European Regulatory Update – February 2023

1. ESG

European Supervisory Authorities (“ESAs”) proposal – disclosures for fossil gas and nuclear energy investments

On 31 October 2022, the European Commission (“EC”) adopted the proposal drafted by the ESAs concerning new regulatory technical standards (“RTS”) on the information to be provided in the pre-contractual, website and in periodic disclosures with regard to the exposure of financial products to investments in taxonomy-aligned fossil gas as well as nuclear energy activities. These new RTS resulted from the entry into force of the taxonomy complementary climate delegated act (the “Act”) on 1 January 2023.

As the Act will consider fossil gas and nuclear energy activities as being taxonomy-aligned if they comply with certain conditions, the new RTS is adding a “yes/no” question in the financial product templates of the sustainable finance disclosure regulation (“SFDR”) to identify whether the financial product invests in fossil gas and/or nuclear energy. In case the answer is “yes”, a graphical representation of the proportion of investments in such activities needs to be disclosed.

The new RTS will enter into force at the end of scrutiny period and more specifically on the third day following their publication in the Official Journal of the European Union (“OJEU”). It is not expected that the new RTS will start applying before February 2023.

Corporate Sustainability Reporting Directive

On 28 November 2022, the Council of the European Union approved the Directive amending Regulation (EU) No 537/2014, Directive 2004/109/EC (the “CSDR Directive” or “CSRD”).

The aim of the CSRD is to fight greenwashing, strengthen the EU’s social market economy and set minimum reporting standards for sustainability at a global level by obliging businesses to regularly disclose public information on their societal and environmental impact.

For instance, the CSRD introduces new detailed reporting requirements on companies’ impact on the environment, human rights and social standards as well as extending the scope of these reporting requirements to all large companies, whether listed on stock markets or not.

The CSRD is broadening the scope of application of the rules on non-financial reporting. Consequently, the CSRD will apply to:

• all EU companies qualifying as “large” companies
• all companies listed on regulated markets in the EU, except listed micro undertakings
• non-EU companies generating net annual turnover above EUR 150 million in the EU which have at least one EU subsidiary or branch exceeding certain thresholds. These companies must provide a report on their ESG impacts.

An opt-out will be available for listed small and medium-sized enterprises (“SMEs”), exempting them from the application of the CSRD Directive until 2028.
Member States will need to transpose the CSDR Directive within eighteen months of its publication in the EU Official Journal.

RTS on calculation of risk weighted exposure amounts adopted

On 24 November 2022, the European Commission has adopted a Delegated Regulation containing RTS for the calculation of risk-weighted exposure amounts of collective investment undertakings under the mandate-based approach under the CRR.

The RTS specify how institutions are to calculate the risk-weighted exposure amount referred to in Article 132a(2) of the Capital Requirements Regulation (“CRR”), where one or more of the inputs required for that calculation is not available. They clarify the steps to be taken to calculate the exposure value of collective investment undertakings’ (“UCI”) derivative exposures where the underlying is unknown and set out what to do in cases where the calculation of the exposure value to the counterparty credit risk of a netting set of UCIs’ derivative exposures is needed.

2. MiFID II

ESMA results of the 2021 Common Supervisory Action on MiFID II product governance requirements

On 8 July 2022, ESMA issued a public statement on the results of the 2021 common supervisory action (“CSA”) on product governance requirements under MiFID II. The findings relate, inter alia, to the granularity of the target market definition and its translation into a compatible distribution strategy, to the scenario analysis and the charging structure analysis, to the review of products as well as the exchange of information between manufacturers and distributors.

In this context, the consultation paper on the revised ESMA guidelines contain further details and analysis of the results of the CSA and clarifies how ESMA proposes to integrate them in the guidelines in order to improve the level of investor protection across the EU.

As further next steps, ESMA informed that national regulators should undertake follow-up actions on individual cases, as deemed needed, to ensure that the regulatory breaches or weaknesses identified are remedied.

