XXXXXXXXXX XXXXXXXX XXXXXXXXX XXXXX (XX) 2021/1758
ze xxx 21.&xxxx;xxxx 2021,
kterým xx mění xxxxxxxxxx XXX/2007/7 x&xxxx;xxxxxxxxxx TARGET2-ECB (XXX/2021/43)
XXXXXXX XXXX XXXXXXXX XXXXXXXXX XXXXX,
x&xxxx;xxxxxxx na Xxxxxxx o fungování Xxxxxxxx xxxx, x&xxxx;xxxxxxx na xxxxx x&xxxx;xxxxxxx xxxxxxx xx.&xxxx;127 xxxx.&xxxx;2 xxxx xxxxxxx,
x&xxxx;xxxxxxx xx xxxxxx Xxxxxxxxxx xxxxxxx xxxxxxxxxxx xxxx x&xxxx;Xxxxxxxx xxxxxxxxx xxxxx, x&xxxx;xxxxxxx xx xxxxxx&xxxx;11.6 x&xxxx;xxxxxx 17, 22 a 23 xxxxxx xxxxxxx,
xxxxxxxx x&xxxx;xxxxx důvodům:
(1) |
Rada xxxxxxxxx změnila (1) xxx 20.&xxxx;xxxxxxxx 2021 xxxxxx xxxxxx Xxxxxxxx centrální xxxxx XXX/2012/27&xxxx;(2) s cílem: x) vyjasnit, xx xxxxxxxx XXXX XXX xxxxx k TARGET2 xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxxxxx xxxxxxx xxxxx infrastruktury Xxxxxxxxxxx (Xxxxxxxxxx Xxxxxx Xxxxxx Xxxxxxxxxxxxxx Gateway) xx xxxxxxxxx 2021 x&xxxx;xxxxxxxx X2X XXX budou x&xxxx;XXXXXX2 prostřednictvím tohoto xxxxxxx xxxxxxxxx xx xxxxxx 2022; b) xxxxxxxx a rozšířit xxxxxxxx xxxxxxxx xx dodržování xxxxxxxxx xx bezpečnost xxxxxxxxx bodu XXXXXX2, xxx xx zajistilo, xx xx xxxxxx XXXXXX2 xxxx dále xxxxxxx tak, xxx xxx schopen xxxxx xxxxxxx x&xxxx;xxxxxxx kybernetické xxxxxxxxxxx; x) zavést xxxxxxxxx, xxx majitelé xxxx XX, xxxxxx xxxxxxx účastníci a adresovatelní xxxxxxxx kódu XXX, xxxxx přistoupili k uplatňování xxxxxxx SCT Xxxx xxxxxxxx xxxxxx x&xxxx;xxxxxxxxxx xxxxxxx xxx xxxxxxxx xxxxxxxxxxxxx xxxxxxx XXXX, xxxx a zůstali trvale xxxxxxxxxxx na xxxxxxxxx XXXX prostřednictvím XXXX XXX, xxx xxx xx zajistila dostupnost xxxxxxxxxx xxxxxx v celé Xxxx; x) zavést xxxxxxxxxxxxxxx, xxxxx xxx x&xxxx;xxxxxxx xxxxxxx zůstatků x&xxxx;xxxx xxxxxxxxx x&xxxx;XXXXXX2 xx odpovídající nástupnické xxxx v budoucím systému XXXXXX, xxx xxxx xxxxxxxxx xxxxxx jistota, x&xxxx;x) xxxxxxxx x&xxxx;xxxxxxxxxxxx xxxxxxx xxxxx xxxxxxx xxxxxxxx xxxxx XXX/2012/27. |
(2) |
Xxxxxxx xxxx xxxxxxxxxx xxxxxxx xxxxxxxxxxx X2-X2X, bude x&xxxx;xxxxx právní xxxxxxx xxxxxx nezbytné xxxxxxxx xxxxxxxxxxxxxxx, pokud jde x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx v TARGET2-ECB xx xxxxxxxxxxxx xxxxxxxxxxx xxxx. |
(3) |
Xxxxx xxxxxxxx xxxxx XXX/2012/27, které xxxx xxxx na xxxxxxxx XXXXXX2-XXX, je třeba xxxxxxxxx x&xxxx;xxxxxxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7&xxxx;(3). |
(4) |
Xxxxxxxxxx XXX/2007/7 xx xxxxx xxxxx xxxxxxxxxxxxx xxxxxxxx xxxxxx, |
XXXXXXX XXXX ROZHODNUTÍ:
Článek 1
Změny
Přílohy X, II x&xxxx;XXX xxxxxxxxxx XXX/2007/7 xx mění x&xxxx;xxxxxxx x&xxxx;xxxxxxxxx xxxxxx rozhodnutí.
Xxxxxx&xxxx;2
Xxxxxxxxx xxxxxxxxxx
Xxxx xxxxxxxxxx xxxxxxxx v platnost pátým xxxx xx xxxxxxxxxx x&xxxx;Xxxxxxx xxxxxxxx Evropské xxxx.
Xxxxxxx xx ode xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx odst. 1 xxxx. x) x&xxxx;xxxxxxxx 7 x&xxxx;9 přílohy XX xxxxxx rozhodnutí, xxxxx xx xxxxxxx xxx xxx 13.&xxxx;xxxxxx 2022.
Xx Xxxxxxxxxx xxx Xxxxxxx xxx 21.&xxxx;xxxx 2021.
Xxxxxxxxxxx ECB
Christine LAGARDE
(1) Obecné xxxxxx Xxxxxxxx xxxxxxxxx xxxxx (XX) 2021/1759 xx xxx 20.&xxxx;xxxxxxxx 2021, xxxxxxx xx xxxx xxxxxx zásady XXX/2012/27 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx xxxxxxxxx xxxxxx v reálném xxxx (XXXXXX2) (XXX/2021/30) [(viz xxxxxx 45 x&xxxx;xxxxx xxxxx Úředního věstníku).
(2) Obecné xxxxxx Xxxxxxxx xxxxxxxxx xxxxx ECB/2012/27 xx xxx 5.&xxxx;xxxxxxxx 2012 x&xxxx;xxxxxxxxxxxxxx expresním xxxxxxxxxxxxxxx xxxxxxx zúčtování xxxxxx x&xxxx;xxxxxxx xxxx (XXXXXX2) (Xx. xxxx. L 30, 30.1.2013, s. 1).
(3)&xxxx;&xxxx;Xxxxxxxxxx Xxxxxxxx centrální xxxxx XXX/2007/7 ze xxx 24.&xxxx;xxxxxxxx 2007 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (Úř. xxxx. X&xxxx;237, 8.9.2007, x. 71).
PŘÍLOHA I
Příloha X&xxxx;xxxxxxxxxx XXX/2007/7 se xxxx xxxxx:
1. |
Xxxxxx&xxxx;1 se xxxx xxxxx:
|
2. |
X&xxxx;xxxxxx&xxxx;2 xxxxxx xxxxxxxx se xxxxxxxx xxxx xxxx, xxxxx xxx:
|
3. |
Článek 3 xx xxxx xxxxx:
|
4. |
Xxxxxx&xxxx;5 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;5 Xxxxxx participants PM xxxxxxx xxxxxxx xx XXXXXX2-XXX xxx direct xxxxxxxxxxxx xxx xxxxx comply xxxx xxx xxxxxxxxxxxx xxx xxx in Xxxxxxx&xxxx;8(1) xxx&xxxx;(2). Xxxx xxxxx have xx xxxxx xxx XX xxxxxxx xxxx xxx XXX. XX xxxxxxx xxxxxxx xxxx have xxxxxxx xx xxx XXX Xxxx xxxxxx xx xxxxxxx xxx XXXX Xxxxxxx Xxxxxx Xxxxxxxx Xxxxxxxxx Agreement xxxxx xx and xxxxx xxxxxx xxxxxxxxx xx xxx XXXX Xxxxxxxx xx xxx xxxxx, xxxxxx as x&xxxx;XXXX DCA xxxxxx xx xx x&xxxx;xxxxxxxxx xxxxx via x&xxxx;XXXX XXX xxxxxx.“; |
5. |
Xxxxxx&xxxx;22 se xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;22 Xxxxxxxx Xxxxxxxxxxxx xxx Xxxxxxx Xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxxxx adequate xxxxxxxx xxxxxxxx xx xxxxxxx their xxxxxxx xxxx unauthorised access xxx use. Xxxxxxxxxxxx xxxxx xx exclusively xxxxxxxxxxx xxx the xxxxxxxx xxxxxxxxxx xx xxx xxxxxxxxxxxxxxx, xxxxxxxxx xxx xxxxxxxxxxxx of xxxxx xxxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx shall xxxxxx the XXX xx any security-related xxxxxxxxx xx their xxxxxxxxx infrastructure xxx, xxxxx xxxxxxxxxxx, xxxxxxxx-xxxxxxx xxxxxxxxx xxxx occur xx xxx xxxxxxxxx xxxxxxxxxxxxxx xx xxx xxxxx xxxxx providers. Xxx XXX xxx xxxxxxx further xxxxxxxxxxx xxxxx the xxxxxxxx xxx, xx necessary, xxxxxxx that the xxxxxxxxxxx take xxxxxxxxxxx xxxxxxxx xx xxxxxxx x&xxxx;xxxxxxxxxx xx such xx event. 3. The XXX xxx impose additional xxxxxxxx xxxxxxxxxxxx, xx xxxxxxxxxx xxxx regard xx cybersecurity xx xxx xxxxxxxxxx xx xxxxx, on xxx xxxxxxxxxxxx xxx/xx on xxxxxxxxxxxx that xxx xxxxxxxxxx critical xx xxx XXX. 4.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx shall xxxxxxx xxx XXX xxxx: (i) xxxxxxxxx xxxxxx xx xxxxx xxxxxxxxxxx of xxxxxxxxx xx their xxxxxx xxxxxxx xxxxxxx xxxxxxxx’x xxxxxxxx xxxxxxxx xxxxxxxxxxxx, xxx (xx) xx xx xxxxxx xxxxx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxx xx xxxxxxxxx xx the XXX’x xxxxxxx xx Xxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxx xxx participant’s self-certification xxxxxxxxx(x) xx xxx xxxxxxxxxxxx xxxxx xx xxxxxxxxxx with each xx xxx requirements xxx xxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxxx. Xxxxx xxxxxxxxxxxx xxx listed xx Xxxxxxxx XXX, xxxxx xx xxxxxxxx xx xxx xxxxx Appendices xxxxxx xx Xxxxxxx&xxxx;2(1), xxxxx xxxx xx xxxxxxxx part xx xxxxx Xxxxxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx’x xxxxx of xxxxxxxxxx xxxx xxx requirements xx xxx TARGET2 xxxx-xxxxxxxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx, xx xxxxxxxxxx xxxxx xx xxxxxxxx: ‘xxxx xxxxxxxxxx’; ‘xxxxx xxx-xxxxxxxxxx’; xx ‘xxxxx xxx-xxxxxxxxxx’. Xxx xxxxxxxxx xxxxxxxx xxxxx: xxxx compliance xx xxxxxxx xxxxx xxxxxxxxxxxx xxxxxxx 100% xx xxx xxxxxxxxxxxx; xxxxx xxx-xxxxxxxxxx xx xxxxx x&xxxx;xxxxxxxxxxx satisfies xxxx xxxx 100% xxx xx xxxxx 66% of xxx xxxxxxxxxxxx and major xxx-xxxxxxxxxx xxxxx a participant xxxxxxxxx xxxx xxxx 66% xx the xxxxxxxxxxxx. Xx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxxx to it, xx xxxxx xx xxxxxxxxxx as xxxxxxxxx xxxx xxx xxxxxxxxxx xxxxxxxxxxx xxx xxx xxxxxxxx xx xxx xxxxxxxxxxxxxx. X&xxxx;xxxxxxxxxxx xxxxx xxxxx xx xxxxx ‘xxxx xxxxxxxxxx’ xxxxx xxxxxx xx action xxxx xxxxxxxxxxxxx xxx xx xxxxxxx to xxxxx xxxx compliance. Xxx XXX xxxxx xxxxxx xxx relevant xxxxxxxxxxx xxxxxxxxxxx xx xxx xxxxxx of xxxx participant’s xxxxxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xx xxx xxxxxxxxxxx refuses xx xxxxx xxxxxxxxx xxxxxx xx xxx xxxxxxxxxxx of xxxxxxxxx xx xxxxx chosen XXXx endpoint security xxxxxxxxxxxx xx xxxx xxx provide the XXXXXX2 xxxx-xxxxxxxxxxxxx xxx xxxxxxxxxxx’x xxxxx of xxxxxxxxxx xxxxx xx xxxxxxxxxxx xx ‘xxxxx xxx-xxxxxxxxxx’. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxxxx xxxxxxxxxx xx xxxxxxxxxxxx on xx xxxxxx basis. 4e. The XXX xxx xxxxxx xxx xxxxxxxxx xxxxxxxx xx xxxxxxx on xxxxxxxxxxxx xxxxx xxxxx xx xxxxxxxxxx xxx xxxxxxxx xx minor xx xxxxx non-compliance, in xxxxxxxxxx xxxxx xx xxxxxxxx:
|
6. |
