2023 Survey on Financial Crime

The CSSF informs that the Survey on Financial Crime for the year 2023 is scheduled to commence on 19 February 2024.
The primary objective of this survey is to systematically gather standardized key information concerning the risks associated with ML/TF to which professionals under CSSF supervision are exposed. Furthermore, the survey assesses the implementation of measures aimed at mitigating these risks. This initiative is an integral part of the CSSF’s ongoing assessment of ML/TF risks within the financial sectors under its supervision. It aligns with the AML/CFT risk-based supervision approach established by the CSSF.
While the 2023 survey largely maintains continuity with the previous year, some modifications have been introduced. Specific questions have been added, removed, or amended, and these alterations are explicitly highlighted in the survey. Notably, there is an addition to the Country List with the inclusion of Palestine, necessitating anticipation of related data extraction modifications.
The deadline for the final submission of survey responses is set at 1 April 2024, and entities are required to complete this process through the CSSF eDesk Portal.
For the 2023 Financial Crime survey campaign, a new API solution will be introduced to facilitate the survey process. This API solution utilizes a structured exchange file in json format, transmitted to the CSSF via the S3 protocol, pre-populating the survey on the CSSF eDesk platform. Entities will have the option to update the prefilled data directly through the eDesk portal, yet manual input of responses on the online form remains an alternative.
A forthcoming dedicated user guide will provide technical details, including the json schema and naming conventions, along with instructions for enrollment. Enrollment at CSSF is only required when entities are prepared to test the developments.
The responsibility for completing the survey within the CSSF eDesk Portal lies with either the compliance officer in charge of the control of compliance with professional obligations („RC“) or the person responsible for compliance with professional obligations („RR“). While the survey completion task may be delegated to another entity employee or a third party, the ultimate responsibility for its adequate completion rests with the „RC“ or „RR.“
Entities and their delegates must possess an eDesk account, authenticated through LuxTrust, for logistics purposes. The CSSF recommends entities to ensure account readiness to avoid connection issues upon the survey launch, referring to the „Authentication and user account management“ user guide for detailed information, accessible on the CSSF eDesk Portal homepage.