Inflation – impact on investors

On 27 September 2022, ESMA published a statement reminding investment firms to consider inflation and inflation risk when applying relevant MiFID II requirements relating to investor protection.

This statement notes the impact the inflation growth has on retail investors, and sets out ESMA’s expectations from the investment firms in scope, as it follows:

• the information disseminated to retail clients should comprehensibly reflect the possible effect of inflation risks on the value and return of an investment
• as part of the suitability assessment, a risk that inflation will undermine the performance and / or value of an investment should be accounted for
• the suitability policies and procedures should enable investment firms to provide investment advice and portfolio management services that consider an appropriate degree of risk diversification, including differentiation with regard to inflation risk, and ensure that end-clients have an adequate understanding of the relationship between risk and return
• the effect of expected inflation should be considered in their product governance processes.

3. The EU’s Digital Operational Resilience Act for financial services (“DORA”)

Interplay between DORA and GDPR

On 27 December 2022, the Digital Operational Resilience Act was published in the Official Journal of the European Union under the name “Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (Text with EEA relevance)”.

The aim of this Regulation is to establish uniform requirements concerning the security of information and communications technology (“ICT”) systems supporting the business processes of financial entities, seeking to achieve a high level of digital operational resilience. Therefore, the main entities in scope of DORA will be financial entities. Although DORA does not introduce sector-specific rules on personal data protection, it will indirectly reflect the ways in which financial entities comply with the GDPR requirements.

An interplay between DORA and GDPR exists as follows:

• obligation of identification, classification, and documentation of the information assets
• obligation to perform a risk assessment upon each major change in the network and information system infrastructure, in the processes, or procedures, affecting their functions, supporting processes, or information assets
• obligation for establishing and documenting respective policies and procedures, which, should ensure the resilience, continuity, and availability of ICT systems, and maintaining high standards of security, confidentiality, and integrity of data, whether at rest, in use, or in transit
• obligation of establishing detection mechanisms
• obligation of reporting, of producing an immediate initial notification and intermediary reporting.

Although DORA will introduce specific rules on security measures, ICT-related incidents, and relations with ICT third-parties service providers in the financial sector (which directly intertwine with those of the GDPR), none of these requirements overrides the applicability of the rules of the GDPR, instead it builds on and complements them.

DORA shall enter into force on the 20th day following its publication in the OJEU. It shall apply from 17 January 2025. As a Regulation, it will become binding and directly applicable in all EU Member States as from this date.

4. Crypto-Assets

EU markets in crypto-assets (“MiCA”) Proposal

On 5 October 2022, the European Council published the text of a new regulation, related to markets in crypto-assets – MiCA, which is now subject to the approval within the EU Parliament, aiming to establish a regulatory framework for crypto-asset services across the EU.

MiCA will apply to the issuance, offering to the public, and admission to trading of crypto-assets and the provision of certain crypto-asset services in the EU.

A “crypto-asset” is already defined by the MiCA Regulation as a “digital representation of a value or a right which may be transferred and stored electronically, using distributed ledger technology or similar technology.” MiCA further delimits three subcategories of crypto-assets:

• “Asset-referenced token”
• “Electronic money token” or “e-money token”
• “Utility token”.

MiCA will not apply to crypto-assets that are unique and not fungible with other crypto-assets, meaning that non-fungible tokens (“NFT”) would fall outside the scope. MiCA also will not concern crypto-assets falling already within the scope of existing EU regulations.

Key obligations resulting from MiCA are listed below.

MiCA imposes various obligations on issuers and crypto-asset service providers, including:

• transparency and disclosure requirements for the issuance of crypto-assets
• regulatory authorisation requirements for crypto-asset service providers and issuers of asset-referenced tokens and electronic money tokens
• operational, organisational, and governance requirements for issuers of asset-referenced tokens and electronic money tokens and crypto-asset service providers
• regulatory change of control approval requirements in respect of issuers of asset-referenced tokens (as defined below) and crypto-asset service providers
• protection for holders of crypto-assets and clients of crypto-asset service providers
• a market-abuse regime for crypto-assets.

