XXXXXXXXXX EVROPSKÉ XXXXXXXXX XXXXX (XX) 2021/1758
xx xxx 21.&xxxx;xxxx 2021,
kterým xx xxxx xxxxxxxxxx XXX/2007/7 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (XXX/2021/43)
XXXXXXX XXXX XXXXXXXX XXXXXXXXX XXXXX,
x&xxxx;xxxxxxx xx Xxxxxxx o fungování Xxxxxxxx xxxx, a zejména xx xxxxx a čtvrtou xxxxxxx xx.&xxxx;127 odst. 2 xxxx xxxxxxx,
x&xxxx;xxxxxxx xx xxxxxx Xxxxxxxxxx xxxxxxx xxxxxxxxxxx xxxx x&xxxx;Xxxxxxxx centrální xxxxx, x&xxxx;xxxxxxx xx xxxxxx&xxxx;11.6 x&xxxx;xxxxxx 17, 22 x&xxxx;23 xxxxxx xxxxxxx,
xxxxxxxx x&xxxx;xxxxx xxxxxxx:
(1) |
Xxxx xxxxxxxxx změnila (1) xxx 20.&xxxx;xxxxxxxx 2021 obecné xxxxxx Xxxxxxxx centrální xxxxx XXX/2012/27&xxxx;(2) x&xxxx;xxxxx: x) xxxxxxxx, že xxxxxxxx TIPS XXX xxxxx x&xxxx;XXXXXX2 připojeni xxxxxxxxxxxxxxx xxxxxxxxxx xxxxxxx xxxxx xxxxxxxxxxxxxx Xxxxxxxxxxx (Xxxxxxxxxx Xxxxxx Xxxxxx Xxxxxxxxxxxxxx Gateway) od xxxxxxxxx 2021 a majitelé X2X DCA xxxxx x&xxxx;XXXXXX2 xxxxxxxxxxxxxxx xxxxxx xxxxxxx xxxxxxxxx xx xxxxxx 2022; x) xxxxxxxx x&xxxx;xxxxxxxx xxxxxxxx xxxxxxxx se xxxxxxxxxx xxxxxxxxx xx xxxxxxxxxx xxxxxxxxx xxxx XXXXXX2, xxx xx zajistilo, xx se xxxxxx XXXXXX2 xxxx dále xxxxxxx xxx, xxx xxx xxxxxxx xxxxx xxxxxxx x&xxxx;xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx; x) xxxxxx xxxxxxxxx, xxx xxxxxxxx xxxx PM, jejich xxxxxxx xxxxxxxxx x&xxxx;xxxxxxxxxxxxx xxxxxxxx xxxx BIC, xxxxx xxxxxxxxxxx k uplatňování xxxxxxx XXX Xxxx xxxxxxxx dohody x&xxxx;xxxxxxxxxx xxxxxxx pro okamžité xxxxxxxxxxxxx převody XXXX, xxxx a zůstali trvale xxxxxxxxxxx xx platformě XXXX xxxxxxxxxxxxxxx TIPS XXX, tak xxx xx xxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxx x&xxxx;xxxx Xxxx; d) zavést xxxxxxxxxxxxxxx, xxxxx jde x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx x&xxxx;XXXXXX2 xx xxxxxxxxxxxx xxxxxxxxxxx xxxx x&xxxx;xxxxxxxx systému XXXXXX, xxx xxxx xxxxxxxxx právní jistota, x&xxxx;x) xxxxxxxx a aktualizovat xxxxxxx xxxxx xxxxxxx xxxxxxxx zásad ECB/2012/27. |
(2) |
Jakmile xxxx zprovozněn projekt xxxxxxxxxxx X2-X2X, xxxx x&xxxx;xxxxx xxxxxx jistoty xxxxxx nezbytné xxxxxxxx xxxxxxxxxxxxxxx, pokud xxx x&xxxx;xxxxxxx převodu xxxxxxxx x&xxxx;xxxx účastníků x&xxxx;XXXXXX2-XXX xx odpovídající xxxxxxxxxxx xxxx. |
(3) |
Xxxxx xxxxxxxx xxxxx XXX/2012/27, které xxxx xxxx xx xxxxxxxx XXXXXX2-XXX, xx xxxxx xxxxxxxxx x&xxxx;xxxxxxxxxx Evropské xxxxxxxxx banky XXX/2007/7&xxxx;(3). |
(4) |
Xxxxxxxxxx XXX/2007/7 xx xxxxx xxxxx xxxxxxxxxxxxx xxxxxxxx xxxxxx, |
XXXXXXX TOTO ROZHODNUTÍ:
Xxxxxx&xxxx;1
Xxxxx
Xxxxxxx X, XX x&xxxx;XXX rozhodnutí ECB/2007/7 xx xxxx v souladu x&xxxx;xxxxxxxxx xxxxxx xxxxxxxxxx.
Xxxxxx&xxxx;2
Xxxxxxxxx xxxxxxxxxx
Xxxx rozhodnutí xxxxxxxx v platnost xxxxx xxxx po zveřejnění x&xxxx;Xxxxxxx xxxxxxxx Xxxxxxxx xxxx.
Xxxxxxx xx ode xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx odst. 1 písm. x) x&xxxx;xxxxxxxx 7 x&xxxx;9 xxxxxxx II xxxxxx xxxxxxxxxx, xxxxx xx xxxxxxx xxx xxx 13. června 2022.
Xx Frankfurtu nad Xxxxxxx xxx 21. září 2021.
Xxxxxxxxxxx XXX
Xxxxxxxxx XXXXXXX
(1)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx xxxxxxxxx xxxxx (EU) 2021/1759 xx xxx 20. července 2021, xxxxxxx xx xxxx xxxxxx xxxxxx XXX/2012/27 o transevropském xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx xxxxxxxxx xxxxxx v reálném xxxx (XXXXXX2) (XXX/2021/30) [(xxx xxxxxx 45 x&xxxx;xxxxx xxxxx Xxxxxxxx věstníku).
(2) Obecné xxxxxx Evropské xxxxxxxxx xxxxx XXX/2012/27 ze xxx 5.&xxxx;xxxxxxxx 2012 x&xxxx;xxxxxxxxxxxxxx expresním xxxxxxxxxxxxxxx xxxxxxx zúčtování xxxxxx x&xxxx;xxxxxxx čase (XXXXXX2) (Xx. věst. X&xxxx;30, 30.1.2013, x. 1).
(3)&xxxx;&xxxx;Xxxxxxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7 ze dne 24.&xxxx;xxxxxxxx 2007 o podmínkách XXXXXX2-XXX (Xx. xxxx. X&xxxx;237, 8.9.2007, x. 71).
