The Administration module opens. Tabs are available in the e-file administrator module: (Figure 3).

Users tab	Groups tab	Certificates tab	Sending service tab	S3 keys tab
Create a new user Assign groups to a user Force password change Lock/ unlock user Delete user	User management at group level Add users to a group Assign a group to users Manage user profiles at group level	Order a new Luxtrust certificate Renew your Luxtrust certificate Activate Luxtrust certificate	Sending service user's management : Assign groups to the Sending Service user Subscribe the Sending Service user to alerts Sending service user's management - V2 : Sending service java-less version	S3 key management

Explanations

You can create as many as users' accounts you need. It is free of charge.

Click the Create a user button.

The Create a user window pops up. Complete the form as shown in the figure below and click the Create button.

Important note : You do not have to create a password for the user, an automatic mail will be sent to the new user to activate his account and create a password

The Create a user window closes and you return automatically to the Users List screen.

At the same time a confirmation window pops up on the top of the screen indicating that the user creation was successful.

Step 1:

Connect to e-file.lu with your e-file administrator login (adminXXX) and click the Administration module icon.

Step 2:

The Users List screen opens. Click the Edit button on the line of the account to be changed.

Step 3: Click the detail tab, then Edit button

Step 4: Change the e-mail then click Validate button

As an administrator, you can manage the permission for the sending service account too. See more information upon the sending service

See: How do I assign groups and profiles to users ?

In e-file, a group allows you to manage permissions for similar reports in terms of type, circulars, costs or technical constraints.

Instead of managing groups for a user, the Groups tab allows you to manage users for a given group.

If you think that the group you need is not available in your list, please ask us to check and/or add it.

Connect to e-file.lu with your e-file administrator login (adminXXX) and click the Administration module icon (Figure 21).

(Figure 21)

Example:

If you want to know the users to which the group Group FATCA has been assigned or if you want to add a new user to the group, please follow the instructions below.

Step 1:

Press the Groups button. The Groups list page opens. All groups assigned to your company are shown here (Figure 22).

(Figure 22)

Step 2:

Click the Edit groups icon in order to view all the users assigned to Groupe FATCA group (Figure 23).

(Figure 23)

The Group detail page opens. Here you can find detailed information on the Group FATCA (e.g. Status date, number of inactive users, number of locked users) (Figure 24).

(Figure 24)

Step 3:

Press the Users button (Figure 25)

(Figure 25)

The Group detail / Users page opens. All users assigned to the Group FATCA are listed here(Figure 26).

(Figure 26)

Step 4:

Press the Edit Users button (Figure 27)

(Figure 27)

The Users page opens in Edit mode (Figure 28)

(Figure 28)

The following actions can be done here:

1. ADD A USER. Select the user and his profile you want to add.

2. Change the Profile of the user

3. Delete the User

4. Once you have made your changes, press the VALDATE CHANGES button

The Users window closes and you return automatically to the Groups List screen.

At the same time a confirmation window pops up on the top of the screen indicating that the assignment was successful (Figure 29).

(Figure 29)

Example:

If a user has to send FATCA reportings to the authority, the e-file administrator must assign the group Rapport FATCA and the profile Manager to the user.

Step 1:

Open the User management screen in the Users tab and click the Edit icon of the user to whom you want assign groups and a specific profile (Figure 11).

(Figure 11)

Step 2:

The User details screen opens. Click the Groups button (Figure 12).

(Figure 12)

Step 3: The User details / Groups screen opens. Click the Edit button (Figure 13).

(Figure 13)

Step 4:

The User details / Groups screen opens in Edit mode (Figure 14).

Click the ADD A GROUP button , select the groups and profile you want to assign and click the Validate button.

(Figure 14)

The User details / Groups window closes and you return automatically to the Groups List screen.

At the same time a confirmation window pops up on the top of the screen indicating that the group assignment was successfully saved (Figure 15).

(Figure 15)

Please be informed that you can find detailed information on all groups on our Wikipage Product Coverage; column e-file user account: "groupe".

