News

Derisk Advisory regularly shares thought leadership and insights on ICT, cybersecurity risk management, and regulatory developments to support organizations across industries in enhancing resilience and compliance.

Article 1 through 6 of 13 total articles

  • DORA: From Project Mode to Day-to-Day Management

    This interview with our principal consultant, Laurent de la Vaissière, first appeared in the 39th edition of Andy à Luxembourg. We are grateful to Sylvain Aubry and the Association of Luxembourg Compliance Officers (ALCO) for this exchange, which we have translated below for our international readers.

    Jan 29, 2026

  • Navigating AI in Finance: Key Takeaways from BaFin's DORA Guidance

    Shortly before the holiday season, BaFin published new Guidance on the ICT risks associated with the use of Artificial Intelligence (AI). While explicitly non-binding, this document provides essential practical orientation for financial institutions and insurance companies on how to integrate AI technologies into the Digital Operational Resilience Act (DORA) framework.

    Jan 5, 2026

  • CSSF 25/900: Reporting update and DORA alignment

    The CSSF has published Circular CSSF 25/900, updating the annual reporting framework for UCI administrators (UCIAs) under Circular CSSF 22/811. The changes apply from 31 December 2025 and aim to simplify reporting while reflecting the EU framework on digital operational resilience.

    Dec 17, 2025

  • Tech & Cyber Resilience: Key Insights from the CSSF's 2024 Annual Report

    The Commission de Surveillance du Secteur Financier (CSSF) has published its Annual Report for 2024, offering a crucial overview of the challenges and priorities for Luxembourg's financial sector. In an environment marked by geopolitical uncertainty and rapid technological change, the report serves as an essential guide for navigating the regulatory landscape.

    Aug 28, 2025