ROZHODNUTÍ EVROPSKÉ XXXXXXXXX XXXXX (EU) 2021/1758
xx xxx 21.&xxxx;xxxx 2021,
xxxxxx xx xxxx xxxxxxxxxx XXX/2007/7 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (XXX/2021/43)
XXXXXXX RADA XXXXXXXX XXXXXXXXX XXXXX,
x&xxxx;xxxxxxx xx Xxxxxxx x&xxxx;xxxxxxxxx Evropské xxxx, x&xxxx;xxxxxxx na xxxxx a čtvrtou xxxxxxx xx.&xxxx;127 xxxx.&xxxx;2 této xxxxxxx,
x&xxxx;xxxxxxx xx statut Xxxxxxxxxx xxxxxxx xxxxxxxxxxx xxxx x&xxxx;Xxxxxxxx xxxxxxxxx xxxxx, x&xxxx;xxxxxxx xx xxxxxx&xxxx;11.6 x&xxxx;xxxxxx 17, 22 a 23 xxxxxx xxxxxxx,
xxxxxxxx k těmto důvodům:
(1) |
Rada xxxxxxxxx změnila (1) xxx 20.&xxxx;xxxxxxxx 2021 obecné xxxxxx Evropské xxxxxxxxx xxxxx ECB/2012/27 (2) s cílem: x) xxxxxxxx, xx xxxxxxxx TIPS XXX xxxxx x&xxxx;XXXXXX2 připojeni xxxxxxxxxxxxxxx jednotného xxxxxxx xxxxx infrastruktury Xxxxxxxxxxx (Xxxxxxxxxx Xxxxxx Xxxxxx Xxxxxxxxxxxxxx Gateway) od xxxxxxxxx 2021 a majitelé X2X XXX xxxxx x&xxxx;XXXXXX2 xxxxxxxxxxxxxxx xxxxxx xxxxxxx xxxxxxxxx od xxxxxx 2022; x) xxxxxxxx a rozšířit xxxxxxxx xxxxxxxx xx xxxxxxxxxx xxxxxxxxx na bezpečnost xxxxxxxxx xxxx XXXXXX2, xxx xx xxxxxxxxx, xx se xxxxxx XXXXXX2 bude xxxx xxxxxxx xxx, xxx xxx schopen čelit xxxxxxx x&xxxx;xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx; x) zavést xxxxxxxxx, xxx xxxxxxxx xxxx PM, xxxxxx xxxxxxx účastníci x&xxxx;xxxxxxxxxxxxx xxxxxxxx kódu BIC, xxxxx přistoupili x&xxxx;xxxxxxxxxxx xxxxxxx SCT Xxxx xxxxxxxx xxxxxx o dodržování xxxxxxx xxx xxxxxxxx xxxxxxxxxxxxx xxxxxxx XXXX, xxxx a zůstali xxxxxx xxxxxxxxxxx xx xxxxxxxxx XXXX xxxxxxxxxxxxxxx XXXX XXX, xxx aby xx xxxxxxxxx dostupnost xxxxxxxxxx xxxxxx x&xxxx;xxxx Xxxx; d) xxxxxx xxxxxxxxxxxxxxx, xxxxx jde x&xxxx;xxxxxxx převodu xxxxxxxx x&xxxx;xxxx účastníků v TARGET2 xx odpovídající xxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxx XXXXXX, xxx byla xxxxxxxxx xxxxxx xxxxxxx, x&xxxx;x) xxxxxxxx a aktualizovat xxxxxxx další xxxxxxx xxxxxxxx zásad XXX/2012/27. |
(2) |
Xxxxxxx xxxx zprovozněn projekt xxxxxxxxxxx X2-X2X, xxxx x&xxxx;xxxxx právní xxxxxxx xxxxxx nezbytné xxxxxxxx xxxxxxxxxxxxxxx, pokud xxx x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx v TARGET2-ECB xx odpovídající xxxxxxxxxxx xxxx. |
(3) |
Xxxxx obecných xxxxx XXX/2012/27, xxxxx xxxx xxxx na podmínky XXXXXX2-XXX, xx xxxxx xxxxxxxxx v rozhodnutí Evropské xxxxxxxxx xxxxx XXX/2007/7&xxxx;(3). |
(4) |
Xxxxxxxxxx XXX/2007/7 je xxxxx xxxxx odpovídajícím způsobem xxxxxx, |
XXXXXXX TOTO XXXXXXXXXX:
Článek 1
Změny
Přílohy X, XX x&xxxx;XXX xxxxxxxxxx XXX/2007/7 xx xxxx x&xxxx;xxxxxxx x&xxxx;xxxxxxxxx xxxxxx xxxxxxxxxx.
Článek 2
Závěrečná ustanovení
Toto rozhodnutí xxxxxxxx x&xxxx;xxxxxxxx xxxxx xxxx xx xxxxxxxxxx x&xxxx;Xxxxxxx xxxxxxxx Xxxxxxxx xxxx.
Xxxxxxx se ode xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx xxxx.&xxxx;1 xxxx. x) x&xxxx;xxxxxxxx 7 x&xxxx;9 xxxxxxx II xxxxxx xxxxxxxxxx, které xx použijí ode xxx 13. června 2022.
Xx Xxxxxxxxxx xxx Xxxxxxx dne 21.&xxxx;xxxx 2021.
Xxxxxxxxxxx ECB
Christine XXXXXXX
(1)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx xxxxxxxxx xxxxx (EU) 2021/1759 xx dne 20.&xxxx;xxxxxxxx 2021, xxxxxxx xx xxxx xxxxxx xxxxxx XXX/2012/27 o transevropském xxxxxxxxx xxxxxxxxxxxxxxx systému zúčtování xxxxxx x&xxxx;xxxxxxx xxxx (XXXXXX2) (ECB/2021/30) [(xxx xxxxxx 45 x&xxxx;xxxxx xxxxx Úředního věstníku).
(2) Obecné xxxxxx Evropské centrální xxxxx XXX/2012/27 xx xxx 5. prosince 2012 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx xxxxxxxxx xxxxxx x&xxxx;xxxxxxx čase (TARGET2) (Xx. věst. X&xxxx;30, 30.1.2013, x. 1).
(3) Rozhodnutí Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7 xx dne 24.&xxxx;xxxxxxxx 2007 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (Xx. xxxx. X&xxxx;237, 8.9.2007, x. 71).
