CSSF FAQ Covid-19

For investment funds, those clarifications include, but are not limited to, the following points:

1. -    Swing pricing: the CSSF stated that, in light of the current exceptional market conditions, they will allow for swing pricing/dilution levy factors to be applied at a percentage exceeding the maximum percentage set forth in the prospectus of UCITS, Part II funds and SIFs on a temporary basis. 
2. A decision to apply a higher percentage must be (i) adequately justified (ii) based on a robust internal process and methodology that provides for an accurate NAV representative of prevailing market conditions and (iii) take into account the best interest of the investors.
3. The decision to exceed the indicated maximum percentage must be notified to new and existing investors through the usual communication channels, such as a notice to shareholders, the fund’s website or through any other means as referred to in the prospectus.
4. The CSSF must be provided with a detailed notification of the decision to apply a higher percentage, including a specific explanation of the reasons for such decision. 
5. In the case where the prospectus does not specifically provide for the possibility for the indicated maximum percentage to be exceeded in exceptional market circumstances:

• the communication to investors has to be made before applying an increase of the swing factor beyond the maximum swing factor laid down in the fund’s prospectus. The CSSF must simultaneously receive a copy of this communication to investors; and
• the prospectus must be updated to formally provide for the possibility to the board of directors of the UCI or, if applicable, the management company to go beyond the maximum level under certain predefined conditions, as soon as possible.

The CSSF may request, on an ex-post basis, a justification of the level of the swing factor applied and documentary evidence that it was at all times representative of the prevailing market conditions.

1. -    Reporting: UCIs, SIFs, SICARs, investment fund managers, pension funds and securitisation undertakings can ask for an extension of the deadlines for the submission to the CSSF of some reports. In addition to the reports listed in the FAQ Covid-19, the CSSF has also decided that where necessary, the long form report could exceptionally be remitted up to four months after the annual general meeting (“AGM”) of the audited entity or fund. This extension does not apply if these entities already benefit from delays for such AGMs granted by the government through exceptional measures, i.e. both delays do not apply cumulatively (see in this respect the CSSF Press Release  dated 25 March 2020). 
2. -    Annual reports/semi-annual reports in relation to UCIs, SIFs, SICARs, UCITS ManCos and AIFMs: IFMs who anticipate that the publication of the annual and semi-annual reports will be delayed beyond the legal deadlines must inform the CSSF thereof without delay via e-mail at  opc@cssf.lu , indicating the reasons for such delay and, to the extent possible, the estimated publication date. They must also inform investors as soon as possible by indicating the reasons for such delay and, to the extent possible, the estimated publication date (in this respect, see also (i) the ESMA Statement dated 9 April 2020  and (ii) the current Bills 7540 and 7541 which are described in another sub-section of this Legal Update).
3. -    IT: the FAQ clarifies the minimum IT security conditions that are recommended for remote access, which is implemented in order to meet the exceptional situation created by Covid-19. The CSSF recalls, amongst other things, that each supervised entity is responsible to define the conditions, including the IT security conditions, under which it authorises remote access to its IT environment to the employees of external service providers in proportion to the risks to which it is exposed. The FAQ comprises a number of recommendations on the identification of high privileged accesses, the securing of communications through encryption and on connection monitoring.
4. -    Cloud-based outsourcing: a temporary waiver of prior authorisation/notification requirements (provided by Circular CSSF 17/654, as amended by Circular CSSF 19/714) applies as long as this exceptional situation lasts. A simple communication by email to the CSSF contact agent of the concerned entity is sufficient at this stage. This is without prejudice to the entity's obligation (i) to carry out appropriate due diligence and risk assessment of such cloud outsourcing and (ii) to be recorded in the cloud register (point 26.a of the CSSF Circular. 
5. -    Work from home: the FAQ confirms that the recommendation made to financial institutions subject to the CSSF’s prudential supervision to favour work from home in the framework of their business continuity plan also applies to support PFS, subject to satisfactory IT security conditions. Prior authorisation by the CSSF is not required. As regards the services provided to clients, a support PFS must however receive authorisation from its client for any service provided from home by the employees of the PFS, which involves access to the IT environment of the client, including for the implemented security measures. 
6. In this respect, further to the confirmation by the Luxembourg government that the lockdown will be extended (subject to a limited number of exceptions) until at least 25 May 2020, the CSSF urges all financial institutions under its prudential supervision to continue favouring working from home (CSSF Press Release 17 April 2020).
7. -    CSSF FAQ COVID-19 of April 2020 on active and passive breaches of Value at Risk (VaR): The CSSF clarifies the concepts of active and passive investment breach of the VaR limit for UCITS:

• Breaches of regulatory VaR limits (i.e. 20% for the absolute VaR limit or 200% for the relative VaR limit, as applicable) or any other more restrictive VaR limits disclosed in the prospectus which occur as a result of the increased market volatility (and not as a result of new positions that may increase the portfolio risk) can be considered as passive breaches and do not need to be notified to the CSSF. Passive breaches should be remedied within a reasonable timeframe, taking into account market conditions and the best interest of investors. 
• In case of a passive breach, the CSSF considers that any additional risk exposure taken in relation to the UCITS which would increase the global risk level of the UCITS’ portfolio, will constitute an active investment breach. However, passive breaches do not prevent the management of UCITS (i.e. making investments following new subscriptions), provided that the new positions do not increase the risk level. There will be no active investment breach in this case. 
• In case of an active breach, a notification to the CSSF is required. The notification must comprise identification information on the UCITS, the VAR limit and consumption and explanations on the reason of the breach. As CSSF Circular 02/77 does not apply to those breaches, IFMs are not required to use the standard 02/77 template for those notifications to the CSSF.