On 6 February 2018, the Luxembourg Parliament adopted the law implementing most1 of the 4th AML Directive2 into Luxembourg law (the "Law") and amending the 2004 AML Law3. The alert summarises the main changes introduced to the Bill following the recent comments of the State Council. For more details on the reform, click here to read our article in the December 2017 issue of ATOZ Insights.

The Law extends the group of Professionals and supervision authorities subject to the 2004 AML Law

New categories have been added to the list of professionals ("Professionals") bound by the obligation to fight money laundering and terrorism financing ("ML-TF") according to the amended 2004 AML Law. These new categories include: family office professionals, bailiffs, asset dealers, all betting and gambling establishments, trust and company service providers (when they act as director of a partnership or provide business premises), and branches of financial institutions exercising their activity in Luxembourg.

"Control authorities" (CSSF, CAA, AED) and "self-regulating bodies" (IRE, OEC, Notaries' Chambers, the Bar's Order Council, the Chamber of the Judicial Officers) will supervise Professionals' compliance with the revised 2004 AML Law and are empowered to conduct inquiries and apply sanctions in case of breach of law.

The Law expands the scope of the definition of PEPs

The Law removes the distinction between foreign and national PEPs4. The PEP definition now includes three categories of persons, namely: (i) an individual who is or who has been entrusted with prominent public functions, (ii) his/her family members (including brothers and sisters) and (iii) persons known to be close associates.

The Law introduces a new Risk Assessment obligation for all Professionals

All Professionals must assess the risks of ML-TF they are exposed to on a continuous basis, taking into account several categories of risk variables (client, geographical, product, distribution channels). A risk assessment must be performed whenever new products, commercial practices or technologies are launched, but also when the relevant circumstances relating to an existing client change.

The Law clarifies the Customer Due Diligence measures to be taken by Professionals

All Professionals must apply customer due diligence ("CDD") measures appropriate to the risk detected in order to identify the client, its beneficial owner(s) and any person acting on behalf of the client. A Professional entering a business relationship with a customer before verifying its identity must limit the operations that customer can undertake, and it should closely supervise transactions that appear uncharacteristic.

A Professional could rely on the information published in the EU central beneficial ownership registers or on the CDD performed by an independent third party, but ultimate responsibility for compliance with AML-TF obligations lies with the Professional. It must immediately obtain the information needed to identify the client and its beneficial owner(s) and to understand the nature and object of the business relationship, following which it must also obtain a copy of all relevant identification documents.

The Law expands the scope of Beneficial Owners to be identified by Professionals

Professionals must identify several categories of beneficial owners, namely: (i) individuals controlling corporations (by looking beyond the 25% direct ownership threshold in order to identify the person exercising effective control on the structure, through ownership or other means), (ii) different categories of beneficial owners of trusts, foundations or legal constructions similar to trusts, and (iii) beneficiaries of life-insurance or insurance-based contracts.

The Law imposes hefty fines for violating obligations imposed by the revised 2004 AML Law

Control authorities and self-regulating bodies can impose one or more sanctions: (i) administrative measures, (e.g. prohibition to exercise a profession), (ii) administrative fines of up to EUR 1,000,000 and (iii) criminal fines of up to EUR 5,000,000. Additionally, the CSSF can fine persons who interfere with the exercise of its powers or who knowingly provide inaccurate or incomplete information following express requests (up to EUR 250,000).

The 4th AML Directive is currently under revision in the European forums.


1 The Law does not include provisions on the registers of beneficial owners or the registers of trusts, which are the object of two separate bills.

2 Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (the "4th AML Directive").

3 The amended law of 12 November 2004 relating to the fight against money-laundering and against the financing of terrorism (the « 2004 AML Law »).

4 Politically exposed persons.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.