No description available.
All Firms
No description available.
All Firms
amending Regulation (EU) 2023/1529 concerning restrictive measures in view of Iran’s military support to Russia’s war of aggression against Ukraine and to armed groups and entities in the Middle East and the Red Sea region as well as Iran’s actions undermining freedom of navigation in the Middle East
All Firms
Situation as at 30 April 2026
Asset Manager
Situation as at 30 April 2026
All Firms
No description available.
The CSSF has formally repealed Circular IML 91/75 with immediate effect through the publication of Circular CSSF 26/912 on 22 May 2026. Compliance teams for Luxembourg UCIs and related structures must now ensure that no policies, procedures or prospectus provisions continue to rely on or reference IML 91/75, and instead rely on the current UCI, SIF, SICAR and EU fund law framework and subsequent CSSF circulars and administrative practice.
What Changed
- - Circular IML 91/75, which set out rules for Luxembourg undertakings governed by the Law of 30 March 1988 on undertakings for collective investment, is repealed in full with effect from 22 May 2026...
- All amendments to Circular IML 91/75 introduced by Circulars CSSF 05/177, 18/697, 21/790, 22/811 and 25/901 are implicitly repealed as part of the repeal of IML 91/75 itself.
- The regulatory expectations previously contained in IML 91/75 are now either superseded by later Luxembourg fund laws (including post‑1988 UCI legislation and regimes for SICARs and SIFs), later CSSF...
- The historical link to the Law of 30 March 1988 on undertakings for collective investment is effectively severed at circular level, confirming that the operative framework is now the modern suite of...
- IML 91/75 is flagged as archived by the CSSF as of 22 May 2026, clarifying that it has no continuing normative or interpretative value as a live supervisory instrument.
Suggested Considerations
- Identify and inventory all internal and external documents (including policies, procedures, compliance manuals, prospectuses, offering documents, service agreements and SLAs) that reference Circular IML 91/75 or its amending Circulars CSSF 05/177, 18/697, 21/790, 22/811 and 25/901.
- Remove or replace all references to Circular IML 91/75 and its amending circulars in compliance frameworks, manuals, registers of applicable rules and control libraries, ensuring they are mapped instead to the current applicable UCI, SIF, SICAR, AIFM and relevant CSSF circulars.
- Perform a gap analysis to confirm that all substantive topics previously governed by IML 91/75 in your framework are now fully covered by current Luxembourg laws, EU fund regulations and up‑to‑date CSSF circulars and FAQs.
- Update training materials and onboarding content for compliance, portfolio management, risk and operations staff to reflect that IML 91/75 has been repealed and to direct staff to the current legal and regulatory sources governing UCIs and alternative funds.
- Adjust internal audit and compliance monitoring programs so that any test steps or key controls referencing IML 91/75 are updated to reference the applicable current provisions and CSSF administrative practice.
Key Dates
- Original Circular IML 91/75 entered into force, setting rules for undertakings governed by the Law of 30 March 1988 on undertakings for collective investment
- Circular CSSF 26/912 is published and takes effect, repealing Circular IML 91/75 (as amended) with immediate effect and archiving it from the same date
Compliance Impact
The immediate compliance risk is moderate: there are no new obligations, but relying on a repealed circular can create legal uncertainty, documentation inconsistencies and supervisory challenges during CSSF inspections. Failure to update frameworks may weaken control design, lead to outdated disclosures and reduce credibility with the CSSF in the event of reviews or thematic inspections.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundBank ESMA Guidelines on stress test scenarios under Article 28 of the Money Market Fund Regulation – Update 2025 (ESMA50-481369926-30585)
Circular CSSF 26/911 informs Luxembourg money market fund (MMF) managers that the CSSF is integrating ESMA’s 2025 update of the stress test scenarios under Article 28 of the Money Market Fund Regulation (MMFR), and that these new ESMA Guidelines now form part of the Luxembourg supervisory expectations. The circular repeals and replaces Circular CSSF 25/877 as of 26 May 2026 and requires MMFs and their managers to apply the 2025 stress test parameters for MMF reporting from the reporting date 30 June 2026 onwards, driving immediate model, data, and reporting changes.
What Changed
- - Circular CSSF 26/911 replaces Circular CSSF 25/877 and integrates ESMA’s 2025 Guidelines on stress test scenarios under Article 28 of Regulation (EU) 2017/1131 (MMFR), making the updated scenarios...
- The 2025 ESMA Guidelines (Ref. ESMA50-481369926-30585) update the common reference stress test parameters for MMFs, reflecting more recent market conditions and liquidity risk drivers than the 2024...
- The circular clarifies that MMFs and MMF managers must use the updated 2025 ESMA stress test scenarios when preparing the MMF reporting required under the MMFR and the related Commission Implementing...
- Circular CSSF 26/911 confirms that the 2025 Guidelines and their translations, published by ESMA on 26 March 2026, are now integrated into CSSF supervisory practice, following the ESMA process...
- The circular reiterates that MMFs and their managers must tailor the ESMA reference scenarios to the specificities of each MMF, adding additional risk factors or requirements where needed to ensure...
Suggested Considerations
- Identify all MMFs and MMF mandates in scope of Regulation (EU) 2017/1131 for which the CSSF is the competent authority and confirm that they are currently using the 2024 ESMA stress test framework under Circular CSSF 25/877.
- Obtain and review in detail the ESMA 2025 Guidelines on stress test scenarios (ESMA50-481369926-30585) and the annexed parameters as integrated by Circular CSSF 26/911, comparing them line‑by‑line to the 2024 version to map all methodological and parameter changes.
