Read our insights

Since the introduction of the European Central Bank (ECB) supervisory expectations for Climate-related & Environmental Risks, now Climate and Nature (C&N), formalised in the ECB Guide of November 2020 and the 2025 press release, the materiality assessment has served as a foundational requirement for integrating C&N risks into institutions’ enterprise-wide risk management frameworks. Over the past years, this early regulatory push ensured that the methodology for assessing climate risk materiality became both familiar and widely embedded across institutions.

Published on 20 January 2026, CSSF Circular 26/905 introduces a major shift in how Less Significant Institutions (LSIs) in Luxembourg must organise, govern, and operationalise their approach to environmental, social and governance (ESG) risks. Yet despite its significance, the circular has so far received surprisingly little attention, an oversight that could leave institutions unprepared for a complex regulatory transition. This article highlights what the circular requires, why it matters, and why institutions should act now.

Grant Thornton Luxembourg February Data Protection Newsletter - On 23 February, 61 data protection authorities across the globe issued a Joint Statement on AI-Generated Imagery and the Protection of Privacy (the “Joint Statement”). Signatories include the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS), as well as national authorities from France, Germany, Belgium, Spain, Italy, and Switzerland.

Grant Thornton Luxembourg welcomes you to the January Data Protection Newsletter! As we begin 2026, we continue to share clear and practical insights on the latest developments in data protection, AI, and tech regulation, helping you stay informed and compliant in this ever-changing digital landscape.

As the 7 June 2026 deadline for transposing the EU Pay Transparency Directive (EUPTD) into national law approaches, some organisations may consider deferring action until national implementing measures are finalised. The European Commission has, however, dispelled any speculation about possible delays: no extension will be granted, and Member States are expected to meet the deadline. For employers in Luxembourg, the implication is clear - early and proactive preparation is not merely advisable; it is imperative.

Grant Thornton Luxembourg welcomes you to the December Data Protection Newsletter! This month, we highlight key developments in data protection, AI, and tech regulation, including the EDPB’s new Recommendations on eCommerce accounts, the EU Fundamental Right Agency (FRA) report on high-risk AI systems, the adoption of an AI ethics resolution by international Francophone data protection authorities, and CNIL fines for unlawful cookie practices.

AI is transforming the asset and wealth management industry, moving into investment decisions, compliance checks, and client engagement. This shift raises expectations for speed, accuracy, and personalisation. Learn more about the results of this new global AI research led by ThoughtLab.

Grant Thornton Luxembourg welcomes you to the November Data Protection Newsletter! This month, we highlight key developments in data protection, AI, and tech regulation, including updates on the European Commission GDPR and AI Act amendment proposal, a potential new GDPR adequacy decision, and important news for LinkedIn users regarding AI training. Whether you are managing compliance or simply aiming to stay safer and better informed online, this newsletter is for you. As always, our Data Protection Team is here to help. If you would like tailored advice or to discuss a specific issue, please contact us using the details at the end of this page.

Grant Thornton Luxembourg welcomes you to the October Data Protection Newsletter! Following the launch of our first issue in September, we continue our mission to provide you with a clear and practical overview of the latest developments in data protection, AI, and tech regulation, helping you stay informed and compliant in this ever-changing digital landscape. Whether you are a business navigating your compliance obligations or simply a citizen wanting to make your online life safer and more informed, this newsletter is for you. For more tailored advice or support, do not hesitate to reach out to our Data Protection Team using the details provided at the bottom of this page. We’ll be delighted to arrange an introductory meeting tailored to your needs.

Grant Thornton Luxembourg welcomes you to the first edition of its Data Protection Newsletter! Each month, we will bring you a clear and accessible overview of key developments in data protection, AI, and tech regulation helping you stay ahead in an ever-evolving digital landscape. Whether you are a business navigating your compliance obligations or simply a citizen wanting to make your online life safer and more informed, this newsletter is for you. For more tailored advice or support, do not hesitate to reach out to our Data Protection Team.

Announced as part of the Competitiveness Compass for the EU published 29 January, the European Commission has just published its proposals to simplify sustainability reporting, including the Corporate Sustainability Reporting Directive.

In a step toward streamlined sustainability reporting, the European Financial Reporting Advisory Group (EFRAG), in collaboration with Directorate-General for Environment (DG ENV) and Directorate-General for Financial Stability, Financial Services and Capital Markets Union (DG FISMA), has identified key synergies between the Eco-Management and Audit Scheme (EMAS) and the Corporate Sustainability Reporting Directive (CSRD).

Grant Thornton Luxembourg, in association with several Grant Thornton member firms in Europe are once again launching a study aimed at establishing an overview of the DPO function (Data Protection Officer) in the main countries of the European Union.

The Corporate Sustainability Due Diligence Directive (CSDDD) has been published in the Official Journal of the European Union, marking a major advancement in promoting sustainable business practices across Europe.

In a significant development for corporate responsibility, the Council of the European Union approved the Corporate Sustainability Due Diligence Directive on the 24th of May 2024, marking the culmination of its adoption process. This directive mandates large corporations to address the adverse impacts of their activities on human rights and the environment, backed by stringent penalties for any failure to comply. Significantly, this holistic framework does not just target the primary companies but also ensures that accountability is fostered through their subsidiaries and business associates across the entire value chain.

On 14 May 2024, the European Securities and Markets Authority (ESMA) issued its Final Report on Guidelines for funds' names, following its Public Statement on the matter released on 14 December 2023. These guidelines, applicable to various types of investment fund managers (IFMs), aim to clarify when the use of ESG or sustainability-related terms in fund names could be considered misleading. The Commission de Surveillance du Secteur Financier (CSSF) emphasizes that the Guidelines apply to IFMs overseeing UCITS or AIFs, regardless of their disclosure category under Articles 6, 8, or 9 of the Sustainable Finance Disclosure Regulation (SFDR). Therefore, IFMs are required to conduct a self-assessment to determine the relevance of the Guidelines to the products they manage and to ensure that fund names comply with these Guidelines.