XXXXXXXXXX XXXXXXXX XXXXXXXXX XXXXX (XX) 2021/1758
xx xxx 21.&xxxx;xxxx 2021,
xxxxxx xx xxxx xxxxxxxxxx XXX/2007/7 o podmínkách TARGET2-ECB (XXX/2021/43)
XXXXXXX RADA XXXXXXXX XXXXXXXXX XXXXX,
x&xxxx;xxxxxxx xx Xxxxxxx x&xxxx;xxxxxxxxx Xxxxxxxx xxxx, a zejména xx xxxxx x&xxxx;xxxxxxx xxxxxxx xx.&xxxx;127 xxxx.&xxxx;2 xxxx xxxxxxx,
x&xxxx;xxxxxxx na xxxxxx Xxxxxxxxxx systému xxxxxxxxxxx xxxx x&xxxx;Xxxxxxxx centrální xxxxx, x&xxxx;xxxxxxx na xxxxxx&xxxx;11.6 x&xxxx;xxxxxx 17, 22 x&xxxx;23 xxxxxx xxxxxxx,
xxxxxxxx x&xxxx;xxxxx xxxxxxx:
(1) |
Xxxx xxxxxxxxx změnila (1) xxx 20.&xxxx;xxxxxxxx 2021 xxxxxx xxxxxx Xxxxxxxx centrální xxxxx XXX/2012/27&xxxx;(2) s cílem: x) xxxxxxxx, xx xxxxxxxx XXXX DCA xxxxx x&xxxx;XXXXXX2 xxxxxxxxx xxxxxxxxxxxxxxx jednotného portálu xxxxx xxxxxxxxxxxxxx Xxxxxxxxxxx (Xxxxxxxxxx Single Xxxxxx Xxxxxxxxxxxxxx Gateway) xx xxxxxxxxx 2021 x&xxxx;xxxxxxxx X2X XXX xxxxx x&xxxx;XXXXXX2 prostřednictvím xxxxxx xxxxxxx xxxxxxxxx od xxxxxx 2022; x) xxxxxxxx x&xxxx;xxxxxxxx xxxxxxxx xxxxxxxx xx dodržování xxxxxxxxx xx xxxxxxxxxx xxxxxxxxx xxxx XXXXXX2, xxx xx xxxxxxxxx, xx xx systém XXXXXX2 xxxx dále xxxxxxx xxx, aby xxx xxxxxxx čelit xxxxxxx x&xxxx;xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx; x) xxxxxx xxxxxxxxx, xxx majitelé xxxx PM, xxxxxx xxxxxxx xxxxxxxxx a adresovatelní xxxxxxxx kódu XXX, xxxxx přistoupili k uplatňování xxxxxxx XXX Inst xxxxxxxx xxxxxx x&xxxx;xxxxxxxxxx xxxxxxx xxx okamžité xxxxxxxxxxxxx xxxxxxx XXXX, xxxx a zůstali xxxxxx xxxxxxxxxxx na platformě XXXX prostřednictvím TIPS XXX, xxx aby xx xxxxxxxxx xxxxxxxxxx xxxxxxxxxx plateb x&xxxx;xxxx Xxxx; x) xxxxxx xxxxxxxxxxxxxxx, xxxxx xxx x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx x&xxxx;XXXXXX2 xx xxxxxxxxxxxx xxxxxxxxxxx xxxx v budoucím xxxxxxx XXXXXX, aby xxxx xxxxxxxxx xxxxxx xxxxxxx, x&xxxx;x) vyjasnit a aktualizovat xxxxxxx xxxxx xxxxxxx xxxxxxxx xxxxx XXX/2012/27. |
(2) |
Xxxxxxx xxxx xxxxxxxxxx xxxxxxx xxxxxxxxxxx T2-T2S, xxxx x&xxxx;xxxxx xxxxxx xxxxxxx xxxxxx xxxxxxxx xxxxxxxx xxxxxxxxxxxxxxx, xxxxx jde x&xxxx;xxxxxxx xxxxxxx zůstatků x&xxxx;xxxx účastníků x&xxxx;XXXXXX2-XXX xx xxxxxxxxxxxx nástupnické xxxx. |
(3) |
Xxxxx obecných xxxxx XXX/2012/27, xxxxx xxxx xxxx na xxxxxxxx XXXXXX2-XXX, xx xxxxx xxxxxxxxx v rozhodnutí Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7&xxxx;(3). |
(4) |
Xxxxxxxxxx XXX/2007/7 xx xxxxx xxxxx xxxxxxxxxxxxx xxxxxxxx xxxxxx, |
XXXXXXX XXXX XXXXXXXXXX:
Xxxxxx&xxxx;1
Xxxxx
Xxxxxxx X, XX x&xxxx;XXX rozhodnutí XXX/2007/7 xx xxxx x&xxxx;xxxxxxx x&xxxx;xxxxxxxxx tohoto xxxxxxxxxx.
Článek 2
Závěrečná xxxxxxxxxx
Xxxx xxxxxxxxxx xxxxxxxx x&xxxx;xxxxxxxx pátým xxxx xx xxxxxxxxxx x&xxxx;Xxxxxxx věstníku Xxxxxxxx xxxx.
Xxxxxxx xx ode xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx xxxx.&xxxx;1 písm. x) a odstavců 7 x&xxxx;9 xxxxxxx II xxxxxx xxxxxxxxxx, které xx xxxxxxx xxx xxx 13.&xxxx;xxxxxx 2022.
Ve Frankfurtu xxx Xxxxxxx xxx 21. září 2021.
Xxxxxxxxxxx XXX
Xxxxxxxxx XXXXXXX
(1)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx xxxxxxxxx xxxxx (XX) 2021/1759 xx xxx 20.&xxxx;xxxxxxxx 2021, kterými xx xxxx xxxxxx xxxxxx XXX/2012/27 o transevropském xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx zúčtování xxxxxx v reálném čase (XXXXXX2) (ECB/2021/30) [(xxx xxxxxx 45 x&xxxx;xxxxx xxxxx Xxxxxxxx xxxxxxxx).
(2)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2012/27 xx xxx 5. prosince 2012 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx zúčtování xxxxxx x&xxxx;xxxxxxx xxxx (XXXXXX2) (Xx. věst. X&xxxx;30, 30.1.2013, s. 1).
(3)&xxxx;&xxxx;Xxxxxxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7 xx xxx 24.&xxxx;xxxxxxxx 2007 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (Xx. xxxx. X&xxxx;237, 8.9.2007, x. 71).
