Deadline for Compliance with Circular CSSF 24/847 Looms

Sabika Ishaq,
Magdalena Mihalcea
insight featured image

Time is Running Out!

As the deadline for compliance with Circular CSSF 24/847 on ICT-related incident reporting framework rapidly approaches, financial institutions are facing mounting pressure to ensure their systems are up to standard. With the 1st of April deadline just around the corner, it's imperative for organisations to act swiftly to avoid potential penalties and reputational damage.

One recent case highlights the severity of non-compliance. The Federal Financial Supervisory Authority (BaFin) recently imposed Deutsche Bank AG with a hefty administrative fine of 50,000 euros. The fine stemmed from BaFin's discovery that the bank had provided incorrect information regarding a significant IT security incident related to payment services in 2023. Furthermore, Deutsche Bank AG had failed to promptly notify BaFin of the incident, exacerbating the situation.

The Information Security team at Grant Thornton Luxembourg stands ready to assist financial institutions in navigating the intricacies of Circular CSSF 24/847 compliance. With our extensive experience and expertise in cybersecurity and regulatory compliance, we can provide tailored solutions to ensure organisations meet the deadline and safeguard their operations effectively. Grant Thornton Luxembourg's services encompass comprehensive assessments, gap analysis, policy development, and implementation of robust incident reporting frameworks.

Don't wait until it's too late – prioritise compliance today to safeguard your institution's future.



We value your satisfaction and are here to assist you. Should you require any support or have inquiries regarding the discussed topic, please do not hesitate to reach out to us. Our dedicated support team is ready to provide prompt and comprehensive assistance to ensure your concerns are addressed effectively. Feel free to contact us at your convenience, and we look forward to serving you with the highest level of support and expertise.

In any case of questions, please contact our Chief Information Security Officer Sabika Ishaq, or our Senior Information Security Manager, Magdalena Mihalcea.