PŘÍLOHA X
Xxxxxxx X&xxxx;xxxxxxxxxx XXX/2007/7 se xxxx xxxxx:
1. |
Xxxxxx&xxxx;1 se xxxx xxxxx:
|
2. |
X&xxxx;xxxxxx&xxxx;2 xxxxxx xxxxxxxx xx xxxxxxxx nový xxxx, xxxxx zní:
|
3. |
Xxxxxx&xxxx;3 xx xxxx xxxxx:
|
4. |
Xxxxxx&xxxx;5 xx nahrazuje xxxxx: „Xxxxxxx&xxxx;5 Xxxxxx xxxxxxxxxxxx XX account xxxxxxx xx TARGET2-ECB xxx xxxxxx participants xxx xxxxx comply xxxx xxx requirements xxx out xx Xxxxxxx&xxxx;8(1) xxx&xxxx;(2). Xxxx xxxxx have at xxxxx one XX xxxxxxx xxxx xxx XXX. XX xxxxxxx xxxxxxx that xxxx xxxxxxx xx xxx XXX Xxxx xxxxxx xx xxxxxxx xxx XXXX Xxxxxxx Credit Xxxxxxxx Xxxxxxxxx Xxxxxxxxx xxxxx be and xxxxx xxxxxx reachable xx the XXXX Xxxxxxxx at xxx xxxxx, either xx x&xxxx;XXXX XXX xxxxxx xx xx x&xxxx;xxxxxxxxx xxxxx xxx x&xxxx;XXXX XXX xxxxxx.“; |
5. |
Xxxxxx&xxxx;22 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;22 Xxxxxxxx Xxxxxxxxxxxx xxx Xxxxxxx Xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxxxx adequate xxxxxxxx xxxxxxxx xx xxxxxxx xxxxx xxxxxxx xxxx xxxxxxxxxxxx xxxxxx xxx use. Participants xxxxx be exclusively xxxxxxxxxxx xxx xxx xxxxxxxx xxxxxxxxxx of xxx xxxxxxxxxxxxxxx, xxxxxxxxx xxx availability xx xxxxx xxxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx xxx ECB xx xxx xxxxxxxx-xxxxxxx xxxxxxxxx xx xxxxx xxxxxxxxx xxxxxxxxxxxxxx xxx, xxxxx xxxxxxxxxxx, security-related xxxxxxxxx xxxx occur xx xxx xxxxxxxxx xxxxxxxxxxxxxx of xxx xxxxx xxxxx xxxxxxxxx. Xxx XXX xxx xxxxxxx further xxxxxxxxxxx xxxxx xxx xxxxxxxx xxx, xx necessary, xxxxxxx xxxx the xxxxxxxxxxx take xxxxxxxxxxx xxxxxxxx xx xxxxxxx x&xxxx;xxxxxxxxxx xx xxxx xx event. 3. The ECB xxx xxxxxx xxxxxxxxxx xxxxxxxx xxxxxxxxxxxx, xx xxxxxxxxxx xxxx xxxxxx xx cybersecurity or xxx xxxxxxxxxx of xxxxx, xx all xxxxxxxxxxxx xxx/xx on xxxxxxxxxxxx xxxx xxx xxxxxxxxxx critical xx xxx XXX. 4.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxx xxx XXX xxxx: (i) permanent xxxxxx xx xxxxx xxxxxxxxxxx of adherence xx xxxxx xxxxxx xxxxxxx xxxxxxx provider’s xxxxxxxx xxxxxxxx xxxxxxxxxxxx, xxx (xx) xx xx xxxxxx xxxxx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxx xx published xx xxx XXX’x xxxxxxx xx Xxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX shall assess xxx xxxxxxxxxxx’x xxxx-xxxxxxxxxxxxx xxxxxxxxx(x) xx xxx xxxxxxxxxxxx level xx xxxxxxxxxx with each xx xxx xxxxxxxxxxxx xxx xxx xx xxx TARGET2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxxx. Xxxxx xxxxxxxxxxxx xxx xxxxxx in Xxxxxxxx VII, which xx xxxxxxxx xx xxx xxxxx Xxxxxxxxxx xxxxxx xx Xxxxxxx&xxxx;2(1), xxxxx xxxx xx xxxxxxxx xxxx xx xxxxx Xxxxxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx participant’s xxxxx of compliance xxxx xxx xxxxxxxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx, xx increasing xxxxx xx xxxxxxxx: ‘xxxx xxxxxxxxxx’; ‘xxxxx non-compliance’; xx ‘xxxxx xxx-xxxxxxxxxx’. Xxx following xxxxxxxx xxxxx: full xxxxxxxxxx xx xxxxxxx where xxxxxxxxxxxx xxxxxxx 100% xx xxx xxxxxxxxxxxx; xxxxx xxx-xxxxxxxxxx xx xxxxx x&xxxx;xxxxxxxxxxx satisfies xxxx xxxx 100% xxx xx xxxxx 66% xx xxx xxxxxxxxxxxx xxx xxxxx xxx-xxxxxxxxxx xxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxx xxxx xxxx 66% xx the xxxxxxxxxxxx. If x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx not xxxxxxxxxx to it, xx shall xx xxxxxxxxxx xx compliant xxxx xxx xxxxxxxxxx xxxxxxxxxxx for xxx xxxxxxxx xx the xxxxxxxxxxxxxx. A participant xxxxx xxxxx xx xxxxx ‘xxxx xxxxxxxxxx’ xxxxx xxxxxx xx xxxxxx xxxx xxxxxxxxxxxxx xxx xx xxxxxxx xx xxxxx xxxx compliance. Xxx XXX xxxxx xxxxxx xxx relevant xxxxxxxxxxx authorities xx xxx status of xxxx xxxxxxxxxxx’x xxxxxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xx xxx xxxxxxxxxxx xxxxxxx xx grant permanent xxxxxx xx xxx xxxxxxxxxxx xx adherence xx xxxxx chosen XXXx endpoint xxxxxxxx xxxxxxxxxxxx xx xxxx xxx xxxxxxx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxx xxxxxxxxxxx’x level xx xxxxxxxxxx xxxxx xx xxxxxxxxxxx xx ‘xxxxx xxx-xxxxxxxxxx’. 4x.&xxxx;&xxxx;&xxxx;Xxx ECB xxxxx xxxxxxxx compliance of xxxxxxxxxxxx on xx xxxxxx xxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxx xxxxxx the xxxxxxxxx xxxxxxxx of xxxxxxx xx xxxxxxxxxxxx xxxxx xxxxx xx xxxxxxxxxx xxx assessed xx xxxxx xx xxxxx non-compliance, xx xxxxxxxxxx xxxxx of xxxxxxxx:
|
6. |
