Investment Management in Luxembourg

What Changed

The regulatory landscape has evolved significantly with the introduction of new sustainability reporting requirements: ESRS Implementation (First Year): 2024 marked the first full reporting year under the European Sustainability Reporting Standards (ESRS), with the CSSF conducting a fact-finding exercise to assess reporting quality. The CSSF noted an overall increase in reporting quality with better-structured reports and more relevant disclosures, though key improvement areas remain in compreh

What You Need To Do

• *Financial Information (IFRS)
• *Enhanced Note Disclosures
• *Cash Flow Statement Presentation
• *Segment Reporting Completeness
• *Going Concern Assessment

Key Dates

References

• [1] cssf.lu
• [2] bsp.lu
• [3] cssf.lu
• [4] lexgo.be
• [5] cssf.lu
• [6] lsfi.lu
• [7] cssf.lu
• [8] cssf.lu

What Changed

Mandatory Electronic-Only Submission: Documents listed in Annex I must be transmitted exclusively via e-file (http://www.e-file.lu) or SOFiE (http://www.cetrel-securities.lu/wp_static/what-do-we-offer/secured-reporting-channel-sofie-sort/), in PDF format supporting read access, printing, copy/paste, and word search; other methods post-February 1, 2019, are null and void. Dynamic Annex Updates: The annex, published on the CSSF website, is regularly updated (e.g., latest noted April 1, 2025) and i

What You Need To Do

• Register/access e-file or SOFiE platforms if not already (test/production environments available since February 2019)
• Consult and adhere to the latest Annex I for document list, nomenclatures, and formats (PDF with full functionality)
• Ensure submissions are final/official versions matching hard copies; use specified identifiers for UCIs/SIFs/SICARs
• Implement processes for automatic/manual transmission (e
• Train staff on responsibilities and integrate into reporting workflows; reference CSSF FAQs for closing documents

Key Dates

References

• [1] bsp.lu
• [2] cssf.lu
• [3] mondaq.com
• [4] cssf.lu
• [5] e-file.lu
• [6] cssf.lu
• [7] cssf.lu
• [8] dechert.com

What Changed

This is not a regulatory change but an enforcement precedent under existing rules: non-compliance with Article 5(1) of the AML/CFT Law, which mandates annual submission of a financial crime questionnaire ("Questionnaire") to the CSSF. The fine was calculated per Articles 8-4(1), 8-4(2)(f), and 8-4(3)(a), considering circumstances under Article 8-5(1). Publication followed Article 8-6(1) after a proportionality assessment, confirming no market stability risks. No new requirements were introduced;

What You Need To Do

• Immediately review internal processes for annual Questionnaire submission, ensuring calendar invites and automated reminders for the 4 April deadline (covering prior year-end data)
• Conduct a gap analysis on AML/CFT cooperation obligations under Article 5(1), including response protocols to CSSF reminders or queries
• Update compliance calendars and train staff on escalation procedures; document all submissions with proof (e
• If late, proactively submit overdue items and request meetings if needed, as non-response forfeits mitigation opportunities

Key Dates

References

• [1] cssf.lu
• [2] cssf.lu
• [3] cssf.lu
• [4] seqlense.com
• [5] bsp.lu
• [6] cvc.com
• [7] gouvernement.lu
• [8] caceis.com

What Changed

This is not a regulatory change but rather an enforcement action clarifying existing obligations: Mandatory Annual Questionnaire Requirement: All professionals supervised, authorized, or registered by the CSSF must submit an annual questionnaire on financial crime by April 4 each year, covering the preceding calendar year. Cooperation Obligation: Article 5(1) of the amended Law of 12 November 2004 on AML/CFT establishes a non-negotiable duty to cooperate with the CSSF, which includes timely su

What You Need To Do

• regulated entities must
• *Establish Calendar Controls
• *Designate Responsible Parties
• *Prepare Documentation
• *Monitor Communications

Key Dates

References

• [1] cssf.lu
• [2] cssf.lu
• [3] seqlense.com
• [4] cssf.lu
• [5] cssf.lu
• [6] blogs.duanemorris.com
• [7] cssf.lu
• [8] cssf.lu