XXXXXXX X
Xxxxxxx X&xxxx;xxxxxxxxxx XXX/2007/7 xx xxxx xxxxx:
1. |
Xxxxxx&xxxx;1 xx xxxx xxxxx:
|
2. |
X&xxxx;xxxxxx&xxxx;2 xxxxxx xxxxxxxx xx xxxxxxxx xxxx xxxx, xxxxx xxx:
|
3. |
Xxxxxx&xxxx;3 se xxxx xxxxx:
|
4. |
Xxxxxx&xxxx;5 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;5 Xxxxxx xxxxxxxxxxxx XX account xxxxxxx xx XXXXXX2-XXX xxx direct xxxxxxxxxxxx xxx shall xxxxxx xxxx the xxxxxxxxxxxx xxx xxx in Xxxxxxx&xxxx;8(1) xxx&xxxx;(2). They xxxxx xxxx xx xxxxx one PM xxxxxxx xxxx xxx XXX. XX account xxxxxxx xxxx have xxxxxxx xx the XXX Xxxx xxxxxx xx signing xxx XXXX Xxxxxxx Credit Xxxxxxxx Xxxxxxxxx Xxxxxxxxx xxxxx xx xxx xxxxx xxxxxx xxxxxxxxx xx the XXXX Xxxxxxxx xx all xxxxx, xxxxxx xx x&xxxx;XXXX XXX xxxxxx xx xx x&xxxx;xxxxxxxxx xxxxx xxx x&xxxx;XXXX XXX xxxxxx.“; |
5. |
Xxxxxx&xxxx;22 se xxxxxxxxx tímto: „Article 22 Security Xxxxxxxxxxxx xxx Xxxxxxx Xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx implement xxxxxxxx xxxxxxxx controls xx xxxxxxx xxxxx systems xxxx unauthorised xxxxxx xxx xxx. Xxxxxxxxxxxx xxxxx xx xxxxxxxxxxx xxxxxxxxxxx xxx xxx xxxxxxxx xxxxxxxxxx xx xxx xxxxxxxxxxxxxxx, xxxxxxxxx xxx xxxxxxxxxxxx of xxxxx xxxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx xxx XXX xx xxx security-related xxxxxxxxx xx xxxxx xxxxxxxxx infrastructure and, xxxxx xxxxxxxxxxx, xxxxxxxx-xxxxxxx xxxxxxxxx xxxx xxxxx xx xxx technical xxxxxxxxxxxxxx xx xxx xxxxx xxxxx xxxxxxxxx. Xxx XXX xxx xxxxxxx xxxxxxx information xxxxx the xxxxxxxx xxx, xx necessary, xxxxxxx that xxx xxxxxxxxxxx take appropriate xxxxxxxx to xxxxxxx x&xxxx;xxxxxxxxxx xx xxxx xx event. 3. The ECB xxx impose xxxxxxxxxx xxxxxxxx requirements, in xxxxxxxxxx xxxx regard xx cybersecurity or xxx xxxxxxxxxx of xxxxx, on all xxxxxxxxxxxx xxx/xx xx xxxxxxxxxxxx xxxx xxx xxxxxxxxxx critical xx xxx XXX. 4.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxx xxx XXX xxxx: (x) permanent xxxxxx xx xxxxx xxxxxxxxxxx of xxxxxxxxx xx xxxxx xxxxxx xxxxxxx xxxxxxx xxxxxxxx’x xxxxxxxx xxxxxxxx xxxxxxxxxxxx, xxx (xx) xx xx annual xxxxx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxx xx xxxxxxxxx xx xxx ECB’s xxxxxxx in Xxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxx xxx xxxxxxxxxxx’x xxxx-xxxxxxxxxxxxx xxxxxxxxx(x) on xxx xxxxxxxxxxxx level xx xxxxxxxxxx xxxx xxxx xx xxx xxxxxxxxxxxx xxx xxx xx xxx TARGET2 self-certification xxxxxxxxxxxx. Xxxxx xxxxxxxxxxxx xxx xxxxxx xx Xxxxxxxx XXX, xxxxx xx xxxxxxxx xx xxx other Appendices xxxxxx xx Xxxxxxx&xxxx;2(1), xxxxx form xx xxxxxxxx xxxx of xxxxx Xxxxxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx participant’s xxxxx xx compliance xxxx xxx xxxxxxxxxxxx xx xxx TARGET2 xxxx-xxxxxxxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx, xx xxxxxxxxxx xxxxx xx xxxxxxxx: ‘xxxx xxxxxxxxxx’; ‘minor xxx-xxxxxxxxxx’; xx ‘xxxxx non-compliance’. Xxx xxxxxxxxx xxxxxxxx xxxxx: xxxx compliance xx xxxxxxx xxxxx xxxxxxxxxxxx satisfy 100% xx xxx requirements; xxxxx xxx-xxxxxxxxxx is xxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxx xxxx than 100% xxx xx least 66% xx xxx xxxxxxxxxxxx and major xxx-xxxxxxxxxx xxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxx less than 66% xx the xxxxxxxxxxxx. Xx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx not xxxxxxxxxx xx it, xx shall be xxxxxxxxxx xx xxxxxxxxx xxxx the xxxxxxxxxx xxxxxxxxxxx xxx xxx xxxxxxxx xx xxx xxxxxxxxxxxxxx. X&xxxx;xxxxxxxxxxx which xxxxx xx xxxxx ‘xxxx xxxxxxxxxx’ shall xxxxxx an xxxxxx xxxx xxxxxxxxxxxxx how xx intends to xxxxx xxxx xxxxxxxxxx. Xxx XXX xxxxx xxxxxx the relevant xxxxxxxxxxx authorities of xxx xxxxxx xx xxxx participant’s compliance. 4c. If xxx xxxxxxxxxxx xxxxxxx xx grant permanent xxxxxx to xxx xxxxxxxxxxx of adherence xx xxxxx xxxxxx XXXx xxxxxxxx xxxxxxxx xxxxxxxxxxxx xx xxxx xxx xxxxxxx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxx xxxxxxxxxxx’x xxxxx xx xxxxxxxxxx xxxxx be xxxxxxxxxxx as ‘major xxx-xxxxxxxxxx’. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX shall xxxxxxxx compliance xx xxxxxxxxxxxx xx xx xxxxxx xxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxx xxxxxx xxx xxxxxxxxx xxxxxxxx of xxxxxxx on xxxxxxxxxxxx xxxxx xxxxx of xxxxxxxxxx xxx assessed xx xxxxx xx xxxxx xxx-xxxxxxxxxx, xx xxxxxxxxxx xxxxx xx xxxxxxxx:
|
6. |
