No description available.
The CSSF has formally repealed Circular IML 91/75 with immediate effect through the publication of Circular CSSF 26/912 on 22 May 2026. Compliance teams for Luxembourg UCIs and related structures must now ensure that no policies, procedures or prospectus provisions continue to rely on or reference IML 91/75, and instead rely on the current UCI, SIF, SICAR and EU fund law framework and subsequent CSSF circulars and administrative practice.
What Changed
- - Circular IML 91/75, which set out rules for Luxembourg undertakings governed by the Law of 30 March 1988 on undertakings for collective investment, is repealed in full with effect from 22 May 2026...
- All amendments to Circular IML 91/75 introduced by Circulars CSSF 05/177, 18/697, 21/790, 22/811 and 25/901 are implicitly repealed as part of the repeal of IML 91/75 itself.
- The regulatory expectations previously contained in IML 91/75 are now either superseded by later Luxembourg fund laws (including post‑1988 UCI legislation and regimes for SICARs and SIFs), later CSSF...
- The historical link to the Law of 30 March 1988 on undertakings for collective investment is effectively severed at circular level, confirming that the operative framework is now the modern suite of...
- IML 91/75 is flagged as archived by the CSSF as of 22 May 2026, clarifying that it has no continuing normative or interpretative value as a live supervisory instrument.
Suggested Considerations
- Identify and inventory all internal and external documents (including policies, procedures, compliance manuals, prospectuses, offering documents, service agreements and SLAs) that reference Circular IML 91/75 or its amending Circulars CSSF 05/177, 18/697, 21/790, 22/811 and 25/901.
- Remove or replace all references to Circular IML 91/75 and its amending circulars in compliance frameworks, manuals, registers of applicable rules and control libraries, ensuring they are mapped instead to the current applicable UCI, SIF, SICAR, AIFM and relevant CSSF circulars.
- Perform a gap analysis to confirm that all substantive topics previously governed by IML 91/75 in your framework are now fully covered by current Luxembourg laws, EU fund regulations and up‑to‑date CSSF circulars and FAQs.
- Update training materials and onboarding content for compliance, portfolio management, risk and operations staff to reflect that IML 91/75 has been repealed and to direct staff to the current legal and regulatory sources governing UCIs and alternative funds.
- Adjust internal audit and compliance monitoring programs so that any test steps or key controls referencing IML 91/75 are updated to reference the applicable current provisions and CSSF administrative practice.
Key Dates
- Original Circular IML 91/75 entered into force, setting rules for undertakings governed by the Law of 30 March 1988 on undertakings for collective investment
- Circular CSSF 26/912 is published and takes effect, repealing Circular IML 91/75 (as amended) with immediate effect and archiving it from the same date
Compliance Impact
The immediate compliance risk is moderate: there are no new obligations, but relying on a repealed circular can create legal uncertainty, documentation inconsistencies and supervisory challenges during CSSF inspections. Failure to update frameworks may weaken control design, lead to outdated disclosures and reduce credibility with the CSSF in the event of reviews or thematic inspections.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundBank Repeal of Circular IML 91/75 related to the revision and remodelling of the rules to which Luxembourg undertakings governed by the Law of 30 March 1988 on undertakings for collective investment (“UCI”) are subject
The CSSF has issued Circular CSSF 26/912, formally repealing Circular IML 91/75 (and its amendments) governing Luxembourg UCIs under the (now repealed) Law of 30 March 1988 on undertakings for collective investment. This is a technical clean‑up measure that removes an obsolete circular from the rulebook and confirms that the 1991 governance, organisational and investment rules under IML 91/75 no longer apply.
What Changed
- - Circular IML 91/75, including its amendments by Circulars CSSF 05/177, 18/697, 21/790, 22/811 and 25/901, is formally repealed by Circular CSSF 26/912.
- The rules on “revision and remodelling of the rules to which Luxembourg undertakings governed by the Law of 30 March 1988 on undertakings for collective investment are subject” no longer form part of...
- Supervisory expectations for Luxembourg UCIs are now to be derived exclusively from the current UCI regime (notably the Law of 17 December 2010 relating to undertakings for collective investment and...
- Any internal compliance mappings, policy references, or control frameworks that still cite Circular IML 91/75 or its amending circulars must be treated as referencing repealed guidance and should be...
Suggested Considerations
- Update your regulatory inventory and obligation registers to reflect that Circular IML 91/75 and its amending circulars (CSSF 05/177, 18/697, 21/790, 22/811 and 25/901) have been repealed by Circular CSSF 26/912 as of 22 May 2026.
- Verify that your compliance monitoring programmes and internal audit test plans do not rely on requirements sourced from Circular IML 91/75, and re-align any such tests to the currently applicable legal and regulatory standards.
- Communicate the repeal of Circular IML 91/75 internally to legal, compliance, risk, product, and fund administration teams to prevent continued reliance on obsolete rules in ongoing or future projects.
- For any ongoing remediation, authorisation or approval processes that previously cited IML 91/75 as justification for a control design, reassess and document those controls against the current CSSF requirements that have effectively replaced or superseded the 1991 framework.
- Maintain an audit trail evidencing the update of documentation and registers in response to Circular CSSF 26/912, including board or senior management notification where your governance framework requires it for changes in regulatory obligations.
Key Dates
- Original Circular IML 91/75 on revision and remodelling of rules applicable to UCIs under the Law of 30 March 1988 is issued (subsequently amended by later circulars)
- Circular CSSF 26/912 is published and Circular IML 91/75 (as amended by Circulars CSSF 05/177, 18/697, 21/790, 22/811 and 25/901) is repealed and archived
Compliance Impact
The immediate compliance risk is low, as the circular repeals an already outdated framework; however, continuing to reference or rely on Circular IML 91/75 could create documentation inconsistencies, misalignment with current CSSF expectations and weaknesses in regulatory audits or inspections.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundBank
ESMA Guidelines on stress test scenarios under Article 28 of the Money Market Fund Regulation – Update 2025 (ESMA50-481369926-30585)
Circular CSSF 26/911 informs Luxembourg money market fund (MMF) managers that the CSSF is integrating ESMA’s 2025 update of the stress test scenarios under Article 28 of the Money Market Fund Regulation (MMFR), and that these new ESMA Guidelines now form part of the Luxembourg supervisory expectations. The circular repeals and replaces Circular CSSF 25/877 as of 26 May 2026 and requires MMFs and their managers to apply the 2025 stress test parameters for MMF reporting from the reporting date 30 June 2026 onwards, driving immediate model, data, and reporting changes.
What Changed
- - Circular CSSF 26/911 replaces Circular CSSF 25/877 and integrates ESMA’s 2025 Guidelines on stress test scenarios under Article 28 of Regulation (EU) 2017/1131 (MMFR), making the updated scenarios...
- The 2025 ESMA Guidelines (Ref. ESMA50-481369926-30585) update the common reference stress test parameters for MMFs, reflecting more recent market conditions and liquidity risk drivers than the 2024...
- The circular clarifies that MMFs and MMF managers must use the updated 2025 ESMA stress test scenarios when preparing the MMF reporting required under the MMFR and the related Commission Implementing...
- Circular CSSF 26/911 confirms that the 2025 Guidelines and their translations, published by ESMA on 26 March 2026, are now integrated into CSSF supervisory practice, following the ESMA process...
- The circular reiterates that MMFs and their managers must tailor the ESMA reference scenarios to the specificities of each MMF, adding additional risk factors or requirements where needed to ensure...
Suggested Considerations
- Identify all MMFs and MMF mandates in scope of Regulation (EU) 2017/1131 for which the CSSF is the competent authority and confirm that they are currently using the 2024 ESMA stress test framework under Circular CSSF 25/877.
- Obtain and review in detail the ESMA 2025 Guidelines on stress test scenarios (ESMA50-481369926-30585) and the annexed parameters as integrated by Circular CSSF 26/911, comparing them line‑by‑line to the 2024 version to map all methodological and parameter changes.
- Update the MMF stress testing policy and procedures to reference Circular CSSF 26/911 and the 2025 ESMA Guidelines, including explicit descriptions of the scenarios, calibration choices, modelling techniques, and governance for scenario approval.
- Recalibrate stress testing models and tools used for MMFs to reflect the 2025 common reference parameters, ensuring that interest rate shocks, credit spread moves, liquidity shocks, redemption scenarios, and concentration risks are aligned with the new ESMA specifications.
- Perform impact analyses on representative MMFs using both 2024 and 2025 parameters to quantify changes in stress outcomes, and prepare internal briefing materials for senior management and boards explaining the impacts on liquidity and risk profiles.
Key Dates
- ESMA publishes the English, French, and German translations of the 2025 Guidelines on stress test scenarios under Article 28 MMFR on its website, starting the two‑month period to application
- Circular CSSF 26/911 enters into force and Circular CSSF 25/877 is repealed and replaced, making the 2025 ESMA Guidelines the applicable stress testing framework in Luxembourg
- MMFs and MMF managers must apply the 2025 ESMA Guidelines for the preparation of the required MMF reporting as from the reporting date 30 June 2026 onwards, meaning that stress test calculations underlying this and subsequent reports must be based on the 2025 parameters
Compliance Impact
Non‑compliance with Circular CSSF 26/911 and the integrated 2025 ESMA stress test Guidelines can lead to MMF reporting deficiencies, supervisory findings, and potential risk‑management remediation measures imposed by the CSSF, including expectations to strengthen liquidity and governance. Persistent or material breaches could contribute to more intrusive supervisory engagement, restrictions on MMF activities, or sanctions under the MMFR and Luxembourg supervisory framework.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerBankHedge Fund
ESMA Guidelines on Liquidity Management Tools (LMTs) of UCITS and open-ended AIFs (ESMA34-671404336-1364)
Circular CSSF 26/910 announces the CSSF's application of ESMA Guidelines on Liquidity Management Tools (LMTs) for UCITS and open-ended AIFs, establishing standards for selecting, calibrating, and using LMTs to manage liquidity risks and mitigate financial stability threats. This matters for Luxembourg investment fund managers (IFMs) as it enforces uniform EU-wide supervisory practices under UCITS Directive Article 18a(2) and AIFMD Articles 16(2b)/(2c), holding IFMs primarily accountable for liquidity risk oversight.
What Changed
- - Adoption of ESMA Guidelines: CSSF formally applies ESMA's guidelines (ESMA34-671404336-1364), focusing on LMT selection (e.g., redemption gates, suspension of redemptions/dealings, side pockets),...
- Calibration Requirements: IFMs must demonstrate fair and reasonable ADT calibration for normal and stressed conditions, including explicit transaction costs and, where appropriate, estimated implicit...
- LMT Recommendations: IFMs should select at least one quantitative-based LMT, one ADT, one for normal conditions, and one for stressed conditions; consider additional measures.
- Scope Expansion Recommendation: Open-ended SIFs (not under Part II of the 2010 Law) should consider the circular alongside Commission Delegated Regulation (EU) 2026/465.
Suggested Considerations
- Review and Update Policies: IFMs must select, calibrate, activate/deactivate LMTs per ESMA guidelines, documenting fair/reasonable ADT calibration (e.g., transaction costs, market impact analysis).
- Demonstrate Compliance: Be prepared to show regulators liquidity risk management, including at least one quantitative LMT, one ADT, and condition-specific tools; integrate with UCITS/AIFMD requirements.
- Risk Management Integration: Ensure primary responsibility for LMTs, with consistent supervisory application; open-ended SIFs to cross-reference with (EU) 2026/465.
- Supervisory Preparedness: Maintain records of previous transactions for market impact estimation and overall LMT rationale.
Key Dates
Publication and CSSF application date of ESMA Guidelines via Circular CSSF 26/910
Compliance Impact
Urgency: High – Published today (15 April 2026), this imposes immediate supervisory expectations on liquidity risk management for Luxembourg's dominant fund sector, where non-compliance risks enforcement under UCITS/AIFMD. IFMs must promptly review LMT frameworks to avoid supervisory scrutiny, especially amid potential market stress.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge Fund
Application of the Guidelines of the European Securities and Markets Authority for the criteria on the assessment of knowledge and competence under the Markets in Crypto Assets Regulation (MiCA) (ESMA35-24871704-2922)
Circular CSSF 26/909 specifies how the CSSF applies ESMA's Guidelines (ESMA35-24871704-2922) for assessing **knowledge and competence** criteria under MiCA, targeting staff involved in crypto-asset services. It matters because it enforces MiCA's staff certification requirements, ensuring Luxembourg CASPs meet EU-wide standards for consumer protection and operational integrity amid the full MiCA rollout on 30 December 2024.
What Changed
- - Adoption of ESMA Guidelines: CSSF mandates application of ESMA's criteria for evaluating staff knowledge and competence in crypto-asset services, including roles in custody, trading, portfolio...
- Assessment Framework: Firms must implement standardized tests and processes to verify staff qualifications, aligning with MiCA Article 62 on CASP authorization, focusing on technical crypto...
- No New Standalone Rules: This circular builds on prior CSSF MiCA circulars (e.g., 25/890 on crypto-asset classification), integrating competence checks into licensing dossiers and ongoing supervision.
Suggested Considerations
- Assess Staff Competence: Implement ESMA-guided evaluations (e.g., exams, certifications) for all relevant personnel handling crypto services; document results in governance frameworks.
- Update Policies and Training: Integrate competence criteria into HR, onboarding, and annual reviews; roll out MiCA-specific training on reporting, breaches, and governance.
- Licensing Dossier Enhancement: Include competence attestations in CSSF applications; appoint dedicated compliance/risk officers with verified qualifications.
- Ongoing Monitoring: Conduct regular audits, penetration tests, and incident planning; confirm compliance annually via management body statements.
- Early CSSF Engagement: Schedule dialogues and info sessions; create MiCA readiness scorecards for board and regulator discussions.
Key Dates
Circular CSSF 26/909 published; immediate application of ESMA competence guidelines.; [User-provided content]
Compliance Impact
Urgency: High – With publication today (1 April 2026) and MiCA's CASP regime live since 30 December 2024, firms face immediate supervisory scrutiny during licensing and VASP transitions ending 1 July 2026. Non-compliance risks authorization denial, enforcement, or operational halts, especially as CSSF audits dossiers for competence gaps amid Luxembourg's role as MiCA hub.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Crypto ExchangeBankFintech Survey on the amount of covered deposits held on 31 March 2026
Circular CSSF-CPDI 26/50 mandates a recurring annual survey on the amount of **covered deposits** held as of **31 March 2026** by specified Luxembourg credit institutions, to support the Fonds de garantie des dépôts Luxembourg (FGDL) in meeting Deposit Guarantee Scheme (DGS) requirements under the 2015 Law and DGSD. This matters for compliance as it ensures institutions contribute accurately to the FGDL's buffer (targeting 2% of covered deposits by 2026), with data also feeding into Single Resolution Board (SRB) calculations for resolution funding.
What Changed
This circular introduces no substantive changes to survey content, methodology, or reporting specifications compared to prior issuances (e.g., CSSF-CPDI 25/49 for 31 December 2025). Updates are limited to the reference date (31 March 2026) and associated deadlines, maintaining the risk-based ex-ante contribution method from Circular CSSF-CPDI 20/21 and quarterly reporting under CSSF-CPDI 17/07.
Suggested Considerations
- Compile data on covered deposits (eligible deposits up to €100,000 per depositor, per Article 163 of 2015 Law), excluding items per Article 172 (e.g., financial institutions, life insurance).
- Report detailed breakdowns: total eligible/covered deposits, omnibus/fiduciary accounts (with beneficiary counts), natural vs. legal persons, branch-level data.
- Submit via specified format (per attached specs, unchanged from priors) to CPDI by deadline; quarterly data ongoing per CSSF-CPDI 17/07.
- Ensure alignment with FGDL contributions under CSSF-CPDI 25/48.
Key Dates
- Reference date for snapshot of covered deposits
(inferred from pattern in prior circulars like 25/49) - Likely submission deadline for survey data to CPDI (exact date in full PDF; aligns with one-month post-reference in predecessors)
Compliance Impact
Urgency: High – Immediate action required today (publication date) to prepare for 31 March 2026 snapshot (just 5 days away), with submission likely due early May 2026. Non-compliance risks FGDL penalties, inaccurate contributions (impacting 0.8% extra buffer to 2% DGSD minimum), and SRB reporting failures under Regulation (EU) 2015/63; recurring nature demands robust quarterly data processes.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
Amendment of Circular CSSF 18/703 on the introduction of a semi-annual reporting of borrower related residential real estate indicators
Circular CSSF 26/908 amends Circular CSSF 18/703 to update semi-annual reporting requirements for borrower-related residential real estate indicators, enhancing supervisory oversight of credit risk in Luxembourg's financial sector. Published today (25 March 2026), it matters for credit institutions as it refines data collection to better monitor real estate lending exposures amid potential market vulnerabilities.
What Changed
The circular introduces amendments to the original Circular CSSF 18/703 (itself amended by Circulars CSSF 20/737 and 21/772), focusing on semi-annual reporting of indicators tied to borrowers in residential real estate. Specific changes are not detailed in the provided summary or full content excerpt, but they likely involve refinements to reporting templates, data granularity, or submission processes to align with evolving EU prudential standards on real estate risk monitoring. The updated consolidated version of Circular CSSF 18/703 is now available as a 258.91Kb PDF.
Suggested Considerations
- Download and review the full Circular CSSF 26/908 (291.96Kb PDF) and the updated consolidated Circular CSSF 18/703 (258.91Kb PDF) from the CSSF website: https://www.cssf.lu/en/Document/circular-cssf-26-908/.
- Conduct a gap analysis of current reporting processes against the amended requirements for borrower-related residential real estate indicators.
- Update internal systems, data collection templates, and reporting workflows to ensure accurate semi-annual submissions to the CSSF.
- Train relevant compliance, risk, and finance teams on changes; document compliance confirmations for audit trails.
Key Dates
- Original issuance of Circular CSSF 18/703 introducing semi-annual reporting
- Publication date of Circular CSSF 26/908 (today)
Compliance Impact
Urgency: Medium - This is a targeted amendment to existing reporting obligations rather than a new regime, reducing immediate disruption, but non-compliance risks supervisory scrutiny, fines, or enhanced monitoring given CSSF's focus on real estate risk. It matters for maintaining accurate credit risk data, especially in a potentially volatile residential property market, supporting broader prudential stability.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
Version of 9 March 2026
The CSSF Technical FAQ on Regulation No 20-08 provides implementation guidance on **loan-to-value (LTV) limits for residential real estate credit in Luxembourg**, establishing borrower-based macroprudential measures designed to limit leverage in the mortgage market. This guidance is critical for lenders operating in Luxembourg as it clarifies how to calculate own funds, determine LTV compliance, and apply temporary portfolio exemptions that have been extended through June 30, 2025.
What Changed
- The most recent update (March 9, 2026) to the Technical FAQ reflects the regulatory framework established by CSSF Regulation No 20-08 (as modified by Regulation No 24-10).
- First-time buyers: LTV limit of up to 100%
- Other buyers: LTV limit of 90%, implemented via portfolio allowance
Buy-to-Let Residential Loans:
- Standard LTV limit of 80%
- Temporary exemption (until June 30, 2025): Lenders may apply LTV ratios up to 95% for up to 10% of annual production
Other Residential Real Estate Loans:
Suggested Considerations
- *For all lenders:
- *Verify LTV compliance calculations for all new residential mortgage originations using the framework specified in the FAQ, ensuring own funds are calculated as actual equity contributions from borrowers
- *Implement dual LTV tracking for borrowers financing new property through sale of existing property, ensuring compliance with both interim and final LTV ratios
- *Document own funds sources carefully, particularly when cash collateral or sale proceeds are used, as these are only permitted for loans with initial LTV below 100%
- *Prepare for June 30, 2025 transition by:
Key Dates
- CSSF Regulation No 20-08 originally published
- Regulation and LTV limits became effective for residential real estate credit on Luxembourg territory
- CSSF Regulation No 24-04 introduced temporary adjustments to LTV limits
- CSSF Regulation No 24-10 extended temporary adjustments
- Most recent Technical FAQ version published (prior to March 9, 2026 update)
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankFintech
on the introduction of a semi-annual reporting of borrower-related residential real estate indicators
Circular CSSF 18/703 introduces semi-annual reporting requirements for Luxembourg-based lenders on borrower-related residential real estate (RRE) indicators to monitor macroprudential risks in the RRE lending market, in line with ESRB Recommendation 2016/14 (as amended). It matters for compliance because it mandates data collection via a dedicated CSSF template, with exclusions only for banks below EUR 10 million in outstanding RRE exposures, ensuring supervisory oversight of lending standards. The circular has been iteratively amended (CSSF 20/737, 21/772, 26/908), with the latest update on 25 March 2026 refining reporting processes.
What Changed
- - Original Scope (CSSF 18/703, 17 Dec 2018): Requires semi-annual reporting of RRE indicators for loans secured by Luxembourg residential real estate (existing dwellings, under construction,...
- Amendment CSSF 20/737 (19 Feb 2020): Clarified reporting thresholds and processes; banks with total outstanding RRE exposure ≤ EUR 10 million are exempt from reporting (no zero report needed if no...
- FAQ (19 Feb 2020): Specifies reporting for new exposures (Jan-Jun or Jul-Dec) and outstanding exposures as of 30 June/31 Dec; exemption applies only if exposure < EUR 10 million.
- Amendment CSSF 21/772 (10 May 2021): Further refinements to data template and indicators.
- Amendment CSSF 26/908 (25 Mar 2026): Latest update to reporting template and processes, effective immediately given publication date.
Data is collected via a CSSF template on the website, focusing on...
Suggested Considerations
- Download and use the dedicated RRE data template from the CSSF website (https://www.cssf.lu/en/Document/circular-cssf-18-703/).
- Assess total outstanding RRE exposure; if > EUR 10 million, collect data on new/outstanding exposures per reference dates (30 Jun/31 Dec).
- Ensure IT systems store/process RRE indicators (e.g., borrower debt metrics, collateral details) for semi-annual extraction.
- Submit reports to CSSF in April/October; review amendments (20/737, 21/772, 26/908) and FAQ for updates.
- For exempt banks: Confirm eligibility annually; no zero report required.
Key Dates
Original Circular CSSF 18/703 published; reporting obligation introduced
Circular CSSF 20/737 and FAQ published; clarified exemptions and scope
Circular CSSF 21/772 amendment published
Circular CSSF 26/908 amendment published (today's date); immediate implementation expected for upcoming cycles
annual); Reports due in April (ref. 31 Dec) and October (ref. 30 Jun) each year
Compliance Impact
Urgency: High – Ongoing semi-annual obligation with latest amendment today (25 Mar 2026, CSSF 26/908) likely affects the next October 2026 cycle (ref. 30 Jun 2026); non-compliance risks supervisory sanctions, as it supports macroprudential monitoring under ESRB framework. Firms must validate systems/data immediately post-amendment to avoid gaps in reporting population.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
Latest update on the AML/CFT standardised data collection
This CSSF circular letter addresses the 2026 AML/CFT standardised data collection exercise, aligning with AMLA's EU-wide initiatives by adopting AMLA-developed templates for most supervised entities while requiring specialised professionals to use CSSF-specific forms. It matters for Luxembourg financial firms as it mandates reporting on ML/TF risks and mitigation measures to support consistent EU supervision, with recent delays emphasizing preparation needs amid evolving templates.
What Changed
- - CSSF adopts AMLA-developed data collection templates for credit institutions, investment firms, and investment fund managers (excluding specialised professionals), replacing its prior questionnaire...
- Entities selected for AMLA's mandatory calibration exercise (notified directly by CSSF) must report quantitative and qualitative ML/TF risk data; non-selected entities still report via AMLA templates...
- Launch delayed from 2 March 2026 due to AMLA's consultation feedback on templates and guidance; new timelines and final questionnaire to be announced, but AMLA maintains 15 April 2026 submission for...
- Specialised professionals of the financial sector complete a separate CSSF questionnaire, launching earlier on 23 February 2026 (subject to delay).
Suggested Considerations
- Monitor CSSF communications for final questionnaire, launch dates, and eDesk access; prepare data on 2025 ML/TF risks and mitigation using current AMLA draft (not for submission).
- Selected AMLA calibration participants: Compile and submit quantitative/qualitative data via eDesk by 15 April 2026; attend 13 March webinar.
- Non-selected credit/financial institutions: Complete AMLA templates on ML/TF risks/mitigation for 2025 via eDesk upon launch.
- Specialised professionals: Prepare CSSF-specific questionnaire ahead of (delayed) 23 February launch.
- All: Ensure resources for timely reporting; review internal AML/CFT risk assessments for consistency with EU standards.
Key Dates
- Planned launch for specialised professionals' CSSF questionnaire (delayed per 11 March update)
- Original launch date for AMLA questionnaire and calibration exercise via eDesk platform (delayed)
- AMLA webinar (10:00-12:00) on reporting framework and clarifications (connection details in CSSF annex)
- Submission deadline for AMLA calibration exercise participants (maintained despite delays; changes to be communicated)
11 March 2026); - New launch and submission deadlines for all data collections, pending final AMLA questionnaire
Compliance Impact
Urgency: High - Mandatory reporting supports CSSF's supervisory strategy and EU AMLA calibration, with non-compliance risking enforcement; delays provide preparation time but require immediate data readiness as final deadlines approach shortly (e.g., potential April submissions). This directly feeds into entity-level ML/TF risk assessments, influencing ongoing supervision and resource allocation.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankAsset ManagerAll Firms
Table listing the professional activities and the mandates performed
This CSSF publication is an updated table (in XLSX format) listing standardized professional activities and mandates for members of the management body/governing body and conducting officers, as required under points 105 and 107 of Circular CSSF 18/698. It matters because it ensures consistent, transparent reporting of senior personnel roles in Luxembourg investment fund managers (IFMs), supporting governance, conflict-of-interest management, and CSSF supervisory oversight. Compliance professionals must use this list to standardize disclosures in authorization files and ongoing reporting.
What Changed
- The document was originally published on 14 January 2019 and updated on 12 March 2026, reflecting revisions to the predefined list of professional activities and mandates[Source URL].
- Alignment with Circular CSSF 18/698 requirements for IFMs (management companies for UCIs and AIFs), specifying reportable roles like those in collective portfolio management, risk management,...
- Emphasis on detailed documentation of mandates to demonstrate fitness, properness, and avoidance of conflicts, including for shareholders with qualifying holdings.
- No entirely new requirements introduced, but the update likely incorporates evolving governance expectations, such as enhanced delegate oversight and AML/CFT compliance officer designations.
Suggested Considerations
- Download and use the XLSX table: Incorporate the exact list of activities/mandates into internal templates for reporting management body and conducting officer roles[Source URL].
- Update authorization and notification files: Include detailed CVs, criminal record extracts, wealth declarations, and organization charts for relevant personnel/shareholders; notify CSSF of changes (e.g., qualifying holdings, guarantees).
- Conduct fit-and-proper assessments: Ensure declarations cover all listed mandates, demonstrating no conflicts and adequate resources; perform initial/ongoing due diligence on delegates.
- Annual compliance review: Document roles in compliance monitoring plans, training, and reporting to senior management/CSSF; align with delegate oversight (e.g., risk-based monitoring of compliance, audit functions).
- Policy updates: Revise governance policies to reflect the updated list, including AML/CFT officer designations and own funds proofs.
Key Dates
- Publication of underlying Circular CSSF 18/698, setting baseline requirements
- Original publication of the list
- Latest update to the list, requiring immediate review and integration into reporting processes[Source URL]
financial year); - Compliance deadline for Circular 18/698 obligations, including governance reporting (e.g., 5 months after year-end)
Compliance Impact
Urgency: High – The March 12, 2026 update coincides with today's date, demanding immediate review to avoid supervisory findings during CSSF inspections or authorization processes. Non-compliance risks authorization delays, fines, or reputational damage, as Circular 18/698 emphasizes robust governance in a heightened scrutiny environment for IFMs (e.g., delegate oversight, AML).
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerBankAll Firms
Delay in the 2026 AML/CFT standardised data collection
The CSSF circular letter dated 11 March 2026 announces a delay in its planned AML/CFT standardised data collection exercise originally scheduled for 2026, primarily due to overlap with a concurrent broad-scope data collection by the European Anti-Money Laundering Authority (AMLA). This matters for compliance professionals as it reduces immediate reporting burdens on supervised entities, promotes regulatory simplification, and aligns Luxembourg practices with emerging EU AML/CFT methodologies, allowing firms to redirect resources to the mandatory AMLA exercise.
What Changed
- - Postponement of CSSF-specific questionnaire: The CSSF has decided not to proceed with its own AML/CFT standardised data collection for most supervised entities (credit institutions, investment...
- Exception for specialised professionals: Specialised professionals of the financial sector (e.g., certain non-credit institutions) remain subject to a CSSF-specific questionnaire, though timelines...
