Animace načítání

Stránka se připravuje...


Na co čekáte? Nečekejte už ani minutu.
Získejte přístup na tento text ještě dnes. Kontaktujte nás a my Vám obratem uděláme nabídku pro Vás přímo na míru.

XXXXXXXXXX XXXXXXXX XXXXXXXXX XXXXX (XX) 2021/1758

ze xxx 21.&xxxx;xxxx 2021,

kterým xx mění xxxxxxxxxx XXX/2007/7 x&xxxx;xxxxxxxxxx TARGET2-ECB (XXX/2021/43)

XXXXXXX XXXX XXXXXXXX XXXXXXXXX XXXXX,

x&xxxx;xxxxxxx na Xxxxxxx o fungování Xxxxxxxx xxxx, x&xxxx;xxxxxxx na xxxxx x&xxxx;xxxxxxx xxxxxxx xx.&xxxx;127 xxxx.&xxxx;2 xxxx xxxxxxx,

x&xxxx;xxxxxxx xx xxxxxx Xxxxxxxxxx xxxxxxx xxxxxxxxxxx xxxx x&xxxx;Xxxxxxxx xxxxxxxxx xxxxx, x&xxxx;xxxxxxx xx xxxxxx&xxxx;11.6 x&xxxx;xxxxxx 17, 22 a 23 xxxxxx xxxxxxx,

xxxxxxxx x&xxxx;xxxxx důvodům:

(1)

Rada xxxxxxxxx změnila (1) xxx 20.&xxxx;xxxxxxxx 2021 xxxxxx xxxxxx Xxxxxxxx centrální xxxxx XXX/2012/27&xxxx;(2) s cílem: x) vyjasnit, xx xxxxxxxx XXXX XXX xxxxx k TARGET2 xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxxxxx xxxxxxx xxxxx infrastruktury Xxxxxxxxxxx (Xxxxxxxxxx Xxxxxx Xxxxxx Xxxxxxxxxxxxxx Gateway) xx xxxxxxxxx 2021 x&xxxx;xxxxxxxx X2X XXX budou x&xxxx;XXXXXX2 prostřednictvím tohoto xxxxxxx xxxxxxxxx xx xxxxxx 2022; b) xxxxxxxx a rozšířit xxxxxxxx xxxxxxxx xx dodržování xxxxxxxxx xx bezpečnost xxxxxxxxx bodu XXXXXX2, xxx xx zajistilo, xx xx xxxxxx XXXXXX2 xxxx dále xxxxxxx tak, xxx xxx schopen xxxxx xxxxxxx x&xxxx;xxxxxxx kybernetické xxxxxxxxxxx; x) zavést xxxxxxxxx, xxx majitelé xxxx XX, xxxxxx xxxxxxx účastníci a adresovatelní xxxxxxxx kódu XXX, xxxxx přistoupili k uplatňování xxxxxxx SCT Xxxx xxxxxxxx xxxxxx x&xxxx;xxxxxxxxxx xxxxxxx xxx xxxxxxxx xxxxxxxxxxxxx xxxxxxx XXXX, xxxx a zůstali trvale xxxxxxxxxxx na xxxxxxxxx XXXX prostřednictvím XXXX XXX, xxx xxx xx zajistila dostupnost xxxxxxxxxx xxxxxx v celé Xxxx; x) zavést xxxxxxxxxxxxxxx, xxxxx xxx x&xxxx;xxxxxxx xxxxxxx zůstatků x&xxxx;xxxx xxxxxxxxx x&xxxx;XXXXXX2 xx odpovídající nástupnické xxxx v budoucím systému XXXXXX, xxx xxxx xxxxxxxxx xxxxxx jistota, x&xxxx;x) xxxxxxxx x&xxxx;xxxxxxxxxxxx xxxxxxx xxxxx xxxxxxx xxxxxxxx xxxxx XXX/2012/27.

(2)

Xxxxxxx xxxx xxxxxxxxxx xxxxxxx xxxxxxxxxxx X2-X2X, bude x&xxxx;xxxxx právní xxxxxxx xxxxxx nezbytné xxxxxxxx xxxxxxxxxxxxxxx, pokud jde x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx v TARGET2-ECB xx xxxxxxxxxxxx xxxxxxxxxxx xxxx.

(3)

Xxxxx xxxxxxxx xxxxx XXX/2012/27, které xxxx xxxx na xxxxxxxx XXXXXX2-XXX, je třeba xxxxxxxxx x&xxxx;xxxxxxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7&xxxx;(3).

(4)

Xxxxxxxxxx XXX/2007/7 xx xxxxx xxxxx xxxxxxxxxxxxx xxxxxxxx xxxxxx,

XXXXXXX XXXX ROZHODNUTÍ:

Článek 1

Změny

Přílohy X, II x&xxxx;XXX xxxxxxxxxx XXX/2007/7 xx mění x&xxxx;xxxxxxx x&xxxx;xxxxxxxxx xxxxxx rozhodnutí.

Xxxxxx&xxxx;2

Xxxxxxxxx xxxxxxxxxx

Xxxx xxxxxxxxxx xxxxxxxx v platnost pátým xxxx xx xxxxxxxxxx x&xxxx;Xxxxxxx xxxxxxxx Evropské xxxx.

Xxxxxxx xx ode xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx odst. 1 xxxx. x) x&xxxx;xxxxxxxx 7 x&xxxx;9 přílohy XX xxxxxx rozhodnutí, xxxxx xx xxxxxxx xxx xxx 13.&xxxx;xxxxxx 2022.

Xx Xxxxxxxxxx xxx Xxxxxxx xxx 21.&xxxx;xxxx 2021.

Xxxxxxxxxxx ECB

Christine LAGARDE


(1)  Obecné xxxxxx Xxxxxxxx xxxxxxxxx xxxxx (XX) 2021/1759 xx xxx 20.&xxxx;xxxxxxxx 2021, xxxxxxx xx xxxx xxxxxx zásady XXX/2012/27 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx xxxxxxxxx xxxxxx v reálném xxxx (XXXXXX2) (XXX/2021/30) [(viz xxxxxx 45 x&xxxx;xxxxx xxxxx Úředního věstníku).

(2)  Obecné xxxxxx Xxxxxxxx xxxxxxxxx xxxxx ECB/2012/27 xx xxx 5.&xxxx;xxxxxxxx 2012 x&xxxx;xxxxxxxxxxxxxx expresním xxxxxxxxxxxxxxx xxxxxxx zúčtování xxxxxx x&xxxx;xxxxxxx xxxx (XXXXXX2) (Xx. xxxx. L 30, 30.1.2013, s. 1).

(3)&xxxx;&xxxx;Xxxxxxxxxx Xxxxxxxx centrální xxxxx XXX/2007/7 ze xxx 24.&xxxx;xxxxxxxx 2007 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (Úř. xxxx. X&xxxx;237, 8.9.2007, x. 71).


PŘÍLOHA I

Příloha X&xxxx;xxxxxxxxxx XXX/2007/7 se xxxx xxxxx:

1.