Regarding the authorisation, crypto-asset service providers must be authorized by a competent authority in an EU member state, except for UCITS management companies and AIFMs which may provide the service of portfolio management on crypto-assets subject to holding a MiFID “top-up” licence. In addition, AIFMs may also provide advice on reception and transmission of orders for crypto-assets on behalf of third parties.

Crypto-asset service providers authorized under MiCA in one EU member state may use a right to passport their authorizations into other EU member states.

MiCA was expected to be ratified and published in the OJEU in the second quarter of 2023. However, it is likely to be delayed to 2024 to allow Level 2 measures to be adopted prior to its application.

Crypto-Asset Reporting Framework (“CARF”)

On 10 October 2022, the Organisation for Economic Cooperation and Development (“OECD”) published a new global tax transparency framework for the reporting and exchange of information with respect to crypto-assets. In parallel, the OECD released amendments to the common reporting standard (“CRS”) to comprehensively cover digital financial products. The CARF reporting requirements apply to entities effectuating crypto-asset transactions, including any individual or entity that, as a business, provides a service to realize a relevant transaction for or on behalf of customers, or makes a trading platform available.

The OECD will work on an implementation package to ensure a consistent application and transposition into domestic legislation. At the same time, a release is expected from the EC of a proposed 8th version of the Directive on Administrative Cooperation (“DAC 8”) to consider CARF and the CRS amendments.

Once the implementation package will be ready and the new Directive will be released, there will be a short period of time available to adapt relevant processes and systems.

New proposal to amend DAC 8

DAC 8 follows the OECD’s CARF and is intended to work in conjunction with MiCA Regulation. However, DAC 8 will also apply to non-EU crypto-asset service providers.

The amendment proposes new reporting requirements for service providers and operators involved in transactions with crypto-assets and EU resident customers. An expansion of the exchange of information on tax rulings was introduced to include high net worth individuals, and minimum financial penalties, as well as CRS modification.

Once adopted, Member States will need to implement these rules by the end of 2025 and they will come into effect on 1 January 2026.

5. European market infrastructure regulation (“EMIR”)

Data to be reported to trade repositories

On 7 October 2022, the EMIR RTS on data to be reported to trade repositories have been published in the OJEU, increasing the number of fields to be reported from 129 currently, to 203. The RTS will be applicable from 29 April 2024.

EMIR 3.0 – EC proposal

On 7 December 2022, the EC proposed new rules with the aim to reduce this regulatory burden on EU central counterparties. The clearing capacity in the EU is important for the capital markets union (“CMU”), therefore it is important to make the EU a more attractive business place for clearing services.

The proposal for the new regulation contains the following main changes:

• the current intra-group exemption for transactions with third country entities will be replaced by a negative list containing jurisdictions with regards to which an exemption cannot be granted
• a further exemption from the clearing obligation will be introduced for derivative transactions
• clearing only non-cleared derivatives (and no longer cleared derivatives) will need to be considered when doing the calculation to determine whether the relevant clearing thresholds are exceeded
• counterparties to derivative transactions which are subject to the clearing calculation will be required to open and maintain active accounts, directly or indirectly, at EU central counterparties, and to clear at least a portion of their derivatives at EU central counterparties.

ESMA will be required to review and clarify the conditions under which derivatives can be considered as objectively reducing risks, i.e. as hedging.

6. Distributed Ledger Technology (“DLT”)

Deal struck on a pilot regime based on DLT

On 2 June 2022, Regulation 2022/858 of the European Parliament and of the Council on a pilot regime for market infrastructures based on DLT was published in the OJEU. DLT comprises a diverse set of solutions that combine database technology and cryptography, which allows all information to be stored in a secure and accurate manner. The pilot regime states that the EU Council should help the financial sector to use transformative technologies while protecting investors and financial stability.

