ROZHODNUTÍ XXXXXXXX XXXXXXXXX XXXXX (XX) 2021/1758
xx xxx 21.&xxxx;xxxx 2021,
kterým xx mění xxxxxxxxxx XXX/2007/7 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (XXX/2021/43)
XXXXXXX RADA XXXXXXXX XXXXXXXXX BANKY,
s ohledem na Xxxxxxx o fungování Xxxxxxxx xxxx, x&xxxx;xxxxxxx xx xxxxx x&xxxx;xxxxxxx odrážku xx.&xxxx;127 xxxx.&xxxx;2 xxxx xxxxxxx,
x&xxxx;xxxxxxx na statut Xxxxxxxxxx xxxxxxx centrálních xxxx a Evropské centrální xxxxx, x&xxxx;xxxxxxx xx xxxxxx&xxxx;11.6 a články 17, 22 x&xxxx;23 tohoto xxxxxxx,
xxxxxxxx k těmto důvodům:
(1) |
Rada xxxxxxxxx xxxxxxx&xxxx;(1) dne 20.&xxxx;xxxxxxxx 2021 xxxxxx xxxxxx Xxxxxxxx centrální xxxxx XXX/2012/27&xxxx;(2) s cílem: x) vyjasnit, xx xxxxxxxx TIPS XXX xxxxx x&xxxx;XXXXXX2 xxxxxxxxx xxxxxxxxxxxxxxx jednotného portálu xxxxx xxxxxxxxxxxxxx Xxxxxxxxxxx (Xxxxxxxxxx Single Xxxxxx Xxxxxxxxxxxxxx Gateway) xx xxxxxxxxx 2021 x&xxxx;xxxxxxxx X2X XXX xxxxx x&xxxx;XXXXXX2 prostřednictvím xxxxxx xxxxxxx xxxxxxxxx od xxxxxx 2022; b) xxxxxxxx a rozšířit xxxxxxxx xxxxxxxx xx xxxxxxxxxx xxxxxxxxx na xxxxxxxxxx xxxxxxxxx bodu XXXXXX2, xxx se xxxxxxxxx, xx se xxxxxx XXXXXX2 xxxx dále xxxxxxx xxx, aby xxx xxxxxxx xxxxx xxxxxxx v oblasti xxxxxxxxxxxx xxxxxxxxxxx; c) zavést xxxxxxxxx, xxx xxxxxxxx xxxx PM, jejich xxxxxxx xxxxxxxxx a adresovatelní xxxxxxxx xxxx BIC, xxxxx xxxxxxxxxxx k uplatňování xxxxxxx XXX Xxxx xxxxxxxx xxxxxx o dodržování xxxxxxx xxx xxxxxxxx xxxxxxxxxxxxx xxxxxxx XXXX, xxxx a zůstali xxxxxx xxxxxxxxxxx xx platformě XXXX prostřednictvím XXXX XXX, tak aby xx xxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxx x&xxxx;xxxx Xxxx; d) zavést xxxxxxxxxxxxxxx, xxxxx xxx x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx v TARGET2 xx xxxxxxxxxxxx nástupnické xxxx x&xxxx;xxxxxxxx xxxxxxx XXXXXX, aby byla xxxxxxxxx xxxxxx jistota, x&xxxx;x) xxxxxxxx x&xxxx;xxxxxxxxxxxx xxxxxxx xxxxx aspekty xxxxxxxx zásad ECB/2012/27. |
(2) |
Jakmile xxxx xxxxxxxxxx xxxxxxx xxxxxxxxxxx X2-X2X, xxxx x&xxxx;xxxxx xxxxxx jistoty xxxxxx xxxxxxxx xxxxxxxx xxxxxxxxxxxxxxx, xxxxx xxx x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx v TARGET2-ECB xx xxxxxxxxxxxx xxxxxxxxxxx xxxx. |
(3) |
Xxxxx xxxxxxxx zásad XXX/2012/27, které xxxx xxxx xx xxxxxxxx XXXXXX2-XXX, xx xxxxx xxxxxxxxx x&xxxx;xxxxxxxxxx Xxxxxxxx xxxxxxxxx banky XXX/2007/7&xxxx;(3). |
(4) |
Xxxxxxxxxx XXX/2007/7 je proto xxxxx odpovídajícím xxxxxxxx xxxxxx, |
XXXXXXX XXXX XXXXXXXXXX:
Xxxxxx&xxxx;1
Xxxxx
Xxxxxxx X, II x&xxxx;XXX xxxxxxxxxx ECB/2007/7 xx xxxx x&xxxx;xxxxxxx x&xxxx;xxxxxxxxx xxxxxx rozhodnutí.
Článek 2
Závěrečná xxxxxxxxxx
Xxxx rozhodnutí xxxxxxxx x&xxxx;xxxxxxxx xxxxx xxxx po xxxxxxxxxx x&xxxx;Xxxxxxx xxxxxxxx Evropské xxxx.
Xxxxxxx se xxx xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx xxxx.&xxxx;1 xxxx. x) x&xxxx;xxxxxxxx 7 x&xxxx;9 xxxxxxx XX xxxxxx xxxxxxxxxx, xxxxx xx xxxxxxx ode xxx 13.&xxxx;xxxxxx 2022.
Xx Frankfurtu xxx Xxxxxxx dne 21. září 2021.
Xxxxxxxxxxx XXX
Xxxxxxxxx XXXXXXX
(1)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx centrální xxxxx (XX) 2021/1759 xx dne 20.&xxxx;xxxxxxxx 2021, xxxxxxx se xxxx xxxxxx xxxxxx XXX/2012/27 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxxx systému xxxxxxxxx xxxxxx x&xxxx;xxxxxxx xxxx (XXXXXX2) (XXX/2021/30) [(viz xxxxxx 45 x&xxxx;xxxxx xxxxx Xxxxxxxx xxxxxxxx).
(2)&xxxx;&xxxx;Xxxxxx xxxxxx Evropské xxxxxxxxx xxxxx ECB/2012/27 xx xxx 5.&xxxx;xxxxxxxx 2012 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx automatizovaném xxxxxxx zúčtování plateb x&xxxx;xxxxxxx xxxx (TARGET2) (Xx. věst. X&xxxx;30, 30.1.2013, s. 1).
(3)&xxxx;&xxxx;Xxxxxxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7 ze xxx 24.&xxxx;xxxxxxxx 2007 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (Úř. xxxx. X&xxxx;237, 8.9.2007, s. 71).
PŘÍLOHA X
Xxxxxxx X&xxxx;xxxxxxxxxx XXX/2007/7 se xxxx xxxxx:
1. |
Xxxxxx&xxxx;1 xx xxxx xxxxx:
|
2. |
V článku 2 xxxxxx xxxxxxxx xx xxxxxxxx nový xxxx, xxxxx zní:
|
3. |
Xxxxxx&xxxx;3 xx xxxx xxxxx:
|
4. |
Xxxxxx&xxxx;5 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;5 Xxxxxx xxxxxxxxxxxx XX account xxxxxxx xx XXXXXX2-XXX xxx direct xxxxxxxxxxxx xxx shall xxxxxx xxxx the xxxxxxxxxxxx xxx xxx xx Xxxxxxx&xxxx;8(1) xxx&xxxx;(2). Xxxx xxxxx have xx xxxxx xxx XX xxxxxxx xxxx xxx XXX. XX xxxxxxx xxxxxxx that xxxx xxxxxxx to xxx XXX Xxxx xxxxxx xx signing the XXXX Instant Xxxxxx Xxxxxxxx Xxxxxxxxx Agreement xxxxx xx and xxxxx xxxxxx xxxxxxxxx xx xxx XXXX Xxxxxxxx xx all xxxxx, either xx x&xxxx;XXXX XXX xxxxxx xx xx x&xxxx;xxxxxxxxx xxxxx xxx x&xxxx;XXXX XXX xxxxxx.“; |
5. |
Xxxxxx&xxxx;22 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;22 Xxxxxxxx Xxxxxxxxxxxx xxx Xxxxxxx Xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx implement xxxxxxxx xxxxxxxx controls to xxxxxxx their xxxxxxx xxxx xxxxxxxxxxxx xxxxxx xxx use. Xxxxxxxxxxxx xxxxx be xxxxxxxxxxx xxxxxxxxxxx for xxx xxxxxxxx protection xx xxx confidentiality, integrity xxx xxxxxxxxxxxx xx xxxxx systems. 2. Participants xxxxx xxxxxx the XXX xx xxx security-related xxxxxxxxx in their xxxxxxxxx xxxxxxxxxxxxxx and, xxxxx xxxxxxxxxxx, xxxxxxxx-xxxxxxx xxxxxxxxx that xxxxx xx xxx technical xxxxxxxxxxxxxx of the xxxxx xxxxx providers. Xxx ECB xxx xxxxxxx further xxxxxxxxxxx xxxxx xxx incident xxx, xx xxxxxxxxx, xxxxxxx xxxx xxx xxxxxxxxxxx take xxxxxxxxxxx xxxxxxxx xx xxxxxxx x&xxxx;xxxxxxxxxx xx xxxx xx xxxxx. 3.&xxxx;&xxxx;&xxxx;Xxx XXX xxx xxxxxx additional xxxxxxxx xxxxxxxxxxxx, in xxxxxxxxxx xxxx regard xx xxxxxxxxxxxxx xx xxx xxxxxxxxxx xx xxxxx, xx xxx xxxxxxxxxxxx xxx/xx on xxxxxxxxxxxx that xxx xxxxxxxxxx xxxxxxxx xx xxx XXX. 4.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxx the XXX xxxx: (x) permanent xxxxxx xx xxxxx xxxxxxxxxxx xx xxxxxxxxx xx their xxxxxx xxxxxxx xxxxxxx xxxxxxxx’x xxxxxxxx xxxxxxxx xxxxxxxxxxxx, xxx (xx) xx xx xxxxxx basis xxx TARGET2 xxxx-xxxxxxxxxxxxx xxxxxxxxx as xxxxxxxxx xx the XXX’x xxxxxxx xx Xxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX shall assess xxx participant’s xxxx-xxxxxxxxxxxxx xxxxxxxxx(x) on the xxxxxxxxxxxx xxxxx xx xxxxxxxxxx xxxx xxxx xx xxx xxxxxxxxxxxx xxx xxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxxx. Xxxxx xxxxxxxxxxxx xxx xxxxxx in Xxxxxxxx XXX, which xx xxxxxxxx xx xxx other Xxxxxxxxxx xxxxxx in Xxxxxxx&xxxx;2(1), xxxxx form an xxxxxxxx xxxx xx xxxxx Conditions. 4b. The xxxxxxxxxxx’x xxxxx xx xxxxxxxxxx xxxx xxx xxxxxxxxxxxx xx the XXXXXX2 xxxx-xxxxxxxxxxxxx shall xx xxxxxxxxxxx xx xxxxxxx, xx xxxxxxxxxx xxxxx xx xxxxxxxx: ‘full xxxxxxxxxx’; ‘xxxxx xxx-xxxxxxxxxx’; xx ‘xxxxx non-compliance’. Xxx xxxxxxxxx xxxxxxxx xxxxx: xxxx compliance xx reached where xxxxxxxxxxxx satisfy 100% xx xxx xxxxxxxxxxxx; xxxxx xxx-xxxxxxxxxx xx xxxxx a participant satisfies xxxx than 100% xxx xx xxxxx 66% of the xxxxxxxxxxxx xxx xxxxx xxx-xxxxxxxxxx where x&xxxx;xxxxxxxxxxx xxxxxxxxx xxxx xxxx 66% of xxx xxxxxxxxxxxx. Xx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxxx to xx, xx xxxxx xx xxxxxxxxxx as xxxxxxxxx xxxx the xxxxxxxxxx xxxxxxxxxxx xxx the xxxxxxxx xx xxx xxxxxxxxxxxxxx. A participant xxxxx xxxxx to xxxxx ‘xxxx xxxxxxxxxx’ xxxxx xxxxxx xx xxxxxx xxxx xxxxxxxxxxxxx xxx xx xxxxxxx to xxxxx xxxx xxxxxxxxxx. Xxx ECB xxxxx xxxxxx the xxxxxxxx xxxxxxxxxxx xxxxxxxxxxx xx xxx xxxxxx xx xxxx xxxxxxxxxxx’x xxxxxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xx xxx xxxxxxxxxxx xxxxxxx xx xxxxx permanent xxxxxx to xxx xxxxxxxxxxx xx xxxxxxxxx xx xxxxx xxxxxx XXXx xxxxxxxx xxxxxxxx xxxxxxxxxxxx xx xxxx xxx provide xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxx xxxxxxxxxxx’x level xx xxxxxxxxxx shall xx xxxxxxxxxxx xx ‘xxxxx xxx-xxxxxxxxxx’. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxxxx xxxxxxxxxx xx xxxxxxxxxxxx xx xx xxxxxx basis. 4e. The XXX xxx xxxxxx xxx xxxxxxxxx xxxxxxxx xx xxxxxxx on xxxxxxxxxxxx xxxxx level xx xxxxxxxxxx was xxxxxxxx xx xxxxx or xxxxx non-compliance, in xxxxxxxxxx xxxxx of xxxxxxxx:
|
6. |
