CSSF Circular 25/880 on payment service user relationships and PSP ICT assessment.
CSSF expectations for PSP customer relationships and ICT self-assessment, in the wake of DORA.
Who is concerned?
This circular is broken down into 3 sections analysed one by one, each with the official text and Luxgap practical guidance for compliance in Luxembourg.Key obligations
CSSF expectations for PSP customer relationships and ICT self-assessment, in the wake of DORA.
Luxgap supports CSSF-supervised entities (banks, PFS, payment and e-money institutions, management companies, funds) in complying with this circular: gap analysis, policy and register updates, CSSF inspection readiness, articulation with the DORA Regulation and the NIS 2 framework where relevant.
Deadlines
See the official CSSF text for precise application dates. Most recent ICT circulars articulate with the DORA Regulation, applicable since 17 January 2025.
Sanctions for non-compliance
Non-compliance exposes entities to CSSF administrative sanctions: injunctions, pecuniary sanctions, restrictions or suspension of authorisation.
How Luxgap helps
CSSF expectations for PSP customer relationships and ICT self-assessment, in the wake of DORA.
Luxgap supports CSSF-supervised entities (banks, PFS, payment and e-money institutions, management companies, funds) in complying with this circular: gap analysis, policy and register updates, CSSF inspection readiness, articulation with the DORA Regulation and the NIS 2 framework where relevant.
Let's set up your CSSF compliance.
Configure a quote for a compliance audit on this circular. Reply within one business day.
Build my quote →