As a result, the financial instruments services provided using the DLT market should be limited and subject to the following value thresholds:

• Shares: 500 million euro
• Bonds: 1 billion euro
• Corporate bonds: 200 million euro
• UCITS: 500 million euro.

Operators of DLT can admit new financial instruments only if their total market value is not reaching more than 6 billion euro.

DLT market infrastructures and their operators should have in place adequate safeguards to ensure investors are effectively protected when using DLT. Consequently, clearly defined liability to clients for any losses due to operational failures need to be established.

1. The SFDR RTS confirmation letter

Commission de Surveillance du Secteur Financier (“CSSF”) press release on the RTS confirmation letter

On 6 September 2022, following the press release of 27 July 2022 on the entry into force of the SFDR Level 2 provisions which reminded UCITS and AIFs of their obligations related to specific updates on pre-contractual documents, the CSSF issued a press release to update the investment fund industry on the announced RTS confirmation letter.

All annual reports of UCITS and AIFs issued after 1 January 2023 have to comply with the product disclosure requirements in periodic reports laid down in Article 11 of SFDR and as detailed under the SFDR Level 2 provisions.

The key dates are the following:

• 01 January 2023: date as from which periodic reports of funds subject to article 8 or 9 of SFDR must include Annex IV or Annex V
• 30 June 2023: deadline to comply for the first time with the website disclosure requirements related to principal adverse impact on sustainable matters in compliance with the SFDR RTS, covering the reference period 1 January 2022 – 31 December 2023.

CSSF frequently asked questions (“FAQ”) on SFDR

CSSF published on 02 December 2022 a FAQs for providing further clarity on aspects of SFDR.
The FAQ applies to:

• Financial Market Participants (“FMPs”): AIFMs, UCITS management companies, managers of a qualifying venture capital fund registered in accordance with Article 14 of Regulation (EU) No 345/2013 and managers of a qualifying social entrepreneurship fund registered in accordance with Article 15 of Regulation (EU) No 346/2013
• Financial Products: AIFs and UCITS, as referred to under Article 2 SFDR.

The CSSF clarifies that:

• changes made to the template(s) in relation to (i) figures e.g. the minimum committed percentages, (ii) the binding elements of the investment strategy, and/or (iii) benchmarks, can be considered as material change(s) and are assessed on a case-by-case basis.
  However, the mere introduction of the templates in order to comply with the applicable legal and regulatory requirements does not qualify as material change.
• the Luxembourg investment fund managers (“IFMs”) shall ensure that all relevant information pursuant to Article 10 SFDR is made available on its website or on another website, for example the website where fund-related documentation is usually made available to investors (such as the financial product’s own website, the website of its initiator or that of the portfolio manager (“PM”)). In any case, cross references must be made from the IFM’s website to the relevant website where all relevant information pursuant to Article 10 SFDR is made available.
• such minimum thresholds of investments shall be considered as binding commitments of the investment strategy of the fund.
• for article 9 SFDR products, the investments should meet the “sustainable investments” qualifications at the date of the actual investments and on an ongoing basis during the life cycle of the fund.

Use of exclusion strategies:

• Article 8 SFDR Funds: Should only an exclusion strategy be applied as a key element of the ESG strategy applicable to the relevant fund, the CSSF would expect the detailed exclusion strategy to allow investors to understand how the fund’s environmental and/or social characteristics are being met.
• Article 9 SFDR Funds: an exclusion strategy only is not acceptable. The CSSF expects that an inclusion strategy setting out the positive investment selection process is mandatory.

CSSF press releases on sustainable finance developments

The CSSF, has issued three press releases related to sustainable finance developments.