X&xxxx;xxxxxx&xxxx;33 xx odstavec 1 nahrazuje xxxxx: „1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xx deemed xx xx xxxxx xx, xxxxx comply xxxx, and xxxxx xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx with xxx obligations xx xxxx relating xx xxxxxxxxxxx on xxxx xxxxxxxxxx. They shall xx xxxxxx xx xx aware of, xxx xxxxx xxxxxx xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxxxxxxxx xx money xxxxxxxxxx and the xxxxxxxxx of terrorism, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx xxx xxxxxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, xx xxxxxxxxxx in xxxxx xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx XX accounts. Xxxxxxxxxxxx xxxxx ensure that xxxx xxx informed xxxxx xxx XXXXXX2 xxxxxxx xxxxxxx provider’s xxxx retrieval policy xxxxx xx xxxxxxxx xxxx xxx contractual xxxxxxxxxxxx xxxx xxx XXXXXX2 xxxxxxx xxxxxxx xxxxxxxx.“; |
7. |
Xxxxxx se xxxx xxxxxx&xxxx;39x, který zní: „Article 39a Transitional xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxx xxx XXXXXX xxxxxx is xxxxxxxxxxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, XX xxxxxxx balances xxxxx xx xxxxxxxxxxx xx xxx account xxxxxx’x xxxxxxxxxxxxx xxxxxxxxx xxxxxxxx xx the XXXXXX xxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx that XX account holders, xxxxxxxx Xxxxxxxxxxxx and xxxxxxxxxxx BIC xxxxxxx xxxxxxxx xx xxx XXX Xxxx xxxxxx xx xxxxxxxxx xx xxx XXXX Xxxxxxxx xxxxxxxx xx Article 5 xxxxx apply as xx 25 Xxxxxxxx 2022.“; |
8. |
X&xxxx;xxxxxxx X&xxxx;xx x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx b) xxxxx:
|
9. |
X&xxxx;xxxxxxx XX xx x&xxxx;xxxxxxxx 6 xxxxxxxxx xxxxxxx x) xxxxx:
|
10. |
Xxxxxxxx se xxxx xxxxxxx VII, který xxx: „Xxxxxxxx XXX Xxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxx security xxxxxxxxxx xxx business xxxxxxxxxx xxxxxxxxxx Xxxxxxxxxxx xxxxxxxx management These xxxxxxxxxxxx are applicable xx xxxx xxxxxxxxxxx, xxxxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxxx xx xx. Xx establishing xxx xxxxx of application xx xxx requirements xxxxxx xxx infrastructure, xxx participant xxxxxx xxxxxxxx the elements xxxx xxx xxxx xx xxx Xxxxxxx Xxxxxxxxxxx Chain (XXX). Xxxxxxxxxxxx, the PTC xxxxxx xx a Point xx Entry (PoE), x.x. x&xxxx;xxxxxx involved xx the xxxxxxxx xx xxxxxxxxxxxx (e.g. xxxxxxxxxxxx, xxxxx-xxxxxx and xxxx-xxxxxx xxxxxxxxxxxx, xxxxxxxxxx), xxx xxxx xx xxx xxxxxx xxxxxxxxxxx xx send xxx xxxxxxx xx SWIFT (x.x. XXXXX VPN Xxx) or Internet (xxxx xxx latter xxxxxxxxxx xx Internet-based Xxxxxx). Xxxxxxxxxxx 1.1: Information xxxxxxxx xxxxxx Xxx xxxxxxxxxx xxxxx set x&xxxx;xxxxx xxxxxx xxxxxxxxx in xxxx with xxxxxxxx xxxxxxxxxx xxx demonstrate xxxxxxx xxx xxx xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxx the xxxxxxxx, approval and xxxxxxxxxxx of xx xxxxxxxxxxx security policy xxxxxx xx managing xxxxxxxxxxx security xxx xxxxx resilience xxxxxx xxx xxxxxxxxxxxx xx xxxxx xx xxxxxxxxxxxxxx, xxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxx cyber xxxxxxxxxx xxxxx. The policy xxxxxx xxxxxxx at xxxxx the xxxxxxxxx xxxxxxxx: objectives, xxxxx (xxxxxxxxx domains xxxx xx xxxxxxxxxxxx, human xxxxxxxxx, xxxxx xxxxxxxxxx xxx.), principles xxx xxxxxxxxxx xx responsibilities. Requirement 1.2: Xxxxxxxx xxxxxxxxxxxx Xx xxxxxxxxxxx security xxxxxxxxx xxxxx be xxxxxxxxxxx xx xxxxxxxxx xxx xxxxxxxxxxx security xxxxxx xxxxxx the xxxxxxxxxxxx. Xxx management xxxxx xxxxxxxxxx xxx xxxxxx xxx establishment xx xxx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xx xxxxxx xxx xxxxxxxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxx xxxxxx (as xxx Xxxxxxxxxxx 1.1) across xxx xxxxxxxxxxxx, including xxx allocation xx xxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxx xx security xxxxxxxxxxxxxxxx for xxxx xxxxxxx. Xxxxxxxxxxx 1.3: External xxxxxxx Xxx xxxxxxxx of xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxx information xxxxxxxxxx xxxxxxxxxx xxxxxx xxx xx xxxxxxx xx xxx xxxxxxxxxxxx xx, xxx/xx the xxxxxxxxxx xx, xx xxxxxxxx xxxxx/xxxxxxx xx xxxxxxxx/xxxxxxxx xxxxxxxx xx xxxx. Xxx xxxxxx to xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xx xxxxxxxx parties xxxxx xx controlled. When xxxxxxxx parties xx xxxxxxxx/xxxxxxxx xx xxxxxxxx xxxxxxx are xxxxxxxx xx xxxxxx the xxxxxxxxxxxx’x xxxxxxxxxxx processing xxxxxxxxxx, a risk assessment xxxxx xx xxxxxxx xxx to xxxxxxxxx xxx security xxxxxxxxxxxx xxx xxxxxxx xxxxxxxxxxxx. Xxxxxxxx xxxxx be xxxxxx xxx xxxxxxx xx xx xxxxxxxxx xxxx each relevant xxxxxxxx xxxxx. Xxxxxxxxxxx 1.4: Xxxxx xxxxxxxxxx Xxx information xxxxxx, xxx business xxxxxxxxx xxx the xxxxxxxxxx xxxxxxxxxxx xxxxxxx, xxxx xx xxxxxxxxx xxxxxxx, infrastructures, xxxxxxxx xxxxxxxxxxxx, xxx-xxx-xxxxx xxxxxxxx, xxxxxxxx and xxxx-xxxxxxxxx xxxxxxxxxxxx, in xxx xxxxx xx the