- Rationale tied to AMLA calibration exercise: Entities selected for AMLA's 2026 calibration exercise (notified directly by CSSF) must complete it regardless; non-selected entities were to use AMLA...
- Potential for ad-hoc requests: CSSF reserves the right to issue targeted questionnaires later in 2026 for essential data points not covered by AMLA.
These changes supersede the 12 February 2026...
Suggested Considerations
- Monitor CSSF updates: Await forthcoming communications on revised modalities, new timelines, and any ad-hoc requests via eDesk platform.
- Prioritize AMLA obligations: Selected entities must prepare quantitative/qualitative ML/TF risk data per draft RTS on risk assessments (Article 40(2) of Directive (EU) 2024/1640); non-selected entities focus on AMLA templates for 2025 risks/mitigation.
- Specialised professionals: Continue preparations for CSSF-specific questionnaire, confirming any shifts post-delay.
- Internal review: Assess ML/TF risk profiles, mitigation measures, and reporting readiness in light of EU alignment; update compliance calendars to reflect simplification.
- No immediate submissions: Stand down from original 2 March/15 April deadlines unless individually notified otherwise.
Key Dates
Potential ad-hoc CSSF questionnaires for essential data points
Original launch for specialised professionals' CSSF questionnaire
Original launch date for AMLA calibration exercise data collection via eDesk (now potentially adjusted or paused per delay circular)
Publication of delay circular, superseding prior timelines; further modalities to be communicated
Original reporting deadline to CSSF for AMLA calibration exercise data
Compliance Impact
Urgency: Medium. The delay alleviates short-term pressure by postponing submissions and reducing dual reporting, enabling resource reallocation to higher-priority AMLA efforts amid EU harmonization. It matters for maintaining a risk-based approach (RBA) under FATF standards, avoiding overburden from overlapping exercises, and preparing for the new EU AML/CFT methodology—non-compliance risks supervisory scrutiny, but the simplification lowers immediate enforcement exposure.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankAsset ManagerAll Firms
No description available.
The CSSF published guidance on 2 March 2026 specifying minimum documents and information required for assessing shareholding structures of authorised Investment Fund Managers (IFMs) during initial authorisation and subsequent modifications, covering both qualified and non-qualified shareholders. This matters because incomplete submissions will not be processed, potentially delaying authorisations or amendments amid ongoing CSSF scrutiny of governance and ownership in Luxembourg's fund sector.
What Changed
- - Minimum Document Requirements: Establishes a mandatory list of documents for each new shareholder candidate, differentiated by type (e.g., natural person, legal person, beneficial owner,...
- Additional Mandatory Submissions: For changes involving qualified holdings (entry, increase/decrease, removal), requires updated group structure charts, MEF (in some cases), financing information,...
- Enforcement Mechanism: From 2 March 2026, applications lacking these minimums are deemed incomplete, halting analysis until fully submitted.
- No prior formalised list existed in this detail for IFMs, shifting from case-by-case to standardised requirements.
Suggested Considerations
- Review Guidance: Download and study the XLSX document (Version 1.0) detailing per-shareholder/per-change requirements.
- Prepare Complete Packages: For initial authorisation or amendments, compile minimum docs (e.g., IDs for beneficial owners/PEPs, group charts, financing details, MEF, fees); use *MEF templates where noted.
- Submit Fully: Ensure all minimums included in future filings to avoid delays; anticipate CSSF requests for extras.
- Internal Processes: Update compliance checklists, train teams on shareholder due diligence, and integrate into authorisation workflows.
Key Dates
Publication and effective date; Guidance applies immediately; incomplete applications received on/after this date will not start processing until complete
Compliance Impact
Urgency: High – Effective immediately on publication (2 March 2026), with strict non-processing of incomplete files risking significant delays in time-sensitive authorisations/amendments. Matters for maintaining operational timelines in competitive fund markets, where CSSF oversight of IFM ownership ties to broader governance expectations (e.g., board composition, qualifications).
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset Manager
Version 1.0
This CSSF guidance (Version 1.0, published 2 March 2026) specifies the minimum documents and information required for assessing shareholding structures of authorised Investment Fund Managers (IFMs) during initial authorisation or modifications involving qualified and non-qualified shareholders. It standardises submissions to ensure completeness, with incomplete applications rejected until fully provided, enhancing regulatory efficiency and scrutiny of ownership changes. Compliance professionals must prioritise this to avoid delays in authorisation processes for Luxembourg-domiciled IFMs.
What Changed
- - Minimum Document Lists: Introduces detailed checklists in an XLSX format covering candidate shareholder documents (e.g., ID, CV, declarations of honour (DH), criminal records (CR) for natural...
- Differentiation by Shareholder Type: Requirements vary by natural/legal person, beneficial owner, direct/indirect qualified/unqualified shareholders, and involvement in financing (e.g., "Yes, if PEP...
- Other Mandatory Submissions: For qualified holding changes (entry, increase/decrease, removal), requires updated group structure charts, Market Entry Forms (MEF), financing details, and fee forms;...
- Enforcement Mechanism: From 2 March 2026, incomplete submissions halt analysis until remedied; CSSF may request additional info.
Suggested Considerations
- Prepare Complete Packages: For each new shareholder candidate, compile type-specific docs (e.g., ID/CV/DH/CR for direct unqualified shareholders; financing proof if indirect qualified lacks resources).
- Submit Core Items: Always include updated group structure chart, MEF (template available), acquisition financing details, fee form; classify request type (e.g., prior authorisation for qualified changes).
- Initial/Modification Filings: Use XLSX guidance as checklist; ensure beneficial owner verification per Circular CSSF 19/732.
- Ongoing: Notify CSSF of changes; anticipate ad-hoc requests for extras like PEP declarations.
Key Dates
Publication and immediate applicability; New guidance effective; incomplete applications received on/after this date not processed until complete
Compliance Impact
Urgency: High – Immediate effect from 2 March 2026 means any ongoing or planned IFM authorisation/modification applications risk delays or rejection if non-compliant, potentially disrupting fund launches or ownership restructurings in Luxembourg's key investment management hub. Matters due to standardised scrutiny on fit-and-proper ownership, aligning with AIFMD governance and reducing administrative back-and-forth.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset Manager
Exigences applicables au réviseur d’entreprises agréé spécial auprès des établissements de crédit émetteurs de lettres de gage
Circular CSSF 26/907, published on February 18, 2026, establishes requirements for **approved special statutory auditors (réviseurs d'entreprises agréés spéciaux) serving credit institutions that issue mortgage bonds (lettres de gage)**. This circular formalizes the governance and audit standards applicable to a specialized auditor role within Luxembourg's credit institution framework, ensuring enhanced oversight of entities engaged in mortgage bond issuance.
What Changed
- The search results provided do not contain the full text of Circular CSSF 26/907, as it is available only in French and the PDF content was not included in the available materials.
- Statutory auditor qualifications and requirements for the specialized role of approving auditors (réviseurs agréés spéciaux) overseeing credit institutions that issue mortgage bonds
- Governance standards for auditors in this specialized capacity
- Audit and oversight responsibilities specific to mortgage bond issuance activities
The circular aligns with broader Luxembourg regulatory modernization efforts evident in concurrent CSSF guidance,...
Suggested Considerations
- *Obtain and review the full French text of Circular CSSF 26/907 from the CSSF website
- *Assess current auditor qualifications against the new requirements for approved special statutory auditors
- *Update audit engagement letters and terms to reflect any new standards or responsibilities
- *Document compliance with the circular's requirements in governance and audit files
- *Communicate with appointed auditors to ensure alignment with the new framework
Key Dates
- Circular CSSF 26/907 published
in available search results; firms should consult the full French text for any transition periods or effective dates
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
1) high-risk jurisdictions on which enhanced due diligence and, where appropriate, counter-measures are imposed2) jurisdictions under increased monitoring of the FATFVersion of 17 February 2026
The Annex of Circular CSSF 22/822 (Version of 17 February 2026) is Luxembourg's Commission de Surveillance du Secteur Financier's implementation guidance on FATF (Financial Action Task Force) designations of high-risk jurisdictions requiring enhanced due diligence and counter-measures, as well as jurisdictions under increased monitoring. This document is critical for Luxembourg-regulated financial institutions because it operationalizes international AML/CFT standards into binding compliance obligations, directly impacting customer acceptance, transaction monitoring, and correspondent banking relationships.
What Changed
The current version (17 February 2026) represents the most recent update to the CSSF's FATF-aligned jurisdiction risk framework. Based on the available search results, the document establishes two primary regulatory categories:
High-Risk Jurisdictions (Category 1): Jurisdictions designated by FATF as having strategic deficiencies in their AML/CFT regimes, requiring enhanced due diligence and, where appropriate, counter-measures.
Suggested Considerations
- *For High-Risk Jurisdictions:
- Apply enhanced due diligence and monitoring measures to business relationships and transactions with designated jurisdictions
- Increase the frequency and timing of transaction controls
- Select transaction patterns requiring further examination and obtain detailed information on transaction purposes
- Maintain enhanced mechanisms for reporting suspicious activity to the FIU
Key Dates
- Original Circular CSSF 22/822 issued
- Previous version superseded
- Current version effective (Annex of Circular CSSF 22/822)
- CSSF annual AML/CFT questionnaire launch (related compliance reporting deadline)
Compliance Impact
Urgency: CRITICAL
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankAsset ManagerPayment Provider No description available.
The CSSF has updated its FAQ on portfolio transparency requirements for UCITS ETFs, relaxing disclosure frequency from monthly to quarterly publication of detailed holdings while maintaining daily information sharing with market makers and authorized participants. This change aligns Luxembourg's regulatory framework more closely with Ireland's semi-transparent ETF approach and is designed to attract active asset managers to the Luxembourg domicile by reducing proprietary information exposure.
What Changed
- The update modifies two critical FAQ sections:
Portfolio Transparency Requirements (Question 12.1)
The CSSF has expanded and clarified its guidance to apply to all UCITS ETFs, not just actively...
- Daily disclosure to market participants: Market makers and authorized participants (APs) continue to receive detailed portfolio information on a daily basis to maintain efficient arbitrage mechanisms...
- Quarterly public disclosure: Investment Fund Managers (IFMs) must now publish detailed portfolio holdings to all investors at least quarterly with a maximum time lag of 30 business days (previously...
Suggested Considerations
- *For IFMs Managing UCITS ETFs:
- *Update disclosure procedures to transition from monthly to quarterly publication schedules for detailed portfolio holdings
- *Maintain daily information sharing with APs and market makers to support arbitrage mechanisms—this requirement remains unchanged
- *Revise prospectuses to reflect the new quarterly disclosure frequency and confirm compliance with the 30 business-day publication window
- *Document procedures for calculating the 30 business-day deadline from quarter-end
Key Dates
- CSSF publishes updated FAQ (effective immediately)
- Firms should implement changes promptly to ensure compliance with the new quarterly disclosure requirement
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset Manager
Version 23
This CSSF FAQ (Version 23, updated 17 February 2026) provides interpretive guidance on the Luxembourg Law of 17 December 2010 relating to undertakings for collective investment (UCIs), covering UCITS, Part II UCIs, SIFs, and SICARs. It matters for compliance professionals as it clarifies authorisation processes, investment rules, and supervisory expectations, ensuring alignment with evolving EU frameworks like AIFMD and MiCAR. The update, effective today, addresses recent regulatory shifts including crypto-asset integration.
What Changed
- - Authorisation Requirements: UCIs require CSSF approval of constitutive documents (articles, management regulations), depositary selection, and management company/AIFM applications for contractual...
- Crypto-Asset Updates (aligned with separate but related FAQ Version 7): Replaces "virtual assets" with "crypto-assets" per MiCAR (EU 2023/1114); UCITS and retail AIFs (non-well-informed investors)...
- Investment Policies and Liquidity Management: Funds must detail objectives, strategies, asset classes, restrictions, borrowing, and conflicts; look-through for intermediary vehicles per ESMA/AIFMD...
- Risk Spreading Exemptions: Limits do not apply to OECD/EU-guaranteed securities or UCIs with comparable risk-spreading.
- Depositary Role in Crypto: Luxembourg depositaries can custody crypto-assets with safeguards and CSSF notification; responsibility varies by model (depositary or MiCAR provider).
Suggested Considerations
- Review and Update Documents: Align UCI constitutive documents, investment policies, and sales documents with clarified rules on strategies, LMTs, conflicts, and risk-spreading; apply look-through for intermediaries.
- Crypto-Specific: For >10% NAV exposure, apply for "Other-Other Fund-Crypto-assets" extension (custody, valuation, AML/CFT plans, expertise); notify CSSF for depositary crypto custody; implement heightened AML/CFT due diligence per FATF/Luxembourg assessments.
- Authorisation/Amendments: Submit for CSSF approval on new setups, manager changes, or sub-funds (esp. SICAV multi-sub-funds with EU cross-border services).
- Governance and Reporting: Ensure RC/RR demonstrate crypto risk understanding; update disclosures for investors on risks, LMTs, and fair treatment.
- Ongoing Compliance: Use FAQ/Compilation for RAIFs/SIFs/SICARs/Part II UCIs; auditors/managers confirm tax-exempt status for SICARs.
Key Dates
Related AIFM FAQ Version 24; Introduces changes relevant to UCI managers acting as AIFMs
UCI Authorisation page update; Reflects ongoing CSSF expectations for approvals
Crypto FAQ Version 7 update effective; MiCAR-aligned changes on crypto exposure, authorisation extensions, and depositary notifications
FAQ Version 23 update effective; Applies immediately to UCI operations, authorisations, and compliance.[User-provided content]
Compliance Impact
Urgency: High – The update coincides with MiCAR implementation and today's release, requiring immediate review for crypto-exposed funds to avoid unauthorised strategies or AML gaps; non-compliance risks supervisory actions, authorisation delays, or investor disputes in Luxembourg's key fund domicile.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundAll Firms
AML/CFT standardised data collection taking place in 2026
The CSSF Circular Letter 2026-02-12 announces a standardized data collection exercise on AML/CFT for supervised entities, scheduled for 2026, aimed at enhancing regulatory oversight of money laundering and terrorist financing risks. This matters because it signals intensified CSSF scrutiny on AML/CFT compliance, requiring firms to prepare structured data submissions that could inform future supervisory actions, risk assessments, and enforcement. As part of broader CSSF AML/CFT initiatives, non-compliance risks fines or heightened inspections.
What Changed
- - Introduction of standardized AML/CFT data collection: CSSF mandates uniform reporting formats for collecting data on AML/CFT risks, controls, and practices across supervised sectors, building on...
