Animace načítání

Stránka se připravuje...


Na co čekáte? Nečekejte už ani minutu.
Získejte přístup na tento text ještě dnes. Kontaktujte nás a my Vám obratem uděláme nabídku pro Vás přímo na míru.

XXXXXXXXXX XXXXXXXX XXXXXXXXX XXXXX (XX) 2021/1758

xx xxx 21.&xxxx;xxxx 2021,

xxxxxx xx xxxx xxxxxxxxxx XXX/2007/7 o podmínkách TARGET2-ECB (XXX/2021/43)

XXXXXXX RADA XXXXXXXX XXXXXXXXX XXXXX,

x&xxxx;xxxxxxx xx Xxxxxxx x&xxxx;xxxxxxxxx Xxxxxxxx xxxx, a zejména xx xxxxx x&xxxx;xxxxxxx xxxxxxx xx.&xxxx;127 xxxx.&xxxx;2 xxxx xxxxxxx,

x&xxxx;xxxxxxx na xxxxxx Xxxxxxxxxx systému xxxxxxxxxxx xxxx x&xxxx;Xxxxxxxx centrální xxxxx, x&xxxx;xxxxxxx na xxxxxx&xxxx;11.6 x&xxxx;xxxxxx 17, 22 x&xxxx;23 xxxxxx xxxxxxx,

xxxxxxxx x&xxxx;xxxxx xxxxxxx:

(1)

Xxxx xxxxxxxxx změnila (1) xxx 20.&xxxx;xxxxxxxx 2021 xxxxxx xxxxxx Xxxxxxxx centrální xxxxx XXX/2012/27&xxxx;(2) s cílem: x) xxxxxxxx, xx xxxxxxxx XXXX DCA xxxxx x&xxxx;XXXXXX2 xxxxxxxxx xxxxxxxxxxxxxxx jednotného portálu xxxxx xxxxxxxxxxxxxx Xxxxxxxxxxx (Xxxxxxxxxx Single Xxxxxx Xxxxxxxxxxxxxx Gateway) xx xxxxxxxxx 2021 x&xxxx;xxxxxxxx X2X XXX xxxxx x&xxxx;XXXXXX2 prostřednictvím xxxxxx xxxxxxx xxxxxxxxx od xxxxxx 2022; x) xxxxxxxx x&xxxx;xxxxxxxx xxxxxxxx xxxxxxxx xx dodržování xxxxxxxxx xx xxxxxxxxxx xxxxxxxxx xxxx XXXXXX2, xxx xx xxxxxxxxx, xx xx systém XXXXXX2 xxxx dále xxxxxxx xxx, aby xxx xxxxxxx čelit xxxxxxx x&xxxx;xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx; x) xxxxxx xxxxxxxxx, xxx majitelé xxxx PM, xxxxxx xxxxxxx xxxxxxxxx a adresovatelní xxxxxxxx kódu XXX, xxxxx přistoupili k uplatňování xxxxxxx XXX Inst xxxxxxxx xxxxxx x&xxxx;xxxxxxxxxx xxxxxxx xxx okamžité xxxxxxxxxxxxx xxxxxxx XXXX, xxxx a zůstali xxxxxx xxxxxxxxxxx na platformě XXXX prostřednictvím TIPS XXX, xxx aby xx xxxxxxxxx xxxxxxxxxx xxxxxxxxxx plateb x&xxxx;xxxx Xxxx; x) xxxxxx xxxxxxxxxxxxxxx, xxxxx xxx x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx x&xxxx;XXXXXX2 xx xxxxxxxxxxxx xxxxxxxxxxx xxxx v budoucím xxxxxxx XXXXXX, aby xxxx xxxxxxxxx xxxxxx xxxxxxx, x&xxxx;x) vyjasnit a aktualizovat xxxxxxx xxxxx xxxxxxx xxxxxxxx xxxxx XXX/2012/27.

(2)

Xxxxxxx xxxx xxxxxxxxxx xxxxxxx xxxxxxxxxxx T2-T2S, xxxx x&xxxx;xxxxx xxxxxx xxxxxxx xxxxxx xxxxxxxx xxxxxxxx xxxxxxxxxxxxxxx, xxxxx jde x&xxxx;xxxxxxx xxxxxxx zůstatků x&xxxx;xxxx účastníků x&xxxx;XXXXXX2-XXX xx xxxxxxxxxxxx nástupnické xxxx.

(3)

Xxxxx obecných xxxxx XXX/2012/27, xxxxx xxxx xxxx na xxxxxxxx XXXXXX2-XXX, xx xxxxx xxxxxxxxx v rozhodnutí Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7&xxxx;(3).

(4)

Xxxxxxxxxx XXX/2007/7 xx xxxxx xxxxx xxxxxxxxxxxxx xxxxxxxx xxxxxx,

XXXXXXX XXXX XXXXXXXXXX:

Xxxxxx&xxxx;1

Xxxxx

Xxxxxxx X, XX x&xxxx;XXX rozhodnutí XXX/2007/7 xx xxxx x&xxxx;xxxxxxx x&xxxx;xxxxxxxxx tohoto xxxxxxxxxx.

Článek 2

Závěrečná xxxxxxxxxx

Xxxx xxxxxxxxxx xxxxxxxx x&xxxx;xxxxxxxx pátým xxxx xx xxxxxxxxxx x&xxxx;Xxxxxxx věstníku Xxxxxxxx xxxx.

Xxxxxxx xx ode xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx xxxx.&xxxx;1 písm. x) a odstavců 7 x&xxxx;9 xxxxxxx II xxxxxx xxxxxxxxxx, které xx xxxxxxx xxx xxx 13.&xxxx;xxxxxx 2022.

Ve Frankfurtu xxx Xxxxxxx xxx 21. září 2021.

Xxxxxxxxxxx XXX

Xxxxxxxxx XXXXXXX


(1)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx xxxxxxxxx xxxxx (XX) 2021/1759 xx xxx 20.&xxxx;xxxxxxxx 2021, kterými xx xxxx xxxxxx xxxxxx XXX/2012/27 o transevropském xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx zúčtování xxxxxx v reálném čase (XXXXXX2) (ECB/2021/30) [(xxx xxxxxx 45 x&xxxx;xxxxx xxxxx Xxxxxxxx xxxxxxxx).

(2)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2012/27 xx xxx 5. prosince 2012 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx zúčtování xxxxxx x&xxxx;xxxxxxx xxxx (XXXXXX2) (Xx. věst. X&xxxx;30, 30.1.2013, s. 1).

(3)&xxxx;&xxxx;Xxxxxxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7 xx xxx 24.&xxxx;xxxxxxxx 2007 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (Xx. xxxx. X&xxxx;237, 8.9.2007, x. 71).


XXXXXXX X

Xxxxxxx X&xxxx;xxxxxxxxxx XXX/2007/7 xx xxxx xxxxx:

1.

Xxxxxx&xxxx;1 xx xxxx xxxxx:

x)

xxxxxxxx xxxxx „instant xxxxxxx xxxxx“ xx xxxxxxxxx xxxxx:

„—

“xxxxxxx payment xxxxx” means, in xxxx with xxx Xxxxxxxx Xxxxxxxx Xxxxxxx'x XXXX Xxxxxxx Xxxxxx Xxxxxxxx (XXX Inst) xxxxxx, a payment xxxxxxxxxxx xxxxx xxx xx xxxxxxxx 24 xxxxx x&xxxx;xxx xxx xxxxxxxx xxx of xxx xxxx, xxxx immediate xx xxxxx to xxxxxxxxx processing xxx xxxxxxxxxxxx xx xxx xxxxx xxx xxxxxxxx (x) the XXXX XXX to XXXX XXX instant xxxxxxx xxxxxx, (b) TIPS XXX xx XXXX XX technical xxxxxxx xxxxxxx payment xxxxxx, (x) XXXX XX xxxxxxxxx account xx XXXX XXX xxxxxxx xxxxxxx xxxxxx xxx (x) TIPS XX xxxxxxxxx xxxxxxx to XXXX AS technical xxxxxxx instant payment xxxxxx,“;

x)

xxxxxxxx se nové xxxxxxxx, xxxxx xxxxx:

„—

“Xxxxxxxx Xxxxxxxx Council's XXXX Xxxxxxx Xxxxxx Transfer (XXX Inst) xxxxxx” xx “XXX Xxxx xxxxxx” means xx xxxxxxxxx, xxxx standards xxxxxx xxxxxxxxx a set xx interbank xxxxx xx be xxxxxxxx xxxx xx XXX Xxxx participants, xxxxxxxx xxxxxxx xxxxxxxx xxxxxxxxx xx XXXX to xxxxx xx xxxxxxxxx, XXXX-xxxx euro xxxxxxx xxxxxx xxxxxxxx xxxxxxx,

“XXXX xxxxxxxxx system xxxxxxxxx xxxxxxx (XXXX XX xxxxxxxxx account)” means xx xxxxxxx xxxx xx an ancillary xxxxxx xx x&xxxx;XX xx xx ancillary xxxxxx'x xxxxxx xx xxx XX’x XXXXXX2 xxxxxxxxx xxxxxx for xxx xx the xxxxxxxxx system for xxx xxxxxxx xx xxxxxxxx xxxxxxx xxxxxxxx xx xxx own xxxxx,

“XXXX XXX to XXXX XX xxxxxxxxx xxxxxxx liquidity xxxxxxxx xxxxx” xxxxx the xxxxxxxxxxx xx xxxxxxxx x&xxxx;xxxxxxxxx xxxxxx of xxxxx from a TIPS XXX xx a TIPS XX technical xxxxxxx xx xxxx xxx XXXX DCA xxxxxx’x xxxxxxxx (or xxx xxxxxxxx xx xxxxxxx xxxxxxxxxxx of the xxxxxxxxx xxxxxx) xx xxx xxxxx of xxx xxxxxxxxx system,

“TIPS XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxx” xxxxx xxx xxxxxxxxxxx xx xxxxxxxx a specified xxxxxx of xxxxx xxxx x&xxxx;XXXX XX xxxxxxxxx xxxxxxx xx x&xxxx;XXXX DCA to xxxxxx xxx XXXX XXX xxxxxx’x position (xx xxx xxxxxxxx xx xxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxx xxxxxx) xx xxx xxxxx of xxx xxxxxxxxx xxxxxx,

“xxxxxxxxx xxxxx” xxxxx xx xxxxxx xxxxx: (x) xxxxx x&xxxx;XXX; (x) xx xxxxxxxxxx as a reachable xxxxx xx a TIPS XXX xxxxxx or xx xx ancillary xxxxxx; (c) xx x&xxxx;xxxxxxxxxxxxx, xxxxxxxx xx xxxxxx xx x&xxxx;XXXX XXX xxxxxx xx x&xxxx;xxxxxxxxxxx of xx xxxxxxxxx system, or x&xxxx;xxxxxxxxxxxxx, xxxxxxxx, xx xxxxxx of x&xxxx;xxxxxxxxxxx xx an ancillary xxxxxx; and (x) xx xxxxxxxxxxx through xxx TIPS Xxxxxxxx xxx xx able xx xxxxxx xxxxxxx xxxxxxx xxxxxx xxx xxxxxxx instant xxxxxxx xxxxxx xxxxxx via xxx TIPS DCA xxxxxx xx xxx xxxxxxxxx xxxxxx xx, xx xx authorised xx xxx XXXX XXX holder xx xx xxx ancillary xxxxxx, xxxxxxxx.“;

x)

xxxxxxxx pojmu „XXXX xxxxxxx xxxxxxx xxxxxxxx“ se xxxxxxx;

2.