What Changed

This is not a regulatory change or new requirement but an enforcement precedent under existing rules: non-compliance with the annual financial crime questionnaire submission, mandated by Article 5(1) of the AML/CFT Law, triggers fines per Articles 8-4(1), 8-4(2)(f), and 8-4(3)(a). The CSSF considered all relevant circumstances under Article 8-5(1) to set the €10,000 fine amount and published the sanction nominatively after proportionality assessment per Article 8-6(1), confirming no market stabi

What You Need To Do

• Ensure timely submission of annual financial crime questionnaires by 4 April each year (for prior calendar year data); implement calendar reminders and escalation processes for CSSF requests
• Respond promptly to CSSF reminders or queries on AML/CFT compliance to avoid escalation to fines; document any delays with justification evidence
• No retroactive actions needed for this case, but conduct gap analysis on reporting workflows to prevent similar breaches

Key Dates

References

• [1] cssf.lu
• [2] cssf.lu
• [3] cssf.lu
• [4] cssf.lu
• [5] regulatoryandcompliance.com
• [6] cssf.lu
• [7] sec.gov
• [8] pinsentmasons.com

What Changed

This is not a regulatory change but rather an enforcement action clarifying existing obligations. However, it reinforces critical compliance requirements: Mandatory Annual Questionnaire Submission: All CSSF-supervised professionals, including AIFMs, must submit an annual questionnaire on financial crime by the specified deadline (in this case, 4 April 2025 for the year ending 31 December 2024). Cooperation Obligation: Article 5(1) of the amended Law of 12 November 2004 on the fight against mon

What You Need To Do

• *Establish Calendar Controls
• *Designate Responsible Parties
• *Monitor CSSF Communications
• *Document Submission
• *Escalate Non-Compliance Immediately

Key Dates

References

• [1] cssf.lu
• [2] cssf.lu
• [3] cssf.lu
• [4] opensanctions.org
• [5] boldergroup.com
• [6] bsp.lu
• [7] efama.org
• [8] pwc.lu

What Changed

This is not a regulatory change but rather an enforcement action clarifying existing obligations: Mandatory Annual Questionnaire Requirement: All CSSF-supervised professionals must submit an annual questionnaire on financial crime covering the preceding calendar year. Cooperation Obligation: Article 5(1) of the amended Law of 12 November 2004 on AML/CFT imposes a non-negotiable duty to cooperate with CSSF supervisory requests. Enforcement Escalation: The CSSF will issue reminders before imposin

What You Need To Do

• regulated entities must
• *Identify Reporting Obligations
• *Calendar Management
• *Documentation
• *Escalation Protocol

Key Dates

References

• [1] cssf.lu
• [2] cssf.lu
• [3] cssf.lu
• [4] opensanctions.org
• [5] cliffordchance.com
• [6] elvingerhoss.lu
• [7] imf.org

What Changed

This is not a regulatory change but rather an enforcement action that clarifies existing obligations: Mandatory Annual Reporting: All CSSF-supervised professionals must submit an annual questionnaire on financial crime by 4 April each year, covering the preceding calendar year. Cooperation Obligation: Article 5(1) of the amended Law of 12 November 2004 on AML/CFT establishes a non-negotiable duty to cooperate with the CSSF, including timely submission of requested documentation. Enforcement Esc

What You Need To Do

• *Establish Reporting Calendars
• *Designate Responsible Personnel
• *Respond to Regulatory Requests
• *Document Justifications
• *Monitor Supervisory Communications

Key Dates

References

• [1] cssf.lu
• [2] cssf.lu
• [3] cssf.lu
• [4] cssf.lu
• [5] opensanctions.org
• [6] sorainen.com
• [7] ubp.com
• [8] adaptation-fund.org

What Changed

This is not a regulatory change or new requirement but an enforcement of existing obligations under the amended Law of 12 November 2004 on the fight against money laundering and terrorist financing (AML/CFT Law). Specifically, it reaffirms the mandatory annual submission of the CSSF's financial crime questionnaire ("Questionnaire") by supervised professionals, including AIFMs under Article 3(2) of the Law of 12 July 2013 on AIFMs, as part of the cooperation duty in Article 5(1). The fine was cal