- Alignment with ongoing AML/CFT enhancements: Complements recent governance-focused circulars (e.g., Circular 26/906 on central administration and risk management for payment/e-money institutions) by...
- No explicit new obligations beyond preparation for data submission, but implies deeper integration of tax-related AML indicators and sub-sector risk updates, as seen in related CSSF activities.
Suggested Considerations
- Assess and document AML/CFT data readiness: Inventory current risk assessments, transaction monitoring logs, KYC processes, SAR filings, and third-party oversight records in standardized formats; map to proportionality factors (e.g., transaction volumes, outsourcing).
- Update governance and controls: Ensure compliance functions have independence, direct board reporting, and audit coverage of AML/CFT; test ICT resilience for monitoring continuity.
- Conduct internal reviews: Perform gap analyses against Circular 26/906 (e.g., fund safeguarding, escalation protocols) and recent conference topics (e.g., terrorist financing, tax indicators); remediate deficiencies with board-approved plans.
- Prepare for submission: Designate resources for data compilation; cooperate fully with CSSF/FIU requests, including transfer-of-funds information under EU 2015/847.
- Engage auditors: Leverage approved auditors for validation of AML/CFT effectiveness ahead of collection.
Key Dates
AML/CFT standardised data collection exercise; Firms must submit required data during this period; preparation recommended immediately given today's date (12 February 2026)
Issuance of related Circular 26/906; Establishes governance baselines (e.g., compliance independence, risk proportionality) informing data collection expectations
CSSF AML/CFT Conference for Specialised PFS; Provided updates on sub-sector risks, terrorist financing reviews, and FIU insights relevant to data preparation
Conference materials published; Available for download to guide compliance alignment
Compliance Impact
Urgency: High – With data collection in 2026 underway today (12 February 2026), firms face immediate preparation needs amid recent enforcement (e.g., EUR 102,000 fine on depositary for AML-related gaps) and conferences signaling sub-sector focus. This elevates AML/CFT as a supervisory priority, potentially triggering on-site inspections, fines, or remediation orders for inadequate data/risks; proactive alignment prevents escalation in a risk-based regime.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankPayment ProviderAll Firms
Version 3
This CSSF FAQ (Version 2, July 2013, with updates through 24 June 2013 and 11 July 2013) provides guidance on master-feeder structures for UCITS funds under the Luxembourg Law of 12 July 2010 (the "2010 Law"), addressing financial reporting, performance disclosure, and operational requirements. It matters for Luxembourg-domiciled UCITS managers and depositaries as it clarifies compliance with UCITS Directive rules on aggregation of charges, audit irregularities, and past performance in cross-border master-feeder setups, reducing ambiguity in documentation and investor communications.
What Changed
- - Financial reporting for aggregate charges (Art 82(2) 2010 Law): When master and feeder UCITS have different year-ends, feeder must present master charges for the same period if possible; otherwise,...
- Disclosure of irregularities (CSSF Regulation 10-05 Art 27(e)): Present in notes to financial statements or "other information" section of annual report.
- Past performance rules (Art 159(3)c) 2010 Law and Commission Regulation (EU) 583/2010): Feeders converting to new masters cannot refer to pre-conversion past performance; masters converting from...
- Document is periodically updated; CSSF reserves right to alter positions—firms must monitor website.
Suggested Considerations
- Review and amend master-feeder agreements (per Art 79(1) 2010 Law) to require masters provide charge/fee data to feeders.
- Ensure financial statements/annual reports disclose irregularities in specified sections and aggregate charges with audit report caveats if periods misalign.
- Update KIIDs and marketing materials for past performance compliance, disclosing conversions/material changes per Regulation 583/2010 Articles 17, 19, 35.
- Implement processes for ad hoc financial statements when accounting years differ, allocating audit/preparation fees appropriately.
- Monitor CSSF website regularly for FAQ updates.
Compliance Impact
Urgency: low—This 2013 guidance (Version 2) is outdated relative to 2026, with no new enforcement actions noted, but remains relevant for legacy UCITS master-feeder structures under the 2010 Law. It matters for audit/financial close processes and investor disclosures to avoid CSSF scrutiny, particularly in cross-border setups where ESMA UCITS rules apply; non-compliance risks reporting errors or investor complaints.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset Manager
This publication is a CSSF FAQ in relation to the use by Luxembourg-domiciled UCITS of the following Securities Financing Transactions: securities lending transactions, reverse repurchase agreement transactions and repurchase agreement transactions. The objective of the FAQ is to bring further clarity concerning the use by UCITS of these SFTs, thereby taking into account the applicable regulatory framework as well as the supervisory experienced gained by the CSSF over the last years.Version 2
This CSSF FAQ (Version 2) provides guidance on the use of securities financing transactions (SFTs)—specifically securities lending, reverse repurchase agreements, and repurchase agreements—by Luxembourg-domiciled UCITS, clarifying regulatory requirements based on the applicable framework and CSSF's supervisory experience. It matters because it updates prior guidance to reflect evolved practices, helping UCITS managers ensure compliant SFT usage amid heightened scrutiny on liquidity, risk management, and investor protection in Luxembourg's fund sector.
What Changed
The document is an updated FAQ (Version 2), originally published on 18 December 2020 and revised on 12 February 2026, but the provided content does not detail specific changes from Version 1 beyond incorporating recent supervisory experience and regulatory framework updates. It emphasizes clarity on SFT eligibility, operational controls, and risk mitigation for UCITS, without introducing new prohibitions or mandates visible in the summary; full details require accessing the PDF (201.4Kb).
Suggested Considerations
- Review and update policies: UCITS managers must assess current SFT programs against the FAQ's clarifications, ensuring alignment with regulatory framework (e.g., UCITS Directive) and CSSF supervisory expectations on risk, collateral, and transparency.
- Enhance disclosures: Update fund prospectuses, KIIDs, and annual reports to reflect SFT usage, risks, and revenues, per CSSF emphasis on investor clarity.
- Conduct gap analysis: Audit SFT counterparties, collateral management, and liquidity tools for compliance; remediate any deviations based on gained supervisory experience.
- Train staff and delegates: Implement training on updated FAQ to cover securities lending, repos, and reverse repos specifics.
- Monitor ongoing use: Maintain records of SFT volumes, counterparties, and performance for CSSF inspections; integrate with broader UCI regulatory updates like risk-spreading.
Key Dates
Original publication date of Version 1
Update date for Version 2; (effective immediately as non-binding guidance)
Compliance Impact
Urgency: High – The 12 February 2026 update coincides with today's date, signaling immediate relevance for Luxembourg UCITS engaging in SFTs, which are common for yield enhancement but carry liquidity and counterparty risks. Non-compliance risks supervisory actions, given CSSF's focus on practical experience; firms should prioritize review to avoid findings in upcoming audits or inspections, especially amid parallel 2026 updates on UCI investments.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset Manager
Guidance allowing financial entities to identify the National Competent Authority to which their register of information has to be submitted.
This CSSF guidance document, published on 11 February 2026, provides detailed explanations and resolution steps for error messages encountered during the submission of the DORA Register of Information (RoI) via the eDesk portal, specifically for the 2026 submission cycle. It matters because it enables Luxembourg financial entities to ensure compliant submissions amid enhanced validation checks on more data fields, avoiding re-submission delays and supporting timely transmission to the ESAs by CSSF deadlines. Non-compliance risks supervisory scrutiny under DORA's ICT risk management framework.
What Changed
- - Enhanced validation checks for the 2026 RoI submission: Applies ESA-defined checks (last updated April 2025) to more data fields to improve data quality, compared to prior cycles.
- Specific error resolutions detailed, including requirements for LEI code communication to CSSF beforehand, correct reference date ('2025-12-31') in file naming, plain-CSV files in predefined .zip...
- Mandatory inclusion of all tables (even empty) in FilingIndicators.csv set to 'true', with matching identification codes across parent-child records.
- Builds on prior CSSF guides, emphasizing eDesk role "DORA Reporting" assignment and ESAs' technical standards.
No new regulatory requirements under DORA itself; this refines technical submission...
Suggested Considerations
- Assign "DORA Reporting" role in eDesk to dedicated employee(s) per user guide.
- Communicate LEI code to CSSF line supervisor prior to first submission to enable upload.
- Prepare RoI in plain-CSV files within .zip following ESAs' folder structure/file naming (reference date '2025-12-31'); include all tables in FilingIndicators.csv (even empty, set to 'true').
- Test submissions against listed error codes (e.g., ICTO007 for LEI, identification mismatches); resolve per guidance sections (e.g., Sections 3.2.2, 5.1.2, 6).
- Consult ESAs' EBA resources (data point model, validation rules, FAQs) and CSSF guides (e.g., submission guide, guidance tables).
Key Dates
- CSSF re-submission deadline post-validation for 2025; analogous for 2026 if errors detected
- ESAs' second-round validation for 2025; expect similar for 2026 with potential re-submissions
- Initial 2025 submission window via eDesk (for context; 2026 window likely similar, pending confirmation)
- Reference date for 2026 RoI submission (all contractual arrangements up to this date)
- Publication date of this error guidance (last updated 10/02/2026)
Compliance Impact
Urgency: High - Published today (11 February 2026), this equips firms for imminent 2026 RoI submissions (reference date 31 December 2025), with stricter validations on expanded fields risking rejections/re-submissions. Matters for operational resilience compliance under DORA Article 28, as accurate RoI supports supervisory oversight of ICT third-party risks; delays could trigger CSSF/ESA follow-up or fines. Firms with prior 2025 issues (e.g., portal extensions to May 2025) must prioritize to avoid recurrence.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankFintechPayment Provider
No description available.
This CSSF communiqué announces the availability of updated UCI Reports (SAQ, SR, and ML) under Circular CSSF 21/790 on the eDesk platform's CISERO module for specific 2026 year-ends, with key enhancements focused on valuation, NAV determination, and risk-based streamlining. It matters for Luxembourg UCIs as it reflects evolving supervisory priorities, aligns with EU directives like Directive (EU) 2024/927, and imposes refined self-assessment obligations to bolster resilience in stressed conditions and liquidity management.
What Changed
- - SAQ Updates (Valuation Section): New questions on valuation policies for stressed market conditions/exceptional circumstances; coverage for new sub-funds/strategies; independent validation of...
- SAQ Simplifications and Clarifications: Removed questions on sub-funds with significant non-standard OTC derivatives, unquoted assets, or external valuer OTC FDIs (including NAV proportions); refined...
- SAQ NAV Determination: Updated Liquidity Management Tools (LMTs) sub-section to align with Annexes of AIFM/UCITS Review Directive (Directive (EU) 2024/927); added question on compliance with ESMA...
- SR Streamlining: Removed procedures in investment compliance (e.g., eligibility assessments for closed-ended funds, structured instruments, non-plain vanilla OTC derivatives; credit quality for money...
- Reports for year-ends after 30 April 2026 available three months prior.
Suggested Considerations
- Access updated Reports on eDesk CISERO module immediately and review changes vs. 31 December 2025 versions.
- Update valuation policies/procedures to explicitly cover stressed conditions, new sub-funds/strategies, model validations, and backtesting; document compliance.
- Revise NAV processes for LMT alignment with Directive (EU) 2024/927 Annexes and ESMA performance fee guidelines; confirm for open-ended UCIs.
- Dirigeants/management: Complete/validate SAQ addressing new/clarified questions; prepare for REA SR/ML review.
- REAs: Perform streamlined SR procedures; issue ML on prior weaknesses with remediation timelines.
Key Dates
Reports (SAQ, SR, ML) made available on eDesk CISERO for year-ends 31 January, 28 February, 31 March, 30 April 2026
Entry into application of AIFM/UCITS Review Directive LMT requirements
end +5 months (UCITS/Part II UCIs); SAQ/SR submission deadline
end +6 months (SIFs/SICARs); SAQ/SR submission deadline
end (post-30 April 2026); Future Reports availability
Compliance Impact
Urgency: High – Immediate access required for imminent submissions (e.g., 31 January 2026 year-end due ~June 2026); new valuation questions demand policy reviews to avoid supervisory findings, especially amid stressed markets; SR simplifications reduce burden but shift focus to SAQ self-assessment, heightening dirigeants' accountability. Non-compliance risks CSSF follow-up on modified audits or weaknesses, per Circular 21/790.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset Manager
No description available.
The Commission de Surveillance du Secteur Financier (CSSF) has updated its FAQ on crypto-asset investments by undertakings for collective investment, effective February 4, 2026, to align with the EU's Markets in Crypto-Assets Regulation (MiCAR). This update establishes clear investment limits and licensing requirements for UCITS and AIFs investing in crypto-assets, fundamentally reshaping how Luxembourg-regulated funds can structure crypto exposure.
What Changed
The regulatory framework introduces several material modifications:
Investment Exposure Limits
UCITS may invest indirectly in crypto-assets for a maximum of 10% of their net asset value (NAV). These indirect investments are restricted to transferable securities that do not embed derivatives. AIFs open to retail investors other than well-informed investors face the same 10% NAV ceiling.
MiCAR Alignment
The FAQ modifications directly reflect the entry into force of Regulation (EU) 2023/1114 on markets in crypto-assets.
Suggested Considerations
- *For UCITS Managers:
- by-case assessment of crypto-asset investment impact on fund risk profiles
- specific risks (volatility, liquidity, technological risk)
- asset investments
- *For AIFMs Managing AIFs with Crypto Exposure:
Key Dates
- FAQ Version 7 effective date; MiCAR compliance requirements become operative
- Deadline for Virtual Asset Service Providers (VASPs) to transition from registration to authorization under MiCAR or cease operations
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundFintech
Version 7 – 04/02/2026
The CSSF has released Version 7 of its FAQ on Crypto-Assets for Undertakings for Collective Investment, updated on February 4, 2026, to reflect the entry into force of the Markets in Crypto-Assets Regulation (MiCAR). This guidance establishes binding investment limits, authorization requirements, and risk management standards for UCITS and AIFs investing in crypto-assets, fundamentally reshaping how Luxembourg-regulated collective investment schemes can engage with digital assets.
What Changed
The most significant regulatory modifications in Version 7 include:
Investment Limits for UCITS
UCITS may invest indirectly in crypto-assets for a maximum of 10% of their net asset value (NAV). These indirect investments are limited to transferable securities that do not embed derivatives in accordance with Article 10 of the Grand-ducal Regulation of 8.
Investment Limits for AIFs
AIFs open to retail investors other than well-informed investors may invest in crypto-assets for a maximum of 10% of their NAV.