- Update the MMF stress testing policy and procedures to reference Circular CSSF 26/911 and the 2025 ESMA Guidelines, including explicit descriptions of the scenarios, calibration choices, modelling techniques, and governance for scenario approval.
- Recalibrate stress testing models and tools used for MMFs to reflect the 2025 common reference parameters, ensuring that interest rate shocks, credit spread moves, liquidity shocks, redemption scenarios, and concentration risks are aligned with the new ESMA specifications.
- Perform impact analyses on representative MMFs using both 2024 and 2025 parameters to quantify changes in stress outcomes, and prepare internal briefing materials for senior management and boards explaining the impacts on liquidity and risk profiles.
Key Dates
- ESMA publishes the English, French, and German translations of the 2025 Guidelines on stress test scenarios under Article 28 MMFR on its website, starting the two‑month period to application
- Circular CSSF 26/911 enters into force and Circular CSSF 25/877 is repealed and replaced, making the 2025 ESMA Guidelines the applicable stress testing framework in Luxembourg
- MMFs and MMF managers must apply the 2025 ESMA Guidelines for the preparation of the required MMF reporting as from the reporting date 30 June 2026 onwards, meaning that stress test calculations underlying this and subsequent reports must be based on the 2025 parameters
Compliance Impact
Non‑compliance with Circular CSSF 26/911 and the integrated 2025 ESMA stress test Guidelines can lead to MMF reporting deficiencies, supervisory findings, and potential risk‑management remediation measures imposed by the CSSF, including expectations to strengthen liquidity and governance. Persistent or material breaches could contribute to more intrusive supervisory engagement, restrictions on MMF activities, or sanctions under the MMFR and Luxembourg supervisory framework.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerBankHedge Fund
No description available.
All Firms
1° amending:(a) the Law of 5 April 1993 on the financial sector, as amended;(b) the Law of 17 December 2010 relating to undertakings for collective investment, as amended;(c) the Law of 18 December 2015 on the failure of credit institutions and certain investment firms, as amended;(d) the Law of 15 March 2016 on OTC derivatives, central counterparties and trade repositories and amending different laws relating to financial services, as amended;2° transposing:(a) Directive (EU) 2024/1619 of th...
Bank
No description available.
Asset Manager
Situation as at 31 March 2026
BankAsset ManagerBroker Dealer
Situation from March 2025 to March 2026
BankAsset ManagerBroker Dealer
Situation from March 2025 to March 2026
BankAsset ManagerBroker Dealer
Situation from March 2025 to March 2026
Asset ManagerBankBroker Dealer
relating to the issue of covered bonds
BankWealth ManagerAll Firms
on markets in financial instruments
BankAsset ManagerBroker Dealer
on market abuse
BankBroker DealerAsset Manager transposing Directive 2004/25/EC of the European Parliament and of the Council of 21 April 2004 on takeover bids
BankBroker DealerAsset Manager
Application of the Guidelines of the European Securities and Markets Authority for the criteria on the assessment of knowledge and competence under the Markets in Crypto Assets Regulation (MiCA) (ESMA35-24871704-2922)
Circular CSSF 26/909 specifies how the CSSF applies ESMA's Guidelines (ESMA35-24871704-2922) for assessing **knowledge and competence** criteria under MiCA, targeting staff involved in crypto-asset services. It matters because it enforces MiCA's staff certification requirements, ensuring Luxembourg CASPs meet EU-wide standards for consumer protection and operational integrity amid the full MiCA rollout on 30 December 2024.
What Changed
- - Adoption of ESMA Guidelines: CSSF mandates application of ESMA's criteria for evaluating staff knowledge and competence in crypto-asset services, including roles in custody, trading, portfolio...
- Assessment Framework: Firms must implement standardized tests and processes to verify staff qualifications, aligning with MiCA Article 62 on CASP authorization, focusing on technical crypto...
- No New Standalone Rules: This circular builds on prior CSSF MiCA circulars (e.g., 25/890 on crypto-asset classification), integrating competence checks into licensing dossiers and ongoing supervision.
Suggested Considerations
- Assess Staff Competence: Implement ESMA-guided evaluations (e.g., exams, certifications) for all relevant personnel handling crypto services; document results in governance frameworks.
- Update Policies and Training: Integrate competence criteria into HR, onboarding, and annual reviews; roll out MiCA-specific training on reporting, breaches, and governance.
- Licensing Dossier Enhancement: Include competence attestations in CSSF applications; appoint dedicated compliance/risk officers with verified qualifications.
- Ongoing Monitoring: Conduct regular audits, penetration tests, and incident planning; confirm compliance annually via management body statements.
- Early CSSF Engagement: Schedule dialogues and info sessions; create MiCA readiness scorecards for board and regulator discussions.
Key Dates
Circular CSSF 26/909 published; immediate application of ESMA competence guidelines.; [User-provided content]
Compliance Impact
Urgency: High – With publication today (1 April 2026) and MiCA's CASP regime live since 30 December 2024, firms face immediate supervisory scrutiny during licensing and VASP transitions ending 1 July 2026. Non-compliance risks authorization denial, enforcement, or operational halts, especially as CSSF audits dossiers for competence gaps amid Luxembourg's role as MiCA hub.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Crypto ExchangeBankFintech Administrative sanction imposed on BigRep SE
The CSSF imposed a €20,000 administrative fine on BigRep SE on 1 April 2026 for failing to comply with a CSSF order to publish, disseminate, store on the Officially Appointed Mechanism (OAM), and file its half-yearly financial report as of 30 June 2025, under the Luxembourg Transparency Law of 11 January 2008. This sanction underscores CSSF's strict enforcement of periodic disclosure obligations for issuers with Luxembourg as their home Member State, signaling heightened supervisory scrutiny on timely reporting.