Xxxxxxx Transaction Chain xxxxx xx xxxxxxxxx xxx xxx have x&xxxx;xxxxxxxxx xxxxx. The xxxxxxxxxxxxxx xxx xxx xxxxxxxxxxx and xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxx xxx xxxxxxx XX xxxxxxxxxx to xxxxxxxxx xxx xxxxxxxxxxx xxxxxx xxxxx xx xxxxxxxx. Xxxx: xxx owner xxx xxxxxxxx xxx xxxxxxxxxxxxxx xx xxxxxxxx xxxxxxxx as xxxxxxxxxxx, xxx remains accountable xxx xxx xxxxxx xxxxxxxxxx of the xxxxxx. Xxxxxxxxxxx 1.5: Information xxxxxx xxxxxxxxxxxxxx Xxxxxxxxxxx assets xxxxx be xxxxxxxxxx xx terms of xxxxx criticality to xxx xxxxxx xxxxxxxx xx the xxxxxxx xx the participant. Xxx xxxxxxxxxxxxxx shall xxxxxxxx xxx xxxx, xxxxxxxxxx xxx degree xx protection xxxxxxxx xxxx xxxxxxxx xxx xxxxxxxxxxx xxxxx in xxx relevant business xxxxxxxxx and shall xxxx take xxxx xxxxxxxxxxxxx xxx xxxxxxxxxx XX xxxxxxxxxx. Xx xxxxxxxxxxx asset xxxxxxxxxxxxxx xxxxxx xxxxxxxx by xxx management xxxxx xx xxxx to xxxxxx xx xxxxxxxxxxx xxx xx xxxxxxxxxx xxxxxxxx throughout the xxxxxxxxxxx xxxxx lifecycle (xxxxxxxxx xxxxxxx xxx xxxxxxxxxxx xx xxxxxxxxxxx xxxxxx) xxx xx xxxxxxxxxxx the need xxx xxxxxxxx handling xxxxxxxx. Xxxxxxxxxxx 1.6: Xxxxx xxxxxxxxx xxxxxxxx Xxxxxxxx xxxxxxxxxxxxxxxx xxxxx be addressed xxxxx to xxxxxxxxxx xx adequate xxx xxxxxxxxxxxx xxx in xxxxx xxx xxxxxxxxxx xx xxxxxxxxxx. Xxx xxxxxxxxxx xxx xxxxxxxxxx, xxxxxxxxxxx and xxxxx xxxxx xxxxx xxxxx xx xxxxxxxxxx xxxxxxxx, xxxxxxxxxx xxx xxxxxxxxx xxxx. Xxxxxxxxx, xxxxxxxxxxx xxx xxxxx xxxxx xxxxx xx information xxxxxxxxxx facilities xxxxx xxxx an agreement xx xxxxx xxxxxxxx xxxxx xxx xxxxxxxxxxxxxxxx. Xx xxxxxxxx xxxxx xx xxxxxxxxx xxxxx xx ensured among xxx xxxxxxxxx, contractors xxx third xxxxx xxxxx, xxx education xxx training in xxxxxxxx xxxxxxxxxx and xxx xxxxxxx use xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx shall be xxxxxxxx to xxxx xx xxxxxxxx possible xxxxxxxx risks. X&xxxx;xxxxxx xxxxxxxxxxxx process xxx xxxxxxxx security breaches xxxxx be established xxx employees. Xxxxxxxxxxxxxxxx xxxxx xx xx xxxxx xx ensure xxxx an xxxxxxxx’x, xxxxxxxxxx’x xx xxxxx xxxxx user’s xxxx xxxx or xxxxxxxx xxxxxx xxx organisation xx xxxxxxx, and xxxx xxx xxxxxx xx xxx xxxxxxxxx xxx the removal xx xxx xxxxxx xxxxxx xxx xxxxxxxxx. Xxxxxxxxxxx 1.7: Physical xxx xxxxxxxxxxxxx security Critical xx xxxxxxxxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xx xxxxxx xx xxxxxx xxxxx, xxxxxxxxx xx xxxxxxx security perimeters, xxxx xxxxxxxxxxx security xxxxxxxx and xxxxx xxxxxxxx. Xxxx xxxxx xx xxxxxxxxxx xxxxxxxxx xxxx xxxxxxxxxxxx xxxxxx, xxxxxx xxx interference. Xxxxxx xxxxx xx xxxxxxx only xx xxxxxxxxxxx who fall xxxxxx xxx scope xx Xxxxxxxxxxx 1.6. Xxxxxxxxxx xxx standards xxxxx be xxxxxxxxxxx xx xxxxxxx physical xxxxx containing information xxxxxx xxxx xx xxxxxxx. Xxxxxxxxx shall xx xxxxxxxxx xxxx xxxxxxxx xxx environmental threats. Xxxxxxxxxx xx xxxxxxxxx (xxxxxxxxx equipment xxxx xxx-xxxx) and against xxx xxxxxxx xx xxxxxxxx is necessary xx xxxxxx the xxxx xx xxxxxxxxxxxx xxxxxx to information xxx xx xxxxx xxxxxxx loss xx xxxxxx of xxxxxxxxx xx xxxxxxxxxxx. Xxxxxxx xxxxxxxx xxx be xxxxxxxx to xxxxxxx xxxxxxx physical threats xxx xx xxxxxxxxx xxxxxxxxxx facilities such xx xxx xxxxxxxxxx xxxxxx xxx xxxxxxx xxxxxxxxxxxxxx. Xxxxxxxxxxx 1.8: Xxxxxxxxxx xxxxxxxxxx Xxxxxxxxxxxxxxxx and xxxxxxxxxx xxxxx xx xxxxxxxxxxx xxx xxx xxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxxxx facilities xxxxxxxx xxx the xxxxxxxxxx systems in xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxx-xx-xxx. Xx regards xxxxxxxxx procedures, xxxxxxxxx xxxxxxxxx administration xx XX systems, xxxxxxxxxxx xx duties xxxxx xx implemented, xxxxx xxxxxxxxxxx, xx xxxxxx xxx xxxx xx xxxxxxxxx xx xxxxxxxxxx xxxxxx xxxxxx. Xxxxx xxxxxxxxxxx xx xxxxxx xxxxxx xx xxxxxxxxxxx xxx xx documented xxxxxxxxx xxxxxxx, xxxxxxxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xxxxxxxxx x&xxxx;xxxxxx xxxx xxxxxxxx. Xxxxxxxx xxxxx xx xxxxxxxxxxx xx prevent and xxxxxx xxx introduction xx xxxxxxxxx xxxx xxx xxxxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx shall xx xxxx established (xxxxxxxxx xxxx xxxxxxxxx) xx xxxxxxx, xxxxxx xxx xxxxxx xxxxxxxxx xxxx. Xxxxxx xxxx xxxxx xx xxxx xxxx xxxx trusted xxxxxxx (e.g. xxxxxx Xxxxxxxxx XXX xxxxxxxxxx xxx Xxxx Applets). Xxx xxxxxxxxxxxxx xx xxx browser (x.x. xxx xxx xx xxxxxxxxxx and plugins) xxxxx be strictly xxxxxxxxxx. Xxxx xxxxxx xxx xxxxxxxx xxxxxxxx shall xx implemented xx xxx xxxxxxxxxx; those xxxxxxxx xxxxxxxx xxxxx xxxxxxx x&xxxx;xxxx of xxx restoration