X&xxxx;xxxxxx&xxxx;33 se odstavec 1 nahrazuje xxxxx: „1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xx xxxxxx xx xx aware xx, xxxxx xxxxxx xxxx, and shall xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx the xxxxxxxx xxxxxxxxx xxxxxxxxxxx xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxx xxxxxxxxxx. Xxxx shall xx xxxxxx to xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx legislation xx xxxxxxxxxx xx xxxxx xxxxxxxxxx and the xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx nuclear xxxxxxxxxx xxx xxx development xx xxxxxxx xxxxxxx xxxxxxxx systems, xx xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx appropriate xxxxxxxx concerning xxx xxxxxxxx debited xx xxxxxxxx on xxxxx XX xxxxxxxx. Xxxxxxxxxxxx xxxxx xxxxxx that xxxx are informed xxxxx xxx XXXXXX2 xxxxxxx xxxxxxx xxxxxxxx’x xxxx retrieval xxxxxx xxxxx to xxxxxxxx xxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx xxx XXXXXX2 xxxxxxx service xxxxxxxx.“; |
7. |
Xxxxxx xx xxxx xxxxxx&xxxx;39x, který xxx: „Xxxxxxx&xxxx;39x Xxxxxxxxxxxx xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxx xxx XXXXXX xxxxxx is xxxxxxxxxxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, XX xxxxxxx xxxxxxxx xxxxx xx transferred to xxx xxxxxxx xxxxxx’x xxxxxxxxxxxxx successor xxxxxxxx xx xxx TARGET xxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx that XX account holders, xxxxxxxx Xxxxxxxxxxxx and xxxxxxxxxxx XXX xxxxxxx xxxxxxxx xx xxx XXX Xxxx xxxxxx xx reachable xx xxx XXXX Platform xxxxxxxx to Article 5 xxxxx xxxxx xx xx 25 Xxxxxxxx 2022.“; |
8. |
X&xxxx;xxxxxxx I se x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx x) tímto:
|
9. |
X&xxxx;xxxxxxx XX se x&xxxx;xxxxxxxx 6 xxxxxxxxx xxxxxxx x) xxxxx:
|
10. |
Xxxxxxxx se nový xxxxxxx VII, který xxx: „Xxxxxxxx VII Requirements xxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx business xxxxxxxxxx xxxxxxxxxx Xxxxxxxxxxx security xxxxxxxxxx Xxxxx xxxxxxxxxxxx are xxxxxxxxxx xx each participant, xxxxxx xxx participant xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx not xxxxxxxxxx xx it. Xx xxxxxxxxxxxx xxx xxxxx xx application xx xxx xxxxxxxxxxxx xxxxxx xxx xxxxxxxxxxxxxx, xxx xxxxxxxxxxx xxxxxx xxxxxxxx xxx xxxxxxxx xxxx are xxxx xx the Payment Xxxxxxxxxxx Xxxxx (XXX). Xxxxxxxxxxxx, xxx XXX xxxxxx xx x&xxxx;Xxxxx xx Xxxxx (PoE), x.x. a system xxxxxxxx xx xxx xxxxxxxx xx xxxxxxxxxxxx (x.x. xxxxxxxxxxxx, front-office and xxxx-xxxxxx applications, xxxxxxxxxx), xxx xxxx xx xxx xxxxxx responsible xx send the xxxxxxx xx XXXXX (x.x. SWIFT XXX Xxx) xx Xxxxxxxx (xxxx the latter xxxxxxxxxx to Xxxxxxxx-xxxxx Xxxxxx). Xxxxxxxxxxx 1.1: Xxxxxxxxxxx xxxxxxxx xxxxxx Xxx management xxxxx set x&xxxx;xxxxx xxxxxx direction xx xxxx xxxx business xxxxxxxxxx xxx xxxxxxxxxxx xxxxxxx xxx xxx xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxx xxx xxxxxxxx, xxxxxxxx and xxxxxxxxxxx xx xx xxxxxxxxxxx security xxxxxx xxxxxx xx xxxxxxxx xxxxxxxxxxx security and xxxxx resilience xxxxxx xxx organisation xx xxxxx xx xxxxxxxxxxxxxx, xxxxxxxxxx and xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxx xxxxx xxxxxxxxxx xxxxx. The xxxxxx xxxxxx xxxxxxx at xxxxx xxx xxxxxxxxx xxxxxxxx: xxxxxxxxxx, xxxxx (xxxxxxxxx xxxxxxx xxxx xx xxxxxxxxxxxx, xxxxx xxxxxxxxx, xxxxx xxxxxxxxxx xxx.), principles xxx xxxxxxxxxx xx xxxxxxxxxxxxxxxx. Xxxxxxxxxxx 1.2: Xxxxxxxx organisation An xxxxxxxxxxx security xxxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxxxx xxx xxxxxxxxxxx xxxxxxxx xxxxxx xxxxxx xxx organisation. Xxx management xxxxx xxxxxxxxxx xxx xxxxxx xxx xxxxxxxxxxxxx xx xxx information xxxxxxxx xxxxxxxxx xx xxxxxx xxx implementation of xxx xxxxxxxxxxx security xxxxxx (as xxx Xxxxxxxxxxx 1.1) xxxxxx xxx organisation, xxxxxxxxx xxx xxxxxxxxxx of xxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxx xx security xxxxxxxxxxxxxxxx xxx xxxx xxxxxxx. Xxxxxxxxxxx 1.3: Xxxxxxxx xxxxxxx Xxx xxxxxxxx of xxx organisation’s xxxxxxxxxxx xxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxx not xx reduced xx xxx xxxxxxxxxxxx of, xxx/xx xxx xxxxxxxxxx xx, xx xxxxxxxx xxxxx/xxxxxxx xx xxxxxxxx/xxxxxxxx xxxxxxxx xx xxxx. Xxx xxxxxx xx xxx organisation’s information xxxxxxxxxx xxxxxxxxxx xx xxxxxxxx parties shall xx xxxxxxxxxx. Xxxx xxxxxxxx xxxxxxx xx xxxxxxxx/xxxxxxxx xx xxxxxxxx xxxxxxx are xxxxxxxx xx xxxxxx xxx xxxxxxxxxxxx’x information processing xxxxxxxxxx, x&xxxx;xxxx assessment xxxxx xx carried xxx to xxxxxxxxx xxx security xxxxxxxxxxxx xxx xxxxxxx xxxxxxxxxxxx. Xxxxxxxx xxxxx xx xxxxxx and defined xx an agreement xxxx xxxx relevant xxxxxxxx party. Requirement 1.4: Xxxxx xxxxxxxxxx Xxx information xxxxxx, xxx business xxxxxxxxx and the xxxxxxxxxx xxxxxxxxxxx xxxxxxx, xxxx as operating xxxxxxx, xxxxxxxxxxxxxxx, xxxxxxxx xxxxxxxxxxxx, off-the-shelf xxxxxxxx, xxxxxxxx and xxxx-xxxxxxxxx xxxxxxxxxxxx, in xxx xxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxxx be accounted xxx and have x&xxxx;xxxxxxxxx xxxxx. Xxx xxxxxxxxxxxxxx xxx the xxxxxxxxxxx xxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx in the xxxxxxxx xxxxxxxxx and xxx xxxxxxx XX xxxxxxxxxx to xxxxxxxxx xxx information xxxxxx xxxxx be xxxxxxxx. Xxxx: the xxxxx xxx xxxxxxxx xxx xxxxxxxxxxxxxx xx xxxxxxxx xxxxxxxx xx xxxxxxxxxxx, xxx xxxxxxx xxxxxxxxxxx xxx xxx proper xxxxxxxxxx xx xxx xxxxxx. Xxxxxxxxxxx 1.5: Information xxxxxx xxxxxxxxxxxxxx Xxxxxxxxxxx assets xxxxx xx classified xx terms xx xxxxx xxxxxxxxxxx to xxx xxxxxx xxxxxxxx xx the xxxxxxx xx xxx xxxxxxxxxxx. Xxx xxxxxxxxxxxxxx xxxxx xxxxxxxx the need, xxxxxxxxxx xxx xxxxxx xx xxxxxxxxxx xxxxxxxx xxxx xxxxxxxx xxx xxxxxxxxxxx xxxxx in xxx relevant xxxxxxxx xxxxxxxxx and xxxxx xxxx xxxx xxxx xxxxxxxxxxxxx xxx underlying XX xxxxxxxxxx. Xx xxxxxxxxxxx asset classification xxxxxx approved by xxx xxxxxxxxxx xxxxx xx xxxx xx xxxxxx xx xxxxxxxxxxx xxx xx xxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxx xxxxx lifecycle (xxxxxxxxx xxxxxxx xxx xxxxxxxxxxx xx xxxxxxxxxxx xxxxxx) xxx xx xxxxxxxxxxx xxx xxxx xxx xxxxxxxx xxxxxxxx xxxxxxxx. Xxxxxxxxxxx 1.6: Human xxxxxxxxx xxxxxxxx Xxxxxxxx xxxxxxxxxxxxxxxx xxxxx xx xxxxxxxxx xxxxx to employment xx xxxxxxxx xxx xxxxxxxxxxxx xxx in xxxxx and xxxxxxxxxx xx xxxxxxxxxx. Xxx xxxxxxxxxx xxx employment, xxxxxxxxxxx and xxxxx xxxxx xxxxx shall xx xxxxxxxxxx xxxxxxxx, xxxxxxxxxx for xxxxxxxxx xxxx. Employees, contractors xxx xxxxx xxxxx xxxxx of xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xxxx an xxxxxxxxx xx their xxxxxxxx xxxxx xxx xxxxxxxxxxxxxxxx. Xx adequate xxxxx xx xxxxxxxxx shall xx xxxxxxx among xxx xxxxxxxxx, contractors xxx xxxxx party xxxxx, xxx education xxx xxxxxxxx in xxxxxxxx procedures and xxx correct xxx xx information xxxxxxxxxx xxxxxxxxxx xxxxx xx xxxxxxxx to xxxx xx minimise xxxxxxxx xxxxxxxx xxxxx. X&xxxx;xxxxxx xxxxxxxxxxxx xxxxxxx xxx xxxxxxxx security breaches xxxxx be xxxxxxxxxxx xxx xxxxxxxxx. Xxxxxxxxxxxxxxxx xxxxx be in xxxxx to ensure xxxx xx xxxxxxxx’x, xxxxxxxxxx’x or third xxxxx xxxx’x exit xxxx xx transfer xxxxxx the xxxxxxxxxxxx xx xxxxxxx, and xxxx the xxxxxx xx all xxxxxxxxx xxx the xxxxxxx xx all xxxxxx xxxxxx are completed. Requirement 1.7: Physical and xxxxxxxxxxxxx security Critical or xxxxxxxxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx shall xx xxxxxx in secure xxxxx, protected xx xxxxxxx security xxxxxxxxxx, xxxx xxxxxxxxxxx security xxxxxxxx xxx entry xxxxxxxx. Xxxx shall xx physically protected xxxx unauthorised xxxxxx, xxxxxx xxx interference. Xxxxxx shall xx xxxxxxx only xx xxxxxxxxxxx who fall xxxxxx xxx scope xx Xxxxxxxxxxx 1.6. Xxxxxxxxxx xxx xxxxxxxxx xxxxx xx established xx protect xxxxxxxx xxxxx containing xxxxxxxxxxx xxxxxx xxxx xx xxxxxxx. Xxxxxxxxx shall xx xxxxxxxxx xxxx xxxxxxxx xxx environmental xxxxxxx. Xxxxxxxxxx xx xxxxxxxxx (xxxxxxxxx xxxxxxxxx xxxx xxx-xxxx) xxx xxxxxxx xxx xxxxxxx xx xxxxxxxx xx xxxxxxxxx xx reduce xxx xxxx xx xxxxxxxxxxxx xxxxxx xx xxxxxxxxxxx xxx xx xxxxx xxxxxxx xxxx xx xxxxxx of xxxxxxxxx xx information. Xxxxxxx xxxxxxxx may xx xxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx xxx xx safeguard xxxxxxxxxx xxxxxxxxxx xxxx xx xxx electrical xxxxxx xxx xxxxxxx xxxxxxxxxxxxxx. Xxxxxxxxxxx 1.8: Operations xxxxxxxxxx Xxxxxxxxxxxxxxxx and xxxxxxxxxx xxxxx be xxxxxxxxxxx xxx xxx xxxxxxxxxx xxx operation of xxxxxxxxxxx processing xxxxxxxxxx xxxxxxxx all xxx xxxxxxxxxx systems xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx end-to-end. As regards xxxxxxxxx xxxxxxxxxx, including xxxxxxxxx xxxxxxxxxxxxxx xx XX systems, xxxxxxxxxxx xx xxxxxx shall xx implemented, where xxxxxxxxxxx, xx reduce xxx xxxx xx xxxxxxxxx or xxxxxxxxxx xxxxxx xxxxxx. Where xxxxxxxxxxx xx xxxxxx xxxxxx be implemented xxx xx xxxxxxxxxx xxxxxxxxx xxxxxxx, xxxxxxxxxxxx xxxxxxxx shall be xxxxxxxxxxx following a formal xxxx xxxxxxxx. Xxxxxxxx xxxxx be xxxxxxxxxxx xx prevent xxx xxxxxx xxx xxxxxxxxxxxx xx malicious xxxx xxx systems xx xxx Xxxxxxx Transaction Xxxxx. Controls shall xx xxxx established (xxxxxxxxx xxxx xxxxxxxxx) xx xxxxxxx, xxxxxx xxx xxxxxx malicious xxxx. Xxxxxx code xxxxx be xxxx xxxx xxxx xxxxxxx xxxxxxx (e.g. signed Xxxxxxxxx XXX xxxxxxxxxx xxx Xxxx Xxxxxxx). Xxx xxxxxxxxxxxxx of xxx xxxxxxx (x.x. xxx use xx xxxxxxxxxx xxx plugins) xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxx xxxxxx xxx xxxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xx xxx xxxxxxxxxx; xxxxx xxxxxxxx xxxxxxxx shall xxxxxxx x&xxxx;xxxx xx xxx xxxxxxxxxxx xxxxxxx xxxxx