AML topic is like Pandora Box [panˈdɔːrəz] – a process that once begun generates many complicated problems. Once you understood where your AIFM stays in respect of AML obligations, it would be difficult enough for you to get out of the burden and complexity of regulatory requirements.
Nevertheless, we tried to gather and simplify those pillars, which are holding your “compliant” tag in place. Everyone knows that Luxembourg AML/CFT framework is robust, complex and fast tracking in respect of any new regulatory requirements imposed either by European Commission or FATF.
Among main documents which we have to basically know by heart are:
AML Law 2004 as amended in August 2022
CSSF Regulation 12-02 as amended by 20-05
CSSF Circular 19/732
Therefore, CSSF expects you to have outlined AML/CFT framework as a minimum, which concern your AML/CFT governance and excluding your oversight obligations as per 18/698.
CSSF additionally puts the layer of Rule based and Risk based obligations meaning that some obligations you can’t avoid – full stop and some can be leveraged by the risk based approach in place. Even though it is up to you to determine such Risk Based Approach, it should be still sufficient enough to meet CSSF AML/CFT requirements.