No description available.
Asset ManagerWealth ManagerBank
No description available.
BankWealth ManagerAsset Manager
No description available.
BankWealth ManagerAsset Manager
No description available.
Asset ManagerWealth Manager
No description available.
Asset ManagerWealth Manager
No description available.
BankWealth ManagerAsset Manager
No description available.
BankWealth ManagerAsset Manager
No description available.
BankWealth ManagerAsset Manager
No description available.
BankAsset ManagerWealth Manager
No description available.
BankWealth ManagerPayment Provider
Central administration, internal governance and risk management
Circular CSSF 26/906, published on 20 January 2026, consolidates and clarifies Luxembourg's rules on central administration, internal governance, and risk management specifically for payment institutions, electronic money institutions, and account information service providers. It repeals prior circulars (IML 95/120, IML 96/126, IML 98/143, and CSSF 04/155) to address growth in transaction volumes by mandating robust governance, control functions, and risk processes, enhancing safety, efficiency, and trust in these services. This matters for compliance professionals as it strengthens defenses against financial crime, operational risks, and supervisory scrutiny in a high-growth sector.
#
What Changed
Consolidation and repeal: Replaces outdated circulars with unified requirements under the amended Law of 10 November 2009 on payment services, covering central administration (decision-making must be in Luxembourg), management body responsibilities, internal control functions (compliance, risk management, internal audit as independent second/third lines), conflicts of interest management, new product approval processes, and client funds safeguarding (e.g., segregation, daily/weekly reconciliatio
What You Need To Do
- Assess and update governance frameworks
- Confirm control functions
- Implement operational safeguards
- Document proportionality
- Retain records and report
Key Dates
20 January 2026 - Publication date of Circular CSSF 26/906 .
30 June 2026 - Compliance deadline Institutions must assess, review, and ensure their central administration, internal governance, and risk management frameworks fully comply with the circular. DEADLINE
Compliance Impact
Urgency: High – With a 30 June 2026 deadline (five months from publication), firms face immediate pressure to review and remediate governance gaps amid sector growth and heightened AML/CFT scrutiny; non-compliance risks supervisory actions, fines, or license issues, especially as it closes criminal
Payment Provider
2026 update
BankWealth ManagerFamily Office
amending Council Regulation (EU) No 833/2014 concerning restrictive measures in view of Russia’s actions destabilising the situation in Ukraine
BankWealth ManagerAsset Manager
No description available.
BankWealth ManagerAsset Manager
No description available.
This CSSF publication, dated January 12, 2026, identifies the specific population (likely a firm or individual) subject to an enforcement action, such as an administrative sanction, as part of the CSSF's transparency in supervisory measures. It matters because it signals CSSF's active enforcement priorities, potentially in areas like AML or reporting failures, enabling firms to assess similar risks in their operations and strengthen compliance to avoid parallel actions. Published amid rising focus on financial crime typologies like sexual extortion, it underscores the regulator's commitment to public accountability.
#
What Changed
No new regulatory changes or requirements are introduced in this publication, as it is an enforcement notice rather than a circular or guideline. It serves as a disclosure of an ongoing or concluded enforcement case, aligning with CSSF's practice of publishing sanction details to deter non-compliance and inform the market, without altering existing rules.
#
What You Need To Do
- For the named population
- For all supervised firms
- Update internal policies, train staff on enforcement precedents, and ensure robust reporting under Circular CSSF 19/726 or Transparency Law obligations
Compliance Impact
Urgency: High – Immediate relevance for the named party facing direct consequences; medium-to-high for peers due to CSSF's pattern of public enforcements signaling heightened scrutiny on financial crime, especially amid rising OCSE/FSEC cases noted in recent CSSF guidance. It matters as it could pre
BankPayment ProviderAll Firms
amending Delegated Regulation (EU) 2016/1675 to add Russia to the list of high-risk third countries with strategic deficiencies
BankAsset ManagerWealth Manager
Administrative sanction imposed on the alternative investment fund manager Premium Capital Management (“AIFM”)
The CSSF imposed a €10,000 administrative fine on 11 September 2025 against alternative investment fund manager (AIFM) Premium Capital Management for failing to submit its annual financial crime questionnaire by the 4 April 2025 deadline, breaching the cooperation obligation under Article 5(1) of Luxembourg's AML/CFT Law of 12 November 2004. This enforcement action underscores the CSSF's strict enforcement of AML reporting duties, signaling heightened scrutiny on timely supervisory cooperation amid ongoing AML risks in Luxembourg. Compliance teams should view this as a reminder of the low tolerance for even administrative lapses, with potential for escalated fines in repeat cases.
