Progressive pensions, cross-border teleworking, DORA compliance: taken individually, these developments are manageable. Together, they are exposing a common issue across the insurance and pension industry: many operational systems were designed for a much simpler reality.
As regulations evolve and workforce models become more complex, insurers and pension providers are increasingly forced to bridge the gap through manual processes, workarounds and fragmented data management.
To explore how technology can help address these challenges, we spoke with Philippe Meyer, Head of Comarch Luxembourg.
The binary paradox at the heart of progressive pension
Article 584-8 of the Luxembourg Social Security Code introduced progressive pension as a pragmatic transition mechanism for employees approaching retirement. The logic here is straightforward: an employee reduces working hours, the employer continues contributing to the pension scheme, and the CNAP provides a compensatory allowance to bridge the income gap.
On paper, the model is coherent, but in practice, it exposes a structural limitation that most organizations have yet to address.
Several years after its introduction, progressive pension remains operationally difficult to manage at scale – not because the rules are unclear, but because the systems responsible for administering them were never designed to support this type of reality.
A model that systems cannot represent
At the core of the issue is a simple but critical constraint: classification. Most core platforms across Luxembourg's group insurance and pension administration market operate on a binary model: a member is either active or a claimant. These are mutually exclusive categories enforced at the level of database architecture, premium engines, and regulatory reporting modules alike. A member under Article 584-8 sits in both states simultaneously, drawing a contribution split that spans the employer's scheme and the CNAP allowance, with a specific 2.8% “assurance maladie en nature” deduction applied on the claimant’s side. No clean record exists for that condition in a system that recognizes only one state at a time.
The operational workaround: duplicating reality
Faced with this constraint, organizations have not redesigned their systems. They have adapted around them. The most common workaround is the creation of parallel member records – often referred to internally as “ghost IDs.”
A single individual is entered twice: one record remains active for contribution purposes; the other processes the CNAP allowance and related deductions. These records accumulate separately, reconcile to nothing automatically, and when the member eventually reaches full retirement, the administrator must manually reconstruct a single coherent history from two fragmented digital files. Tax reporting under Art. 111bis follows a similar pattern. Multiple fiches de retenue must be aligned manually, often outside the system, with limited traceability.
Progressive pension is not an isolated exception. It is a visible example of a wider pattern: when systems cannot represent regulatory reality, the gap is absorbed operationally.
The 34-day threshold: when location becomes a trigger
A parallel misalignment is emerging in the management of cross-border workers. Approximately 200,000 frontier workers commute daily into Luxembourg from neighboring countries, accounting for nearly half of total employment. The now well-established 34-day rule governs remote work for these employees. Once the threshold is exceeded, tax and social security obligations may shift to the worker’s country of residence. This shift is precise and has immediate implications.
Most platforms for managing employee benefits are based on the simpler assumption that the employer's location and the employee's work location are effectively the same. Consequently, they record details such as the member's employer, contract type, salary, and scheme participation. However, they do not track where the member is physically working on a specific day, how many days have accumulated in a particular jurisdiction, or when certain thresholds are nearing. Such data, if available, is stored in HR systems and time-tracking tools that lack a direct connection to the insurance or pension administration systems.
An employer with a cross-border worker exceeding the 34-day threshold without adjusting benefits risks misclassification in two jurisdictions. The insurer managing a Luxembourg-based social security contract also faces regulatory exposure when a worker's status subtly shifts. Neither party has an effective real-time system to detect border crossings or time spent abroad, as their current systems were not designed for this purpose. Remote working arrangements are now a common contractual feature for a large part of the Luxembourgish workforce. While a location-agnostic platform was suitable in 2005, by 2026 it becomes a business liability. The discrepancy grows between the system's knowledge and the regulatory requirements with each employment contract that standardizes cross-border arrangements.