X&xxxx;xxxxxx&xxxx;33 xx odstavec 1 nahrazuje xxxxx: „1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xx xxxxxx xx be aware xx, xxxxx xxxxxx xxxx, xxx xxxxx xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxxx authorities xxxx xxx obligations xx xxxx xxxxxxxx to xxxxxxxxxxx xx data xxxxxxxxxx. Xxxx shall xx xxxxxx xx xx xxxxx of, xxx xxxxx xxxxxx xxxx all xxxxxxxxxxx xx xxxx relating xx xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx xxxxxxxxxx xxx xxx xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx the development xx xxxxxxx xxxxxxx xxxxxxxx systems, in xxxxxxxxxx in terms xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx XX accounts. Xxxxxxxxxxxx xxxxx ensure that xxxx xxx informed xxxxx the TARGET2 xxxxxxx xxxxxxx xxxxxxxx’x xxxx retrieval xxxxxx xxxxx xx xxxxxxxx xxxx the xxxxxxxxxxx xxxxxxxxxxxx xxxx xxx XXXXXX2 xxxxxxx xxxxxxx xxxxxxxx.“; |
7. |
Xxxxxx xx xxxx xxxxxx&xxxx;39x, xxxxx xxx: „Xxxxxxx&xxxx;39x Xxxxxxxxxxxx xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxx xxx TARGET xxxxxx xx xxxxxxxxxxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, PM xxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xx xxx xxxxxxx holder’s xxxxxxxxxxxxx successor xxxxxxxx xx xxx TARGET xxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx xxxx XX xxxxxxx xxxxxxx, xxxxxxxx Xxxxxxxxxxxx xxx xxxxxxxxxxx BIC xxxxxxx xxxxxxxx to the XXX Xxxx xxxxxx xx reachable xx xxx XXXX Xxxxxxxx xxxxxxxx xx Article 5 xxxxx xxxxx xx xx 25 February 2022.“; |
8. |
X&xxxx;xxxxxxx I se x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 nahrazuje xxxxxxx b) xxxxx:
|
9. |
X&xxxx;xxxxxxx XX xx x&xxxx;xxxxxxxx 6 xxxxxxxxx písmeno x) xxxxx:
|
10. |
Xxxxxxxx xx xxxx xxxxxxx VII, který xxx: „Xxxxxxxx VII Requirements regarding xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx continuity xxxxxxxxxx Xxxxxxxxxxx xxxxxxxx xxxxxxxxxx Xxxxx xxxxxxxxxxxx xxx xxxxxxxxxx xx each xxxxxxxxxxx, xxxxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx a specific xxxxxxxxxxx xx xxx xxxxxxxxxx xx it. Xx xxxxxxxxxxxx xxx xxxxx of application xx xxx xxxxxxxxxxxx xxxxxx xxx xxxxxxxxxxxxxx, xxx xxxxxxxxxxx xxxxxx xxxxxxxx the xxxxxxxx xxxx are xxxx xx xxx Payment Xxxxxxxxxxx Xxxxx (PTC). Xxxxxxxxxxxx, the XXX xxxxxx at x&xxxx;Xxxxx xx Xxxxx (PoE), x.x. x&xxxx;xxxxxx xxxxxxxx xx xxx xxxxxxxx xx xxxxxxxxxxxx (x.x. xxxxxxxxxxxx, xxxxx-xxxxxx xxx xxxx-xxxxxx applications, xxxxxxxxxx), xxx xxxx xx xxx xxxxxx xxxxxxxxxxx xx xxxx the xxxxxxx xx SWIFT (x.x. XXXXX VPN Xxx) or Xxxxxxxx (xxxx xxx xxxxxx xxxxxxxxxx to Internet-based Xxxxxx). Xxxxxxxxxxx 1.1: Xxxxxxxxxxx xxxxxxxx xxxxxx Xxx management xxxxx set a clear xxxxxx xxxxxxxxx in xxxx xxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxx xxxxxxx xxx and xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxx the xxxxxxxx, approval and xxxxxxxxxxx of an xxxxxxxxxxx xxxxxxxx xxxxxx xxxxxx xx managing xxxxxxxxxxx xxxxxxxx xxx xxxxx resilience across xxx xxxxxxxxxxxx xx xxxxx of identification, xxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxx xxxxx xxxxxxxxxx xxxxx. Xxx policy xxxxxx contain xx xxxxx the xxxxxxxxx xxxxxxxx: objectives, xxxxx (xxxxxxxxx xxxxxxx xxxx xx xxxxxxxxxxxx, human xxxxxxxxx, xxxxx management xxx.), xxxxxxxxxx xxx xxxxxxxxxx xx xxxxxxxxxxxxxxxx. Xxxxxxxxxxx 1.2: Internal xxxxxxxxxxxx Xx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xxxxx xx established xx xxxxxxxxx xxx xxxxxxxxxxx security xxxxxx xxxxxx the organisation. Xxx xxxxxxxxxx xxxxx xxxxxxxxxx xxx review xxx xxxxxxxxxxxxx of xxx information xxxxxxxx xxxxxxxxx xx xxxxxx xxx xxxxxxxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxx xxxxxx (xx xxx Xxxxxxxxxxx 1.1) xxxxxx xxx xxxxxxxxxxxx, including xxx xxxxxxxxxx xx xxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxx xx security xxxxxxxxxxxxxxxx for xxxx xxxxxxx. Xxxxxxxxxxx 1.3: External xxxxxxx Xxx xxxxxxxx of xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxx information processing xxxxxxxxxx xxxxxx xxx xx reduced by xxx xxxxxxxxxxxx xx, xxx/xx xxx dependence xx, an xxxxxxxx xxxxx/xxxxxxx xx xxxxxxxx/xxxxxxxx xxxxxxxx xx them. Xxx access xx xxx xxxxxxxxxxxx’x information xxxxxxxxxx xxxxxxxxxx xx xxxxxxxx xxxxxxx xxxxx xx controlled. Xxxx xxxxxxxx xxxxxxx xx xxxxxxxx/xxxxxxxx xx xxxxxxxx xxxxxxx xxx xxxxxxxx xx access xxx xxxxxxxxxxxx’x information xxxxxxxxxx xxxxxxxxxx, a risk assessment xxxxx be xxxxxxx xxx xx xxxxxxxxx xxx xxxxxxxx implications xxx xxxxxxx xxxxxxxxxxxx. Xxxxxxxx xxxxx xx xxxxxx xxx xxxxxxx xx xx xxxxxxxxx xxxx xxxx xxxxxxxx xxxxxxxx xxxxx. Xxxxxxxxxxx 1.4: Xxxxx xxxxxxxxxx Xxx information xxxxxx, xxx business xxxxxxxxx and the xxxxxxxxxx information xxxxxxx, xxxx as xxxxxxxxx xxxxxxx, infrastructures, business xxxxxxxxxxxx, xxx-xxx-xxxxx products, xxxxxxxx xxx xxxx-xxxxxxxxx xxxxxxxxxxxx, in xxx xxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxxx xx xxxxxxxxx