Luxembourg Law Implementing The 4th AML Directive Has Been Adopted

On 6 February 2018, the Luxembourg Parliament adopted the law implementing most1 of the 4th AML Directive2 into Luxembourg law (the "Law") and amending the 2004 AML Law3. The alert summarises the main changes introduced to the Bill following the recent comments of the State Council. For more details on the reform, click here to read our article in the December 2017 issue of ATOZ Insights.

The Law extends the group of Professionals and supervision authorities subject to the 2004 AML Law

New categories have been added to the list of professionals ("Professionals") bound by the obligation to fight money laundering and terrorism financing ("ML-TF") according to the amended 2004 AML Law. These new categories include: family office professionals, bailiffs, asset dealers, all betting and gambling establishments, trust and company service providers (when they act as director of a partnership or provide business premises), and branches of financial institutions exercising their activity in Luxembourg.

"Control authorities" (CSSF, CAA, AED) and "self-regulating bodies" (IRE, OEC, Notaries' Chambers, the Bar's Order Council, the Chamber of the Judicial Officers) will supervise Professionals' compliance with the revised 2004 AML Law and are empowered to conduct inquiries and apply sanctions in case of breach of law.

The Law expands the scope of the definition of PEPs

The Law removes the distinction between foreign and national PEPs4. The PEP definition now includes three categories of persons, namely: (i) an individual who is or who has been entrusted with prominent public functions, (ii) his/her family members (including brothers and sisters) and (iii) persons known to be close associates.

The Law introduces a new Risk Assessment obligation for all Professionals

All Professionals must assess the risks of ML-TF they are exposed to on a continuous basis, taking into account several categories of risk variables (client, geographical, product, distribution channels). A risk assessment must be performed whenever new products, commercial practices or technologies are launched, but also when the relevant circumstances relating to an existing client change.

The Law clarifies the Customer Due Diligence measures to be taken by Professionals

All Professionals must apply customer due diligence ("CDD") measures appropriate to the risk detected in order to identify the client, its beneficial owner(s) and any person acting on behalf of the client. A Professional...