French Private-Banking Clients: Securing Servicing from Luxembourg

ByBertrand Mariaux Updated on

French private-banking clients require a freedom-to-provide-services check where a Luxembourg institution services or acquires French-resident clients from Luxembourg. The legal issue is not only the client’s nationality. It is which entity acts, from which Member State, towards which market, and for which regulated service.

For a Luxembourg bank, the Luxembourg basis remains the Law of 5 April 1993 on the financial sector, as amended (the “Financial Sector Act 1993”). For banking activities, Directive 2013/36/EU of 26 June 2013 on access to the activity of credit institutions and prudential supervision of credit institutions and investment firms (“CRD IV”) provides the EU basis for passporting and freedom to provide services. On the French side, Article L. 511-22 of the French Monetary and Financial Code (the “CMF”) allows a credit institution having its registered office in another Member State to operate in France under freedom to provide services, within the scope of the authorisation granted in its home Member State. For investment services, Directive 2014/65/EU of 15 May 2014 on markets in financial instruments (“MiFID II”) is the EU basis for freedom to provide investment services, while Article L. 532-18 of the CMF organises its application on French territory, within the scope of the authorisation granted in the home Member State.

Three Operational Checks

  • (i) Classify the service. Deposits, Lombard lending (credit secured against a portfolio of financial instruments), payments, investment advice, discretionary portfolio management (a mandate under which the client entrusts the bank with portfolio management and decision-making authority without prior validation of each transaction), structured products (financial instruments whose return is linked to the performance of one or more underlying assets, indices or benchmarks and whose payoff is determined by predefined formulas) and fund distribution do not use the same passport analysis.
  • (ii) Check the notified scope. This is the freedom-to-provide-services notification sent by the competent authority of the home Member State, for example the Commission de Surveillance du Secteur Financier (CSSF), to the host Member State authority. In France, the Autorité de contrôle prudentiel et de résolution (ACPR) is central for banking and insurance matters; the Autorité des marchés financiers (AMF) becomes relevant for financial markets, financial instruments, portfolio management, distribution of financial products and investor protection. The control should be performed entity by entity: Luxembourg institution, French group entity, or cooperation between entities.
  • (iii) Apply the relevant French host-State rules adopted in the general interest (règles françaises d’intérêt général) in practice. These include pre-contractual information duties, banking and financial solicitation (démarchage bancaire et financier) rules, know-your-customer (KYC) requirements, anti-money laundering and counter-terrorist financing (AML/CFT) controls, and French investor-protection rules.

KYC matters because Luxembourg-to-France servicing is not only a passporting question. The Luxembourg institution carrying the relationship must also control onboarding, customer risk, due-diligence duties and ongoing monitoring. These requirements stem from the EU AML/CFT framework, including Directive (EU) 2015/849 of 20 May 2015 on the prevention of the use of the financial system for money laundering or terrorist financing (the “AML Directive 2015/849” or “AMLD4”), as amended in particular by Directive (EU) 2018/843 of 30 May 2018 amending Directive (EU) 2015/849 (“AMLD5”), and now complemented by the 2024 AML package, according to its own application and transposition timetable. Operational application then runs through national rules, including customer due-diligence duties in the CMF.

The key point is this: when a Luxembourg-based bank uses Luxembourg as a private-banking platform to service or acquire French-resident clients, it cannot rely solely on its Luxembourg onboarding file. Such documentation typically covers identity verification and risk classification, but does not, by itself, evidence compliance with cross-border rules. The file must clearly demonstrate that the activity is passported, falls within the notified scope, is conducted through a controlled interaction channel, and that the origin of the client request is documented. It should also identify the competent French authority and show that applicable French host-State rules are applied. The presence of a French group entity does not substitute for this analysis where the Luxembourg institution is the effective service provider or commercial driver.

In practice, each French relationship should have a short cross-border servicing file. It should cover the concrete scenario: existing French client, French prospect, remote interaction from Luxembourg, travel to France, intra-group referral, targeted campaign, new product, Lombard lending, investment advice, discretionary mandate, structured product or fund distribution. This file should be updated before any service extension, product launch or commercial action targeting the French market when conducted by the Luxembourg institution or under its responsibility.

Connect with Bertrand Mariaux on LinkedIn. You can listen to the related podcast on ApplePodcast, Spotify, YouTube, or wherever you get your podcasts.

References:

Bertrand Mariaux is a certified Avocat à la Cour (admitted lawyer in Luxembourg, Liste I and Paris), holding an LL.B and LL.M (Hons).
He is an experienced lawyer with extensive expertise in investment funds, regulatory compliance, corporate & criminal law. Bertrand regularly contributes to legal publications and speaks at industry events, with a particular focus on financial regulation and corporate governance.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *