professionals in the financial sector.

Below are the key highlights of the recent updates:

• CSSF released a new notification template, which is to be used by in-scope entities, as of February 20, 2023, when outsourcing a critical or important ICT arrangements in accordance with points 59 and 60 of the Circular CSSF 22/806 on outsourcing arrangements. CSSF notified that in-scope entities may introduce notifications using the previous template during a transitional period until March 20, 2023. After this date, only notifications received with the new template will be considered as notified in line with the instructions and forms available in accordance with point 59 of Circular CSSF 22/806. The in-scope entities include credit institutions, investment firms, and payment institutions and electronic money institutions.
• As part of the key takeaways from the AML/CFT conference, CSSF highlights that money laundering and terrorism financing (ML/TF) risk appetite, AML/CFT risk self-assessment and RC report are essential documents that provides an excellent insight of the professionals’ AML/CFT framework. CSSF also discusses on the importance of establishment of AML/CFT Expert Working Group for specialized professionals of the financial sector, the need for obligations and requirements for registration of fiducies and trusts, as well as importance of vertical risk assessments for legal persons and legal arrangements in terrorist financing.
• The 2022 questionnaire on financial crime contributes to the CSSF’s ongoing assessment of money laundering and terrorism financing risks present in the financial sectors under its AML/CFT supervision, and forms part of the AML/CFT risk-based supervision approach put in place by the CSSF. The 2022 questionnaire remains mostly unchanged compared to the previous year, however, some questions have been removed, added, or amended along with new questions that have been highlighted in the questionnaire. CSSF requires all institutions to submit answers to these questions through the CSSF eDesk Portal at the latest by March 31, 2023.

Related links:

• Communication on template for outsourcing
• CSSF feedback on 2023 AML/CFT conference
• Key takeaways from AML/CFT conference (PDF)
• Circular on 2022 questionnaire on financial crime (PDF)