The Commission de surveillance du secteur financier (the “CSSF”), the Luxembourg supervisory authority, issued a circular on the authorization and organization of Luxembourg UCITS management companies and self-managed SICAVs. The circular provides guidance on the substance and governance requirements that must be complied with by such entities. Further to the issue of the circular, the CSSF stated in a press release that the promoter concept will be repealed with respect to UCITS. In addition, the CSSF issued a regulation relating to the fight against money laundering and terrorist financing, which completes the regulatory framework in Luxembourg concerning anti-money laundering and counter-terrorism financing. Finally, the Luxembourg Parliament adopted a law concerning the activities of family offices in Luxembourg, which is another step in the direction of an increased regulatory protection system to ensure that financial services activities can only be performed by duly authorized professionals.  These developments are discussed below.

 New CSSF Circular on Substance and Governance

Authors: Antonios Nezeritis and Laura Rossi

On 24 October 2012, the CSSF issued Circular 12/546 on the authorization and organization of Luxembourg management companies subject to Chapter 15 of the Law of 17 December 2010 on undertakings for collective investments (the “2010 Law”) as well as investment companies that have not designated a Management Company within the meaning of article 27 of the 2010 Law (the “Circular”).

The CSSF subsequently issued a form for compliance with the Circular which must be completed and submitted to the CSSF.

The Circular provides guidance on the conditions and formalities required by the CSSF for a UCITS management company (a “Management Company”) and a UCITS self-managed investment company (a “SIAG”). These conditions and formalities, among others, describe the internal organization and structuring requirements that must be fulfilled by the Management Company or the SIAG, as the case may be. The Circular covers a wide range of topics and the following sections provide a summary of the main regulatory innovations introduced by the Circular.

Shareholding

The CSSF must be provided with information regarding the shareholders or members of a Management Company, whether natural or legal persons, holding directly or indirectly at least 10% of the capital or voting rights or otherwise exercising a significant influence.

The CSSF will verify if the shareholders or members will be able to guarantee a sound and prudent management of the Management Company. The criteria are: (i) the professional reputation of the proposed shareholder or member; (ii) the professional reputation and experience of any person that will direct the business of the Management Company; (iii) the financial soundness of the proposed shareholder or member; (iv) at the group level, the compliance with any supervisory or prudential requirements; and (v) the risk of money laundering and terrorist financing. The CSSF also will verify if a direct shareholder or member in the Management Company has its own financial means at least equivalent to the amount invested in the Management Company.

If a depositary bank has a direct or indirect qualifying interest in the Management Company, the Management Company must identify any conflict of interest that may result therefrom and must avoid or, if necessary, address any such conflict in accordance with its conflicts of interest policy.

In certain cases, the CSSF may request a sponsorship letter (lettre de patronage) in order to obtain confirmation from the issuer of the letter that the sponsored entity complies or, as the case may be, will comply with applicable rules of conduct and prudential requirements.

Own Funds

A Management Company must have adequate and sufficient financial means (which must be kept at the exclusive and permanent disposal of the Management Company) in order to guarantee the continuity and regularity of the activities of, and the services provided by, the Management Company. However, it is now permissible for a Management Company to invest these funds in liquid assets or assets easily convertible into short-term liquid assets. The investment of these funds may not include speculative positions.

The minimum capital required for the Management Company is the greater of the following amounts:

1. €125,000 plus 0.02% of assets under management that exceed €250,000,000, up to a maximum of €10,000,000; and
2. one quarter of the preceding year's fixed overheads.

Board of Directors

The board of directors of the Management Company must be composed of members who are of sufficient good repute and have adequate experience in the management of the undertakings for collective investment managed by the Management Company. The CSSF must approve the directors.

The Circular also requires that each member dedicate sufficient time and attention to his or her duties in order to perform the tasks accurately. This can be achieved if the member limits the number of similar mandates in other companies as well as other professional engagements.

If one of the shareholders of the Management Company is a bank and if the bank also acts as depositary bank for one or more funds managed by the Management Company, the Management Company must ensure that a majority of its management board is not composed of representatives of the depositary bank.

