News and Example Templates for CSSF Circulars and EU Regulations for Payment Institutions (PIs) / Electronic Money Institutions (EMIs) /account information service providers (AISPs) in Luxembourg
Luxembourg Financial Regulatory News: Circular CSSF 25/892, effective May 31, 2025, informs financial entities in Luxembourg that the CSSF fully applies the Joint ESAs’ Guidelines on estimating costs and losses from major ICT-related incidents under the DORA regulation. The circular […]
Luxembourg Financial Regulatory News: Circular CSSF 25/883, effective April 9, 2025, amends Circular CSSF 22/806 to prevent overlapping regulations following the entry into force of DORA. For financial entities subject to DORA, the circular repeals the section on ICT outsourcing
Luxembourg Financial Regulatory News: Circular CSSF 25/882, effective April 9, 2025, provides practical guidance for financial entities on using ICT third-party services under DORA. It applies to a broad range of institutions, detailing requirements for contractual arrangements, professional secrecy, and
Luxembourg Financial Regulatory News: Basis and Inspiration for the Circular CSSF 25/881: The Circular CSSF 25/881 is based on the Digital Operational Resilience Act (DORA) and the new EBA Guidelines (EBA/GL/2025/02). It was inspired by the need to avoid an
Circular CSSF 25/881: Streamlining ICT Risk Management for Non-DORA Entities Read More »
Luxembourg Financial Regulatory News: Basis and Inspiration for the Circular: The circular CSSF 25/880: PSP ICT and User Relationship Assessment is based on the new EBA Guidelines (EBA/GL/2025/02) which amend the previous EBA Guidelines on ICT and security risk management
Circular CSSF 25/880: PSP ICT and User Relationship Assessment Read More »
Luxembourg Financial Regulatory News: Prepare for a major change in how your firm handles sanctions. Starting December 30, 2025, the CSSF’s new Circular 25/896 will require all financial institutions in Luxembourg to follow strict European guidelines for sanctions compliance. This
