🇱🇺 CSSF Enforcement medium

Administrative sanction of 11 September 2025

Published 9 January 2026 | Luxembourg

AI Analysis

Executive Summary

The CSSF imposed a €10,000 administrative fine on alternative investment fund manager (AIFM) C5 Haven Cyber GP S.à r.l. on 11 September 2025 for failing to submit its annual financial crime questionnaire by the 4 April 2025 deadline, despite two reminders, breaching the cooperation obligation under Article 5(1) of Luxembourg's AML/CFT Law of 12 November 2004. This enforcement action underscores CSSF's strict enforcement of AML reporting duties and serves as a public warning to supervised entities on the consequences of non-cooperation. It matters because it demonstrates that even modest fines will be levied for procedural lapses, potentially signaling increased scrutiny on timely AML compliance submissions amid broader regulatory focus on financial crime risks. #

What Changed

This is not a regulatory change or new requirement but an enforcement of existing obligations under the amended AML/CFT Law:
Annual Questionnaire Submission: Supervised professionals, including AIFMs under Article 3(2) of the Law of 12 July 2013 on AIFMs, must submit an annual financial crime questionnaire ("Questionnaire") to CSSF as part of the cooperation duty in Articl
Fine Provisions: Fines are imposed per Articles 8-4(1), 8-4(2)(f), and 8-4(3)(a), with amounts determined by relevant circumstances under Article 8-5(1); publication follows Article 8-6(1) after proportionality assessment. No new rules were introduce

Suggested Considerations

Immediate Review: AIFMs and similar entities must verify their internal processes for annual Questionnaire submission, ensuring calendar reminders and automated tracking for 4 April deadlines.
Remediation if Late: Submit overdue Questionnaires promptly with explanations; request in-person meetings if needed, as the sanctioned AIFM failed to do so.
Process Enhancements: Implement escalation protocols for CSSF reminders, designate a senior compliance officer for oversight, and document all submissions/acknowledgments to demonstrate cooperation under Article 5(1).
Training: Conduct firm-wide training on AML/CFT cooperation duties, emphasizing that non-response leads to fines without need for justification.

Key Dates

31 December 2024

- Reference year-end for the financial crime Questionnaire

4 April 2025 DEADLINE

- Statutory deadline for submitting the Questionnaire for the year ending 31 December 2024

11 September 2025

- Date CSSF imposed the €10,000 administrative fine after noting non-submission despite reminders

9 January 2026

- Date of CSSF publication of the sanction decision

Compliance Impact

Urgency: Medium - This is a low-value fine (€10,000) for a procedural breach, not involving substantive AML failures like suspicious transactions or sanctions screening delays seen in higher fines (e.g., €185,000 on Rakuten Bank). It matters as a precedent for CSSF's willingness to publicly name-and-shame for basic non-cooperation, potentially escalating to higher penalties for repeats; with publi

Who is Affected

Primarysupervised professionals subject to AML/CFT Law Articles 2-2 to 5, especially AIFMs, credit institutions, investment firms, and other obliged entities required to submit annual financial crime questionnaires.Secondarybased asset managers, fund managers, and any entities registered under the AIFM Law, as this case directly involves an AIFM.Broader Relevance

References

AI-generated analysis. May contain errors or omissions — verify with the original CSSF source before acting. Full disclaimer.

Summary

Administrative sanction imposed on the alternative investment fund manager C5 Haven Cyber GP S.à r.l. (“AIFM”)

Sectors

Investment Management

Topics

AML / Financial Crime Reporting & Disclosure

Relevant Firm Types

Asset ManagerHedge Fund

View Original on CSSF Back to Feed