Conducting Persons

A Management Company must appoint at least two conducting persons who must, in principle, permanently reside in Luxembourg or have their domicile in a place permitting them to come to Luxembourg on a daily basis. The Circular provides that a conducting person must be reachable at all times for the CSSF and must be able to provide the CSSF with any information deemed to be essential for the completion of his or her supervisory role.

The CSSF must approve the conducting persons. Before approving the candidates, the CSSF will verify if they are of sufficient good repute and have sufficient professional experience gained through the provision of similar services and with a high level of responsibility and autonomy.

These conducting persons will form a management committee (comité de direction). Subject to the ultimate responsibility of the management board, the management committee will be responsible for, inter alia:

• the implementation of strategies and guidelines on central administration and internal governance via specific written internal policies and procedures;
• the implementation of adequate internal control mechanisms (i.e., the permanent compliance, internal audit and risk management functions);
• ensuring that the Management Company has the technical infrastructure and human resources required for the performance of its activity; and
• for each UCITS managed by the Management Company:
  • the implementation of the general investment policy;
  • the supervision of the adoption of investment strategies;
  • the adoption, filing and implementation of the risk management policy; and
  • the implementation of the marketing policy and the distribution network.

From an operational viewpoint, the management committee must meet regularly and the conducting persons should be in contact on a regular basis. These periodic meetings must be documented in minutes and should include a discussion of the management information (e.g., results of controls carried out on the activities of delegates, analyses in the area of risk management, incidents related to the activity of collective management, execution policy, complaints and minutes of previous meetings). In addition to the minutes, the management committee must provide a formal written report to the board of directors.

Each conducting person must be assigned specific areas of responsibility, and the allocation of areas of responsibility must be made in such a manner as to avoid any conflict of interest (e.g., the performance and/or control of the risk management function and the investment management function may not be carried out by the same conducting person).

Central Administration and Internal Governance

A Management Company must have a head office in Luxembourg (i.e., its decision-making center and administrative center must be in Luxembourg). According to the Circular, a Management Company should have its own premises in Luxembourg.

The Management Company must also ensure that the following conditions are met: (i) having sufficient staff in Luxembourg; (ii) having appropriate IT and technical infrastructure; (iii) establishing adequate accounting policies and procedures; (iv) establishing clear and specific procedures regarding the internal organization of the head office; (v) implementing and maintaining effective and transparent procedures for the handling of complaints; (vi) establishing a permanent compliance and audit function; (v) establishing a risk management function and process; (vi) keeping a record of personal transactions and conflicts of interest; (vii) establishing rules of conduct and a remuneration policy; and (viii) implementing and maintaining procedures for the verification of arrangements for internal governance regarding delegates.

Regarding the permanent compliance and audit function, the Circular provides that a Management Company must have its own compliance function in Luxembourg. The compliance function may be outsourced under certain conditions. The compliance officer may not be a member of the board of directors.

The internal audit function may not be entrusted to a member of the board of directors or any other governing body of the Management Company.

According to the Circular, the risk management function must be hierarchically and functionally independent from operating units, unless the CSSF has approved derogation. Subject to the approval of the CSSF, this function may also be delegated to a third party or to one of the conducting persons of the Management Company, provided that (i) he/she has the necessary qualification, knowledge and expertise in that particular area, and (ii) the conducting officer is not also in charge of the investment management. Regular reports of the risk management function must be issued at least once a year and be submitted to the CSSF no later than one month after the annual general meeting approving the annual accounts of the Management Company.

The Circular provides that the CSSF must be provided regularly with information regarding the risk management process and at least once a year with a report on the risk management process and any update thereof.

External Audit

A Management Company must appoint one or more approved external auditors for the audit of its annual accounts.

Delegation

A Management Company may, for the more efficient conduct of its business, delegate to third parties one or more of its functions (e.g., portfolio management, marketing, administration, risk management). However, the Management Company may not delegate the monitoring of the activities delegated to a third party. Furthermore, no delegation may take place that would result in the Management Company being a letterbox entity.