X&xxxx;xxxxxx&xxxx;2 xxxxxx xxxxxxxx xx xxxxxxxx xxxx xxxx, xxxxx xxx:

„Xxxxxxxx XXX:

Xxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx and xxxxxxxx xxxxxxxxxx xxxxxxxxxx“;

3.

Xxxxxx&xxxx;3 se xxxx xxxxx:

x)

x&xxxx;xxxxxxxx 2 xx xxxxxxx xx) xxxxxxxxx xxxxx:

„(xx)

XXXX XXX xx XX xxxxxxxxx xxxxxxxx orders and XX xx TIPS XXX xxxxxxxxx xxxxxxxx xxxxxx;“;

x)

x&xxxx;xxxxxxxx 2 xx xxxxxx xxxx písmeno xx), které zní:

„(fd)

TIPS XXX xx XXXX XX technical account xxxxxxxxx xxxxxxxx orders xxx XXXX XX xxxxxxxxx account to XXXX DCA liquidity xxxxxxxx xxxxxx; xxx“;

x)

xxxxxxxx 3 xx xxxxxxxxx xxxxx:

„3.&xxxx;&xxxx;&xxxx;XXXXXX2 xxxxxxxx xxxx-xxxx xxxxx settlement xxx xxxxxxxx xx euro, xxxx xxxxxxxxxx in xxxxxxx xxxx money xxxxxx PM xxxxxxxx, X2X XXXx and XXXX XXXx. TARGET2 xx established and xxxxxxxxx xx xxx xxxxx of xxx XXX xxxxxxx xxxxx xxxxxxx orders are xxxxxxxxx xxx xxxxxxxxx xxx xxxxxxx xxxxx xxxxxxxx xxx xxxxxxxxxx xxxxxxxx xx xxx xxxx xxxxxxxxx manner. Xx far as xxx technical xxxxxxxxx xx xxx X2X XXXx xx xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx xx xxx T2S Xxxxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx the XXXX XXXx and XXXX XX technical xxxxxxxx xx xxxxxxxxx, XXXXXX2 is xxxxxxxxxxx xxxxxxxxxxx and xxxxxxxxx xx the xxxxx xx xxx TIPS Xxxxxxxx.“;

4.

Xxxxxx&xxxx;5 xx xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;5

Xxxxxx xxxxxxxxxxxx

XX account xxxxxxx xx XXXXXX2-XXX xxx direct xxxxxxxxxxxx xxx shall xxxxxx xxxx the xxxxxxxxxxxx xxx xxx in Xxxxxxx&xxxx;8(1) xxx&xxxx;(2). They xxxxx xxxx xx xxxxx one PM xxxxxxx xxxx xxx XXX. XX account xxxxxxx xxxx have xxxxxxx xx the XXX Xxxx xxxxxx xx signing xxx XXXX Xxxxxxx Credit Xxxxxxxx Xxxxxxxxx Xxxxxxxxx xxxxx xx xxx xxxxx xxxxxx xxxxxxxxx xx the XXXX Xxxxxxxx xx all xxxxx, xxxxxx xx x&xxxx;XXXX XXX xxxxxx xx xx x&xxxx;xxxxxxxxx xxxxx xxx x&xxxx;XXXX XXX xxxxxx.“;

5.

Xxxxxx&xxxx;22 se xxxxxxxxx tímto:

„Article 22

Security Xxxxxxxxxxxx xxx Xxxxxxx Xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx implement xxxxxxxx xxxxxxxx controls xx xxxxxxx xxxxx systems xxxx unauthorised xxxxxx xxx xxx. Xxxxxxxxxxxx xxxxx xx xxxxxxxxxxx xxxxxxxxxxx xxx xxx xxxxxxxx xxxxxxxxxx xx xxx xxxxxxxxxxxxxxx, xxxxxxxxx xxx xxxxxxxxxxxx of xxxxx xxxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx xxx XXX xx xxx security-related xxxxxxxxx xx xxxxx xxxxxxxxx infrastructure and, xxxxx xxxxxxxxxxx, xxxxxxxx-xxxxxxx xxxxxxxxx xxxx xxxxx xx xxx technical xxxxxxxxxxxxxx xx xxx xxxxx xxxxx xxxxxxxxx. Xxx XXX xxx xxxxxxx xxxxxxx information xxxxx the xxxxxxxx xxx, xx necessary, xxxxxxx that xxx xxxxxxxxxxx take appropriate xxxxxxxx to xxxxxxx x&xxxx;xxxxxxxxxx xx xxxx xx event.

3.   The ECB xxx impose xxxxxxxxxx xxxxxxxx requirements, in xxxxxxxxxx xxxx regard xx cybersecurity or xxx xxxxxxxxxx of xxxxx, on all xxxxxxxxxxxx xxx/xx xx xxxxxxxxxxxx xxxx xxx xxxxxxxxxx critical xx xxx XXX.

4.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxx xxx XXX xxxx: (x) permanent xxxxxx xx xxxxx xxxxxxxxxxx of xxxxxxxxx xx xxxxx xxxxxx xxxxxxx xxxxxxx xxxxxxxx’x xxxxxxxx xxxxxxxx xxxxxxxxxxxx, xxx (xx) xx xx annual xxxxx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxx xx xxxxxxxxx xx xxx ECB’s xxxxxxx in Xxxxxxx.

4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxx xxx xxxxxxxxxxx’x xxxx-xxxxxxxxxxxxx xxxxxxxxx(x) on xxx xxxxxxxxxxxx level xx xxxxxxxxxx xxxx xxxx xx xxx xxxxxxxxxxxx xxx xxx xx xxx TARGET2 self-certification xxxxxxxxxxxx. Xxxxx xxxxxxxxxxxx xxx xxxxxx xx Xxxxxxxx XXX, xxxxx xx xxxxxxxx xx xxx other Appendices xxxxxx xx Xxxxxxx&xxxx;2(1), xxxxx form xx xxxxxxxx xxxx of xxxxx Xxxxxxxxxx.

4x.&xxxx;&xxxx;&xxxx;Xxx participant’s xxxxx xx compliance xxxx xxx xxxxxxxxxxxx xx xxx TARGET2 xxxx-xxxxxxxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx, xx xxxxxxxxxx xxxxx xx xxxxxxxx: ‘xxxx xxxxxxxxxx’; ‘minor xxx-xxxxxxxxxx’; xx ‘xxxxx non-compliance’. Xxx xxxxxxxxx xxxxxxxx xxxxx: xxxx compliance xx xxxxxxx xxxxx xxxxxxxxxxxx satisfy 100% xx xxx requirements; xxxxx xxx-xxxxxxxxxx is xxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxx xxxx than 100% xxx xx least 66% xx xxx xxxxxxxxxxxx and major xxx-xxxxxxxxxx xxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxx less than 66% xx the xxxxxxxxxxxx. Xx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx not xxxxxxxxxx xx it, xx shall be xxxxxxxxxx xx xxxxxxxxx xxxx the xxxxxxxxxx xxxxxxxxxxx xxx xxx xxxxxxxx xx xxx xxxxxxxxxxxxxx. X&xxxx;xxxxxxxxxxx which xxxxx xx xxxxx ‘xxxx xxxxxxxxxx’ shall xxxxxx an xxxxxx xxxx xxxxxxxxxxxxx how xx intends to xxxxx xxxx xxxxxxxxxx. Xxx XXX xxxxx xxxxxx the relevant xxxxxxxxxxx authorities of xxx xxxxxx xx xxxx participant’s compliance.

4c.   If xxx xxxxxxxxxxx xxxxxxx xx grant permanent xxxxxx to xxx xxxxxxxxxxx of adherence xx xxxxx xxxxxx XXXx xxxxxxxx xxxxxxxx xxxxxxxxxxxx xx xxxx xxx xxxxxxx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxx xxxxxxxxxxx’x xxxxx xx xxxxxxxxxx xxxxx be xxxxxxxxxxx as ‘major xxx-xxxxxxxxxx’.

4x.&xxxx;&xxxx;&xxxx;Xxx XXX shall xxxxxxxx compliance xx xxxxxxxxxxxx xx xx xxxxxx xxxxx.

4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxx xxxxxx xxx xxxxxxxxx xxxxxxxx of xxxxxxx on xxxxxxxxxxxx xxxxx xxxxx of xxxxxxxxxx xxx assessed xx xxxxx xx xxxxx xxx-xxxxxxxxxx, xx xxxxxxxxxx xxxxx xx xxxxxxxx:

(x)

xxxxxxxx monitoring: xxx xxxxxxxxxxx xxxxx provide xxx XXX with x&xxxx;xxxxxxx report, xxxxxx xx a senior xxxxxxxxx, xx xxxxx xxxxxxxx xx addressing xxx xxx-xxxxxxxxxx. Xxx xxxxxxxxxxx xxxxx additionally incur x&xxxx;xxxxxxx xxxxxxx charge xxx each affected xxxxxxx equal xx xxx xxxxxxx xxx xx set xxx xx xxxxxxxxx 1 xx Xxxxxxxx XX xxxxxxxxx xxx xxxxxxxxxxx xxxx. This xxxxxxx xx redress xxx xx imposed xx xxx xxxxx xxx xxxxxxxxxxx xxxxxxxx x&xxxx;xxxxxx xxxxxxxxxxx xxxxxxxxxx xx xxxxx xxx-xxxxxxxxxx xx xx assessment of xxxxx xxx-xxxxxxxxxx;

(xx)

xxxxxxxxxx: xxxxxxxxxxxxx xx XXXXXX2-XXX xxx xx xxxxxxxxx xx xxx circumstances xxxxxxxxx xx Article 28(2)(b) and (x) of xxxx Xxxxx. By xxx xx xxxxxxxxxx from Xxxxxxx&xxxx;28 of xxxx Xxxxx, the participant xxxxx be xxxxx xxxxx xxxxxx’ xxxxxx xx such suspension. Xxx xxxxxxxxxxx shall xxxxx x&xxxx;xxxxxxx penalty xxxxxx xxx xxxx xxxxxxxxx xxxxxxx xx xxxxxx xxx xxxxxxx xxx as xxx xxx in xxxxxxxxx 1 xx Appendix XX, xxxxxxxxx xxx xxxxxxxxxxx xxxx. This xxxxxxx xx xxxxxxx xxx xx imposed xx the event xxx participant xxxxxxxx x&xxxx;xxxxxx xxxxxxxxxxx xxxxxxxxxx xx xxxxx xxx-xxxxxxxxxx;

(xxx)

xxxxxxxxxxx: xxxxxxxxxxxxx xx XXXXXX2-XXX xxx xx xxxxxxxxxx xx xxx xxxxxxxxxxxxx xxxxxxxxx xx Xxxxxxx&xxxx;28(2)(x) xxx (x) xx xxxx Xxxxx. Xx xxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;28 xx xxxx Xxxxx, xxx xxxxxxxxxxx xxxxx xx xxxxx three xxxxxx’ xxxxxx xx such xxxxxxxxxxx. Xxx xxxxxxxxxxx xxxxx xxxxx an xxxxxxxxxx xxxxxxx charge xx EUR 1000 xxx each xxxxxxxxxx xxxxxxx. This xxxxxxx xx redress xxx xx xxxxxxx xx xxx xxxxxxxxxxx xxx xxx xxxxxxxxx xxx xxxxx xxx-xxxxxxxxxx to xxx satisfaction xx xxx ECB xxxxxxxxx xxxxx xxxxxx xx xxxxxxxxxx.“;

6.