Xxxxxx&xxxx;1 se xxxx xxxxx:

x)

xxxxxxxx xxxxx „xxxxxxx xxxxxxx order“ xx xxxxxxxxx tímto:

„—

“instant xxxxxxx xxxxx” xxxxx, in xxxx xxxx xxx Xxxxxxxx Xxxxxxxx Xxxxxxx'x XXXX Instant Xxxxxx Xxxxxxxx (SCT Xxxx) xxxxxx, a payment xxxxxxxxxxx xxxxx can be xxxxxxxx 24 xxxxx x&xxxx;xxx any calendar xxx xx the xxxx, xxxx xxxxxxxxx xx close to xxxxxxxxx processing and xxxxxxxxxxxx xx the xxxxx xxx xxxxxxxx (x) xxx XXXX XXX xx XXXX XXX xxxxxxx xxxxxxx xxxxxx, (x) XXXX XXX xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxx payment xxxxxx, (x) XXXX XX xxxxxxxxx xxxxxxx to XXXX XXX xxxxxxx xxxxxxx xxxxxx and (x) XXXX AS xxxxxxxxx xxxxxxx xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxx xxxxxxx xxxxxx,“;

x)

xxxxxxxx xx nové xxxxxxxx, které znějí:

„—

“European Xxxxxxxx Xxxxxxx'x XXXX Xxxxxxx Xxxxxx Transfer (XXX Xxxx) xxxxxx” xx “SCT Xxxx xxxxxx” means xx xxxxxxxxx, open xxxxxxxxx xxxxxx xxxxxxxxx a set xx xxxxxxxxx rules xx be xxxxxxxx xxxx xx SCT Xxxx participants, allowing xxxxxxx xxxxxxxx xxxxxxxxx xx SEPA xx xxxxx xx xxxxxxxxx, XXXX-xxxx xxxx xxxxxxx xxxxxx xxxxxxxx product,

“TIPS xxxxxxxxx system technical xxxxxxx (XXXX XX xxxxxxxxx xxxxxxx)” xxxxx xx account xxxx xx xx xxxxxxxxx xxxxxx xx a CB xx xx ancillary xxxxxx'x xxxxxx xx xxx XX’x XXXXXX2 xxxxxxxxx system for xxx xx xxx xxxxxxxxx system for xxx xxxxxxx of xxxxxxxx instant payments xx xxx xxx xxxxx,

“XXXX XXX xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx transfer xxxxx” xxxxx xxx xxxxxxxxxxx to xxxxxxxx x&xxxx;xxxxxxxxx xxxxxx of xxxxx from x&xxxx;XXXX XXX xx x&xxxx;XXXX XX xxxxxxxxx account xx xxxx xxx XXXX XXX holder’s xxxxxxxx (xx the xxxxxxxx xx another xxxxxxxxxxx of xxx xxxxxxxxx system) xx xxx xxxxx of xxx xxxxxxxxx xxxxxx,

“XXXX XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx transfer order” xxxxx xxx xxxxxxxxxxx xx transfer x&xxxx;xxxxxxxxx xxxxxx of funds xxxx x&xxxx;XXXX XX xxxxxxxxx xxxxxxx xx x&xxxx;XXXX DCA to xxxxxx the XXXX XXX xxxxxx’x xxxxxxxx (xx xxx xxxxxxxx xx xxxxxxx xxxxxxxxxxx xx the ancillary xxxxxx) xx xxx xxxxx xx xxx xxxxxxxxx xxxxxx,

“xxxxxxxxx party” xxxxx xx xxxxxx xxxxx: (a) xxxxx x&xxxx;XXX; (b) xx xxxxxxxxxx xx x&xxxx;xxxxxxxxx xxxxx by x&xxxx;XXXX XXX xxxxxx xx xx xx xxxxxxxxx xxxxxx; (x) is x&xxxx;xxxxxxxxxxxxx, customer or xxxxxx of x&xxxx;XXXX XXX xxxxxx xx x&xxxx;xxxxxxxxxxx of an xxxxxxxxx xxxxxx, xx x&xxxx;xxxxxxxxxxxxx, xxxxxxxx, or xxxxxx xx x&xxxx;xxxxxxxxxxx xx an xxxxxxxxx xxxxxx; xxx (x) xx xxxxxxxxxxx through xxx XXXX Xxxxxxxx xxx xx xxxx xx xxxxxx instant xxxxxxx xxxxxx xxx xxxxxxx xxxxxxx payment xxxxxx either xxx xxx XXXX DCA xxxxxx xx xxx xxxxxxxxx xxxxxx or, xx xx xxxxxxxxxx xx xxx XXXX XXX xxxxxx xx xx xxx xxxxxxxxx xxxxxx, xxxxxxxx.“;

x)

xxxxxxxx pojmu „XXXX network xxxxxxx xxxxxxxx“ xx xxxxxxx;

2.

X&xxxx;xxxxxx&xxxx;2 xxxxxx xxxxxxxx se xxxxxxxx xxxx xxxx, xxxxx xxx:

„Xxxxxxxx XXX:

Xxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxx security xxxxxxxxxx xxx xxxxxxxx xxxxxxxxxx management“;

3.

Článek 3 xx xxxx xxxxx:

x)

x&xxxx;xxxxxxxx 2 xx xxxxxxx xx) xxxxxxxxx tímto:

„(fc)

TIPS XXX xx PM xxxxxxxxx xxxxxxxx orders and XX to TIPS XXX xxxxxxxxx xxxxxxxx xxxxxx;“;

x)

x&xxxx;xxxxxxxx 2 xx xxxxxx xxxx xxxxxxx xx), které xxx:

„(xx)

XXXX XXX to TIPS XX xxxxxxxxx account xxxxxxxxx xxxxxxxx orders xxx XXXX XX xxxxxxxxx xxxxxxx xx XXXX DCA xxxxxxxxx xxxxxxxx xxxxxx; and“;

c)

odstavec 3 xx nahrazuje xxxxx:

„3.&xxxx;&xxxx;&xxxx;XXXXXX2 xxxxxxxx xxxx-xxxx xxxxx xxxxxxxxxx for xxxxxxxx xx euro, xxxx xxxxxxxxxx xx xxxxxxx xxxx xxxxx xxxxxx PM xxxxxxxx, X2X XXXx xxx XXXX XXXx. TARGET2 xx established xxx xxxxxxxxx xx xxx xxxxx xx xxx XXX xxxxxxx xxxxx xxxxxxx xxxxxx are xxxxxxxxx and processed xxx xxxxxxx xxxxx xxxxxxxx xxx xxxxxxxxxx xxxxxxxx xx xxx xxxx xxxxxxxxx manner. Xx xxx as xxx technical operation xx xxx X2X XXXx is xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx the basis xx xxx X2X Xxxxxxxx. Xx far xx xxx xxxxxxxxx xxxxxxxxx xx xxx XXXX XXXx xxx XXXX AS technical xxxxxxxx is concerned, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx xx the XXXX Xxxxxxxx.“;

4.

Xxxxxx&xxxx;5 xx xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;5

Xxxxxx participants

PM xxxxxxx xxxxxxx xx XXXXXX2-XXX xxx direct xxxxxxxxxxxx xxx xxxxx comply xxxx xxx xxxxxxxxxxxx xxx xxx in Xxxxxxx&xxxx;8(1) xxx&xxxx;(2). Xxxx xxxxx have xx xxxxx xxx XX xxxxxxx xxxx xxx XXX. XX xxxxxxx xxxxxxx xxxx have xxxxxxx xx xxx XXX Xxxx xxxxxx xx xxxxxxx xxx XXXX Xxxxxxx Xxxxxx Xxxxxxxx Xxxxxxxxx Agreement xxxxx xx and xxxxx xxxxxx xxxxxxxxx xx xxx XXXX Xxxxxxxx xx xxx xxxxx, xxxxxx as x&xxxx;XXXX DCA xxxxxx xx xx x&xxxx;xxxxxxxxx xxxxx via x&xxxx;XXXX XXX xxxxxx.“;

5.

Xxxxxx&xxxx;22 se xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;22

Xxxxxxxx Xxxxxxxxxxxx xxx Xxxxxxx Xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxxxx adequate xxxxxxxx xxxxxxxx xx xxxxxxx their xxxxxxx xxxx unauthorised access xxx use. Xxxxxxxxxxxx xxxxx xx exclusively xxxxxxxxxxx xxx the xxxxxxxx xxxxxxxxxx xx xxx xxxxxxxxxxxxxxx, xxxxxxxxx xxx xxxxxxxxxxxx of xxxxx xxxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx shall xxxxxx the XXX xx any security-related xxxxxxxxx xx their xxxxxxxxx infrastructure xxx, xxxxx xxxxxxxxxxx, xxxxxxxx-xxxxxxx xxxxxxxxx xxxx occur xx xxx xxxxxxxxx xxxxxxxxxxxxxx xx xxx xxxxx xxxxx providers. Xxx XXX xxx xxxxxxx further xxxxxxxxxxx xxxxx the xxxxxxxx xxx, xx necessary, xxxxxxx that the xxxxxxxxxxx take xxxxxxxxxxx xxxxxxxx xx xxxxxxx x&xxxx;xxxxxxxxxx xx such xx event.

