On 24 September 2021, the CSSF issued a new Circular 21/782 regarding the adoption of the revised guidelines by the European Banking Authority (“EBA”), on money laundering and terrorist financing risk factors (the “Circular”). This Circular replaces CSSF Circular 17/661.
The purpose of the Circular is to draw the attention to the adoption by the EBA of the revised guidelines on customer due diligence and the factors credit and financial institutions should consider when assessing the money laundering and terrorist financing (“ML/TF”) risk associated with individual business relationships and occasional transactions under Articles 17 and 18(4) of Directive (EU) 2015/849 of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (the “Guidelines”).
Since the publication in 2017 of the original Joint Guidelines of the three European Supervisory Authorities (EBA, ESMA, EIOPA), the applicable legislative framework in the EU has changed and new ML/TF risks have emerged. The purpose of the Guidelines is to continue providing guidance on the different ML/TF factors the professionals should consider when assessing their risks.
Additional new sectoral guidelines
The structure of the Guidelines remains unchanged: the first part of the Guidelines provides information on the general application of due diligence (with more detailed information on sector-specific risk factors) and the relevant due diligence measures are set out in the second part of the Guidelines.
New sectoral guidelines have however been added covering crowdfunding platforms, providers of currency exchange services, corporate finance, payment initiation service providers, account information service providers.
New emerging risks
The Guidelines specify how professionals can adjust anti-money laundering and counter-terrorist financing (“AML/CTF”) customer due diligence measures commensurate with the level of risk associated with a business relationship or occasional transaction. Thus, they set out examples of due diligence measures, either simplified for lower risk or enhanced in order to mitigate higher identified risks.
The Guidelines stress out new and emerging risks such as the use of RegTech solutions for customer due diligence purposes and contain more guidance on the identification of beneficial owners and enhanced customer due diligence related to high-risk third countries.
Furthermore, the Guidelines stress that professionals enhance their understanding of risks related to tax crimes as there are substantial similarities between the techniques used to launder the proceeds of crimes and to commit tax crimes.
The Guidelines finally specify that an effective risk-based approach should not result in systematically exiting or discontinuing to offer services to certain categories of customers associated with higher ML/TF risk (“de-risking” approach) and that professionals should also carefully balance the need for financial inclusion with the need to mitigate ML/TF risk.
Applicability of Guidelines
Even though the Guidelines are applicable as of 26 October 2021, the Circular reminds that professionals need to apply the changes to future business relationships and also to existing customers at appropriate times as risk assessment and mitigation is an ongoing process. Any new control made by professionals should thus apply to both categories of customers (new and existing).