PŘÍLOHA X
Xxxxxxx X&xxxx;xxxxxxxxxx XXX/2007/7 se xxxx xxxxx:
1. |
Xxxxxx&xxxx;1 xx mění xxxxx:
|
2. |
V článku 2 xxxxxx odstavci se xxxxxxxx xxxx xxxx, xxxxx xxx:
|
3. |
Xxxxxx&xxxx;3 xx xxxx xxxxx:
|
4. |
Xxxxxx&xxxx;5 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;5 Xxxxxx participants PM xxxxxxx xxxxxxx in XXXXXX2-XXX xxx xxxxxx xxxxxxxxxxxx xxx shall xxxxxx xxxx xxx xxxxxxxxxxxx xxx out xx Xxxxxxx&xxxx;8(1) xxx&xxxx;(2). Xxxx xxxxx have at xxxxx xxx PM xxxxxxx xxxx xxx XXX. XX xxxxxxx xxxxxxx xxxx xxxx xxxxxxx xx xxx XXX Xxxx xxxxxx xx xxxxxxx xxx XXXX Xxxxxxx Xxxxxx Xxxxxxxx Adherence Xxxxxxxxx xxxxx xx xxx xxxxx xxxxxx xxxxxxxxx xx the TIPS Xxxxxxxx xx all xxxxx, xxxxxx as x&xxxx;XXXX XXX xxxxxx xx as a reachable xxxxx via x&xxxx;XXXX XXX holder.“; |
5. |
Článek 22 se xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;22 Xxxxxxxx Requirements xxx Xxxxxxx Procedures 1. Participants xxxxx xxxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xx xxxxxxx xxxxx systems xxxx unauthorised xxxxxx xxx xxx. Participants xxxxx be exclusively xxxxxxxxxxx for the xxxxxxxx xxxxxxxxxx xx xxx xxxxxxxxxxxxxxx, integrity xxx xxxxxxxxxxxx of xxxxx systems. 2. Participants xxxxx xxxxxx xxx ECB xx xxx xxxxxxxx-xxxxxxx xxxxxxxxx xx their xxxxxxxxx xxxxxxxxxxxxxx xxx, xxxxx appropriate, xxxxxxxx-xxxxxxx xxxxxxxxx xxxx occur xx xxx technical xxxxxxxxxxxxxx xx xxx xxxxx xxxxx xxxxxxxxx. Xxx XXX xxx xxxxxxx xxxxxxx xxxxxxxxxxx xxxxx xxx incident xxx, if xxxxxxxxx, xxxxxxx xxxx xxx xxxxxxxxxxx xxxx xxxxxxxxxxx xxxxxxxx xx xxxxxxx x&xxxx;xxxxxxxxxx xx xxxx xx event. 3. The XXX xxx impose xxxxxxxxxx xxxxxxxx requirements, xx xxxxxxxxxx xxxx regard xx cybersecurity or xxx xxxxxxxxxx of xxxxx, xx xxx xxxxxxxxxxxx xxx/xx xx xxxxxxxxxxxx that xxx xxxxxxxxxx critical xx xxx XXX. 4.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx shall xxxxxxx xxx XXX xxxx: (x) xxxxxxxxx xxxxxx to their xxxxxxxxxxx xx adherence xx xxxxx xxxxxx xxxxxxx service provider’s xxxxxxxx xxxxxxxx requirements, xxx (xx) on xx xxxxxx xxxxx xxx XXXXXX2 self-certification xxxxxxxxx xx xxxxxxxxx xx the XXX’x xxxxxxx xx Xxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx assess xxx participant’s self-certification xxxxxxxxx(x) xx the xxxxxxxxxxxx xxxxx xx xxxxxxxxxx with xxxx xx xxx xxxxxxxxxxxx xxx xxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxxx. Xxxxx xxxxxxxxxxxx xxx listed in Xxxxxxxx XXX, which xx xxxxxxxx xx xxx xxxxx Appendices xxxxxx xx Xxxxxxx&xxxx;2(1), xxxxx xxxx xx xxxxxxxx xxxx xx xxxxx Conditions. 4b. The participant’s xxxxx of compliance xxxx xxx xxxxxxxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxx be xxxxxxxxxxx xx xxxxxxx, xx xxxxxxxxxx xxxxx xx xxxxxxxx: ‘full xxxxxxxxxx’; ‘xxxxx xxx-xxxxxxxxxx’; xx ‘xxxxx xxx-xxxxxxxxxx’. Xxx xxxxxxxxx xxxxxxxx xxxxx: xxxx xxxxxxxxxx xx xxxxxxx where xxxxxxxxxxxx satisfy 100% xx xxx xxxxxxxxxxxx; xxxxx xxx-xxxxxxxxxx xx xxxxx a participant satisfies xxxx than 100% xxx xx xxxxx 66% xx xxx xxxxxxxxxxxx xxx xxxxx xxx-xxxxxxxxxx where a participant xxxxxxxxx xxxx xxxx 66% of the xxxxxxxxxxxx. Xx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx a specific xxxxxxxxxxx is xxx xxxxxxxxxx xx xx, xx xxxxx be xxxxxxxxxx as compliant xxxx the xxxxxxxxxx xxxxxxxxxxx xxx xxx xxxxxxxx of xxx xxxxxxxxxxxxxx. A participant which xxxxx xx xxxxx ‘xxxx xxxxxxxxxx’ xxxxx xxxxxx xx xxxxxx xxxx xxxxxxxxxxxxx how xx xxxxxxx xx xxxxx xxxx compliance. Xxx XXX shall xxxxxx xxx relevant xxxxxxxxxxx xxxxxxxxxxx of xxx xxxxxx xx xxxx participant’s compliance. 4c. If xxx xxxxxxxxxxx refuses xx xxxxx xxxxxxxxx xxxxxx xx xxx xxxxxxxxxxx xx xxxxxxxxx xx xxxxx chosen XXXx xxxxxxxx xxxxxxxx xxxxxxxxxxxx or xxxx xxx xxxxxxx xxx XXXXXX2 self-certification xxx xxxxxxxxxxx’x xxxxx xx xxxxxxxxxx xxxxx xx xxxxxxxxxxx as ‘major xxx-xxxxxxxxxx’. 4x.&xxxx;&xxxx;&xxxx;Xxx ECB xxxxx xxxxxxxx compliance xx xxxxxxxxxxxx xx an xxxxxx xxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxx xxxxxx the xxxxxxxxx measures xx xxxxxxx xx participants xxxxx xxxxx xx xxxxxxxxxx xxx xxxxxxxx xx xxxxx xx xxxxx xxx-xxxxxxxxxx, in xxxxxxxxxx order xx xxxxxxxx:
|
6. |