3.   The XXX xxx impose additional xxxxxxxx xxxxxxxxxxxx, xx xxxxxxxxxx xxxx regard xx cybersecurity xx xxx xxxxxxxxxx xx xxxxx, on xxx xxxxxxxxxxxx xxx/xx on xxxxxxxxxxxx that xxx xxxxxxxxxx critical xx xxx XXX.

4.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx shall xxxxxxx xxx XXX xxxx: (i) xxxxxxxxx xxxxxx xx xxxxx xxxxxxxxxxx of xxxxxxxxx xx their xxxxxx xxxxxxx xxxxxxx xxxxxxxx’x xxxxxxxx xxxxxxxx xxxxxxxxxxxx, xxx (xx) xx xx xxxxxx xxxxx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxx xx xxxxxxxxx xx the XXX’x xxxxxxx xx Xxxxxxx.

4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxx xxx participant’s self-certification xxxxxxxxx(x) xx xxx xxxxxxxxxxxx xxxxx xx xxxxxxxxxx with each xx xxx requirements xxx xxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxxx. Xxxxx xxxxxxxxxxxx xxx listed xx Xxxxxxxx XXX, xxxxx xx xxxxxxxx xx xxx xxxxx Appendices xxxxxx xx Xxxxxxx&xxxx;2(1), xxxxx xxxx xx xxxxxxxx part xx xxxxx Xxxxxxxxxx.

4x.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx’x xxxxx of xxxxxxxxxx xxxx xxx requirements xx xxx TARGET2 xxxx-xxxxxxxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx, xx xxxxxxxxxx xxxxx xx xxxxxxxx: ‘xxxx xxxxxxxxxx’; ‘xxxxx xxx-xxxxxxxxxx’; xx ‘xxxxx xxx-xxxxxxxxxx’. Xxx xxxxxxxxx xxxxxxxx xxxxx: xxxx compliance xx xxxxxxx xxxxx xxxxxxxxxxxx xxxxxxx 100% xx xxx xxxxxxxxxxxx; xxxxx xxx-xxxxxxxxxx xx xxxxx x&xxxx;xxxxxxxxxxx satisfies xxxx xxxx 100% xxx xx xxxxx 66% of xxx xxxxxxxxxxxx and major xxx-xxxxxxxxxx xxxxx a participant xxxxxxxxx xxxx xxxx 66% xx the xxxxxxxxxxxx. Xx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxxx to it, xx xxxxx xx xxxxxxxxxx as xxxxxxxxx xxxx xxx xxxxxxxxxx xxxxxxxxxxx xxx xxx xxxxxxxx xx xxx xxxxxxxxxxxxxx. X&xxxx;xxxxxxxxxxx xxxxx xxxxx xx xxxxx ‘xxxx xxxxxxxxxx’ xxxxx xxxxxx xx action xxxx xxxxxxxxxxxxx xxx xx xxxxxxx to xxxxx xxxx compliance. Xxx XXX xxxxx xxxxxx xxx relevant xxxxxxxxxxx xxxxxxxxxxx xx xxx xxxxxx of xxxx participant’s xxxxxxxxxx.

4x.&xxxx;&xxxx;&xxxx;Xx xxx xxxxxxxxxxx refuses xx xxxxx xxxxxxxxx xxxxxx xx xxx xxxxxxxxxxx of xxxxxxxxx xx xxxxx chosen XXXx endpoint security xxxxxxxxxxxx xx xxxx xxx provide the XXXXXX2 xxxx-xxxxxxxxxxxxx xxx xxxxxxxxxxx’x xxxxx of xxxxxxxxxx xxxxx xx xxxxxxxxxxx xx ‘xxxxx xxx-xxxxxxxxxx’.

4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxxxx xxxxxxxxxx xx xxxxxxxxxxxx on xx xxxxxx basis.

4e.   The XXX xxx xxxxxx xxx xxxxxxxxx xxxxxxxx xx xxxxxxx on xxxxxxxxxxxx xxxxx xxxxx xx xxxxxxxxxx xxx xxxxxxxx xx minor xx xxxxx non-compliance, in xxxxxxxxxx xxxxx xx xxxxxxxx:

(x)

xxxxxxxx monitoring: the xxxxxxxxxxx xxxxx provide xxx XXX with x&xxxx;xxxxxxx report, xxxxxx xx x&xxxx;xxxxxx xxxxxxxxx, xx their xxxxxxxx xx xxxxxxxxxx xxx xxx-xxxxxxxxxx. The xxxxxxxxxxx xxxxx additionally xxxxx x&xxxx;xxxxxxx xxxxxxx xxxxxx xxx each xxxxxxxx xxxxxxx xxxxx xx xxx xxxxxxx xxx xx set xxx xx xxxxxxxxx 1 xx Appendix XX xxxxxxxxx xxx xxxxxxxxxxx xxxx. Xxxx xxxxxxx xx xxxxxxx xxx xx imposed in xxx xxxxx xxx xxxxxxxxxxx xxxxxxxx x&xxxx;xxxxxx xxxxxxxxxxx xxxxxxxxxx xx xxxxx xxx-xxxxxxxxxx xx xx xxxxxxxxxx of xxxxx xxx-xxxxxxxxxx;

(xx)

xxxxxxxxxx: participation xx XXXXXX2-XXX xxx xx xxxxxxxxx xx xxx xxxxxxxxxxxxx xxxxxxxxx xx Xxxxxxx&xxxx;28(2)(x) and (x) xx this Xxxxx. By xxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;28 of this Xxxxx, xxx participant xxxxx xx xxxxx xxxxx xxxxxx’ xxxxxx xx xxxx suspension. Xxx xxxxxxxxxxx xxxxx xxxxx x&xxxx;xxxxxxx xxxxxxx xxxxxx xxx xxxx xxxxxxxxx xxxxxxx xx xxxxxx its monthly xxx xx xxx xxx in xxxxxxxxx 1 xx Appendix XX, excluding the xxxxxxxxxxx xxxx. Xxxx xxxxxxx of xxxxxxx xxx be xxxxxxx xx the xxxxx xxx xxxxxxxxxxx xxxxxxxx x&xxxx;xxxxxx xxxxxxxxxxx xxxxxxxxxx xx xxxxx xxx-xxxxxxxxxx;

(xxx)

xxxxxxxxxxx: xxxxxxxxxxxxx xx XXXXXX2-XXX xxx be xxxxxxxxxx xx the xxxxxxxxxxxxx xxxxxxxxx xx Article 28(2)(b) xxx (x) xx xxxx Xxxxx. Xx xxx of xxxxxxxxxx xxxx Article 28 xx xxxx Annex, xxx xxxxxxxxxxx xxxxx be xxxxx three months’ xxxxxx of such xxxxxxxxxxx. Xxx xxxxxxxxxxx xxxxx incur an xxxxxxxxxx xxxxxxx xxxxxx xx XXX 1000 xxx each xxxxxxxxxx xxxxxxx. Xxxx measure xx redress may xx xxxxxxx xx xxx xxxxxxxxxxx xxx xxx xxxxxxxxx the xxxxx non-compliance xx xxx satisfaction xx xxx XXX xxxxxxxxx xxxxx xxxxxx of xxxxxxxxxx.“;

6.

X&xxxx;xxxxxx&xxxx;33 xx odstavec 1 nahrazuje xxxxx:

„1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xx xxxxxx xx be aware xx, xxxxx xxxxxx xxxx, xxx xxxxx xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxxx authorities xxxx xxx obligations xx xxxx xxxxxxxx to xxxxxxxxxxx xx data xxxxxxxxxx. Xxxx shall xx xxxxxx xx xx xxxxx of, xxx xxxxx xxxxxx xxxx all xxxxxxxxxxx xx xxxx relating xx xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx xxxxxxxxxx xxx xxx xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx the development xx xxxxxxx xxxxxxx xxxxxxxx systems, in xxxxxxxxxx in terms xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx XX accounts. Xxxxxxxxxxxx xxxxx ensure that xxxx xxx informed xxxxx the TARGET2 xxxxxxx xxxxxxx xxxxxxxx’x xxxx retrieval xxxxxx xxxxx xx xxxxxxxx xxxx the xxxxxxxxxxx xxxxxxxxxxxx xxxx xxx XXXXXX2 xxxxxxx xxxxxxx xxxxxxxx.“;

7.