xxx and xxxx x&xxxx;xxxxxxxxx xxxxx. The xxxxxxxxxxxxxx xxx xxx xxxxxxxxxxx and xxx xxxxxxxxx xx appropriate xxxxxxxx xx xxx xxxxxxxx processes and xxx xxxxxxx XX xxxxxxxxxx to xxxxxxxxx xxx xxxxxxxxxxx xxxxxx xxxxx xx xxxxxxxx. Xxxx: xxx owner xxx xxxxxxxx xxx xxxxxxxxxxxxxx of xxxxxxxx xxxxxxxx xx xxxxxxxxxxx, xxx remains accountable xxx xxx proper xxxxxxxxxx of xxx xxxxxx. Xxxxxxxxxxx 1.5: Information xxxxxx xxxxxxxxxxxxxx Xxxxxxxxxxx xxxxxx xxxxx be xxxxxxxxxx xx xxxxx of xxxxx criticality xx xxx smooth delivery xx xxx xxxxxxx xx the participant. Xxx xxxxxxxxxxxxxx xxxxx xxxxxxxx the xxxx, xxxxxxxxxx xxx xxxxxx xx xxxxxxxxxx xxxxxxxx xxxx xxxxxxxx xxx xxxxxxxxxxx xxxxx xx xxx xxxxxxxx xxxxxxxx xxxxxxxxx xxx xxxxx xxxx xxxx xxxx xxxxxxxxxxxxx xxx xxxxxxxxxx XX components. Xx xxxxxxxxxxx asset xxxxxxxxxxxxxx xxxxxx xxxxxxxx by xxx xxxxxxxxxx xxxxx xx xxxx xx xxxxxx xx xxxxxxxxxxx xxx of protection xxxxxxxx xxxxxxxxxx the xxxxxxxxxxx asset xxxxxxxxx (xxxxxxxxx xxxxxxx xxx xxxxxxxxxxx xx xxxxxxxxxxx xxxxxx) xxx xx xxxxxxxxxxx xxx xxxx xxx specific handling xxxxxxxx. Xxxxxxxxxxx 1.6: Xxxxx xxxxxxxxx security Security responsibilities xxxxx xx xxxxxxxxx xxxxx xx xxxxxxxxxx xx xxxxxxxx xxx xxxxxxxxxxxx xxx xx xxxxx and conditions xx employment. Xxx xxxxxxxxxx xxx xxxxxxxxxx, xxxxxxxxxxx xxx xxxxx xxxxx users xxxxx xx xxxxxxxxxx xxxxxxxx, xxxxxxxxxx for xxxxxxxxx xxxx. Employees, contractors xxx third xxxxx xxxxx xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xxxx xx agreement xx their xxxxxxxx xxxxx and xxxxxxxxxxxxxxxx. Xx adequate xxxxx xx xxxxxxxxx shall xx xxxxxxx among xxx xxxxxxxxx, contractors xxx xxxxx xxxxx xxxxx, xxx education xxx xxxxxxxx in xxxxxxxx procedures xxx xxx xxxxxxx use xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xx xxxxxxxx to xxxx xx xxxxxxxx possible xxxxxxxx xxxxx. X&xxxx;xxxxxx xxxxxxxxxxxx xxxxxxx xxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxx xx established xxx xxxxxxxxx. Responsibilities xxxxx be xx xxxxx xx ensure xxxx xx xxxxxxxx’x, xxxxxxxxxx’x xx xxxxx xxxxx user’s xxxx xxxx xx transfer xxxxxx the organisation xx xxxxxxx, xxx xxxx xxx return xx all xxxxxxxxx xxx the xxxxxxx xx xxx xxxxxx xxxxxx xxx xxxxxxxxx. Xxxxxxxxxxx 1.7: Physical and xxxxxxxxxxxxx security Critical or xxxxxxxxx information processing xxxxxxxxxx xxxxx be xxxxxx in xxxxxx xxxxx, xxxxxxxxx by xxxxxxx xxxxxxxx xxxxxxxxxx, xxxx xxxxxxxxxxx xxxxxxxx xxxxxxxx and entry xxxxxxxx. Xxxx xxxxx xx physically protected xxxx unauthorised xxxxxx, xxxxxx and xxxxxxxxxxxx. Xxxxxx shall xx xxxxxxx only xx xxxxxxxxxxx xxx fall xxxxxx xxx xxxxx xx Requirement 1.6. Xxxxxxxxxx and xxxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx xxxxxxxx xxxxx xxxxxxxxxx xxxxxxxxxxx xxxxxx when xx xxxxxxx. Xxxxxxxxx xxxxx be xxxxxxxxx from physical xxx xxxxxxxxxxxxx threats. Xxxxxxxxxx of xxxxxxxxx (xxxxxxxxx xxxxxxxxx xxxx xxx-xxxx) and xxxxxxx xxx removal xx xxxxxxxx xx necessary xx xxxxxx the xxxx xx unauthorised xxxxxx xx xxxxxxxxxxx xxx xx xxxxx xxxxxxx xxxx or xxxxxx xx xxxxxxxxx xx information. Xxxxxxx xxxxxxxx may be xxxxxxxx xx protect xxxxxxx xxxxxxxx xxxxxxx xxx xx xxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxx xx the electrical xxxxxx xxx xxxxxxx xxxxxxxxxxxxxx. Xxxxxxxxxxx 1.8: Operations xxxxxxxxxx Xxxxxxxxxxxxxxxx xxx procedures xxxxx xx established xxx the xxxxxxxxxx xxx xxxxxxxxx of xxxxxxxxxxx processing xxxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxx xxxxxxx in xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxx-xx-xxx. Xx regards xxxxxxxxx procedures, xxxxxxxxx xxxxxxxxx administration of XX xxxxxxx, xxxxxxxxxxx xx duties xxxxx xx xxxxxxxxxxx, xxxxx xxxxxxxxxxx, xx xxxxxx xxx risk of xxxxxxxxx xx xxxxxxxxxx xxxxxx xxxxxx. Xxxxx xxxxxxxxxxx xx xxxxxx xxxxxx xx xxxxxxxxxxx xxx to documented xxxxxxxxx reasons, xxxxxxxxxxxx xxxxxxxx xxxxx be xxxxxxxxxxx xxxxxxxxx x&xxxx;xxxxxx xxxx xxxxxxxx. Xxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx and xxxxxx xxx xxxxxxxxxxxx xx xxxxxxxxx xxxx xxx xxxxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx shall xx xxxx xxxxxxxxxxx (xxxxxxxxx xxxx xxxxxxxxx) xx xxxxxxx, detect xxx remove xxxxxxxxx xxxx. Xxxxxx xxxx xxxxx xx xxxx xxxx xxxx xxxxxxx xxxxxxx (x.x. signed Xxxxxxxxx COM xxxxxxxxxx xxx Xxxx Xxxxxxx). Xxx xxxxxxxxxxxxx xx xxx xxxxxxx (x.x. xxx use of xxxxxxxxxx and plugins) xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxx backup xxx xxxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xx xxx xxxxxxxxxx; those xxxxxxxx policies xxxxx xxxxxxx x&xxxx;xxxx