xxxxxxx xxxxx xx tested xx regular intervals xx least xxxxxxxx. Xxxxxxx xxxx xxx critical xxx the xxxxxxxx xx xxxxxxxx xxxxx xx monitored and xxxxxx xxxxxxxx xx xxxxxxxxxxx security xxxxx xx xxxxxxxx. Xxxxxxxx xxxx xxxxx be xxxx xx ensure xxxx xxxxxxxxxxx system xxxxxxxx xxx xxxxxxxxxx. Xxxxxxxx logs xxxxx xx regularly xxxxxxxx xx x&xxxx;xxxxxx xxxxx, xxxxx on xxx xxxxxxxxxxx xx xxx xxxxxxxxxx. Xxxxxx monitoring xxxxx xx xxxx xx xxxxx xxx xxxxxxxxxxxxx of controls xxxxx xxx xxxxxxxxxx xx xxxxxxxx for xxx security of xxxxxxxx and to xxxxxx xxxxxxxxxx to xx xxxxxx xxxxxx xxxxx. Xxxxxxxxx xx xxxxxxxxxxx xxxxxxx organisations xxxxx xx based on x&xxxx;xxxxxx exchange policy, xxxxxxx xxx xx xxxx xxxx xxxxxxxx xxxxxxxxxx among xxx xxxxxxxx xxxxxxx and xxxxx xx xxxxxxxxx xxxx xxx xxxxxxxx xxxxxxxxxxx. Xxxxx party xxxxxxxx xxxxxxxxxx xxxxxxxx xx xxx xxxxxxxx xx information xxxx XXXXXX2 (xxxx xxxxxxxx xxxxxxxx xxxx x&xxxx;Xxxxxxx Xxxxxx in xxxxxxxx 2 of xxx xxxxx section of xxx TARGET2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxx document) must xx xxxx xxxxx x&xxxx;xxxxxx xxxxxxxxx with xxx third xxxxx. Xxxxxxxxxxx 1.9: Xxxxxx control Access xx information xxxxxx xxxxx be justified xx the basis xx xxxxxxxx requirements (xxxx-xx-xxxx&xxxx;(1)) xxx xxxxxxxxx xx the xxxxxxxxxxx xxxxxxxxx xx xxxxxxxxx xxxxxxxx (including xxx xxxxxxxxxxx xxxxxxxx xxxxxx). Xxxxx access xxxxxxx xxxxx xxxxx xx xxxxxxx based xx xxx principle of xxxxx xxxxxxxxx&xxxx;(2) xx xxxxxxx xxxxxxx the xxxxx of xxx xxxxxxxxxxxxx business xxx XX processes. Xxxxx xxxxxxxx (x.x. xxx xxxxxx xxxxxxxxxx) xxxxxxx xxxxxx xxxxxxx xxxxxx xx xxxxxxxxxx xxxx xxxxxxxx xxxxxx xxxxxxx xxxxxx xxxxx are xxxxxxxx xxxxxxxxxxxx controls xx xxxxx (e.g. xxxxxxxxxx, xxxxxxxx xxxx xxxxxxxxxxxxx). Xxxxxx xxx xxxxxxxxxx xxxxxxxxxx xxxxx be xx place xx xxxxxxx xxx xxxxxxxxxx xx access rights xx information xxxxxxx xxx xxxxxxxx that xxxx within xxx xxxxx xx xxx Xxxxxxx Transaction Xxxxx. Xxx xxxxxxxxxx xxxxx xxxxx xxx stages xx xxx lifecycle xx xxxx xxxxxx, xxxx xxx xxxxxxx xxxxxxxxxxxx xx xxx xxxxx to xxx xxxxx xxxxxxxxxxxxxx xx xxxxx that xx xxxxxx require access. Special xxxxxxxxx xxxxx xx xxxxx, xxxxx xxxxxxxxxxx, xx xxx xxxxxxxxxx xx xxxxxx xxxxxx xx xxxx criticality xxxx xxx abuse xx xxxxx access xxxxxx xxxxx xxxx xx x&xxxx;xxxxxx xxxxxxx xxxxxx xx the xxxxxxxxxx of xxx xxxxxxxxxxx (x.x. xxxxxx xxxxxx xxxxxxxx xxxxxx xxxxxxxxxxxxxx, xxxxxxxx of xxxxxx xxxxxxxx, xxxxxx xxxxxx xx xxxxxxxx xxxx). Xxxxxxxxxxx controls xxxxx xx xxx xx xxxxx xx identify, xxxxxxxxxxxx xxx xxxxxxxxx xxxxx xx specific xxxxxx xx xxx xxxxxxxxxxxx’x network, e.g. xxx xxxxx xxx xxxxxx xxxxxx xx xxxxxxx xx the Xxxxxxx Xxxxxxxxxxx Chain. Xxxxxxxx accounts xxxxx xxx be shared xx xxxxx to xxxxxx xxxxxxxxxxxxxx. Xxx xxxxxxxxx, xxxxx shall xx xxxxxxxxxxx xxx xxxxxxxx xx specific xxxxxxxx xx ensure xxxx xxxxxxxxx cannot xx xxxxxx guessed, x.x. xxxxxxxxxx xxxxx xxx xxxxxxx-xxxx xxxxxxxx. A safe xxxxxxxx xxxxxxxx xxx/xx xxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx. X&xxxx;xxxxxx shall xx xxxxxxxxx xxx xxxxxxxxxxx on xxx xxx xx xxxxxxxxxxxxx xxxxxxxx to protect xxx xxxxxxxxxxxxxxx, authenticity xxx xxxxxxxxx xx xxxxxxxxxxx. X&xxxx;xxx management xxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx xxx xxx of xxxxxxxxxxxxx controls. There xxxxx xx xxxxxx xxx xxxxxxx confidential xxxxxxxxxxx xx xxxxxx xx xx xxxxx (x.x. x&xxxx;xxxxx xxxxxx, x&xxxx;xxxxx xxxx policy) xx xxxxxx xxx risk xx unauthorised xxxxxx. Xxxx xxxxxxx remotely, xxx xxxxx of xxxxxxx xx xx unprotected xxxxxxxxxxx xxxxx xx xxxxxxxxxx and appropriate xxxxxxxxx xxx xxxxxxxxxxxxxx xxxxxxxx shall xx xxxxxxx. Xxxxxxxxxxx 1.10: Xxxxxxxxxxx xxxxxxx xxxxxxxxxxx, xxxxxxxxxxx xxx xxxxxxxxxxx Xxxxxxxx xxxxxxxxxxxx xxxxx be xxxxxxxxxx xxx xxxxxx prior xx the xxxxxxxxxxx xxx/xx implementation xx xxxxxxxxxxx xxxxxxx. Xxxxxxxxxxx xxxxxxxx xxxxx be xxxxx xxxx xxxxxxxxxxxx, xxxxxxxxx xxxx-xxxxxxxxx applications, xx xxxxxx correct xxxxxxxxxx. Xxxxx xxxxxxxx shall xxxxxxx xxx xxxxxxxxxx xx input xxxx, xxxxxxxx xxxxxxxxxx xxx xxxxxx xxxx. Xxxxxxxxxx xxxxxxxx xxx be xxxxxxxx for systems xxxx xxxxxxx, or xxxx xx impact xx, xxxxxxxxx, xxxxxxxx xx critical information. Xxxx xxxxxxxx xxxxx xx determined xx xxx xxxxx of xxxxxxxx requirements xxx xxxx assessment xxxxxxxxx xx the xxxxxxxxxxx xxxxxxxx (x.x. xxxxxxxxxxx xxxxxxxx policy, xxxxxxxxxxxxx xxxxxxx xxxxxx). Xxx xxxxxxxxxxx xxxxxxxxxxxx xx new xxxxxxx shall xx xxxxxxxxxxx, documented xxx xxxxxx xxxxx xx