Xxxxxx xx xxxx xxxxxx&xxxx;39x, xxxxx xxx:

„Xxxxxxx&xxxx;39x

Xxxxxxxxxxxx xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxxx xxx TARGET xxxxxx xx xxxxxxxxxxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, PM xxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xx xxx xxxxxxx holder’s xxxxxxxxxxxxx successor xxxxxxxx xx xxx TARGET xxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx xxxx XX xxxxxxx xxxxxxx, xxxxxxxx Xxxxxxxxxxxx xxx xxxxxxxxxxx BIC xxxxxxx xxxxxxxx to the XXX Xxxx xxxxxx xx reachable xx xxx XXXX Xxxxxxxx xxxxxxxx xx Article 5 xxxxx xxxxx xx xx 25 February 2022.“;

8.

X&xxxx;xxxxxxx I se x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 nahrazuje xxxxxxx b) xxxxx:

„(x)

Xxxx-xx-xxxxxxxxxxx xxxx (X2X)

X2X xxxxxxx xxxxxx xxxxxxxxxxxxx xxxxxxx x&xxxx;xxxxxxxxxxx xxx xxx XXX. The xxxxxxxxxxx xx xxxxxxxxx xx x&xxxx;xxxxxxx running on x&xxxx;XX xxxxxx (SWIFT Xxxxxxxx XxxXxxxxxx or xxxxxxx xxxxxxxxx, xx xxx xx xxxxxxxx xx XXXXX). Xxx X2X access the XX xxxxxxxxxxxxxx has xx be xxxx xx xxxxxxx cookies. Xxxxxxx details are xxxxxxxxx xx xxx XXX Xxxx Xxxxxxxx.“;

9.

X&xxxx;xxxxxxx XX xx x&xxxx;xxxxxxxx 6 xxxxxxxxx písmeno x) xxxxx:

„(x)

xxx xxxxxxxxxxx xxxxxxxxxx xx payment xxxxxx, participants xxxxx xxxxxxx xxxxxxxx assets xx xxxxxxxxxx. Xxxxxx xxxxxxxxxxx processing, incoming xxxxxxxxxxx xxxxxxxx xxx xx xxxx xx xxxx xxxxxxxx xxxxxxxxxxx xxxxxxxx. Xxx the xxxxxxxx xx xxxxxxxxxxx xxxxxxxxxx, xxxxxxxxxxxx’ available xxxxxxxxx may xxx xx xxxxx xxxx xxxxxxx xx xxx XXX.“;

10.

Xxxxxxxx xx xxxx xxxxxxx VII, který xxx:

„Xxxxxxxx VII

Requirements regarding xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx continuity xxxxxxxxxx

Xxxxxxxxxxx xxxxxxxx xxxxxxxxxx

Xxxxx xxxxxxxxxxxx xxx xxxxxxxxxx xx each xxxxxxxxxxx, xxxxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx a specific xxxxxxxxxxx xx xxx xxxxxxxxxx xx it. Xx xxxxxxxxxxxx xxx xxxxx of application xx xxx xxxxxxxxxxxx xxxxxx xxx xxxxxxxxxxxxxx, xxx xxxxxxxxxxx xxxxxx xxxxxxxx the xxxxxxxx xxxx are xxxx xx xxx Payment Xxxxxxxxxxx Xxxxx (PTC). Xxxxxxxxxxxx, the XXX xxxxxx at x&xxxx;Xxxxx xx Xxxxx (PoE), x.x. x&xxxx;xxxxxx xxxxxxxx xx xxx xxxxxxxx xx xxxxxxxxxxxx (x.x. xxxxxxxxxxxx, xxxxx-xxxxxx xxx xxxx-xxxxxx applications, xxxxxxxxxx), xxx xxxx xx xxx xxxxxx xxxxxxxxxxx xx xxxx the xxxxxxx xx SWIFT (x.x. XXXXX VPN Xxx) or Xxxxxxxx (xxxx xxx xxxxxx xxxxxxxxxx to Internet-based Xxxxxx).

Xxxxxxxxxxx 1.1: Xxxxxxxxxxx xxxxxxxx xxxxxx

Xxx management xxxxx set a clear xxxxxx xxxxxxxxx in xxxx xxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxx xxxxxxx xxx and xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxx the xxxxxxxx, approval and xxxxxxxxxxx of an xxxxxxxxxxx xxxxxxxx xxxxxx xxxxxx xx managing xxxxxxxxxxx xxxxxxxx xxx xxxxx resilience across xxx xxxxxxxxxxxx xx xxxxx of identification, xxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxx xxxxx xxxxxxxxxx xxxxx. Xxx policy xxxxxx contain xx xxxxx the xxxxxxxxx xxxxxxxx: objectives, xxxxx (xxxxxxxxx xxxxxxx xxxx xx xxxxxxxxxxxx, human xxxxxxxxx, xxxxx management xxx.), xxxxxxxxxx xxx xxxxxxxxxx xx xxxxxxxxxxxxxxxx.

Xxxxxxxxxxx 1.2: Internal xxxxxxxxxxxx

Xx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xxxxx xx established xx xxxxxxxxx xxx xxxxxxxxxxx security xxxxxx xxxxxx the organisation. Xxx xxxxxxxxxx xxxxx xxxxxxxxxx xxx review xxx xxxxxxxxxxxxx of xxx information xxxxxxxx xxxxxxxxx xx xxxxxx xxx xxxxxxxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxx xxxxxx (xx xxx Xxxxxxxxxxx 1.1) xxxxxx xxx xxxxxxxxxxxx, including xxx xxxxxxxxxx xx xxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxx xx security xxxxxxxxxxxxxxxx for xxxx xxxxxxx.

Xxxxxxxxxxx 1.3: External xxxxxxx

Xxx xxxxxxxx of xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxx information processing xxxxxxxxxx xxxxxx xxx xx reduced by xxx xxxxxxxxxxxx xx, xxx/xx xxx dependence xx, an xxxxxxxx xxxxx/xxxxxxx xx xxxxxxxx/xxxxxxxx xxxxxxxx xx them. Xxx access xx xxx xxxxxxxxxxxx’x information xxxxxxxxxx xxxxxxxxxx xx xxxxxxxx xxxxxxx xxxxx xx controlled. Xxxx xxxxxxxx xxxxxxx xx xxxxxxxx/xxxxxxxx xx xxxxxxxx xxxxxxx xxx xxxxxxxx xx access xxx xxxxxxxxxxxx’x information xxxxxxxxxx xxxxxxxxxx, a risk assessment xxxxx be xxxxxxx xxx xx xxxxxxxxx xxx xxxxxxxx implications xxx xxxxxxx xxxxxxxxxxxx. Xxxxxxxx xxxxx xx xxxxxx xxx xxxxxxx xx xx xxxxxxxxx xxxx xxxx xxxxxxxx xxxxxxxx xxxxx.

Xxxxxxxxxxx 1.4: Xxxxx xxxxxxxxxx

Xxx information xxxxxx, xxx business xxxxxxxxx and the xxxxxxxxxx information xxxxxxx, xxxx as xxxxxxxxx xxxxxxx, infrastructures, business xxxxxxxxxxxx, xxx-xxx-xxxxx products, xxxxxxxx xxx xxxx-xxxxxxxxx xxxxxxxxxxxx, in xxx xxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxxx xx xxxxxxxxx xxx and xxxx x&xxxx;xxxxxxxxx xxxxx. The xxxxxxxxxxxxxx xxx xxx xxxxxxxxxxx and xxx xxxxxxxxx xx appropriate xxxxxxxx xx xxx xxxxxxxx processes and xxx xxxxxxx XX xxxxxxxxxx to xxxxxxxxx xxx xxxxxxxxxxx xxxxxx xxxxx xx xxxxxxxx. Xxxx: xxx owner xxx xxxxxxxx xxx xxxxxxxxxxxxxx of xxxxxxxx xxxxxxxx xx xxxxxxxxxxx, xxx remains accountable xxx xxx proper xxxxxxxxxx of xxx xxxxxx.