Suggested Considerations
- *Immediate Compliance Steps:
- *Portfolio Audit: Conduct a comprehensive review of all UCITS and AIF holdings to identify current and potential crypto-asset exposures, both direct and indirect (including derivatives with crypto underlyings).
- *Investment Policy Updates: Revise fund documentation, prospectuses, and investment policies to reflect the 10% NAV limits and MiCAR compliance requirements.
- *Risk Management Assessment: Update risk management policies to address crypto-asset volatility, liquidity, and technological risks, with case-by-case impact assessments on fund risk profiles.
- *Investor Notification: Ensure transparent and timely communication with investors regarding any crypto-asset investments or policy changes.
Key Dates
- FAQ Version 7 effective date (entry into force of MiCAR alignment)
- Deadline for Virtual Asset Service Providers (VASPs) to transition to CASP authorization or cease operations
- The FAQ does not specify a transition period for existing funds exceeding the 10% limit; firms should clarify this with the CSSF immediately
Compliance Impact
Urgency Rating: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundFintech
No description available.
CSSF Circular 26/906, published on 20 January 2026, establishes detailed requirements for central administration, internal governance, and risk management for payment institutions (PIs) and electronic money institutions (EMIs) in Luxembourg, repealing prior circulars IML 95/120, IML 96/126, IML 98/143, and CSSF 04/155. It clarifies application of the amended Law of 10 November 2009 on payment services, emphasizing robust governance amid sector growth to ensure safety, efficiency, and trust. This matters for compliance as it mandates comprehensive reviews and updates to governance frameworks by mid-2026, addressing rising transaction volumes.
What Changed
- The circular consolidates and updates governance rules, focusing on:
- Management bodies: Responsibilities, composition, qualifications, organization, and functioning, including CSSF authorization of members based on professional experience, standing (e.g., police...
- Internal control functions: Responsibilities, characteristics, organization, and execution of work for compliance officers and internal auditors, with notifications to CSSF including detailed...
- Conflicts of interest: Key requirements for a management policy applicable to all staff and management body members.
- New product approval: Defined key steps in the process.
Suggested Considerations
- Gap analysis: Assess current frameworks against circular requirements on management bodies, internal controls, conflicts of interest, product approval, and fund safeguarding.
- Updates and notifications: Review/revise governance arrangements (e.g., policies, structures); notify CSSF of management body members, compliance officers, and internal auditors with required documentation (professional experience, police records, etc.).
- Implementation: Establish robust risk identification/management/monitoring/reporting processes, internal controls, and proportional arrangements (e.g., IT, outsourcing).
- Documentation: Develop conflicts policy, new product approval procedures, and safeguarding rules; ensure management body authorization.
- Ongoing: Maintain sound/prudent management amid growth; integrate with Law of 10 November 2009 requirements.
Key Dates
- Publication date of Circular CSSF 26/906
- Compliance deadline: Institutions must assess/review central administration, internal governance, and risk management frameworks to ensure full compliance
Compliance Impact
Urgency: High - With ~5 months from publication (20 Jan 2026) to compliance (30 Jun 2026), firms face tight timelines for assessments, policy overhauls, and CSSF notifications, especially given repealed circulars and sector growth pressures. Non-compliance risks supervisory actions, as this fosters "sound and prudent management" in a high-volume industry; proactive reviews are essential to avoid disruptions.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Payment ProviderFintech
Central administration, internal governance and risk management
Circular CSSF 26/906, published on 20 January 2026, consolidates and clarifies Luxembourg's rules on central administration, internal governance, and risk management specifically for payment institutions, electronic money institutions, and account information service providers. It repeals prior circulars (IML 95/120, IML 96/126, IML 98/143, and CSSF 04/155) to address growth in transaction volumes by mandating robust governance, control functions, and risk processes, enhancing safety, efficiency, and trust in these services. This matters for compliance professionals as it strengthens defenses against financial crime, operational risks, and supervisory scrutiny in a high-growth sector.
What Changed
- - Consolidation and repeal: Replaces outdated circulars with unified requirements under the amended Law of 10 November 2009 on payment services, covering central administration (decision-making must...
- Governance enhancements: Board approves strategy, risk appetite, AML/CFT policies, outsourcing, and information security; management implements via procedures; proportionality based on business...
- Operational controls: Strict access to systems (need-to-know, least-privilege, 4-eyes validation); counterparty due diligence for custodians/insurers; full responsibility for agents, distributors,...
- AML/CFT focus: Elevates compliance function independence, direct board reporting, risk-based resourcing, and oversight of third parties/opaque structures to close gaps exploited by criminals.
Suggested Considerations
- Assess and update governance frameworks: Review central administration location, board/management responsibilities, risk strategy, AML/CFT policies, compliance charter, and funds safeguarding principles to align with the circular.
- Confirm control functions: Ensure compliance function (CCO) has independence, resources, direct board access, and authority for investigations; justify/secure CSSF approval for part-time/dual roles.
- Implement operational safeguards: Establish daily reconciliations (or justified weekly), segregation/insurance for client funds, system access controls (4-eyes, board validation for significant movements), and third-party due diligence/monitoring.
- Document proportionality: Tailor governance to business risks (staff, volumes, products, outsourcing); update new product approval, conflicts policies, and business continuity/incident reporting.
- Retain records and report: Board-approve all key policies; prepare for CSSF inspections on outsourcing (per Circular CSSF 22/806) and ICT risks.
Key Dates
Publication date of Circular CSSF 26/906
Compliance deadline; Institutions must assess, review, and ensure their central administration, internal governance, and risk management frameworks fully comply with the circular
Compliance Impact
Urgency: High – With a 30 June 2026 deadline (five months from publication), firms face immediate pressure to review and remediate governance gaps amid sector growth and heightened AML/CFT scrutiny; non-compliance risks supervisory actions, fines, or license issues, especially as it closes criminal exploitation vectors like weak controls and third-party risks.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Payment Provider
Application of the Guidelines of the European Banking Authority on the management of environmental, social and governance (ESG) risks (EBA/GL/2025/01)
Circular CSSF 26/905 mandates the application of EBA Guidelines (EBA/GL/2025/01) on managing **ESG risks** for Luxembourg-supervised institutions, requiring integration of environmental, social, and governance risk identification, measurement, management, and monitoring into internal processes. This aligns with CRD amendments (Articles 74, 76, 87a) and emphasizes proportionality to institutions' business models, with plans including timelines, targets, and milestones toward EU climate goals like net-zero by 2050. It matters for compliance as it embeds ESG into prudential supervision, potentially impacting capital, risk frameworks, and supervisory reviews.
What Changed
- - Institutions must establish proportionate strategies, policies, processes, and systems for ESG risk management, covering short-, medium-, and long-term horizons, including transition and physical...
- Develop plans per Article 76(2) CRD with specific timelines, intermediate quantifiable targets, and milestones to address ESG financial risks, consistent with EU objectives (e.g., 55% GHG reduction...
- Incorporate ESG into internal governance, risk appetite, and supervisory review processes (SREP), with scenario analysis requirements (to be detailed in future EBA guidelines).
- Applies minimum standards and methodologies for ESG risk identification, measurement, monitoring, and impact assessment on institutions' exposures.
- No requirement for full alignment with specific sustainability trajectories, but plans must consider transition risks and institutions' ESG product offerings, loan policies, and targets.
Suggested Considerations
- Map and integrate ESG risks into governance, risk management frameworks, and business strategies, proportionate to scale/risk exposure.
- Develop and document ESG risk management plans with quantifiable targets, milestones, timelines, and scenario analyses (broad requirements now; detailed later).
- Conduct assessments of ESG risks in portfolios, including sustainability products, transition finance, and loan origination policies, for SREP submission.
- Embed in internal processes per Articles 74, 76, 87a CRD: identify/measure ESG risks (minimum standards), monitor over time horizons, and report to CSSF.
- Review and update existing policies/systems for compliance by applicable dates; prepare for CSSF supervisory evaluation of plan robustness.
Key Dates
- Circular published by CSSF
- Application date for Less Significant Institutions (other than SNCIs)
- Application date for SNCIs (dependent on CRD transposition)
Compliance Impact
Urgency: High - With application starting 1 April 2026 (just over 2 months from publication), firms face immediate pressure to gap-analyze current ESG frameworks against EBA standards, especially for SREP integration and long-term risk planning. Non-compliance risks supervisory scrutiny, capital add-ons, or enforcement, as ESG is now a core prudential pillar amid EU sustainability push; smaller institutions get a head-start but must act swiftly given proportionality demands.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankAll Firms
Electronic transmission of documents to the CSSF
Circular CSSF 19/708 mandates the electronic transmission of specified documents to the CSSF via secure platforms like e-file or SOFiE, effective from February 1, 2019, replacing prior paper or other methods. This updated annex (as amended by Circular CSSF 21/790 and further revisions up to April 1, 2025) standardizes submissions for investment funds and related entities, reducing administrative burdens while ensuring document integrity and CSSF accessibility. Compliance professionals must monitor the dynamic annex list on the CSSF website to avoid nullified submissions.
What Changed
- - Mandatory Electronic-Only Submission: Documents listed in Annex I must be transmitted exclusively via e-file (http://www.e-file.lu) or SOFiE...
- Dynamic Annex Updates: The annex, published on the CSSF website, is regularly updated (e.g., latest noted April 1, 2025) and includes prospectuses, management regulations, annual reports, risk...
- Scope Expansion: Extends beyond UCIs to securitisation undertakings (2004 Law), pension funds (2005 Law), SICARs, and Luxembourg IFMs; repeals prior Circulars CSSF 09/423 and 08/371.
- Filer Responsibilities: Entities ensure documents match official final hard copies, handle content/format accuracy, and check annex updates regularly.
Suggested Considerations
- Register/access e-file or SOFiE platforms if not already (test/production environments available since February 2019).
- Consult and adhere to the latest Annex I for document list, nomenclatures, and formats (PDF with full functionality).
- Ensure submissions are final/official versions matching hard copies; use specified identifiers for UCIs/SIFs/SICARs.
- Implement processes for automatic/manual transmission (e.g., via updated sending services v4.9.0 or transmission module 6.6.0).
- Train staff on responsibilities and integrate into reporting workflows; reference CSSF FAQs for closing documents.
Key Dates
Publication date; of original Circular CSSF 19/708
Entry into force; Mandatory electronic transmission for listed documents; non-electronic submissions null and void
Amendment; by Circular CSSF 21/790
Latest annex update; noted
Regular checks required; Entities must monitor CSSF website for annex updates
Compliance Impact
Urgency: Low (for new implementations post-2019; medium for ongoing monitoring). This matters for operational efficiency and CSSF relations, as non-compliance risks rejected filings, delays (e.g., approvals under SFDR processes), or supervisory scrutiny, but long-standing rule (since 2019) with established platforms reduces immediate pressure. Firms must prioritize annex vigilance to avoid disruptions in routine reporting like annual reports or prospectuses.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerWealth ManagerInsurance Long Form Report – Practical rules concerning the self-assessment questionnaire to be submitted by investment firms – Mission and related reports of the réviseurs d’entreprises agréés (approved statutory auditors)
Broker DealerAll Firms
Update of Circular CSSF 24/853 on the Long Form Report (as amended by Circular CSSF 25/870) – Practical rules concerning the self-assessment questionnaire to be submitted by investment firms Mission and related reports of the réviseurs d’entreprises agréés (approved statutory auditors)
Circular CSSF 26/904 updates Circular CSSF 24/853 (as amended by Circular CSSF 25/870) by introducing a revised Long Form Report (LFR) for investment firms, featuring a digital self-assessment questionnaire (SAQ) and enhanced auditor reports focused on AML/CFT and risk management. This matters because it aligns reporting with CSSF's risk-based supervision under CSSF 4.0, reduces redundancies, applies proportionality based on business models, and mandates digital submission to improve efficiency and data analysis.
What Changed
- - Revised LFR Structure: Comprises four parts in a single digital document: (1) yearly SAQ completed by investment firms; (2) descriptive elements verified by approved statutory auditors (REAs); (3)...
- Digital Format: Completion and submission via CSSF's online portal, supporting CSSF 4.0 digital strategy for efficient processing.
- Proportionality and Scope: Applies individually to investment firms (no consolidated LFR if under CSSF consolidated supervision); focuses on incremental, relevant information tied to business models,...
- Enhanced AML/CFT Focus: Requires descriptions of commercial policy, ML/FT risk management, roles/responsibilities, branch/subsidiary/tied agent compliance; REA must assess adequacy of...
- REA Responsibilities: Verify/ensure adequacy of SAQ elements, assess descriptions, perform control procedures, and provide assessments on AML/CFT policy implementation across entities.
Suggested Considerations
- Investment Firms: Complete and submit the digital SAQ yearly via CSSF portal, providing descriptions of business model, ML/FT risks, commercial policy, monitoring, AML/CFT roles, and entity-level compliance; ensure data on fund transfers (e.g., missing payer/payee info) is included.
- REAs/Auditors: Verify SAQ adequacy, assess descriptions, perform corroborative controls, supplement with findings (e.g., AML/CFT audit declarations), independently assess ML/FT risks/organization, and integrate into single LFR document.
- General: Review existing processes for proportionality (focus on incremental info); update AML/CFT policies/documentation for branches/subsidiaries/tied agents; prepare for digital submission; document risk assessments thoroughly.
- Ongoing: Monitor compliance with related regs like Regulation (EU) 2023/1113 (effective 30 December 2024, per draft bill 8387).
Key Dates
- Applicability of revised LFR to all investment firms; submissions begin for this period onward on a yearly basis
- Yearly production required via CSSF portal; firms should align with existing annual reporting cycles for auditors (typically post-year-end)
Compliance Impact
Urgency: High - Applies immediately to FY ending 31 December 2024 reports, requiring swift updates to reporting processes, digital tools, and AML/CFT documentation amid CSSF's risk-based shift; non-compliance risks supervisory actions, as LFR directly informs CSSF oversight on key prudential/AML areas with no transition period specified.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerBroker DealerAll Firms
Survey on the amount of covered deposits held on 31 December 2025
Circular CSSF-CPDI 25/49 is a **mandatory quarterly reporting requirement** for Luxembourg credit institutions and postal financial service providers to submit data on covered deposits as of December 31, 2025. This survey directly feeds into the Single Resolution Fund's annual target level calculation and the Luxembourg deposit guarantee scheme's contribution assessments, making it essential for regulatory compliance and fund management.
What Changed
The circular explicitly states that no substantive changes have been made to the survey process compared to previous quarters. The only modifications are administrative: the reference date (December 31, 2025) and the submission deadline (January 30, 2026). The specifications for data collection, definitions of covered and eligible deposits, and reporting methodologies remain unchanged from prior circulars, particularly Circular CSSF-CPDI 16/02 as amended by Circular CSSF-CPDI 23/35.