xxxxx xxxxxxxxxx xxx xxx. Xx xxxxxxx xxxxxxx security, xxxxxxxxxxx xxxxxxxx, xxxxxxxxx segmentation xxx xxxxxx xxxxxxxxxx, xxxxxx xx implemented xxxxx xx xxx xxxxxxxxxxx of data xxxxx xxx xxx xxxxx xx xxxx xx xxx network xxxxx xx xxx xxxxxxxxxxxx. Xxxxx shall xx specific controls xx protect xxxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxxxxx xxxxxxxx. Xxxxxx to xxxxxx xxxxx and xxxxxxx source xxxx xxxxx be xxxxxxxxxx xxx XX xxxxxxxx xxx support xxxxxxxxxx xxxxxxxxx in x&xxxx;xxxxxx xxxxxx. Care xxxxx xx xxxxx xx xxxxx exposure xx xxxxxxxxx data xx xxxx xxxxxxxxxxxx. Xxxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxx be xxxxxxxx xxxxxxxxxx. Xxxxxxxxxx xx xxxxxxx in xxxxxxxxxx xxxxx xx xxxxxxxx xxxxxxxxxx. A risk assessment xx xxx xxxxx xxxxxxx to xx xxxxxxxx xx xxxxxxxxxx xxxxx xx xxxxxxxxx. Xxxxxxx xxxxxxxx testing xxxxxxxxxx xx xxxxxxx xx xxxxxxxxxx xxxxx also xx conducted xxxxxxxxx xx a predefined plan xxxxx xx xxx xxxxxxx of x&xxxx;xxxx xxxxxxxxxx, and xxxxxxxx xxxxxxx xxxxx include, xx least, xxxxxxxxxxxxx xxxxxxxxxxx. Xxx xx xxx xxxxxxxxxxxx xxxxxxxxxxx xxxxxx xxx xxxxxxxx xxxxxxx xxxxxxxxxx shall xx xxxxxxxx and xxxxxx xxxxx xx xxxxx xxx xxxxxxxxxx xxx shall be xxxxxxxx xxx xxxxxxxx xx xx x&xxxx;xxxxxx xxxxxxx. Xxxxxxxxxxx 1.11: Xxxxxxxxxxx xxxxxxxx xx supplier (3) xxxxxxxxxxxxx Xx xxxxxx protection xx the xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxx xxxxxxxxxx xx xxxxxxxxx, information xxxxxxxx xxxxxxxxxxxx for xxxxxxxxxx the xxxxx xxxxxxxxxx xxxx supplier’s xxxxxx xxxxx xx xxxxxxxxxx xxx xxxxxxxx xxxxxx xxxx with xxx xxxxxxxx. Xxxxxxxxxxx 1.12: Xxxxxxxxxx xx information xxxxxxxx xxxxxxxxx xxx xxxxxxxxxxxx Xx xxxxxx x&xxxx;xxxxxxxxxx xxx xxxxxxxxx xxxxxxxx xx the management xx information xxxxxxxx xxxxxxxxx, xxxxxxxxx communication xx xxxxxxxx events xxx xxxxxxxxxx, roles, xxxxxxxxxxxxxxxx xxx xxxxxxxxxx, xx xxxxxxxx xxx xxxxxxxxx level, shall xx established xxx xxxxxx to xxxxxx x&xxxx;xxxxx, xxxxxxxxx xxx xxxxxxx xxx xxxxxx xxxxxxx xxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxx xx x&xxxx;xxxxx-xxxxxxx xxxxx (e.g. x&xxxx;xxxxx pursued xx xx xxxxxxxx xxxxxxxx xx xx xx xxxxxxx). Xxxxxxxxx xxxxxxxx xx these xxxxxxxxxx xxxxx be adequately xxxxxxx. Xxxxxxxxxxx 1.13: Xxxxxxxxx xxxxxxxxxx review A participant’s xxxxxxxx xxxxxxxxxxx xxxxxxx (e.g. xxxx xxxxxx xxxxxxx, xxxxxxxx networks xxx xxxxxxxx network xxxxxxxxxxxx) xxxxx be regularly xxxxxxxx for xxxxxxxxxx xxxx xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxxxxxxxx xx xxxxxxxx (e.g. xxxxxxxxxxx xxxxxxxx xxxxxx, xxxxxxxxxxxxx xxxxxxx xxxxxx). Xxxxxxxxxxx 1.14: Xxxxxxxxxxxxxx Xxxxx xxxxxxx xxxxxxxx xxxxx xxxxxx xxxx xxx xxx xxxxxxxx xxxxxxxx that are xxx xxx xxxxxxxx xxxxxxxx xxx xxxxxxx (x.x. hardening, logging). Xxxxxxxx xxxxxxxx xx xxxxxxxxxxx xxxx include: xxxxxxxxx xx the xxxxxxxxxx and xxx xxxxxxx xxxxxxxxx xxxxxx, xxxxxxx patching, xxxxxx xxxxxxxxxx of different xxxxxxxxxxxx (x.x. production xxx development). Xxxxxxxxxxx xxxxxxxxxx, logging xxx xxxxxxxxxx as xxxx xx xxxxxxxx xx xxxxxx xxxxxx, xx xxxxxxxxxx for high xxxxxxxxxx xxxxxxxx, shall xx xxxxxxxxxxx xxxxx xx a risk xxxxxxxxxx. Xxxxx xxxxxxx machines xxxxxxx xx xxx xxxx xxxxxxxxxx xxxxx xxxx x&xxxx;xxxxxxx xxxx xxxxxxx. Xxxxxxxxxxx 1.15: Xxxxx xxxxxxxxx Xxx xxxxx of xxxxxx xxx/xx hybrid xxxxx solutions xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxx be xxxxx on x&xxxx;xxxxxx xxxx xxxxxxxxxx, xxxxxx xxxx xxxxxxx xxx xxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxxx xxxxxxx xxxxxxx xx xxx xxxxx xxxxxxxx. Xx xxxxxx xxxxx solutions xxx xxxx, xx is xxxxxxxxxx xxxx xxx xxxxxxxxxxx xxxxx xx xxx xxxxxxx xxxxxx xx xxx highest xxx xx xxx xxxxxxxxx xxxxxxx. Xxx xx-xxxxxxxx xxxxxxxxxx of xxx hybrid solutions xxxx xx segregated xxxx xxx xxxxx xx-xxxxxxxx xxxxxxx. Xxxxxxxx xxxxxxxxxx xxxxxxxxxx (applicable xxxx xx xxxxxxxx xxxxxxxxxxxx) Xxx xxxxxxxxx xxxxxxxxxxxx (2.1 xx 2.6) relate xx business xxxxxxxxxx xxxxxxxxxx. Xxxx TARGET2 xxxxxxxxxxx xxxxxxxxxx xx xxx Xxxxxxxxxx xx xxxxx xxxxxxxx xxx xxx smooth xxxxxxxxxxx xx the XXXXXX2 xxxxxx shall have x&xxxx;xxxxxxxx xxxxxxxxxx xxxxxxxx xx xxxxx xxxxxxxxxx xxx following elements.
|
(1)&xxxx;&xxxx;Xxx xxxx-xx-xxxx xxxxxxxxx xxxxxx xx the xxxxxxxxxxxxxx xx xxx xxx xx information xxxx xx xxxxxxxxxx xxxxx xxxxxx xx in xxxxx xx carry xxx xxx/xxx duties.
(2) The xxxxxxxxx xx least xxxxxxxxx refers xx xxxxxxxxx x&xxxx;xxxxxxx’x xxxxxx xxxxxxx xx xx XX xxxxxx xx xxxxx xx xxxxx xxx xxxxxxxxxxxxx xxxxxxxx xxxx.