User profiles

Administrator (EN)/ Administrateur (FR)

The Administrator profile allows the e-file administrator to order and activate LuxTrust certificate(s), manage user accounts, groups, user profiles, lock and un lock user account.

Guest (EN) */ Visiteur (FR) *

• The Guest can consult the information or documents of his affected group(s).
  

• He can access the follow up tools and open the documents linked to the group(s).
  

• The Guest cannot submit reports or documents via e-file.

Manager (EN)/ Responsable (FR)

• The Manager can consult the information or documents of his affected group(s).
  

• He can access the follow up tools and open the documents linked to the group(s).
  

• The Manager can submit reports linked to his group(s) via e-file.

Operator (EN) */ Opérateur (FR) *

• The Operator can consult the information or documents of his affected group(s).

• He can access the follow up tools and open the documents linked to the group(s).

• The Operator submit reports linked to his group(s) to validation by a Validator.

Validator (EN) */ Valideur (FR) *

• The Validator can consult the information or documents of his affected group(s).

• He can access the follow up tools and open the documents linked to the group(s).

• He validates or rejects reports awaiting for validation linked to his group(s).

(*) Available depending the group

All reporting files transmitted to the supervisory authorities must be encrypted.

The only certificate authorised for the file encryption by the reporting entity are SSL certificates from the certification authority LUXTRUST.

Please check the system requirements to run the e-file applications.

Key and Certificate Request generation

Please be informed that during the next steps two files will be generated:

1- the keystore file keystore.ks containing your new keys

2- the certificate request file Certificate Request.csr containing a copy of your new keys. This file must be uploaded on LUXTRUST's website during your purchase order .

 Important note : the Luxtrust SSL certificate purchase order and its activation have to be performed on the same computer workstation.

Step 1:

Connect to e-file.lu with your e-file administrator credentials (adminXXX) and click the Administration module icon (Figure 30).

(Figure 30)

Step 2:

Click the Certificates button (Figure 31)

(Figure 31)

Step 3:

The Certificates Management screen opens. Click the CERTIFICATE REQUEST - ACTIVATION MENU link (Figure 32).

(Figure 32)

Result: A new screen opens displaying GENERATE CERTIFICATE KEYS - BEFORE LUXTRUST WEBSITE ORDER on the left side of the page

Step 4:

Configure your keystore (Figure 33).

(Figure 33)

a. Select the keystore import method

If you order the certificate for the very first time , select Create a new keystore file option and indicate a keystore name.

In the case you have to renew your certificate, you must select your curent keystore file by using the browse file or drag & drop feature to import it.

Important note : in both case, the new keystore will be generated in the configured download folder of your Web browser e.g.: C:\Users\xxx\Downloads

- File name: choose your keystore name, for example keystore.ks

- File type : .ks

b. Password

If you order the certificate for the very first time , you have to define a brand-new keystore password. A confirmation is required

In the case you have to renew your certificate, e.g. its validity date expired, you must use the keystore password that had been created when you ordered the certificate for the very first time.

  Important note : the keystore password has to be shared with all e-file users who have to transmit encrypted documents or decrypt feedback files received from the supervisory authorities. .

  Important note : if you loose your keystore password, you will have to generate a new key and order a new certificate. 

c. Certificate request name (.csr)

You have to define a name for the technical certificate request file required by Luxtrust, for example CertificateRequest.csr

 Important note : the certificate request will be generated in the configured download folder of your Web browser e.g.: C:\Users\xxx\Downloads.

- File name: CertificateRequest.csr

- File type : .csr

Step 5:

Verify the Company information. (Figure 34) :

(Figure 34)

The related fields will be pre-filled in with information we currently have in our system. Feel free to make changes if necessary.

Step 6:

Click the Generate keys button.

A window will pop up inviting you to download the Keystore file and Certificate Signing Request (Figure 35).

(Figure 35)

You must click on each of the Download buttons in order to activate the OK button.
Then click OK to clear the message window.

Both keystore and certificate request files will be generated in the configured download folder of your Web browser e.g.: C:\Users\xxx\Downloads

Important note : the updated keystore will be generated with a new name as follows: 
The name of the previous keystore + a timestamp displayed as yyyymm + onhold. 