Xxxxxxxxxxx 1.5: Information xxxxxx xxxxxxxxxxxxxx

Xxxxxxxxxxx xxxxxx xxxxx be xxxxxxxxxx xx xxxxx of xxxxx criticality xx xxx smooth delivery xx xxx xxxxxxx xx the participant. Xxx xxxxxxxxxxxxxx xxxxx xxxxxxxx the xxxx, xxxxxxxxxx xxx xxxxxx xx xxxxxxxxxx xxxxxxxx xxxx xxxxxxxx xxx xxxxxxxxxxx xxxxx xx xxx xxxxxxxx xxxxxxxx xxxxxxxxx xxx xxxxx xxxx xxxx xxxx xxxxxxxxxxxxx xxx xxxxxxxxxx XX components. Xx xxxxxxxxxxx asset xxxxxxxxxxxxxx xxxxxx xxxxxxxx by xxx xxxxxxxxxx xxxxx xx xxxx xx xxxxxx xx xxxxxxxxxxx xxx of protection xxxxxxxx xxxxxxxxxx the xxxxxxxxxxx asset xxxxxxxxx (xxxxxxxxx xxxxxxx xxx xxxxxxxxxxx xx xxxxxxxxxxx xxxxxx) xxx xx xxxxxxxxxxx xxx xxxx xxx specific handling xxxxxxxx.

Xxxxxxxxxxx 1.6: Xxxxx xxxxxxxxx security

Security responsibilities xxxxx xx xxxxxxxxx xxxxx xx xxxxxxxxxx xx xxxxxxxx xxx xxxxxxxxxxxx xxx xx xxxxx and conditions xx employment. Xxx xxxxxxxxxx xxx xxxxxxxxxx, xxxxxxxxxxx xxx xxxxx xxxxx users xxxxx xx xxxxxxxxxx xxxxxxxx, xxxxxxxxxx for xxxxxxxxx xxxx. Employees, contractors xxx third xxxxx xxxxx xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xxxx xx agreement xx their xxxxxxxx xxxxx and xxxxxxxxxxxxxxxx. Xx adequate xxxxx xx xxxxxxxxx shall xx xxxxxxx among xxx xxxxxxxxx, contractors xxx xxxxx xxxxx xxxxx, xxx education xxx xxxxxxxx in xxxxxxxx procedures xxx xxx xxxxxxx use xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xx xxxxxxxx to xxxx xx xxxxxxxx possible xxxxxxxx xxxxx. X&xxxx;xxxxxx xxxxxxxxxxxx xxxxxxx xxx xxxxxxxx xxxxxxxx xxxxxxxx xxxxx xx established xxx xxxxxxxxx. Responsibilities xxxxx be xx xxxxx xx ensure xxxx xx xxxxxxxx’x, xxxxxxxxxx’x xx xxxxx xxxxx user’s xxxx xxxx xx transfer xxxxxx the organisation xx xxxxxxx, xxx xxxx xxx return xx all xxxxxxxxx xxx the xxxxxxx xx xxx xxxxxx xxxxxx xxx xxxxxxxxx.

Xxxxxxxxxxx 1.7: Physical and xxxxxxxxxxxxx security

Critical or xxxxxxxxx information processing xxxxxxxxxx xxxxx be xxxxxx in xxxxxx xxxxx, xxxxxxxxx by xxxxxxx xxxxxxxx xxxxxxxxxx, xxxx xxxxxxxxxxx xxxxxxxx xxxxxxxx and entry xxxxxxxx. Xxxx xxxxx xx physically protected xxxx unauthorised xxxxxx, xxxxxx and xxxxxxxxxxxx. Xxxxxx shall xx xxxxxxx only xx xxxxxxxxxxx xxx fall xxxxxx xxx xxxxx xx Requirement 1.6. Xxxxxxxxxx and xxxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx xxxxxxxx xxxxx xxxxxxxxxx xxxxxxxxxxx xxxxxx when xx xxxxxxx.

Xxxxxxxxx xxxxx be xxxxxxxxx from physical xxx xxxxxxxxxxxxx threats. Xxxxxxxxxx of xxxxxxxxx (xxxxxxxxx xxxxxxxxx xxxx xxx-xxxx) and xxxxxxx xxx removal xx xxxxxxxx xx necessary xx xxxxxx the xxxx xx unauthorised xxxxxx xx xxxxxxxxxxx xxx xx xxxxx xxxxxxx xxxx or xxxxxx xx xxxxxxxxx xx information. Xxxxxxx xxxxxxxx may be xxxxxxxx xx protect xxxxxxx xxxxxxxx xxxxxxx xxx xx xxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxx xx the electrical xxxxxx xxx xxxxxxx xxxxxxxxxxxxxx.

Xxxxxxxxxxx 1.8: Operations xxxxxxxxxx

Xxxxxxxxxxxxxxxx xxx procedures xxxxx xx established xxx the xxxxxxxxxx xxx xxxxxxxxx of xxxxxxxxxxx processing xxxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxx xxxxxxx in xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxx-xx-xxx.

Xx regards xxxxxxxxx procedures, xxxxxxxxx xxxxxxxxx administration of XX xxxxxxx, xxxxxxxxxxx xx duties xxxxx xx xxxxxxxxxxx, xxxxx xxxxxxxxxxx, xx xxxxxx xxx risk of xxxxxxxxx xx xxxxxxxxxx xxxxxx xxxxxx. Xxxxx xxxxxxxxxxx xx xxxxxx xxxxxx xx xxxxxxxxxxx xxx to documented xxxxxxxxx reasons, xxxxxxxxxxxx xxxxxxxx xxxxx be xxxxxxxxxxx xxxxxxxxx x&xxxx;xxxxxx xxxx xxxxxxxx. Xxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx and xxxxxx xxx xxxxxxxxxxxx xx xxxxxxxxx xxxx xxx xxxxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx shall xx xxxx xxxxxxxxxxx (xxxxxxxxx xxxx xxxxxxxxx) xx xxxxxxx, detect xxx remove xxxxxxxxx xxxx. Xxxxxx xxxx xxxxx xx xxxx xxxx xxxx xxxxxxx xxxxxxx (x.x. signed Xxxxxxxxx COM xxxxxxxxxx xxx Xxxx Xxxxxxx). Xxx xxxxxxxxxxxxx xx xxx xxxxxxx (x.x. xxx use of xxxxxxxxxx and plugins) xxxxx xx xxxxxxxx xxxxxxxxxx.

Xxxx backup xxx xxxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xx xxx xxxxxxxxxx; those xxxxxxxx policies xxxxx xxxxxxx x&xxxx;xxxx xx xxx xxxxxxxxxxx xxxxxxx xxxxx xx xxxxxx xx regular intervals xx xxxxx xxxxxxxx.

Xxxxxxx xxxx xxx xxxxxxxx xxx the xxxxxxxx xx xxxxxxxx xxxxx xx xxxxxxxxx xxx xxxxxx xxxxxxxx to xxxxxxxxxxx security xxxxx xx recorded. Xxxxxxxx xxxx xxxxx be xxxx to xxxxxx xxxx xxxxxxxxxxx xxxxxx xxxxxxxx are identified. Xxxxxxxx xxxx xxxxx xx xxxxxxxxx xxxxxxxx xx x&xxxx;xxxxxx xxxxx, xxxxx xx xxx xxxxxxxxxxx of xxx xxxxxxxxxx. Xxxxxx xxxxxxxxxx xxxxx xx xxxx xx check xxx xxxxxxxxxxxxx of controls xxxxx xxx xxxxxxxxxx xx critical xxx xxx security xx xxxxxxxx xxx xx xxxxxx xxxxxxxxxx to xx xxxxxx xxxxxx xxxxx.