According to the Circular, the following functions must be assumed by the Management Company:

• the determination of the general investment policy for each UCITS that is not a company;
• the determination of the risk profile of each UCITS managed by the Management Company;
• the interpretation of the analysis of the risk management, including the required rectification measures;
• the implementation of a conflicts of interest policy;
• the implementation of a best execution policy;
• in the absence of a representative price, the assurance that the governing bodies of the relevant UCITS have estimated the value of realization with caution and good faith, or the provision of adequate support to the governing bodies of the UCITS;
• the appointment of the service providers; and
• the monitoring and control of the delegated functions.

Programme of Activities

The request for authorization of a Management Company includes a programme of activity that provides a description of its business development plan. The business development plan consists of information covering:

• the scope of the proposed services for the next three financial years concerning collective management,
• the investment policies pursued by the UCITS managed, as well as the instruments and financial markets concerned;
• the risk management process; and
• the provisional accounts.

Principle of Proportionality

Depending on the nature, scale and complexity of its activities, a Management Company may invoke the principle of proportionality in the application of certain requirements of CSSF Regulation n° 10-4 transposing the directive 2010/43/UE of the Commission dated 1 July 2010. On this basis, a Management Company may be authorized to apply, subject to a prior and duly motivated application, the principle of proportionality in the organization of its compliance, internal audit and risk management functions proportionally to its activities.

The following will be taken into account when assessing the applicability of the principle of proportionality:

• the number of UCITS or UCIs managed by the Management Company;
• the total assets under management;
• the use of classes of assets considered as bearing a higher risk;
• the proportion of delegated functions; and
• the possibility for the Management Company to rely upon specific intra-group know-how.

SIAGs

A SIAG must have its registered office, its decision-making center and its administrative center in Luxembourg. A SIAG must be incorporated with a minimum capital of €300,000.

The provisions of the Circular dealing with the sponsorship letter, the board of directors, the conducting persons, external audit, handling of complaints, permanent risk management function and risk management process, conflicts of interest, rules of conduct, remuneration policy, delegation and programme of activities are applicable, mutatis mutandis, to SIAGs.

Upon a duly motivated request, a SIAG may invoke the principle of proportionality when organizing its risk management function.

Entry into Force of the Circular

The Circular entered into force with immediate effect on 24 October 2012, the date of its publication. Management Companies and SIAGs in existence on such date have until 30 June 2013 to fully comply with the applicable provisions of the Circular.

 Abolishment of the Promoter Concept for UCITS

Author: Antonios Nezeritis

The CSSF confirmed in a press release dated 31 October 2012 that the promoter concept will be repealed with respect to SIAGs that comply with the Circular and with respect to UCITS that are managed by a Management Company that complies with the Circular. Indeed, the CSSF considers that the additional requirements of Circular 12/546 will guarantee sufficient investor protection and that a promoter is therefore no longer required.

As Management Companies and SIAGs must comply with the Circular by 30 June 2013, the promoter concept will no longer exist for UCITS from 1 July onwards. It is expected that the CSSF will take a similar approach for Luxembourg UCITS that are managed by a non-Luxembourg UCITS management company.

This is a major step which will make Luxembourg even more attractive for future fund launches.

 New Anti-Money Laundering Regulations

Authors: Antonios Nezeritis and Jean-Louis Frognet

On 14 December 2012, the CSSF issued CSSF Regulation N°12-02 relating to the fight against money laundering and terrorist financing (the “Regulation”). The Regulation was published in the Luxembourg official gazette on 9 January 2013 and entered into force on 14 January 2013. On 16 January 2013, the CSSF issued CSSF Circular 13/556 in relation to the entry into force of the Regulation and the abrogation of CSSF Circulars 08/387 and 10/476.