(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx xx xxx xxxxxxx of this xxxxxxxx should xx xxxxxxxxxx xx xxx xxxxx party (xxx xxx personnel) which xx under xxxxxxxx (xxxxxxxxx), xxxx xxx xxxxxxxxxxx, xx provide x&xxxx;xxxxxxx xxx under xxx service xxxxxxxxx xxx xxxxx xxxxx (xxx xxx personnel) xx xxxxxxx xxxxxx, xxxxxx xxxxxxxx xx xx-xxxx, xx xxxxxxxxxxx xxx/xx information xxxxxxx xxx/xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xx xxx xxxxxxxxxxx xx scope xx associated xx xxx xxxxx xxxxxxx xxxxx xxx exercise xx the XXXXXX2 xxxx-xxxxxxxxxxxxx.
XXXXXXX II
Příloha II xxxxxxxxxx ECB/2007/7 se xxxx takto:
1. |
Článek 1 se xxxx xxxxx:
|
2. |
X&xxxx;xx.&xxxx;4 odst. 2 xx xxxxxxx xx) xxxxxxxxx xxxxx:
|
3. |
X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 xx xxxxxx xxxx xxxxxxx xx), xxxxx xxx:
|
4. |
X&xxxx;xxxxxx&xxxx;4 xx odstavec 3 xxxxxxxxx tímto: „3. TARGET2 xxxxxxxx xxxx-xxxx xxxxx xxxxxxxxxx xxx payments xx xxxx, xxxx xxxxxxxxxx xx xxxxxxx bank xxxxx xxxxxx PM xxxxxxxx, T2S XXXx xxx XXXX DCAs. XXXXXX2 xx xxxxxxxxxxx xxx functions xx xxx basis xx xxx XXX xxxxxxx xxxxx xxxxxxx xxxxxx xxx xxxxxxxxx xxx xxxxxxxxx and through xxxxx xxxxxxxx xxx xxxxxxxxxx xxxxxxxx in xxx xxxx xxxxxxxxx xxxxxx. Xx xxx xx the xxxxxxxxx xxxxxxxxx xx xxx X2X XXXx is xxxxxxxxx, TARGET2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx xx xxx X2X Xxxxxxxx. As xxx xx xxx xxxxxxxxx operation xx xxx TIPS XXXx xxx TIPS XX xxxxxxxxx accounts xx xxxxxxxxx, XXXXXX2 is xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx on xxx xxxxx xx the XXXX Platform. Xxx XXX xx xxx xxxxxxxx xx xxxxxxxx xxxxx xxxxx Conditions. Xxxx xxx xxxxxxxxx xx xxx XXX-xxxxxxxxx XXXx xxx the 4XXx xxxxx xx xxxxxxxxxx xxxx xxx xxxxxxxxx xx xxx XXX, xxx xxxxx xx shall xxxxxx xxxxxxxxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;21 of xxxx Annex. Xxxxxxxxxxxxx xxxxxxxx xx xxxxx Xxxxxxxxxx shall xxx xxxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxxxxx X2X DCA xxxxxxx xxx xxx XXX-xxxxxxxxx XXXx or xxx 4XXx xxxx xxx xx the xxxxxx xxxx in xxxx capacity. Instructions, xxxxxxxx xx xxxxxxxxxxx xxxxx x&xxxx;X2X XXX xxxxxx receives xxxx, xx xxxxx to, xxx XXX xx X2X Xxxxxxxx xx xxxxxxxx xx xxx xxxxxxxx xxxxxxxx xxxxx xxxxx Xxxxxxxxxx are xxxxxx to xx xxxxxxxx xxxx, or xxxx xx, the XXX.“; |
5. |
X&xxxx;xxxxxx&xxxx;8 se xxxxxxxx 3 nahrazuje xxxxx: „3.&xxxx;&xxxx;&xxxx;Xxxxx xxx XXX xxx xxxxxxx a request xx x&xxxx;X2X XXX xxxxxx xxxxxxxx xx paragraph 1, xxxx T2S XXX holder xx xxxxxx to xxxx xxxxx xxx xxxxxxxxxxxxx XXX(x) a mandate to xxxxx the X2X XXX with xxx xxxxxxx relating xx xxxxxxxxxx transactions executed xx those securities xxxxxxxx.“; |
6. |
X&xxxx;xxxxxx&xxxx;28 xx xxxxxxxx 1 xxxxxxxxx xxxxx: „1.&xxxx;&xxxx;&xxxx;X2X XXX xxxxxxx shall xx xxxxxx xx xx xxxxx of, xxxxx xxxxxx with, xxx xxxxx be xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx with xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx legislation xx xxxx xxxxxxxxxx. Xxxx xxxxx xx xxxxxx xx be xxxxx of, and xxxxx xxxxxx xxxx xxx xxxxxxxxxxx xx xxxx relating to xxxxxxxxxxx on prevention xx money xxxxxxxxxx xxx xxx financing xx terrorism, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx xxx xxxxxxxxxxx of xxxxxxx weapons xxxxxxxx xxxxxxx, in particular xx xxxxx xx xxxxxxxxxxxx xxxxxxxxxxx measures xxxxxxxxxx xxx xxxxxxxx xxxxxxx or xxxxxxxx xx their X2X XXXx. Prior to xxxxxxxx into xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx xxx X2X xxxxxxx xxxxxxx provider, X2X XXX holders xxxxx xxxxxx that xxxx xxx xxxxxxxx xxxxx xxx xxxx xxxxxxxxx xxxxxx.“; |
7. |
Xxxxxx&xxxx;30 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;30 Xxxxxxxxxxx relationship with xx XXX 1.&xxxx;&xxxx;&xxxx;X2X XXX xxxxxxx xxxxx either:
2. The xxxxx xxxxxxxxxxxx xxxxxxx x&xxxx;X2X XXX holder xxx xxx XXX xxxxx xx xxxxxxxxxxx xxxxxxxx by the xxxxx xxx conditions xx the xxxxxxxx xxxxxxxx concluded xxxx xx XXX xx xxxxxxxx to in xxxxxxxxx 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxx xx xx xxxxxxxx xx xxx XXX xxxxx not form xxxx of xxx xxxxxxxx to be xxxxxxxxx xx the XXX xx xxxxxxx xx TARGET2. 4. The XXX xxxxx xxx be xxxxxx xxx xxx xxxx, xxxxxx xx xxxxxxxxx of xxx XXX (xxxxxxxxx xxx xxxxxxxxx, xxxxx xxx xxxxxxxxxxxxxx), xx for xxx xxxx, xxxxxx xx xxxxxxxxx of xxxxx xxxxxxx xxxxxxxx xx xxxxxxxxxxxx to xxxx xxxxxx to xxx XXX’x xxxxxxx.“; |
8. |
Xxxxxx xx xxxx xxxxxx&xxxx;34x, xxxxx zní: „Article 34a Transitional xxxxxxxxxx Xxxx xxx TARGET xxxxxx xx operational and XXXXXX2 has xxxxxx xxxxxxxxx, T2S XXX xxxxxxx shall xxxxxx X2X XXX holders xx xxx XXXXXX xxxxxx.“; |
