Publication of BO information in Luxembourg opens the path to legal claims

After the adoption of the EU Fourth Anti-Money Laundering Directive (4AMLD) in 2017, Luxembourg imposed on all businesses to identify their ultimate beneficial owners and register their data on to the Luxembourg Business Register (LBR), which in turn publishes it on the Register of Beneficial Owners of Companies (RBE).

Accordingly, beneficial ownership information must be maintained by all domestic or foreign fiduciary arrangements and express trusts whose fiduciaire or trustee is established or domiciled in Luxembourg, or where a non-resident fiduciary agent or trustee forms a professional relationship with a Luxembourg business entity or acquires real property in Luxembourg.

Following this provision, many complains have been raised in the years with regards to privacy violations of those subjects who saw their data made publicly accessible, and end of October 2020 saw the first official claim filed with the district court of Luxembourg, challenging the publication of personal data on LBR.

The claim specifically relates to the beneficial ownership of companies, as the client complied with this process, nonetheless requesting LBR not to make the information public, request that the LBR decided to reject. The client alleges that the ‘indiscriminate and generalised’ publication of personal details of individuals connected to family enterprises breaches their fundamental rights to data protection and privacy, and exposes them to ‘unnecessary and disproportionate’ risks.

Such claim is the first of its kind in Europe, although similar challenges have been made to automatic information exchange between tax administrations under the OECD’s Common Reporting Standard (CRS) and the US’ Foreign Account Tax Compliance Act. Although the original intention of EU 4AMLD was to allow access to information on beneficial ownership registers only to those subjects demonstrating a ‘legitimate interest’ in it, the adoption of the 5AMLD in 2018 made that data fully public, leading to potential privacy infringement risks.

SOURCE: Step News