xx xxx xxxxxxxxxxx xxxxxxx xxxxx xx xxxxxx xx regular intervals xx xxxxx xxxxxxxx. Xxxxxxx xxxx xxx xxxxxxxx xxx the xxxxxxxx xx xxxxxxxx xxxxx xx xxxxxxxxx xxx xxxxxx xxxxxxxx to xxxxxxxxxxx security xxxxx xx recorded. Xxxxxxxx xxxx xxxxx be xxxx to xxxxxx xxxx xxxxxxxxxxx xxxxxx xxxxxxxx are identified. Xxxxxxxx xxxx xxxxx xx xxxxxxxxx xxxxxxxx xx x&xxxx;xxxxxx xxxxx, xxxxx xx xxx xxxxxxxxxxx of xxx xxxxxxxxxx. Xxxxxx xxxxxxxxxx xxxxx xx xxxx xx check xxx xxxxxxxxxxxxx of controls xxxxx xxx xxxxxxxxxx xx critical xxx xxx security xx xxxxxxxx xxx xx xxxxxx xxxxxxxxxx to xx xxxxxx xxxxxx xxxxx. Xxxxxxxxx xx xxxxxxxxxxx xxxxxxx organisations xxxxx xx xxxxx on x&xxxx;xxxxxx xxxxxxxx policy, xxxxxxx xxx xx xxxx xxxx xxxxxxxx xxxxxxxxxx xxxxx the xxxxxxxx xxxxxxx and xxxxx xx xxxxxxxxx xxxx any xxxxxxxx xxxxxxxxxxx. Xxxxx party xxxxxxxx components employed xx the exchange xx xxxxxxxxxxx with XXXXXX2 (xxxx xxxxxxxx xxxxxxxx from x&xxxx;Xxxxxxx Xxxxxx in xxxxxxxx 2 xx the xxxxx xxxxxxx of xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx) xxxx xx xxxx xxxxx x&xxxx;xxxxxx xxxxxxxxx with xxx xxxxx party. Requirement 1.9: Xxxxxx xxxxxxx Xxxxxx xx information assets xxxxx be justified xx xxx xxxxx xx xxxxxxxx requirements (xxxx-xx-xxxx&xxxx;(1)) xxx xxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxxx xx xxxxxxxxx xxxxxxxx (xxxxxxxxx the xxxxxxxxxxx xxxxxxxx xxxxxx). Xxxxx xxxxxx xxxxxxx xxxxx xxxxx be xxxxxxx xxxxx on xxx xxxxxxxxx xx xxxxx privilege (2) xx xxxxxxx xxxxxxx the xxxxx of xxx xxxxxxxxxxxxx xxxxxxxx and XX xxxxxxxxx. Xxxxx xxxxxxxx (x.x. for xxxxxx xxxxxxxxxx) xxxxxxx xxxxxx xxxxxxx xxxxxx xx xxxxxxxxxx with xxxxxxxx xxxxxx xxxxxxx xxxxxx there are xxxxxxxx xxxxxxxxxxxx controls xx place (e.g. xxxxxxxxxx, xxxxxxxx data xxxxxxxxxxxxx). Xxxxxx xxx xxxxxxxxxx xxxxxxxxxx xxxxx xx xx xxxxx to xxxxxxx xxx xxxxxxxxxx xx xxxxxx rights xx xxxxxxxxxxx systems xxx xxxxxxxx that xxxx xxxxxx xxx xxxxx of xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxx procedures shall xxxxx xxx xxxxxx xx the xxxxxxxxx xx xxxx xxxxxx, xxxx xxx initial xxxxxxxxxxxx xx new xxxxx xx xxx xxxxx xxxxxxxxxxxxxx xx xxxxx xxxx xx xxxxxx xxxxxxx xxxxxx. Xxxxxxx xxxxxxxxx shall xx xxxxx, where appropriate, xx xxx xxxxxxxxxx xx xxxxxx xxxxxx xx xxxx xxxxxxxxxxx xxxx xxx xxxxx xx those xxxxxx xxxxxx xxxxx xxxx xx a severe adverse xxxxxx xx the xxxxxxxxxx xx the xxxxxxxxxxx (x.x. access xxxxxx xxxxxxxx system xxxxxxxxxxxxxx, xxxxxxxx xx xxxxxx controls, xxxxxx xxxxxx to xxxxxxxx xxxx). Xxxxxxxxxxx controls xxxxx xx xxx in xxxxx to xxxxxxxx, xxxxxxxxxxxx xxx authorise xxxxx xx specific xxxxxx xx xxx xxxxxxxxxxxx’x network, x.x. xxx xxxxx xxx xxxxxx access xx xxxxxxx in xxx Xxxxxxx Transaction Xxxxx. Xxxxxxxx xxxxxxxx xxxxx xxx xx xxxxxx xx order xx xxxxxx xxxxxxxxxxxxxx. Xxx xxxxxxxxx, xxxxx xxxxx xx xxxxxxxxxxx xxx xxxxxxxx xx xxxxxxxx controls xx xxxxxx xxxx xxxxxxxxx xxxxxx xx xxxxxx xxxxxxx, x.x. xxxxxxxxxx xxxxx xxx xxxxxxx-xxxx xxxxxxxx. A safe xxxxxxxx recovery and/or xxxxx protocol xxxxx xx xxxxxxxxxxx. X&xxxx;xxxxxx xxxxx xx xxxxxxxxx and xxxxxxxxxxx on xxx xxx of cryptographic xxxxxxxx xx protect xxx confidentiality, xxxxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx. X&xxxx;xxx xxxxxxxxxx xxxxxx shall xx xxxxxxxxxxx xx support xxx xxx of xxxxxxxxxxxxx xxxxxxxx. Xxxxx xxxxx xx xxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx xx xxxxxx xx xx xxxxx (x.x. x&xxxx;xxxxx xxxxxx, a clear xxxx policy) xx xxxxxx xxx xxxx xx xxxxxxxxxxxx xxxxxx. Xxxx xxxxxxx remotely, xxx xxxxx xx xxxxxxx xx xx unprotected xxxxxxxxxxx shall be xxxxxxxxxx xxx xxxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxxxxxx xxxxxxxx shall xx xxxxxxx. Xxxxxxxxxxx 1.10: Information xxxxxxx xxxxxxxxxxx, development xxx xxxxxxxxxxx Xxxxxxxx xxxxxxxxxxxx xxxxx xx xxxxxxxxxx xxx xxxxxx xxxxx xx xxx development xxx/xx xxxxxxxxxxxxxx xx xxxxxxxxxxx xxxxxxx. Xxxxxxxxxxx xxxxxxxx xxxxx xx built xxxx applications, xxxxxxxxx xxxx-xxxxxxxxx xxxxxxxxxxxx, to xxxxxx xxxxxxx xxxxxxxxxx. Xxxxx xxxxxxxx shall xxxxxxx xxx xxxxxxxxxx xx xxxxx xxxx, xxxxxxxx xxxxxxxxxx xxx xxxxxx xxxx. Additional xxxxxxxx may xx xxxxxxxx for xxxxxxx xxxx xxxxxxx, xx xxxx xx xxxxxx xx, sensitive, valuable xx xxxxxxxx information. Xxxx controls xxxxx xx xxxxxxxxxx xx xxx basis xx xxxxxxxx xxxxxxxxxxxx xxx xxxx xxxxxxxxxx xxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxx (e.g. xxxxxxxxxxx xxxxxxxx xxxxxx, cryptographic xxxxxxx policy). The operational xxxxxxxxxxxx xx xxx xxxxxxx shall be xxxxxxxxxxx, xxxxxxxxxx and xxxxxx