Suggested Considerations
- *Calculate covered deposits as defined in Article 163 of the 2015 law, including balance and accrued interest (even if not yet due)
- *Report eligible deposits after applying exclusions under Article 172 of the 2015 law, including exclusions for financial institutions and life insurance products
- *Distinguish deposit types by reporting:
- Total eligible deposits (field 201)
- Eligible deposits in omnibus accounts, fiduciary accounts, trusts, sub-accounts, and segregated accounts (field 0226)
Key Dates
- Circular publication date
- Reference date for the survey
- Deadline for transmitting average covered deposits data to the Single Resolution Board
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankPayment Provider
Update of Circular CSSF 24/850 on the practical rules concerning the descriptive report and the self-assessment questionnaire to be submitted on an annual basis by support PFS, as well as the engagement of the réviseurs d’entreprises agréés (approved statutory auditors) of support PFS and practical rules concerning the management letter and the separate report to be drawn up on an annual basis.
Circular CSSF 25/903 updates Circular CSSF 24/850, refining practical rules for support Professional of the Financial Sector (support PFS) in Luxembourg regarding their annual descriptive report, self-assessment questionnaire, and the roles of approved statutory auditors (réviseurs d’entreprises agréés). It specifies requirements for auditors' engagement, management letters, and separate annual reports. This matters for support PFS as it enhances supervisory oversight, ensures consistent reporting quality, and strengthens internal controls, directly impacting compliance and audit processes amid CSSF's focus on robust PFS supervision.
What Changed
- - Updates to Descriptive Report and Self-Assessment Questionnaire: Refines content, format, and submission requirements for support PFS's annual submissions, emphasizing more detailed disclosures on...
- Auditor Engagement Rules: Introduces specific practical guidelines for approved statutory auditors, including mandatory scope of work, independence confirmations, and standardized procedures for...
- Management Letter and Separate Report: Establishes detailed rules for auditors to issue an annual management letter (addressing findings, recommendations, and remediation) and a separate report for...
- Enhanced Documentation and Evidence: Requires support PFS and auditors to provide verifiable evidence (e.g., checklists, testing samples) supporting self-assessments, with stricter CSSF validation...
Suggested Considerations
- *Review and Update Processes: Support PFS must map current reporting against new templates in CSSF 25/903 and revise internal procedures for descriptive reports and self-assessments.
- *Engage/Confirm Auditors: Select or confirm approved statutory auditors compliant with new engagement rules; execute updated engagement letters incorporating circular requirements by Q4 2025.
- *Implement Templates and Testing: Adopt CSSF-provided templates for reports, management letters, and separate reports; conduct sample-based testing of controls as specified.
- *Training and Governance: Train compliance/audit teams on changes; ensure board approval of self-assessments and auditor findings.
- *Submit on Time: Prepare and file all documents by 30 April deadlines, retaining evidence for CSSF inspections.
Key Dates
Submission Deadline; Support PFS must submit descriptive report, self-assessment questionnaire, management letter, and separate auditor report to CSSF by 30 April following the financial year-end (first applicable: 30 April 2026 for FY 2025)
Preparation Milestone; Auditors must be engaged and initial scoping completed by year-end 2025 for FY 2025 compliance
Effective Date; Applies to annual reporting cycles starting for financial year 2025 onwards
Compliance Impact
Urgency: High. This is high urgency for support PFS due to the impending 30 April 2026 deadline for FY 2025 submissions, with non-compliance risking supervisory fines, license reviews, or reputational damage under CSSF's PFS enforcement regime. It matters as it tightens audit accountability, potentially increasing costs (e.g., auditor fees) while reducing reporting errors—critical for smaller support entities with limited resources.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
All FirmsFintechPayment Provider
Repeal of Circular CSSF 19/731 regarding the documents to be submitted on an annual basis by credit institutions.
Circular CSSF 25/902 repeals Circular CSSF 19/731 (as amended by Circular CSSF 19/710), which previously detailed annual document submission requirements for credit institutions, shifting to a dynamic list published on the CSSF website. This matters because it streamlines compliance by centralizing and updating requirements online, reducing reliance on static circulars while maintaining submission obligations. Credit institutions must transition to the new process to avoid disruptions in prudential reporting.
What Changed
- - Repeal of prior circulars: Circular CSSF 19/731 and its amendment via Circular CSSF 19/710 are fully repealed, eliminating the fixed list of annual submission documents.
- Shift to website-based guidance: The updated list of required documents, affected entity categories, electronic submission channels, and deadlines is now published on the CSSF’s Prudential reporting...
- Ongoing obligations: The requirement to submit documents annually remains unchanged; only the reference source and potential content updates via the website are modified.
Suggested Considerations
- Review the CSSF Prudential reporting webpage (https://www.cssf.lu/en/prudential-reporting-credit-institutions/) and summary table (https://www.cssf.lu/en/Document/summary-of-documents-to-be-submitted-on-an-annual-basis/) to identify current document lists, categories, channels, and deadlines.
- Update internal reporting processes, templates, and workflows to reference the website instead of the repealed circular.
- Confirm ongoing annual submissions via specified electronic channels; test interactive table for applicability to the institution's profile.
- Archive references to Circular CSSF 19/731 in policies and train staff on the change.
Key Dates
- Original issuance of repealed Circular CSSF 19/731 (archived on 23 December 2025)
- Publication and effective date of Circular CSSF 25/902, repealing Circular CSSF 19/731; transition to website-based list begins
Compliance Impact
Urgency: Medium – The repeal does not alter core submission obligations but requires procedural updates to avoid non-compliance with potentially evolving lists under CRR3 alignments. It matters for operational efficiency, as failure to adapt could lead to missed deadlines or incorrect submissions, especially with website updates tied to EU regulations like Regulation (EU) 2024/1623 (CRR3, applicable from 1 January 2025). Institutions should prioritize review before the next annual cycle to ensure seamless reporting.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
Practical rules concerning the descriptive report and the self-assessment questionnaire to be submitted on an annual basis by support PFS.Engagement of the réviseurs d’entreprises agréés (approved statutory auditors) of support PFS and practical rules concerning the management letter and the separate report to be drawn up on an annual basis.
Circular CSSF 24/850, as amended by Circular CSSF 25/903, establishes practical rules for support Professional of the Financial Sector (support PFS) in Luxembourg to submit annual descriptive reports and self-assessment questionnaires, while also defining the roles of approved statutory auditors (réviseurs d’entreprises agréés) in issuing management letters and separate reports. This guidance standardizes supervisory reporting and audit processes to enhance oversight of support PFS, which provide essential back-office services to authorized PFS. It matters because non-compliance risks supervisory sanctions, reputational damage, and operational disruptions for entities reliant on support PFS structures.
What Changed
- - Standardized Reporting Templates: Introduces detailed formats and content requirements for the annual descriptive report and self-assessment questionnaire, covering governance, risk management,...
- Auditor Engagement Rules: Mandates approved statutory auditors to perform specific procedures, issue a management letter highlighting control weaknesses, and prepare a separate report confirming...
- Amendments via CSSF 25/903: Updates clarify submission procedures, expand self-assessment criteria (e.g., adding cybersecurity and outsourcing risk questions), and refine auditor independence...
- Frequency and Scope: Annual submissions required without exceptions; scope limited to support PFS (not primary PFS), emphasizing substance over form in service descriptions.
Suggested Considerations
- Annual Reporting Cycle:
1. By year-end, conduct internal self-assessment using the prescribed questionnaire template (available via CSSF portal).
- February to review submissions, test controls, and issue management letter (flagging deficiencies) plus separate compliance report.
- Governance Updates: Review and update internal policies on risk assessment, auditor selection, and remediation of management letter findings; ensure board oversight of submissions.
- Auditor Coordination: Verify auditor qualifications per CSSF register; implement any remediation plans from prior-year management letters before next cycle.
- Record-Keeping: Maintain 5-year audit trail of all supporting documentation for CSSF inspections.
Key Dates
- Effective date of original Circular CSSF 24/850
- Effective date of amendments in Circular CSSF 25/903, applicable to 2025 reporting cycle onwards
- Deadline for submission of descriptive report, self-assessment questionnaire, management letter, and separate auditor report to CSSF (first applicable for FY 2024 reporting due 31 March 2025)
- Support PFS must engage auditors and provide necessary data to enable timely report preparation
Compliance Impact
Urgency: High – This is a recurring annual obligation with a firm 31 March deadline, where delays trigger automatic CSSF notifications and potential fines (up to €250,000 per Law 1993). It matters for support PFS as it intensifies scrutiny on operational resilience in a post-SFI (2021) landscape, where CSSF prioritizes substance in delegated functions; failure risks de-authorization or client outflows. Early implementation of templates and auditor pipelines is essential to avoid first-year pitfalls.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankWealth ManagerAll Firms
relating to specialised investment funds, investment companies in risk capital and undertakings for collective investment subject to Part II of the Law of 17 December 2010
Circular CSSF 25/901 consolidates and modernizes the supervisory framework for Luxembourg specialised investment funds (SIFs), investment companies in risk capital (SICARs), and undertakings for collective investment subject to Part II of the Law of 17 December 2010 (Part II UCIs), including their sub-funds. It streamlines investment rules, diversification limits, borrowing, disclosures, and risk management while enhancing flexibility for sophisticated investors and formalizing prior informal guidance, reducing regulatory complexity without compromising investor protection.
What Changed
- - Diversification and investment limits: Introduces tailored percentage-based thresholds; for funds marketed to unsophisticated retail investors, limits remain at 25% per issuer/UCI/asset, raised to...
- SICAR-specific rules: Confirms risk capital investments (e.g., equity, mezzanine) must align with development objectives, exceed mere market risk, and deploy incoming cash into eligible assets;...
- Borrowing: For retail-exposed SIFs/Part II UCIs, investment borrowing capped at 70% of assets/commitments; no hard cap for sophisticated investor funds if disclosed, with SICARs limited to risk...
- Derivatives and techniques: Permits use if economically appropriate (e.g., risk/cost reduction), with risk-spreading via diversified underlyings/collateral; counterparty risk limited if...
- Disclosures: Mandates detailed sales document coverage of investment policy, risks, UCIs/vehicles (including supervision status, fees, risk-spreading), borrowing limits, subscription/redemption...
Suggested Considerations
- Review and update fund documents (e.g., sales documents, instruments of incorporation) to include mandated disclosures on investment strategy/limits, risks, UCIs/vehicles, borrowing, liquidity tools, and retail-specific warnings.
- Assess and document compliance with new/relaxed diversification, borrowing, and SICAR investment rules; apply for CSSF derogations where justified.
- Ensure risk-spreading in derivatives/collateral and deployment of SICAR cash into eligible assets; confirm look-through for intermediaries.
- For retail-marketed funds: Limit investments/UCIs to 25%, cap borrowing at 70%, add prominent risk warnings for illiquids/long-duration.
- Maintain robust governance/documentation to leverage flexibility; reference CSSF's Compilation for concepts.
Compliance Impact
Urgency: High – Formalizes prior informal guidance into binding rules with enhanced flexibility but stricter retail protections and disclosure mandates, requiring immediate document reviews/updates for non-compliant SIFs/SICARs/Part II UCIs to avoid supervisory scrutiny or authorization issues; critical for funds targeting private markets or retail.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge Fund
Revision and remodelling of the rules to which Luxembourg undertakings governed by the Law of 30 March 1988 on undertakings for collective investment (“UCI”) are subject
Circular IML 91/75, as amended up to CSSF Circular 25/901, consolidates and modernizes the supervisory framework for Luxembourg Part II UCIs, SIFs, and SICARs, refining rules on diversification, borrowing, risk-spreading, and disclosures while tailoring requirements to investor profiles. It matters because it streamlines fragmented regulations, enhances fund competitiveness, and formalizes CSSF expectations without mandating immediate changes for pre-existing funds, reducing compliance burdens while promoting transparency and flexibility. This update aligns administrative practices with market realities, repealing outdated circulars to eliminate ambiguity.
What Changed
- - Consolidation and Repeals: Repeals CSSF Circulars 02/80, 07/309, 06/241, and Chapters G and I of IML 91/75; renders CSSF 08/356 and Chapter H of IML 91/75 inapplicable to Part II UCIs.
- Flexible Diversification Rules: Introduces investor-category-based thresholds (e.g., stricter for retail, looser for sophisticated investors); allows CSSF derogations for SIFs/Part II UCIs with...
- Borrowing Limits: New limits for SIFs/Part II UCIs (e.g., 70% of net assets, excluding temporary borrowings tied to commitments); tailored by investor type.
- Enhanced Disclosures: Offering documents must detail investment policies, risks (especially private equity for retail), subscription/redemption processes, liquidity tools, gates, and amendment...
- SICAR Risk Capital: Modernizes definition to include equity, loans, bonds, mezzanine; clarifies direct/indirect investments with three cumulative elements (risk of total loss, no redemption rights,...
Suggested Considerations
- Review and update offering documents/prospectuses for enhanced transparency on risks, limits, borrowing, liquidity tools (e.g., gates, notice periods), redemption processes, and investor-specific warnings.
- Align fund documentation/terminology with CSSF Compilation of key concepts for consistency in filings and communications.
- Disclose ramp-up/wind-down periods, potential derogations, and life extensions clearly; seek CSSF approval for exemptions where justified.
- For SICARs: Ensure risk capital investments meet modernized criteria; apply look-through for limits.
- Assess portfolio compliance for new funds/compartments; leverage flexibility for sophisticated investors but maintain robust governance.
Compliance Impact
Urgency: Medium – Not critical as existing funds are grandfathered with no retroactive changes required, but high relevance for new launches or material updates post-19 Dec 2025. It matters for operational efficiency (streamlined rules reduce fragmentation) and investor protection (tailored risks/disclosures), potentially lowering long-term costs while mitigating supervisory scrutiny; failure to update docs could delay approvals or trigger CSSF queries.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundAll Firms
Rules applicable to undertakings for collective investment when they employ certain techniques and instruments relating to transferable securities and money market instruments
Circular CSSF 08/356, as amended by Circular CSSF 25/901, establishes detailed rules for Luxembourg undertakings for collective investment (UCIs), including UCITS and alternative investment funds (AIFs), on the use of techniques and instruments relating to transferable securities and money market instruments, such as securities lending, repo transactions, and over-the-counter (OTC) derivatives. It matters because it ensures investor protection, risk management, and market stability by imposing strict eligibility, collateral, and operational requirements, aligning Luxembourg funds with EU standards under UCITS and AIFMD directives. Compliance is critical for Luxembourg-domiciled funds engaging in these activities to avoid regulatory sanctions and operational disruptions.
