File transport and data protection via external transmission channels (currently eFile and Sofie)

Information related to the transmission via eFile et Sofie of reportings required by CSSF in the context of its prudential supervision is available below.

Depending on the request or reporting concerned, external service providers make transmission platforms available.

The CSSF currently accepts reports transmitted through the following service providers:

All reporting files transmitted to the CSSF through the external transmission channels must be encrypted according to the standards defined in the related document of Circular CSSF 23/833 “Methods of transmitting reports via external channels”.

Before sending any files, the Luxtrust SSL certificate used by the reporting entity to generate its electronic signature must be registered with the CSSF according to the procedure described in that related document.

The CSSF certificates to be used to encrypt data are available below:

Please find below the technical requirements to comply with for transmitting reportings belonging to following categories.

All other reportings not listed below (MiFIR, CSDR, MMFR, SFTR, etc.) are subject to dedicated technical requirements available directly in regulations and related reportings pages.

• ESP – Special enquiries
• SIC – SICAR reporting
• PFS – Reporting PFS and support PFS
• EDP – Payment institutions reporting
• EME – Electronic money institution
• SGO – Management companies reporting
• OPC – Fund XML reporting
• DOC – Non-structured electronic documents
• OTH – Other
• OCB – Other reportings for CSSF and BCL
• SUF –XBRL reportings for subfund-based structured products

The file naming to comply with is detailed in the related naming convention.

There are two types of feedback files:

• acknowledgements of receipt (FBR)

All FBR files are in XML format and are instances of the same XML schema FileAcknowledge-v1.0. A file is considered to be properly received by the CSSF if the 4 operations performed at the reception of the file by the CSSF (file name verification, decryption, signature verification, etc.) correctly returned the status ‘A’ – Accepted. If one of those operations returns the status ‘R’ – Rejected, the file has not been properly received and the file must be sent a second time. The CSSF only generates FBR return files for its own reportings, as well as for entering EDIFACT files (including those of the BCL).

• applicative processing outputs from transmitted files (FDB)

The FDB file format depends on the type of reporting; a common format is not foreseen because of the differences between the types of reporting. Only a sub-set of the current reportings will return an FDB file. Details are provided in the naming convention above and in the CSSF circulars, notably those mentioned below.

Where another transmission channel must be used to transmit one of these reportings (e.g. specific enquiries- ESP), a dedicated circular will specify the applicable procedures.