X&xxxx;xxxxxx&xxxx;33 xx xxxxxxxx 1 nahrazuje tímto: „1. Participants xxxxx be xxxxxx xx be xxxxx xx, shall xxxxxx xxxx, and shall xx xxxx xx xxxxxxxxxxx xxxx compliance xx xxx relevant xxxxxxxxx xxxxxxxxxxx with xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx on data xxxxxxxxxx. Xxxx shall xx deemed xx xx xxxxx xx, xxx shall comply xxxx all xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx on xxxxxxxxxx xx xxxxx xxxxxxxxxx xxx the xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx activities xxx the development xx nuclear xxxxxxx xxxxxxxx xxxxxxx, xx xxxxxxxxxx xx terms xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx any xxxxxxxx debited or xxxxxxxx on their XX accounts. Participants xxxxx xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx the TARGET2 xxxxxxx xxxxxxx xxxxxxxx’x xxxx xxxxxxxxx policy xxxxx xx xxxxxxxx xxxx xxx contractual xxxxxxxxxxxx xxxx the XXXXXX2 xxxxxxx xxxxxxx xxxxxxxx.“; |
7. |
Xxxxxx xx xxxx xxxxxx&xxxx;39x, který zní: „Article 39a Transitional xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxx xxx XXXXXX xxxxxx xx xxxxxxxxxxx xxx XXXXXX2 xxx xxxxxx operation, PM xxxxxxx balances xxxxx xx xxxxxxxxxxx xx xxx xxxxxxx holder’s xxxxxxxxxxxxx xxxxxxxxx xxxxxxxx xx xxx XXXXXX xxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx xxxx XX xxxxxxx xxxxxxx, xxxxxxxx Xxxxxxxxxxxx and xxxxxxxxxxx BIC xxxxxxx xxxxxxxx to xxx XXX Inst xxxxxx xx xxxxxxxxx xx xxx XXXX Xxxxxxxx xxxxxxxx xx Article 5 xxxxx xxxxx xx xx 25 February 2022.“; |
8. |
X&xxxx;xxxxxxx I se x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx b) xxxxx:
|
9. |
X&xxxx;xxxxxxx XX se x&xxxx;xxxxxxxx 6 xxxxxxxxx xxxxxxx x) xxxxx:
|
10. |
Xxxxxxxx xx xxxx xxxxxxx VII, xxxxx xxx: „Xxxxxxxx VII Requirements regarding xxxxxxxxxxx security xxxxxxxxxx xxx xxxxxxxx xxxxxxxxxx xxxxxxxxxx Xxxxxxxxxxx xxxxxxxx xxxxxxxxxx Xxxxx xxxxxxxxxxxx are xxxxxxxxxx xx xxxx xxxxxxxxxxx, xxxxxx the xxxxxxxxxxx xxxxxxxxxxxx xxxx a specific xxxxxxxxxxx is xxx xxxxxxxxxx xx it. Xx xxxxxxxxxxxx xxx xxxxx xx xxxxxxxxxxx xx xxx requirements xxxxxx its xxxxxxxxxxxxxx, xxx xxxxxxxxxxx xxxxxx xxxxxxxx xxx xxxxxxxx xxxx xxx xxxx xx the Payment Xxxxxxxxxxx Xxxxx (XXX). Xxxxxxxxxxxx, the PTC xxxxxx at x&xxxx;Xxxxx xx Entry (PoE), x.x. a system involved xx the xxxxxxxx xx xxxxxxxxxxxx (e.g. xxxxxxxxxxxx, xxxxx-xxxxxx xxx xxxx-xxxxxx xxxxxxxxxxxx, xxxxxxxxxx), xxx ends xx xxx xxxxxx responsible xx xxxx xxx xxxxxxx to XXXXX (x.x. XXXXX XXX Xxx) xx Xxxxxxxx (xxxx xxx xxxxxx xxxxxxxxxx to Xxxxxxxx-xxxxx Xxxxxx). Xxxxxxxxxxx 1.1: Xxxxxxxxxxx xxxxxxxx xxxxxx Xxx xxxxxxxxxx xxxxx set a clear xxxxxx direction in xxxx xxxx xxxxxxxx xxxxxxxxxx xxx demonstrate xxxxxxx xxx xxx xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxx the xxxxxxxx, xxxxxxxx and xxxxxxxxxxx xx xx xxxxxxxxxxx xxxxxxxx xxxxxx xxxxxx xx xxxxxxxx xxxxxxxxxxx security xxx xxxxx xxxxxxxxxx across xxx organisation xx xxxxx xx xxxxxxxxxxxxxx, xxxxxxxxxx xxx treatment xx xxxxxxxxxxx security xxx xxxxx xxxxxxxxxx xxxxx. Xxx policy xxxxxx xxxxxxx at xxxxx xxx xxxxxxxxx xxxxxxxx: xxxxxxxxxx, scope (xxxxxxxxx xxxxxxx such xx xxxxxxxxxxxx, human xxxxxxxxx, xxxxx management xxx.), principles xxx xxxxxxxxxx xx xxxxxxxxxxxxxxxx. Xxxxxxxxxxx 1.2: Xxxxxxxx xxxxxxxxxxxx Xx xxxxxxxxxxx security framework xxxxx be xxxxxxxxxxx xx xxxxxxxxx xxx xxxxxxxxxxx xxxxxxxx policy xxxxxx xxx xxxxxxxxxxxx. Xxx xxxxxxxxxx xxxxx xxxxxxxxxx xxx xxxxxx xxx establishment xx xxx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xx xxxxxx xxx implementation xx xxx information security xxxxxx (xx xxx Xxxxxxxxxxx 1.1) xxxxxx xxx organisation, including xxx xxxxxxxxxx xx xxxxxxxxxx resources xxx xxxxxxxxxx of xxxxxxxx xxxxxxxxxxxxxxxx xxx this xxxxxxx. Xxxxxxxxxxx 1.3: Xxxxxxxx xxxxxxx Xxx xxxxxxxx xx xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxx xxx xx xxxxxxx by xxx xxxxxxxxxxxx xx, xxx/xx xxx xxxxxxxxxx xx, xx xxxxxxxx xxxxx/xxxxxxx xx xxxxxxxx/xxxxxxxx xxxxxxxx xx xxxx. Xxx xxxxxx to xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xx xxxxxxxx parties xxxxx xx xxxxxxxxxx. Xxxx xxxxxxxx xxxxxxx or xxxxxxxx/xxxxxxxx of xxxxxxxx xxxxxxx xxx required xx xxxxxx xxx xxxxxxxxxxxx’x information processing xxxxxxxxxx, x&xxxx;xxxx assessment xxxxx xx xxxxxxx xxx to xxxxxxxxx xxx security xxxxxxxxxxxx xxx xxxxxxx xxxxxxxxxxxx. Xxxxxxxx xxxxx xx xxxxxx xxx xxxxxxx xx xx xxxxxxxxx xxxx each xxxxxxxx xxxxxxxx party. Requirement 1.4: Xxxxx xxxxxxxxxx Xxx information xxxxxx, the xxxxxxxx xxxxxxxxx xxx xxx xxxxxxxxxx xxxxxxxxxxx xxxxxxx, xxxx xx xxxxxxxxx xxxxxxx, infrastructures, business xxxxxxxxxxxx, xxx-xxx-xxxxx xxxxxxxx, xxxxxxxx xxx xxxx-xxxxxxxxx xxxxxxxxxxxx, in xxx xxxxx of xxx Xxxxxxx Transaction Xxxxx xxxxx xx xxxxxxxxx xxx xxx have x&xxxx;xxxxxxxxx xxxxx. Xxx xxxxxxxxxxxxxx xxx xxx xxxxxxxxxxx xxx xxx xxxxxxxxx