The Regulation not only completes the regulatory framework in Luxembourg concerning anti-money laundering (“AML”) and counter-terrorism financing (“CTF”), but also grants a formal binding nature to existing professional obligations that were previously provided for in the above-mentioned CSSF circulars. Moreover, the Regulation takes into consideration recommendations that were adopted by the Financial Action Task Force (“FATF”) in February 2012 and which will be subject to a European Directive to be implemented into Luxembourg laws.

Scope

The Regulation is applicable to all professionals (hereafter, the “Professionals”) subject to the supervision of the CSSF and to the Luxembourg law dated 12 November 2004 on the fight against money laundering and terrorist financing as amended (the “2004 Law”). It is therefore applicable to, among others: credit institutions and professionals of the financial sector licensed or authorized to exercise their activities in Luxembourg; undertakings for collective investment; investment companies in risk capital; and management companies. Furthermore, measures that are “at least equivalent” shall apply to these Professionals’ foreign branches and subsidiaries.

In particular, the Regulation expressly provides that when units or shares of an undertaking for collective investment or of an investment company in risk capital are subscribed for by an intermediary acting on behalf of its clients, the undertaking for collective investment, its management company, the investment company in risk capital or, if applicable, their respective proxies, must implement enhanced due diligence measures concerning the intermediary, in order to ensure compliance with all obligations deriving from the 2004 Law, the Regulation and the grand ducal regulation dated 1 February 2010 providing details on certain provisions of the 2004 Law.

Purpose

The purpose of the Regulation is to specify and complete the Luxembourg provisions applicable to AML and CTF, in particular in relation to the following:

Risk-Based Approach

The Regulation provides clarification as to the risk-based approach to be adopted by these Professionals in relation to risks assessment and risks management and mitigation. With respect to the risk assessment, Professionals are required to identify and evaluate the risks to which they are exposed, especially in relation to new products, new business practices and new technologies. They are also required to classify their clients according to their risk level, prior to acceptance of the client and subsequently during the business relationship. With respect to the risks management and mitigation, Professionals are required to establish and implement policies, controls and procedures in order to manage and mitigate efficiently the money-laundering and terrorist financing risks to which they are exposed.

Customer Due Diligence

The Regulation lists the specific rules that are applicable to: the acceptance of new clients; the identification and verification of the identity of clients, clients’ authorized proxies and beneficial owners; and the purpose and intended nature of the business relationship. It also provides details concerning the opening of accounts when the identification procedure is not completed, as well as the obligation to retain certain documents and information. Further, the Regulation indicates what is acceptable in terms of due diligence performed by third parties.

Internal Organization

The Professionals’ policies and procedures concerning AML and CTF must be adapted to their activity, structure, size, organization and resources and must cover all their professional obligations. The following is a non-exhaustive list of what such policies and procedures must encompass, if applicable:

• the policy for accepting clients;
• the details of the procedures for the identification, evaluation, supervision, management and mitigation of risks of money laundering and terrorist financing;
• the procedures to be followed in case of suspicion of money laundering and terrorist financing; and
• the procedures for hiring new employees, as well as to train and provide information to employees about potential risks.

These policies and procedures will be subject to initial validation and will then be regularly monitored by the person in charge of the control of AML and CTF (the identity of whom is to be communicated to the CSSF) and, if necessary, updated based on the Professional’s then-current activities and clients, and any changes to the applicable rules.

The Professionals are required to coordinate with their foreign branches and subsidiaries concerning such policies and procedures.

Cooperation with Authorities

The Professionals must be in a position to answer promptly and in a complete manner any information requests from the competent authorities in charge of AML and CTF.

Review by Approved External Auditor (réviseur d’entreprises agréé)

The control of the annual accounts of the Professional by the approved external auditor must also cover the Professional’s compliance with the legal and regulatory obligations and provisions in terms of AML and CTF. In this respect, the approved external auditor will proceed with “sampling” audit tests. This annual control will also cover the Professional’s foreign branches and subsidiaries.

Abrogation of CSSF Circulars

The Regulation abrogates and replaces with immediate effect the following CSSF circulars to which the Professionals were subject:

• CSSF Circular 08/387 dated 19 December 2008 concerning the fight against money laundering and terrorist financing and prevention of the use of the financial sector for the purpose of money laundering and terrorist financing; and
• CSSF Circular 10/476 dated 29 July 2010 concerning the fight against money laundering and terrorist financing: abrogation and amendment of certain provisions of Circular CSSF 08/387.