On 24 November 2022, the CSSF has reminded supervised entities that, since 22 November 2022, the date of application of the Grand Ducal Regulation of 27 July 2022 on the protection of financial instruments and funds belonging to clients, product governance obligations and the rules applicable to the provision or reception of fees, commissions or any monetary or non-monetary benefits, in-scope entities must take into account sustainability factors when deciding the target markets for the financial instruments and structured deposits they distribute.

On the same day, the CSSF has also reminded that, according to Commission Delegated Regulation (EU) 2021/1253, since 2 August 2022 providers of investment advisory and discretionary portfolio management services must obtain specific information on their clients’ preferences regarding sustainability and to meet such preferences, while also taking into account their other investment objectives and financial situation, knowledge and experience.

In the same press release, the CSSF also pointed out the publication by the ESAs of a Q&A on sustainability-related disclosures in the financial services sector.

The ESAs Q&A from 17 November 2022, clarifies the following areas:

• current value of all investments in principal adverse impacts (“PAI”)
• PAI and financial product, taxonomy-aligned investment disclosures
• financial advisers and execution-only financial market participants.

2. Cross-border distribution of funds (“CBDF”)

New FAQ on Marketing Communications

On 20 September 2022, the CSSF published a new CSSF FAQ on CBDF Marketing Communications for providing additional guidance on certain key aspects of the marketing communication requirements (“Marketing Communication Requirements”) under Article 4 of the CBDF Regulation and ESMA Guidelines on marketing communications, which were implemented by the CSSF in its Circular 22/795.

The main key points of the CSSF FAQ include:

• In-Scope funds and investors:
  • Marketing communications of all UCITS and AIFs managed by a management company are subject to Marketing Communication Requirements, regardless of their regulated/non-regulated funds status and of whether they are managed and/or marketed on a cross-border or national basis only by the management company.
  • Marketing communications of UCITS/AIFs addressed to existing and/or potential retail and/or professional investors are in scope of the Marketing Communication Requirements.
• Marketing communications identification, preparation and validation process and related procedures:
  • Marketing communications identification measures and procedures must be defined and implemented for allowing to identify whether or not a document/communication qualifies as marketing communication as such.
  • Management companies must be involved in the marketing communication preparation and validation process, implying the implementation of appropriate compliance procedures and arrangements.
  • Management companies are expected to duly document the above processes of ensuring compliance with Marketing Communication Requirements.
• Delegation and/or support from group/third parties: delegation by management companies to group/third parties of some or all tasks relating to the preparation (not the validation) of marketing communications is possible, subject to adequate oversight of the delegates and to appropriate delegation agreement.

Since 16 September 2022, management companies should be able to provide information to the CSSF upon request with respect to:

• the type of marketing communication used (e.g. factsheet, brochure, press article, etc.)
• the European Economic Area (“EEA”) countries of dissemination
• the targeted investors (i.e. retail, professional or both).

As from 1 April 2023, management companies will have to be able to link the above information to the relevant UCITS/AIF managed, and to identify whether the respective marketing communication entails ESG information.

Non-compliance with the Marketing Communication Requirements will be considered as a breach of Article 4 of the CBDF Regulation, which may potentially expose inscope entities to sanctions based on Article 14 of the CBDF Regulation.

3. AML/CTF

Obligations applicable to reserved alternative investment funds (“RAIFs”)

The Luxembourg Administration de l’Enregistrement, des Domaines et de la TVA (“AED”) published on 25 May 2022 a guide to provide RAIFs with a better understanding of regulatory expectations regarding AML/CFT obligations applicable to RAIFs.

The guide is divided in three major sections, which aim to cover:

• The duty of vigilance: obligation of RAIFs to capture all client and ultimate beneficial owner identification and verification through adequate ongoing documentation, governed by an internal organization, procedures, training, risk analysis and the appointment of a responsible to discharge the RAIF’s AML/CTF responsibilities of responsable du contrôle du respect des obligations (“RC”).
• The duty of internal organization: the need to document and have an adequate internal organization to deal with AML/CFT obligations. This should be evidenced in the organization’s hierarchy by appointing a person responsible for the matter.
• The duty of cooperation: cooperation should start as soon as the RAIF spots a transaction suspected as being unusual or presenting potential risk of money laundering and terrorist financing. The cooperation translates into an obligation to notify/report to the Cellule de Renseignements Financiers (“CRF”).