#
What Changed
This is not a regulatory change but an enforcement precedent under existing rules: non-compliance with Article 5(1) of the AML/CFT Law, which mandates annual submission of a financial crime questionnaire ("Questionnaire") to the CSSF. The fine was calculated per Articles 8-4(1), 8-4(2)(f), and 8-4(3)(a), considering circumstances under Article 8-5(1). Publication followed Article 8-6(1) after a proportionality assessment, confirming no market stability risks. No new requirements were introduced;
What You Need To Do
- Immediately review internal processes for annual Questionnaire submission, ensuring calendar invites and automated reminders for the 4 April deadline (covering prior year-end data)
- Conduct a gap analysis on AML/CFT cooperation obligations under Article 5(1), including response protocols to CSSF reminders or queries
- Update compliance calendars and train staff on escalation procedures; document all submissions with proof (e
- If late, proactively submit overdue items and request meetings if needed, as non-response forfeits mitigation opportunities
Key Dates
31 December 2024 - Reference year-end for the financial crime Questionnaire.
4 April 2025 - Statutory deadline for Questionnaire submission to CSSF. DEADLINE
11 September 2025 - Date CSSF imposed the €10,000 administrative fine after non-submission despite reminders.
9 January 2026 - Publication date of the sanction decision.
Compliance Impact
Urgency: Medium – This €10,000 fine for a straightforward reporting failure demonstrates CSSF's willingness to penalize non-cooperation swiftly, even without aggravating factors, but the amount is modest and targeted at administrative breaches. It matters as a warning shot in Luxembourg's AML landsc
Asset ManagerHedge Fund
Administrative sanction imposed on the alternative investment fund manager Sunbricks GP S.à r.l. (“AIFM”)
The CSSF imposed a **€10,000 administrative fine on Sunbricks GP S.à r.l.**, an alternative investment fund manager, for failing to submit a mandatory annual financial crime questionnaire by the April 4, 2025 deadline, despite two formal reminders. This enforcement action demonstrates the CSSF's strict approach to cooperation obligations under Luxembourg's anti-money laundering and counter-terrorist financing (AML/CFT) framework and signals that non-submission of required compliance documentation—even without evidence of underlying financial crime—triggers regulatory penalties.
What Changed
This is not a regulatory change but rather an enforcement action clarifying existing obligations:
Mandatory Annual Questionnaire Requirement: All professionals supervised, authorized, or registered by the CSSF must submit an annual questionnaire on financial crime by April 4 each year, covering the preceding calendar year.
Cooperation Obligation: Article 5(1) of the amended Law of 12 November 2004 on AML/CFT establishes a non-negotiable duty to cooperate with the CSSF, which includes timely su
What You Need To Do
- regulated entities must
- *Establish Calendar Controls
- *Designate Responsible Parties
- *Prepare Documentation
- *Monitor Communications
Key Dates
April 4, 2025 – Annual financial crime questionnaire submission deadline (for year ending December 31, 2024) DEADLINE
Before September 11, 2025 – Two reminder notices issued by CSSF to Sunbricks GP
September 11, 2025 – Administrative fine decision date; questionnaire still not submitted
January 9, 2026 – Publication date of enforcement decision
2026 (for the year ending December 31, 2025).
Compliance Impact
Urgency: HIGH
Asset ManagerAll Firms
Administrative sanction imposed on the alternative investment fund manager Capitalis Premiere Group (“AIFM”)
The CSSF imposed a €10,000 administrative fine on alternative investment fund manager (AIFM) Capitalis Premiere Group on 11 September 2025 for failing to submit its annual financial crime questionnaire by the 4 April 2025 deadline, despite two reminders, breaching the cooperation obligation under Article 5(1) of Luxembourg's AML/CFT Law of 12 November 2004. This enforcement action underscores the CSSF's strict enforcement of AML reporting duties, signaling heightened scrutiny on timely supervisory cooperation for Luxembourg-regulated entities. Compliance teams should note this as a low-value but public reminder of potential fines for administrative lapses in AML processes.
