← Back to articles

In the evolving landscape of international tax compliance, the Directive on Administrative Cooperation (“DAC”) 7 has risen to a paramount importance in Luxembourg in 2024. As its core, DAC 7 mainly addresses digital platforms, which are now compelled to collect and report information on income generated by sellers using their platforms. However, the latest regulatory change also has implications for the financial sector, particularly in terms of the protection of natural persons’ personal data.

As part of its commitment to helping the financial sector in Luxembourg with their notifications and communications to their clients, Victor Buck Services offers secure solutions to ensure that companies can fulfil their new regulatory obligations.

Facilitating financial information exchange with the CRS Law

Reporting Financial Institution in the European Union (“EU”) are required to report detailed tax information to national tax authorities since 2014, when DAC 2 was adopted, with the broader goal to combat tax evasion by facilitating and strengthening the exchange of information between tax authorities among EU Member States.

In Luxembourg, the Common Reporting Standard (“CRS”) Law was subsequently adopted in 2015, transposing DAC 2 into the Luxembourg regulatory framework. This legislation requires Luxembourg Financial Institution to report certain information (e.g., interest, dividends, account balances, and gross proceeds) to the tax authorities. Entities are compelled to submit their CRS filings by June 30 of each year, subsequent to the fiscal year’s conclusion.

DAC 7: annual notification requirement for increased transparency

Building upon the existing framework, the DAC 7 Law, implementing DAC 7 in Luxembourg, further amends the provisions of the CRS Law to enhance transparency. Luxembourg Reporting Financial Institutions must now inform each natural person annually that information about them will be reported to the tax authorities, prior to the reporting.

This notification process aims to ensure that individuals are informed about the processing of their personal data under the CRS and have sufficient time to exercise their rights under the GDPR. It is understood by the market that this notification must be sent at minimum one month before the filing of the CRS report. This notification must include essential information such as the personal data of the individual, the purpose of data processing, the recipients of the data, the categories of data to be reported under CRS, and the individual’s rights under the GDPR.

Recalibration of reporting strategies for financial institutions

For professionals in the financial sector, this modification of the CRS Law necessitates a recalibration of reporting strategies. The timeline is tight, with a short « window of opportunity » to comply with DAC 7’s communication mandates before the CRS deadline looms, on June 30^th, 2024. Specifically, targeting mid-April to early May for notifications would align seamlessly with the requisite preparatory actions for CRS submissions.

In light of these requirements, Victor Buck Services stands ready to assist financial companies in sending these notifications through various channels, including secure mail or email.

Embrace compliance with confidence

We are committed to helping our clients navigate the changing regulatory landscape and achieve their compliance goals effectively and efficiently. Since 2000, Victor Buck Services has been helping leading financial firms in Luxembourg with their communications to their clients, from the distribution of specific documents to the handling of entire business processes in accordance with their needs and the evolving legislations.

We offer comprehensive mailing and communication solutions to meet the requirements of the new DAC 7 Law in Luxembourg. Leverage our 20+ years expertise and state-of-the-art equipment to send your notifications quickly by mail or email. Rest assured that your information will be processed with the upmost security and confidentiality: we are a PSF service provider, ISO 27001– and ISO 22301-certified.

As the deadline of June 30^th approaches, the time to act is now. With us, meet your legal obligation with efficiency, precision, and confidence, ensuring your focus remains on the core activities that drive your success.

Contact Victor Buck Services today.