What You Need To Do

• Immediately verify submission status of the 2024 Questionnaire (or any outstanding); if overdue, submit promptly with justification to mitigate further escalation
• Implement automated calendar alerts and internal workflows for all CSSF reporting deadlines, including annual AML/CFT Questionnaire
• Conduct a compliance gap analysis on cooperation obligations under Article 5(1) AML/CFT Law, documenting reminder responses and evidence retention
• Train senior managers and compliance teams on supervisory interactions, including rights to request in-person meetings before fines
• Review governance for timely escalation of CSSF reminders to decision-makers

Key Dates

References

• [1] cssf.lu
• [2] cssf.lu
• [3] cssf.lu
• [4] cssf.lu
• [5] fi.se
• [6] cssf.lu
• [7] africagrowthfund.org
• [8] funds-europe.com

What Changed

This is not a regulatory change or new requirement but an enforcement of existing obligations under the amended AML/CFT Law: Annual Questionnaire Submission: Supervised professionals, including AIFMs under Article 3(2) of the Law of 12 July 2013 on AIFMs, must submit an annual financial crime questionnaire ("Questionnaire") to CSSF as part of the cooperation duty in Article 5(1). Fine Provisions: Fines are imposed per Articles 8-4(1), 8-4(2)(f), and 8-4(3)(a), with amounts determined by relevant

What You Need To Do

• Immediate Review
• Remediation if Late
• Process Enhancements

Key Dates

References

• [1] cssf.lu
• [2] cssf.lu
• [3] cssf.lu
• [4] cssf.lu
• [5] blogs.duanemorris.com
• [6] opensanctions.org
• [7] cssf.lu
• [8] misp-project.org

What Changed

This is not a regulatory change or new requirement but an enforcement of existing obligations under the amended AML/CFT Law: Article 5(1) mandates supervised professionals, including AIFMs under Article 3(2) of the Law of 12 July 2013 on AIFMs, to cooperate fully with CSSF, including submitting the annual financial crime questionnaire ("Questionnaire"). Breach occurred due to non-submission of the 2024 year-end Questionnaire, with fine determined per Articles 8-4(1), 8-4(2)(f), 8-4(3)(a), and 8-

What You Need To Do

• Review and confirm timely submission of all pending or future CSSF financial crime questionnaires; establish automated calendar reminders for annual deadlines (e
• Implement escalation protocols for CSSF reminders, ensuring immediate response and submission within days, not weeks
• Conduct internal audit of AML/CFT cooperation obligations, documenting justifications for any delays and preparing evidence for potential CSSF hearings or meetings
• Update compliance policies to prioritize Article 5(1) duties, including training for responsible persons on fine risks under Article 8-4

Key Dates

References

• [1] cssf.lu
• [2] cssf.lu
• [3] cssf.lu
• [4] cssf.lu
• [5] blogs.duanemorris.com
• [6] cssf.lu
• [7] cssf.lu
• [8] cssf.lu

What Changed

This is an enforcement action, not a regulatory change; it enforces existing requirements under Article 51(1) (1st and 7th indents) and Article 51(2) (1st sub-paragraph, 3rd indent) of the amended Law of 12 July 2013 on AIFMs (AIFM Law), and related provisions like Article 92(1) of Commission Delegated Regulation (EU) No 231/2013 (CDR 231/2013). Key breaches include: failure to properly assess risks tied to AIFs' strategies and AIFMs' organization for oversight processes; lack of processes to ve

What You Need To Do

• related entities) must
• Conduct immediate gap analyses on risk assessment processes for AIF strategies and AIFM organization per Article 92(1) CDR 231/2013
• Implement robust verification processes for AIFM compliance with asset delegation rules
• Ensure availability of key documentation and evidence of controls for the depositary function, addressing pre-2022 gaps if applicable
• Develop and test oversight processes, leveraging self-identified improvements and action plans as mitigating factors, as JTC did prior to inspection

Key Dates

References

• [1] cssf.lu
• [2] cssf.lu
• [3] cssf.lu
• [4] cssf.lu
• [5] media.permira.com

What Changed

Revised LFR Structure: Comprises four parts in a single digital document: (1) yearly SAQ completed by investment firms; (2) descriptive elements verified by approved statutory auditors (REAs); (3) AML/CFT report with risk assessments, declarations on audits, and data on incomplete fund transfers; (4) REA's independent assessment of ML/FT risks and organizational aspects. Digital Format: Completion and submission via CSSF's online portal, supporting CSSF 4.0 digital strategy for efficient process

