The CSSF's New Cloud Circular: Governance Is King
The long-awaited circular for financial institutions operating in Luxembourg and leveraging cloud services1 has been released by Luxembourg's financial authority, the CSSF.
The circular will change the landscape of cloud services in Luxembourg, as from now on cloud service providers (IaaS, SaaS, and PaaS) will not have to be regulated by the CSSF anymore, nor will their data have to be hosted in Luxembourg (as long as the client provides consent). The new directive additionally provides clear guidelines for organizations that are considering cloud services as part of their IT supply chain. The guidelines could be summarized as honoring one prime goal: stronger governance.
Both business and IT stakeholders should welcome these new clarifications on the key roles and responsibilities for the different actors of a cloud delivery model. For too long, cloud services have been contracted too easily by some organizations, without an appropriate governance framework, probably because cloud service was perceived as a commodity. But being a commodity doesn't mean that governance is not required. In the extreme, the absence of governance has led to "shadow IT" where business leaders contract directly with third parties, managing contracts and SLAs themselves, with unwanted consequences such as inconsistent support for end-users and security risks for the organization.
Cloud officers: key to risk management
The "cloud officer" is the new role that must be fulfilled either by the financial institution ("ESRC" in the parlance of the circular) or the resources operator (which is the external organization managing the cloud services if the ESRC doesn't manage them). The cloud officer's main responsibility is to have a clear picture, at all times, of the physical location of the organization's hosted data. He/she must also clearly define, together with selected cloud providers, the appropriate recovery process in case of disaster. This is to ensure continuity for the business entities relying on the cloud services.
The cloud officer will support the ERSC in the corporate risk management process by providing his/her views on all the risks (and corresponding mitigation) when migrating data and workload (applications) to the cloud. We talk here not only about the traditional risks linked to sub-contracting services to a third-party, such as financial and stability risks bound to the selected vendor, but also of geopolitical risks and of legal issues if the...
To continue reading
Request your trialSubscribers can access the reported version of this case.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see a list of all the cited cases and legislation of a document.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see a list of all the documents that have cited the case.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see the revised versions of legislation with amendments.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see any amendments made to the case.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see a visualisation of a case and its relationships to other cases. An alternative to lists of cases, the Precedent Map makes it easier to establish which ones may be of most relevance to your research and prioritise further reading. You also get a useful overview of how the case was received.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.
Subscribers are able to see the list of results connected to your document through the topics and citations Vincent found.
You can sign up for a trial and make the most of our service including these benefits.
Why Sign-up to vLex?
-
Over 100 Countries
Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
-
Thousands of Data Sources
Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
-
Find What You Need, Quickly
Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
-
Over 2 million registered users
Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.