The CSSF integrates revised EBA guidelines on ML/TF risk factors into its regulatory approach

On 24 September 2021, by way of Circular 21/782, the Commission de Surveillance du Secteur Financier (CSSF) adopted the European Banking Authority’s (EBA) Revised Guidelines on customer due diligence and risk factors that credit and financial institutions should consider when assessing the money laundering and terrorist financing (ML/TF) risk associated with individual business relationships and occasional transactions (“the Guidelines”).

Key additions to the Guidelines that address new ML/TF risks

The EBA’s revised Guidelines strengthen the requirements regarding individual and business-wide risk assessments and customer due diligence (CDD) measures. It adds guidance on the identification of beneficial owners, the use of innovative solutions to identify and verify customers’ identities, and how financial institutions should comply with legal provisions on enhanced CDD related to high-risk third countries. The revised Guidelines also define some terms (such as interest risk, residual risk and risk appetite) and provide more details on TF risk factors.

The EBA also included new sectoral guidelines for crowdfunding platforms; corporate finance firms; account information service providers (AISPs) and payment initiation service providers (PISPs); and firms offering currency exchange services.

The EBA reiterates that financial institutions no longer need to discontinue services to entire customer categories they associate with a higher ML/TF risk (the so-called de-risking). Instead, financial institutions should balance the need for financial inclusion with the need to mitigate and manage ML/TF risk. The Guidelines should help financial institutions achieve this balance.

Finally, the Guidelines highlight the need for supervisory authorities and financial institutions to enhance their tax crime understanding. In this context, financial institutions should consider other relevant EBA and/or ESMA reports, particularly the reports and Action plan on dividend arbitrage trading schemes (Cum-Ex/Cum-Cum schemes).
 

Next steps

The CSSF urges supervised entities to apply the changes to both future business relationships and existing customers appropriately, as risk assessment and mitigation is an ongoing process and professionals must ensure any new controls apply to both existing and new customer categories.

The Guidelines apply as of 26 October 2021.
 

How can Deloitte help you?

Deloitte’s subject matter experts can help you design and implement your business strategy in light of the evolution of regulatory frameworks and market trends.

Key Deloitte services include:

• Assessment and guidance with updating compliance control framework and policies
• Assistance with financial crime risk assessment
• Review of client files (KYC) and provision of remediation plan
• AML/CFT training
• DKYC: externalizing KYC processes

Deloitte’s Regulatory Watch service helps you stay ahead of the regulatory curve to better manage and plan upcoming regulations.

Contacts

Subject matter specialists

Regulatory Watch Kaleidoscope service