What Changed
- The original Circular CSSF 08/356 (2008) transposed UCITS III requirements on eligible techniques like securities lending and repos.
- Expanded collateral rules: Collateral must now include sustainable assets meeting SFDR criteria, with daily marking-to-market and haircuts adjusted for liquidity and credit risk (Section 3).
- Counterparty exposure limits: Net exposure to a single OTC counterparty capped at 10% of net asset value (NAV), down from previous thresholds in some cases, with mandatory collateralization (Section...
- Operational safeguards: Mandatory use of triparty agents for repos, enhanced segregation of collateral, and annual stress testing disclosures (Section 5, as amended).
- Reporting enhancements: Quarterly reports to CSSF on transaction volumes, risks, and revenues from these activities (Annex 1, updated).
These align with ESMA guidelines (e.g., ESMA/2012/832 on OTC...
Suggested Considerations
- *Policy Review & Update: Revise fund prospectuses, KIIDs, and risk management policies to reflect amended limits (e.g., counterparty caps, ESG collateral) within 3 months of 01 January 2026.
- *Risk Management Systems: Implement or upgrade systems for daily collateral valuation, stress testing, and exposure monitoring; conduct gap analysis against Section 4 requirements.
- *Counterparty Due Diligence: Reassess OTC counterparties for eligibility (e.g., EMIR clearing thresholds); negotiate ISDA/CSA agreements with updated haircuts.
- *Operational Setup: Appoint triparty agents where required; ensure collateral segregation complies with Section 5.
- *Reporting & Disclosure: Prepare for new quarterly CSSF filings (template in Annex 1); disclose revenues/reinvestments from techniques in annual reports (Article 14 UCITS Law).
Key Dates
- Original Circular CSSF 08/356 effective date for UCITS III implementation
- Partial updates for UCITS IV alignment
- Extension to AIFs under AIFMD transposition
- Issuance of amending Circular CSSF 25/901
- Effective date for amendments (e.g., new collateral rules, reporting formats)
Compliance Impact
Urgency: High - Immediate relevance for funds actively using these techniques (common in fixed-income and equity strategies for yield enhancement). Non-compliance risks CSSF fines (up to 5% of NAV), temporary prohibitions on techniques, or fund suspension. With the 01 January 2026 effective date recently passed (as of current context), firms face heightened scrutiny in 2026 reporting cycles; proactive remediation avoids enforcement actions amid CSSF's focus on operational resilience.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerHedge FundWealth Manager
amending Circular CSSF 22/811.Authorisation and organisation of entities acting as UCI administrators.
Circular CSSF 25/900, issued on 16 December 2025, amends Circular CSSF 22/811 to clarify governance principles, authorisation requirements, and operational standards for UCI (Undertakings for Collective Investment) administrators in Luxembourg, while reforming annual reporting obligations. It matters because it strengthens supervisory oversight, aligns with DORA for ICT outsourcing, and simplifies reporting to enhance efficiency and compliance in the fund administration sector.
What Changed
- - Repeals Annex B of Circular CSSF 22/811 with immediate effect, replacing it with streamlined annual reporting via a core compliance-focused Self-Assessment Questionnaire (SAQ) that assesses...
- Introduces prior CSSF authorisation requirements for entities acting as UCI administrators, including a defined administrative procedure with application details in Annex A; authorisation remains...
- Clarifies scope for eligible entities (e.g., UCIs, IFMs, management companies under Luxembourg law) performing one or more of three UCI administration functions (defined in point 10); mandates...
- Aligns ICT outsourcing with DORA (effective January 2025) for in-scope UCIAs (credit institutions, investment fund managers, investment firms, certain support professionals), referencing Circular...
- Strengthens delegation rules (section 3.5): prior CSSF notification for critical/important tasks, ongoing monitoring by UCI/IFM, and remediation plans for shortcomings.
Suggested Considerations
- Assess eligibility and obtain prior CSSF authorisation via Annex A application (or notify substantial changes); ensure ongoing validity by monitoring operational model and delegations.
- Adapt internal processes for revised annual UCIA reporting (SAQ-focused, integrated where applicable); submit using CSSF website instructions starting for FY ending 31 Dec 2025.
- Review/update contracts with UCIs/IFMs to define roles, responsibilities, and oversight; implement delegation monitoring, remediation plans, and ICT compliance (DORA/Circular 25/882 or 20/750).
- For DORA-scope entities, align outsourcing arrangements with Circular CSSF 25/882.
Key Dates
- DORA entry into force, applying to ICT outsourcing for in-scope UCIAs
- Issuance date; repeal of Annex B of Circular CSSF 22/811 effective immediately
- New reporting framework (SAQ and updated modalities) applies to all financial years ending on or after this date
Compliance Impact
Urgency: High - Immediate repeal of prior reporting Annex requires prompt process updates; new framework applies to FY 2025 year-ends (just past as of Jan 2026), risking supervisory scrutiny or penalties for non-compliance; DORA alignment adds operational resilience pressure amid ongoing CSSF focus on fund admin governance.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerWealth ManagerBank
Authorisation and organisation of entities acting as UCI administrators
Circular CSSF 22/811, as amended by Circular CSSF 25/900, establishes CSSF requirements for the authorisation, governance, internal organisation, and oversight of entities acting as UCI (Undertakings for Collective Investment) administrators in Luxembourg. It matters because it standardises practices amid regulatory, technological, and market evolutions, ensuring robust controls, risk management, and supervision for fund administration activities critical to Luxembourg's fund industry.
What Changed
- - Authorisation Requirements: Prior CSSF authorisation is mandatory for appointment as UCI administrator, via full application under sectoral laws or a simplified administrative procedure;...
- Scope of UCI Administration: Defines three core functions—registrar, NAV calculation/accounting, and client communication—requiring only one designated service provider per function per UCI (or...
- Governance and Controls: Mandates sound governance principles, control frameworks, escalation processes for errors/incidents, adequate resources (human, ICT), business continuity, and compliance with...
- Delegation Rules: Delegation of tasks allowed but not of monitoring/oversight; requires written contracts, due diligence, and prior CSSF notification (3 months generally, 1 month for certain agents);...
- Contracts and Reporting: Written contracts between UCI administrator and UCI/IFM; annual activity reporting due 5 months after financial year-end, starting from financial years ending post-30 June...
Suggested Considerations
- Submit authorisation application to CSSF with Annex A information before commencing UCI administration; notify substantial changes and keep file updated.
- Establish/implement governance, controls, escalation processes, resource adequacy, ICT/business continuity per circular; ensure single provider per function.
- For delegations: Conduct due diligence, execute written contracts detailing roles/obligations, notify CSSF in advance, retain oversight without delegating monitoring.
- Conclude written contracts with UCI/IFM; submit annual UCIA activity reports.
- UCIs/IFMs: Supervise coordinators, ensure information exchange/cooperation with administrators.
Compliance Impact
Urgency: High – Non-compliance risks CSSF sanctions, as authorisation is prior and ongoing; critical for Luxembourg fund ecosystem given evolutions in tech/markets/DORA. Firms must act promptly if unauthorised or misaligned, especially with annual reporting since 2023 and DORA integration; impacts operational models, delegations, and reporting immediately for active administrators.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Asset ManagerBankAll Firms
Application of the Guidelines of the European Banking Authority on Acquisition, Development, and Construction (ADC) exposures to residential property under Article 126a of Regulation (EU) 575/2013 (EBA/GL/2025/03)
Circular CSSF 25/899 mandates the application of EBA Guidelines (EBA/GL/2025/03) on Acquisition, Development, and Construction (ADC) exposures to residential property under Article 126a of Regulation (EU) 575/2013 (CRR), specifying conditions for reducing the risk weight from 150% to 100% on qualifying exposures. This matters for Luxembourg credit institutions as it directly impacts capital requirements for real estate lending, promoting safer lending practices while aligning with Basel III standards via CRR3 implementation.
What Changed
- - Introduces precise definitions for CRR Article 126a(2) terms, enabling 100% risk weight (instead of 150%) for ADC exposures to residential property if conditions are met: at least 50% of total...
- Mandates "sound standards for lending and credit monitoring" alongside these criteria.
- Accounts for social housing/public not-for-profit lending specificities, with tailored rules for regulated entities serving long-term tenant housing.
- Replaces prior "particularly high-risk exposure" class with dedicated ADC class under CRR3.
Suggested Considerations
- Review and classify ADC exposures against EBA-defined criteria (e.g., contract thresholds, equity levels, monitoring standards) to determine eligibility for 100% risk weight.
- Update internal policies, risk assessment models, and credit approval processes to incorporate "sound lending standards" and EBA specifications, including social housing carve-outs.
- Recalculate capital requirements under standardized credit risk approach; report changes via CRR disclosures.
- Maintain documentation proving compliance (e.g., deposit proofs, equity valuations) for supervisory audits by CSSF.
- Institutions must "make every effort to comply" per EBA Regulation Article 16(3).
Key Dates
- EBA Guidelines (EBA/GL/2025/03) apply across EU (two months post-publication on 27 June 2025 in all official languages)
- CSSF Circular 25/899 published, requiring immediate compliance preparation for Luxembourg firms
Compliance Impact
Urgency: High – Firms with significant ADC portfolios face immediate capital relief opportunities (50bp risk weight reduction) but risk non-compliance penalties if processes aren't updated by early 2026, especially post-CRR3 rollout; misclassification could inflate capital needs amid ongoing Basel implementation.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
Fonds de garantie des dépôts Luxembourg (FGDL) – Method for calculating the ex-ante contributions pursuant to Article 182 of the Law of 18 December 2015 on the failure of credit institutions and of certain investment firms
Circular CSSF-CPDI 25/48, published on 13 November 2025, updates the methodology for calculating ex-ante contributions to the Fonds de garantie des dépôts Luxembourg (FGDL), Luxembourg's deposit guarantee scheme, by aligning risk adjustments with EBA Guidelines and introducing a zero floor for certain calculation components. This matters for Luxembourg credit institutions as it refines risk-sensitive contributions to meet DGSD target levels for two compartments (0.8% and an additional 0.8% of covered deposits), ensuring financial stability while promoting supervisory convergence across the EU.
What Changed
- - Risk Adjustment Updates (Annex 2): Increases weight of 'Return on assets' (ROA) risk indicator from 7.5% to 10%; decreases 'Deposit-size Risk' from 15% to 12.5%; adjusts sliding scale bounds for...
- Formula Component Floor (Annex 1): Introduces a zero floor for Component 1 (max(0, A_{j,k})), preventing negative values from offsetting Component 2; retains both components but ensures no...
- Contribution Calculation Refinements: Annual contributions per compartment use updated formulas (e.g., formula (1) with max operator); contribution rates are uniform per compartment but...
- Repeals Prior Circulars: Repeals CSSF-CPDI 23/34 (4 June 2020) and CSSF-CPDI 20/21 (as amended), replacing the 2020-reviewed method.
Suggested Considerations
- Review and update internal systems/models for contribution calculations to incorporate new risk weights, bounds (Table 2), zero floor for Component 1, and revised formulas in Annexes 1-2.
- Validate data reporting for risk indicators (e.g., ROA, LCR, NSFR, NPL) against adjusted sliding scales; ensure alignment with EBA Guidelines for simplicity and resource efficiency.
- Prepare for FGDL invoices reflecting compartment-specific rates; monitor covered deposits for surveys (e.g., per Circular 25/49).
- Conduct gap analysis against repealed circulars (20/21, 23/34); update policies for mergers, deposit changes, and gap fillings (Γ_λ).
Compliance Impact
Urgency: High – Institutions must promptly recalibrate risk models ahead of 2026 contributions to avoid miscalculations, penalties, or underfunding risks, as this directly impacts prudential contributions amid ongoing DGSD buildup to 2026; non-alignment with EBA could trigger CSSF scrutiny. Failure to adapt may increase costs for riskier profiles, emphasizing the shift to greater risk sensitivity.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
Fonds de garantie des dépôts Luxembourg (FGDL) – Method for calculating the ex-ante contributions pursuant to Article 182 of the Law of 18 December 2015 on the failure of credit institutions and of certain investment firms
Circular CSSF-CPDI 25/48 updates the methodology for calculating ex-ante annual contributions to the Fonds de garantie des dépôts Luxembourg (FGDL), Luxembourg's deposit guarantee scheme, specifically for the target levels in Articles 179 and 180 of the Law of 18 December 2015 on the failure of credit institutions and certain investment firms. This matters because it introduces a risk-adjusted contribution model aligned with EBA Guidelines, shifting from purely deposit-based calculations to ones incorporating institution-specific risk factors, potentially increasing contributions for higher-risk banks while promoting stability in the scheme's funding.
What Changed
- - Modified Contribution Formula: Replaces prior methods (e.g., from Circulars CSSF-CPDI 16/01, 17/06, 20/21) with a new structure: Component 1 proportional to covered deposits growth (Γ_{j,k}) at...
- Risk Adjustment Introduction: ARW is calculated using a weighted score (minimum 75% on EBA core categories, plus 12.5% deposit-size risk and 10% others) from indicators like leverage ratio (bounds...
- Merger/Transfer Handling: For failed/merged institutions, contributions are redistributed proportionally to receiving institutions' deposit increases, capped by their own required amounts; no...
- Floor and Alignment: Introduces max(0, A_{j,k}) floor to avoid negative components; ensures EBA compliance, simplicity, and risk sensitivity.
Suggested Considerations
- Data Reporting: Submit accurate covered deposits data (e.g., as of 31 Dec 2025 per Circular 25/49) and risk indicator metrics (leverage, LCR, NSFR, NPL, etc.) to FGDL/CSSF for ARW calculation; prepare for annual surveys like CPDI 25/45 (31 Mar 2025 snapshot).
- Internal Calculations: Model contributions using new formula C_{j,k} = ARW_{j,k} * max(0, max(A_{j,k}) + T_j D_{j-2,k}) * μ; forecast based on historical deposits (D_{j-2,k}) and growth.
- Risk Monitoring: Track and improve key metrics (e.g., reduce NPLs below 3%, maintain LCR/NSFR >100%) to minimize ARW >1; review merger impacts.
- Payment: Pay FGDL invoices reflecting uniform rates per compartment, risk-adjusted amounts.
- Systems Update: Adapt finance/compliance systems for new inputs; align with EBA risk guidelines (https://www.eba.europa.eu/regulation-and-policy/single-rulebook/interactive-single-rulebook/1085).