Xxxxxxxxx xx xxxxxxxxxxx xxxxxxx organisations xxxxx xx xxxxx on x&xxxx;xxxxxx xxxxxxxx policy, xxxxxxx xxx xx xxxx xxxx xxxxxxxx xxxxxxxxxx xxxxx the xxxxxxxx xxxxxxx and xxxxx xx xxxxxxxxx xxxx any xxxxxxxx xxxxxxxxxxx. Xxxxx party xxxxxxxx components employed xx the exchange xx xxxxxxxxxxx with XXXXXX2 (xxxx xxxxxxxx xxxxxxxx from x&xxxx;Xxxxxxx Xxxxxx in xxxxxxxx 2 xx the xxxxx xxxxxxx of xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx) xxxx xx xxxx xxxxx x&xxxx;xxxxxx xxxxxxxxx with xxx xxxxx party.

Requirement 1.9: Xxxxxx xxxxxxx

Xxxxxx xx information assets xxxxx be justified xx xxx xxxxx xx xxxxxxxx requirements (xxxx-xx-xxxx&xxxx;(1)) xxx xxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxxx xx xxxxxxxxx xxxxxxxx (xxxxxxxxx the xxxxxxxxxxx xxxxxxxx xxxxxx). Xxxxx xxxxxx xxxxxxx xxxxx xxxxx be xxxxxxx xxxxx on xxx xxxxxxxxx xx xxxxx privilege (2) xx xxxxxxx xxxxxxx the xxxxx of xxx xxxxxxxxxxxxx xxxxxxxx and XX xxxxxxxxx. Xxxxx xxxxxxxx (x.x. for xxxxxx xxxxxxxxxx) xxxxxxx xxxxxx xxxxxxx xxxxxx xx xxxxxxxxxx with xxxxxxxx xxxxxx xxxxxxx xxxxxx there are xxxxxxxx xxxxxxxxxxxx controls xx place (e.g. xxxxxxxxxx, xxxxxxxx data xxxxxxxxxxxxx).

Xxxxxx xxx xxxxxxxxxx xxxxxxxxxx xxxxx xx xx xxxxx to xxxxxxx xxx xxxxxxxxxx xx xxxxxx rights xx xxxxxxxxxxx systems xxx xxxxxxxx that xxxx xxxxxx xxx xxxxx of xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxx procedures shall xxxxx xxx xxxxxx xx the xxxxxxxxx xx xxxx xxxxxx, xxxx xxx initial xxxxxxxxxxxx xx new xxxxx xx xxx xxxxx xxxxxxxxxxxxxx xx xxxxx xxxx xx xxxxxx xxxxxxx xxxxxx.

Xxxxxxx xxxxxxxxx shall xx xxxxx, where appropriate, xx xxx xxxxxxxxxx xx xxxxxx xxxxxx xx xxxx xxxxxxxxxxx xxxx xxx xxxxx xx those xxxxxx xxxxxx xxxxx xxxx xx a severe adverse xxxxxx xx the xxxxxxxxxx xx the xxxxxxxxxxx (x.x. access xxxxxx xxxxxxxx system xxxxxxxxxxxxxx, xxxxxxxx xx xxxxxx controls, xxxxxx xxxxxx to xxxxxxxx xxxx).

Xxxxxxxxxxx controls xxxxx xx xxx in xxxxx to xxxxxxxx, xxxxxxxxxxxx xxx authorise xxxxx xx specific xxxxxx xx xxx xxxxxxxxxxxx’x network, x.x. xxx xxxxx xxx xxxxxx access xx xxxxxxx in xxx Xxxxxxx Transaction Xxxxx. Xxxxxxxx xxxxxxxx xxxxx xxx xx xxxxxx xx order xx xxxxxx xxxxxxxxxxxxxx.

Xxx xxxxxxxxx, xxxxx xxxxx xx xxxxxxxxxxx xxx xxxxxxxx xx xxxxxxxx controls xx xxxxxx xxxx xxxxxxxxx xxxxxx xx xxxxxx xxxxxxx, x.x. xxxxxxxxxx xxxxx xxx xxxxxxx-xxxx xxxxxxxx. A safe xxxxxxxx recovery and/or xxxxx protocol xxxxx xx xxxxxxxxxxx.

X&xxxx;xxxxxx xxxxx xx xxxxxxxxx and xxxxxxxxxxx on xxx xxx of cryptographic xxxxxxxx xx protect xxx confidentiality, xxxxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx. X&xxxx;xxx xxxxxxxxxx xxxxxx shall xx xxxxxxxxxxx xx support xxx xxx of xxxxxxxxxxxxx xxxxxxxx.

Xxxxx xxxxx xx xxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx xx xxxxxx xx xx xxxxx (x.x. x&xxxx;xxxxx xxxxxx, a clear xxxx policy) xx xxxxxx xxx xxxx xx xxxxxxxxxxxx xxxxxx.

Xxxx xxxxxxx remotely, xxx xxxxx xx xxxxxxx xx xx unprotected xxxxxxxxxxx shall be xxxxxxxxxx xxx xxxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxxxxxx xxxxxxxx shall xx xxxxxxx.

Xxxxxxxxxxx 1.10: Information xxxxxxx xxxxxxxxxxx, development xxx xxxxxxxxxxx

Xxxxxxxx xxxxxxxxxxxx xxxxx xx xxxxxxxxxx xxx xxxxxx xxxxx xx xxx development xxx/xx xxxxxxxxxxxxxx xx xxxxxxxxxxx xxxxxxx.

Xxxxxxxxxxx xxxxxxxx xxxxx xx built xxxx applications, xxxxxxxxx xxxx-xxxxxxxxx xxxxxxxxxxxx, to xxxxxx xxxxxxx xxxxxxxxxx. Xxxxx xxxxxxxx shall xxxxxxx xxx xxxxxxxxxx xx xxxxx xxxx, xxxxxxxx xxxxxxxxxx xxx xxxxxx xxxx. Additional xxxxxxxx may xx xxxxxxxx for xxxxxxx xxxx xxxxxxx, xx xxxx xx xxxxxx xx, sensitive, valuable xx xxxxxxxx information. Xxxx controls xxxxx xx xxxxxxxxxx xx xxx basis xx xxxxxxxx xxxxxxxxxxxx xxx xxxx xxxxxxxxxx xxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxx (e.g. xxxxxxxxxxx xxxxxxxx xxxxxx, cryptographic xxxxxxx policy).

The operational xxxxxxxxxxxx xx xxx xxxxxxx shall be xxxxxxxxxxx, xxxxxxxxxx and xxxxxx prior to xxxxx acceptance and xxx. Xx regards xxxxxxx xxxxxxxx, xxxxxxxxxxx xxxxxxxx, including xxxxxxxxxxxx xxx secure management, xxxxxx xx xxxxxxxxxxx xxxxx xx xxx xxxxxxxxxxx of data xxxxx xxx xxx xxxxx xx risk xx xxx xxxxxxx xxxxx xx xxx xxxxxxxxxxxx. Xxxxx xxxxx xx specific xxxxxxxx xx protect xxxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxxxxx networks.

Access xx xxxxxx xxxxx xxx xxxxxxx source code xxxxx xx xxxxxxxxxx xxx IT xxxxxxxx xxx support xxxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxx xxxxxx. Xxxx xxxxx xx taken to xxxxx xxxxxxxx xx xxxxxxxxx data xx xxxx xxxxxxxxxxxx. Xxxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxx xx xxxxxxxx xxxxxxxxxx. Deployment xx xxxxxxx xx xxxxxxxxxx xxxxx be xxxxxxxx xxxxxxxxxx. A risk xxxxxxxxxx xx xxx major xxxxxxx xx xx xxxxxxxx xx production xxxxx be xxxxxxxxx.

Xxxxxxx xxxxxxxx testing activities xx xxxxxxx in xxxxxxxxxx shall also xx xxxxxxxxx xxxxxxxxx xx a predefined plan xxxxx on xxx xxxxxxx of a risk xxxxxxxxxx, xxx xxxxxxxx xxxxxxx xxxxx xxxxxxx, xx xxxxx, xxxxxxxxxxxxx xxxxxxxxxxx. Xxx xx xxx xxxxxxxxxxxx xxxxxxxxxxx xxxxxx xxx xxxxxxxx xxxxxxx activities xxxxx xx xxxxxxxx xxx xxxxxx xxxxx xx xxxxx xxx identified xxx shall xx xxxxxxxx and xxxxxxxx xx in a timely xxxxxxx.

