LexGo

Investment funds and financial institutions: CSSF FAQ on minimum IT security requirements for remote access
19/03/2020

On 17 March 2020, the CSSF issued an FAQ clarifying the recommended minimum IT security requirements for remote access implemented to meet the demands of the exceptional situation created by Covid-19 and issuing minimum recommendations with respect to:

high-privileged access: identification of user profiles with the highest risk levels (IT administrators, employees in charge of transactions/payments, etc.) and the implementation of proper security measures (strong authentication, access from a secure laptop, logging and review of sensitive actions);
secure communication: encryption of communication channels (e.g. use of VPN with AES-256, RSA-2048 encryption);
connection monitoring: controls to ensure, at least, that remote connections are consistent with recourse to teleworking (i.e. access during office hours, geofencing); 
the duration of remote access: remote access introduced due to the exceptional Covid-19 situation should be temporary and disabled once the exceptional circumstances have passed.

The CSSF is further “urging financial institutions under its prudential supervision to favour working from home as part of their business continuity plans. As already mentioned in the communication of 2 March, satisfactory IT security conditions should be guaranteed and no prior authorisation is needed for such work arrangements.

Related : Nautadutilh Avocats Luxembourg SĂ rl ( Mrs. Yoanna Stefanova ,  Mr. Luc Courtois )

[+ http://www.nautadutilh.com]

Mrs. Yoanna Stefanova Mrs. Yoanna Stefanova
Partner
yoanna.stefanova@nautadutilh.com
Mr. Luc Courtois Mr. Luc Courtois
Partner
Luc.Courtois@nautadutilh.com

All articles Financial law

Lastest articles Financial law

UCITS can no longer invest in loans
12/08/2020

The CSSF, Luxembourg’s supervisory authority for the financial sector, has announced that Luxembourg-domiciled UCITS...

Read more

New bill of law allowing for issuance of dematerialised securities issued on the blockchain with ...
11/08/2020

On 27 July, the Luxembourg parliament published a new bill of law n° 7637 (the “Bill of Law”) that will am...

New bill of law allowing for issuance of dematerialised securities issued on the blockchain with central account keepers Read more

Issuance of dematerialised securities using blockchain technology – New draft legislation publi...
31/07/2020

On 27 July 2020, the government has introduced a draft bill n°7637 in Parliament (the “Draft Bill”), ...

Read more

CSSF provides further guidance on money laundering indicators in the collective investment sector
28/07/2020

On 3 July 2020, the Luxembourg supervisory authority for the financial sector, the Commission de Surveillance du Sect...

CSSF provides further guidance on money laundering indicators in the collective investment sector Read more

Lastest articles by Mrs. Yoanna Stefanova

Luxembourg establishes a register of fiducies and trust
24/07/2020

The Act of 10 July 2020 ("the Act") transposes into Luxembourg law the last part of the fourth Anti-money Launde...

Read more

Luxembourg Brexit Laws: 15 September 2019 final deadline for UK based managers to notify the CSSF
22/08/2019

On 8 April 2019, Luxembourg adopted two laws ("Brexit Laws") on measures to be taken in relation to the financia...

Read more

The Luxembourg UBO Register: the end of the transition period is fast approaching (31 August 2019)
08/07/2019

The UBO Register Act, which entered into force on 1st March 2019, provides for a six-month transition period to submit inf...

Read more

The Luxembourg Bill Implementing Srd II as Regards the Encouragement of Long-Term Shareholder Eng...
10/05/2019

On 25 January 2019, Bill No 7402 (the "Bill") implementing Directive (EU) 2017/828 as regards the encouragement ...

Read more

Lastest articles by Mr. Luc Courtois

LexGO Network