On July 10 2025, the EU Artificial Intelligence Office (the AI Office) issued the final version of the General Purpose AI Code of Practice (GPAI Code). The GPAI Code is a non-binding set of guidelines created by independent...more
The Digital Operational Resilience Act 2022/2554 (DORA) is a European regulation that will come into force on January 17, 2025.
The regulation aims to strengthen the digital operational resilience of the financial sector...more
12/20/2024
/ Bank Service Providers ,
Cryptoassets ,
Data Management ,
Digital Operational Resilience Act (DORA) ,
EU ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
Fund Managers ,
Insurance Industry ,
Payment Systems ,
Regulatory Agenda ,
Regulatory Requirements ,
Request For Information ,
Risk Management ,
Third-Party Service Provider
Today marked a ‘historic moment’ for the UPC, as Klaus Gabrinsky, the President of the UPC Court of Appeal, noted in his opening remarks: the first UPC Court of Appeal hearing, on 18 December 2023 in Luxembourg.
The case...more
A new requirement to inform individuals of the exact personal data to be shared with the Administration des Contributions Directes.
The Luxembourg law of 18 December 2015 on the automatic exchange of financial account...more
Last year, investment fund managers (IFMs) were caught by surprise with the immediate application of Circular 17/654 on IT outsourcing relying on a cloud computing infrastructure (the Cloud Circular), but every cloud has a...more
The Luxembourg data protection authority (CNPD) has published a list of processing activities triggering a mandatory data protection impact assessment (DPIA) following review by the European Data Protection Board (EDPB)....more
Just before summer recess, Luxembourg Parliament has adopted the law of 1 August 2018 which implements certain parts of the General Data Protection Regulation (GDPR) and repeals the former data protection law of 2 August...more