What Changed
This is not a regulatory change but an enforcement action under the existing amended Law of 11 January 2008 on transparency requirements for issuers (Transparency Law). Key requirements reiterated include Article 4 (obligation to publish half-yearly financial reports), effective dissemination, storage on the OAM, and filing with CSSF, with CSSF empowered under Article 25(1) to impose fines for non-compliance, considering circumstances per Article 26a. This follows a prior €10,000 fine on the same issuer on 12 January 2026 for initial failure to publish the same report.
Suggested Considerations
- Issuers must ensure timely publication of periodic financial reports (half-yearly per Article 4, annual per Article 3) via effective dissemination, OAM storage (e.g., Luxembourg Stock Exchange systems), and CSSF filing.
- Respond promptly to any CSSF orders or injunctions to avoid escalated fines.
- Implement robust internal controls for reporting calendars, including automated reminders and pre-verification processes.
- Review and file any overdue reports immediately upon CSSF notification.
Key Dates
- Reference date for BigRep SE's half-yearly financial report that was not published
- Date of initial €10,000 fine for failure to publish the report
- Date of €20,000 fine for non-compliance with CSSF order on report dissemination, OAM storage, and CSSF filing
- Deadline to lodge appeal with the Tribunal administratif (three months from 1 April 2026 sanction, per Article 27)
Compliance Impact
Urgency: Medium – This enforcement highlights CSSF's proactive verification of disclosures and willingness to impose escalating fines (€10k initial, €20k for non-response, up to €40k in similar cases), but applies to specific non-compliance rather than new rules. It matters for Luxembourg-domiciled issuers as it demonstrates low tolerance for delays, potentially increasing audit focus on reporting processes and reputational risk from public sanctions.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
All Firms
Table listing the professional activities and the mandates performed
This CSSF publication is an updated table (in XLSX format) listing standardized professional activities and mandates for members of the management body/governing body and conducting officers, as required under points 105 and 107 of Circular CSSF 18/698. It matters because it ensures consistent, transparent reporting of senior personnel roles in Luxembourg investment fund managers (IFMs), supporting governance, conflict-of-interest management, and CSSF supervisory oversight. Compliance professionals must use this list to standardize disclosures in authorization files and ongoing reporting.
What Changed
- The document was originally published on 14 January 2019 and updated on 12 March 2026, reflecting revisions to the predefined list of professional activities and mandates[Source URL].
- Alignment with Circular CSSF 18/698 requirements for IFMs (management companies for UCIs and AIFs), specifying reportable roles like those in collective portfolio management, risk management,...
- Emphasis on detailed documentation of mandates to demonstrate fitness, properness, and avoidance of conflicts, including for shareholders with qualifying holdings.
- No entirely new requirements introduced, but the update likely incorporates evolving governance expectations, such as enhanced delegate oversight and AML/CFT compliance officer designations.
Suggested Considerations
- Download and use the XLSX table: Incorporate the exact list of activities/mandates into internal templates for reporting management body and conducting officer roles[Source URL].
- Update authorization and notification files: Include detailed CVs, criminal record extracts, wealth declarations, and organization charts for relevant personnel/shareholders; notify CSSF of changes (e.g., qualifying holdings, guarantees).
- Conduct fit-and-proper assessments: Ensure declarations cover all listed mandates, demonstrating no conflicts and adequate resources; perform initial/ongoing due diligence on delegates.
- Annual compliance review: Document roles in compliance monitoring plans, training, and reporting to senior management/CSSF; align with delegate oversight (e.g., risk-based monitoring of compliance, audit functions).
- Policy updates: Revise governance policies to reflect the updated list, including AML/CFT officer designations and own funds proofs.
Key Dates
- Publication of underlying Circular CSSF 18/698, setting baseline requirements
- Original publication of the list
- Latest update to the list, requiring immediate review and integration into reporting processes[Source URL]
financial year); - Compliance deadline for Circular 18/698 obligations, including governance reporting (e.g., 5 months after year-end)
Compliance Impact
Urgency: High – The March 12, 2026 update coincides with today's date, demanding immediate review to avoid supervisory findings during CSSF inspections or authorization processes. Non-compliance risks authorization delays, fines, or reputational damage, as Circular 18/698 emphasizes robust governance in a heightened scrutiny environment for IFMs (e.g., delegate oversight, AML).
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerBankAll Firms
Situation as at 28 February 2026
BankAsset ManagerBroker Dealer
Administrative sanction imposed on an investment firm
The CSSF imposed an administrative sanction on 8 October 2025 against an unnamed investment firm, as detailed in a publication released on 4 March 2026. This enforcement action underscores CSSF's rigorous oversight of investment firms, particularly in areas like AML/CFT compliance, conduct rules, and organizational requirements, serving as a warning for similar entities to strengthen cooperation and internal controls. It matters because it highlights escalating fines for repeated or material breaches, potentially influencing supervisory expectations across Luxembourg's financial sector.
What Changed
- No new regulatory changes or requirements are introduced; this is an enforcement action applying existing rules.
- Failure to cooperate with CSSF requests, e.g., not submitting required AML/CFT questionnaires by deadlines, violating Article 5(1) of the amended Law of 12 November 2004 on AML/CFT.
- Non-compliance with investment policies, organizational requirements, or conduct rules under the UCI Law (e.g., Articles 41, 43, 109), including improper broker exposures or valuation failures.
- These reflect ongoing enforcement of established frameworks like the AIFM Law, UCI Law, and AML/CFT Law, with fines calibrated by factors like breach duration, firm size, cooperation level, and prior...