X&xxxx;xxxxxx&xxxx;33 se odstavec 1 nahrazuje xxxxx:

„1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xx xxxxxx xx xx aware xx, xxxxx xxxxxx xxxx, and shall xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx the xxxxxxxx xxxxxxxxx xxxxxxxxxxx xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxx xxxxxxxxxx. Xxxx shall xx xxxxxx to xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx legislation xx xxxxxxxxxx xx xxxxx xxxxxxxxxx and the xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx nuclear xxxxxxxxxx xxx xxx development xx xxxxxxx xxxxxxx xxxxxxxx systems, xx xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx appropriate xxxxxxxx concerning xxx xxxxxxxx debited xx xxxxxxxx on xxxxx XX xxxxxxxx. Xxxxxxxxxxxx xxxxx xxxxxx that xxxx are informed xxxxx xxx XXXXXX2 xxxxxxx xxxxxxx xxxxxxxx’x xxxx retrieval xxxxxx xxxxx to xxxxxxxx xxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx xxx XXXXXX2 xxxxxxx service xxxxxxxx.“;

7.

Xxxxxx xx xxxx xxxxxx&xxxx;39x, který xxx:

„Xxxxxxx&xxxx;39x

Xxxxxxxxxxxx xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxxx xxx XXXXXX xxxxxx is xxxxxxxxxxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, XX xxxxxxx xxxxxxxx xxxxx xx transferred to xxx xxxxxxx xxxxxx’x xxxxxxxxxxxxx successor xxxxxxxx xx xxx TARGET xxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx that XX account holders, xxxxxxxx Xxxxxxxxxxxx and xxxxxxxxxxx XXX xxxxxxx xxxxxxxx xx xxx XXX Xxxx xxxxxx xx reachable xx xxx XXXX Platform xxxxxxxx to Article 5 xxxxx xxxxx xx xx 25 Xxxxxxxx 2022.“;

8.

X&xxxx;xxxxxxx I se x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx x) tímto:

„(b)

User-to-application xxxx (U2A)

U2A permits xxxxxx communication xxxxxxx x&xxxx;xxxxxxxxxxx and xxx XXX. The information xx displayed xx x&xxxx;xxxxxxx xxxxxxx xx x&xxxx;XX system (XXXXX Xxxxxxxx WebStation xx xxxxxxx xxxxxxxxx, xx xxx xx xxxxxxxx xx SWIFT). Xxx X2X access the XX xxxxxxxxxxxxxx has xx xx xxxx xx support xxxxxxx. Xxxxxxx xxxxxxx are xxxxxxxxx xx the XXX User Xxxxxxxx.“;

9.

X&xxxx;xxxxxxx XX se x&xxxx;xxxxxxxx 6 xxxxxxxxx xxxxxxx x) xxxxx:

„(x)

xxx xxxxxxxxxxx xxxxxxxxxx xx payment xxxxxx, xxxxxxxxxxxx xxxxx xxxxxxx xxxxxxxx xxxxxx xx xxxxxxxxxx. Xxxxxx xxxxxxxxxxx xxxxxxxxxx, xxxxxxxx xxxxxxxxxxx payments xxx xx used xx xxxx xxxxxxxx xxxxxxxxxxx xxxxxxxx. Xxx xxx xxxxxxxx xx xxxxxxxxxxx xxxxxxxxxx, xxxxxxxxxxxx’ xxxxxxxxx xxxxxxxxx xxx xxx xx taken xxxx xxxxxxx xx the XXX.“;

10.

Xxxxxxxx se nový xxxxxxx VII, který xxx:

„Xxxxxxxx VII

Requirements xxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx business xxxxxxxxxx xxxxxxxxxx

Xxxxxxxxxxx security xxxxxxxxxx

Xxxxx xxxxxxxxxxxx are xxxxxxxxxx xx each participant, xxxxxx xxx participant xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx not xxxxxxxxxx xx it. Xx xxxxxxxxxxxx xxx xxxxx xx application xx xxx xxxxxxxxxxxx xxxxxx xxx xxxxxxxxxxxxxx, xxx xxxxxxxxxxx xxxxxx xxxxxxxx xxx xxxxxxxx xxxx are xxxx xx the Payment Xxxxxxxxxxx Xxxxx (XXX). Xxxxxxxxxxxx, xxx XXX xxxxxx xx x&xxxx;Xxxxx xx Xxxxx (PoE), x.x. a system xxxxxxxx xx xxx xxxxxxxx xx xxxxxxxxxxxx (x.x. xxxxxxxxxxxx, front-office and xxxx-xxxxxx applications, xxxxxxxxxx), xxx xxxx xx xxx xxxxxx responsible xx send the xxxxxxx xx XXXXX (x.x. SWIFT XXX Xxx) xx Xxxxxxxx (xxxx the latter xxxxxxxxxx to Xxxxxxxx-xxxxx Xxxxxx).

Xxxxxxxxxxx 1.1: Xxxxxxxxxxx xxxxxxxx xxxxxx

Xxx management xxxxx set x&xxxx;xxxxx xxxxxx direction xx xxxx xxxx business xxxxxxxxxx xxx xxxxxxxxxxx xxxxxxx xxx xxx xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxx xxx xxxxxxxx, xxxxxxxx and xxxxxxxxxxx xx xx xxxxxxxxxxx security xxxxxx xxxxxx xx xxxxxxxx xxxxxxxxxxx security and xxxxx resilience xxxxxx xxx organisation xx xxxxx xx xxxxxxxxxxxxxx, xxxxxxxxxx and xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxx xxxxx xxxxxxxxxx xxxxx. The xxxxxx xxxxxx xxxxxxx at xxxxx xxx xxxxxxxxx xxxxxxxx: xxxxxxxxxx, xxxxx (xxxxxxxxx xxxxxxx xxxx xx xxxxxxxxxxxx, xxxxx xxxxxxxxx, xxxxx xxxxxxxxxx xxx.), principles xxx xxxxxxxxxx xx xxxxxxxxxxxxxxxx.

Xxxxxxxxxxx 1.2: Xxxxxxxx organisation

An xxxxxxxxxxx security xxxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxxxx xxx xxxxxxxxxxx xxxxxxxx xxxxxx xxxxxx xxx organisation. Xxx management xxxxx xxxxxxxxxx xxx xxxxxx xxx xxxxxxxxxxxxx xx xxx information xxxxxxxx xxxxxxxxx xx xxxxxx xxx implementation of xxx xxxxxxxxxxx security xxxxxx (as xxx Xxxxxxxxxxx 1.1) xxxxxx xxx organisation, xxxxxxxxx xxx xxxxxxxxxx of xxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxx xx security xxxxxxxxxxxxxxxx xxx xxxx xxxxxxx.

Xxxxxxxxxxx 1.3: Xxxxxxxx xxxxxxx

Xxx xxxxxxxx of xxx organisation’s xxxxxxxxxxx xxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxx not xx reduced xx xxx xxxxxxxxxxxx of, xxx/xx xxx xxxxxxxxxx xx, xx xxxxxxxx xxxxx/xxxxxxx xx xxxxxxxx/xxxxxxxx xxxxxxxx xx xxxx. Xxx xxxxxx xx xxx organisation’s information xxxxxxxxxx xxxxxxxxxx xx xxxxxxxx parties shall xx xxxxxxxxxx. Xxxx xxxxxxxx xxxxxxx xx xxxxxxxx/xxxxxxxx xx xxxxxxxx xxxxxxx are xxxxxxxx xx xxxxxx xxx xxxxxxxxxxxx’x information processing xxxxxxxxxx, x&xxxx;xxxx assessment xxxxx xx carried xxx to xxxxxxxxx xxx security xxxxxxxxxxxx xxx xxxxxxx xxxxxxxxxxxx. Xxxxxxxx xxxxx xx xxxxxx and defined xx an agreement xxxx xxxx relevant xxxxxxxx party.

Requirement 1.4: Xxxxx xxxxxxxxxx

Xxx information xxxxxx, xxx business xxxxxxxxx and the xxxxxxxxxx xxxxxxxxxxx xxxxxxx, xxxx as operating xxxxxxx, xxxxxxxxxxxxxxx, xxxxxxxx xxxxxxxxxxxx, off-the-shelf xxxxxxxx, xxxxxxxx and xxxx-xxxxxxxxx xxxxxxxxxxxx, in xxx xxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxxx be accounted xxx and have x&xxxx;xxxxxxxxx xxxxx. Xxx xxxxxxxxxxxxxx xxx the xxxxxxxxxxx xxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx in the xxxxxxxx xxxxxxxxx and xxx xxxxxxx XX xxxxxxxxxx to xxxxxxxxx xxx information xxxxxx xxxxx be xxxxxxxx. Xxxx: the xxxxx xxx xxxxxxxx xxx xxxxxxxxxxxxxx xx xxxxxxxx xxxxxxxx xx xxxxxxxxxxx, xxx xxxxxxx xxxxxxxxxxx xxx xxx proper xxxxxxxxxx xx xxx xxxxxx.

Xxxxxxxxxxx 1.5: Information xxxxxx xxxxxxxxxxxxxx

Xxxxxxxxxxx assets xxxxx xx classified xx terms xx xxxxx xxxxxxxxxxx to xxx xxxxxx xxxxxxxx xx the xxxxxxx xx xxx xxxxxxxxxxx. Xxx xxxxxxxxxxxxxx xxxxx xxxxxxxx the need, xxxxxxxxxx xxx xxxxxx xx xxxxxxxxxx xxxxxxxx xxxx xxxxxxxx xxx xxxxxxxxxxx xxxxx in xxx relevant xxxxxxxx xxxxxxxxx and xxxxx xxxx xxxx xxxx xxxxxxxxxxxxx xxx underlying XX xxxxxxxxxx. Xx xxxxxxxxxxx asset classification xxxxxx approved by xxx xxxxxxxxxx xxxxx xx xxxx xx xxxxxx xx xxxxxxxxxxx xxx xx xxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxx xxxxx lifecycle (xxxxxxxxx xxxxxxx xxx xxxxxxxxxxx xx xxxxxxxxxxx xxxxxx) xxx xx xxxxxxxxxxx xxx xxxx xxx xxxxxxxx xxxxxxxx xxxxxxxx.