#
What Changed
This is not a regulatory change or new requirement but an enforcement precedent under existing rules: non-compliance with the annual financial crime questionnaire submission, mandated by Article 5(1) of the AML/CFT Law, triggers fines per Articles 8-4(1), 8-4(2)(f), and 8-4(3)(a). The CSSF considered all relevant circumstances under Article 8-5(1) to set the €10,000 fine amount and published the sanction nominatively after proportionality assessment per Article 8-6(1), confirming no market stabi
What You Need To Do
- Ensure timely submission of annual financial crime questionnaires by 4 April each year (for prior calendar year data); implement calendar reminders and escalation processes for CSSF requests
- Respond promptly to CSSF reminders or queries on AML/CFT compliance to avoid escalation to fines; document any delays with justification evidence
- No retroactive actions needed for this case, but conduct gap analysis on reporting workflows to prevent similar breaches
Key Dates
4 April 2025 - Deadline for submitting the annual financial crime questionnaire covering the year ending 31 December 2024. DEADLINE
11 September 2025 - Date CSSF imposed the €10,000 administrative fine on Capitalis Premiere Group for non-submission.
9 January 2026 - Date of CSSF publication of the sanction decision.
Compliance Impact
Urgency: Medium - This €10,000 fine is modest but publicly names the firm, amplifying reputational risk in Luxembourg's competitive fund domicile; it matters as a clear CSSF signal of zero tolerance for basic cooperation failures in AML, potentially foreshadowing stricter enforcement amid EU AML har
Asset ManagerHedge Fund
Administrative sanction imposed on the alternative investment fund manager Lion Management (“AIFM”)
The CSSF imposed a €10,000 administrative fine on Lion Management, an alternative investment fund manager, on 11 September 2025 for failing to submit a mandatory annual financial crime questionnaire by the 4 April 2025 deadline. This enforcement action demonstrates the CSSF's commitment to enforcing cooperation obligations under Luxembourg's anti-money laundering and terrorist financing framework, with direct implications for all AIFMs regarding timely compliance with supervisory reporting requirements.
What Changed
This is not a regulatory change but rather an enforcement action clarifying existing obligations. However, it reinforces critical compliance requirements:
Mandatory Annual Questionnaire Submission: All CSSF-supervised professionals, including AIFMs, must submit an annual questionnaire on financial crime by the specified deadline (in this case, 4 April 2025 for the year ending 31 December 2024).
Cooperation Obligation: Article 5(1) of the amended Law of 12 November 2004 on the fight against mon
What You Need To Do
- *Establish Calendar Controls
- *Designate Responsible Parties
- *Monitor CSSF Communications
- *Document Submission
- *Escalate Non-Compliance Immediately
Key Dates
4 April 2025 - Deadline for submission of annual financial crime questionnaire for year ending 31 December 2024 DEADLINE
11 September 2025 - Date CSSF imposed administrative fine after two reminders went unheeded
9 January 2026 - Publication date of the administrative sanction decision
Compliance Impact
Urgency: HIGH
Asset ManagerHedge Fund
Administrative sanction imposed on the alternative investment fund manager Max Gain Capital S.à r.l. (“AIFM”)
The CSSF imposed a €10,000 administrative fine on Max Gain Capital S.à r.l., an alternative investment fund manager, on 11 September 2025 for failing to submit a mandatory annual financial crime questionnaire by the April 2025 deadline. This enforcement action demonstrates the CSSF's active monitoring of AML/CFT compliance obligations and its willingness to sanction non-cooperation, even for procedural failures unrelated to substantive money laundering violations.
What Changed
This is not a regulatory change but rather an enforcement action clarifying existing obligations:
Mandatory Annual Questionnaire Requirement: All CSSF-supervised professionals must submit an annual questionnaire on financial crime covering the preceding calendar year.
Cooperation Obligation: Article 5(1) of the amended Law of 12 November 2004 on AML/CFT imposes a non-negotiable duty to cooperate with CSSF supervisory requests.