Suggested Considerations
- Enhance cooperation protocols: Implement automated tracking for CSSF requests (e.g., questionnaires) with escalations for reminders; document all responses.
- Review investment compliance: Audit broker exposures, valuation processes, and subscription/redemption controls against UCI Law Articles 41-43, 109; suspend dealings if uncertainties arise.
- Strengthen governance: Conduct gap analyses on internal controls, risk assessments, and reporting for depositary/oversight functions per AIFM Law Article 19(9) and CDR 231/2013.
- Training and monitoring: Roll out firm-wide training on AML/CFT obligations (Article 5(1)) and perform reconciliations of assets/records; prepare for on-site/off-site CSSF inspections.
- Self-reporting: Proactively disclose prior breaches to mitigate fine severity.
Key Dates
- Date of prior depositary oversight fine
- Deadline for submitting CSSF AML/CFT Questionnaire (breach example from similar case)
- Date of fine imposition for UCITS investment policy breaches
- Date of fine imposition in comparable AIFM non-cooperation case
- Date of the sanction in question
Compliance Impact
Urgency: High - This matters due to CSSF's pattern of publicizing nominative sanctions (e.g., Max Gain Capital, Zeus Asset Management), signaling increased scrutiny on investment firms amid AML/CFT and conduct risks. Fines (EUR 10,000–127,500) represent material hits (up to 10% of turnover), with factors like poor cooperation amplifying penalties; firms with similar exposures face elevated inspection risk, especially post-2025 enforcement wave.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerBroker DealerWealth Manager
Situation from February 2025 to February 2026
BankAsset ManagerBroker Dealer
Situation from February 2025 to February 2026
BankAsset ManagerBroker Dealer
Situation from February 2025 to February 2026
Asset ManagerBankBroker Dealer
Conditions relating to the organisation of the credit institution issuing covered bonds
Bank
Conditions specific to each covered bond issue programme
Bank
No description available.
The CSSF has updated its FAQ on portfolio transparency requirements for UCITS ETFs, relaxing disclosure frequency from monthly to quarterly publication of detailed holdings while maintaining daily information sharing with market makers and authorized participants. This change aligns Luxembourg's regulatory framework more closely with Ireland's semi-transparent ETF approach and is designed to attract active asset managers to the Luxembourg domicile by reducing proprietary information exposure.
What Changed
- The update modifies two critical FAQ sections:
Portfolio Transparency Requirements (Question 12.1)
The CSSF has expanded and clarified its guidance to apply to all UCITS ETFs, not just actively...
- Daily disclosure to market participants: Market makers and authorized participants (APs) continue to receive detailed portfolio information on a daily basis to maintain efficient arbitrage mechanisms...
- Quarterly public disclosure: Investment Fund Managers (IFMs) must now publish detailed portfolio holdings to all investors at least quarterly with a maximum time lag of 30 business days (previously...
Suggested Considerations
- *For IFMs Managing UCITS ETFs:
- *Update disclosure procedures to transition from monthly to quarterly publication schedules for detailed portfolio holdings
- *Maintain daily information sharing with APs and market makers to support arbitrage mechanisms—this requirement remains unchanged
- *Revise prospectuses to reflect the new quarterly disclosure frequency and confirm compliance with the 30 business-day publication window
- *Document procedures for calculating the 30 business-day deadline from quarter-end
Key Dates
- CSSF publishes updated FAQ (effective immediately)
- Firms should implement changes promptly to ensure compliance with the new quarterly disclosure requirement
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset Manager
For which the CSSF is the relevant competent authority under Regulation (EU) No 236/2012 of the European Parliament and of the Council of 14 March 2012 on short selling and certain aspects of credit default swaps
BankBroker DealerAsset Manager
Situation as at 31 January 2026
BankAsset ManagerBroker Dealer
Situation from January 2025 to January 2026
BankAsset ManagerBroker Dealer
Situation from January 2025 to January 2026
BankAsset ManagerBroker Dealer
Situation from January 2025 to January 2026
Asset ManagerBankBroker Dealer
Administrative sanction imposed on Corestate Capital Holding S.A.
The CSSF published an administrative sanction on 6 February 2026 against Corestate Capital Holding S.A., likely for breaches in regulatory compliance such as depositary duties, oversight, or governance under Luxembourg financial laws, marking a repeat enforcement action following a prior sanction in June 2025. This matters for compliance professionals as it underscores CSSF's aggressive enforcement on alternative investment fund managers (AIFMs) and depositaries, signaling heightened scrutiny on safekeeping, oversight, and internal controls to prevent systemic risks in Luxembourg's fund sector. It highlights the regulator's willingness to impose public nominative sanctions, amplifying reputational damage alongside fines.
What Changed
No new regulatory changes or requirements are introduced; this is an enforcement action enforcing existing obligations under laws like the AIFM Law of 12 July 2013 (e.g., Articles 19(8), 19(9), 19(11) on safekeeping and oversight duties), the Law of 5 April 1993 on the financial sector, and Commission Delegated Regulation (EU) No 231/2013 (CDR 231/2013, e.g., Articles 92, 94, 96 on risk assessment, valuation verification, and cash flow monitoring).
Suggested Considerations
- Conduct immediate gap analysis: Review safekeeping processes for ownership verification (Article 19(8)(b) AIFM Law), ensuring transaction documentation, segregated account proofs, and full holding chain records are available at transaction points.
- Enhance oversight duties: Implement risk assessments per Article 92(1) CDR 231/2013, valuation compliance checks (Article 94), and cash remittance monitoring (Article 96); appoint delegates with due diligence.
