2024-01-05
The Commission de Surveillance du Secteur Financier (CSSF) issued Circular 24/847 to establish a comprehensive framework for reporting ICT-related incidents. This regulation supersedes previous guidelines, including Circular 11/504, to align supervisory practices with evolving digital operational resilience standards. It mandates specific notification procedures for significant cyber threats and major incidents affecting financial entities under CSSF supervision.