X&xxxx;xxxxxx&xxxx;33 xx xxxxxxxx 1 nahrazuje tímto: „1. Participants xxxxx xx xxxxxx xx xx xxxxx xx, xxxxx comply xxxx, xxx xxxxx xx xxxx to xxxxxxxxxxx that compliance xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx xxxx xxx xxxxxxxxxxx xx xxxx relating xx xxxxxxxxxxx on data xxxxxxxxxx. Xxxx xxxxx xx deemed xx xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx obligations xx them xxxxxxxx xx legislation on xxxxxxxxxx of xxxxx xxxxxxxxxx xxx the xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx nuclear xxxxxxxxxx xxx the xxxxxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx systems, xx xxxxxxxxxx in xxxxx xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx any xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx XX xxxxxxxx. Participants xxxxx xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx xxx TARGET2 xxxxxxx xxxxxxx provider’s xxxx retrieval xxxxxx xxxxx to entering xxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx the XXXXXX2 network xxxxxxx xxxxxxxx.“; |
7. |
Xxxxxx xx xxxx xxxxxx&xxxx;39x, který zní: „Article 39a Transitional xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxx xxx XXXXXX xxxxxx xx xxxxxxxxxxx xxx TARGET2 has xxxxxx xxxxxxxxx, PM xxxxxxx balances shall xx xxxxxxxxxxx xx xxx xxxxxxx xxxxxx’x xxxxxxxxxxxxx xxxxxxxxx xxxxxxxx xx xxx XXXXXX xxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx xxxx XX account holders, xxxxxxxx Xxxxxxxxxxxx xxx xxxxxxxxxxx XXX xxxxxxx xxxxxxxx to xxx XXX Inst scheme xx reachable xx xxx XXXX Platform xxxxxxxx to Xxxxxxx&xxxx;5 xxxxx xxxxx xx xx 25 Xxxxxxxx 2022.“; |
8. |
X&xxxx;xxxxxxx X&xxxx;xx x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 nahrazuje xxxxxxx x) xxxxx:
|
9. |
X&xxxx;xxxxxxx XX se x&xxxx;xxxxxxxx 6 xxxxxxxxx xxxxxxx x) xxxxx:
|
10. |
Xxxxxxxx xx xxxx xxxxxxx XXX, xxxxx xxx: „Xxxxxxxx XXX Xxxxxxxxxxxx regarding xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx business xxxxxxxxxx xxxxxxxxxx Xxxxxxxxxxx xxxxxxxx xxxxxxxxxx Xxxxx xxxxxxxxxxxx xxx xxxxxxxxxx xx each xxxxxxxxxxx, xxxxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx a specific xxxxxxxxxxx xx xxx xxxxxxxxxx to it. Xx xxxxxxxxxxxx xxx xxxxx of xxxxxxxxxxx xx the xxxxxxxxxxxx xxxxxx xxx xxxxxxxxxxxxxx, xxx xxxxxxxxxxx xxxxxx xxxxxxxx the elements xxxx xxx xxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx (XXX). Xxxxxxxxxxxx, the PTC xxxxxx xx x&xxxx;Xxxxx xx Xxxxx (PoE), x.x. x&xxxx;xxxxxx involved xx xxx xxxxxxxx xx xxxxxxxxxxxx (x.x. xxxxxxxxxxxx, front-office xxx xxxx-xxxxxx xxxxxxxxxxxx, xxxxxxxxxx), xxx xxxx xx xxx xxxxxx xxxxxxxxxxx xx xxxx xxx xxxxxxx xx SWIFT (x.x. XXXXX XXX Xxx) xx Xxxxxxxx (xxxx xxx xxxxxx xxxxxxxxxx xx Xxxxxxxx-xxxxx Xxxxxx). Xxxxxxxxxxx 1.1: Xxxxxxxxxxx xxxxxxxx xxxxxx Xxx xxxxxxxxxx xxxxx set a clear xxxxxx xxxxxxxxx in xxxx xxxx xxxxxxxx xxxxxxxxxx and xxxxxxxxxxx xxxxxxx xxx xxx xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxx the xxxxxxxx, xxxxxxxx xxx xxxxxxxxxxx of xx xxxxxxxxxxx security policy xxxxxx at xxxxxxxx xxxxxxxxxxx xxxxxxxx and xxxxx xxxxxxxxxx across xxx xxxxxxxxxxxx xx xxxxx of identification, xxxxxxxxxx and xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxx cyber xxxxxxxxxx xxxxx. The xxxxxx xxxxxx contain xx xxxxx xxx xxxxxxxxx xxxxxxxx: xxxxxxxxxx, scope (xxxxxxxxx xxxxxxx such xx organisation, xxxxx xxxxxxxxx, xxxxx management xxx.), principles and xxxxxxxxxx xx responsibilities. Requirement 1.2: Xxxxxxxx organisation An xxxxxxxxxxx xxxxxxxx framework xxxxx xx xxxxxxxxxxx xx xxxxxxxxx xxx xxxxxxxxxxx security policy xxxxxx xxx xxxxxxxxxxxx. Xxx management xxxxx xxxxxxxxxx xxx review xxx xxxxxxxxxxxxx of xxx information security xxxxxxxxx to ensure xxx xxxxxxxxxxxxxx xx xxx xxxxxxxxxxx security xxxxxx (as xxx Xxxxxxxxxxx 1.1) xxxxxx xxx xxxxxxxxxxxx, xxxxxxxxx xxx xxxxxxxxxx xx xxxxxxxxxx xxxxxxxxx and xxxxxxxxxx xx xxxxxxxx xxxxxxxxxxxxxxxx for xxxx xxxxxxx. Xxxxxxxxxxx 1.3: Xxxxxxxx xxxxxxx Xxx security of xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxx information xxxxxxxxxx xxxxxxxxxx xxxxxx not xx reduced xx xxx introduction of, xxx/xx xxx dependence xx, xx xxxxxxxx xxxxx/xxxxxxx xx xxxxxxxx/xxxxxxxx xxxxxxxx by xxxx. Xxx xxxxxx xx xxx xxxxxxxxxxxx’x information xxxxxxxxxx facilities xx xxxxxxxx xxxxxxx shall xx controlled. Xxxx xxxxxxxx parties xx xxxxxxxx/xxxxxxxx of xxxxxxxx xxxxxxx are required xx access xxx xxxxxxxxxxxx’x xxxxxxxxxxx processing xxxxxxxxxx, x&xxxx;xxxx xxxxxxxxxx xxxxx be xxxxxxx xxx to xxxxxxxxx xxx xxxxxxxx implications xxx xxxxxxx requirements. Xxxxxxxx shall xx xxxxxx and xxxxxxx xx an xxxxxxxxx xxxx xxxx xxxxxxxx xxxxxxxx xxxxx. Xxxxxxxxxxx 1.4: Xxxxx management All xxxxxxxxxxx xxxxxx, xxx xxxxxxxx xxxxxxxxx and xxx xxxxxxxxxx xxxxxxxxxxx xxxxxxx, xxxx xx operating xxxxxxx, xxxxxxxxxxxxxxx, xxxxxxxx xxxxxxxxxxxx, xxx-xxx-xxxxx xxxxxxxx, xxxxxxxx and xxxx-xxxxxxxxx xxxxxxxxxxxx, in xxx xxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxxx xx xxxxxxxxx xxx and xxxx x&xxxx;xxxxxxxxx xxxxx. Xxx xxxxxxxxxxxxxx for xxx xxxxxxxxxxx and xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxx xxx xxxxxxx XX xxxxxxxxxx xx xxxxxxxxx xxx xxxxxxxxxxx xxxxxx xxxxx xx xxxxxxxx. Xxxx: the owner xxx delegate xxx xxxxxxxxxxxxxx xx xxxxxxxx xxxxxxxx as appropriate, xxx xxxxxxx xxxxxxxxxxx xxx the xxxxxx xxxxxxxxxx of xxx xxxxxx. Xxxxxxxxxxx 1.5: Xxxxxxxxxxx xxxxxx xxxxxxxxxxxxxx Xxxxxxxxxxx assets xxxxx xx classified xx xxxxx of xxxxx xxxxxxxxxxx to xxx smooth xxxxxxxx xx xxx xxxxxxx xx the xxxxxxxxxxx. Xxx xxxxxxxxxxxxxx xxxxx xxxxxxxx xxx need, xxxxxxxxxx xxx xxxxxx xx protection xxxxxxxx xxxx xxxxxxxx the xxxxxxxxxxx xxxxx xx xxx relevant xxxxxxxx xxxxxxxxx xxx xxxxx xxxx take into xxxxxxxxxxxxx the xxxxxxxxxx XX xxxxxxxxxx. Xx xxxxxxxxxxx xxxxx xxxxxxxxxxxxxx xxxxxx xxxxxxxx xx xxx xxxxxxxxxx xxxxx xx xxxx xx xxxxxx an appropriate xxx xx xxxxxxxxxx xxxxxxxx xxxxxxxxxx the xxxxxxxxxxx xxxxx lifecycle (xxxxxxxxx removal xxx xxxxxxxxxxx xx information xxxxxx) xxx to xxxxxxxxxxx the xxxx xxx xxxxxxxx handling xxxxxxxx. Xxxxxxxxxxx 1.6: Human xxxxxxxxx security Security xxxxxxxxxxxxxxxx xxxxx be addressed xxxxx to xxxxxxxxxx xx adequate xxx xxxxxxxxxxxx and xx xxxxx xxx xxxxxxxxxx xx employment. Xxx xxxxxxxxxx xxx xxxxxxxxxx, xxxxxxxxxxx xxx third xxxxx users xxxxx xx xxxxxxxxxx xxxxxxxx, xxxxxxxxxx xxx sensitive xxxx. Xxxxxxxxx, contractors xxx third xxxxx xxxxx xx xxxxxxxxxxx xxxxxxxxxx facilities xxxxx xxxx xx xxxxxxxxx xx xxxxx xxxxxxxx xxxxx xxx xxxxxxxxxxxxxxxx. Xx adequate xxxxx xx xxxxxxxxx xxxxx xx ensured xxxxx xxx employees, xxxxxxxxxxx xxx xxxxx party xxxxx, xxx education xxx xxxxxxxx xx xxxxxxxx xxxxxxxxxx and xxx xxxxxxx xxx xx information xxxxxxxxxx xxxxxxxxxx xxxxx xx xxxxxxxx to xxxx xx minimise xxxxxxxx xxxxxxxx xxxxx. X&xxxx;xxxxxx xxxxxxxxxxxx process xxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xxx xxxxxxxxx. Xxxxxxxxxxxxxxxx xxxxx xx xx xxxxx to ensure xxxx xx xxxxxxxx’x, xxxxxxxxxx’x or xxxxx xxxxx user’s exit xxxx xx transfer xxxxxx the organisation xx xxxxxxx, xxx xxxx xxx xxxxxx xx xxx equipment xxx xxx xxxxxxx xx xxx xxxxxx xxxxxx xxx xxxxxxxxx. Xxxxxxxxxxx 1.7: Physical xxx xxxxxxxxxxxxx security Critical xx xxxxxxxxx xxxxxxxxxxx processing xxxxxxxxxx xxxxx xx xxxxxx xx secure xxxxx, protected xx xxxxxxx xxxxxxxx perimeters, xxxx xxxxxxxxxxx xxxxxxxx xxxxxxxx and xxxxx xxxxxxxx. They xxxxx xx xxxxxxxxxx xxxxxxxxx xxxx unauthorised access, xxxxxx and interference. Xxxxxx xxxxx xx xxxxxxx xxxx to xxxxxxxxxxx who xxxx xxxxxx the scope xx Requirement 1.6. Xxxxxxxxxx xxx xxxxxxxxx xxxxx xx established xx xxxxxxx xxxxxxxx xxxxx containing information xxxxxx when in xxxxxxx. Xxxxxxxxx shall xx xxxxxxxxx xxxx xxxxxxxx xxx xxxxxxxxxxxxx xxxxxxx. Xxxxxxxxxx xx xxxxxxxxx (xxxxxxxxx equipment xxxx xxx-xxxx) xxx xxxxxxx xxx xxxxxxx xx xxxxxxxx is necessary xx xxxxxx xxx xxxx xx xxxxxxxxxxxx xxxxxx to xxxxxxxxxxx xxx xx xxxxx xxxxxxx loss xx xxxxxx of xxxxxxxxx xx xxxxxxxxxxx. Xxxxxxx xxxxxxxx xxx xx xxxxxxxx to xxxxxxx xxxxxxx xxxxxxxx xxxxxxx xxx to xxxxxxxxx xxxxxxxxxx xxxxxxxxxx such xx xxx electrical xxxxxx and xxxxxxx xxxxxxxxxxxxxx. Xxxxxxxxxxx 1.8: Xxxxxxxxxx xxxxxxxxxx Xxxxxxxxxxxxxxxx xxx procedures xxxxx be xxxxxxxxxxx xxx the management xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxx xxx the xxxxxxxxxx systems xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxx-xx-xxx. Xx xxxxxxx xxxxxxxxx xxxxxxxxxx, xxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxx xx XX xxxxxxx, xxxxxxxxxxx xx xxxxxx xxxxx xx xxxxxxxxxxx, where xxxxxxxxxxx, xx reduce xxx risk xx xxxxxxxxx or xxxxxxxxxx xxxxxx xxxxxx. Xxxxx xxxxxxxxxxx xx xxxxxx xxxxxx xx implemented xxx xx xxxxxxxxxx xxxxxxxxx reasons, compensatory xxxxxxxx xxxxx xx xxxxxxxxxxx xxxxxxxxx a formal xxxx xxxxxxxx. Xxxxxxxx xxxxx be xxxxxxxxxxx xx xxxxxxx xxx xxxxxx xxx xxxxxxxxxxxx xx malicious code xxx systems in xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx xxxxx xx also established (xxxxxxxxx user xxxxxxxxx) xx prevent, xxxxxx xxx xxxxxx xxxxxxxxx xxxx. Xxxxxx code xxxxx xx xxxx xxxx from xxxxxxx xxxxxxx (e.g. xxxxxx Xxxxxxxxx XXX xxxxxxxxxx xxx Xxxx Applets). Xxx xxxxxxxxxxxxx xx xxx xxxxxxx (x.x. xxx xxx xx xxxxxxxxxx and plugins) xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxx backup and xxxxxxxx xxxxxxxx shall xx xxxxxxxxxxx xx xxx management; xxxxx xxxxxxxx policies xxxxx xxxxxxx x&xxxx;xxxx xx xxx xxxxxxxxxxx xxxxxxx xxxxx xx xxxxxx xx regular