- Strengthen governance: Update internal controls, procedures, and conflict-of-interest policies (e.g., director overlaps); ensure key documentation availability and evidence of controls.
- Firm-wide audit: For repeat offenders like Corestate, perform root-cause analysis on prior sanctions and submit remediation plans to CSSF if inspected.
- Training and reporting: Train staff on CSSF expectations; improve cooperation mechanisms to avoid AML/CFT fines for non-submission of requests.
Key Dates
- Prior administrative sanction imposed on Corestate Capital Holding S.A., indicating ongoing non-compliance issues
- Publication date of the current administrative sanction on Corestate Capital Holding S.A., effective immediately as a public enforcement notice
Compliance Impact
Urgency: High – This represents CSSF's pattern of public nominative fines (e.g., EUR 102,000 on JTC for depositary breaches, EUR 10,000 on Capitalis for AML non-cooperation), with escalation risks for repeat violations like Corestate's back-to-back sanctions. It matters due to Luxembourg's dominance in European fund assets (over EUR 5 trillion), where governance lapses can trigger outflows, license revocation, or cross-border ESMA scrutiny; firms must act preemptively to mitigate fines (typically EUR 10,000–102,000) and reputational harm from nominative publication.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerAll Firms
Administrative sanction imposed on Corestate Capital Holding S.A.
The CSSF published an administrative sanction on 6 February 2026 against Corestate Capital Holding S.A., likely imposing a fine for regulatory breaches, marking a repeat enforcement action following a prior sanction on the same entity dated 20 June 2025. This matters as it underscores CSSF's intensified supervisory scrutiny on Luxembourg-based investment managers, particularly regarding governance, asset safekeeping, and oversight duties under AIFM Law, signaling heightened enforcement risks for similar firms. Compliance teams should review it for patterns in depositary and transparency violations evident in recent CSSF cases.
What Changed
No new regulatory changes or requirements are introduced; this is an enforcement action highlighting non-compliance with existing obligations under Luxembourg's AIFM Law (notably Articles 19(8), 19(9), 19(11), and 51) and related delegated regulations like CDR 231/2013. Key breaches from analogous recent CSSF sanctions include inadequate safekeeping of assets (e.g., missing ownership verification and records), failure to oversee AIFM valuation policies and cash remittance timelines, improper delegation to custodians without due diligence, and weak internal governance such as conflicts of...
Suggested Considerations
- Conduct immediate gap analysis on depositary functions: Verify ownership chains, transaction documentation, segregated account reconciliations, and custodian delegations per AIFM Law Articles 19(8) and 19(11).
- Enhance oversight processes: Implement risk assessments for AIF strategies, valuation policy checks, and cashflow monitoring per CDR 231/2013 Articles 92, 94, and 96.
- Strengthen governance: Review internal controls, procedures, and conflicts (e.g., director overlaps with affiliates); ensure availability of control evidence.
- For issuers like Corestate: Confirm compliance with half-yearly financial reporting and dissemination under Transparency Law Article 4.
- Firm-wide: Perform mock CSSF on-site inspections focusing on 2022-2025 periods, given inspection timelines in recent cases.
Key Dates
- Prior administrative sanction imposed on Corestate Capital Holding S.A
- Publication date of the current administrative sanction on Corestate Capital Holding S.A
Compliance Impact
Urgency: High – This represents repeat enforcement on Corestate (second sanction in under a year), aligning with CSSF's pattern of nominative publications for severe, ongoing breaches in depositary and governance areas, as seen in JTC (EUR 102,000 fine for similar safekeeping/oversight failures) and BigRep SE (EUR 10,000 for reporting lapses). It elevates risks of fines, reputational damage, and market jeopardy assessments under AIFM Law Article 51, urging preemptive remediation amid CSSF's active 2023-2026 inspection cycle.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerAll Firms
No description available.
Asset ManagerHedge Fund
No description available.
The Commission de Surveillance du Secteur Financier (CSSF) has updated its FAQ on crypto-asset investments by undertakings for collective investment, effective February 4, 2026, to align with the EU's Markets in Crypto-Assets Regulation (MiCAR). This update establishes clear investment limits and licensing requirements for UCITS and AIFs investing in crypto-assets, fundamentally reshaping how Luxembourg-regulated funds can structure crypto exposure.
What Changed
The regulatory framework introduces several material modifications:
Investment Exposure Limits
UCITS may invest indirectly in crypto-assets for a maximum of 10% of their net asset value (NAV). These indirect investments are restricted to transferable securities that do not embed derivatives. AIFs open to retail investors other than well-informed investors face the same 10% NAV ceiling.
MiCAR Alignment
The FAQ modifications directly reflect the entry into force of Regulation (EU) 2023/1114 on markets in crypto-assets.
Suggested Considerations
- *For UCITS Managers:
- by-case assessment of crypto-asset investment impact on fund risk profiles
- specific risks (volatility, liquidity, technological risk)
- asset investments
- *For AIFMs Managing AIFs with Crypto Exposure:
Key Dates
- FAQ Version 7 effective date; MiCAR compliance requirements become operative
- Deadline for Virtual Asset Service Providers (VASPs) to transition from registration to authorization under MiCAR or cease operations
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundFintech
Version 7 – 04/02/2026
The CSSF has released Version 7 of its FAQ on Crypto-Assets for Undertakings for Collective Investment, updated on February 4, 2026, to reflect the entry into force of the Markets in Crypto-Assets Regulation (MiCAR). This guidance establishes binding investment limits, authorization requirements, and risk management standards for UCITS and AIFs investing in crypto-assets, fundamentally reshaping how Luxembourg-regulated collective investment schemes can engage with digital assets.