xx appropriate xxxxxxxx xx the xxxxxxxx xxxxxxxxx xxx xxx xxxxxxx XX xxxxxxxxxx to xxxxxxxxx xxx xxxxxxxxxxx assets xxxxx xx xxxxxxxx. Xxxx: xxx owner xxx xxxxxxxx xxx xxxxxxxxxxxxxx xx xxxxxxxx xxxxxxxx xx xxxxxxxxxxx, xxx remains accountable xxx xxx xxxxxx xxxxxxxxxx of xxx xxxxxx. Xxxxxxxxxxx 1.5: Xxxxxxxxxxx xxxxxx xxxxxxxxxxxxxx Xxxxxxxxxxx xxxxxx xxxxx xx classified xx terms of xxxxx criticality xx xxx xxxxxx xxxxxxxx xx xxx xxxxxxx xx the participant. Xxx classification xxxxx xxxxxxxx xxx need, xxxxxxxxxx xxx xxxxxx xx protection required xxxx xxxxxxxx the xxxxxxxxxxx asset xx xxx xxxxxxxx xxxxxxxx xxxxxxxxx and shall xxxx take xxxx xxxxxxxxxxxxx xxx xxxxxxxxxx XX xxxxxxxxxx. An xxxxxxxxxxx xxxxx classification xxxxxx xxxxxxxx xx xxx xxxxxxxxxx xxxxx xx xxxx xx xxxxxx xx appropriate xxx xx xxxxxxxxxx xxxxxxxx xxxxxxxxxx the xxxxxxxxxxx xxxxx xxxxxxxxx (xxxxxxxxx xxxxxxx and xxxxxxxxxxx of xxxxxxxxxxx xxxxxx) xxx xx xxxxxxxxxxx the xxxx xxx specific handling xxxxxxxx. Xxxxxxxxxxx 1.6: Human xxxxxxxxx security Security xxxxxxxxxxxxxxxx xxxxx be xxxxxxxxx xxxxx xx employment xx xxxxxxxx xxx xxxxxxxxxxxx and in xxxxx xxx conditions xx xxxxxxxxxx. Xxx xxxxxxxxxx for employment, xxxxxxxxxxx xxx xxxxx xxxxx xxxxx xxxxx xx adequately xxxxxxxx, xxxxxxxxxx xxx sensitive xxxx. Xxxxxxxxx, xxxxxxxxxxx xxx third xxxxx xxxxx of xxxxxxxxxxx xxxxxxxxxx facilities xxxxx xxxx an xxxxxxxxx xx xxxxx security xxxxx xxx xxxxxxxxxxxxxxxx. Xx xxxxxxxx xxxxx xx xxxxxxxxx xxxxx xx xxxxxxx xxxxx xxx xxxxxxxxx, xxxxxxxxxxx xxx third xxxxx xxxxx, xxx xxxxxxxxx xxx xxxxxxxx xx xxxxxxxx xxxxxxxxxx xxx xxx correct use xx information xxxxxxxxxx xxxxxxxxxx shall be xxxxxxxx xx xxxx xx xxxxxxxx xxxxxxxx xxxxxxxx xxxxx. A formal xxxxxxxxxxxx xxxxxxx xxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xxx xxxxxxxxx. Responsibilities xxxxx xx xx xxxxx xx xxxxxx xxxx xx xxxxxxxx’x, xxxxxxxxxx’x xx xxxxx xxxxx user’s xxxx xxxx xx xxxxxxxx xxxxxx the xxxxxxxxxxxx xx xxxxxxx, xxx xxxx xxx xxxxxx xx xxx xxxxxxxxx xxx the removal xx all xxxxxx xxxxxx xxx xxxxxxxxx. Xxxxxxxxxxx 1.7: Xxxxxxxx and xxxxxxxxxxxxx xxxxxxxx Xxxxxxxx xx xxxxxxxxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx shall xx xxxxxx xx xxxxxx xxxxx, protected xx xxxxxxx security perimeters, xxxx xxxxxxxxxxx security xxxxxxxx and xxxxx xxxxxxxx. Xxxx shall xx xxxxxxxxxx xxxxxxxxx xxxx xxxxxxxxxxxx xxxxxx, xxxxxx and xxxxxxxxxxxx. Xxxxxx xxxxx xx xxxxxxx xxxx to xxxxxxxxxxx xxx fall xxxxxx xxx xxxxx xx Xxxxxxxxxxx 1.6. Xxxxxxxxxx and xxxxxxxxx xxxxx xx xxxxxxxxxxx xx protect physical xxxxx xxxxxxxxxx xxxxxxxxxxx xxxxxx when xx xxxxxxx. Xxxxxxxxx xxxxx xx xxxxxxxxx xxxx physical xxx xxxxxxxxxxxxx xxxxxxx. Xxxxxxxxxx of xxxxxxxxx (xxxxxxxxx xxxxxxxxx xxxx xxx-xxxx) xxx xxxxxxx xxx xxxxxxx xx xxxxxxxx is xxxxxxxxx xx xxxxxx xxx xxxx xx xxxxxxxxxxxx xxxxxx to xxxxxxxxxxx xxx to xxxxx xxxxxxx xxxx xx xxxxxx of xxxxxxxxx xx information. Xxxxxxx xxxxxxxx xxx xx xxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx xxx to safeguard xxxxxxxxxx facilities xxxx xx xxx xxxxxxxxxx xxxxxx xxx cabling xxxxxxxxxxxxxx. Xxxxxxxxxxx 1.8: Xxxxxxxxxx xxxxxxxxxx Xxxxxxxxxxxxxxxx xxx xxxxxxxxxx xxxxx xx xxxxxxxxxxx xxx the xxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxx xxxxxxx xx xxx Xxxxxxx Transaction Xxxxx end-to-end. As xxxxxxx xxxxxxxxx xxxxxxxxxx, xxxxxxxxx xxxxxxxxx administration xx XX xxxxxxx, xxxxxxxxxxx xx duties xxxxx xx implemented, xxxxx xxxxxxxxxxx, xx xxxxxx xxx xxxx xx xxxxxxxxx xx xxxxxxxxxx xxxxxx misuse. Xxxxx xxxxxxxxxxx xx xxxxxx xxxxxx xx xxxxxxxxxxx xxx xx xxxxxxxxxx xxxxxxxxx reasons, xxxxxxxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xxxxxxxxx x&xxxx;xxxxxx xxxx xxxxxxxx. Xxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx xxx xxxxxx xxx xxxxxxxxxxxx xx xxxxxxxxx xxxx xxx xxxxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Controls xxxxx xx xxxx xxxxxxxxxxx (xxxxxxxxx xxxx awareness) xx xxxxxxx, xxxxxx xxx xxxxxx malicious xxxx. Xxxxxx xxxx xxxxx be xxxx xxxx xxxx trusted xxxxxxx (x.x. xxxxxx Xxxxxxxxx XXX xxxxxxxxxx xxx Xxxx Xxxxxxx). Xxx xxxxxxxxxxxxx of xxx xxxxxxx (x.x. xxx xxx xx xxxxxxxxxx xxx xxxxxxx) xxxxx be xxxxxxxx xxxxxxxxxx. Xxxx backup xxx xxxxxxxx xxxxxxxx xxxxx xx implemented xx xxx xxxxxxxxxx; xxxxx xxxxxxxx xxxxxxxx shall xxxxxxx a plan of xxx xxxxxxxxxxx process xxxxx xx xxxxxx xx xxxxxxx xxxxxxxxx xx xxxxx xxxxxxxx. Xxxxxxx xxxx xxx critical xxx xxx security xx xxxxxxxx xxxxx xx xxxxxxxxx xxx xxxxxx xxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxx xx xxxxxxxx. Xxxxxxxx xxxx xxxxx xx xxxx xx xxxxxx xxxx xxxxxxxxxxx system xxxxxxxx are xxxxxxxxxx. Xxxxxxxx xxxx xxxxx xx xxxxxxxxx reviewed xx a sample xxxxx, xxxxx xx xxx xxxxxxxxxxx xx xxx xxxxxxxxxx. Xxxxxx xxxxxxxxxx xxxxx xx used xx xxxxx xxx xxxxxxxxxxxxx xx xxxxxxxx xxxxx xxx xxxxxxxxxx xx xxxxxxxx for xxx xxxxxxxx xx xxxxxxxx and xx xxxxxx xxxxxxxxxx xx xx access policy xxxxx. Xxxxxxxxx of xxxxxxxxxxx xxxxxxx xxxxxxxxxxxxx xxxxx xx based on x&xxxx;xxxxxx xxxxxxxx xxxxxx, xxxxxxx xxx in xxxx xxxx xxxxxxxx xxxxxxxxxx xxxxx xxx xxxxxxxx parties xxx xxxxx be xxxxxxxxx xxxx xxx xxxxxxxx xxxxxxxxxxx. Xxxxx party xxxxxxxx xxxxxxxxxx xxxxxxxx xx xxx xxxxxxxx xx information xxxx XXXXXX2 (xxxx software xxxxxxxx xxxx x&xxxx;Xxxxxxx Xxxxxx in xxxxxxxx 2 xx xxx xxxxx section of xxx TARGET2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxx document) must xx xxxx xxxxx x&xxxx;xxxxxx xxxxxxxxx xxxx xxx xxxxx xxxxx. Xxxxxxxxxxx 1.9: Access control Access xx information xxxxxx xxxxx xx justified xx the xxxxx xx xxxxxxxx requirements (xxxx-xx-xxxx&xxxx;(1)) xxx according xx xxx xxxxxxxxxxx xxxxxxxxx xx corporate xxxxxxxx (xxxxxxxxx xxx xxxxxxxxxxx xxxxxxxx policy). Xxxxx access control xxxxx xxxxx xx xxxxxxx based on xxx principle xx xxxxx privilege (2) to xxxxxxx closely xxx xxxxx xx xxx xxxxxxxxxxxxx xxxxxxxx xxx XX processes. Xxxxx xxxxxxxx (x.x. for xxxxxx management) logical xxxxxx xxxxxxx should xx xxxxxxxxxx xxxx xxxxxxxx access xxxxxxx xxxxxx xxxxx are xxxxxxxx xxxxxxxxxxxx xxxxxxxx xx xxxxx (e.g. xxxxxxxxxx, xxxxxxxx data xxxxxxxxxxxxx). Xxxxxx xxx documented xxxxxxxxxx shall be xx xxxxx xx xxxxxxx xxx allocation xx xxxxxx xxxxxx xx information systems xxx xxxxxxxx xxxx xxxx within xxx xxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxx xxxxxxxxxx shall xxxxx all stages xx xxx xxxxxxxxx xx user xxxxxx, xxxx the initial xxxxxxxxxxxx xx xxx xxxxx xx the xxxxx deregistration of xxxxx xxxx no xxxxxx require xxxxxx. Xxxxxxx xxxxxxxxx shall xx xxxxx, xxxxx xxxxxxxxxxx, xx xxx allocation xx xxxxxx xxxxxx xx xxxx xxxxxxxxxxx xxxx xxx xxxxx xx xxxxx xxxxxx xxxxxx xxxxx xxxx xx a severe xxxxxxx xxxxxx xx xxx xxxxxxxxxx of the xxxxxxxxxxx (x.x. xxxxxx xxxxxx xxxxxxxx system xxxxxxxxxxxxxx, xxxxxxxx xx xxxxxx xxxxxxxx, direct xxxxxx to business xxxx). Xxxxxxxxxxx controls shall xx xxx xx xxxxx xx identify, xxxxxxxxxxxx and xxxxxxxxx xxxxx xx xxxxxxxx xxxxxx xx the xxxxxxxxxxxx’x xxxxxxx, x.x. xxx local and xxxxxx xxxxxx xx xxxxxxx xx the Xxxxxxx Xxxxxxxxxxx Chain. Xxxxxxxx accounts xxxxx xxx xx xxxxxx xx xxxxx xx xxxxxx xxxxxxxxxxxxxx. Xxx xxxxxxxxx, xxxxx xxxxx be xxxxxxxxxxx xxx xxxxxxxx xx xxxxxxxx xxxxxxxx xx xxxxxx xxxx xxxxxxxxx xxxxxx be xxxxxx xxxxxxx, x.x. xxxxxxxxxx xxxxx and xxxxxxx-xxxx xxxxxxxx. X&xxxx;xxxx xxxxxxxx xxxxxxxx xxx/xx xxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx. X&xxxx;xxxxxx xxxxx xx developed and xxxxxxxxxxx xx the xxx xx xxxxxxxxxxxxx xxxxxxxx xx xxxxxxx xxx xxxxxxxxxxxxxxx, authenticity xxx integrity xx xxxxxxxxxxx. A key management xxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx xxx xxx xx xxxxxxxxxxxxx xxxxxxxx. Xxxxx xxxxx xx xxxxxx for xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx xx xxxxxx xx xx xxxxx (x.x. x&xxxx;xxxxx screen, x&xxxx;xxxxx xxxx xxxxxx) xx xxxxxx xxx risk xx xxxxxxxxxxxx xxxxxx. Xxxx xxxxxxx xxxxxxxx, xxx xxxxx of working xx an unprotected xxxxxxxxxxx xxxxx xx xxxxxxxxxx and xxxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxxxxxx xxxxxxxx xxxxx xx xxxxxxx. Xxxxxxxxxxx 1.10: Information xxxxxxx xxxxxxxxxxx, xxxxxxxxxxx xxx xxxxxxxxxxx Xxxxxxxx requirements xxxxx xx xxxxxxxxxx xxx xxxxxx xxxxx xx xxx xxxxxxxxxxx xxx/xx xxxxxxxxxxxxxx xx xxxxxxxxxxx xxxxxxx. Xxxxxxxxxxx controls xxxxx xx xxxxx xxxx applications, xxxxxxxxx xxxx-xxxxxxxxx xxxxxxxxxxxx, xx xxxxxx xxxxxxx xxxxxxxxxx. Xxxxx controls shall xxxxxxx xxx xxxxxxxxxx xx xxxxx xxxx, xxxxxxxx processing xxx xxxxxx xxxx. Xxxxxxxxxx xxxxxxxx xxx xx xxxxxxxx for xxxxxxx xxxx xxxxxxx, xx xxxx xx xxxxxx xx, sensitive, xxxxxxxx xx xxxxxxxx xxxxxxxxxxx. Xxxx xxxxxxxx xxxxx xx determined on xxx basis of xxxxxxxx requirements and xxxx assessment xxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxx (x.x. xxxxxxxxxxx xxxxxxxx xxxxxx, cryptographic xxxxxxx policy). The operational xxxxxxxxxxxx of xxx xxxxxxx shall xx xxxxxxxxxxx, xxxxxxxxxx xxx xxxxxx xxxxx to xxxxx xxxxxxxxxx and xxx. Xx xxxxxxx xxxxxxx xxxxxxxx, xxxxxxxxxxx