Xxxxxxxxxxx 1.6: Human xxxxxxxxx xxxxxxxx

Xxxxxxxx xxxxxxxxxxxxxxxx xxxxx xx xxxxxxxxx xxxxx to employment xx xxxxxxxx xxx xxxxxxxxxxxx xxx in xxxxx and xxxxxxxxxx xx xxxxxxxxxx. Xxx xxxxxxxxxx xxx employment, xxxxxxxxxxx and xxxxx xxxxx xxxxx shall xx xxxxxxxxxx xxxxxxxx, xxxxxxxxxx for xxxxxxxxx xxxx. Employees, contractors xxx xxxxx xxxxx xxxxx of xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xxxx an xxxxxxxxx xx their xxxxxxxx xxxxx xxx xxxxxxxxxxxxxxxx. Xx adequate xxxxx xx xxxxxxxxx shall xx xxxxxxx among xxx xxxxxxxxx, contractors xxx xxxxx party xxxxx, xxx education xxx xxxxxxxx in xxxxxxxx procedures and xxx correct xxx xx information xxxxxxxxxx xxxxxxxxxx xxxxx xx xxxxxxxx to xxxx xx minimise xxxxxxxx xxxxxxxx xxxxx. X&xxxx;xxxxxx xxxxxxxxxxxx xxxxxxx xxx xxxxxxxx security breaches xxxxx be xxxxxxxxxxx xxx xxxxxxxxx. Xxxxxxxxxxxxxxxx xxxxx be in xxxxx to ensure xxxx xx xxxxxxxx’x, xxxxxxxxxx’x or third xxxxx xxxx’x exit xxxx xx transfer xxxxxx the xxxxxxxxxxxx xx xxxxxxx, and xxxx the xxxxxx xx all xxxxxxxxx xxx the xxxxxxx xx all xxxxxx xxxxxx are completed.

Requirement 1.7: Physical and xxxxxxxxxxxxx security

Critical or xxxxxxxxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx shall xx xxxxxx in secure xxxxx, protected xx xxxxxxx security xxxxxxxxxx, xxxx xxxxxxxxxxx security xxxxxxxx xxx entry xxxxxxxx. Xxxx shall xx physically protected xxxx unauthorised xxxxxx, xxxxxx xxx interference. Xxxxxx shall xx xxxxxxx only xx xxxxxxxxxxx who fall xxxxxx xxx scope xx Xxxxxxxxxxx 1.6. Xxxxxxxxxx xxx xxxxxxxxx xxxxx xx established xx protect xxxxxxxx xxxxx containing xxxxxxxxxxx xxxxxx xxxx xx xxxxxxx.

Xxxxxxxxx shall xx xxxxxxxxx xxxx xxxxxxxx xxx environmental xxxxxxx. Xxxxxxxxxx xx xxxxxxxxx (xxxxxxxxx xxxxxxxxx xxxx xxx-xxxx) xxx xxxxxxx xxx xxxxxxx xx xxxxxxxx xx xxxxxxxxx xx reduce xxx xxxx xx xxxxxxxxxxxx xxxxxx xx xxxxxxxxxxx xxx xx xxxxx xxxxxxx xxxx xx xxxxxx of xxxxxxxxx xx information. Xxxxxxx xxxxxxxx may xx xxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx xxx xx safeguard xxxxxxxxxx xxxxxxxxxx xxxx xx xxx electrical xxxxxx xxx xxxxxxx xxxxxxxxxxxxxx.

Xxxxxxxxxxx 1.8: Operations xxxxxxxxxx

Xxxxxxxxxxxxxxxx and xxxxxxxxxx xxxxx be xxxxxxxxxxx xxx xxx xxxxxxxxxx xxx operation of xxxxxxxxxxx processing xxxxxxxxxx xxxxxxxx all xxx xxxxxxxxxx systems xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx end-to-end.

As regards xxxxxxxxx xxxxxxxxxx, including xxxxxxxxx xxxxxxxxxxxxxx xx XX systems, xxxxxxxxxxx xx xxxxxx shall xx implemented, where xxxxxxxxxxx, xx reduce xxx xxxx xx xxxxxxxxx or xxxxxxxxxx xxxxxx xxxxxx. Where xxxxxxxxxxx xx xxxxxx xxxxxx be implemented xxx xx xxxxxxxxxx xxxxxxxxx xxxxxxx, xxxxxxxxxxxx xxxxxxxx shall be xxxxxxxxxxx following a formal xxxx xxxxxxxx. Xxxxxxxx xxxxx be xxxxxxxxxxx xx prevent xxx xxxxxx xxx xxxxxxxxxxxx xx malicious xxxx xxx systems xx xxx Xxxxxxx Transaction Xxxxx. Controls shall xx xxxx established (xxxxxxxxx xxxx xxxxxxxxx) xx xxxxxxx, xxxxxx xxx xxxxxx malicious xxxx. Xxxxxx code xxxxx be xxxx xxxx xxxx xxxxxxx xxxxxxx (e.g. signed Xxxxxxxxx XXX xxxxxxxxxx xxx Xxxx Xxxxxxx). Xxx xxxxxxxxxxxxx of xxx xxxxxxx (x.x. xxx use xx xxxxxxxxxx xxx plugins) xxxxx xx xxxxxxxx xxxxxxxxxx.

Xxxx xxxxxx xxx xxxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xx xxx xxxxxxxxxx; xxxxx xxxxxxxx xxxxxxxx shall xxxxxxx x&xxxx;xxxx xx xxx xxxxxxxxxxx xxxxxxx xxxxx xx xxxxxx xx regular xxxxxxxxx xx xxxxx xxxxxxxx.

Xxxxxxx xxxx xxx xxxxxxxx xxx the security xx xxxxxxxx xxxxx xx monitored xxx xxxxxx relevant xx xxxxxxxxxxx xxxxxxxx shall xx recorded. Xxxxxxxx xxxx xxxxx be xxxx xx ensure xxxx xxxxxxxxxxx system xxxxxxxx are xxxxxxxxxx. Xxxxxxxx xxxx shall xx xxxxxxxxx xxxxxxxx xx x&xxxx;xxxxxx xxxxx, xxxxx xx the xxxxxxxxxxx xx xxx xxxxxxxxxx. Xxxxxx xxxxxxxxxx xxxxx xx xxxx xx xxxxx xxx xxxxxxxxxxxxx xx controls xxxxx xxx xxxxxxxxxx xx xxxxxxxx for xxx xxxxxxxx of xxxxxxxx xxx xx xxxxxx xxxxxxxxxx xx xx access policy xxxxx.

Xxxxxxxxx xx xxxxxxxxxxx xxxxxxx xxxxxxxxxxxxx shall xx based xx x&xxxx;xxxxxx exchange xxxxxx, xxxxxxx out in xxxx xxxx xxxxxxxx xxxxxxxxxx xxxxx xxx xxxxxxxx parties xxx xxxxx xx xxxxxxxxx xxxx any xxxxxxxx xxxxxxxxxxx. Xxxxx party xxxxxxxx components employed xx xxx xxxxxxxx xx xxxxxxxxxxx xxxx XXXXXX2 (like xxxxxxxx xxxxxxxx xxxx a Service Xxxxxx xx xxxxxxxx 2 of xxx xxxxx xxxxxxx of xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxx document) must xx used xxxxx x&xxxx;xxxxxx xxxxxxxxx with xxx third xxxxx.

Xxxxxxxxxxx 1.9: Xxxxxx control

Access xx xxxxxxxxxxx assets xxxxx xx xxxxxxxxx xx the basis xx xxxxxxxx xxxxxxxxxxxx (xxxx-xx-xxxx&xxxx;(1)) xxx xxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxxx xx xxxxxxxxx xxxxxxxx (including xxx xxxxxxxxxxx xxxxxxxx xxxxxx). Xxxxx xxxxxx xxxxxxx xxxxx xxxxx xx xxxxxxx based on xxx xxxxxxxxx xx xxxxx xxxxxxxxx&xxxx;(2) xx xxxxxxx closely xxx xxxxx of xxx xxxxxxxxxxxxx xxxxxxxx xxx XX processes. Xxxxx xxxxxxxx (x.x. xxx xxxxxx xxxxxxxxxx) logical xxxxxx xxxxxxx xxxxxx xx xxxxxxxxxx xxxx xxxxxxxx xxxxxx control xxxxxx xxxxx are xxxxxxxx compensatory controls xx place (e.g. xxxxxxxxxx, xxxxxxxx data xxxxxxxxxxxxx).

Xxxxxx xxx xxxxxxxxxx xxxxxxxxxx xxxxx be xx xxxxx xx xxxxxxx the xxxxxxxxxx xx access rights xx xxxxxxxxxxx xxxxxxx xxx services xxxx xxxx xxxxxx xxx xxxxx xx the Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxx procedures xxxxx xxxxx xxx xxxxxx xx the xxxxxxxxx xx xxxx xxxxxx, xxxx xxx xxxxxxx xxxxxxxxxxxx of xxx xxxxx xx xxx xxxxx xxxxxxxxxxxxxx of xxxxx xxxx xx xxxxxx xxxxxxx access.

Special xxxxxxxxx shall be xxxxx, where xxxxxxxxxxx, xx the allocation xx xxxxxx xxxxxx xx such xxxxxxxxxxx xxxx xxx xxxxx xx xxxxx xxxxxx xxxxxx xxxxx lead xx a severe xxxxxxx xxxxxx xx the xxxxxxxxxx xx xxx xxxxxxxxxxx (x.x. xxxxxx xxxxxx xxxxxxxx xxxxxx xxxxxxxxxxxxxx, xxxxxxxx xx xxxxxx xxxxxxxx, xxxxxx xxxxxx to xxxxxxxx xxxx).

Xxxxxxxxxxx xxxxxxxx xxxxx xx put in xxxxx xx identify, xxxxxxxxxxxx and xxxxxxxxx xxxxx xx xxxxxxxx xxxxxx xx xxx xxxxxxxxxxxx’x network, e.g. xxx xxxxx xxx xxxxxx xxxxxx xx xxxxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx accounts xxxxx xxx xx shared xx xxxxx to xxxxxx xxxxxxxxxxxxxx.

Xxx xxxxxxxxx, xxxxx xxxxx xx xxxxxxxxxxx xxx xxxxxxxx xx xxxxxxxx xxxxxxxx xx xxxxxx that xxxxxxxxx xxxxxx xx xxxxxx xxxxxxx, x.x. xxxxxxxxxx xxxxx xxx xxxxxxx-xxxx validity. X&xxxx;xxxx xxxxxxxx recovery and/or xxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx.

X&xxxx;xxxxxx shall xx xxxxxxxxx xxx xxxxxxxxxxx on xxx xxx of xxxxxxxxxxxxx xxxxxxxx xx xxxxxxx xxx confidentiality, xxxxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx. X&xxxx;xxx xxxxxxxxxx xxxxxx shall xx xxxxxxxxxxx xx xxxxxxx xxx xxx xx xxxxxxxxxxxxx xxxxxxxx.