Xxxxxxxxxxx 1.11: Xxxxxxxxxxx xxxxxxxx in supplier (3) xxxxxxxxxxxxx

Xx ensure xxxxxxxxxx xx xxx xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx systems xxxx xxx xxxxxxxxxx xx xxxxxxxxx, information xxxxxxxx xxxxxxxxxxxx for xxxxxxxxxx the xxxxx xxxxxxxxxx xxxx xxxxxxxx’x xxxxxx shall xx xxxxxxxxxx and xxxxxxxx xxxxxx upon xxxx xxx xxxxxxxx.

Xxxxxxxxxxx 1.12: Xxxxxxxxxx of information xxxxxxxx xxxxxxxxx xxx xxxxxxxxxxxx

Xx xxxxxx a consistent xxx xxxxxxxxx approach xx the management xx information security xxxxxxxxx, including communication xx xxxxxxxx xxxxxx xxx xxxxxxxxxx, xxxxx, xxxxxxxxxxxxxxxx xxx xxxxxxxxxx, xx xxxxxxxx xxx xxxxxxxxx xxxxx, xxxxx xx xxxxxxxxxxx xxx xxxxxx to xxxxxx x&xxxx;xxxxx, effective xxx xxxxxxx xxx xxxxxx xxxxxxx xxxx information xxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxxxx related xx x&xxxx;xxxxx-xxxxxxx xxxxx (e.g. x&xxxx;xxxxx xxxxxxx xx xx xxxxxxxx attacker xx by xx xxxxxxx). Xxxxxxxxx xxxxxxxx xx xxxxx xxxxxxxxxx xxxxx xx xxxxxxxxxx xxxxxxx.

Xxxxxxxxxxx 1.13: Technical xxxxxxxxxx xxxxxx

X&xxxx;xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx xxxxxxx (e.g. xxxx office systems, xxxxxxxx xxxxxxxx xxx xxxxxxxx network connectivity) xxxxx be xxxxxxxxx xxxxxxxx for xxxxxxxxxx xxxx xxx organisation’s xxxxxxxxxxx framework of xxxxxxxx (e.g. information xxxxxxxx xxxxxx, xxxxxxxxxxxxx xxxxxxx xxxxxx).

Xxxxxxxxxxx 1.14: Xxxxxxxxxxxxxx

Xxxxx xxxxxxx xxxxxxxx xxxxx comply xxxx xxx xxx security xxxxxxxx that are xxx xxx physical xxxxxxxx xxx systems (x.x. xxxxxxxxx, logging). Xxxxxxxx xxxxxxxx to xxxxxxxxxxx must xxxxxxx: xxxxxxxxx of xxx xxxxxxxxxx and the xxxxxxx xxxxxxxxx system, xxxxxxx patching, xxxxxx xxxxxxxxxx of different xxxxxxxxxxxx (x.x. xxxxxxxxxx xxx xxxxxxxxxxx). Xxxxxxxxxxx xxxxxxxxxx, logging xxx xxxxxxxxxx as xxxx xx xxxxxxxx xx xxxxxx rights, xx xxxxxxxxxx xxx high xxxxxxxxxx accounts, xxxxx xx implemented xxxxx xx a risk xxxxxxxxxx. Xxxxx xxxxxxx xxxxxxxx xxxxxxx xx xxx xxxx xxxxxxxxxx shall xxxx a similar xxxx xxxxxxx.

Xxxxxxxxxxx 1.15: Xxxxx xxxxxxxxx

Xxx xxxxx xx xxxxxx and/or xxxxxx xxxxx xxxxxxxxx xx xxx Payment Xxxxxxxxxxx Xxxxx must be xxxxx xx x&xxxx;xxxxxx xxxx xxxxxxxxxx, xxxxxx xxxx xxxxxxx xxx xxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxxx xxxxxxx xxxxxxx xx xxx xxxxx solution.

If xxxxxx xxxxx xxxxxxxxx are xxxx, it xx xxxxxxxxxx xxxx xxx xxxxxxxxxxx xxxxx xx xxx xxxxxxx system xx xxx highest xxx of xxx xxxxxxxxx xxxxxxx. Xxx xx-xxxxxxxx components xx xxx xxxxxx xxxxxxxxx xxxx xx xxxxxxxxxx xxxx xxx other xx-xxxxxxxx xxxxxxx.

Xxxxxxxx continuity xxxxxxxxxx (xxxxxxxxxx xxxx xx xxxxxxxx xxxxxxxxxxxx)

Xxx xxxxxxxxx requirements (2.1 xx 2.6) xxxxxx xx business continuity xxxxxxxxxx. Xxxx XXXXXX2 xxxxxxxxxxx xxxxxxxxxx xx xxx Xxxxxxxxxx xx xxxxx xxxxxxxx for xxx xxxxxx xxxxxxxxxxx xx xxx XXXXXX2 xxxxxx xxxxx have x&xxxx;xxxxxxxx xxxxxxxxxx strategy xx xxxxx xxxxxxxxxx xxx following elements.

Requirement 2.1

:

Xxxxxxxx xxxxxxxxxx xxxxx xxxxx be xxxxxxxxx xxx xxxxxxxxxx for xxxxxxxxxxx xxxx xxx xx xxxxx.

Xxxxxxxxxxx 2.2

:

Xx xxxxxxxxx operational xxxx xxxxx xx xxxxxxxxx.

Xxxxxxxxxxx 2.3

:

Xxx xxxx xxxxxxx xx xxx xxxxxxxxx xxxx xxxxx xx xxxxxxxxx from that xx the primary xxxx, xx order xx avoid xxxx xxxx xxxxx xxx xxxxxxxx xx xxx xxxx xxxxx at xxx same xxxx. Xxx xxxxxxx, xxx xxxxxxxxx xxxx xxxxx xx xx x&xxxx;xxxxxxxxx xxxxx xxxx xxx xxxxxxx xxxxxxxxxxxxxxxxx xxxxxxx xxxx xxxxx xx xxx xxxxxxx xxxxxxxx xxxxxxxx.

Xxxxxxxxxxx 2.4

:

Xx the xxxxx of a major xxxxxxxxxxx disruption xxxxxxxxx xxx xxxxxxx site xxxxxxxxxxxx xxx/xx critical xxxxx xxxxxxxxxxx, xxx xxxxxxxx xxxxxxxxxxx xxxxx xx xxxx xx xxxxxx xxxxxx xxxxxxxxxx xxxx xxx alternate xxxx, xxxxx xx xxxxx xx xxxxxxxx xx xxxxxxxx xxxxx xxx xxxxxxxx xxx xxx open xxx xxxxxxxxx business day(s).

Requirement 2.5

:

Xxxxxxxxxx xxxxx xx xx place to xxxxxx that xxx xxxxxxxxxx xx xxxxxxxxxxxx xx xxxxxxx from xxx xxxxxxxxx site xxxxxx a reasonable xxxxxxxxx xxxxx the xxxxxxx xxxxxxxxxx of xxxxxxx xxx xxxxxxxxxxxx xx xxx criticality of xxx xxxxxxxx xxxx xxx xxxxxxxxx.

Xxxxxxxxxxx 2.6

:

Xxx xxxxxxx to xxxx xxxx xxxxxxxxxxx disruptions xxxxx xx xxxxxx xx xxxxx xxxx x&xxxx;xxxx xxx xxxxxxxx xxxxx xxxxx be xxxxxxxxxxxxx trained. Xxx xxxxxxx xxxxxx xxxxxxx xxxxx xxxxx not xxxxxx xxx xxxx.

“.

(1)&xxxx;&xxxx;Xxx xxxx-xx-xxxx principle xxxxxx xx xxx xxxxxxxxxxxxxx xx xxx xxx xx xxxxxxxxxxx xxxx xx xxxxxxxxxx needs xxxxxx xx in xxxxx to carry xxx her/his xxxxxx.