xxxxxxxx, xxxxxxxxx xxxxxxxxxxxx xxx xxxxxx management, xxxxxx xx xxxxxxxxxxx xxxxx on xxx xxxxxxxxxxx xx xxxx xxxxx xxx xxx xxxxx xx xxxx xx the xxxxxxx xxxxx xx xxx xxxxxxxxxxxx. Xxxxx xxxxx xx specific xxxxxxxx xx protect xxxxxxxxx xxxxxxxxxxx xxxxxxx over xxxxxx xxxxxxxx. Xxxxxx to xxxxxx files xxx xxxxxxx xxxxxx code xxxxx xx xxxxxxxxxx xxx IT xxxxxxxx xxx support xxxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxx xxxxxx. Care xxxxx xx taken xx xxxxx exposure xx xxxxxxxxx xxxx xx xxxx environments. Xxxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxx be xxxxxxxx xxxxxxxxxx. Xxxxxxxxxx of xxxxxxx xx production xxxxx be xxxxxxxx xxxxxxxxxx. X&xxxx;xxxx assessment xx xxx major xxxxxxx to xx xxxxxxxx xx xxxxxxxxxx xxxxx be xxxxxxxxx. Xxxxxxx xxxxxxxx xxxxxxx activities xx xxxxxxx xx xxxxxxxxxx shall also xx conducted xxxxxxxxx xx x&xxxx;xxxxxxxxxx xxxx xxxxx xx xxx xxxxxxx of x&xxxx;xxxx xxxxxxxxxx, xxx xxxxxxxx xxxxxxx xxxxx include, xx xxxxx, xxxxxxxxxxxxx xxxxxxxxxxx. Xxx xx xxx shortcomings xxxxxxxxxxx xxxxxx the xxxxxxxx xxxxxxx xxxxxxxxxx xxxxx xx xxxxxxxx xxx xxxxxx plans xx xxxxx xxx xxxxxxxxxx xxx shall xx xxxxxxxx xxx followed xx xx a timely xxxxxxx. Xxxxxxxxxxx 1.11: Xxxxxxxxxxx xxxxxxxx xx xxxxxxxx&xxxx;(3) xxxxxxxxxxxxx Xx ensure protection xx xxx xxxxxxxxxxx’x xxxxxxxx information xxxxxxx xxxx xxx xxxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxx xxxxxxxx xxxxxxxxxxxx xxx xxxxxxxxxx xxx xxxxx xxxxxxxxxx xxxx xxxxxxxx’x xxxxxx xxxxx be xxxxxxxxxx and formally xxxxxx upon with xxx supplier. Requirement 1.12: Xxxxxxxxxx of xxxxxxxxxxx xxxxxxxx xxxxxxxxx and xxxxxxxxxxxx Xx xxxxxx x&xxxx;xxxxxxxxxx xxx effective approach xx the xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxxxx, xxxxxxxxx communication xx security events xxx weaknesses, xxxxx, xxxxxxxxxxxxxxxx xxx xxxxxxxxxx, xx xxxxxxxx xxx xxxxxxxxx xxxxx, xxxxx xx established xxx xxxxxx xx xxxxxx x&xxxx;xxxxx, effective and xxxxxxx xxx xxxxxx xxxxxxx from information xxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxxxx related xx x&xxxx;xxxxx-xxxxxxx cause (x.x. x&xxxx;xxxxx xxxxxxx by xx xxxxxxxx xxxxxxxx xx by xx xxxxxxx). Personnel xxxxxxxx xx these xxxxxxxxxx xxxxx xx xxxxxxxxxx xxxxxxx. Xxxxxxxxxxx 1.13: Xxxxxxxxx xxxxxxxxxx xxxxxx X&xxxx;xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx xxxxxxx (x.x. xxxx xxxxxx xxxxxxx, xxxxxxxx networks and xxxxxxxx network connectivity) xxxxx xx regularly xxxxxxxx for compliance xxxx xxx xxxxxxxxxxxx’x xxxxxxxxxxx framework xx xxxxxxxx (e.g. xxxxxxxxxxx xxxxxxxx xxxxxx, xxxxxxxxxxxxx xxxxxxx policy). Requirement 1.14: Xxxxxxxxxxxxxx Xxxxx xxxxxxx xxxxxxxx xxxxx comply xxxx xxx xxx xxxxxxxx xxxxxxxx xxxx xxx xxx xxx xxxxxxxx xxxxxxxx xxx xxxxxxx (x.x. xxxxxxxxx, logging). Xxxxxxxx xxxxxxxx to xxxxxxxxxxx must xxxxxxx: xxxxxxxxx xx the xxxxxxxxxx xxx xxx xxxxxxx xxxxxxxxx xxxxxx, xxxxxxx patching, xxxxxx xxxxxxxxxx xx different xxxxxxxxxxxx (x.x. production xxx xxxxxxxxxxx). Xxxxxxxxxxx xxxxxxxxxx, xxxxxxx and xxxxxxxxxx xx well xx xxxxxxxx of xxxxxx rights, xx xxxxxxxxxx for xxxx xxxxxxxxxx xxxxxxxx, xxxxx xx implemented xxxxx xx x&xxxx;xxxx assessment. Xxxxx xxxxxxx machines xxxxxxx xx xxx xxxx hypervisor xxxxx xxxx x&xxxx;xxxxxxx xxxx xxxxxxx. Xxxxxxxxxxx 1.15: Xxxxx xxxxxxxxx Xxx xxxxx of xxxxxx xxx/xx xxxxxx xxxxx xxxxxxxxx in xxx Payment Xxxxxxxxxxx Xxxxx xxxx xx xxxxx xx x&xxxx;xxxxxx xxxx xxxxxxxxxx, xxxxxx xxxx account the xxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxxx xxxxxxx xxxxxxx xx the xxxxx solution. If xxxxxx xxxxx xxxxxxxxx are xxxx, xx xx xxxxxxxxxx xxxx the xxxxxxxxxxx xxxxx xx xxx xxxxxxx xxxxxx xx xxx xxxxxxx xxx xx the xxxxxxxxx xxxxxxx. Xxx xx-xxxxxxxx xxxxxxxxxx of xxx xxxxxx solutions xxxx be xxxxxxxxxx xxxx xxx other xx-xxxxxxxx xxxxxxx. Xxxxxxxx xxxxxxxxxx xxxxxxxxxx (xxxxxxxxxx xxxx xx critical participants) The xxxxxxxxx requirements (2.1 xx 2.6) xxxxxx xx xxxxxxxx continuity xxxxxxxxxx. Xxxx TARGET2 xxxxxxxxxxx classified xx xxx Eurosystem xx xxxxx xxxxxxxx for xxx xxxxxx functioning xx xxx XXXXXX2 xxxxxx xxxxx xxxx x&xxxx;xxxxxxxx continuity xxxxxxxx xx xxxxx xxxxxxxxxx xxx xxxxxxxxx xxxxxxxx.
|
(1)&xxxx;&xxxx;Xxx xxxx-xx-xxxx xxxxxxxxx xxxxxx xx xxx identification xx the set xx information xxxx xx individual xxxxx xxxxxx xx xx xxxxx xx xxxxx xxx xxx/xxx duties.
(2) The xxxxxxxxx xx least xxxxxxxxx refers xx xxxxxxxxx x&xxxx;xxxxxxx’x xxxxxx xxxxxxx xx xx XX system xx xxxxx xx xxxxx xxx corresponding xxxxxxxx xxxx.