Xxxxx shall xx policy for xxxxxxx confidential xxxxxxxxxxx xx screen xx xx print (x.x. x&xxxx;xxxxx xxxxxx, x&xxxx;xxxxx xxxx policy) xx xxxxxx xxx xxxx xx xxxxxxxxxxxx access.

When xxxxxxx remotely, xxx xxxxx of xxxxxxx xx xx unprotected xxxxxxxxxxx xxxxx be xxxxxxxxxx xxx appropriate xxxxxxxxx xxx xxxxxxxxxxxxxx xxxxxxxx xxxxx be xxxxxxx.

Xxxxxxxxxxx 1.10: Information xxxxxxx acquisition, xxxxxxxxxxx xxx xxxxxxxxxxx

Xxxxxxxx requirements xxxxx be xxxxxxxxxx xxx agreed xxxxx xx xxx development xxx/xx xxxxxxxxxxxxxx xx xxxxxxxxxxx xxxxxxx.

Xxxxxxxxxxx controls xxxxx be built xxxx applications, xxxxxxxxx xxxx-xxxxxxxxx applications, to xxxxxx xxxxxxx processing. Xxxxx controls xxxxx xxxxxxx xxx xxxxxxxxxx xx xxxxx data, xxxxxxxx xxxxxxxxxx xxx xxxxxx xxxx. Xxxxxxxxxx xxxxxxxx xxx xx xxxxxxxx for xxxxxxx xxxx xxxxxxx, xx xxxx xx impact xx, xxxxxxxxx, valuable xx xxxxxxxx information. Xxxx xxxxxxxx xxxxx xx determined on xxx xxxxx xx xxxxxxxx xxxxxxxxxxxx xxx xxxx xxxxxxxxxx according xx xxx established xxxxxxxx (x.x. information xxxxxxxx xxxxxx, cryptographic xxxxxxx policy).

The operational xxxxxxxxxxxx of xxx xxxxxxx xxxxx xx xxxxxxxxxxx, xxxxxxxxxx xxx xxxxxx xxxxx xx xxxxx acceptance xxx xxx. Xx regards xxxxxxx security, xxxxxxxxxxx xxxxxxxx, xxxxxxxxx xxxxxxxxxxxx xxx xxxxxx management, xxxxxx xx implemented xxxxx xx xxx xxxxxxxxxxx xx xxxx xxxxx and the xxxxx of xxxx xx xxx xxxxxxx xxxxx in the xxxxxxxxxxxx. Xxxxx shall xx xxxxxxxx controls xx xxxxxxx xxxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxxxxx xxxxxxxx.

Xxxxxx xx xxxxxx xxxxx xxx xxxxxxx xxxxxx xxxx xxxxx be xxxxxxxxxx xxx XX xxxxxxxx xxx xxxxxxx xxxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxx xxxxxx. Care xxxxx xx xxxxx xx xxxxx xxxxxxxx xx xxxxxxxxx xxxx xx xxxx environments. Xxxxxxx xxx xxxxxxx environments xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxxxxxxxx of xxxxxxx xx xxxxxxxxxx xxxxx be xxxxxxxx xxxxxxxxxx. X&xxxx;xxxx assessment xx xxx xxxxx xxxxxxx xx xx xxxxxxxx xx production xxxxx xx xxxxxxxxx.

Xxxxxxx xxxxxxxx xxxxxxx xxxxxxxxxx xx systems xx xxxxxxxxxx xxxxx xxxx xx xxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxxxxxx xxxx xxxxx xx xxx xxxxxxx xx a risk xxxxxxxxxx, and security xxxxxxx xxxxx xxxxxxx, xx xxxxx, vulnerability xxxxxxxxxxx. Xxx xx xxx xxxxxxxxxxxx xxxxxxxxxxx xxxxxx the xxxxxxxx xxxxxxx activities xxxxx xx assessed xxx xxxxxx xxxxx xx xxxxx xxx xxxxxxxxxx xxx xxxxx xx xxxxxxxx xxx followed xx xx x&xxxx;xxxxxx xxxxxxx.

Xxxxxxxxxxx 1.11: Xxxxxxxxxxx xxxxxxxx in xxxxxxxx&xxxx;(3) xxxxxxxxxxxxx

Xx ensure protection xx xxx participant’s xxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxx xxxxxxxxxx xx suppliers, information xxxxxxxx xxxxxxxxxxxx xxx xxxxxxxxxx xxx xxxxx xxxxxxxxxx xxxx xxxxxxxx’x xxxxxx xxxxx be xxxxxxxxxx xxx xxxxxxxx xxxxxx upon xxxx xxx supplier.

Requirement 1.12: Xxxxxxxxxx xx information xxxxxxxx incidents and xxxxxxxxxxxx

Xx xxxxxx a consistent xxx xxxxxxxxx xxxxxxxx xx the xxxxxxxxxx xx xxxxxxxxxxx security xxxxxxxxx, xxxxxxxxx communication xx xxxxxxxx xxxxxx xxx xxxxxxxxxx, xxxxx, xxxxxxxxxxxxxxxx xxx procedures, xx xxxxxxxx xxx xxxxxxxxx level, shall xx established xxx xxxxxx xx xxxxxx x&xxxx;xxxxx, xxxxxxxxx xxx xxxxxxx and xxxxxx xxxxxxx from information xxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxxxx related to x&xxxx;xxxxx-xxxxxxx cause (x.x. x&xxxx;xxxxx xxxxxxx by xx external xxxxxxxx xx xx xx xxxxxxx). Xxxxxxxxx involved xx xxxxx xxxxxxxxxx xxxxx xx xxxxxxxxxx xxxxxxx.

Xxxxxxxxxxx 1.13: Xxxxxxxxx xxxxxxxxxx xxxxxx

X&xxxx;xxxxxxxxxxx’x internal xxxxxxxxxxx systems (x.x. xxxx office xxxxxxx, xxxxxxxx xxxxxxxx and xxxxxxxx xxxxxxx xxxxxxxxxxxx) xxxxx xx regularly xxxxxxxx xxx xxxxxxxxxx xxxx xxx xxxxxxxxxxxx’x xxxxxxxxxxx framework xx xxxxxxxx (x.x. information xxxxxxxx xxxxxx, cryptographic xxxxxxx policy).

Requirement 1.14: Xxxxxxxxxxxxxx

Xxxxx xxxxxxx machines xxxxx xxxxxx xxxx xxx the xxxxxxxx xxxxxxxx xxxx are xxx for physical xxxxxxxx xxx systems (x.x. hardening, logging). Xxxxxxxx xxxxxxxx xx xxxxxxxxxxx xxxx include: xxxxxxxxx of the xxxxxxxxxx xxx xxx xxxxxxx operating xxxxxx, xxxxxxx patching, xxxxxx xxxxxxxxxx xx xxxxxxxxx xxxxxxxxxxxx (x.x. xxxxxxxxxx xxx development). Xxxxxxxxxxx xxxxxxxxxx, xxxxxxx xxx xxxxxxxxxx xx xxxx xx xxxxxxxx xx xxxxxx xxxxxx, in xxxxxxxxxx xxx xxxx xxxxxxxxxx accounts, xxxxx xx xxxxxxxxxxx xxxxx xx x&xxxx;xxxx assessment. Xxxxx xxxxxxx xxxxxxxx xxxxxxx xx the xxxx xxxxxxxxxx xxxxx xxxx x&xxxx;xxxxxxx xxxx xxxxxxx.

Xxxxxxxxxxx 1.15: Cloud xxxxxxxxx

Xxx xxxxx of xxxxxx xxx/xx xxxxxx xxxxx solutions in xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxx xx xxxxx xx x&xxxx;xxxxxx xxxx assessment, taking xxxx account the xxxxxxxxx controls xxx xxx xxxxxxxxxxx xxxxxxx xxxxxxx xx the xxxxx xxxxxxxx.

Xx hybrid xxxxx solutions are xxxx, it xx xxxxxxxxxx xxxx xxx xxxxxxxxxxx xxxxx xx xxx xxxxxxx xxxxxx xx xxx highest xxx xx the xxxxxxxxx xxxxxxx. Xxx xx-xxxxxxxx xxxxxxxxxx xx xxx xxxxxx xxxxxxxxx xxxx be xxxxxxxxxx xxxx xxx xxxxx xx-xxxxxxxx xxxxxxx.

Xxxxxxxx xxxxxxxxxx xxxxxxxxxx (applicable xxxx xx xxxxxxxx participants)

The xxxxxxxxx xxxxxxxxxxxx (2.1 xx 2.6) relate xx business continuity xxxxxxxxxx. Xxxx XXXXXX2 xxxxxxxxxxx classified by xxx Xxxxxxxxxx as xxxxx xxxxxxxx for xxx smooth xxxxxxxxxxx xx the XXXXXX2 xxxxxx xxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxx xxxxxxxx xx xxxxx xxxxxxxxxx xxx xxxxxxxxx xxxxxxxx.

Xxxxxxxxxxx 2.1

:

Xxxxxxxx xxxxxxxxxx plans xxxxx xx developed xxx xxxxxxxxxx xxx xxxxxxxxxxx xxxx are xx xxxxx.

Xxxxxxxxxxx 2.2

:

An xxxxxxxxx xxxxxxxxxxx xxxx xxxxx xx available.

Requirement 2.3

:

Xxx xxxx xxxxxxx xx the xxxxxxxxx xxxx xxxxx xx xxxxxxxxx xxxx xxxx xx xxx xxxxxxx xxxx, in xxxxx xx avoid xxxx xxxx xxxxx are xxxxxxxx xx the xxxx xxxxx xx xxx xxxx time. Xxx xxxxxxx, xxx xxxxxxxxx site shall xx on x&xxxx;xxxxxxxxx xxxxx grid xxx xxxxxxx telecommunication xxxxxxx xxxx those of xxx xxxxxxx xxxxxxxx xxxxxxxx.

Xxxxxxxxxxx 2.4

:

In the xxxxx of x&xxxx;xxxxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxx xxx xxxxxxx xxxx xxxxxxxxxxxx xxx/xx xxxxxxxx xxxxx unavailable, the xxxxxxxx participant shall xx able to xxxxxx normal xxxxxxxxxx xxxx xxx xxxxxxxxx xxxx, xxxxx it xxxxx be possible xx properly xxxxx xxx xxxxxxxx day xxx xxxx xxx xxxxxxxxx xxxxxxxx day(s).

Requirement 2.5

:

Xxxxxxxxxx shall xx xx place xx xxxxxx xxxx xxx xxxxxxxxxx xx xxxxxxxxxxxx xx resumed xxxx xxx xxxxxxxxx xxxx xxxxxx x&xxxx;xxxxxxxxxx timeframe xxxxx the xxxxxxx xxxxxxxxxx of xxxxxxx xxx xxxxxxxxxxxx xx xxx xxxxxxxxxxx of xxx business that xxx xxxxxxxxx.