Enforcement Escalation: The CSSF will issue reminders before imposin
What You Need To Do
- regulated entities must
- *Identify Reporting Obligations
- *Calendar Management
- *Documentation
- *Escalation Protocol
Key Dates
4 April 2025 - Deadline for submission of financial crime questionnaire for the year ending 31 December 2024 DEADLINE
Before 11 September 2025 - CSSF issued two reminders to Max Gain Capital after the missed deadline DEADLINE
11 September 2025 - CSSF imposed the €10,000 administrative fine
9 January 2026 - CSSF published the administrative sanction decision
Compliance Impact
Urgency: HIGH
Asset ManagerAll Firms
Administrative sanction imposed on the alternative investment fund manager Agriland Management S.A. (“AIFM”)
The Commission de Surveillance du Secteur Financier (CSSF), Luxembourg's financial regulator, imposed a **EUR 10,000 administrative fine on Agriland Management S.A.**, an alternative investment fund manager, on 11 September 2025 for failing to submit a mandatory annual financial crime questionnaire by the April 2025 deadline. This enforcement action demonstrates the CSSF's commitment to enforcing cooperation obligations under Luxembourg's anti-money laundering and terrorist financing (AML/CFT) framework and signals heightened scrutiny of compliance with supervisory reporting requirements.
What Changed
This is not a regulatory change but rather an enforcement action that clarifies existing obligations:
Mandatory Annual Reporting: All CSSF-supervised professionals must submit an annual questionnaire on financial crime by 4 April each year, covering the preceding calendar year.
Cooperation Obligation: Article 5(1) of the amended Law of 12 November 2004 on AML/CFT establishes a non-negotiable duty to cooperate with the CSSF, including timely submission of requested documentation.
Enforcement Esc
What You Need To Do
- *Establish Reporting Calendars
- *Designate Responsible Personnel
- *Respond to Regulatory Requests
- *Document Justifications
- *Monitor Supervisory Communications
Key Dates
4 April 2025 – Deadline for submission of financial crime questionnaire for year ending 31 December 2024 DEADLINE
Before 11 September 2025 – Two reminder notices issued by CSSF to Agriland Management S.A.
11 September 2025 – Administrative fine imposed
9 January 2026 – Sanction published by CSSF
Compliance Impact
Urgency: HIGH
Asset Manager
Administrative sanction imposed on the alternative investment fund manager Bedrock I GP S.à r.l. (“AIFM”)
The CSSF imposed a €10,000 administrative fine on alternative investment fund manager (AIFM) Bedrock I GP S.à r.l. on 11 September 2025 for failing to submit its annual financial crime questionnaire by the 4 April 2025 deadline, despite two reminders, breaching the cooperation obligation under Article 5(1) of Luxembourg's AML/CFT Law of 12 November 2004. This enforcement action underscores CSSF's strict enforcement of AML reporting duties and serves as a public warning to supervised entities on timely supervisory compliance. It matters because it demonstrates that even modest fines are pursued for basic reporting lapses, potentially signaling heightened scrutiny on AIFMs' AML processes amid ongoing regulatory focus on financial crime risks.
#
What Changed
This is not a regulatory change or new requirement but an enforcement of existing obligations under the amended Law of 12 November 2004 on the fight against money laundering and terrorist financing (AML/CFT Law). Specifically, it reaffirms the mandatory annual submission of the CSSF's financial crime questionnaire ("Questionnaire") by supervised professionals, including AIFMs under Article 3(2) of the Law of 12 July 2013 on AIFMs, as part of the cooperation duty in Article 5(1). The fine was cal
What You Need To Do
- Immediately verify submission status of the 2024 Questionnaire (or any outstanding); if overdue, submit promptly with justification to mitigate further escalation
- Implement automated calendar alerts and internal workflows for all CSSF reporting deadlines, including annual AML/CFT Questionnaire
- Conduct a compliance gap analysis on cooperation obligations under Article 5(1) AML/CFT Law, documenting reminder responses and evidence retention
- Train senior managers and compliance teams on supervisory interactions, including rights to request in-person meetings before fines
