AML/CFT : CSSF clarifies the set-up of IT systems in the central electronic data retrieval system

News

AML/CFT: CSSF clarifies the setup of IT systems for the central electronic data retrieval system

28 July 2020

Regulatory News Alert

Context and objectives

On 23 July 2020, the Commission de Surveillance du Secteur Financier (CSSF) published Circular 20/747 on the technical procedures regarding the application of the Law of 25 March 2020 establishing a central electronic data retrieval system related to international bank account numbers (IBAN) and safe-deposit boxes.

The purpose of this circular is to inform professionals about the technical aspects of the central electronic data retrieval system so that they can develop and adapt their systems per the technical requirements of the CSSF’s system.

PDF - 592kb

Banking professionals will need to allow the CSSF to access files that include the required data on payment accounts and safe-deposit boxes.

To make these files available to the CSSF, professionals must implement a communication interface in the form of an application programming interface (API). This API should enable professionals to send a message to the CSSF notifying them that the file is available; receive a request from the CSSF to download the file; and receive a status update. The API will need to be developed according to the OpenAPI version 3.0 format, while the files will need to be in JavaScript Object Notation (JSON) format.

The CSSF, in its capacity as manager, will access the respective files of professionals through a secure procedure to be able to carry out searches.

Scope

The obligation to setup an inhouse data file that gathers updated, correct, and complete information concerns:

  • Payment accounts and bank accounts identified by an IBAN that exist on the date of entry into force of the law of 25 March 2020, which is 26 March 2020. This also includes accounts opened and/or closed since this date.
  • Safe deposit boxes rented as of 26 March 2020, or rented and/or closed since that date.

The system requires each professional to create and provide a file for the CSSF that lists payment accounts, bank accounts identified by an IBAN, and safe deposit boxes kept by credit institutions; therefore, this excludes accounts kept for internal or technical purposes.

The practicalities

The circular aims to provide credit institutions and payment service providers in Luxembourg, that offer services of keeping payment accounts or bank accounts identified by an IBAN, with the necessary details for:

  • The establishment and operation of their IT systems; and
  • The necessary technical infrastructure to allow the central electronic data retrieval system that is setup and managed by the CSSF to function efficiently. 

The approach retained by the CSSF is to collect files that have been prepared by credit institutions according to its requirements once a day.

It has been confirmed that the CSSF will be ready to access files from 10 September 2020 onwards.

How can Deloitte help?

Deloitte’s advisory specialists and dedicated services can help you design and implement your business strategy in light of the evolution of regulatory frameworks and market trends.

Deloitte’s anti-money laundering (AML) and counter terrorist financing (CTF) advisory specialists and API specialists can also help you design and implement your strategy in light of the implementation of such a central electronic data retrieval system.

Key Deloitte services related to this new requirement are:

  • AML/know your customer (KYC) data management
  • API solutions design and implementation
  • End-to-end process communication with the CSSF

With our Regulatory Watch Kaleidoscope service, Deloitte can also help you stay ahead of the regulatory curve to better manage and plan upcoming regulations.

Contacts

Subject matter specialists

Pascal Eber
Partner – Operations Excellence & Human Capital
Tel : +352 45145 2649
peber@deloitte.lu

Eric Collard
Partner – Forensic & AML, Restructuring
Tel : +352 45145 4985
ecollard@deloitte.lu

Bastien Collette
Director – Advisory & Consulting (AML/CTF)
Tel : +352 45145 3372
bacollette@deloitte.lu

Alice Lehnert
Director – Advisory & Consulting 
Tel : +352 45145 2605
alehnert@deloitte.lu

Alexandre Havard
Director – Advisory & Consulting 
Tel : +352 45145 3148
ahavard@deloitte.lu

Maxime Heckel
Director – Advisory & Consulting 
Tel : +352 45145 2837
mheckel@deloitte.lu


Regulatory Watch Kaleidoscope service

Simon Ramos
Partner – IM Advisory & Consulting Leader
Regulatory Watch services co-Leader
Tel : +352 45145 2702
siramos@deloitte.lu

Jean-Philippe Peters
Partner – Risk Advisory & Regulatory Watch services co-Leader
Tel : +352 45145 2276
jppeters@deloitte.lu

Benoit Sauvage
Director – RegWatch, Risk and Advisory
Tel : +352 45145 4220
bsauvage@deloitte.lu

Marijana Vuksic
Manager – RegWatch Risk and Advisory
Tel : +352 45145 2311
mvuksic@deloitte.lu

 

Insert CSS fragment. Do not delete! This box/component contains code needed on this page. This message will not be visible when page is activated.

Did you find this useful?