Xxxxxxxxxxx 2.6

:

Xxx xxxxxxx xx xxxx xxxx operational xxxxxxxxxxx xxxxx be xxxxxx xx xxxxx xxxx x&xxxx;xxxx xxx critical xxxxx shall be xxxxxxxxxxxxx trained. Xxx xxxxxxx period xxxxxxx xxxxx shall xxx xxxxxx xxx xxxx.

“.

(1)&xxxx;&xxxx;Xxx xxxx-xx-xxxx xxxxxxxxx xxxxxx xx xxx xxxxxxxxxxxxxx xx the xxx xx xxxxxxxxxxx that xx xxxxxxxxxx xxxxx xxxxxx to xx xxxxx xx carry xxx xxx/xxx xxxxxx.

(2)&xxxx;&xxxx;Xxx xxxxxxxxx xx xxxxx xxxxxxxxx xxxxxx xx xxxxxxxxx x&xxxx;xxxxxxx’x xxxxxx xxxxxxx xx xx XX xxxxxx xx xxxxx to xxxxx xxx xxxxxxxxxxxxx business xxxx.

(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx in the xxxxxxx of this xxxxxxxx xxxxxx xx xxxxxxxxxx as any xxxxx party (xxx xxx xxxxxxxxx) which xx xxxxx contract (xxxxxxxxx), xxxx xxx xxxxxxxxxxx, xx provide x&xxxx;xxxxxxx xxx xxxxx xxx xxxxxxx agreement xxx xxxxx party (xxx its xxxxxxxxx) xx xxxxxxx xxxxxx, xxxxxx xxxxxxxx or xx-xxxx, to information xxx/xx xxxxxxxxxxx xxxxxxx xxx/xx information processing xxxxxxxxxx of xxx xxxxxxxxxxx in scope xx associated xx xxx xxxxx covered xxxxx the xxxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx.


PŘÍLOHA XX

Xxxxxxx II xxxxxxxxxx XXX/2007/7 se xxxx xxxxx:

1.

Xxxxxx&xxxx;1 xx xxxx xxxxx:

x)

xxxxxxxx xxxxx „xxxxxxx xxxxxxx order“ xx xxxxxxxxx xxxxx:

„—

“xxxxxxx xxxxxxx order” means, xx xxxx with xxx Xxxxxxxx Xxxxxxxx Xxxxxxx'x SEPA Xxxxxxx Xxxxxx Xxxxxxxx (SCT Xxxx) scheme, x&xxxx;xxxxxxx xxxxxxxxxxx xxxxx can xx xxxxxxxx 24 xxxxx x&xxxx;xxx xxx xxxxxxxx xxx xx xxx year, xxxx xxxxxxxxx or close xx xxxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxxx to xxx xxxxx xxx xxxxxxxx (x) the XXXX XXX xx XXXX DCA xxxxxxx xxxxxxx xxxxxx, (ii) XXXX XXX to XXXX XX technical xxxxxxx instant xxxxxxx xxxxxx, (xxx) XXXX XX technical xxxxxxx xx XXXX DCA xxxxxxx xxxxxxx orders xxx (iv) XXXX XX xxxxxxxxx account xx TIPS XX xxxxxxxxx xxxxxxx instant xxxxxxx xxxxxx,“;

x)

xxxxxxxx xx xxxx xxxxxxxx, xxxxx xxxxx:

„—

“XXXX xxxxxxxxx system xxxxxxxxx xxxxxxx (XXXX XX technical xxxxxxx)” xxxxx xx xxxxxxx xxxx xx an xxxxxxxxx xxxxxx xx x&xxxx;XX xx xx xxxxxxxxx xxxxxx'x xxxxxx xx xxx CB’s XXXXXX2 component xxxxxx xxx use by xxx ancillary system xxx xxx purpose xx xxxxxxxx xxxxxxx xxxxxxxx in xxx xxx xxxxx,

“XXXX DCA xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxx” xxxxx xxx xxxxxxxxxxx xx xxxxxxxx x&xxxx;xxxxxxxxx amount xx xxxxx from x&xxxx;XXXX XXX to x&xxxx;XXXX AS technical xxxxxxx xx fund xxx XXXX XXX xxxxxx’x position (xx xxx xxxxxxxx xx xxxxxxx participant xx xxx xxxxxxxxx system) xx the xxxxx xx xxx ancillary xxxxxx,

“XXXX XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxx” xxxxx the xxxxxxxxxxx xx xxxxxxxx x&xxxx;xxxxxxxxx amount xx xxxxx from a TIPS XX xxxxxxxxx xxxxxxx xx a TIPS DCA xx xxxxxx the XXXX XXX xxxxxx’x xxxxxxxx (xx the xxxxxxxx xx xxxxxxx xxxxxxxxxxx xx the xxxxxxxxx xxxxxx) in xxx xxxxx xx xxx xxxxxxxxx xxxxxx,

“Xxxxxxx Xxxxxxx Provider (XXX)” xxxxx xx xxxxxxxxxxx xxxx has xxxx xxxxxxx x&xxxx;xxxxxxxxxx with xxx Xxxxxxxxxx xx xxxxxxx xxxxxxxxxxxx services xxx xxx Xxxxxxxxxx Xxxxxx Xxxxxx Xxxxxxxxxxxxxx Xxxxxxx.“;

x)

xxxxxxxx xxxxx „T2S xxxxxxx service xxxxxxxx“ xx zrušuje;

2.

V čl. 4 xxxx.&xxxx;2 xx xxxxxxx xx) xxxxxxxxx xxxxx:

„(xx)

XXXX XXX xx XX liquidity xxxxxxxx xxxxxx xxx XX to TIPS XXX liquidity transfer xxxxxx;“;

3.

X&xxxx;xx.&xxxx;4 odst. 2 xx xxxxxx xxxx xxxxxxx xx), xxxxx xxx:

„(xx)

XXXX XXX to TIPS XX technical xxxxxxx xxxxxxxxx transfer orders xxx XXXX AS xxxxxxxxx account xx XXXX XXX liquidity xxxxxxxx xxxxxx; and“;

4.

V článku 4 xx xxxxxxxx 3 xxxxxxxxx xxxxx:

„3.&xxxx;&xxxx;&xxxx;XXXXXX2 provides xxxx-xxxx gross xxxxxxxxxx xxx xxxxxxxx xx xxxx, xxxx settlement xx xxxxxxx xxxx xxxxx across PM xxxxxxxx, T2S XXXx xxx XXXX XXXx. XXXXXX2 xx xxxxxxxxxxx xxx functions xx xxx basis xx xxx SSP xxxxxxx xxxxx payment xxxxxx xxx submitted and xxxxxxxxx xxx xxxxxxx xxxxx payments are xxxxxxxxxx received in xxx xxxx technical xxxxxx. Xx xxx xx the xxxxxxxxx xxxxxxxxx xx the X2X XXXx xx xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx the xxxxx of xxx X2X Xxxxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx XXXX DCAs xxx XXXX XX xxxxxxxxx accounts is xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx the xxxxx xx xxx XXXX Xxxxxxxx. Xxx XXX xx xxx xxxxxxxx xx xxxxxxxx xxxxx xxxxx Xxxxxxxxxx. Xxxx xxx xxxxxxxxx xx xxx XXX-xxxxxxxxx XXXx and xxx 4XXx shall be xxxxxxxxxx xxxx xxx xxxxxxxxx xx the XXX, xxx xxxxx xx shall assume xxxxxxxxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;21 xx xxxx Annex. Participation xxxxxxxx to xxxxx Xxxxxxxxxx shall xxx xxxxxx x&xxxx;xxxxxxxxxxx relationship xxxxxxx T2S XXX xxxxxxx xxx the XXX-xxxxxxxxx XXXx or xxx 4XXx when xxx xx xxx xxxxxx acts xx xxxx xxxxxxxx. Xxxxxxxxxxxx, xxxxxxxx xx xxxxxxxxxxx xxxxx x&xxxx;X2X XXX xxxxxx xxxxxxxx xxxx, xx xxxxx xx, xxx XXX or X2X Xxxxxxxx xx xxxxxxxx to xxx xxxxxxxx provided under xxxxx Xxxxxxxxxx xxx xxxxxx xx xx xxxxxxxx xxxx, xx xxxx xx, xxx XXX.“;

5.

X&xxxx;xxxxxx&xxxx;8 xx xxxxxxxx 3 xxxxxxxxx tímto:

„3.   Where xxx ECB xxx xxxxxxx a request xx x&xxxx;X2X DCA holder xxxxxxxx to paragraph 1, that X2X XXX xxxxxx xx xxxxxx xx xxxx xxxxx xxx xxxxxxxxxxxxx XXX(x) a mandate to xxxxx xxx X2X XXX xxxx the xxxxxxx relating to xxxxxxxxxx xxxxxxxxxxxx xxxxxxxx xx xxxxx xxxxxxxxxx xxxxxxxx.“;

6.

X&xxxx;xxxxxx&xxxx;28 xx xxxxxxxx 1 xxxxxxxxx xxxxx:

„1.&xxxx;&xxxx;&xxxx;X2X XXX holders xxxxx xx xxxxxx xx xx xxxxx xx, xxxxx comply with, xxx xxxxx be xxxx to demonstrate xxxx xxxxxxxxxx xx xxx relevant competent xxxxxxxxxxx xxxx all xxxxxxxxxxx xx xxxx xxxxxxxx to legislation xx xxxx protection. Xxxx shall xx xxxxxx xx xx xxxxx xx, and xxxxx xxxxxx xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx to xxxxxxxxxxx xx prevention xx xxxxx xxxxxxxxxx xxx the financing xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx activities xxx xxx development xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, xx xxxxxxxxxx xx terms xx xxxxxxxxxxxx appropriate xxxxxxxx xxxxxxxxxx any xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx X2X XXXx. Xxxxx to xxxxxxxx xxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx xxx T2S network xxxxxxx xxxxxxxx, X2X XXX xxxxxxx xxxxx xxxxxx that xxxx xxx xxxxxxxx about xxx xxxx xxxxxxxxx xxxxxx.“;

7.

Xxxxxx&xxxx;30 se nahrazuje xxxxx:

„Xxxxxxx&xxxx;30

Xxxxxxxxxxx relationship xxxx xx XXX

1.&xxxx;&xxxx;&xxxx;X2X DCA xxxxxxx xxxxx xxxxxx:

(x)

xxxx xxxxxxxxx x&xxxx;xxxxxxxx xxxx xx XXX within xxx framework of xxx xxxxxxxxxx xxxxxxxx xxxx that NSP xx xxxxx xx xxxxxxxxx a technical connection xx XXXXXX2- ECB; xx

(x)

xxxxxxx xxx xxxxxxx xxxxxx xxxxx xxx xxxxxxxxx a contract xxxx xx XXX xxxxxx xxx xxxxxxxxx xx xxx xxxxxxxxxx xxxxxxxx xxxx that XXX.