intervals xx least xxxxxxxx. Xxxxxxx xxxx are xxxxxxxx xxx xxx xxxxxxxx xx xxxxxxxx shall xx monitored and xxxxxx relevant xx xxxxxxxxxxx xxxxxxxx shall xx recorded. Operator xxxx xxxxx xx xxxx xx xxxxxx xxxx xxxxxxxxxxx xxxxxx xxxxxxxx xxx identified. Xxxxxxxx logs shall xx regularly xxxxxxxx xx a sample xxxxx, xxxxx xx xxx xxxxxxxxxxx of the xxxxxxxxxx. System monitoring xxxxx xx xxxx xx check the xxxxxxxxxxxxx xx controls xxxxx xxx identified xx xxxxxxxx for xxx security xx xxxxxxxx xxx xx xxxxxx xxxxxxxxxx xx xx access xxxxxx xxxxx. Xxxxxxxxx xx xxxxxxxxxxx xxxxxxx xxxxxxxxxxxxx xxxxx xx based xx x&xxxx;xxxxxx xxxxxxxx xxxxxx, xxxxxxx xxx xx xxxx xxxx xxxxxxxx xxxxxxxxxx xxxxx xxx xxxxxxxx xxxxxxx xxx xxxxx xx compliant xxxx any relevant xxxxxxxxxxx. Xxxxx party xxxxxxxx xxxxxxxxxx xxxxxxxx xx the xxxxxxxx xx xxxxxxxxxxx xxxx XXXXXX2 (xxxx xxxxxxxx xxxxxxxx from x&xxxx;Xxxxxxx Xxxxxx xx xxxxxxxx 2 of xxx xxxxx xxxxxxx of xxx TARGET2 self-certification xxxxxxxxxxx xxxxxxxx) xxxx xx xxxx xxxxx x&xxxx;xxxxxx agreement xxxx xxx third xxxxx. Xxxxxxxxxxx 1.9: Access xxxxxxx Xxxxxx xx xxxxxxxxxxx xxxxxx xxxxx xx justified xx xxx xxxxx xx xxxxxxxx xxxxxxxxxxxx (xxxx-xx-xxxx&xxxx;(1)) xxx according xx xxx xxxxxxxxxxx xxxxxxxxx of corporate xxxxxxxx (xxxxxxxxx xxx xxxxxxxxxxx xxxxxxxx xxxxxx). Xxxxx access xxxxxxx xxxxx xxxxx xx xxxxxxx xxxxx on xxx principle of xxxxx xxxxxxxxx&xxxx;(2) xx xxxxxxx closely the xxxxx xx the xxxxxxxxxxxxx business xxx XX processes. Xxxxx xxxxxxxx (x.x. xxx xxxxxx xxxxxxxxxx) xxxxxxx xxxxxx control xxxxxx xx xxxxxxxxxx xxxx xxxxxxxx xxxxxx xxxxxxx xxxxxx there xxx xxxxxxxx xxxxxxxxxxxx xxxxxxxx xx xxxxx (e.g. xxxxxxxxxx, xxxxxxxx data xxxxxxxxxxxxx). Xxxxxx and xxxxxxxxxx xxxxxxxxxx shall be xx xxxxx to xxxxxxx xxx xxxxxxxxxx xx xxxxxx xxxxxx xx information xxxxxxx xxx xxxxxxxx xxxx xxxx within xxx xxxxx of xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxx procedures xxxxx xxxxx all xxxxxx xx xxx lifecycle xx xxxx xxxxxx, xxxx xxx initial xxxxxxxxxxxx of xxx xxxxx to the xxxxx xxxxxxxxxxxxxx xx xxxxx xxxx xx xxxxxx require xxxxxx. Xxxxxxx xxxxxxxxx xxxxx xx xxxxx, where xxxxxxxxxxx, xx the xxxxxxxxxx xx access xxxxxx xx xxxx criticality xxxx the abuse xx those access xxxxxx could xxxx xx x&xxxx;xxxxxx adverse xxxxxx on xxx xxxxxxxxxx of xxx xxxxxxxxxxx (x.x. xxxxxx xxxxxx xxxxxxxx system xxxxxxxxxxxxxx, override xx xxxxxx xxxxxxxx, direct xxxxxx xx xxxxxxxx xxxx). Xxxxxxxxxxx controls xxxxx xx xxx xx xxxxx xx identify, xxxxxxxxxxxx and authorise xxxxx xx specific xxxxxx in the xxxxxxxxxxxx’x xxxxxxx, x.x. xxx xxxxx and xxxxxx xxxxxx xx xxxxxxx xx xxx Xxxxxxx Transaction Chain. Xxxxxxxx xxxxxxxx xxxxx xxx be xxxxxx xx xxxxx xx xxxxxx accountability. For xxxxxxxxx, xxxxx xxxxx xx xxxxxxxxxxx and enforced xx xxxxxxxx xxxxxxxx xx xxxxxx xxxx xxxxxxxxx xxxxxx be xxxxxx xxxxxxx, x.x. xxxxxxxxxx xxxxx xxx xxxxxxx-xxxx validity. X&xxxx;xxxx xxxxxxxx recovery xxx/xx xxxxx protocol shall xx xxxxxxxxxxx. X&xxxx;xxxxxx xxxxx xx developed xxx xxxxxxxxxxx xx xxx xxx of cryptographic xxxxxxxx xx protect xxx xxxxxxxxxxxxxxx, xxxxxxxxxxxx xxx integrity xx xxxxxxxxxxx. A key management xxxxxx xxxxx xx xxxxxxxxxxx to xxxxxxx xxx xxx xx xxxxxxxxxxxxx controls. There xxxxx xx policy xxx xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx xx xxxxxx xx xx xxxxx (x.x. x&xxxx;xxxxx xxxxxx, x&xxxx;xxxxx xxxx xxxxxx) xx xxxxxx the xxxx xx xxxxxxxxxxxx xxxxxx. Xxxx xxxxxxx xxxxxxxx, xxx xxxxx xx xxxxxxx xx an unprotected xxxxxxxxxxx xxxxx xx xxxxxxxxxx xxx appropriate xxxxxxxxx xxx xxxxxxxxxxxxxx xxxxxxxx shall xx xxxxxxx. Xxxxxxxxxxx 1.10: Information xxxxxxx xxxxxxxxxxx, xxxxxxxxxxx xxx maintenance Security requirements xxxxx be xxxxxxxxxx xxx xxxxxx xxxxx xx xxx xxxxxxxxxxx xxx/xx implementation of xxxxxxxxxxx systems. Appropriate xxxxxxxx xxxxx be xxxxx xxxx xxxxxxxxxxxx, xxxxxxxxx xxxx-xxxxxxxxx xxxxxxxxxxxx, to xxxxxx correct processing. Xxxxx controls shall xxxxxxx xxx validation xx input xxxx, xxxxxxxx xxxxxxxxxx xxx xxxxxx xxxx. Xxxxxxxxxx xxxxxxxx xxx xx xxxxxxxx xxx xxxxxxx xxxx process, xx xxxx xx xxxxxx xx, xxxxxxxxx, xxxxxxxx xx xxxxxxxx xxxxxxxxxxx. Xxxx controls xxxxx xx determined xx xxx xxxxx of xxxxxxxx xxxxxxxxxxxx xxx xxxx xxxxxxxxxx xxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxx (x.x. xxxxxxxxxxx xxxxxxxx xxxxxx, xxxxxxxxxxxxx xxxxxxx policy). The xxxxxxxxxxx xxxxxxxxxxxx xx xxx xxxxxxx xxxxx xx xxxxxxxxxxx, documented xxx xxxxxx prior xx xxxxx xxxxxxxxxx xxx xxx. As xxxxxxx xxxxxxx xxxxxxxx, xxxxxxxxxxx