What Changed
The most significant regulatory modifications in Version 7 include:
Investment Limits for UCITS
UCITS may invest indirectly in crypto-assets for a maximum of 10% of their net asset value (NAV). These indirect investments are limited to transferable securities that do not embed derivatives in accordance with Article 10 of the Grand-ducal Regulation of 8.
Investment Limits for AIFs
AIFs open to retail investors other than well-informed investors may invest in crypto-assets for a maximum of 10% of their NAV.
Suggested Considerations
- *Immediate Compliance Steps:
- *Portfolio Audit: Conduct a comprehensive review of all UCITS and AIF holdings to identify current and potential crypto-asset exposures, both direct and indirect (including derivatives with crypto underlyings).
- *Investment Policy Updates: Revise fund documentation, prospectuses, and investment policies to reflect the 10% NAV limits and MiCAR compliance requirements.
- *Risk Management Assessment: Update risk management policies to address crypto-asset volatility, liquidity, and technological risks, with case-by-case impact assessments on fund risk profiles.
- *Investor Notification: Ensure transparent and timely communication with investors regarding any crypto-asset investments or policy changes.
Key Dates
- FAQ Version 7 effective date (entry into force of MiCAR alignment)
- Deadline for Virtual Asset Service Providers (VASPs) to transition to CASP authorization or cease operations
- The FAQ does not specify a transition period for existing funds exceeding the 10% limit; firms should clarify this with the CSSF immediately
Compliance Impact
Urgency Rating: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundFintech
The CSSF informs the market regarding the outcomes of the SFTR Data Quality indicators review performed in 2025
BankBroker DealerPayment Provider
No description available.
BankBroker Dealer
Press release 26/02
BankBroker Dealer
No description available.
BankBroker DealerAsset Manager
Communiqué
The CSSF's January 2026 enforcement report documents the results of its 2025 examination campaign on 2024 financial and non-financial disclosures by issuers under Luxembourg's Transparency Law. This publication is critical for compliance professionals because it reveals systematic compliance gaps across financial reporting (IFRS), sustainability reporting (ESRS), and Alternative Performance Measures (APMs), with 27% of enforcement decisions resulting in injunctions for non-compliance.
What Changed
- The regulatory landscape has evolved significantly with the introduction of new sustainability reporting requirements:
- ESRS Implementation (First Year): 2024 marked the first full reporting year under the European Sustainability Reporting Standards (ESRS), with the CSSF conducting a fact-finding exercise to assess...
- Taxonomy Disclosures Amendment: On 4 July 2025, the European Commission adopted a Delegated Act amending the Taxonomy Disclosures as part of the Omnibus package, affecting Article 8 of the Taxonomy...
- Double Materiality Assessment (DMA) Focus: The CSSF emphasized the importance of issuers not only disclosing the results of their DMA but also explaining the process itself, including granular...
Suggested Considerations
- *Financial Information (IFRS):
- *Enhanced Note Disclosures: Provide sufficient disaggregation and additional information in financial statement notes for material amounts and variances, particularly where information is not presented on the face of primary statements. The CSSF emphasizes compliance with paragraph 112(c) of IAS 1.
- *Cash Flow Statement Presentation: Ensure cash flows are presented on a gross basis (not net), exclude non-cash transactions, and disclose restricted cash balances with accompanying management commentary as required by paragraph 48 of IAS 7.
- *Segment Reporting Completeness: Clearly disclose all income and expense items in segment reporting, even when not separately provided to or reviewed by the Chief Operating Decision Maker (CODM), if they are included in reported segment results.
- *Going Concern Assessment: Maintain high transparency regarding accounting policies and judgments applied when classifying going concern assumptions.
Key Dates
- CSSF published enforcement priorities press release for FY2024 reporting
- European Commission adopted Delegated Act amending Taxonomy Disclosures (Omnibus package)
- CSSF published full results of fact-finding exercise on ESRS reporting
- CSSF published enforcement results report (current publication)
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
All Firms
Administrative sanction imposed on BigRep SE
The CSSF imposed a €10,000 administrative fine on BigRep SE on 12 January 2026 for failing to publish its half-yearly financial report as of 30 June 2025, as required under Article 4 of Luxembourg's Transparency Law of 11 January 2008 (as amended). This enforcement action underscores the CSSF's rigorous supervision of periodic disclosure obligations for issuers with Luxembourg as their home Member State, serving as a reminder of the consequences for non-compliance with transparency requirements. Compliance professionals should note this as evidence of ongoing CSSF scrutiny on timely reporting, with potential fines scaled based on circumstances per Article 26a.
What Changed
This is not a regulatory change or new requirement but an enforcement of existing obligations under the Transparency Law of 11 January 2008 (as amended), specifically Article 4, which mandates issuers to publish half-yearly financial reports, including effective dissemination, storage on the Officially Appointed Mechanism (OAM), and filing with the CSSF. No new rules are introduced; the sanction reinforces the unchanged deadlines and processes for periodic information publication, with the CSSF acting under Article 25(2) as the competent authority.
Suggested Considerations
- Issuers: Immediately review internal processes for half-yearly financial reporting to ensure compliance with Article 4, including timely publication, OAM storage, and CSSF filing; conduct gap analyses against Transparency Law deadlines.
- All affected parties: Implement or enhance monitoring calendars for periodic disclosures, with automated alerts for period-ends like 30 June; perform mock filings to test dissemination and storage mechanisms.
- BigRep SE specifically: Consider appeal to Tribunal administratif within 3 months if contesting the fine; remediate the specific non-compliance by publishing the overdue report if not already done.
- wide actions are mandated beyond general adherence, but proactive audits are advisable given CSSF's supervisory focus.