(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx in xxx xxxxxxx of xxxx xxxxxxxx should xx xxxxxxxxxx as xxx xxxxx xxxxx (xxx xxx personnel) xxxxx xx xxxxx contract (xxxxxxxxx), xxxx the xxxxxxxxxxx, xx xxxxxxx x&xxxx;xxxxxxx xxx xxxxx xxx xxxxxxx xxxxxxxxx xxx xxxxx xxxxx (xxx xxx personnel) xx xxxxxxx access, xxxxxx xxxxxxxx xx xx-xxxx, to information xxx/xx xxxxxxxxxxx xxxxxxx xxx/xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xx the xxxxxxxxxxx xx xxxxx xx xxxxxxxxxx xx xxx scope xxxxxxx xxxxx xxx exercise xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx.
XXXXXXX II
Příloha XX xxxxxxxxxx XXX/2007/7 xx xxxx takto:
1. |
Článek 1 xx xxxx xxxxx:
|
2. |
X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 xx xxxxxxx fc) xxxxxxxxx tímto:
|
3. |
X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 se xxxxxx xxxx xxxxxxx xx), xxxxx xxx:
|
4. |
V článku 4 xx xxxxxxxx 3 xxxxxxxxx xxxxx: „3.&xxxx;&xxxx;&xxxx;XXXXXX2 xxxxxxxx xxxx-xxxx xxxxx xxxxxxxxxx xxx payments xx xxxx, with xxxxxxxxxx xx xxxxxxx xxxx xxxxx xxxxxx XX xxxxxxxx, X2X XXXx xxx XXXX XXXx. XXXXXX2 xx xxxxxxxxxxx xxx functions xx xxx basis xx xxx SSP xxxxxxx xxxxx xxxxxxx xxxxxx xxx submitted and xxxxxxxxx and xxxxxxx xxxxx payments are xxxxxxxxxx xxxxxxxx xx xxx same xxxxxxxxx xxxxxx. Xx far xx xxx xxxxxxxxx xxxxxxxxx of xxx X2X XXXx xx xxxxxxxxx, XXXXXX2 is xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx xx xxx X2X Xxxxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx XXXX XXXx xxx TIPS XX xxxxxxxxx xxxxxxxx xx xxxxxxxxx, TARGET2 xx xxxxxxxxxxx xxxxxxxxxxx and xxxxxxxxx xx xxx xxxxx xx xxx XXXX Xxxxxxxx. Xxx XXX xx the xxxxxxxx of xxxxxxxx xxxxx xxxxx Xxxxxxxxxx. Xxxx xxx xxxxxxxxx xx xxx XXX-xxxxxxxxx XXXx xxx xxx 4XXx xxxxx xx xxxxxxxxxx xxxx xxx xxxxxxxxx xx xxx XXX, for which xx xxxxx assume xxxxxxxxx in xxxxxxxxxx xxxx Xxxxxxx&xxxx;21 of xxxx Xxxxx. Xxxxxxxxxxxxx xxxxxxxx xx xxxxx Xxxxxxxxxx xxxxx not xxxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxxxxx X2X XXX xxxxxxx xxx xxx XXX-xxxxxxxxx NCBs xx xxx 4XXx when xxx xx xxx xxxxxx acts in xxxx capacity. Xxxxxxxxxxxx, xxxxxxxx xx xxxxxxxxxxx xxxxx a T2S XXX xxxxxx xxxxxxxx xxxx, xx sends to, xxx SSP or X2X Xxxxxxxx xx xxxxxxxx xx the xxxxxxxx xxxxxxxx xxxxx xxxxx Conditions xxx xxxxxx to xx xxxxxxxx xxxx, xx xxxx xx, the XXX.“; |
5. |
X&xxxx;xxxxxx&xxxx;8 se xxxxxxxx 3 xxxxxxxxx xxxxx: „3.&xxxx;&xxxx;&xxxx;Xxxxx xxx ECB has xxxxxxx a request by x&xxxx;X2X XXX xxxxxx xxxxxxxx xx paragraph 1, xxxx X2X XXX xxxxxx xx xxxxxx xx xxxx xxxxx the participating XXX(x) x&xxxx;xxxxxxx xx xxxxx the X2X XXX xxxx xxx xxxxxxx xxxxxxxx to xxxxxxxxxx transactions executed xx xxxxx xxxxxxxxxx xxxxxxxx.“; |
6. |
X&xxxx;xxxxxx&xxxx;28 xx xxxxxxxx 1 nahrazuje tímto: „1. T2S XXX holders xxxxx xx xxxxxx to xx xxxxx xx, xxxxx xxxxxx xxxx, xxx shall xx xxxx to xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx xxxxxxxx competent xxxxxxxxxxx with all xxxxxxxxxxx on them xxxxxxxx xx legislation xx xxxx protection. Xxxx shall be xxxxxx xx xx xxxxx xx, and xxxxx xxxxxx with xxx obligations on xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxxxxxxxx xx money xxxxxxxxxx xxx xxx xxxxxxxxx xx xxxxxxxxx, proliferation-sensitive xxxxxxx xxxxxxxxxx xxx xxx development xx xxxxxxx xxxxxxx delivery xxxxxxx, xx xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx xxxxxxxxxxx measures xxxxxxxxxx xxx xxxxxxxx xxxxxxx or xxxxxxxx xx xxxxx T2S XXXx. Xxxxx xx xxxxxxxx xxxx xxx xxxxxxxxxxx relationship with xxx X2X xxxxxxx xxxxxxx xxxxxxxx, X2X XXX holders shall xxxxxx that xxxx xxx xxxxxxxx xxxxx xxx xxxx xxxxxxxxx xxxxxx.“; |
7. |
Xxxxxx&xxxx;30 se xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;30 Xxxxxxxxxxx xxxxxxxxxxxx xxxx xx XXX 1.&xxxx;&xxxx;&xxxx;X2X XXX xxxxxxx xxxxx xxxxxx:
2.&xxxx;&xxxx;&xxxx;Xxx xxxxx xxxxxxxxxxxx xxxxxxx x&xxxx;X2X DCA holder xxx xxx NSP xxxxx xx exclusively xxxxxxxx by xxx xxxxx and conditions xx xxx separate xxxxxxxx xxxxxxxxx with xx XXX xx xxxxxxxx xx in xxxxxxxxx 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxx xx xx xxxxxxxx xx xxx XXX xxxxx xxx form xxxx xx xxx xxxxxxxx xx xx xxxxxxxxx xx xxx XXX xx xxxxxxx xx XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx ECB xxxxx xxx xx xxxxxx xxx xxx xxxx, errors or xxxxxxxxx xx xxx XXX (xxxxxxxxx xxx xxxxxxxxx, xxxxx xxx xxxxxxxxxxxxxx), xx xxx xxx xxxx, xxxxxx xx xxxxxxxxx xx xxxxx xxxxxxx selected xx xxxxxxxxxxxx to xxxx access xx xxx XXX’x network.“; |
8. |
Vkládá xx xxxx xxxxxx&xxxx;34x, xxxxx xxx: „Xxxxxxx&xxxx;34x Xxxxxxxxxxxx xxxxxxxxxx Xxxx xxx XXXXXX system xx xxxxxxxxxxx and XXXXXX2 xxx xxxxxx xxxxxxxxx, X2X XXX xxxxxxx shall xxxxxx X2X XXX xxxxxxx xx xxx XXXXXX xxxxxx.“; |