2.&xxxx;&xxxx;&xxxx;Xxx xxxxx xxxxxxxxxxxx xxxxxxx x&xxxx;X2X XXX xxxxxx xxx the NSP xxxxx be xxxxxxxxxxx xxxxxxxx xx xxx xxxxx and xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxx concluded xxxx xx XXX xx xxxxxxxx to xx xxxxxxxxx 1(a).

3.   The xxxxxxxx xx be xxxxxxxx xx the XXX xxxxx xxx form xxxx of xxx xxxxxxxx xx xx xxxxxxxxx xx xxx XXX xx xxxxxxx xx TARGET2.

4.   The ECB xxxxx not be xxxxxx xxx xxx xxxx, xxxxxx xx xxxxxxxxx of xxx XXX (xxxxxxxxx its xxxxxxxxx, xxxxx and xxxxxxxxxxxxxx), xx xxx xxx xxxx, errors xx omissions xx xxxxx xxxxxxx xxxxxxxx xx xxxxxxxxxxxx to xxxx access xx xxx XXX’x xxxxxxx.“;

8.

Xxxxxx xx xxxx xxxxxx&xxxx;34x, xxxxx zní:

„Article 34a

Transitional xxxxxxxxxx

Xxxx xxx XXXXXX system xx operational and XXXXXX2 has xxxxxx xxxxxxxxx, X2X DCA xxxxxxx xxxxx xxxxxx X2X XXX xxxxxxx xx xxx XXXXXX xxxxxx.“;

9.

Xxxxxx xx xxxxx „X2X network xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx nebo xxxxxxx xxxxx) x&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 písm. a) xxxx i), xx.&xxxx;9 xxxx.&xxxx;5, xx.&xxxx;10 xxxx.&xxxx;6, xx.&xxxx;14 xxxx.&xxxx;1 xxxx. x), xx.&xxxx;22 xxxx.&xxxx;1, xx.&xxxx;22 xxxx.&xxxx;2, xx.&xxxx;22 xxxx.&xxxx;3, xx.&xxxx;27 odst. 5, xx.&xxxx;28 xxxx.&xxxx;1, xx.&xxxx;29 xxxx.&xxxx;1 xxxxxxx II x&xxxx;x&xxxx;xxxxxxxx 1 xxxxxxx X&xxxx;xx xxxxxxxxx xxxxxxx „XXX“;

10.

X&xxxx;xxxxxxx X&xxxx;xx v odst. 8 xxxxxxx. 4 xxxxxxxxx xxxxxxx x) tímto:

„(b)

User-to-application xxxx (X2X)

X2X xxxxxxx xxxxxx xxxxxxxxxxxxx xxxxxxx x&xxxx;X2X XXX xxxxxx xxx xxx X2X XXX. Xxx xxxxxxxxxxx xx displayed xx x&xxxx;xxxxxxx xxxxxxx xx x&xxxx;XX xxxxxx. Xxx X2X access xxx XX xxxxxxxxxxxxxx xxx xx be xxxx xx xxxxxxx cookies. Xxxxxxx details are xxxxxxxxx in xxx X2X Xxxx Handbook.“.

XXXXXXX III

Příloha III xxxxxxxxxx ECB/2007/7 xx xxxx xxxxx:

1.

Xxxxxx xx xxxxx „XXXX xxxxxxx xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx xxxxx) x&xxxx;xxxx xxxxxxx se xxxxxxxxx odkazem „XXX“;

2.

Xxxxxx&xxxx;1 xx xxxx xxxxx:

x)

xxxxxxxx xxxxx „reachable party“ xx xxxxxxxxx tímto:

„—

“reachable xxxxx” means xx xxxxxx which: (x) xxxxx x&xxxx;XXX, (x) xx xxxxxxxxxx xx x&xxxx;xxxxxxxxx party by x&xxxx;XXXX DCA xxxxxx xx by an xxxxxxxxx xxxxxx; (c) xx x&xxxx;xxxxxxxxxxxxx, customer xx xxxxxx xx x&xxxx;XXXX XXX holder xx x&xxxx;xxxxxxxxxxx xx xx ancillary system xx a correspondent, xxxxxxxx xx xxxxxx of x&xxxx;xxxxxxxxxxx xx an xxxxxxxxx xxxxxx; xxx (x) is addressable xxxxxxx xxx XXXX Xxxxxxxx and is xxxx xx xxxxxx xxxxxxx xxxxxxx xxxxxx xxx xxxxxxx xxxxxxx xxxxxxx orders xxxxxx xxx xxx TIPS XXX holder xx xxx xxxxxxxxx xxxxxx xx, if xx xxxxxxxxxx xx xxx XXXX XXX xxxxxx xx by the xxxxxxxxx system, xxxxxxxx,“;

x)

xxxxxxxx xxxxx „payment xxxxx“ xx xxxxxxxxx xxxxx:

„—

“xxxxxxx xxxxx”, except xxxxx xxxx xx Xxxxxxxx 16 to 18 xx xxxx Annex, xxxxx xx xxxxxxx xxxxxxx order, x&xxxx;xxxxxxxx xxxxxx xxxxxx, x&xxxx;XX xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxx, x&xxxx;XXXX DCA xx XX liquidity xxxxxxxx xxxxx, x&xxxx;XXXX XX xxxxxxxxx xxxxxxx xx XXXX DCA liquidity xxxxxxxx xxxxx xx x&xxxx;XXXX DCA xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxx,“;

x)

xxxxxxxx xxxxx „xxxxxxx xxxxxxx xxxxx“ xx xxxxxxxxx tímto:

„—

“instant xxxxxxx xxxxx” xxxxx, xx xxxx with the Xxxxxxxx Payments Xxxxxxx'x XXXX Instant Credit Xxxxxxxx (XXX Inst) xxxxxx, x&xxxx;xxxxxxx xxxxxxxxxxx xxxxx xxx be xxxxxxxx 24 xxxxx x&xxxx;xxx xxx calendar xxx xx xxx xxxx, xxxx xxxxxxxxx xx xxxxx xx xxxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxxx xx the xxxxx xxx xxxxxxxx (x) TIPS XXX xx XXXX XXX xxxxxxx xxxxxxx xxxxxx, (x) TIPS XXX xx TIPS XX xxxxxxxxx xxxxxxx xxxxxxx xxxxxxx xxxxxx, (x) XXXX AS xxxxxxxxx xxxxxxx xx TIPS XXX instant xxxxxxx xxxxxx and (d) XXXX XX xxxxxxxxx xxxxxxx xx XXXX XX technical xxxxxxx xxxxxxx payment xxxxxx,“;

x)

xxxxxxxx xx xxxx xxxxxxxx, xxxxx xxxxx:

„—

“XXXX ancillary xxxxxx xxxxxxxxx account (XXXX XX xxxxxxxxx xxxxxxx)” means an xxxxxxx held by xx xxxxxxxxx xxxxxx xx xxx CB xx xx ancillary xxxxxx'x xxxxxx in xxx CB’s XXXXXX2 xxxxxxxxx xxxxxx for xxx by that xxxxxxxxx xxxxxx xxx xxx xxxxxxx of xxxxxxxx instant xxxxxxxx xx xxx own xxxxx,

“XXXX DCA to XXXX AS xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxx” means xxx xxxxxxxxxxx to xxxxxxxx x&xxxx;xxxxxxxxx amount xx xxxxx xxxx a TIPS XXX xx x&xxxx;XXXX XX xxxxxxxxx account xx fund the XXXX DCA xxxxxx’x xxxxxxxx (xx xxx xxxxxxxx xx xxxxxxx xxxxxxxxxxx xx the xxxxxxxxx xxxxxx) in xxx books xx xxx ancillary xxxxxx,

“XXXX XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxx” xxxxx xxx instruction xx xxxxxxxx x&xxxx;xxxxxxxxx xxxxxx xx funds xxxx x&xxxx;XXXX AS xxxxxxxxx xxxxxxx to x&xxxx;XXXX XXX to xxxxxx the XXXX XXX xxxxxx’x xxxxxxxx (xx xxx xxxxxxxx xx xxxxxxx participant xx xxx xxxxxxxxx xxxxxx) in xxx xxxxx xx the xxxxxxxxx xxxxxx,

“Xxxxxxxx Xxxxxxxx Xxxxxxx'x XXXX Xxxxxxx Xxxxxx Xxxxxxxx (SCT Xxxx) scheme” xx “XXX Xxxx xxxxxx” xxxxx xx automated, xxxx standards xxxxxx xxxxxxxxx x&xxxx;xxx of xxxxxxxxx rules xx xx xxxxxxxx xxxx xx SCT Inst xxxxxxxxxxxx, allowing xxxxxxx xxxxxxxx xxxxxxxxx in XXXX xx offer xx automated, XXXX-xxxx xxxx instant credit xxxxxxxx product,

“mobile proxy xxxx-xx (MPL) xxxxxxx” xxxxx a service which xxxxxxx XXXX XXX xxxxxxx, ancillary xxxxxxx xxxxx XXXX AS xxxxxxxxx accounts xxx xxxxxxxxx parties, xxx xxxxxxx xxxx xxxxx xxxxxxxxx x&xxxx;xxxxxxx to xxxxxxx xx instant xxxxxxx xxxxx xx xxxxxx xx x&xxxx;xxxxxxxxxxx xxxxxxxxxx xxxx a proxy (x.x. a mobile number), xx xxxxxxxx xxxx xxx central XXX xxxxxxxxxx the corresponding xxxxxxxxxxx XXXX xxx xxx XXX to xx used xx xxxxxx the relevant xxxxxxx in XXXX,

“Xxxxxxx Xxxxxxx Xxxxxxxx (XXX)” xxxxx an xxxxxxxxxxx xxxx xxx xxxx xxxxxxx a concession with xxx Xxxxxxxxxx xx xxxxxxx xxxxxxxxxxxx services xxx xxx Xxxxxxxxxx Xxxxxx Xxxxxx Xxxxxxxxxxxxxx Xxxxxxx,

“XXXX” means the xxxxxxxxxxxxx xxxx account xxxxxx xxxxx xxxxxxxx xxxxxxxxxx an individual xxxxxxx xx a specific xxxxxxxxx xxxxxxxxxxx xx x&xxxx;xxxxxxxxxx country.“;

e)

definice pojmu „XXXX network xxxxxxx xxxxxxxx“ xx xxxxxxx;

3.

X&xxxx;xx.&xxxx;3 xxxx.&xxxx;1 xx zrušuje xxxxx na „Appendix X: XXXX connectivity xxxxxxxxx requirements“;

4.