Key Dates
- Circular publication date by CSSF
- Reference date for covered deposits survey (per related Circular CSSF-CPDI 25/49)
- First application year for new methodology (contributions for year j=2026 based on j-1=2025 data; invoices issued by FGDL)
Compliance Impact
Urgency: High - Affects 2026 contributions directly, requiring immediate data readiness and modeling by Q1 2026; non-compliance risks penalties, inaccurate payments, or higher costs from poor risk scores. Matters for capital planning as riskier profiles face uplifts, emphasizing proactive risk management amid EU harmonization.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
Update of Circular CSSF 22/821 on the Long Form Report, as amended by Circulars CSSF 23/845 and CSSF 24/865
Circular CSSF 25/897 updates Circular CSSF 22/821 on the Long Form Report (LFR) for credit institutions, further aligning the self-assessment questionnaire (SAQ) with current supervisory priorities such as ML/FT risks and organizational aspects. This matters because it refines reporting to reduce redundancies, enhance transparency in REA assessments, and reflect evolving prudential focuses since prior amendments via Circulars CSSF 23/845 and 24/865, ensuring institutions' reports better support CSSF oversight.
What Changed
- - Introduces new modules in the revised SAQ to align with supervisory points of focus, building on prior expansions (e.g., credit/counterparty risk, liquidity risk, climate-related risks from CSSF...
- Emphasizes REA's independent assessment in the AML/CFT report, requiring exhaustive, transparent evaluations of ML/FT risks across institutions, branches, majority-owned subsidiaries abroad, and tied...
- REA must verify and amend descriptive elements provided by management for the Financial Instruments and Funds Report and AML/CFT report, including quantitative metrics like pending file ratios.
- Confirms the three-part LFR framework: institution-completed SAQ, REA's client assets protection report (per Article 7 of Grand-ducal Regulation of 30 May 2018), and REA's AML/CFT report; no Agreed...
- Enhances REA responsibilities for collateral arrangements and client fund protections under relevant laws.
Suggested Considerations
- Complete and submit revised SAQ annually, incorporating new modules on supervisory focuses like ML/FT risks and providing detailed data to REA.
- Authorized management: Supply accurate descriptive information to REA for reports, covering client protections, collateral, and AML/CFT procedures across group entities.
- REA: Independently assess and report on ML/FT risks and client assets with transparency, quantitative details, and verified management inputs; avoid imprecise language.
- Ensure AML/CFT report details methodologies (e.g., sampling techniques) and covers branches/subsidiaries/tied agents.
- Review prior LFR submissions against this update to align with suppressed redundancies and new emphases.
Key Dates
- Issuance date of Circular CSSF 25/897
end; - Annual submission deadline for SAQ to CSSF (unchanged from prior circulars)
end; - Submission deadline for REA Reports (Financial Instruments and Funds Report; AML/CFT Report)
end; - Aligned submission for REA management letter (per amendments in CSSF 23/845 to Circular 22/826)
Compliance Impact
Urgency: High - Institutions face immediate refinement needs for 2025 year-end reporting (e.g., SAQ due ~Q1 2026), with stricter REA scrutiny on AML/CFT transparency risking supervisory findings or enforcement if vague assessments persist; aligns with ongoing CSSF push for risk-focused oversight amid regulatory evolution.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
Long Form ReportPractical rules concerning the self-assessment questionnaire to be submitted by institutionsMission and related reports of the statutory auditors (réviseurs d’entreprises agréés)
**Circular CSSF 22/821** (as amended) fundamentally restructures how Luxembourg credit institutions report to the Commission de Surveillance du Secteur Financier (CSSF) by replacing the traditional Long Form Report with a digital **self-assessment questionnaire (SAQ)**, complemented by auditor-prepared reports. This shift represents a significant operational change that requires institutions to directly participate in prudential self-assessment while maintaining robust external audit oversight, making it essential for compliance and operational teams to understand new submission requirements and digital workflows.
What Changed
- The circular introduces a three-component reporting framework that fundamentally alters the compliance landscape:
- Self-Assessment Questionnaire (SAQ): A digital, annually-completed questionnaire that institutions must prepare directly, covering domains within CSSF and ECB prudential supervision competence
- Agreed Upon Procedures (AUP) Reports: Reports prepared by approved statutory auditors (réviseurs d'entreprises agréés) on specific compliance areas
- Separate REA Report on Financial Instruments Protection: A dedicated auditor assessment on safeguarding of client financial instruments
Scope of SAQ Coverage: The questionnaire addresses prudential...
Suggested Considerations
- *For Credit Institutions:
- *Establish SAQ Governance: Designate authorized management responsible for reviewing and electronically signing the SAQ before submission; ensure accuracy and true-and-fair representation of information
- *Data Preparation: Align SAQ responses with prudential reporting figures (FINREP/COREP/LAREX) under IFRS as of financial year closure
- *Digital System Access: Obtain access credentials to the CSSF digital solution and familiarize compliance teams with the platform interface and submission workflow
- *Module Completion: Complete all applicable SAQ modules as configured in the CSSF digital solution; note that module applicability and exemptions are institution-specific and recorded directly in the system
Key Dates
- Circular CSSF 22/821 issued
- Initial publication date (updated 15 November 2023)
- Circular enters into application
- SAQ becomes accessible through CSSF digital solution
- Deadline for SAQ submission to CSSF
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
Provisions relating to credit institutions and investment firms of EU origin established in Luxembourg by way of branches or exercising activities in Luxembourg by way of free provision of services
Circular CSSF 07/325, as amended by Circulars CSSF 21/765, CSSF 22/827, and most recently CSSF 25/898, establishes supervisory requirements for EU credit institutions and investment firms operating in Luxembourg via branches or free provision of services (FOPS). It matters for compliance professionals as it defines CSSF's host authority role, notification obligations, reporting, and enforcement powers, ensuring alignment with CRD and MiFID II while adapting to evolving EU rules.
What Changed
- - CSSF 21/765: Updated provisions following amendments to CSSF Regulation No 12-02, refining notification and operational requirements for branches and FOPS.
- CSSF 22/827: Further amendments to align with CRD and MiFID II changes, including enhanced notifications for programme alterations (e.g., one-month prior written notice for changes in operations,...
- CSSF 25/898: Latest update (noted in CSSF Newsletter No 298, November 2025), incorporating recent legal/regulatory developments, such as refined reporting via eDesk portal, AML/CFT compliance...
Suggested Considerations
- Notifications: Submit initial branch/FOPS notification to home authority (including operational programme); notify changes (e.g., services, locations) at least one month in advance to both home authority and CSSF.
- Reporting: Complete and sign SAQ (accurate, concise, true/fair view) via eDesk within six months post-year-end; provide REA-appraised AML/CFT and conduct reports, detailing branch procedures/controls.
- Supervision cooperation: Facilitate home/CSSF on-site inspections (with professional secrecy guarantees); ensure branch compliance with Luxembourg laws (e.g., LFS Article 46(2)).
- Ongoing: Maintain branch infrastructure, update for legal changes, and align with CSSF user guides for eDesk authentication.
Key Dates
- Notify CSSF and home authority in writing of programme changes (e.g., operations, services, additional places of business) per CRD Article 36(3) and MiFID II Article 35(10)
- Home state authority communicates notification file to CSSF for branch/FOPS establishment
end; - Submit electronically signed SAQ (via eDesk), annual AML/CFT and conduct of business report (per Circular CSSF 19/731, to be repealed by CSSF 25/902), reviewed by REA
Compliance Impact
Urgency: Medium - Matters due to recurring annual reporting (e.g., SAQ, AML/CFT within six months post-year-end) and prior notifications for changes, with CSSF enforcement powers (e.g., measures under LFS Article 46(2)) for non-compliance. Recent CSSF 25/898 update (Nov 2025) requires immediate review of processes for digital submissions, but no retroactive changes or hard deadlines post-2025; grandfathering for pre-existing setups reduces immediate pressure.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankBroker Dealer
Update of Circular CSSF 07/325 on Provisions relating to credit institutions and investment firms of EU origin established in Luxembourg by way of branches or exercising activities in Luxembourg by way of free provision of services, as amended by Circulars CSSF 21/765 and CSSF 22/827
Circular CSSF 25/898 updates Luxembourg's supervisory framework for EU-origin credit institutions and investment firms operating in Luxembourg through branches or free provision of services. This amendment enhances the self-assessment questionnaire (SAQ) used by the CSSF to align supervisory oversight with current regulatory priorities, particularly adding UCI administration as a new thematic module. The update reflects the CSSF's evolving supervisory focus and requires affected institutions to demonstrate compliance with expanded assessment criteria.
What Changed
- The circular introduces the following material modifications to Circular CSSF 07/325:
New Supervisory Module
- UCI administration has been added as a thematic module to the self-assessment questionnaire, reflecting increased regulatory attention to fund administration practices.
Enhanced Self-Assessment...
- Existing modules have been updated to better align with supervisory objectives and current regulatory priorities.
- The revised SAQ now captures a broader range of supervisory points of focus relevant to branch operations and cross-border service provision.
Scope Clarification
- The circular applies to credit institutions whose head office is in another EU Member State and to investment firms of EU origin established in Luxembourg by way of branches or exercising activities...
Suggested Considerations
- *Update Self-Assessment Processes
- Revise internal SAQ completion procedures to address the new UCI administration module
- Ensure all thematic modules reflect current supervisory expectations
- *Assess UCI Administration Compliance
- If the institution provides or is involved in UCI administration services, conduct a detailed assessment of compliance with CSSF expectations
Key Dates
- Circular CSSF 25/898 published by the CSSF
- Related modernization framework (Circular CSSF 25/901) entered into force for Part II UCIs, SIFs, and SICARs
- Institutions should align their SAQ responses and compliance documentation with the updated framework immediately upon publication
Compliance Impact
Urgency: HIGH
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
BankBroker DealerAsset Manager
Survey on the amount of covered deposits held on 30 September 2025
Circular CSSF-CPDI 25/47 mandates a regular survey by Luxembourg credit institutions on the amount of covered deposits as of **30 September 2025**, focusing on eligible and covered deposits under the Law of 18 December 2015 on deposit guarantee schemes. It matters because it ensures accurate reporting to the Conseil de protection des déposants et des investisseurs (CPDI) for FGDL (Fonds de garantie des dépôts Luxembourg) compliance, with detailed field-by-field instructions for complex accounts like omnibus and trusts.
What Changed
This circular updates prior guidance (notably CSSF-CPDI 16/02 as amended by CSSF-CPDI 23/35) by specifying the survey reference date of 30 September 2025 and providing granular reporting fields for eligible deposits (e.g., exclusions for financial institution-like structures and life insurance products), covered deposits capped at €100,000 per person, and breakdowns by natural/legal persons, including shares in omnibus accounts, fiduciaries, trusts, sub-accounts, and segregated accounts.
Suggested Considerations
- Collect data on total deposits (field 0100), apply exclusions per Article 172 (field 0201), calculate covered deposits up to €100,000 limit (field 0300), and break down by natural/legal persons, balance thresholds, and special accounts (fields 0210-0330).
- For omnibus/trust accounts, obtain and report shares of identifiable entitled persons, apportion by legal status of holder, and ensure fields like 0226 and 0255 reconcile.
- Designated management reviews/approves data; transmit accurately to CSSF/CPDI, respecting prior circulars (e.g., 16/02, 23/35).
- Exclude non-creditor accounts or those assimilated to financial institutions/life insurance.
Key Dates
- Reference date for snapshot of deposits, eligible deposits, and covered deposits
- Publication date of the circular by CSSF
Compliance Impact
Urgency: Medium – Past reference date (30 September 2025) as of January 2026 means non-reporting firms risk immediate FGDL non-compliance, fines, or supervisory action from CSSF, but this is a routine quarterly survey (see related Circular CSSF-CPDI 25/49 for December 2025). Matters for prudential reporting accuracy, especially amid EU deposit guarantee harmonization.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank
Single Resolution Fund – Information request by the Single Resolution Board for the calculation of the 2026 contribution according to Articles 4 and 14 of Commission Delegated Regulation (EU) 2015/63
Circular CSSF-CODERES 25/21, issued by the CSSF on 29 September 2025, mandates Luxembourg credit institutions to submit specific data via XBRL-formatted Data Reporting Forms (DRFs) to enable the Single Resolution Board (SRB) to calculate 2026 ex-ante contributions to the Single Resolution Fund (SRF) under Articles 4 and 14 of Commission Delegated Regulation (EU) 2015/63. This matters because non-compliance risks SRB using estimates, applying the highest risk multiplier, or penalties, ensuring the financial sector funds resolution costs without taxpayer burden.
What Changed
- - Introduces data collection for 2026 SRF contributions, conditional on SRB verifying SRF funds fall below 1% of covered deposits in the Banking Union by early 2026.
- Mandates XBRL submission of DRFs (except restatements up to 2022 in Excel); provides templates in Annexes 3a, 4, 5 (User Guide), and 7a/7b for additional assurances.
- Additional assurance requirements (e.g., auditor reports or Agreed-Upon Procedures - AUP) apply conditionally to ECB-supervised institutions unless under lump-sum payment; restatements require AUP by...
- References SRB's 2026 kick-off letter (Annex 1) and ECB-supervised list (Annex 6 as of 24 September 2025).
Suggested Considerations
- Download and complete DRF using Annexes (e.g., Annex 3a PDF, Annex 5 User Guide v1.4); submit in XBRL format by deadline.
- For ECB-supervised institutions: Provide additional assurances per Annex 7a/7b if SRB proceeds with collections; prepare restatement AUPs with auditor exceptions where applicable.
- Align internal systems with CSSF templates early; validate data to avoid SRB assumptions under Article 17(1) DR.
- Review Annex 1 (SRB kick-off letter), Annex 4 (2026 Guidance), and Annex 6 (ECB list).
Key Dates
- SRB decision deadline on whether to calculate/collect 2026 SRF contributions based on DRFs (triggers full additional assurance application)
- ECB-supervised institutions submit AUP or auditor reports on restatements to CSSF resolution department
- All institutions submit completed DRF in XBRL to CSSF; late/incomplete submissions lead to SRB estimates or highest risk multiplier
Compliance Impact
Urgency: High - The 16 January 2026 deadline is imminent (today is 25 January 2026), risking immediate SRB penalties like estimates or maximum risk multipliers if submissions are missed/inaccurate; affects capital planning as contributions directly impact prudential positions.
AI-generated analysis. May contain errors or omissions — verify with the
original CSSF source
before acting. Full disclaimer.
Bank