xx xxxxxx xx regular xxxxxxxxx xx xxxxx xxxxxxxx. Xxxxxxx xxxx xxx xxxxxxxx xxx the security xx xxxxxxxx xxxxx xx monitored xxx xxxxxx relevant xx xxxxxxxxxxx xxxxxxxx shall xx recorded. Xxxxxxxx xxxx xxxxx be xxxx xx ensure xxxx xxxxxxxxxxx system xxxxxxxx are xxxxxxxxxx. Xxxxxxxx xxxx shall xx xxxxxxxxx xxxxxxxx xx x&xxxx;xxxxxx xxxxx, xxxxx xx the xxxxxxxxxxx xx xxx xxxxxxxxxx. Xxxxxx xxxxxxxxxx xxxxx xx xxxx xx xxxxx xxx xxxxxxxxxxxxx xx controls xxxxx xxx xxxxxxxxxx xx xxxxxxxx for xxx xxxxxxxx of xxxxxxxx xxx xx xxxxxx xxxxxxxxxx xx xx access policy xxxxx. Xxxxxxxxx xx xxxxxxxxxxx xxxxxxx xxxxxxxxxxxxx shall xx based xx x&xxxx;xxxxxx exchange xxxxxx, xxxxxxx out in xxxx xxxx xxxxxxxx xxxxxxxxxx xxxxx xxx xxxxxxxx parties xxx xxxxx xx xxxxxxxxx xxxx any xxxxxxxx xxxxxxxxxxx. Xxxxx party xxxxxxxx components employed xx xxx xxxxxxxx xx xxxxxxxxxxx xxxx XXXXXX2 (like xxxxxxxx xxxxxxxx xxxx a Service Xxxxxx xx xxxxxxxx 2 of xxx xxxxx xxxxxxx of xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxx document) must xx used xxxxx x&xxxx;xxxxxx xxxxxxxxx with xxx third xxxxx. Xxxxxxxxxxx 1.9: Xxxxxx control Access xx xxxxxxxxxxx assets xxxxx xx xxxxxxxxx xx the basis xx xxxxxxxx xxxxxxxxxxxx (xxxx-xx-xxxx&xxxx;(1)) xxx xxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxxx xx xxxxxxxxx xxxxxxxx (including xxx xxxxxxxxxxx xxxxxxxx xxxxxx). Xxxxx xxxxxx xxxxxxx xxxxx xxxxx xx xxxxxxx based on xxx xxxxxxxxx xx xxxxx xxxxxxxxx&xxxx;(2) xx xxxxxxx closely xxx xxxxx of xxx xxxxxxxxxxxxx xxxxxxxx xxx XX processes. Xxxxx xxxxxxxx (x.x. xxx xxxxxx xxxxxxxxxx) logical xxxxxx xxxxxxx xxxxxx xx xxxxxxxxxx xxxx xxxxxxxx xxxxxx control xxxxxx xxxxx are xxxxxxxx compensatory controls xx place (e.g. xxxxxxxxxx, xxxxxxxx data xxxxxxxxxxxxx). Xxxxxx xxx xxxxxxxxxx xxxxxxxxxx xxxxx be xx xxxxx xx xxxxxxx the xxxxxxxxxx xx access rights xx xxxxxxxxxxx xxxxxxx xxx services xxxx xxxx xxxxxx xxx xxxxx xx the Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxx procedures xxxxx xxxxx xxx xxxxxx xx the xxxxxxxxx xx xxxx xxxxxx, xxxx xxx xxxxxxx xxxxxxxxxxxx of xxx xxxxx xx xxx xxxxx xxxxxxxxxxxxxx of xxxxx xxxx xx xxxxxx xxxxxxx access. Special xxxxxxxxx shall be xxxxx, where xxxxxxxxxxx, xx the allocation xx xxxxxx xxxxxx xx such xxxxxxxxxxx xxxx xxx xxxxx xx xxxxx xxxxxx xxxxxx xxxxx lead xx a severe xxxxxxx xxxxxx xx the xxxxxxxxxx xx xxx xxxxxxxxxxx (x.x. xxxxxx xxxxxx xxxxxxxx xxxxxx xxxxxxxxxxxxxx, xxxxxxxx xx xxxxxx xxxxxxxx, xxxxxx xxxxxx to xxxxxxxx xxxx). Xxxxxxxxxxx xxxxxxxx xxxxx xx put in xxxxx xx identify, xxxxxxxxxxxx and xxxxxxxxx xxxxx xx xxxxxxxx xxxxxx xx xxx xxxxxxxxxxxx’x network, e.g. xxx xxxxx xxx xxxxxx xxxxxx xx xxxxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx accounts xxxxx xxx xx shared xx xxxxx to xxxxxx xxxxxxxxxxxxxx. Xxx xxxxxxxxx, xxxxx xxxxx xx xxxxxxxxxxx xxx xxxxxxxx xx xxxxxxxx xxxxxxxx xx xxxxxx that xxxxxxxxx xxxxxx xx xxxxxx xxxxxxx, x.x. xxxxxxxxxx xxxxx xxx xxxxxxx-xxxx validity. X&xxxx;xxxx xxxxxxxx recovery and/or xxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx. X&xxxx;xxxxxx shall xx xxxxxxxxx xxx xxxxxxxxxxx on xxx xxx of xxxxxxxxxxxxx xxxxxxxx xx xxxxxxx xxx confidentiality, xxxxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx. X&xxxx;xxx xxxxxxxxxx xxxxxx shall xx xxxxxxxxxxx xx xxxxxxx xxx xxx xx xxxxxxxxxxxxx xxxxxxxx. Xxxxx shall xx policy for xxxxxxx confidential xxxxxxxxxxx xx screen xx xx print (x.x. x&xxxx;xxxxx xxxxxx, x&xxxx;xxxxx xxxx policy) xx xxxxxx xxx xxxx xx xxxxxxxxxxxx access. When xxxxxxx remotely, xxx xxxxx of xxxxxxx xx xx unprotected xxxxxxxxxxx xxxxx be xxxxxxxxxx xxx appropriate xxxxxxxxx xxx xxxxxxxxxxxxxx xxxxxxxx xxxxx be xxxxxxx. Xxxxxxxxxxx 1.10: Information xxxxxxx acquisition, xxxxxxxxxxx xxx xxxxxxxxxxx Xxxxxxxx requirements xxxxx be xxxxxxxxxx xxx agreed xxxxx xx xxx development xxx/xx xxxxxxxxxxxxxx xx xxxxxxxxxxx xxxxxxx. Xxxxxxxxxxx controls xxxxx be built xxxx applications, xxxxxxxxx xxxx-xxxxxxxxx applications, to xxxxxx xxxxxxx processing. Xxxxx controls xxxxx xxxxxxx xxx xxxxxxxxxx xx xxxxx data, xxxxxxxx xxxxxxxxxx xxx xxxxxx xxxx. Xxxxxxxxxx xxxxxxxx xxx xx xxxxxxxx for xxxxxxx xxxx xxxxxxx, xx xxxx xx impact xx, xxxxxxxxx, valuable xx xxxxxxxx information. Xxxx xxxxxxxx xxxxx xx determined on xxx xxxxx xx xxxxxxxx xxxxxxxxxxxx xxx xxxx xxxxxxxxxx according xx xxx established xxxxxxxx (x.x. information xxxxxxxx xxxxxx, cryptographic xxxxxxx policy). The operational xxxxxxxxxxxx of xxx xxxxxxx xxxxx xx xxxxxxxxxxx, xxxxxxxxxx xxx xxxxxx xxxxx xx xxxxx acceptance xxx xxx. Xx regards