2024-01-05

Circular CSSF 24/847 on ICT-related incident reporting framework

The Commission de Surveillance du Secteur Financier (CSSF) issued Circular 24/847 to establish a comprehensive framework for reporting ICT-related incidents. This regulation supersedes previous guidelines, including Circular 11/504, to align supervisory practices with evolving digital operational resilience standards. It mandates specific notification procedures for significant cyber threats and major incidents affecting financial entities under CSSF supervision.

Commission de Surveillance du Secteur Financier logo

Luxembourg

Commission de Surveillance du Secteur Financier

Click to view full text
Share