Family Office Law

Authors: Antonios Nezeritis and Jean-Louis Frognet

The Dechert Financial Services Quarterly Report of Fourth Quarter 2011 presented the bill of law (n°6366) concerning the activities of family offices in Luxembourg. On 21 December 2012, the Luxembourg Parliament adopted a law concerning the activities of family offices in Luxembourg (the “Family Office Law”). The Family Office Law amends the Luxembourg law dated 5 April 1993 on the financial sector (the “1993 Law”) and the Luxembourg law dated 12 November 2004 on the fight against money laundering and terrorist financing. The Family Office Law entered into force on 2 January 2013.

The Family Office Law, which sets up a new legal and regulatory framework for the performance of financial services activities, is another step in the direction of an increased regulatory protection system to ensure that financial services activities can only be performed by duly authorized professionals.

Family Office Activities

The Family Office Law defines “Family Office activities” as the provision, on a professional basis, of advice or services of a patrimonial nature to natural persons, families or patrimonial entities (of the corporate or contractual type, foundation or trust) belonging to natural persons or families or of which they are founders or beneficiaries.

According to the Family Office Law, the provision of “advice and services of a patrimonial nature” consists of:

• advice in relation to patrimonial organization, patrimonial planning, administrative or financial supervision of an estate (patrimoine), or
• coordination of service providers involved in relation to an estate (patrimoine), the supervision or evaluation of their performances,

to the exclusion of the holding of cash or financial instruments of clients and the provision of investment services and the exercise of investment activities within the meaning of the 1993 Law.

The Family Office Law defines the estate (patrimoine) as “all or part of an estate (patrimoine) to the extent it includes cash or financial instruments”.

Excluded Activities

Family Office activities that are performed between members of only one family, or for only one natural person or only one family, or for patrimonial entities belonging to only one natural person or only one family, or of which only one person or only one family is founder or beneficiary, are expressly excluded from the scope of the Family Office Law.

Furthermore, Family Office activities are not subject to the Family Office Law if they are performed in the capacity as holder of a directorship (mandataire social), member of a foundation counsel (membre d’un conseil de foundation), trustee, trust protector (protecteur d’un trust), fiduciary agent (fiduciaire) or agent appointed by a court (mandataire de justice).

Professionals Authorized to Perform Family Office Activities

The performance of Family Office activities and the use of the “Family Office” title are reserved to a limited number of professionals, including “Family Offices” – a new category of professionals of the financial sector introduced by the Family Office Law in the 1993 Law.

As professionals of the financial sector, “Family Offices” need to be duly authorized. Such authorization will only be granted to legal persons upon written application, following an investigation by the CSSF to establish whether the conditions laid down by the 1993 Law are fulfilled (in particular, in terms of minimum share capital, central administration and infrastructure, shareholding, professional standing and experience).

In addition to said “Family Offices” (which are subject to the prudential supervision of the CSSF), the following other professionals are authorized by the Family Office Law to perform Family Office activities:

• credit institutions;
• investment advisors;
• investment managers;
• domiciliation agents;
• professionals providing company formation and management services;
• lawyers registered on list I or list IV of the Luxembourg Bar;
• notaries;
• external auditors (réviseur d’entreprises) and approved external auditors (réviseur d’entreprises agréé); and
• accounting experts (expert-comptable).

The professionals performing Family Office activities will be subject to specific obligations related to, among other matters, professional secrecy, transparency of remuneration and the fight against money laundering and terrorist financing.

Any person who exercises the Family Office activities or uses the Family Office title without being one of the above-mentioned authorized professionals will be subject to criminal sanctions.

Grandfathering

Any person located in Luxembourg that is currently performing Family Office activities without being one of the professionals authorized to do so, has until six months following the date of entry into force of the Family Law to comply with its terms.