9. |
Xxxxxx na pojem „X2X xxxxxxx service xxxxxxxx“ (v jednotném nebo xxxxxxx xxxxx) v čl. 6 xxxx.&xxxx;1 písm. a) xxxx x), čl. 9 xxxx.&xxxx;5, xx.&xxxx;10 xxxx.&xxxx;6, xx.&xxxx;14 odst. 1 xxxx. x), čl. 22 xxxx.&xxxx;1, xx.&xxxx;22 odst. 2, čl. 22 xxxx.&xxxx;3, xx.&xxxx;27 xxxx.&xxxx;5, xx.&xxxx;28 xxxx.&xxxx;1, xx.&xxxx;29 xxxx.&xxxx;1 xxxxxxx XX x&xxxx;x&xxxx;xxxxxxxx 1 xxxxxxx X&xxxx;xx nahrazují xxxxxxx „XXX“; |
10. |
X&xxxx;xxxxxxx I se v odst. 8 xxxxxxx. 4 nahrazuje xxxxxxx x) xxxxx:
|
XXXXXXX XXX
Xxxxxxx XXX xxxxxxxxxx XXX/2007/7 xx xxxx takto:
1. |
Odkazy xx xxxxx „TIPS xxxxxxx xxxxxxx provider“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx xxxxx) x&xxxx;xxxx xxxxxxx xx xxxxxxxxx odkazem „NSP“; |
2. |
Článek 1 xx xxxx xxxxx:
|
3. |
V čl. 3 xxxx.&xxxx;1 xx zrušuje xxxxx xx „Appendix X: XXXX connectivity xxxxxxxxx requirements“; |
4. |
Článek 4 se xxxx xxxxx:
|
5. |
X&xxxx;xx.&xxxx;6 odst. 1 písm. x) xx xxx x) xxxxxxxxx xxxxx:
|
6. |
Xxxxxx&xxxx;9 se xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;9 Xxxxxxxxxxx xxxxxxxxxxxx xxxx xx NSP 1. Participants xxxxx xxxxxx:
2. The xxxxx xxxxxxxxxxxx xxxxxxx x&xxxx;xxxxxxxxxxx xxx the XXX xxxxx xx xxxxxxxxxxx xxxxxxxx by xxx xxxxx xxx conditions xx their xxxxxxxx xxxxxxxx xx xxxxxxxx xx in paragraph 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx services xx xx xxxxxxxx xx xxx NSP xxxxx xxx form part xx xxx xxxxxxxx xx xx xxxxxxxxx xx the XXX xx respect xx XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxx be liable xxx xxx acts, xxxxxx xx omissions xx the NSP (xxxxxxxxx xxx directors, xxxxx and subcontractors), xx for xxx xxxx, xxxxxx xx xxxxxxxxx by xxxxx xxxxxxx xxxxxxxx xx xxxxxxxxxxxx xx xxxx xxxxxx xx xxx XXX’x network.“; |
7. |
Článek 10 xx xxxxxxx; |
8. |
Xxxxxx se nový xxxxxx&xxxx;11x, xxxxx zní: „Article 11a MPL xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxx xxxxxxx MPL xxxxxxxxxx xxxxxxxx xxx xxxxx – IBAN xxxxxxx table for xxx xxxxxxxx of xxx MPL xxxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxxx xxxxx xxx xx xxxxxx to xxxx xxx IBAN. An XXXX xxx xx xxxxxx to xxx xx xxxxxxxx xxxxxxx. 3.&xxxx;&xxxx;&xxxx;Xxxxxxx&xxxx;29 xxxxx xxxxx to xxx xxxx xxxxxxxxx xx xxx MPL xxxxxxxxxx.“; |
9. |
X&xxxx;xxxxxx&xxxx;12 se xxxxxxx xxxxxxxx 9; |
10. |
Článek 16 se xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;16 Xxxxx xx xxxxxxx xxxxxx xx XXXX XXX Xxx xxxxxxxxx xxx xxxxxxxxxx xx xxxxxxx xxxxxx xxx xxx purposes xx xxx XXXX xxxxxxx:
|
11. |
X&xxxx;xxxxxx&xxxx;18 xx xxxxxxxx 6 xxxxxxxxx xxxxx: „6.&xxxx;&xxxx;&xxxx;Xxxxx x&xxxx;XXXX XXX xx XX xxxxxxxxx xxxxxxxx xxxxx, a TIPS XXX xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx order xx x&xxxx;XXXX XX xxxxxxxxx xxxxxxx xx XXXX DCA liquidity xxxxxxxx xxxxx has xxxx xxxxxxxx as xxxxxxxx to xx Xxxxxxx&xxxx;17, the XXXXXX2-XXX xxxxx xxxxx xxxxxxx xxxxxxxxxx xxxxx are xxxxxxxxx on xxx xxxxx'x xxxxxxx. If xxxxxxxxxx xxxxx xxx xxx xxxxxxxxx the xxxxxxxxx xxxxxxxx xxxxx xxxxx xx xxxxxxxx. Xx xxxxxxxxxx funds xxx xxxxxxxxx the xxxxxxxxx transfer xxxxx xxxxx be settled xxxxxxxxxxx.“; |
12. |
X&xxxx;xx.&xxxx;20 xxxx.&xxxx;1 se xxxxxxx x) xxxxxxxxx xxxxx:
|
13. |
X&xxxx;xxxxxx&xxxx;30 se odstavec 1 nahrazuje xxxxx: „1.&xxxx;&xxxx;&xxxx;XXXX XXX xxxxxxx xxxxx xx xxxxxx to xx xxxxx xx, xxxxx xxxxxx xxxx xxx xxxxx xx xxxx xx xxxxxxxxxxx xxxx compliance xx xxx xxxxxxxx competent xxxxxxxxxxx xxxx all xxxxxxxxxxx on xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxx xxxxxxxxxx. Xxxx xxxxx xx xxxxxx xx be xxxxx xx, xxx xxxxx comply xxxx xxx xxxxxxxxxxx on xxxx xxxxxxxx xx xxxxxxxxxxx xx prevention xx xxxxx laundering xxx xxx xxxxxxxxx xx xxxxxxxxx, proliferation-sensitive xxxxxxx activities and xxx development xx xxxxxxx xxxxxxx delivery xxxxxxx, xx xxxxxxxxxx xx terms of xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx payments xxxxxxx xx xxxxxxxx xx xxxxx XXXX XXXx. TIPS XXX xxxxxxx xxxxxx xxxx xxxx xxx informed xxxxx their xxxxxx XXX'x data retrieval xxxxxx prior xx xxxxxxxx into x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx xxxx XXX.“; |
14. |
Xxxxxx xx nový xxxxxx&xxxx;35x, xxxxx xxx: „Xxxxxxx&xxxx;35x Xxxxxxxxxxxx xxxxxxxxx Xxxx xxx XXXXXX xxxxxx xx xxxxxxxxxxx xxx xxx TARGET2 xxx xxxxxx xxxxxxxxx, XXXX XXX xxxxxxx xxxxx xxxxxx XXXX XXX xxxxxxx xx xxx TARGET xxxxxx.“; |
15. |
X&xxxx;xxxxxxx X&xxxx;xx xxxxxxx v odstavci 2 xxxxxxxxx xxxxx:
|
16. |
X&xxxx;xxxxxxx X&xxxx;xx x&xxxx;xxxx.&xxxx;6 xxxxxxx. 1 xxxxxxxxx xxxxxxx x) tímto:
|
17. |
V dodatku XX xx zrušuje xxxxxxxx 2; |
18. |
Dodatek X&xxxx;xx xxxxxxx. |