DORA and the end of administrative shadow-IT
The regulatory environment is evolving accordingly. The Digital Operational Resilience Act (DORA), in force since January 2025, has shifted the regulatory question from whether an institution is compliant on paper to whether it can demonstrate, under examination, that its operations are resilient in practice.
This development uncovers a layer of operations that has gradually developed: manual processes constrained by system limitations. These include expanding spreadsheets, shared drives, manual calculation files, and email approval chains. For example, ghost ID files used for managing pension members and offline trackers to monitor remote days of frontier workers.
These files now play an essential role, acting as a bridge between official records and the information shared with regulators, auditors, and members. They are maintained by individuals, lack formal IT documentation, and are not incorporated into the business continuity or incident response plans mandated by DORA for insurers and administrators.
DORA's ICT risk governance framework mandates identifying, documenting, and testing the entire process chain that produces a regulated output. Using a manual spreadsheet for a critical calculation outside the core system's audit trail is not merely an administrative detail but a vulnerability within the resilience architecture. This type of gap is exactly what supervisory examinations aim to uncover. The staff managing this shadow layer do so out of necessity, not choice. When these employees change roles or leave, their institutional knowledge stored in those files is lost. The market has already experienced business continuity risks in various forms, though these incidents have not yet garnered the supervisory scrutiny they will eventually face.
The cost of “making it work”
Within operations teams, a familiar expression persists: “we make it work.” It reflects capability – but also constraint.
It describes a team managing, through effort and accumulated expertise, the gap between what the platform can do and what the business needs to do. In practice, it is a description of capacity entirely consumed by maintenance and unavailable for anything else.
The commercial impact isn't directly visible on a profit and loss statement. Instead, it shows up in unlaunched products and mandates allocated elsewhere. Cafeteria plans serve as a clear example. Luxembourgish employers have increasingly demanded flexible benefit options over recent years. For platforms built on outdated architecture, maintaining operations requires manual effort, making such products impractical: the operational team cannot support real-time member elections, dynamic premium adjustments, or large-scale individualized reporting.
As a result, inquiries about cafeteria plans are either declined or handled through highly manual processes, leading to a structurally negative margin from the start.
Green pensions represent a parallel opportunity cost. Employer demand for pension products with documented ESG allocation frameworks is no longer a niche interest. It is becoming a standard procurement criterion for larger employers reviewing their benefits arrangements. Delivering it requires the ability to report fund allocation at the member level and to produce documentation that satisfies both the member's and the employer's sustainability reporting obligations.
A platform that cannot produce clean member-level data for a progressive pension case under Article 584-8 cannot support this requirement without adding another manual layer to an already overloaded operation.
Existing clients tend to renew because switching costs are significant and the relationship compensates for platform limitations. However, this dynamic is temporary. In competitive tenders, the relationship isn't the focus; instead, the key concern is whether the platform can manage complex structures like a cafeteria plan, a cross-border ESG pension, and a progressive pension member without lengthy reconciliation processes. Business leaders involved recently are aware that the honest answer to this question is often no.
For business and technology leaders, the key question isn't whether current processes can be maintained, but whether they can be scaled. The model that makes it work today may be the same one that prevents the business from evolving tomorrow.
About Philippe Meyer
Philippe Meyer, Comarch Luxembourg
Philippe Meyer leads Comarch’s insurance operations in Luxembourg, focusing on developing solutions for life, health, and employee benefits. With extensive experience in the Luxembourg insurance market and its cross-border regulatory environment, he supports insurers in navigating digital transformation while maintaining operational stability and compliance.
About Comarch
Comarch is a leading European technology partner, providing platforms and software solutions to the banking, insurance, and wealth management sectors for over two decades.
Specializing in the progressive transformation of complex systems, the company deploys modular architectures based on open APIs. By integrating regulatory compliance by design, Comarch enables financial institutions to modernize their legacy infrastructures without risk of interruption, digitize the customer experience, and leverage data to become proactive players in their market.
For more information, please visit Comarch's website.