All AML/CFT requirements remain applicable, and must thus continue to be applied by all professionals on a risk sensitive basis. However, certain measures may need to be adapted to the current circumstances in line with the professional’s internal procedures and processes. The CSSF, in its recent circular 20/740 regarding financial crime and AML/CFT implications during the COVID-19 pandemic (the “Circular”) issued on 10 April, encourages the professionals not only to continue applying the CDD measures provided by the law of 12 November 2004 on the fight against money laundering and terrorist financing, as amended (the “2004 Law”), but to consider strengthening these measures on a risk-based approach in order to mitigate the lack of face-to-face contact during this time.
The CSSF gives examples of the enhanced measures to be envisaged, notably performing more frequent checks against lists of politically exposed persons, conducting additional or more detailed checks, the reliance on a third party having already identified the customer, or checking by means of a first transfer of funds from a bank account in the name of the customer with a credit institution established in Luxembourg, in the EU, or in any other country applying equivalent AML/CFT obligations and being supervised for that purpose.
The CSSF encourages the use of technology (e.g. Fintech), in line with the latest Financial Action Task Force (the “FATF”) publication (statement by the FATF President: COVID-19 and measures to combat illicit financing issued on 1st April) and the FATF’s Guidance on Digital ID and in compliance with the 2004 Law, as recently amended by the law of 25 March 2020 implementing the 5th AML Directive, to manage some of the CDD issues presented by COVID-19.
The CSSF also reminds professionals that in case the identification of the customer cannot be fully performed, or where it raises suspicions on the identity of the customer, the principle is for the professionals to refrain from entering into the business relationship and to cooperate with the authorities where required.
In line with the measures provided for by the CSSF, it could be envisaged, in lower risk situations, that physical meetings with customers when entering into new business relationships could temporarily be replaced by remote meetings provided that such a form of meetings is expressly provided for in internal procedures. Amendments to the internal governing procedures may be necessary in order to include such remote meetings if they are not initially included.
In the case a lower risk of money laundering and terrorism financing has been identified, copies of customer’s documentation may be communicated to professionals by e-mail. The same may also apply temporarily for standard risks, provided that the professional may verify that the source of the relevant document is reliable. Originals may also be sent by regular mail in higher risk situations.
Are there any particular risks to look out for from an AML/CFT perspective?
The FATF explains in its statement that due to the COVID-19 pandemic, the risk of financial crimes has indeed increased as criminals have taken advantage of such situation to carry out at a larger scale i.a. financial fraud and exploitation scams (e.g. phishing schemes).
The CSSF also mentions new and emerging money laundering and terrorist financing threats in its Circular, relating to cybercrime, fraud, bribery and corruption related to government support schemes, trafficking in counterfeit medicine and other goods, robbery or theft and insider trading and market manipulation. In response to these risks, the CSSF advises supervised professionals to continue mitigating the AML/CFT risks, focusing particularly on AML/CFT business continuity, transaction monitoring, customer due diligence, money laundering and terrorist financing risk assessment and cooperation with authorities.
The CSSF also reminds professionals of the importance of continuing to interact with the CSSF as part of its supervisory activities and of being proactive in using industry bodies, fora, committees and working groups to share typologies and trends in real-time to help collectively combat these new risks.
The FATF finally reminds professionals that any suspicious activity must be declared without delay to the competent financial unit intelligence (e.g. the Cellule de Renseignement Financier).
Your contacts for more details : Pierre-Michaël de Waersegger (Pierre-Michael.deWaersegger@arendt.com) and Helena Finn(Helena.Finn@arendt.com)