Example: oldname : MyKeystore.ks / new name : MyKeystore_202212_onhold.ks 

Important note : we advise you to back up the keystore.ks and CertificateRequest files. 

Finalize your LUXTRUST purchase order

Before to start order in the Luxtrust website make sure that you have process the previous part (Key and Certificate Request generation).  

-Open the LUXTRUST easy SSL e-file website.

-Browse to SSL Certificate section and click the E-FILE icon

-Choose the period of validity of your certificate and click the ORDER E-FILE button.

-If you do not have a LUXTRUST easy SSL e-file account you have to get registered.

-Once registered, complete the whole order form, upload your CertificateRequest.csr file, accept the TERMS AND CONDITIONS and click the PLACE ORDER button.

-Shortly afterwards, you will receive an e-mail from LUXTRUST confirming your purchase order.

-Please follow all instructions provided in the e-mail and its PDF attachment (Send signed PDF by post with all required documents to the address indicated inside, process the payment etc.)

The certificate file will be sent to the e-mail address you provided in your purchase order.

The extension of this file will be .txt, in order to prevent your firewall from blocking the attached file.

Step 1:

Important note: save the file .txt on your computer workstation and replace the .txt extension by .cer   

Double-click the .cer file. You should be able to see your certificate as shown below (Figure 36):

(Figure 36)

Step 2:

 Important note : the Luxtrust SSL certificate ordering and its activation have to be performed on the same computer workstation.

Connect to e-file.lu with your e-file administrator credentials (adminXXX) and click the Administration module icon (Figure 37).

(Figure 37)

Step 3:

Click the Certificates button (Figure 38).

(Figure 38)

Step 4:

Click the CERTIFICATE ACTIVATION – AFTER RECEPTION OF LUXTRUST CERTIFICATE link (Figure 40).

(Figure 40)

Step 5:

Configure your keystore (Figure 41).

(Figure 41)

a. Select the Group you need to use (by default Principal)

b. Import the keystore that was generated at the same time as the Certificate Signing Request (from previous step )

c. Enter the keystore password

d. Import the certificate you received from Luxtrust

Step 6:

Click the ACTIVATE CERTIFICATE button.

A window will pop up and inform you that the activation has been done successfully.

Your keystore.ks is now updated. It contains your activated LUXTRUST certificate and your encryption keys.

Note: The display and the position of the pop up may differ regarding the Web browser you are using

Important note : the updated keystore will be generated in the configured download folder of your Web browser e.g.: C:\Users\xxx\Downloads.

Important note : the updated keystore will be generated with a new name : the name of the previous keystore + a timestamp displayed as yyyymm + completed.
Example: previous name : MyKeystore.ks / new name : MyKeystore_202212_completed.ks 

Important note : if you loose your keystore and/or its password,you will have to generate a new encryption key and order a new certificate. .

Manual file transmission

The activated keystore, containing your LUXTRUST certificate and your encryption keys must now be provided to the workstations of each e-file user.

Step 1:

Open the Transmission module

Step 2:

Automatic file transmission

In the case you are using the Sending Service for automatic file transmission, the activated keystore.ks must be provided as well.

For some reportings, the LUXTRUST e-file SSL certificate used by the reporting entity must be registered with the CSSF, before sending any files, according to the registration procedure described in the CSSF 23/833, naming convention part.

The LUXTRUST e-file SSL certificate must be registered with the CSSF for the below reportings:
(list extracted from Transport et sécurisation via les canaux de transmission externes)

• COREP/FINREP reporting
• ESP – Special enquiries
• SIC – SICAR reporting
• PFS – Reporting PFS and support PFS
• EDP – Payment institutions reporting
• EME – Electronic money institution
• SGO – Management companies reporting
• OPC – Fund XML reporting (O1.2)
• DOC – Non-structured electronic documents (circ. 19/731)
• OTH – Other
• OCB – Other reportings for CSSF and BCL
• AIF – AIFM and AIF reportings
• SUF – XBRL reportings for subfund-based structured products (IORP)
• O4.x – Edifact report

=> e-file User Guide: CSSF Certificate registration

The CSSF has updated its submission methods to allow AIFMs to file specific regulatory reports via the CSSF’s API from 2nd November. Please note, this is not the deadline to make the change, it is the point at which the new method is available to use.
FE Fundinfo are ready to support you through the transition. Your current setup in e-file will remain in place and only minor one-off changes are required from you to ensure the continuation of your existing functionality on e-file and future proof the communication method for all reporting and filing with the CSSF going forward.

