🇱🇺 CSSF Guidance high

Circular CSSF 26/905

Published 20 January 2026 | Luxembourg

AI Analysis

Executive Summary

Circular CSSF 26/905 mandates the application of EBA Guidelines (EBA/GL/2025/01) on managing **ESG risks** for Luxembourg-supervised institutions, requiring integration of environmental, social, and governance risk identification, measurement, management, and monitoring into internal processes. This aligns with CRD amendments (Articles 74, 76, 87a) and emphasizes proportionality to institutions' business models, with plans including timelines, targets, and milestones toward EU climate goals like net-zero by 2050. It matters for compliance as it embeds ESG into prudential supervision, potentially impacting capital, risk frameworks, and supervisory reviews. #

What Changed

- Institutions must establish proportionate strategies, policies, processes, and systems for ESG risk management, covering short-, medium-, and long-term horizons, including transition and physical environmental risks. - Develop plans per Article 76(2) CRD with specific timelines, intermediate quantifiable targets, and milestones to address ESG financial risks, consistent with EU objectives (e.g., 55% GHG reduction by 2030, climate neutrality by 2050). - Incorporate ESG into internal governance, risk appetite, and supervisory review processes (SREP), with scenario analysis requirements (to be detailed in future EBA guidelines). - Applies minimum standards and methodologies for ESG risk identification, measurement, monitoring, and impact assessment on institutions' exposures. - No requireme

What You Need To Do

Map and integrate ESG risks into governance, risk management frameworks, and business strategies, proportionate to scale/risk exposure
Develop and document ESG risk management plans with quantifiable targets, milestones, timelines, and scenario analyses (broad requirements now; detailed later)
Conduct assessments of ESG risks in portfolios, including sustainability products, transition finance, and loan origination policies, for SREP submission
Embed in internal processes per Articles 74, 76, 87a CRD
Review and update existing policies/systems for compliance by applicable dates; prepare for CSSF supervisory evaluation of plan robustness
Institutions should reference the full PDF for detailed EBA requirements: https://www

Key Dates

20 January 2026 - Circular published by CSSF.

1 April 2026 - Application date for Less Significant Institutions (other than SNCIs).

11 January 2027 - Application date for SNCIs (dependent on CRD transposition).

Compliance Impact

Urgency: High - With application starting 1 April 2026 (just over 2 months from publication), firms face immediate pressure to gap-analyze current ESG frameworks against EBA standards, especially for SREP integration and long-term risk planning. Non-compliance risks supervisory scrutiny, capital add-ons, or enforcement, as ESG is now a core prudential pillar amid EU sustainability push; smaller in

Who is Affected

Less Significant InstitutionsSignificant Non-Complex Institutions (SNCIs)All CRD institutions under CSSF supervision (e.g., banks, credit institutions), as it implements EBA/GL/2025/01 referencing Directive 2013/36/EU.Excludes non-CRD entities like payment institutions or UCIs unless indirectly affected via group structures.

References

Summary

Application of the Guidelines of the European Banking Authority on the management of environmental, social and governance (ESG) risks (EBA/GL/2025/01)

Sectors

Banking & Credit

Topics

ESG / Sustainability Prudential / Capital Requirements Senior Managers / Governance

Relevant Firm Types

BankAll Firms

View Original on CSSF Back to Feed