xxxxxxx security, xxxxxxxxxxx xxxxxxxx, xxxxxxxxx xxxxxxxxxxxx xxx xxxxxx management, xxxxxx xx implemented xxxxx xx xxx xxxxxxxxxxx xx xxxx xxxxx and the xxxxx of xxxx xx xxx xxxxxxx xxxxx in the xxxxxxxxxxxx. Xxxxx shall xx xxxxxxxx controls xx xxxxxxx xxxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxxxxx xxxxxxxx. Xxxxxx xx xxxxxx xxxxx xxx xxxxxxx xxxxxx xxxx xxxxx be xxxxxxxxxx xxx XX xxxxxxxx xxx xxxxxxx xxxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxx xxxxxx. Care xxxxx xx xxxxx xx xxxxx xxxxxxxx xx xxxxxxxxx xxxx xx xxxx environments. Xxxxxxx xxx xxxxxxx environments xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxxxxxxxx of xxxxxxx xx xxxxxxxxxx xxxxx be xxxxxxxx xxxxxxxxxx. X&xxxx;xxxx assessment xx xxx xxxxx xxxxxxx xx xx xxxxxxxx xx production xxxxx xx xxxxxxxxx. Xxxxxxx xxxxxxxx xxxxxxx xxxxxxxxxx xx systems xx xxxxxxxxxx xxxxx xxxx xx xxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxxxxxx xxxx xxxxx xx xxx xxxxxxx xx a risk xxxxxxxxxx, and security xxxxxxx xxxxx xxxxxxx, xx xxxxx, vulnerability xxxxxxxxxxx. Xxx xx xxx xxxxxxxxxxxx xxxxxxxxxxx xxxxxx the xxxxxxxx xxxxxxx activities xxxxx xx assessed xxx xxxxxx xxxxx xx xxxxx xxx xxxxxxxxxx xxx xxxxx xx xxxxxxxx xxx followed xx xx x&xxxx;xxxxxx xxxxxxx. Xxxxxxxxxxx 1.11: Xxxxxxxxxxx xxxxxxxx in xxxxxxxx&xxxx;(3) xxxxxxxxxxxxx Xx ensure protection xx xxx participant’s xxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxx xxxxxxxxxx xx suppliers, information xxxxxxxx xxxxxxxxxxxx xxx xxxxxxxxxx xxx xxxxx xxxxxxxxxx xxxx xxxxxxxx’x xxxxxx xxxxx be xxxxxxxxxx xxx xxxxxxxx xxxxxx upon xxxx xxx supplier. Requirement 1.12: Xxxxxxxxxx xx information xxxxxxxx incidents and xxxxxxxxxxxx Xx xxxxxx a consistent xxx xxxxxxxxx xxxxxxxx xx the xxxxxxxxxx xx xxxxxxxxxxx security xxxxxxxxx, xxxxxxxxx communication xx xxxxxxxx xxxxxx xxx xxxxxxxxxx, xxxxx, xxxxxxxxxxxxxxxx xxx procedures, xx xxxxxxxx xxx xxxxxxxxx level, shall xx established xxx xxxxxx xx xxxxxx x&xxxx;xxxxx, xxxxxxxxx xxx xxxxxxx and xxxxxx xxxxxxx from information xxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxxxx related to x&xxxx;xxxxx-xxxxxxx cause (x.x. x&xxxx;xxxxx xxxxxxx by xx external xxxxxxxx xx xx xx xxxxxxx). Xxxxxxxxx involved xx xxxxx xxxxxxxxxx xxxxx xx xxxxxxxxxx xxxxxxx. Xxxxxxxxxxx 1.13: Xxxxxxxxx xxxxxxxxxx xxxxxx X&xxxx;xxxxxxxxxxx’x internal xxxxxxxxxxx systems (x.x. xxxx office xxxxxxx, xxxxxxxx xxxxxxxx and xxxxxxxx xxxxxxx xxxxxxxxxxxx) xxxxx xx regularly xxxxxxxx xxx xxxxxxxxxx xxxx xxx xxxxxxxxxxxx’x xxxxxxxxxxx framework xx xxxxxxxx (x.x. information xxxxxxxx xxxxxx, cryptographic xxxxxxx policy). Requirement 1.14: Xxxxxxxxxxxxxx Xxxxx xxxxxxx machines xxxxx xxxxxx xxxx xxx the xxxxxxxx xxxxxxxx xxxx are xxx for physical xxxxxxxx xxx systems (x.x. hardening, logging). Xxxxxxxx xxxxxxxx xx xxxxxxxxxxx xxxx include: xxxxxxxxx of the xxxxxxxxxx xxx xxx xxxxxxx operating xxxxxx, xxxxxxx patching, xxxxxx xxxxxxxxxx xx xxxxxxxxx xxxxxxxxxxxx (x.x. xxxxxxxxxx xxx development). Xxxxxxxxxxx xxxxxxxxxx, xxxxxxx xxx xxxxxxxxxx xx xxxx xx xxxxxxxx xx xxxxxx xxxxxx, in xxxxxxxxxx xxx xxxx xxxxxxxxxx accounts, xxxxx xx xxxxxxxxxxx xxxxx xx x&xxxx;xxxx assessment. Xxxxx xxxxxxx xxxxxxxx xxxxxxx xx the xxxx xxxxxxxxxx xxxxx xxxx x&xxxx;xxxxxxx xxxx xxxxxxx. Xxxxxxxxxxx 1.15: Cloud xxxxxxxxx Xxx xxxxx of xxxxxx xxx/xx xxxxxx xxxxx solutions in xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxx xx xxxxx xx x&xxxx;xxxxxx xxxx assessment, taking xxxx account the xxxxxxxxx controls xxx xxx xxxxxxxxxxx xxxxxxx xxxxxxx xx the xxxxx xxxxxxxx. Xx hybrid xxxxx solutions are xxxx, it xx xxxxxxxxxx xxxx xxx xxxxxxxxxxx xxxxx xx xxx xxxxxxx xxxxxx xx xxx highest xxx xx the xxxxxxxxx xxxxxxx. Xxx xx-xxxxxxxx xxxxxxxxxx xx xxx xxxxxx xxxxxxxxx xxxx be xxxxxxxxxx xxxx xxx xxxxx xx-xxxxxxxx xxxxxxx. Xxxxxxxx xxxxxxxxxx xxxxxxxxxx (applicable xxxx xx xxxxxxxx participants) The xxxxxxxxx xxxxxxxxxxxx (2.1 xx 2.6) relate xx business continuity xxxxxxxxxx. Xxxx XXXXXX2 xxxxxxxxxxx classified by xxx Xxxxxxxxxx as xxxxx xxxxxxxx for xxx smooth xxxxxxxxxxx xx the XXXXXX2 xxxxxx xxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxx xxxxxxxx xx xxxxx xxxxxxxxxx xxx xxxxxxxxx xxxxxxxx.
|
(1)&xxxx;&xxxx;Xxx xxxx-xx-xxxx xxxxxxxxx xxxxxx xx xxx xxxxxxxxxxxxxx xx the xxx xx xxxxxxxxxxx that xx xxxxxxxxxx xxxxx xxxxxx to xx xxxxx xx carry xxx xxx/xxx xxxxxx.
(2)&xxxx;&xxxx;Xxx xxxxxxxxx xx xxxxx xxxxxxxxx xxxxxx xx xxxxxxxxx x&xxxx;xxxxxxx’x xxxxxx xxxxxxx xx xx XX xxxxxx xx xxxxx to xxxxx xxx xxxxxxxxxxxxx business xxxx.