Explanation in context of AIFMD reporting:
See our online webinar for more explanations : November 21st webinar in English and the related presentation

Webinaire en français

Explanation in context of UCITS Cross-Border notification:
See our online webinar for more explanations : December 12th webinar in English and the related presentation

This new system works via a bucket system.
There is one bucket for each filing context (i.e. Cross-border notification, AIFMD)
The CSSF imposes a technical size limit for filing per bucket on 30 rolling days.
Should you encounter any issue, feel free to contact us directly Client Support & Operations Desk we will liaise with the CSSF.

The below is a step-by step guide to appoint FE Fundinfo as a delegate within the CSSF’s eDesk platform, the easiest path to allow us to maintain our services.
Once the set-up is complete you can continue to use your familiar eFile interface and do not need to interact with eDesk as this will all be channelled within your existing workflows in eFile.

To perform the set-up in eFile you have two options:

• You as IT expert import the S3 keys on eFile

• Grant us with the IT expert role to perform such changes for you

To start the process please send us an email to cso.desk@fundsquare.net with both name and CSSF identification number of the entity you want we become IT Expert

== Onboarding workflow map ==

You can click on the picture.

Each e-file administrator account is linked to a single email at a time.

2 cases :

Either you have access to the account

then change the email of the administrator by using the administration module and update the administrator account's owner (name, firstname). The new administrator will just have to request a new password.

Or you do not have access to the administrator account or to the email of this account (in which case you can always use the "forgotten password" button on https://www.e-file.lu)

then for security reason you will have to follow this specific procedure:

Your request must be sent by email and paper mail.

The paper can be replaced by a fax to speed up the process => Fax sending to 28 370 491.

The request must be submitted on letterhead of your company and signed by a legal representative with the following information:

• Administrator's login adminXXX
• The current email address which is linked to the administrator
• The new email address to link to the administrator
• A brief explanation of the reason why you need to change it
• Send your email to cso.desk@fundsquare.net

Once Fundsquare has received and checked your request we will update your email and send you the procedure to update the password.

If you have further questions do not hesitate to contact our Client Support & Operations Desk.

(Figure 42)

The password you will have to provide must follow the rules below:

• At least one upper and one lower case letter
• At least one number
• At least one special character from this list: ! # $ % & ( ) * + , . /: ; < = > ? ^ _ @ { | } [ ] ~
• At least 8 characters and at most 20

Please note that :

The validity of your password is not limited in time.

Our system blocks the user after 3 incorrect attempts and it is the e-file administrator who has to unblock the account.

Passwords are encrypted in our database and we do not keep them. You may re-use them.

As an administrator, you will received all significant information regarding e-file changes, maintenance or enhancement through the e-mail address set up onto your account. You can also manage some alerts through e-file, see the notifications system.

Please be informed that you can receive alert by email triggered by specific events.

Example : Court orders sent by the Luxembourgish judicial police (=> CSSF - Circular 13/566)

If you want to be notified by email each time the Luxembourgish judicial police sends you court orders, you have to follow the steps below.

Step 1  : Connect to e-file with your user credentials : https://www.e-file.lu/e-file/

Step 2  : Select Update my profile

Step 3  : Verify that your email address registered in your e-file account is valid.

IMPORTANT : if your email address is not valid, please ask your e-file administrator to replace it by a valid one.

Step 4  : Select Customize your notifications.

Step 5  : Select group.

Step 6  : Select the Alert type.

IMPORTANT :

A green window will pop-up stating that the update has been saved.

Optional Step 7  : Receive only your alerts and not the group's ones.

Ticking also the group box, the sends from other users of the same reports group will be ignored.