- Review governance for timely escalation of CSSF reminders to decision-makers
Key Dates
31 December 2024 - Reference period end for the Questionnaire covering financial crime compliance. DEADLINE
4 April 2025 - Statutory deadline for Questionnaire submission to CSSF. DEADLINE
11 September 2025 - Date of administrative fine imposition (€10,000) after non-submission despite reminders.
9 January 2026 - Publication date of the sanction decision by CSSF.
Compliance Impact
Urgency: Medium - This is a post-facto enforcement on a past breach (2024 reporting cycle), with the €10,000 fine relatively low, indicating proportionality for a first-time or isolated lapse. It matters as a leading indicator of CSSF's 2025-2026 focus on AML cooperation, with multiple similar AIFM
Asset ManagerHedge Fund
Administrative sanction imposed on the alternative investment fund manager C5 Haven Cyber GP S.à r.l. (“AIFM”)
The CSSF imposed a €10,000 administrative fine on alternative investment fund manager (AIFM) C5 Haven Cyber GP S.à r.l. on 11 September 2025 for failing to submit its annual financial crime questionnaire by the 4 April 2025 deadline, despite two reminders, breaching the cooperation obligation under Article 5(1) of Luxembourg's AML/CFT Law of 12 November 2004. This enforcement action underscores CSSF's strict enforcement of AML reporting duties and serves as a public warning to supervised entities on the consequences of non-cooperation. It matters because it demonstrates that even modest fines will be levied for procedural lapses, potentially signaling increased scrutiny on timely AML compliance submissions amid broader regulatory focus on financial crime risks.
#
What Changed
This is not a regulatory change or new requirement but an enforcement of existing obligations under the amended AML/CFT Law:
Annual Questionnaire Submission: Supervised professionals, including AIFMs under Article 3(2) of the Law of 12 July 2013 on AIFMs, must submit an annual financial crime questionnaire ("Questionnaire") to CSSF as part of the cooperation duty in Article 5(1).
Fine Provisions: Fines are imposed per Articles 8-4(1), 8-4(2)(f), and 8-4(3)(a), with amounts determined by relevant
What You Need To Do
- Immediate Review
- Remediation if Late
- Process Enhancements
Key Dates
31 December 2024 - Reference year-end for the financial crime Questionnaire.
4 April 2025 - Statutory deadline for submitting the Questionnaire for the year ending 31 December 2024. DEADLINE
11 September 2025 - Date CSSF imposed the €10,000 administrative fine after noting non-submission despite reminders.
9 January 2026 - Date of CSSF publication of the sanction decision.
Compliance Impact
Urgency: Medium - This is a low-value fine (€10,000) for a procedural breach, not involving substantive AML failures like suspicious transactions or sanctions screening delays seen in higher fines (e.g., €185,000 on Rakuten Bank). It matters as a precedent for CSSF's willingness to publicly name-and
Asset ManagerHedge Fund
Administrative sanction imposed on the alternative investment fund manager C5 S.à r.l. (“AIFM”)
The CSSF imposed a €10,000 administrative fine on alternative investment fund manager C5 Haven Cyber GP S.à r.l. on 11 September 2025 for failing to submit its annual financial crime questionnaire by the 4 April 2025 deadline, despite reminders, breaching the cooperation obligation under Article 5(1) of Luxembourg's AML/CFT Law of 12 November 2004. This enforcement action underscores CSSF's strict enforcement of reporting duties in AML/CFT compliance, serving as a warning to supervised entities on the consequences of administrative delays. It matters because it highlights low-tolerance for even minor procedural lapses, potentially signaling increased scrutiny on annual reporting amid broader AML/CFT priorities.
#
What Changed
This is not a regulatory change or new requirement but an enforcement of existing obligations under the amended AML/CFT Law:
Article 5(1) mandates supervised professionals, including AIFMs under Article 3(2) of the Law of 12 July 2013 on AIFMs, to cooperate fully with CSSF, including submitting the annual financial crime questionnaire ("Questionnaire").
Breach occurred due to non-submission of the 2024 year-end Questionnaire, with fine determined per Articles 8-4(1), 8-4(2)(f), 8-4(3)(a), and 8-
What You Need To Do
- Review and confirm timely submission of all pending or future CSSF financial crime questionnaires; establish automated calendar reminders for annual deadlines (e
- Implement escalation protocols for CSSF reminders, ensuring immediate response and submission within days, not weeks
- Conduct internal audit of AML/CFT cooperation obligations, documenting justifications for any delays and preparing evidence for potential CSSF hearings or meetings
- Update compliance policies to prioritize Article 5(1) duties, including training for responsible persons on fine risks under Article 8-4
Key Dates
4 April 2025 - Deadline for submission of financial crime Questionnaire covering year ending 31 December 2024. DEADLINE
11 September 2025 - Date CSSF imposed €10,000 administrative fine on C5 Haven Cyber GP S.à r.l. for non-submission despite reminders.