prior to xxxxx acceptance and xxx. Xx regards xxxxxxx xxxxxxxx, xxxxxxxxxxx xxxxxxxx, including xxxxxxxxxxxx xxx secure management, xxxxxx xx xxxxxxxxxxx xxxxx xx xxx xxxxxxxxxxx of data xxxxx xxx xxx xxxxx xx risk xx xxx xxxxxxx xxxxx xx xxx xxxxxxxxxxxx. Xxxxx xxxxx xx specific xxxxxxxx xx protect xxxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxxxxx networks. Access xx xxxxxx xxxxx xxx xxxxxxx source code xxxxx xx xxxxxxxxxx xxx IT xxxxxxxx xxx support xxxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxx xxxxxx. Xxxx xxxxx xx taken to xxxxx xxxxxxxx xx xxxxxxxxx data xx xxxx xxxxxxxxxxxx. Xxxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxx xx xxxxxxxx xxxxxxxxxx. Deployment xx xxxxxxx xx xxxxxxxxxx xxxxx be xxxxxxxx xxxxxxxxxx. A risk xxxxxxxxxx xx xxx major xxxxxxx xx xx xxxxxxxx xx production xxxxx be xxxxxxxxx. Xxxxxxx xxxxxxxx testing activities xx xxxxxxx in xxxxxxxxxx shall also xx xxxxxxxxx xxxxxxxxx xx a predefined plan xxxxx on xxx xxxxxxx of a risk xxxxxxxxxx, xxx xxxxxxxx xxxxxxx xxxxx xxxxxxx, xx xxxxx, xxxxxxxxxxxxx xxxxxxxxxxx. Xxx xx xxx xxxxxxxxxxxx xxxxxxxxxxx xxxxxx xxx xxxxxxxx xxxxxxx activities xxxxx xx xxxxxxxx xxx xxxxxx xxxxx xx xxxxx xxx identified xxx shall xx xxxxxxxx and xxxxxxxx xx in a timely xxxxxxx. Xxxxxxxxxxx 1.11: Xxxxxxxxxxx xxxxxxxx in supplier (3) xxxxxxxxxxxxx Xx ensure xxxxxxxxxx xx xxx xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx systems xxxx xxx xxxxxxxxxx xx xxxxxxxxx, information xxxxxxxx xxxxxxxxxxxx for xxxxxxxxxx the xxxxx xxxxxxxxxx xxxx xxxxxxxx’x xxxxxx shall xx xxxxxxxxxx and xxxxxxxx xxxxxx upon xxxx xxx xxxxxxxx. Xxxxxxxxxxx 1.12: Xxxxxxxxxx of information xxxxxxxx xxxxxxxxx xxx xxxxxxxxxxxx Xx xxxxxx a consistent xxx xxxxxxxxx approach xx the management xx information security xxxxxxxxx, including communication xx xxxxxxxx xxxxxx xxx xxxxxxxxxx, xxxxx, xxxxxxxxxxxxxxxx xxx xxxxxxxxxx, xx xxxxxxxx xxx xxxxxxxxx xxxxx, xxxxx xx xxxxxxxxxxx xxx xxxxxx to xxxxxx x&xxxx;xxxxx, effective xxx xxxxxxx xxx xxxxxx xxxxxxx xxxx information xxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxxxx related xx x&xxxx;xxxxx-xxxxxxx xxxxx (e.g. x&xxxx;xxxxx xxxxxxx xx xx xxxxxxxx attacker xx by xx xxxxxxx). Xxxxxxxxx xxxxxxxx xx xxxxx xxxxxxxxxx xxxxx xx xxxxxxxxxx xxxxxxx. Xxxxxxxxxxx 1.13: Technical xxxxxxxxxx xxxxxx X&xxxx;xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx xxxxxxx (e.g. xxxx office systems, xxxxxxxx xxxxxxxx xxx xxxxxxxx network connectivity) xxxxx be xxxxxxxxx xxxxxxxx for xxxxxxxxxx xxxx xxx organisation’s xxxxxxxxxxx framework of xxxxxxxx (e.g. information xxxxxxxx xxxxxx, xxxxxxxxxxxxx xxxxxxx xxxxxx). Xxxxxxxxxxx 1.14: Xxxxxxxxxxxxxx Xxxxx xxxxxxx xxxxxxxx xxxxx comply xxxx xxx xxx security xxxxxxxx that are xxx xxx physical xxxxxxxx xxx systems (x.x. xxxxxxxxx, logging). Xxxxxxxx xxxxxxxx to xxxxxxxxxxx must xxxxxxx: xxxxxxxxx of xxx xxxxxxxxxx and the xxxxxxx xxxxxxxxx system, xxxxxxx patching, xxxxxx xxxxxxxxxx of different xxxxxxxxxxxx (x.x. xxxxxxxxxx xxx xxxxxxxxxxx). Xxxxxxxxxxx xxxxxxxxxx, logging xxx xxxxxxxxxx as xxxx xx xxxxxxxx xx xxxxxx rights, xx xxxxxxxxxx xxx high xxxxxxxxxx accounts, xxxxx xx implemented xxxxx xx a risk xxxxxxxxxx. Xxxxx xxxxxxx xxxxxxxx xxxxxxx xx xxx xxxx xxxxxxxxxx shall xxxx a similar xxxx xxxxxxx. Xxxxxxxxxxx 1.15: Xxxxx xxxxxxxxx Xxx xxxxx xx xxxxxx and/or xxxxxx xxxxx xxxxxxxxx xx xxx Payment Xxxxxxxxxxx Xxxxx must be xxxxx xx x&xxxx;xxxxxx xxxx xxxxxxxxxx, xxxxxx xxxx xxxxxxx xxx xxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxxx xxxxxxx xxxxxxx xx xxx xxxxx solution. If xxxxxx xxxxx xxxxxxxxx are xxxx, it xx xxxxxxxxxx xxxx xxx xxxxxxxxxxx xxxxx xx xxx xxxxxxx system xx xxx highest xxx of xxx xxxxxxxxx xxxxxxx. Xxx xx-xxxxxxxx components xx xxx xxxxxx xxxxxxxxx xxxx xx xxxxxxxxxx xxxx xxx other xx-xxxxxxxx xxxxxxx. Xxxxxxxx continuity xxxxxxxxxx (xxxxxxxxxx xxxx xx xxxxxxxx xxxxxxxxxxxx) Xxx xxxxxxxxx requirements (2.1 xx 2.6) xxxxxx xx business continuity xxxxxxxxxx. Xxxx XXXXXX2 xxxxxxxxxxx xxxxxxxxxx xx xxx Xxxxxxxxxx xx xxxxx xxxxxxxx for xxx xxxxxx xxxxxxxxxxx xx xxx XXXXXX2 xxxxxx xxxxx have x&xxxx;xxxxxxxx xxxxxxxxxx strategy xx xxxxx xxxxxxxxxx xxx following elements.
|
(1)&xxxx;&xxxx;Xxx xxxx-xx-xxxx principle xxxxxx xx xxx xxxxxxxxxxxxxx xx xxx xxx xx xxxxxxxxxxx xxxx xx xxxxxxxxxx needs xxxxxx xx in xxxxx to carry xxx her/his xxxxxx.
(2)&xxxx;&xxxx;Xxx xxxxxxxxx xx least xxxxxxxxx refers xx xxxxxxxxx x&xxxx;xxxxxxx’x xxxxxx xxxxxxx xx xx XX xxxxxx xx xxxxx xx match xxx xxxxxxxxxxxxx xxxxxxxx xxxx.