xxxxxxxx, including xxxxxxxxxxxx xxx secure management, xxxxxx xx implemented xxxxx xx the xxxxxxxxxxx xx data xxxxx xxx the xxxxx xx risk xx the xxxxxxx xxxxx in xxx xxxxxxxxxxxx. There xxxxx xx xxxxxxxx xxxxxxxx xx protect xxxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxxxxx xxxxxxxx. Xxxxxx to xxxxxx xxxxx xxx xxxxxxx xxxxxx xxxx xxxxx xx controlled xxx XX xxxxxxxx xxx xxxxxxx xxxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxx xxxxxx. Xxxx xxxxx xx xxxxx xx xxxxx xxxxxxxx xx xxxxxxxxx data xx xxxx xxxxxxxxxxxx. Xxxxxxx xxx xxxxxxx environments xxxxx be xxxxxxxx xxxxxxxxxx. Xxxxxxxxxx of xxxxxxx in xxxxxxxxxx xxxxx xx xxxxxxxx xxxxxxxxxx. A risk assessment xx xxx major xxxxxxx to be xxxxxxxx xx production xxxxx xx xxxxxxxxx. Xxxxxxx xxxxxxxx xxxxxxx activities xx xxxxxxx xx xxxxxxxxxx shall also xx xxxxxxxxx according xx a predefined xxxx xxxxx xx xxx xxxxxxx xx x&xxxx;xxxx xxxxxxxxxx, xxx xxxxxxxx xxxxxxx shall xxxxxxx, xx xxxxx, vulnerability xxxxxxxxxxx. Xxx xx xxx xxxxxxxxxxxx highlighted xxxxxx xxx xxxxxxxx xxxxxxx xxxxxxxxxx xxxxx xx assessed and xxxxxx xxxxx to xxxxx any xxxxxxxxxx xxx shall be xxxxxxxx xxx followed xx in a timely xxxxxxx. Xxxxxxxxxxx 1.11: Information xxxxxxxx xx xxxxxxxx&xxxx;(3) xxxxxxxxxxxxx Xx xxxxxx xxxxxxxxxx xx the xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx systems xxxx xxx accessible xx suppliers, information xxxxxxxx requirements xxx xxxxxxxxxx the risks xxxxxxxxxx xxxx xxxxxxxx’x xxxxxx xxxxx xx xxxxxxxxxx and xxxxxxxx xxxxxx xxxx xxxx xxx xxxxxxxx. Xxxxxxxxxxx 1.12: Xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx incidents and xxxxxxxxxxxx Xx xxxxxx a consistent xxx effective approach xx the xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxxxx, xxxxxxxxx xxxxxxxxxxxxx xx security events xxx weaknesses, xxxxx, xxxxxxxxxxxxxxxx xxx xxxxxxxxxx, xx business xxx xxxxxxxxx xxxxx, xxxxx xx xxxxxxxxxxx xxx xxxxxx xx xxxxxx x&xxxx;xxxxx, xxxxxxxxx xxx xxxxxxx and xxxxxx xxxxxxx xxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxx xx x&xxxx;xxxxx-xxxxxxx xxxxx (x.x. x&xxxx;xxxxx xxxxxxx xx xx external xxxxxxxx xx xx an xxxxxxx). Xxxxxxxxx xxxxxxxx xx xxxxx procedures xxxxx xx xxxxxxxxxx xxxxxxx. Xxxxxxxxxxx 1.13: Xxxxxxxxx xxxxxxxxxx xxxxxx X&xxxx;xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx xxxxxxx (x.x. xxxx xxxxxx xxxxxxx, xxxxxxxx xxxxxxxx and xxxxxxxx xxxxxxx xxxxxxxxxxxx) xxxxx xx xxxxxxxxx xxxxxxxx xxx compliance xxxx xxx organisation’s xxxxxxxxxxx xxxxxxxxx xx xxxxxxxx (e.g. information xxxxxxxx xxxxxx, xxxxxxxxxxxxx xxxxxxx policy). Requirement 1.14: Xxxxxxxxxxxxxx Xxxxx xxxxxxx xxxxxxxx xxxxx comply xxxx xxx xxx xxxxxxxx xxxxxxxx that xxx xxx for xxxxxxxx xxxxxxxx xxx systems (x.x. xxxxxxxxx, logging). Xxxxxxxx relating to xxxxxxxxxxx xxxx include: xxxxxxxxx xx xxx xxxxxxxxxx xxx xxx xxxxxxx xxxxxxxxx system, xxxxxxx patching, xxxxxx xxxxxxxxxx xx xxxxxxxxx xxxxxxxxxxxx (e.g. production xxx xxxxxxxxxxx). Centralised xxxxxxxxxx, logging xxx xxxxxxxxxx as well xx xxxxxxxx of xxxxxx xxxxxx, xx xxxxxxxxxx for xxxx xxxxxxxxxx xxxxxxxx, xxxxx xx xxxxxxxxxxx xxxxx xx x&xxxx;xxxx xxxxxxxxxx. Xxxxx xxxxxxx xxxxxxxx xxxxxxx xx the xxxx xxxxxxxxxx shall xxxx x&xxxx;xxxxxxx xxxx xxxxxxx. Xxxxxxxxxxx 1.15: Cloud xxxxxxxxx Xxx xxxxx of xxxxxx xxx/xx xxxxxx xxxxx xxxxxxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxx xx xxxxx on x&xxxx;xxxxxx xxxx assessment, taking xxxx xxxxxxx xxx xxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxxx xxxxxxx xxxxxxx xx xxx xxxxx xxxxxxxx. Xx hybrid xxxxx xxxxxxxxx xxx xxxx, xx xx xxxxxxxxxx xxxx the xxxxxxxxxxx level of xxx xxxxxxx xxxxxx xx the highest xxx xx xxx xxxxxxxxx xxxxxxx. Xxx xx-xxxxxxxx components xx xxx xxxxxx xxxxxxxxx xxxx be xxxxxxxxxx xxxx xxx xxxxx xx-xxxxxxxx systems. Business xxxxxxxxxx xxxxxxxxxx (applicable xxxx xx critical xxxxxxxxxxxx) Xxx xxxxxxxxx requirements (2.1 xx 2.6) xxxxxx xx business xxxxxxxxxx xxxxxxxxxx. Xxxx XXXXXX2 xxxxxxxxxxx classified by xxx Xxxxxxxxxx xx xxxxx critical xxx xxx xxxxxx xxxxxxxxxxx xx the XXXXXX2 xxxxxx xxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxx xxxxxxxx xx xxxxx xxxxxxxxxx xxx xxxxxxxxx xxxxxxxx.
|
(1)&xxxx;&xxxx;Xxx xxxx-xx-xxxx xxxxxxxxx refers xx the xxxxxxxxxxxxxx xx xxx xxx xx xxxxxxxxxxx that xx individual xxxxx xxxxxx xx xx xxxxx to xxxxx xxx xxx/xxx xxxxxx.
(2)&xxxx;&xxxx;Xxx xxxxxxxxx xx least xxxxxxxxx xxxxxx xx xxxxxxxxx x&xxxx;xxxxxxx’x xxxxxx xxxxxxx xx xx XX system xx xxxxx xx xxxxx xxx xxxxxxxxxxxxx xxxxxxxx xxxx.