9 January 2026 - Date of CSSF publication announcing the sanction.
Compliance Impact
Urgency: Medium - Matters due to CSSF's demonstrated willingness to impose and publicize fines for straightforward reporting failures, even at €10,000, which could escalate for repeat or severe cases; acts as a precedent amid rising AML/CFT enforcement (e.g., larger fines like €214,000 in similar co
Asset ManagerHedge Fund
Long Form Report – Practical rules concerning the self-assessment questionnaire to be submitted by investment firms – Mission and related reports of the réviseurs d’entreprises agréés (approved statutory auditors)
Broker DealerAll Firms
Update of Circular CSSF 24/853 on the Long Form Report (as amended by Circular CSSF 25/870) – Practical rules concerning the self-assessment questionnaire to be submitted by investment firms Mission and related reports of the réviseurs d’entreprises agréés (approved statutory auditors)
Circular CSSF 26/904 updates Circular CSSF 24/853 (as amended by Circular CSSF 25/870) by introducing a revised Long Form Report (LFR) for investment firms, featuring a digital self-assessment questionnaire (SAQ) and enhanced auditor reports focused on AML/CFT and risk management. This matters because it aligns reporting with CSSF's risk-based supervision under CSSF 4.0, reduces redundancies, applies proportionality based on business models, and mandates digital submission to improve efficiency and data analysis.
#
What Changed
Revised LFR Structure: Comprises four parts in a single digital document: (1) yearly SAQ completed by investment firms; (2) descriptive elements verified by approved statutory auditors (REAs); (3) AML/CFT report with risk assessments, declarations on audits, and data on incomplete fund transfers; (4) REA's independent assessment of ML/FT risks and organizational aspects.
Digital Format: Completion and submission via CSSF's online portal, supporting CSSF 4.0 digital strategy for efficient process
What You Need To Do
- Investment Firms
- REAs/Auditors
Key Dates
Financial year ending 31 December 2024 - Applicability of revised LFR to all investment firms; submissions begin for this period onward on a yearly basis.
No specific submission deadline stated - Yearly production required via CSSF portal; firms should align with existing annual reporting cycles for auditors (typically post-year-end). DEADLINE
Compliance Impact
Urgency: High - Applies immediately to FY ending 31 December 2024 reports, requiring swift updates to reporting processes, digital tools, and AML/CFT documentation amid CSSF's risk-based shift; non-compliance risks supervisory actions, as LFR directly informs CSSF oversight on key prudential/AML are
Asset ManagerBroker DealerAll Firms
Update of Circular CSSF 22/821 on the Long Form Report, as amended by Circulars CSSF 23/845 and CSSF 24/865
Circular CSSF 25/897 updates Circular CSSF 22/821 on the Long Form Report (LFR) for credit institutions, further aligning the self-assessment questionnaire (SAQ) with current supervisory priorities such as ML/FT risks and organizational aspects. This matters because it refines reporting to reduce redundancies, enhance transparency in REA assessments, and reflect evolving prudential focuses since prior amendments via Circulars CSSF 23/845 and 24/865, ensuring institutions' reports better support CSSF oversight.
#
What Changed
Introduces new modules in the revised SAQ to align with supervisory points of focus, building on prior expansions (e.g., credit/counterparty risk, liquidity risk, climate-related risks from CSSF 23/845).
Emphasizes REA's independent assessment in the AML/CFT report, requiring exhaustive, transparent evaluations of ML/FT risks across institutions, branches, majority-owned subsidiaries abroad, and tied agents; prohibits vague language (e.g., no "no serious weaknesses" phrasing) and mandates positi
What You Need To Do
- Complete and submit revised SAQ annually, incorporating new modules on supervisory focuses like ML/FT risks and providing detailed data to REA
- Authorized management
- Ensure AML/CFT report details methodologies (e
- Review prior LFR submissions against this update to align with suppressed redundancies and new emphases
Key Dates
31 October 2025 - Issuance date of Circular CSSF 25/897.
Three months after financial year-end - Annual submission deadline for SAQ to CSSF (unchanged from prior circulars). DEADLINE
Five months after financial year-end - Submission deadline for REA Reports (Financial Instruments and Funds Report; AML/CFT Report). DEADLINE
Six months after financial year-end - Aligned submission for REA management letter (per amendments in CSSF 23/845 to Circular 22/826).