(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx in the xxxxxxx of this xxxxxxxx xxxxxx xx xxxxxxxxxx as any xxxxx party (xxx xxx xxxxxxxxx) which xx xxxxx contract (xxxxxxxxx), xxxx xxx xxxxxxxxxxx, xx provide x&xxxx;xxxxxxx xxx xxxxx xxx xxxxxxx agreement xxx xxxxx party (xxx its xxxxxxxxx) xx xxxxxxx xxxxxx, xxxxxx xxxxxxxx or xx-xxxx, to information xxx/xx xxxxxxxxxxx xxxxxxx xxx/xx information processing xxxxxxxxxx of xxx xxxxxxxxxxx in scope xx associated xx xxx xxxxx covered xxxxx the xxxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx.
PŘÍLOHA XX
Xxxxxxx II xxxxxxxxxx XXX/2007/7 se xxxx xxxxx:
1. |
Xxxxxx&xxxx;1 xx xxxx xxxxx:
|
2. |
V čl. 4 xxxx.&xxxx;2 xx xxxxxxx xx) xxxxxxxxx xxxxx:
|
3. |
X&xxxx;xx.&xxxx;4 odst. 2 xx xxxxxx xxxx xxxxxxx xx), xxxxx xxx:
|
4. |
V článku 4 xx xxxxxxxx 3 xxxxxxxxx xxxxx: „3.&xxxx;&xxxx;&xxxx;XXXXXX2 provides xxxx-xxxx gross xxxxxxxxxx xxx xxxxxxxx xx xxxx, xxxx settlement xx xxxxxxx xxxx xxxxx across PM xxxxxxxx, T2S XXXx xxx XXXX XXXx. XXXXXX2 xx xxxxxxxxxxx xxx functions xx xxx basis xx xxx SSP xxxxxxx xxxxx payment xxxxxx xxx submitted and xxxxxxxxx xxx xxxxxxx xxxxx payments are xxxxxxxxxx received in xxx xxxx technical xxxxxx. Xx xxx xx the xxxxxxxxx xxxxxxxxx xx the X2X XXXx xx xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx the xxxxx of xxx X2X Xxxxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx XXXX DCAs xxx XXXX XX xxxxxxxxx accounts is xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx the xxxxx xx xxx XXXX Xxxxxxxx. Xxx XXX xx xxx xxxxxxxx xx xxxxxxxx xxxxx xxxxx Xxxxxxxxxx. Xxxx xxx xxxxxxxxx xx xxx XXX-xxxxxxxxx XXXx and xxx 4XXx shall be xxxxxxxxxx xxxx xxx xxxxxxxxx xx the XXX, xxx xxxxx xx shall assume xxxxxxxxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;21 xx xxxx Annex. Participation xxxxxxxx to xxxxx Xxxxxxxxxx shall xxx xxxxxx x&xxxx;xxxxxxxxxxx relationship xxxxxxx T2S XXX xxxxxxx xxx the XXX-xxxxxxxxx XXXx or xxx 4XXx when xxx xx xxx xxxxxx acts xx xxxx xxxxxxxx. Xxxxxxxxxxxx, xxxxxxxx xx xxxxxxxxxxx xxxxx x&xxxx;X2X XXX xxxxxx xxxxxxxx xxxx, xx xxxxx xx, xxx XXX or X2X Xxxxxxxx xx xxxxxxxx to xxx xxxxxxxx provided under xxxxx Xxxxxxxxxx xxx xxxxxx xx xx xxxxxxxx xxxx, xx xxxx xx, xxx XXX.“; |
5. |
X&xxxx;xxxxxx&xxxx;8 xx xxxxxxxx 3 xxxxxxxxx tímto: „3. Where xxx ECB xxx xxxxxxx a request xx x&xxxx;X2X DCA holder xxxxxxxx to paragraph 1, that X2X XXX xxxxxx xx xxxxxx xx xxxx xxxxx xxx xxxxxxxxxxxxx XXX(x) a mandate to xxxxx xxx X2X XXX xxxx the xxxxxxx relating to xxxxxxxxxx xxxxxxxxxxxx xxxxxxxx xx xxxxx xxxxxxxxxx xxxxxxxx.“; |
6. |
X&xxxx;xxxxxx&xxxx;28 xx xxxxxxxx 1 xxxxxxxxx xxxxx: „1.&xxxx;&xxxx;&xxxx;X2X XXX holders xxxxx xx xxxxxx xx xx xxxxx xx, xxxxx comply with, xxx xxxxx be xxxx to demonstrate xxxx xxxxxxxxxx xx xxx relevant competent xxxxxxxxxxx xxxx all xxxxxxxxxxx xx xxxx xxxxxxxx to legislation xx xxxx protection. Xxxx shall xx xxxxxx xx xx xxxxx xx, and xxxxx xxxxxx xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx to xxxxxxxxxxx xx prevention xx xxxxx xxxxxxxxxx xxx the financing xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx activities xxx xxx development xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, xx xxxxxxxxxx xx terms xx xxxxxxxxxxxx appropriate xxxxxxxx xxxxxxxxxx any xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx X2X XXXx. Xxxxx to xxxxxxxx xxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx xxx T2S network xxxxxxx xxxxxxxx, X2X XXX xxxxxxx xxxxx xxxxxx that xxxx xxx xxxxxxxx about xxx xxxx xxxxxxxxx xxxxxx.“; |
7. |
Xxxxxx&xxxx;30 se nahrazuje xxxxx: „Xxxxxxx&xxxx;30 Xxxxxxxxxxx relationship xxxx xx XXX 1.&xxxx;&xxxx;&xxxx;X2X DCA xxxxxxx xxxxx xxxxxx:
2.&xxxx;&xxxx;&xxxx;Xxx xxxxx xxxxxxxxxxxx xxxxxxx x&xxxx;X2X XXX xxxxxx xxx the NSP xxxxx be xxxxxxxxxxx xxxxxxxx xx xxx xxxxx and xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxx concluded xxxx xx XXX xx xxxxxxxx to xx xxxxxxxxx 1(a). 3. The xxxxxxxx xx be xxxxxxxx xx the XXX xxxxx xxx form xxxx of xxx xxxxxxxx xx xx xxxxxxxxx xx xxx XXX xx xxxxxxx xx TARGET2. 4. The ECB xxxxx not be xxxxxx xxx xxx xxxx, xxxxxx xx xxxxxxxxx of xxx XXX (xxxxxxxxx its xxxxxxxxx, xxxxx and xxxxxxxxxxxxxx), xx xxx xxx xxxx, errors xx omissions xx xxxxx xxxxxxx xxxxxxxx xx xxxxxxxxxxxx to xxxx access xx xxx XXX’x xxxxxxx.“; |
8. |
Xxxxxx xx xxxx xxxxxx&xxxx;34x, xxxxx zní: „Article 34a Transitional xxxxxxxxxx Xxxx xxx XXXXXX system xx operational and XXXXXX2 has xxxxxx xxxxxxxxx, X2X DCA xxxxxxx xxxxx xxxxxx X2X XXX xxxxxxx xx xxx XXXXXX xxxxxx.“; |
9. |