(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx xx the xxxxxxx xx xxxx xxxxxxxx xxxxxx be xxxxxxxxxx xx xxx xxxxx xxxxx (xxx xxx personnel) which xx under xxxxxxxx (xxxxxxxxx), xxxx xxx xxxxxxxxxxx, xx provide x&xxxx;xxxxxxx xxx xxxxx xxx xxxxxxx xxxxxxxxx xxx xxxxx xxxxx (xxx xxx personnel) xx xxxxxxx xxxxxx, xxxxxx xxxxxxxx xx xx-xxxx, xx xxxxxxxxxxx xxx/xx information xxxxxxx xxx/xx information processing xxxxxxxxxx xx xxx xxxxxxxxxxx in xxxxx xx xxxxxxxxxx xx xxx xxxxx covered xxxxx the exercise xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx.
PŘÍLOHA XX
Xxxxxxx II xxxxxxxxxx XXX/2007/7 xx xxxx xxxxx:
1. |
Xxxxxx&xxxx;1 xx xxxx xxxxx:
|
2. |
V čl. 4 odst. 2 xx xxxxxxx xx) xxxxxxxxx xxxxx:
|
3. |
X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 xx xxxxxx xxxx xxxxxxx xx), xxxxx xxx:
|
4. |
V článku 4 xx odstavec 3 xxxxxxxxx xxxxx: „3.&xxxx;&xxxx;&xxxx;XXXXXX2 xxxxxxxx xxxx-xxxx xxxxx settlement xxx payments in xxxx, xxxx xxxxxxxxxx xx xxxxxxx xxxx xxxxx xxxxxx XX xxxxxxxx, X2X DCAs xxx XXXX XXXx. XXXXXX2 xx xxxxxxxxxxx xxx functions xx xxx basis xx xxx XXX through xxxxx xxxxxxx orders xxx xxxxxxxxx xxx xxxxxxxxx xxx xxxxxxx xxxxx payments are xxxxxxxxxx xxxxxxxx xx xxx xxxx technical xxxxxx. As xxx xx the xxxxxxxxx xxxxxxxxx xx the X2X DCAs is xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx and xxxxxxxxx on xxx xxxxx xx xxx X2X Xxxxxxxx. As xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx XXXX XXXx xxx TIPS XX xxxxxxxxx xxxxxxxx xx xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx established and xxxxxxxxx on the xxxxx xx xxx XXXX Xxxxxxxx. The XXX is xxx xxxxxxxx of services xxxxx xxxxx Conditions. Xxxx and xxxxxxxxx xx xxx XXX-xxxxxxxxx XXXx and the 4XXx shall xx xxxxxxxxxx xxxx xxx xxxxxxxxx xx xxx XXX, xxx which xx shall xxxxxx xxxxxxxxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;21 of xxxx Xxxxx. Participation xxxxxxxx xx xxxxx Xxxxxxxxxx xxxxx not xxxxxx x&xxxx;xxxxxxxxxxx relationship xxxxxxx T2S XXX xxxxxxx xxx xxx XXX-xxxxxxxxx XXXx xx xxx 4XXx when xxx xx the xxxxxx xxxx xx xxxx xxxxxxxx. Instructions, xxxxxxxx xx information xxxxx x&xxxx;X2X DCA xxxxxx xxxxxxxx xxxx, xx sends xx, xxx SSP xx X2X Xxxxxxxx xx xxxxxxxx xx the xxxxxxxx xxxxxxxx under xxxxx Xxxxxxxxxx are xxxxxx xx xx xxxxxxxx xxxx, xx xxxx xx, xxx XXX.“; |
5. |
X&xxxx;xxxxxx&xxxx;8 xx odstavec 3 xxxxxxxxx xxxxx: „3.&xxxx;&xxxx;&xxxx;Xxxxx xxx XXX xxx xxxxxxx x&xxxx;xxxxxxx xx x&xxxx;X2X XXX holder xxxxxxxx xx paragraph 1, that X2X XXX holder xx xxxxxx to xxxx xxxxx the xxxxxxxxxxxxx XXX(x) x&xxxx;xxxxxxx xx xxxxx xxx T2S XXX xxxx the xxxxxxx xxxxxxxx xx xxxxxxxxxx xxxxxxxxxxxx executed xx xxxxx securities xxxxxxxx.“; |
6. |
X&xxxx;xxxxxx&xxxx;28 xx xxxxxxxx 1 nahrazuje xxxxx: „1.&xxxx;&xxxx;&xxxx;X2X XXX xxxxxxx xxxxx xx xxxxxx xx xx xxxxx xx, xxxxx xxxxxx xxxx, xxx xxxxx xx xxxx xx demonstrate xxxx xxxxxxxxxx xx xxx xxxxxxxx competent xxxxxxxxxxx with all xxxxxxxxxxx xx them xxxxxxxx xx xxxxxxxxxxx xx xxxx protection. Xxxx xxxxx be xxxxxx xx xx xxxxx xx, xxx xxxxx xxxxxx with xxx xxxxxxxxxxx xx xxxx relating xx xxxxxxxxxxx xx prevention xx xxxxx xxxxxxxxxx xxx xxx financing xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx xxx development xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, in xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx payments xxxxxxx xx credited xx xxxxx X2X XXXx. Prior xx xxxxxxxx xxxx xxx xxxxxxxxxxx xxxxxxxxxxxx with xxx T2S xxxxxxx xxxxxxx provider, X2X XXX xxxxxxx shall xxxxxx that xxxx xxx xxxxxxxx xxxxx xxx xxxx xxxxxxxxx xxxxxx.“; |
7. |
Xxxxxx&xxxx;30 xx nahrazuje xxxxx: „Xxxxxxx&xxxx;30 Xxxxxxxxxxx relationship xxxx xx XXX 1.&xxxx;&xxxx;&xxxx;X2X DCA xxxxxxx shall xxxxxx:
2.&xxxx;&xxxx;&xxxx;Xxx xxxxx relationship between x&xxxx;X2X XXX holder xxx xxx NSP xxxxx xx exclusively xxxxxxxx xx xxx xxxxx xxx xxxxxxxxxx xx the xxxxxxxx xxxxxxxx xxxxxxxxx with xx NSP xx xxxxxxxx to xx xxxxxxxxx 1(a). 3. The xxxxxxxx xx be provided xx xxx XXX xxxxx xxx form xxxx xx xxx xxxxxxxx xx xx xxxxxxxxx xx xxx XXX xx xxxxxxx xx XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxx xx xxxxxx for xxx xxxx, errors or xxxxxxxxx of xxx XXX (xxxxxxxxx xxx xxxxxxxxx, xxxxx xxx xxxxxxxxxxxxxx), xx for xxx xxxx, errors xx xxxxxxxxx xx xxxxx parties xxxxxxxx xx xxxxxxxxxxxx to xxxx xxxxxx xx xxx NSP’s xxxxxxx.“; |
8. |
Xxxxxx xx nový xxxxxx&xxxx;34x, xxxxx xxx: „Xxxxxxx&xxxx;34x Xxxxxxxxxxxx xxxxxxxxxx Xxxx xxx XXXXXX system xx xxxxxxxxxxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, X2X DCA xxxxxxx xxxxx become X2X XXX xxxxxxx xx xxx TARGET xxxxxx.“; |
9. |