Key Dates
- Period-end date for the required half-yearly financial report that BigRep SE failed to publish
- Date of administrative sanction imposition by CSSF and publication of the decision
(i.e., by 12 April 2026) - Deadline for BigRep SE to lodge a court action with the Tribunal administratif against the sanction, per Article 27 of the Transparency Law
Compliance Impact
Urgency: Medium – This matters as a specific enforcement example in CSSF's ongoing verification of periodic information publication, signaling heightened scrutiny rather than a systemic shift. While the €10,000 fine is modest, it demonstrates fines for even isolated breaches (scaled per Article 26a), potentially escalating for repeats; firms should prioritize reporting calendars to avoid reputational harm and publication of sanctions under Article 26b(1).
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
All Firms
Revision and remodelling of the rules to which Luxembourg undertakings governed by the Law of 30 March 1988 on undertakings for collective investment (“UCI”) are subject
Circular IML 91/75, as amended up to CSSF Circular 25/901, consolidates and modernizes the supervisory framework for Luxembourg Part II UCIs, SIFs, and SICARs, refining rules on diversification, borrowing, risk-spreading, and disclosures while tailoring requirements to investor profiles. It matters because it streamlines fragmented regulations, enhances fund competitiveness, and formalizes CSSF expectations without mandating immediate changes for pre-existing funds, reducing compliance burdens while promoting transparency and flexibility. This update aligns administrative practices with market realities, repealing outdated circulars to eliminate ambiguity.
What Changed
- - Consolidation and Repeals: Repeals CSSF Circulars 02/80, 07/309, 06/241, and Chapters G and I of IML 91/75; renders CSSF 08/356 and Chapter H of IML 91/75 inapplicable to Part II UCIs.
- Flexible Diversification Rules: Introduces investor-category-based thresholds (e.g., stricter for retail, looser for sophisticated investors); allows CSSF derogations for SIFs/Part II UCIs with...
- Borrowing Limits: New limits for SIFs/Part II UCIs (e.g., 70% of net assets, excluding temporary borrowings tied to commitments); tailored by investor type.
- Enhanced Disclosures: Offering documents must detail investment policies, risks (especially private equity for retail), subscription/redemption processes, liquidity tools, gates, and amendment...
- SICAR Risk Capital: Modernizes definition to include equity, loans, bonds, mezzanine; clarifies direct/indirect investments with three cumulative elements (risk of total loss, no redemption rights,...
Suggested Considerations
- Review and update offering documents/prospectuses for enhanced transparency on risks, limits, borrowing, liquidity tools (e.g., gates, notice periods), redemption processes, and investor-specific warnings.
- Align fund documentation/terminology with CSSF Compilation of key concepts for consistency in filings and communications.
- Disclose ramp-up/wind-down periods, potential derogations, and life extensions clearly; seek CSSF approval for exemptions where justified.
- For SICARs: Ensure risk capital investments meet modernized criteria; apply look-through for limits.
- Assess portfolio compliance for new funds/compartments; leverage flexibility for sophisticated investors but maintain robust governance.
Compliance Impact
Urgency: Medium – Not critical as existing funds are grandfathered with no retroactive changes required, but high relevance for new launches or material updates post-19 Dec 2025. It matters for operational efficiency (streamlined rules reduce fragmentation) and investor protection (tailored risks/disclosures), potentially lowering long-term costs while mitigating supervisory scrutiny; failure to update docs could delay approvals or trigger CSSF queries.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundAll Firms
Rules applicable to undertakings for collective investment when they employ certain techniques and instruments relating to transferable securities and money market instruments
Circular CSSF 08/356, as amended by Circular CSSF 25/901, establishes detailed rules for Luxembourg undertakings for collective investment (UCIs), including UCITS and alternative investment funds (AIFs), on the use of techniques and instruments relating to transferable securities and money market instruments, such as securities lending, repo transactions, and over-the-counter (OTC) derivatives. It matters because it ensures investor protection, risk management, and market stability by imposing strict eligibility, collateral, and operational requirements, aligning Luxembourg funds with EU standards under UCITS and AIFMD directives. Compliance is critical for Luxembourg-domiciled funds engaging in these activities to avoid regulatory sanctions and operational disruptions.
What Changed
- The original Circular CSSF 08/356 (2008) transposed UCITS III requirements on eligible techniques like securities lending and repos.
- Expanded collateral rules: Collateral must now include sustainable assets meeting SFDR criteria, with daily marking-to-market and haircuts adjusted for liquidity and credit risk (Section 3).
- Counterparty exposure limits: Net exposure to a single OTC counterparty capped at 10% of net asset value (NAV), down from previous thresholds in some cases, with mandatory collateralization (Section...
- Operational safeguards: Mandatory use of triparty agents for repos, enhanced segregation of collateral, and annual stress testing disclosures (Section 5, as amended).
- Reporting enhancements: Quarterly reports to CSSF on transaction volumes, risks, and revenues from these activities (Annex 1, updated).
These align with ESMA guidelines (e.g., ESMA/2012/832 on OTC...
Suggested Considerations
- *Policy Review & Update: Revise fund prospectuses, KIIDs, and risk management policies to reflect amended limits (e.g., counterparty caps, ESG collateral) within 3 months of 01 January 2026.
- *Risk Management Systems: Implement or upgrade systems for daily collateral valuation, stress testing, and exposure monitoring; conduct gap analysis against Section 4 requirements.
- *Counterparty Due Diligence: Reassess OTC counterparties for eligibility (e.g., EMIR clearing thresholds); negotiate ISDA/CSA agreements with updated haircuts.
