🇱🇺 CSSF Enforcement medium

Administrative sanction of 11 September 2025

Published 9 January 2026 | Luxembourg

AI Analysis

Executive Summary

The CSSF imposed a €10,000 administrative fine on alternative investment fund manager (AIFM) C5 Haven Cyber GP S.à r.l. on 11 September 2025 for failing to submit its annual financial crime questionnaire by the 4 April 2025 deadline, despite two reminders, breaching the cooperation obligation under Article 5(1) of Luxembourg's AML/CFT Law of 12 November 2004. This enforcement action underscores CSSF's strict enforcement of AML reporting duties and serves as a public warning to supervised entities on the consequences of non-cooperation. It matters because it demonstrates that even modest fines will be levied for procedural lapses, potentially signaling increased scrutiny on timely AML compliance submissions amid broader regulatory focus on financial crime risks. #

What Changed

This is not a regulatory change or new requirement but an enforcement of existing obligations under the amended AML/CFT Law: - Annual Questionnaire Submission: Supervised professionals, including AIFMs under Article 3(2) of the Law of 12 July 2013 on AIFMs, must submit an annual financial crime questionnaire ("Questionnaire") to CSSF as part of the cooperation duty in Article 5(1). - Fine Provisions: Fines are imposed per Articles 8-4(1), 8-4(2)(f), and 8-4(3)(a), with amounts determined by relevant circumstances under Article 8-5(1); publication follows Article 8-6(1) after proportionality assessment. No new rules were introduced; the breach was straightforward non-submission, with no mitigating evidence provided by the AIFM. #

What You Need To Do

Immediate Review
Remediation if Late
Process Enhancements

Key Dates

31 December 2024 - Reference year-end for the financial crime Questionnaire.

4 April 2025 - Statutory deadline for submitting the Questionnaire for the year ending 31 December 2024. DEADLINE

11 September 2025 - Date CSSF imposed the €10,000 administrative fine after noting non-submission despite reminders.

9 January 2026 - Date of CSSF publication of the sanction decision.

Compliance Impact

Urgency: Medium - This is a low-value fine (€10,000) for a procedural breach, not involving substantive AML failures like suspicious transactions or sanctions screening delays seen in higher fines (e.g., €185,000 on Rakuten Bank). It matters as a precedent for CSSF's willingness to publicly name-and-shame for basic non-cooperation, potentially escalating to higher penalties for repeats; with publi

Who is Affected

Primarysupervised professionals subject to AML/CFT Law Articles 2-2 to 5, especially AIFMs, credit institutions, investment firms, and other obliged entities required to submit annual financial crime questionnaires.Secondarybased asset managers, fund managers, and any entities registered under the AIFM Law, as this case directly involves an AIFM.Broader Relevance

References

Summary

Administrative sanction imposed on the alternative investment fund manager C5 Haven Cyber GP S.à r.l. (“AIFM”)

Sectors

Investment Management

Topics

AML / Financial Crime Reporting & Disclosure

Relevant Firm Types

Asset ManagerHedge Fund

View Original on CSSF Back to Feed