The sanctions for non-compliance could range from a criminal penalty, forced closure of the RAIF, plus monetary fines.

New CSSF questionnaire on financial crime

On 7 February 2023, the CSSF issued a Circular letter announcing an annual questionnaire on financial crime, which will be addressed inter alia to: investment firms, AIFM/management companies, specialized professionals of the financial sector.

This annual online questionnaire is meant for the regulator to collect standardised key information concerning ML/TF risks to which regulated professionals are exposed and the implementation of related risk mitigation.

The questionnaire shall be sent by the CSSF to the RCs and RRs via the eDesk Portal. While the completion of the document can be performed by any employee or even third parties, the ultimate responsibility for the adequate completion shall remain with the appointed RC or RR.

The questionnaire for the year 2022 will be launched on 15 February 2023 and the deadline for submitting it back completed is 31 March 2023.

Access to the Register of Beneficial Owners (“RBO”)

The RBO platform is the result of the transposition of the AML V Directive which goal is combating ML/TF.

On 22 November 2022, the EU Court of Justice issued a decision regarding the free and public access to information published in the RBO. The Court decided that the provision requiring to ensure that the information published on the RBO is accessible to the public is invalid, judging that the measure was “neither limited to what is strictly necessary nor proportionate to the objective pursued”.

On 19 December 2022, the RBO published the Circular LBR 22/01 to resume the access to the RBO only for professionals subject to the AML Law.

4. MiFID II

CSSF Circular regarding the MiFID II appropriateness and execution-only requirement

On 27 June 2022, the CSSF published Circular 22/817 with the purpose to inform that the CSSF will apply the ESMA Guidelines on certain aspects of the MiFID II appropriateness and execution-only requirements. The Guidelines started to apply from 12 October 2022 and cover aspects such as:

• information to clients about the purpose of the appropriateness assessment and execution-only
• know-your-client and know-your-product
• matching clients with appropriate products.

5. UCI Administrators

CSSF Circular on the authorization, governance and internal organization

On 16 May 2022, the CSSF published Circular 22/811 on the authorisation, governance and internal organisation of administrators of UCIs, which entered into force with immediate effect.
This Circular replaces Chapter D of CSSF Circular IML 91/175 issued in January 1991 and provides guidance on UCI administration activities, organisational requirements and applies to all UCI administrators of regulated and non-regulated UCIs.

Before acting as an administrator, it is necessary to assess whether the carrying out of this activity is permitted by applicable legal provisions. The head office must be located in Luxembourg for specialised investment funds (“SIFs”), investment companies in risk capital (“SICARs”), RAIFs and funds governed by Part II of the law of 17 December 2010 on UCI.

The Circular lists the activities that can be performed by UCI administration, which can be grouped into three main categories:

• registrar function
• net asset value calculation and accounting
• client communication.

A description of the specific tasks is provided for these activities, while also cross-referencing existing rules – e.g. those in Circular 02/77 on NAV calculation errors, Circular 04/146 on market timing and late trading, and the legal and regulatory AML/CFT framework.

A minimum scope of various tasks needs to be performed when ensuring the administration activity:

• legal and fund management accounting services
• customer inquiries
• valuation, pricing, and tax returns
• regulatory compliance monitoring, including
  • maintenance of the UCI’s unit/shareholder register
  • distributions
  • issues and redemptions
  • contract settlements.
• record keeping.

This Circular implements a new reporting obligation for UCI administrators.

In addition, in case of delegation of a critical or important operational task, the prior authorization is replaced by a prior notification.

