Access the database
The CSSF assumes responsibility for:
Pending the adoption by the European Commission of international auditing standards by means of an EU Regulation, and in order to maintain the continuity of the standards framework applicable to the statutory audit activity in Luxembourg, the CSSF has adopted by means of CSSF Regulation No 22-01, the sections “Introduction”, “Objective”, “Definitions” and “Requirements”, of international auditing standards as established by the International Auditing and Assurance Standards Board (IAASB) in their clarified version and published in the International Federation of Accountants (IFAC) “Handbook of International Quality Control, Auditing, Review, Other Assurance, and Related Services Pronouncements – 2020 Edition”.
These standards have been supplemented by the provisions introduced by the audit directive and the EU regulation and by the provisions applicable to entities that are subject to the provisions of European Commission Delegated Regulation 2019/815 on the European Single Electronic Format (ESEF) in order to have a standard reference framework covering all the rules applicable in Luxembourg.
In the same perspective, the CSSF has adopted by the same CSSF Regulation No 22-01:
In the same way as the international auditing standards, these standards have been supplemented by the provisions of the directive and the EU regulation in order to have a standard framework containing all the rules applicable in Luxembourg.
The CSSF has adopted at the same time as CSSF Regulation No 22-01 by means of Circular CSSF 22/794:
These “Application and Other explanatory material” and “Appendix” have also been supplemented by the provisions introduced by the audit directive and the EU regulation and additional information on the involvement of the réviseur d’entreprises agréé (approved statutory auditor) on the financial statements in ESEF.
IT outsourcing for the storage of working documents poses a number of risks, including in particular the confidentiality of the data contained therein.
The working papers may be kept by a third party on the territory of Luxembourg and, possibly, outside the territory of Luxembourg, provided that the third party guarantees the application of the minimum requirements set out in paragraphs 34D-1(n) and 60R-1 of the Luxembourg supplement to ISQM 1 and that the conditions set out in section 3.3 of the Luxembourg supplement to ISQM 1 regarding the retention of the working papers of the réviseur d’entreprises agréé (approved statutory auditor) are complied with.
The prior approval of the CSSF is required when the réviseur d’entreprises agréé (approved statutory auditor) envisages the use of a cloud computing infrastructure. To this end, the dedicated form must be sent to the Public Oversight of the Audit Profession Department.