
Outsourcing vs in-house: Who should build your CSSF SFDR JSON capability?
As Luxembourg-based asset managers navigate the mandate to submit SFDR Annex II and Annex V disclosures in JSON format to the CSSF, a critical decision arises: should this capability be developed in-house or outsourced to a RegTech provider? This blog examines the benefits and drawbacks of each approach, guiding you to a strategic choice that aligns with your organization's regulatory risk, data maturity, and resource availability.
As Luxembourg-based asset managers face the mandatory requirement to submit SFDR Annex II and Annex V disclosures in JSON format to the CSSF, one operational question rises to the top:
Should you build this JSON reporting capability in-house or outsource it to a RegTech provider?
This article weighs the pros and cons of internal development vs third-party solutions, helping you make a strategic decision aligned with your firm’s regulatory risk appetite, data maturity, and resource capacity.
What is required?
To submit SFDR JSON to the CSSF, you need to:
- Map ESG disclosures to a structured schema (Annex II / Annex V)
- Generate a compliant machine-readable JSON file
- Validate against the CSSF’s technical schema
- Submit through the CSSF eDesk portal, alongside a PDF
The complexity lies in the data structuring, transformation, validation, and maintenance of an evolving regulatory format.
Option 1: Build In-House
Advantages
Challenges
- High setup cost: Requires investment in engineering, QA, and regulatory expertise
- Schema maintenance: You must monitor and implement future changes to JSON formats
- Validation risk: Errors in internal tools can result in rejections or compliance breaches
- Limited scalability: Harder to scale quickly across hundreds of funds or jurisdictions
Option 2: Use a RegTech vendor
Advantages
Challenges
- Vendor lock-in: You may rely on third-party technology and roadmap
- Customisation limits: Some providers might be less flexible in integration with your internal ESG systems
- Data security risks: ESG data must be shared externally
Hybrid approaches are emerging
Some firms are adopting hybrid models, where:
- A vendor generates the JSON, but
- The middle office or compliance team retains control of validation, approval, and PDF/JSON alignment
This allows for speed and compliance support without giving up internal data oversight.
Conclusion: Match the model to your maturity
There’s no one-size-fits-all answer. The decision between outsourcing and building in-house depends on your:
- Volume of SFDR filings
- Internal system readiness
- ESG data control needs
- Regulatory response agility
For most asset managers, RegTech providers offer a quick and reliable route to SFDR JSON compliance — especially under tight timelines. However, firms with deep in-house capabilities may find long-term value in building an integrated, scalable solution that handles SFDR, CSRD, EET, and other regulatory formats under one roof.
Learn more how FE fundinfo can help.