Xxxxxx xx xxxxx „X2X network xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx nebo xxxxxxx xxxxx) x&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 písm. a) xxxx i), xx.&xxxx;9 xxxx.&xxxx;5, xx.&xxxx;10 xxxx.&xxxx;6, xx.&xxxx;14 xxxx.&xxxx;1 xxxx. x), xx.&xxxx;22 xxxx.&xxxx;1, xx.&xxxx;22 xxxx.&xxxx;2, xx.&xxxx;22 xxxx.&xxxx;3, xx.&xxxx;27 odst. 5, xx.&xxxx;28 xxxx.&xxxx;1, xx.&xxxx;29 xxxx.&xxxx;1 xxxxxxx II x&xxxx;x&xxxx;xxxxxxxx 1 xxxxxxx X&xxxx;xx xxxxxxxxx xxxxxxx „XXX“; |
10. |
X&xxxx;xxxxxxx X&xxxx;xx v odst. 8 xxxxxxx. 4 xxxxxxxxx xxxxxxx x) tímto:
|
XXXXXXX III
Příloha III xxxxxxxxxx ECB/2007/7 xx xxxx xxxxx:
1. |
Xxxxxx xx xxxxx „XXXX xxxxxxx xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx xxxxx) x&xxxx;xxxx xxxxxxx se xxxxxxxxx odkazem „XXX“; |
2. |
Xxxxxx&xxxx;1 xx xxxx xxxxx:
|
3. |
X&xxxx;xx.&xxxx;3 xxxx.&xxxx;1 xx zrušuje xxxxx na „Appendix X: XXXX connectivity xxxxxxxxx requirements“; |
4. |
Článek 4 xx xxxx xxxxx:
|
5. |
X&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 písm. x) xx xxx x) xxxxxxxxx tímto:
|
6. |
Xxxxxx&xxxx;9 se nahrazuje xxxxx: „Xxxxxxx&xxxx;9 Xxxxxxxxxxx relationship xxxx xx XXX 1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx:
2.&xxxx;&xxxx;&xxxx;Xxx xxxxx xxxxxxxxxxxx xxxxxxx x&xxxx;xxxxxxxxxxx xxx xxx XXX xxxxx be exclusively xxxxxxxx by the xxxxx xxx xxxxxxxxxx xx xxxxx xxxxxxxx xxxxxxxx xx referred xx xx xxxxxxxxx 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx services xx xx xxxxxxxx xx xxx XXX shall xxx xxxx xxxx xx xxx services xx xx performed xx xxx XXX xx respect xx XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxx be liable xxx any xxxx, xxxxxx xx omissions xx the XXX (xxxxxxxxx its directors, xxxxx xxx xxxxxxxxxxxxxx), xx for any xxxx, errors xx xxxxxxxxx by third xxxxxxx xxxxxxxx by xxxxxxxxxxxx xx gain xxxxxx to xxx XXX’x network.“; |
7. |
Článek 10 xx xxxxxxx; |
8. |
Xxxxxx xx xxxx xxxxxx&xxxx;11x, xxxxx xxx: „Xxxxxxx&xxxx;11x XXX xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxx xxxxxxx XXX xxxxxxxxxx xxxxxxxx xxx xxxxx – IBAN xxxxxxx xxxxx for xxx xxxxxxxx of xxx XXX xxxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxxx xxxxx xxx xx xxxxxx xx xxxx xxx XXXX. Xx XXXX may xx xxxxxx to one xx xxxxxxxx xxxxxxx. 3.&xxxx;&xxxx;&xxxx;Xxxxxxx&xxxx;29 xxxxx apply xx xxx xxxx xxxxxxxxx xx xxx XXX xxxxxxxxxx.“; |
9. |
X&xxxx;xxxxxx&xxxx;12 se xxxxxxx xxxxxxxx 9; |
10. |
Článek 16 se xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;16 Xxxxx xx xxxxxxx xxxxxx xx XXXX XXX Xxx xxxxxxxxx xxx classified xx xxxxxxx orders xxx xxx purposes xx xxx TIPS xxxxxxx:
|
11. |
X&xxxx;xxxxxx&xxxx;18 se xxxxxxxx 6 xxxxxxxxx xxxxx: „6.&xxxx;&xxxx;&xxxx;Xxxxx x&xxxx;XXXX XXX xx XX liquidity xxxxxxxx order, x&xxxx;XXXX XXX xx TIPS XX technical xxxxxxx xxxxxxxxx xxxxxxxx xxxxx xx x&xxxx;XXXX XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxx has xxxx xxxxxxxx xx xxxxxxxx xx xx Xxxxxxx&xxxx;17, the TARGET2-ECB xxxxx xxxxx xxxxxxx xxxxxxxxxx funds xxx xxxxxxxxx on xxx xxxxx'x account. Xx xxxxxxxxxx xxxxx are xxx available the xxxxxxxxx xxxxxxxx xxxxx xxxxx xx rejected. Xx xxxxxxxxxx xxxxx xxx xxxxxxxxx the xxxxxxxxx xxxxxxxx order xxxxx xx settled xxxxxxxxxxx.“; |
12. |
X&xxxx;xx.&xxxx;20 odst. 1 se xxxxxxx b) xxxxxxxxx xxxxx:
|
13. |
X&xxxx;xxxxxx&xxxx;30 xx xxxxxxxx 1 xxxxxxxxx tímto: „1. TIPS XXX xxxxxxx xxxxx xx xxxxxx xx xx xxxxx of, xxxxx xxxxxx xxxx xxx shall be xxxx to demonstrate xxxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx with all xxxxxxxxxxx xx them xxxxxxxx xx xxxxxxxxxxx xx xxxx protection. Xxxx shall be xxxxxx to xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx obligations xx xxxx xxxxxxxx to xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx laundering xxx the xxxxxxxxx xx terrorism, proliferation-sensitive xxxxxxx xxxxxxxxxx and xxx xxxxxxxxxxx xx xxxxxxx xxxxxxx delivery xxxxxxx, xx xxxxxxxxxx xx terms of xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx any xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx TIPS XXXx. TIPS DCA xxxxxxx ensure xxxx xxxx xxx xxxxxxxx xxxxx their chosen XXX'x xxxx xxxxxxxxx xxxxxx prior to xxxxxxxx xxxx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx xxxx XXX.“; |
14. |
Xxxxxx xx xxxx xxxxxx&xxxx;35x, který zní: „Article 35a Transitional xxxxxxxxx Xxxx the TARGET xxxxxx xx xxxxxxxxxxx xxx xxx XXXXXX2 xxx xxxxxx operation, XXXX DCA xxxxxxx xxxxx xxxxxx XXXX XXX xxxxxxx xx xxx TARGET xxxxxx.“; |
15. |
X&xxxx;xxxxxxx X&xxxx;xx xxxxxxx v odstavci 2 xxxxxxxxx tímto:
|
16. |
X&xxxx;xxxxxxx X&xxxx;xx v odst. 6 xxxxxxx. 1 xxxxxxxxx xxxxxxx x) tímto:
|
17. |
X&xxxx;xxxxxxx XX xx zrušuje xxxxxxxx 2; |
18. |
Dodatek X&xxxx;xx xxxxxxx. |