9. |
Xxxxxx xx xxxxx „X2X xxxxxxx service xxxxxxxx“ (v jednotném xxxx xxxxxxx čísle) x&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 písm. x) xxxx x), xx.&xxxx;9 xxxx.&xxxx;5, xx.&xxxx;10 xxxx.&xxxx;6, xx.&xxxx;14 xxxx.&xxxx;1 xxxx. x), xx.&xxxx;22 xxxx.&xxxx;1, xx.&xxxx;22 xxxx.&xxxx;2, xx.&xxxx;22 xxxx.&xxxx;3, čl. 27 odst. 5, xx.&xxxx;28 odst. 1, xx.&xxxx;29 xxxx.&xxxx;1 xxxxxxx XX x&xxxx;x&xxxx;xxxxxxxx 1 xxxxxxx X&xxxx;xx xxxxxxxxx xxxxxxx „XXX“; |
10. |
X&xxxx;xxxxxxx I se x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx x) xxxxx:
|
XXXXXXX XXX
Xxxxxxx XXX xxxxxxxxxx ECB/2007/7 xx xxxx xxxxx:
1. |
Xxxxxx xx xxxxx „TIPS xxxxxxx xxxxxxx provider“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx xxxxx) x&xxxx;xxxx xxxxxxx xx xxxxxxxxx odkazem „NSP“; |
2. |
Článek 1 xx xxxx takto:
|
3. |
X&xxxx;xx.&xxxx;3 xxxx.&xxxx;1 se xxxxxxx xxxxx xx „Appendix X: TIPS xxxxxxxxxxxx xxxxxxxxx requirements“; |
4. |
Článek 4 xx xxxx xxxxx:
|
5. |
X&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 xxxx. x) xx bod x) xxxxxxxxx xxxxx:
|
6. |
Xxxxxx&xxxx;9 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;9 Xxxxxxxxxxx relationship xxxx xx XXX 1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx shall xxxxxx:
2. The legal xxxxxxxxxxxx between x&xxxx;xxxxxxxxxxx xxx xxx XXX xxxxx xx xxxxxxxxxxx xxxxxxxx by xxx xxxxx xxx xxxxxxxxxx xx xxxxx separate xxxxxxxx xx referred xx xx paragraph 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxx xx xx xxxxxxxx xx xxx NSP xxxxx xxx xxxx xxxx xx the xxxxxxxx xx be xxxxxxxxx xx xxx XXX xx respect of XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxx be xxxxxx xxx xxx xxxx, xxxxxx xx xxxxxxxxx xx xxx XXX (xxxxxxxxx xxx xxxxxxxxx, xxxxx xxx xxxxxxxxxxxxxx), xx for xxx xxxx, xxxxxx xx xxxxxxxxx xx xxxxx xxxxxxx xxxxxxxx by xxxxxxxxxxxx xx gain xxxxxx xx the XXX’x network.“; |
7. |
Článek 10 xx xxxxxxx; |
8. |
Xxxxxx xx xxxx xxxxxx&xxxx;11x, xxxxx xxx: „Xxxxxxx&xxxx;11x XXX xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxx central MPL xxxxxxxxxx contains the xxxxx – XXXX xxxxxxx xxxxx xxx xxx xxxxxxxx of xxx XXX service. 2. Each xxxxx xxx xx xxxxxx xx xxxx xxx XXXX. An XXXX may xx xxxxxx xx xxx xx multiple proxies. 3. Article 29 xxxxx apply xx xxx xxxx xxxxxxxxx xx xxx XXX xxxxxxxxxx.“; |
9. |
X&xxxx;xxxxxx&xxxx;12 xx xxxxxxx xxxxxxxx 9; |
10. |
Článek 16 xx xxxxxxxxx tímto: „Article 16 Types xx xxxxxxx orders xx XXXX DCA The following xxx xxxxxxxxxx xx xxxxxxx xxxxxx xxx xxx xxxxxxxx of xxx XXXX xxxxxxx:
|
11. |
X&xxxx;xxxxxx&xxxx;18 xx xxxxxxxx 6 xxxxxxxxx xxxxx: „6.&xxxx;&xxxx;&xxxx;Xxxxx x&xxxx;XXXX XXX xx XX xxxxxxxxx xxxxxxxx order, x&xxxx;XXXX XXX xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx transfer xxxxx xx x&xxxx;XXXX XX xxxxxxxxx account xx XXXX XXX liquidity xxxxxxxx xxxxx xxx xxxx xxxxxxxx xx xxxxxxxx xx xx Xxxxxxx&xxxx;17, the XXXXXX2-XXX xxxxx xxxxx xxxxxxx xxxxxxxxxx xxxxx are xxxxxxxxx xx xxx xxxxx'x xxxxxxx. If xxxxxxxxxx xxxxx xxx xxx available xxx xxxxxxxxx transfer xxxxx xxxxx be rejected. Xx sufficient xxxxx xxx xxxxxxxxx xxx xxxxxxxxx xxxxxxxx xxxxx xxxxx be xxxxxxx xxxxxxxxxxx.“; |
12. |
X&xxxx;xx.&xxxx;20 xxxx.&xxxx;1 xx xxxxxxx x) xxxxxxxxx xxxxx:
|
13. |
X&xxxx;xxxxxx&xxxx;30 se odstavec 1 nahrazuje tímto: „1. TIPS XXX holders xxxxx xx xxxxxx xx xx xxxxx of, xxxxx comply xxxx xxx xxxxx xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxx xxxxxxxxxx. Xxxx xxxxx xx xxxxxx xx xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx obligations xx xxxx relating xx xxxxxxxxxxx xx xxxxxxxxxx xx money laundering xxx xxx xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx and xxx xxxxxxxxxxx of xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, xx xxxxxxxxxx xx terms xx xxxxxxxxxxxx appropriate xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx or xxxxxxxx xx xxxxx XXXX XXXx. XXXX DCA xxxxxxx xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx xxxxx xxxxxx XXX'x data retrieval xxxxxx xxxxx to xxxxxxxx xxxx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx xxxx XXX.“; |
14. |
Xxxxxx xx xxxx xxxxxx&xxxx;35x, který zní: „Article 35a Transitional xxxxxxxxx Xxxx xxx TARGET xxxxxx xx xxxxxxxxxxx xxx xxx XXXXXX2 xxx ceased xxxxxxxxx, XXXX XXX xxxxxxx xxxxx become TIPS XXX xxxxxxx in xxx XXXXXX xxxxxx.“; |
15. |
X&xxxx;xxxxxxx X&xxxx;xx xxxxxxx x&xxxx;xxxxxxxx 2 nahrazuje xxxxx:
|
16. |
X&xxxx;xxxxxxx I se x&xxxx;xxxx.&xxxx;6 xxxxxxx. 1 nahrazuje xxxxxxx x) xxxxx:
|
17. |
V dodatku XX xx xxxxxxx xxxxxxxx 2; |
18. |
Xxxxxxx V se xxxxxxx. |