(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx in xxx xxxxxxx of this xxxxxxxx xxxxxx xx xxxxxxxxxx xx any xxxxx xxxxx (xxx xxx xxxxxxxxx) xxxxx xx under contract (xxxxxxxxx), xxxx xxx xxxxxxxxxxx, to provide x&xxxx;xxxxxxx xxx xxxxx xxx xxxxxxx xxxxxxxxx xxx third xxxxx (xxx xxx xxxxxxxxx) xx xxxxxxx xxxxxx, xxxxxx remotely xx xx-xxxx, xx information xxx/xx xxxxxxxxxxx xxxxxxx xxx/xx information xxxxxxxxxx xxxxxxxxxx of the xxxxxxxxxxx xx xxxxx xx associated xx xxx xxxxx xxxxxxx xxxxx xxx xxxxxxxx xx xxx TARGET2 xxxx-xxxxxxxxxxxxx.
XXXXXXX II
Příloha II xxxxxxxxxx ECB/2007/7 xx xxxx xxxxx:
1. |
Xxxxxx&xxxx;1 xx xxxx takto:
|
2. |
V čl. 4 xxxx.&xxxx;2 xx xxxxxxx xx) xxxxxxxxx xxxxx:
|
3. |
X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 xx xxxxxx xxxx písmeno xx), které zní:
|
4. |
X&xxxx;xxxxxx&xxxx;4 xx odstavec 3 xxxxxxxxx xxxxx: „3.&xxxx;&xxxx;&xxxx;XXXXXX2 xxxxxxxx xxxx-xxxx gross settlement xxx payments xx xxxx, xxxx xxxxxxxxxx xx xxxxxxx xxxx xxxxx across PM xxxxxxxx, X2X DCAs xxx XXXX DCAs. XXXXXX2 xx established xxx xxxxxxxxx on xxx xxxxx xx xxx SSP xxxxxxx xxxxx payment xxxxxx xxx submitted xxx xxxxxxxxx xxx through xxxxx payments xxx xxxxxxxxxx xxxxxxxx in xxx same technical xxxxxx. As xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx X2X DCAs xx xxxxxxxxx, TARGET2 xx xxxxxxxxxxx xxxxxxxxxxx and xxxxxxxxx xx xxx xxxxx of xxx X2X Xxxxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx TIPS XXXx xxx XXXX AS xxxxxxxxx xxxxxxxx xx xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx on xxx xxxxx xx xxx XXXX Xxxxxxxx. Xxx XXX is xxx xxxxxxxx xx xxxxxxxx xxxxx these Xxxxxxxxxx. Xxxx xxx omissions xx xxx XXX-xxxxxxxxx XXXx xxx the 4XXx xxxxx xx xxxxxxxxxx xxxx and xxxxxxxxx xx xxx XXX, xxx xxxxx xx shall xxxxxx xxxxxxxxx xx accordance xxxx Xxxxxxx&xxxx;21 xx xxxx Annex. Xxxxxxxxxxxxx xxxxxxxx xx xxxxx Xxxxxxxxxx xxxxx xxx xxxxxx x&xxxx;xxxxxxxxxxx relationship xxxxxxx T2S XXX xxxxxxx xxx xxx XXX-xxxxxxxxx XXXx xx xxx 4XXx xxxx xxx xx xxx xxxxxx acts in xxxx xxxxxxxx. Instructions, xxxxxxxx xx information xxxxx x&xxxx;X2X XXX xxxxxx receives xxxx, xx sends xx, xxx XXX xx X2X Xxxxxxxx xx xxxxxxxx xx xxx xxxxxxxx xxxxxxxx xxxxx xxxxx Conditions xxx xxxxxx to xx xxxxxxxx xxxx, or xxxx xx, xxx XXX.“; |
5. |
X&xxxx;xxxxxx&xxxx;8 xx odstavec 3 nahrazuje tímto: „3. Where xxx XXX xxx xxxxxxx a request xx x&xxxx;X2X XXX xxxxxx xxxxxxxx to xxxxxxxxx 1, xxxx X2X XXX xxxxxx is xxxxxx xx xxxx xxxxx xxx participating XXX(x) a mandate xx xxxxx xxx X2X XXX xxxx xxx xxxxxxx xxxxxxxx to xxxxxxxxxx xxxxxxxxxxxx xxxxxxxx xx xxxxx securities xxxxxxxx.“; |
6. |
X&xxxx;xxxxxx&xxxx;28 xx xxxxxxxx 1 xxxxxxxxx tímto: „1. T2S XXX holders xxxxx xx xxxxxx xx xx xxxxx xx, xxxxx xxxxxx xxxx, xxx xxxxx be xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx relevant xxxxxxxxx xxxxxxxxxxx xxxx xxx xxxxxxxxxxx on xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxx xxxxxxxxxx. Xxxx shall be xxxxxx xx xx xxxxx xx, and xxxxx comply xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxxxxxxxx xx money xxxxxxxxxx xxx xxx financing xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx activities xxx xxx xxxxxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, in xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx any xxxxxxxx xxxxxxx xx credited xx xxxxx X2X XXXx. Xxxxx xx xxxxxxxx xxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx xxx X2X xxxxxxx xxxxxxx provider, X2X XXX holders shall xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx xxx data xxxxxxxxx xxxxxx.“; |
7. |
Xxxxxx&xxxx;30 xx nahrazuje xxxxx: „Xxxxxxx&xxxx;30 Xxxxxxxxxxx xxxxxxxxxxxx xxxx xx XXX 1.&xxxx;&xxxx;&xxxx;X2X XXX xxxxxxx xxxxx xxxxxx:
2. The xxxxx relationship xxxxxxx x&xxxx;X2X XXX xxxxxx xxx the XXX xxxxx xx xxxxxxxxxxx xxxxxxxx xx the xxxxx xxx conditions xx xxx separate xxxxxxxx xxxxxxxxx xxxx xx XXX as xxxxxxxx xx in xxxxxxxxx 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx services xx be xxxxxxxx xx xxx NSP xxxxx xxx xxxx xxxx xx xxx xxxxxxxx xx be xxxxxxxxx xx xxx XXX in respect xx XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxx xx xxxxxx for any xxxx, errors xx xxxxxxxxx xx xxx XXX (xxxxxxxxx xxx xxxxxxxxx, xxxxx and xxxxxxxxxxxxxx), xx for xxx xxxx, xxxxxx xx xxxxxxxxx xx xxxxx parties xxxxxxxx xx xxxxxxxxxxxx xx xxxx xxxxxx to xxx NSP’s network.“; |
8. |
Vkládá xx xxxx xxxxxx&xxxx;34x, xxxxx xxx: „Xxxxxxx&xxxx;34x Xxxxxxxxxxxx provisions Once xxx XXXXXX xxxxxx xx xxxxxxxxxxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, X2X DCA xxxxxxx xxxxx become X2X XXX xxxxxxx xx xxx TARGET xxxxxx.“; |
9. |
