Financial logo

EMEA | Financial services

CSSF (Luxembourg)

The Commission de Surveillance du Secteur Financier (“CSSF”) is responsible for supervision of the markets and ensuring the safety and soundness of the financial sector in Luxembourg. Through its circulars, the CSSF seeks to ensure that the financial sector in Luxembourg is operating in a protected and safe environment with an aim towards mitigating the risk of financial fraud.


CSSF Compliance Offerings

Learn more about the key laws, regulations, and guidelines prescribed by the CSSF.

Learn more about Circular 17/654 and how Google Cloud can help support your CSSF compliance efforts.

Circular 17/654 provides a regulatory framework for financial institutions on IT outsourcing to public cloud service providers. Circular 17/654 provides specific guidance on: management of outsourcing risks, business continuity, systems security, monitoring of activities, contractual clauses and the right to audit.

Google Cloud’s contracts for financial institutions in Luxembourg address the requirements in Circular 17/654. We have also created mappings to the guidelines for both Google Cloud and Google Workspace to assist you with understanding how we can support you with meeting the requirements and assess us as an outsourced service provider. Google Cloud is committed to addressing these requirements regardless of how financial institutions choose to use our services.

Learn more about Circular 22/806 and how Google Cloud can help support CSSF compliance efforts.

The CSSF published Circular CSSF 22/806 to implement the requirements of the EBA Guidelines on outsourcing arrangements. Circular 22/806 provides specific guidance on: the contractual phase, oversight of outsourced functions, exit plans, management of outsourcing risks and contractual clauses. 

Google Cloud’s contracts for financial institutions in Luxembourg address the requirements in Circular 22/806. We have also created mappings to the guidelines for both Google Cloud and Google Workspace to assist you with understanding how we can support you with meeting the requirements and assess us as an outsourced service provider. Google Cloud is committed to addressing these requirements regardless of how financial institutions choose to use our services.

ISO/IEC 27001

Learn more

ISO/IEC 27017

Learn more

ISO/IEC 27018

Learn more