What You Need To Do

• Investment Firms
• REAs/Auditors

Key Dates

References

• [1] cssf.lu
• [2] bakermckenzie.com
• [3] cssf.lu
• [4] cssf.lu
• [5] cssf.lu
• [6] cssf.lu
• [7] cliffordchance.com
• [8] ogier.com

What Changed

Updates to Descriptive Report and Self-Assessment Questionnaire: Refines content, format, and submission requirements for support PFS's annual submissions, emphasizing more detailed disclosures on operations, risks, and controls (building on CSSF 24/850). Auditor Engagement Rules: Introduces specific practical guidelines for approved statutory auditors, including mandatory scope of work, independence confirmations, and standardized procedures for reviewing support PFS reports. Management Letter

What You Need To Do

• *Review and Update Processes
• *Engage/Confirm Auditors
• *Implement Templates and Testing
• *Training and Governance
• *Submit on Time

Key Dates

What Changed

Standardized Reporting Templates: Introduces detailed formats and content requirements for the annual descriptive report and self-assessment questionnaire, covering governance, risk management, internal controls, and operational metrics specific to support PFS activities (e.g., IT services, administrative support, custody). Auditor Engagement Rules: Mandates approved statutory auditors to perform specific procedures, issue a management letter highlighting control weaknesses, and prepare a separa

What You Need To Do

• Annual Reporting Cycle
• February to review submissions, test controls, and issue management letter (flagging deficiencies) plus separate compliance report
• Governance Updates
• Auditor Coordination
• Record-Keeping

Key Dates

What Changed

Diversification and investment limits: Introduces tailored percentage-based thresholds; for funds marketed to unsophisticated retail investors, limits remain at 25% per issuer/UCI/asset, raised to 50% per issuer/UCI/asset or 70% per infrastructure investment for well-informed/professional investor funds, with CSSF derogations possible on justification. Limits apply on assets/commitments basis with look-through for intermediary vehicles. SICAR-specific rules: Confirms risk capital investments (e.

What You Need To Do

• Review and update fund documents (e
• Assess and document compliance with new/relaxed diversification, borrowing, and SICAR investment rules; apply for CSSF derogations where justified
• Ensure risk-spreading in derivatives/collateral and deployment of SICAR cash into eligible assets; confirm look-through for intermediaries
• For retail-marketed funds
• Maintain robust governance/documentation to leverage flexibility; reference CSSF's Compilation for concepts

Key Dates

References

• [1] cssf.lu
• [2] pwc.lu
• [3] aoshearman.com
• [4] maples.com
• [5] cssf.lu
• [6] debevoise.com
• [7] bakermckenzie.com
• [8] cssf.lu

What Changed

Consolidation and Repeals: Repeals CSSF Circulars 02/80, 07/309, 06/241, and Chapters G and I of IML 91/75; renders CSSF 08/356 and Chapter H of IML 91/75 inapplicable to Part II UCIs. Flexible Diversification Rules: Introduces investor-category-based thresholds (e.g., stricter for retail, looser for sophisticated investors); allows CSSF derogations for SIFs/Part II UCIs with justification; applies look-through for intermediary vehicles; harmonizes ramp-up (up to 12 months for liquid strategies,

What You Need To Do

• Review and update offering documents/prospectuses for enhanced transparency on risks, limits, borrowing, liquidity tools (e
• Align fund documentation/terminology with CSSF Compilation of key concepts for consistency in filings and communications
• Disclose ramp-up/wind-down periods, potential derogations, and life extensions clearly; seek CSSF approval for exemptions where justified
• Assess portfolio compliance for new funds/compartments; leverage flexibility for sophisticated investors but maintain robust governance
• No immediate changes required for pre-19 Dec 2025 funds, but proactive alignment recommended to avoid future issues

References

• [1] pwc.lu
• [2] bakermckenzie.com
• [3] ashurst.com
• [4] ogier.com
• [5] aoshearman.com
• [6] arendt.com
• [7] debevoise.com
• [8] cssf.lu

What Changed

The original Circular CSSF 08/356 (2008) transposed UCITS III requirements on eligible techniques like securities lending and repos. The amendment via Circular CSSF 25/901 (issued in 2025) introduces updates to reflect post-Brexit adjustments, enhanced ESG considerations in collateral eligibility, stricter counterparty risk limits for OTC derivatives, and improved transparency in reporting. Key changes include: Expanded collateral rules: Collateral must now include sustainable assets meeting SFD