Xxxxxx xx xxxxx „X2X network xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx xxxxx) x&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 písm. x) xxxx x), xx.&xxxx;9 xxxx.&xxxx;5, čl. 10 odst. 6, xx.&xxxx;14 xxxx.&xxxx;1 xxxx. x), xx.&xxxx;22 odst. 1, xx.&xxxx;22 xxxx.&xxxx;2, čl. 22 xxxx.&xxxx;3, xx.&xxxx;27 odst. 5, xx.&xxxx;28 odst. 1, čl. 29 xxxx.&xxxx;1 xxxxxxx II x&xxxx;x&xxxx;xxxxxxxx 1 xxxxxxx X&xxxx;xx xxxxxxxxx xxxxxxx „XXX“; |
10. |
X&xxxx;xxxxxxx X&xxxx;xx x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx x) xxxxx:
|
XXXXXXX XXX
Xxxxxxx III xxxxxxxxxx ECB/2007/7 xx xxxx xxxxx:
1. |
Xxxxxx xx xxxxx „TIPS xxxxxxx xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx xxxxx) x&xxxx;xxxx xxxxxxx xx xxxxxxxxx odkazem „XXX“; |
2. |
Xxxxxx&xxxx;1 xx xxxx xxxxx:
|
3. |
X&xxxx;xx.&xxxx;3 xxxx.&xxxx;1 xx xxxxxxx xxxxx xx „Xxxxxxxx X: XXXX xxxxxxxxxxxx xxxxxxxxx requirements“; |
4. |
Článek 4 xx xxxx xxxxx:
|
5. |
X&xxxx;xx.&xxxx;6 odst. 1 písm. x) se xxx x) xxxxxxxxx tímto:
|
6. |
Xxxxxx&xxxx;9 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;9 Xxxxxxxxxxx xxxxxxxxxxxx xxxx xx XXX 1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx:
2. The xxxxx xxxxxxxxxxxx xxxxxxx x&xxxx;xxxxxxxxxxx xxx xxx NSP xxxxx xx xxxxxxxxxxx xxxxxxxx xx the xxxxx xxx xxxxxxxxxx xx their xxxxxxxx xxxxxxxx xx referred xx xx paragraph 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxx xx xx xxxxxxxx xx xxx NSP xxxxx xxx form part xx xxx xxxxxxxx xx xx xxxxxxxxx xx xxx ECB xx xxxxxxx of XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx ECB xxxxx xxx xx liable xxx any xxxx, xxxxxx xx omissions xx the XXX (xxxxxxxxx xxx xxxxxxxxx, xxxxx xxx subcontractors), xx xxx xxx xxxx, xxxxxx xx xxxxxxxxx xx third xxxxxxx xxxxxxxx xx xxxxxxxxxxxx xx gain xxxxxx to xxx XXX’x xxxxxxx.“; |
7. |
Xxxxxx&xxxx;10 se xxxxxxx; |
8. |
Xxxxxx se xxxx xxxxxx&xxxx;11x, který xxx: „Xxxxxxx&xxxx;11x XXX xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxx xxxxxxx XXX xxxxxxxxxx xxxxxxxx the xxxxx – XXXX xxxxxxx xxxxx xxx xxx purposes xx xxx XXX xxxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxxx xxxxx xxx xx xxxxxx xx only xxx IBAN. Xx XXXX xxx xx xxxxxx to one xx xxxxxxxx xxxxxxx. 3.&xxxx;&xxxx;&xxxx;Xxxxxxx&xxxx;29 xxxxx apply xx xxx data contained xx xxx XXX xxxxxxxxxx.“; |
9. |
X&xxxx;xxxxxx&xxxx;12 se zrušuje xxxxxxxx 9; |
10. |
Xxxxxx&xxxx;16 xx xxxxxxxxx tímto: „Article 16 Types of xxxxxxx xxxxxx in XXXX XXX Xxx following xxx classified as xxxxxxx orders xxx xxx purposes xx xxx TIPS service:
|
11. |
X&xxxx;xxxxxx&xxxx;18 xx xxxxxxxx 6 xxxxxxxxx xxxxx: „6.&xxxx;&xxxx;&xxxx;Xxxxx x&xxxx;XXXX XXX xx XX xxxxxxxxx xxxxxxxx xxxxx, a TIPS XXX to TIPS XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx order xx x&xxxx;XXXX AS xxxxxxxxx xxxxxxx xx XXXX DCA xxxxxxxxx xxxxxxxx xxxxx has xxxx xxxxxxxx xx xxxxxxxx to in Xxxxxxx&xxxx;17, the XXXXXX2-XXX xxxxx xxxxx whether xxxxxxxxxx xxxxx are xxxxxxxxx xx xxx xxxxx'x xxxxxxx. Xx xxxxxxxxxx funds xxx xxx xxxxxxxxx the xxxxxxxxx xxxxxxxx xxxxx xxxxx be xxxxxxxx. Xx xxxxxxxxxx xxxxx xxx xxxxxxxxx xxx xxxxxxxxx xxxxxxxx xxxxx xxxxx xx settled xxxxxxxxxxx.“; |
12. |
X&xxxx;xx.&xxxx;20 odst. 1 xx xxxxxxx x) xxxxxxxxx xxxxx:
|
13. |
X&xxxx;xxxxxx&xxxx;30 xx xxxxxxxx 1 xxxxxxxxx tímto: „1. TIPS XXX holders shall xx xxxxxx xx xx aware of, xxxxx xxxxxx with xxx shall xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx to xxx relevant xxxxxxxxx xxxxxxxxxxx xxxx all xxxxxxxxxxx xx them xxxxxxxx to xxxxxxxxxxx xx xxxx xxxxxxxxxx. Xxxx shall be xxxxxx xx xx xxxxx xx, xxx xxxxx comply xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx xx prevention xx money xxxxxxxxxx xxx the financing xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx activities xxx xxx xxxxxxxxxxx xx xxxxxxx weapons xxxxxxxx xxxxxxx, xx xxxxxxxxxx xx xxxxx of xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx xx credited xx xxxxx TIPS XXXx. XXXX XXX xxxxxxx xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx xxxxx xxxxxx XXX'x xxxx retrieval xxxxxx prior to xxxxxxxx into x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx xxxx XXX.“; |
14. |
Xxxxxx xx nový xxxxxx&xxxx;35x, xxxxx xxx: „Xxxxxxx&xxxx;35x Xxxxxxxxxxxx xxxxxxxxx Xxxx the TARGET xxxxxx xx xxxxxxxxxxx xxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, XXXX DCA xxxxxxx xxxxx become XXXX XXX xxxxxxx xx xxx XXXXXX system.“; |
15. |
V dodatku X&xxxx;xx tabulka x&xxxx;xxxxxxxx 2 nahrazuje tímto:
|
16. |
X&xxxx;xxxxxxx X&xxxx;xx v odst. 6 xxxxxxx. 1 nahrazuje xxxxxxx x) xxxxx:
|
17. |
X&xxxx;xxxxxxx XX se xxxxxxx xxxxxxxx 2; |
18. |
Xxxxxxx V se xxxxxxx. |