2022-12-29
Added · Updated
The Commission de Surveillance du Secteur Financier (CSSF) issued Circular CSSF 22/828 to amend Circular CSSF 20/750 regarding information and communication technology and security risk management. This regulatory update modifies the existing requirements for financial sector entities to ensure robust ICT and security risk management practices. The amendment aims to align supervisory expectations with evolving technological risks and operational resilience standards.
Published on 29 December 2022
Email this
Share this on LinkedIn
Share this on Facebook
CSSF circular
Amendment of Circular CSSF 20/750 on requirements regarding information and communication (ICT) and security risk management
Contact:
Questions and comments regarding the “PSP ICT Assessment” form: pspictassessment@cssf.lu
PDF (112.73Kb)
PDF (115.03Kb)
Related documents
Updated on 9 April 2025
Circular CSSF 20/750 (as amended by Circulars CSSF 22/828 and 25/881)
Requirements regarding information and communication technology (ICT) and security risk management
PDF (293.42Kb)
PDF (239.88Kb)