On 25 August 2020, the CSSF published the following circular implementing the “EBA Guidelines on ICT and security risk management” issued on November 2019.
Circular CSSF 20/750 (only in French): Requirements regarding information and communication technology (ICT) and security risk management
We draw your attention on the fact that the circular extends the scope of the guidelines to all regulated entities under the LSF (Law of April 5, 1993) i.e. specialized PFS and support PFS included.