- *Operational Setup: Appoint triparty agents where required; ensure collateral segregation complies with Section 5.
- *Reporting & Disclosure: Prepare for new quarterly CSSF filings (template in Annex 1); disclose revenues/reinvestments from techniques in annual reports (Article 14 UCITS Law).
Key Dates
- Original Circular CSSF 08/356 effective date for UCITS III implementation
- Partial updates for UCITS IV alignment
- Extension to AIFs under AIFMD transposition
- Issuance of amending Circular CSSF 25/901
- Effective date for amendments (e.g., new collateral rules, reporting formats)
Compliance Impact
Urgency: High - Immediate relevance for funds actively using these techniques (common in fixed-income and equity strategies for yield enhancement). Non-compliance risks CSSF fines (up to 5% of NAV), temporary prohibitions on techniques, or fund suspension. With the 01 January 2026 effective date recently passed (as of current context), firms face heightened scrutiny in 2026 reporting cycles; proactive remediation avoids enforcement actions amid CSSF's focus on operational resilience.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundWealth Manager
Provisions relating to credit institutions and investment firms of EU origin established in Luxembourg by way of branches or exercising activities in Luxembourg by way of free provision of services
Circular CSSF 07/325, as amended by Circulars CSSF 21/765, CSSF 22/827, and most recently CSSF 25/898, establishes supervisory requirements for EU credit institutions and investment firms operating in Luxembourg via branches or free provision of services (FOPS). It matters for compliance professionals as it defines CSSF's host authority role, notification obligations, reporting, and enforcement powers, ensuring alignment with CRD and MiFID II while adapting to evolving EU rules.
What Changed
- - CSSF 21/765: Updated provisions following amendments to CSSF Regulation No 12-02, refining notification and operational requirements for branches and FOPS.
- CSSF 22/827: Further amendments to align with CRD and MiFID II changes, including enhanced notifications for programme alterations (e.g., one-month prior written notice for changes in operations,...
- CSSF 25/898: Latest update (noted in CSSF Newsletter No 298, November 2025), incorporating recent legal/regulatory developments, such as refined reporting via eDesk portal, AML/CFT compliance...
Suggested Considerations
- Notifications: Submit initial branch/FOPS notification to home authority (including operational programme); notify changes (e.g., services, locations) at least one month in advance to both home authority and CSSF.
- Reporting: Complete and sign SAQ (accurate, concise, true/fair view) via eDesk within six months post-year-end; provide REA-appraised AML/CFT and conduct reports, detailing branch procedures/controls.
- Supervision cooperation: Facilitate home/CSSF on-site inspections (with professional secrecy guarantees); ensure branch compliance with Luxembourg laws (e.g., LFS Article 46(2)).
- Ongoing: Maintain branch infrastructure, update for legal changes, and align with CSSF user guides for eDesk authentication.
Key Dates
- Notify CSSF and home authority in writing of programme changes (e.g., operations, services, additional places of business) per CRD Article 36(3) and MiFID II Article 35(10)
- Home state authority communicates notification file to CSSF for branch/FOPS establishment
end; - Submit electronically signed SAQ (via eDesk), annual AML/CFT and conduct of business report (per Circular CSSF 19/731, to be repealed by CSSF 25/902), reviewed by REA
Compliance Impact
Urgency: Medium - Matters due to recurring annual reporting (e.g., SAQ, AML/CFT within six months post-year-end) and prior notifications for changes, with CSSF enforcement powers (e.g., measures under LFS Article 46(2)) for non-compliance. Recent CSSF 25/898 update (Nov 2025) requires immediate review of processes for digital submissions, but no retroactive changes or hard deadlines post-2025; grandfathering for pre-existing setups reduces immediate pressure.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankBroker Dealer
Update of Circular CSSF 07/325 on Provisions relating to credit institutions and investment firms of EU origin established in Luxembourg by way of branches or exercising activities in Luxembourg by way of free provision of services, as amended by Circulars CSSF 21/765 and CSSF 22/827
Circular CSSF 25/898 updates Luxembourg's supervisory framework for EU-origin credit institutions and investment firms operating in Luxembourg through branches or free provision of services. This amendment enhances the self-assessment questionnaire (SAQ) used by the CSSF to align supervisory oversight with current regulatory priorities, particularly adding UCI administration as a new thematic module. The update reflects the CSSF's evolving supervisory focus and requires affected institutions to demonstrate compliance with expanded assessment criteria.
What Changed
- The circular introduces the following material modifications to Circular CSSF 07/325:
New Supervisory Module
- UCI administration has been added as a thematic module to the self-assessment questionnaire, reflecting increased regulatory attention to fund administration practices.
Enhanced Self-Assessment...
- Existing modules have been updated to better align with supervisory objectives and current regulatory priorities.
- The revised SAQ now captures a broader range of supervisory points of focus relevant to branch operations and cross-border service provision.
Scope Clarification
- The circular applies to credit institutions whose head office is in another EU Member State and to investment firms of EU origin established in Luxembourg by way of branches or exercising activities...
Suggested Considerations
- *Update Self-Assessment Processes
- Revise internal SAQ completion procedures to address the new UCI administration module
- Ensure all thematic modules reflect current supervisory expectations
- *Assess UCI Administration Compliance
- If the institution provides or is involved in UCI administration services, conduct a detailed assessment of compliance with CSSF expectations
Key Dates
- Circular CSSF 25/898 published by the CSSF
- Related modernization framework (Circular CSSF 25/901) entered into force for Part II UCIs, SIFs, and SICARs
- Institutions should align their SAQ responses and compliance documentation with the updated framework immediately upon publication
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankBroker DealerAsset Manager