Xxxxxx xx xxxxx „X2X xxxxxxx service xxxxxxxx“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx čísle) v čl. 6 xxxx.&xxxx;1 xxxx. x) xxxx x), xx.&xxxx;9 xxxx.&xxxx;5, xx.&xxxx;10 odst. 6, xx.&xxxx;14 odst. 1 xxxx. x), xx.&xxxx;22 xxxx.&xxxx;1, xx.&xxxx;22 xxxx.&xxxx;2, xx.&xxxx;22 xxxx.&xxxx;3, xx.&xxxx;27 xxxx.&xxxx;5, xx.&xxxx;28 xxxx.&xxxx;1, xx.&xxxx;29 xxxx.&xxxx;1 xxxxxxx II x&xxxx;x&xxxx;xxxxxxxx 1 xxxxxxx X&xxxx;xx xxxxxxxxx odkazem „XXX“; |
10. |
X&xxxx;xxxxxxx X&xxxx;xx x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx b) xxxxx:
|
PŘÍLOHA XXX
Xxxxxxx XXX xxxxxxxxxx ECB/2007/7 se xxxx xxxxx:
1. |
Xxxxxx xx xxxxx „TIPS xxxxxxx xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx xxxxx) x&xxxx;xxxx xxxxxxx xx xxxxxxxxx odkazem „XXX“; |
2. |
Xxxxxx&xxxx;1 xx xxxx takto:
|
3. |
V čl. 3 xxxx.&xxxx;1 xx xxxxxxx xxxxx xx „Appendix X: XXXX connectivity xxxxxxxxx xxxxxxxxxxxx“; |
4. |
Xxxxxx&xxxx;4 se xxxx xxxxx:
|
5. |
X&xxxx;xx.&xxxx;6 odst. 1 xxxx. x) se bod x) xxxxxxxxx xxxxx:
|
6. |
Xxxxxx&xxxx;9 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;9 Xxxxxxxxxxx xxxxxxxxxxxx with xx XXX 1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx:
2.&xxxx;&xxxx;&xxxx;Xxx legal xxxxxxxxxxxx between a participant xxx xxx NSP xxxxx xx xxxxxxxxxxx xxxxxxxx by xxx xxxxx and conditions xx xxxxx separate xxxxxxxx as xxxxxxxx xx xx paragraph 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxx xx xx xxxxxxxx xx xxx NSP xxxxx xxx xxxx part xx xxx xxxxxxxx xx xx xxxxxxxxx xx xxx XXX xx xxxxxxx xx XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx ECB xxxxx xxx xx xxxxxx xxx xxx acts, xxxxxx xx xxxxxxxxx xx xxx XXX (xxxxxxxxx its directors, xxxxx xxx xxxxxxxxxxxxxx), xx xxx any xxxx, xxxxxx or xxxxxxxxx by third xxxxxxx selected by xxxxxxxxxxxx xx xxxx xxxxxx xx the XXX’x network.“; |
7. |
Článek 10 xx xxxxxxx; |
8. |
Xxxxxx xx xxxx xxxxxx&xxxx;11x, xxxxx xxx: „Xxxxxxx&xxxx;11x XXX xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxx xxxxxxx XXX xxxxxxxxxx contains xxx xxxxx – IBAN xxxxxxx xxxxx xxx xxx xxxxxxxx xx xxx XXX xxxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxxx xxxxx xxx xx xxxxxx to only xxx IBAN. Xx XXXX may be xxxxxx xx xxx xx xxxxxxxx xxxxxxx. 3.&xxxx;&xxxx;&xxxx;Xxxxxxx&xxxx;29 xxxxx xxxxx to xxx xxxx xxxxxxxxx xx the XXX xxxxxxxxxx.“; |
9. |
X&xxxx;xxxxxx&xxxx;12 xx xxxxxxx xxxxxxxx 9; |
10. |
Xxxxxx&xxxx;16 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;16 Xxxxx xx xxxxxxx xxxxxx xx XXXX XXX Xxx xxxxxxxxx xxx xxxxxxxxxx as xxxxxxx xxxxxx xxx xxx xxxxxxxx of xxx XXXX xxxxxxx:
|
11. |
X&xxxx;xxxxxx&xxxx;18 xx xxxxxxxx 6 xxxxxxxxx xxxxx: „6.&xxxx;&xxxx;&xxxx;Xxxxx x&xxxx;XXXX DCA xx PM xxxxxxxxx xxxxxxxx order, x&xxxx;XXXX XXX xx TIPS XX xxxxxxxxx xxxxxxx xxxxxxxxx transfer xxxxx xx a TIPS XX xxxxxxxxx xxxxxxx xx XXXX DCA liquidity xxxxxxxx xxxxx has xxxx accepted xx xxxxxxxx to in Xxxxxxx&xxxx;17, the TARGET2-ECB xxxxx check xxxxxxx xxxxxxxxxx funds xxx xxxxxxxxx xx xxx xxxxx'x account. Xx xxxxxxxxxx xxxxx xxx xxx xxxxxxxxx xxx xxxxxxxxx xxxxxxxx order xxxxx xx rejected. Xx xxxxxxxxxx xxxxx xxx available xxx xxxxxxxxx xxxxxxxx xxxxx xxxxx xx settled xxxxxxxxxxx.“; |
12. |
X&xxxx;xx.&xxxx;20 xxxx.&xxxx;1 xx xxxxxxx x) nahrazuje xxxxx:
|
13. |
X&xxxx;xxxxxx&xxxx;30 se xxxxxxxx 1 nahrazuje xxxxx: „1.&xxxx;&xxxx;&xxxx;XXXX XXX xxxxxxx xxxxx xx xxxxxx xx xx xxxxx xx, xxxxx xxxxxx xxxx xxx xxxxx xx xxxx xx demonstrate xxxx compliance xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx with all xxxxxxxxxxx xx xxxx xxxxxxxx to xxxxxxxxxxx xx data xxxxxxxxxx. Xxxx xxxxx xx xxxxxx xx xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx obligations xx xxxx xxxxxxxx to xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx laundering xxx the financing xx terrorism, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx and xxx xxxxxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, xx xxxxxxxxxx xx terms xx xxxxxxxxxxxx appropriate xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx or xxxxxxxx xx their XXXX XXXx. TIPS XXX xxxxxxx xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx xxxxx xxxxxx XXX'x xxxx xxxxxxxxx xxxxxx xxxxx to xxxxxxxx xxxx a contractual xxxxxxxxxxxx xxxx xxxx XXX.“; |
14. |
Xxxxxx se nový xxxxxx&xxxx;35x, který xxx: „Xxxxxxx&xxxx;35x Xxxxxxxxxxxx xxxxxxxxx Xxxx the XXXXXX xxxxxx xx xxxxxxxxxxx xxx xxx XXXXXX2 xxx ceased xxxxxxxxx, XXXX XXX xxxxxxx xxxxx xxxxxx XXXX XXX xxxxxxx in xxx XXXXXX xxxxxx.“; |
15. |
X&xxxx;xxxxxxx X&xxxx;xx xxxxxxx v odstavci 2 xxxxxxxxx xxxxx:
|
16. |
X&xxxx;xxxxxxx I se v odst. 6 xxxxxxx. 1 xxxxxxxxx xxxxxxx b) xxxxx:
|
17. |
X&xxxx;xxxxxxx XX xx xxxxxxx xxxxxxxx 2; |
18. |
Xxxxxxx X&xxxx;xx xxxxxxx. |