The administrative sanction was imposed by the CSSF on 30 November 2022, following an on-site inspection carried out by the financial regulator.

The fine of €198,750 was related to “non-compliance with several professional obligations” regarding the management of IT risks, internal governance, obligation of professional secrecy and communication requirements to the CSSF, noted the financial regulator’s announcement.

Intertrust (Luxembourg) s.à r.l. is a specialised PFS, or professional of the financial sector.  It has been established in Luxembourg since 1955.

Delano contacted Intertrust for a comment. In response, an Intertrust Group spokesperson said in a statement: “Intertrust Group strongly supports industrywide regulatory changes designed to discourage bad actors from exploiting the international financial system. We have long been committed to working only with legitimate entities operating within all laws and regulations, and we look forward to working with regulators and policymakers to proactively address financial economic crime.”

“During a routine regulatory inspection by the Commission de Surveillance du Secteur Financier (CSSF) at Intertrust Luxembourg S.à r.l., certain IT shortcomings were identified in the entity’s internal IT framework that was in place. In response, Intertrust identified the root cause of the shortcomings, developed the remediation action plans, recruited additional experts, and hired senior and experienced leaders to implement and manage the remediation efforts—which included a new set of policies, procedures, controls, and training, as well as an enhanced IT governance framework,” said the Intertrust Group spokesperson.

Article updated at 18:15 with the statement from Intertrust Group.