What You Need To Do

• *Policy Review & Update
• *Risk Management Systems
• *Counterparty Due Diligence
• *Operational Setup
• *Reporting & Disclosure

Key Dates

What Changed

Repeals Annex B of Circular CSSF 22/811 with immediate effect, replacing it with streamlined annual reporting via a core compliance-focused Self-Assessment Questionnaire (SAQ) that assesses governance, internal controls, operational organization, and risk management; detailed instructions are now on the CSSF website. Introduces prior CSSF authorisation requirements for entities acting as UCI administrators, including a defined administrative procedure with application details in Annex A; authori

What You Need To Do

• Assess eligibility and obtain prior CSSF authorisation via Annex A application (or notify substantial changes); ensure ongoing validity by monitoring operational model and delegations
• Adapt internal processes for revised annual UCIA reporting (SAQ-focused, integrated where applicable); submit using CSSF website instructions starting for FY ending 31 Dec 2025
• Review/update contracts with UCIs/IFMs to define roles, responsibilities, and oversight; implement delegation monitoring, remediation plans, and ICT compliance (DORA/Circular 25/882 or 20/750)
• For DORA-scope entities, align outsourcing arrangements with Circular CSSF 25/882

Key Dates

References

• [1] cssf.lu
• [2] blog.uit.lu
• [3] ogier.com
• [4] cssf.lu
• [5] cssf.lu
• [6] cssf.lu
• [7] harneys.com

What Changed

Authorisation Requirements: Prior CSSF authorisation is mandatory for appointment as UCI administrator, via full application under sectoral laws or a simplified administrative procedure; application must include details per Annex A, with ongoing updates for substantial changes. Scope of UCI Administration: Defines three core functions—registrar, NAV calculation/accounting, and client communication—requiring only one designated service provider per function per UCI (or compartment); UCI/IFM may p

What You Need To Do

• Submit authorisation application to CSSF with Annex A information before commencing UCI administration; notify substantial changes and keep file updated
• Establish/implement governance, controls, escalation processes, resource adequacy, ICT/business continuity per circular; ensure single provider per function
• For delegations
• Conclude written contracts with UCI/IFM; submit annual UCIA activity reports

References

• [1] cssf.lu
• [2] lexnow.lu
• [3] cssf.lu
• [4] stibbe.com
• [5] cssf.lu
• [6] cssf.lu
• [7] ey.com
• [8] simmons-simmons.com

What Changed

The circular introduces a three-component reporting framework that fundamentally alters the compliance landscape: Self-Assessment Questionnaire (SAQ): A digital, annually-completed questionnaire that institutions must prepare directly, covering domains within CSSF and ECB prudential supervision competence Agreed Upon Procedures (AUP) Reports: Reports prepared by approved statutory auditors (réviseurs d'entreprises agréés) on specific compliance areas Separate REA Report on Financial Instruments

What You Need To Do

• *For Credit Institutions
• *Establish SAQ Governance
• *Data Preparation
• *Digital System Access
• *Module Completion

Key Dates

References

• [1] cssf.lu
• [2] pwc.lu
• [3] cssf.lu
• [4] cssf.lu
• [5] cssf.lu
• [6] dlapiper.com
• [7] stradalex.lu
• [8] cssf.lu

What Changed

The circular introduces the following material modifications to Circular CSSF 07/325: *New Supervisory Module UCI administration** has been added as a thematic module to the self-assessment questionnaire, reflecting increased regulatory attention to fund administration practices. *Enhanced Self-Assessment Framework** Existing modules have been updated to better align with supervisory objectives and current regulatory priorities. The revised SAQ now captures a broader range of supervisory point

What You Need To Do

• *Update Self-Assessment Processes
• Revise internal SAQ completion procedures to address the new UCI administration module
• Ensure all thematic modules reflect current supervisory expectations
• *Assess UCI Administration Compliance
• If the institution provides or is involved in UCI administration services, conduct a detailed assessment of compliance with CSSF expectations

Key Dates

References

• [1] bakermckenzie.com
• [2] debevoise.com
• [3] cssf.lu
• [4] arendt.com
• [5] cssf.lu
• [6] cssf.lu
• [7] stradalex.lu
• [8] cssf.lu