Compliance Impact
Urgency: High - Institutions face immediate refinement needs for 2025 year-end reporting (e.g., SAQ due ~Q1 2026), with stricter REA scrutiny on AML/CFT transparency risking supervisory findings or enforcement if vague assessments persist; aligns with ongoing CSSF push for risk-focused oversight ami
Bank
Long Form ReportPractical rules concerning the self-assessment questionnaire to be submitted by institutionsMission and related reports of the statutory auditors (réviseurs d’entreprises agréés)
**Circular CSSF 22/821** (as amended) fundamentally restructures how Luxembourg credit institutions report to the Commission de Surveillance du Secteur Financier (CSSF) by replacing the traditional Long Form Report with a digital **self-assessment questionnaire (SAQ)**, complemented by auditor-prepared reports. This shift represents a significant operational change that requires institutions to directly participate in prudential self-assessment while maintaining robust external audit oversight, making it essential for compliance and operational teams to understand new submission requirements and digital workflows.
What Changed
The circular introduces a three-component reporting framework that fundamentally alters the compliance landscape:
Self-Assessment Questionnaire (SAQ): A digital, annually-completed questionnaire that institutions must prepare directly, covering domains within CSSF and ECB prudential supervision competence
Agreed Upon Procedures (AUP) Reports: Reports prepared by approved statutory auditors (réviseurs d'entreprises agréés) on specific compliance areas
Separate REA Report on Financial Instruments
What You Need To Do
- *For Credit Institutions
- *Establish SAQ Governance
- *Data Preparation
- *Digital System Access
- *Module Completion
Key Dates
25 October 2022 - Circular CSSF 22/821 issued
31 December 2022 - Circular enters into application
Three months before financial year closure - SAQ becomes accessible through CSSF digital solution
Three months after financial year closure - Deadline for SAQ submission to CSSF DEADLINE
Five months after financial year closure - Deadline for REA reports submission DEADLINE
Compliance Impact
Urgency: HIGH
Bank
Adoption of the EBA Guidelines on internal policies, procedures and controls to ensure the implementation of Union and national restrictive measures (sanctions)
Circular CSSF 25/896 adopts the EBA Guidelines EBA/GL/2024/14 and EBA/GL/2024/15, mandating Luxembourg financial institutions to establish robust internal policies, procedures, and controls for complying with EU and national restrictive measures (sanctions). This matters because it sets binding EU-wide standards to prevent sanctions violations and circumvention, with absolute obligations for immediate asset freezing and reporting, amid escalating geopolitical tensions.
#
What Changed
Institutions must develop, implement, and maintain up-to-date policies, procedures, and controls for identifying, investigating, and applying restrictive measures without delay, including risk management for violations and circumvention.
Management body responsibilities expanded: approve sanctions compliance strategy, oversee implementation, conduct at least annual assessments of exposure and controls, ensure remedial actions, and report deficiencies.
Screening and monitoring requirements: Maint
What You Need To Do
- Conduct annual exposure assessments to sanctions risks and circumvention; update policies accordingly
- Appoint senior management/board-level responsibility for approving and overseeing sanctions strategy, including annual reviews and deficiency reporting
- Implement reliable screening systems for customers, transactions, and lists; define screenable datasets; test systems regularly for effectiveness (e
- Provide documented training to relevant staff on sanctions, institutional exposure, and internal processes
- Establish processes for immediate action on matches: suspend transfers, freeze assets, report to Ministry of Finance/CSSF/FIU without delay; maintain whitelists only under strict conditions
Compliance Impact
Urgency: High – With less than 12 months until the 30 December 2025 deadline (as of January 2026), firms face binding requirements for absolute compliance, including personal accountability for management bodies; non-compliance risks enforcement by CSSF, reputational damage, and fines amid frequent
BankPayment ProviderCrypto Exchange
Press release 25/04
BankFintechAll Firms
No description available.
BankWealth ManagerAsset Manager