The CSSF also mentioned that the general organization should be proportionate to the level of activities and consider the risks involved. This should also take into account delegations or outsourcings, as mentioned in the Circular 22/806.

6. CSSF standardised model prospectus

On 17 November 2022, the CSSF released its proposal of a standardized model prospectus that applicants can use to submit an application for approval of a new UCITS, in order to facilitate the drafting of a conventional prospectus as well as its examination.

7. Money Market Funds Regulation

CSSF Circular on stress test scenarios

On 29 June 2022, the CSSF published Circular 22/818 which integrated the latest version of the ESMA Guidelines on stress test scenarios under the Money Market Funds Regulation (the “MMF Regulation”).

In accordance with article 28 of the MMF Regulation, the ESMA Guidelines are to be updated at least every year in relation to the common reference parameters of the stress test scenarios taking into account the latest market developments.

From 30 September 2022 onwards, all entities falling under the scope of the Circular shall apply these Guidelines for the preparation of the required MMF reporting.

8. Common Reporting Standard (“CRS”)

Updated FAQs – use of the exempt collective investment vehicle status

On 4 April 2022, the Luxembourg tax authorities published an updated FAQ on CRS. The entities that are not themselves subject to the supervision of the CSSF cannot benefit from the exempt collective investment vehicle status as defined in of the Annex I of the amended law of 18 December 2015 on CRS.

This clarification concerns RAIFs and other unregulated AIFs within the meaning of the law of 12 July 2013 on alternative investment fund managers. Those AIFs are considered as reporting financial institutions and must comply with the legal and administrative requirements under CRS.

The filing can be done via a dedicated webpage.

9. Distributed ledger technology (“DLT”)

Draft bill implementing DLT Pilot Regime

On 27 July 2022, draft bill implementing the European DLT Pilot Regime Regulation has been published.

The bill proposes four articles in order to:

• clarify that the definition of “financial instrument” encompasses instruments issued relying on the DLT
• align the domestic definition of DLT to the one provided in the European DLT Pilot Regime Regulation
• establish explicitly the possibility for DLT financial instruments to be entering financial collateral arrangements
• determine as application date, 23 March 2023.

This draft is important in the development of the framework for digital assets qualifying as financial instruments within the MiFID II meaning, as well as for the use of such assets into financial collateral arrangements.

10. Crypto assets

CSSF guidance

On 29 November 2022, the CSSF published a guidance on investments in virtual assets in Luxembourg. For UCITS marketed to non-professional customers and pension funds, investors are not allowed to invest either directly or indirectly in virtual assets. However, AIFs managed by an authorised AIFM can invest directly and indirectly in virtual assets, subject to the bellow cumulative conditions:

• the AIF markets its units, shares, interests only to professional investors
• the AIFM obtains an extension authorisation from the CSSF for this new strategy.

For managing AIFs investing in virtual assets, AIFMs must obtain a prior authorisation from the CSSF for the strategy other-other fund – virtual assets.

If the AIFM will be involved in the control of the virtual assets by means of access to/control over the cryptographic keys, it will be necessary to submit to the CSSF prior to any activity, a complete application file for registration as a virtual asset service provider.AIFMs will also need to perform due diligence on asset screening, pertaining to their volatility, liquidity, technological risk, counterparty, custody or even reputation and to assess the risks and benefits associated with the proposed virtual assets activity in accordance with to the AIFM’s existing business model and risk appetite.

The CSSF also expects that the RC and the responsable du respect (“RR”) of supervised entities which will manage AIFs investing in virtual assets possesses, can demonstrate an adequate understanding of the new ML/TF and proliferation financing risks involved. RC and RR will also need to have an understanding of the necessary measures to mitigate those risks.

The AIFM shall consider and adapt the business and operational activities to the regulatory developments, more precisely to the upcoming MiCA that will regulate certain virtual assets which until now were not in the scope of existing legislation.