Článek 4 xx xxxx xxxxx:

x)

x&xxxx;xxxxxxxx 2 xx xxxxxxxx xxxx xxxxxxx k), které xxx:

„(x)

XXXX DCA to XXXX XX technical xxxxxxx liquidity xxxxxxxx xxxxxx and TIPS XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx transfer orders; xxx“;

x)

xxxxxxxx 3 xx xxxxxxxxx tímto:

„3.   TARGET2 xxxxxxxx xxxx-xxxx gross settlement xxx xxxxxxxx in xxxx, xxxx xxxxxxxxxx xx xxxxxxx xxxx xxxxx xxxxxx XX xxxxxxxx, T2S XXXx xxx XXXX DCAs. TARGET2 xx xxxxxxxxxxx and xxxxxxxxx xx the xxxxx xx xxx XXX xxxxxxx xxxxx xxxxxxx orders xxx xxxxxxxxx xxx xxxxxxxxx xxx xxxxxxx xxxxx xxxxxxxx are xxxxxxxxxx xxxxxxxx in the xxxx xxxxxxxxx xxxxxx. Xx far xx xxx xxxxxxxxx xxxxxxxxx xx xxx TIPS XXXx xxx TIPS XX technical accounts xx xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx established xxx xxxxxxxxx xx xxx basis xx xxx XXXX Platform. Xx xxx xx xxx technical operation xx xxx X2X XXXx is xxxxxxxxx, XXXXXX2 is technically xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx xx xxx T2S Xxxxxxxx.“;

5.

X&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 písm. x) xx xxx x) xxxxxxxxx tímto:

„(i)

install, xxxxxx, operate and xxxxxxx and ensure xxx xxxxxxxx of xxx xxxxxxxxx IT xxxxxxxxxxxxxx xx xxxxxxx xx xxx XXXX Xxxxxxxx xxx xxxxxx xxxxxxx xxxxxx xx xx. Xx doing xx, xxxxxxxxx XXXX XXX xxxxxxx xxx xxxxxxx xxxxx parties, xxx xxxxxx xxxx xxxxxxxxx. In xxxxxxxxxx, xxxxxx xx xxxxxxxxxxx xxxxx xx xxxx, xxxxxxxxx XXXX DCA xxxxxxx shall xxxxx xxxx an xxxxxxxxx xxxx xxx xx xxxx XXXx xx xxxxxx the necessary xxxxxxxxxx and admissions, xx xxxxxxxxxx with xxx xxxxxxxxx xxxxxxxxxxxxxx xx Appendix X; xxx“;

6.

Xxxxxx&xxxx;9 se nahrazuje xxxxx:

„Xxxxxxx&xxxx;9

Xxxxxxxxxxx relationship xxxx xx XXX

1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx:

(x)

xxxxxxxx a contract xxxx xx XXX within xxx xxxxxxxxx xx xxx concession xxxxxxxx xxxx xxxx NSP xx order xx xxxxxxxxx a technical xxxxxxxxxx xx XXXXXX2-XXX; or

(b)

connect xxx xxxxxxx xxxxxx xxxxx xxx xxxxxxxxx x&xxxx;xxxxxxxx with an XXX within xxx xxxxxxxxx xx xxx xxxxxxxxxx xxxxxxxx xxxx xxxx XXX.

2.&xxxx;&xxxx;&xxxx;Xxx xxxxx xxxxxxxxxxxx xxxxxxx x&xxxx;xxxxxxxxxxx xxx xxx XXX xxxxx be exclusively xxxxxxxx by the xxxxx xxx xxxxxxxxxx xx xxxxx xxxxxxxx xxxxxxxx xx referred xx xx xxxxxxxxx 1(x).

3.&xxxx;&xxxx;&xxxx;Xxx services xx xx xxxxxxxx xx xxx XXX shall xxx xxxx xxxx xx xxx services xx xx performed xx xxx XXX xx respect xx XXXXXX2.

4.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxx be liable xxx any xxxx, xxxxxx xx omissions xx the XXX (xxxxxxxxx its directors, xxxxx xxx xxxxxxxxxxxxxx), xx for any xxxx, errors xx xxxxxxxxx by third xxxxxxx xxxxxxxx by xxxxxxxxxxxx xx gain xxxxxx to xxx XXX’x network.“;

7.

Článek 10 xx xxxxxxx;

8.

Xxxxxx xx xxxx xxxxxx&xxxx;11x, xxxxx xxx:

„Xxxxxxx&xxxx;11x

XXX xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxx xxxxxxx XXX xxxxxxxxxx xxxxxxxx xxx xxxxx – IBAN xxxxxxx xxxxx for xxx xxxxxxxx of xxx XXX xxxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxxx xxxxx xxx xx xxxxxx xx xxxx xxx XXXX. Xx XXXX may xx xxxxxx to one xx xxxxxxxx xxxxxxx.

3.&xxxx;&xxxx;&xxxx;Xxxxxxx&xxxx;29 xxxxx apply xx xxx xxxx xxxxxxxxx xx xxx XXX xxxxxxxxxx.“;

9.

X&xxxx;xxxxxx&xxxx;12 se xxxxxxx xxxxxxxx 9;

10.

Článek 16 se xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;16

Xxxxx xx xxxxxxx xxxxxx xx XXXX XXX

Xxx xxxxxxxxx xxx classified xx xxxxxxx orders xxx xxx purposes xx xxx TIPS xxxxxxx:

(x)

xxxxxxx xxxxxxx xxxxxx;

(x)

xxxxxxxx recall xxxxxxx;

(x)

XXXX XXX xx XX xxxxxxxxx xxxxxxxx xxxxxx;

(x)

XXXX DCA xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxxx; and

(e)

TIPS AS xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxxx.“;

11.

X&xxxx;xxxxxx&xxxx;18 se xxxxxxxx 6 xxxxxxxxx xxxxx:

„6.&xxxx;&xxxx;&xxxx;Xxxxx x&xxxx;XXXX XXX xx XX liquidity xxxxxxxx order, x&xxxx;XXXX XXX xx TIPS XX technical xxxxxxx xxxxxxxxx xxxxxxxx xxxxx xx x&xxxx;XXXX XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxx has xxxx xxxxxxxx xx xxxxxxxx xx xx Xxxxxxx&xxxx;17, the TARGET2-ECB xxxxx xxxxx xxxxxxx xxxxxxxxxx funds xxx xxxxxxxxx on xxx xxxxx'x account. Xx xxxxxxxxxx xxxxx are xxx available the xxxxxxxxx xxxxxxxx xxxxx xxxxx xx rejected. Xx xxxxxxxxxx xxxxx xxx xxxxxxxxx the xxxxxxxxx xxxxxxxx order xxxxx xx settled xxxxxxxxxxx.“;

12.

X&xxxx;xx.&xxxx;20 odst. 1 se xxxxxxx b) xxxxxxxxx xxxxx:

„(x)

XXXX XXX xx XX xxxxxxxxx xxxxxxxx xxxxxx, xxxxxxxx recall xxxxxxx and XXXX XXX xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx orders xxx xxxxxx entered xxxx XXXXXX2-XXX xxx xxxxxxxxxxx at xxx xxxxxx xxxx xxx xxxxxxxx TIPS DCA xx debited. XXXX XX technical account xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxxx xxx xxxxxx xxxxxxx xxxx TARGET2-ECB xxx xxxxxxxxxxx xx xxx xxxxxx xxxx the xxxxxxxx TIPS XX xxxxxxxxx account xx xxxxxxx.“;

13.

X&xxxx;xxxxxx&xxxx;30 xx xxxxxxxx 1 xxxxxxxxx tímto:

„1.   TIPS XXX xxxxxxx xxxxx xx xxxxxx xx xx xxxxx of, xxxxx xxxxxx xxxx xxx shall be xxxx to demonstrate xxxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx with all xxxxxxxxxxx xx them xxxxxxxx xx xxxxxxxxxxx xx xxxx protection. Xxxx shall be xxxxxx to xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx obligations xx xxxx xxxxxxxx to xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx laundering xxx the xxxxxxxxx xx terrorism, proliferation-sensitive xxxxxxx xxxxxxxxxx and xxx xxxxxxxxxxx xx xxxxxxx xxxxxxx delivery xxxxxxx, xx xxxxxxxxxx xx terms of xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx any xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx TIPS XXXx. TIPS DCA xxxxxxx ensure xxxx xxxx xxx xxxxxxxx xxxxx their chosen XXX'x xxxx xxxxxxxxx xxxxxx prior to xxxxxxxx xxxx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx xxxx XXX.“;

14.

Xxxxxx xx xxxx xxxxxx&xxxx;35x, který zní:

„Article 35a

Transitional xxxxxxxxx

Xxxx the TARGET xxxxxx xx xxxxxxxxxxx xxx xxx XXXXXX2 xxx xxxxxx operation, XXXX DCA xxxxxxx xxxxx xxxxxx XXXX XXX xxxxxxx xx xxx TARGET xxxxxx.“;

15.

X&xxxx;xxxxxxx X&xxxx;xx xxxxxxx v odstavci 2 xxxxxxxxx tímto:

„Message Xxxx

Xxxxxxx Name

Pacs.002

FIToFIPayment Xxxxxx Xxxxxx

Xxxx.004

XxxxxxxXxxxxx

Xxxx.008

XXXxXXXxxxxxxxXxxxxxXxxxxxxx

Xxxx.028

XXXxXXXxxxxxxXxxxxxXxxxxxx

xxxx.003

XxxXxxxxxx

xxxx.004

XxxxxxXxxxxxx

xxxx.005

XxxXxxxxxxxxxx

xxxx.006

XxxxxxXxxxxxxxxxx

xxxx.011

XxxxxxXxxxx

xxxx.019

XxxxxxXxxxxxxxXxxXxxxxxxxxxx

xxxx.025

Xxxxxxx

xxxx.029

XxxxxxxxxxXxXxxxxxxxxxxxx

xxxx.050

XxxxxxxxxXxxxxxXxxxxxxx

xxxx.052

XxxxXxXxxxxxxxXxxxxxxXxxxxx

xxxx.053

XxxxXxXxxxxxxxXxxxxxxxx

xxxx.054

XxxxXxXxxxxxxxXxxxxXxxxxxXxxxxxxxxxxx

xxxx.056

XXXxXXXxxxxxxXxxxxxxxxxxxXxxxxxx

xxxx.010

XxxxxxxXxxxxxxXxxxxxxxxxxxxxx

xxxx.011

XxxxxxxXxxxxxxXxxxxxxxx

xxxx.015

XxxxxxxXxxxxxxxXxxxxxxXxxxxxxxxxxXxxxxxx

xxxx.016

XxxxxXxxxxxXxxxxxX01

xxxx.022

XxxxxXxxxxxxxxxxxXxxxxxxX01“

16.

X&xxxx;xxxxxxx X&xxxx;xx v odst. 6 xxxxxxx. 1 xxxxxxxxx xxxxxxx x) tímto:

„(b)

User-to-application xxxx (X2X)

X2X permits xxxxxx xxxxxxxxxxxxx xxxxxxx x&xxxx;XXXX XXX holder xxx the XXXX XXX. The information xx xxxxxxxxx in x&xxxx;xxxxxxx xxxxxxx on x&xxxx;XX system. Xxx X2X access xxx XX infrastructure xxx xx xx able xx xxxxxxx xxxxxxx. Xxxxxxx details xxx xxxxxxxxx in xxx XXXX Xxxx Xxxxxxxx.“;

17.

X&xxxx;xxxxxxx XX xx zrušuje xxxxxxxx 2;

18.

Dodatek X&xxxx;xx xxxxxxx.