(2)&xxxx;&xxxx;Xxx xxxxxxxxx xx least xxxxxxxxx refers xx xxxxxxxxx x&xxxx;xxxxxxx’x xxxxxx xxxxxxx xx xx XX xxxxxx xx xxxxx xx match xxx xxxxxxxxxxxxx xxxxxxxx xxxx.

(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx in xxx xxxxxxx of this xxxxxxxx xxxxxx xx xxxxxxxxxx xx any xxxxx xxxxx (xxx xxx xxxxxxxxx) xxxxx xx under contract (xxxxxxxxx), xxxx xxx xxxxxxxxxxx, to provide x&xxxx;xxxxxxx xxx xxxxx xxx xxxxxxx xxxxxxxxx xxx third xxxxx (xxx xxx xxxxxxxxx) xx xxxxxxx xxxxxx, xxxxxx remotely xx xx-xxxx, xx information xxx/xx xxxxxxxxxxx xxxxxxx xxx/xx information xxxxxxxxxx xxxxxxxxxx of the xxxxxxxxxxx xx xxxxx xx associated xx xxx xxxxx xxxxxxx xxxxx xxx xxxxxxxx xx xxx TARGET2 xxxx-xxxxxxxxxxxxx.


XXXXXXX II

Příloha II xxxxxxxxxx ECB/2007/7 xx xxxx xxxxx:

1.

Xxxxxx&xxxx;1 xx xxxx takto:

a)

definice xxxxx „xxxxxxx payment xxxxx“ xx nahrazuje xxxxx:

„—

“xxxxxxx xxxxxxx order” xxxxx, xx xxxx with xxx Xxxxxxxx Xxxxxxxx Xxxxxxx'x XXXX Xxxxxxx Xxxxxx Transfer (SCT Xxxx) scheme, a payment xxxxxxxxxxx which can xx executed 24 xxxxx a day xxx xxxxxxxx xxx xx xxx xxxx, xxxx xxxxxxxxx xx xxxxx xx xxxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxxx xx xxx xxxxx xxx xxxxxxxx (x) xxx XXXX XXX to XXXX DCA instant xxxxxxx xxxxxx, (xx) XXXX XXX to XXXX XX xxxxxxxxx xxxxxxx instant payment xxxxxx, (xxx) TIPS XX xxxxxxxxx xxxxxxx xx XXXX DCA xxxxxxx xxxxxxx orders xxx (iv) XXXX XX xxxxxxxxx xxxxxxx xx XXXX XX xxxxxxxxx xxxxxxx instant xxxxxxx orders,“;

b)

vkládají xx xxxx xxxxxxxx, xxxxx xxxxx:

„—

“XXXX xxxxxxxxx xxxxxx xxxxxxxxx account (XXXX XX xxxxxxxxx xxxxxxx)” xxxxx xx xxxxxxx xxxx xx xx xxxxxxxxx system xx x&xxxx;XX xx xx xxxxxxxxx system's behalf xx the XX’x XXXXXX2 xxxxxxxxx system xxx xxx xx xxx xxxxxxxxx system xxx xxx xxxxxxx xx xxxxxxxx xxxxxxx xxxxxxxx xx its xxx xxxxx,

“XXXX XXX xx TIPS XX xxxxxxxxx xxxxxxx liquidity xxxxxxxx xxxxx” xxxxx xxx xxxxxxxxxxx to xxxxxxxx a specified xxxxxx xx xxxxx from x&xxxx;XXXX DCA xx x&xxxx;XXXX XX xxxxxxxxx xxxxxxx xx fund xxx XXXX DCA xxxxxx’x xxxxxxxx (or xxx position of xxxxxxx participant xx xxx ancillary xxxxxx) xx xxx xxxxx xx xxx ancillary xxxxxx,

“XXXX XX technical xxxxxxx xx XXXX XXX xxxxxxxxx transfer xxxxx” xxxxx the xxxxxxxxxxx to xxxxxxxx x&xxxx;xxxxxxxxx xxxxxx of xxxxx from a TIPS XX xxxxxxxxx xxxxxxx xx x&xxxx;XXXX DCA xx xxxxxx the XXXX DCA xxxxxx’x xxxxxxxx (xx xxx xxxxxxxx xx another xxxxxxxxxxx of xxx xxxxxxxxx xxxxxx) in xxx xxxxx xx xxx xxxxxxxxx xxxxxx,

“Xxxxxxx Xxxxxxx Provider (XXX)” xxxxx xx xxxxxxxxxxx xxxx has xxxx xxxxxxx x&xxxx;xxxxxxxxxx with xxx Xxxxxxxxxx xx xxxxxxx connectivity xxxxxxxx xxx the Xxxxxxxxxx Xxxxxx Market Infrastructure Xxxxxxx.“;

x)

xxxxxxxx xxxxx „T2S xxxxxxx xxxxxxx xxxxxxxx“ xx zrušuje;

2.

V čl. 4 xxxx.&xxxx;2 xx xxxxxxx xx) xxxxxxxxx xxxxx:

„(xx)

XXXX XXX xx PM xxxxxxxxx xxxxxxxx xxxxxx and XX xx TIPS XXX liquidity transfer xxxxxx;“;

3.

X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 xx xxxxxx xxxx písmeno xx), které zní:

„(fd)

TIPS XXX xx XXXX XX xxxxxxxxx account xxxxxxxxx xxxxxxxx xxxxxx xxx XXXX XX xxxxxxxxx xxxxxxx xx XXXX DCA xxxxxxxxx xxxxxxxx xxxxxx; xxx“;

4.

X&xxxx;xxxxxx&xxxx;4 xx odstavec 3 xxxxxxxxx xxxxx:

„3.&xxxx;&xxxx;&xxxx;XXXXXX2 xxxxxxxx xxxx-xxxx gross settlement xxx payments xx xxxx, xxxx xxxxxxxxxx xx xxxxxxx xxxx xxxxx across PM xxxxxxxx, X2X DCAs xxx XXXX DCAs. XXXXXX2 xx established xxx xxxxxxxxx on xxx xxxxx xx xxx SSP xxxxxxx xxxxx payment xxxxxx xxx submitted xxx xxxxxxxxx xxx through xxxxx payments xxx xxxxxxxxxx xxxxxxxx in xxx same technical xxxxxx. As xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx X2X DCAs xx xxxxxxxxx, TARGET2 xx xxxxxxxxxxx xxxxxxxxxxx and xxxxxxxxx xx xxx xxxxx of xxx X2X Xxxxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx TIPS XXXx xxx XXXX AS xxxxxxxxx xxxxxxxx xx xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx on xxx xxxxx xx xxx XXXX Xxxxxxxx. Xxx XXX is xxx xxxxxxxx xx xxxxxxxx xxxxx these Xxxxxxxxxx. Xxxx xxx omissions xx xxx XXX-xxxxxxxxx XXXx xxx the 4XXx xxxxx xx xxxxxxxxxx xxxx and xxxxxxxxx xx xxx XXX, xxx xxxxx xx shall xxxxxx xxxxxxxxx xx accordance xxxx Xxxxxxx&xxxx;21 xx xxxx Annex. Xxxxxxxxxxxxx xxxxxxxx xx xxxxx Xxxxxxxxxx xxxxx xxx xxxxxx x&xxxx;xxxxxxxxxxx relationship xxxxxxx T2S XXX xxxxxxx xxx xxx XXX-xxxxxxxxx XXXx xx xxx 4XXx xxxx xxx xx xxx xxxxxx acts in xxxx xxxxxxxx. Instructions, xxxxxxxx xx information xxxxx x&xxxx;X2X XXX xxxxxx receives xxxx, xx sends xx, xxx XXX xx X2X Xxxxxxxx xx xxxxxxxx xx xxx xxxxxxxx xxxxxxxx xxxxx xxxxx Conditions xxx xxxxxx to xx xxxxxxxx xxxx, or xxxx xx, xxx XXX.“;

5.

X&xxxx;xxxxxx&xxxx;8 xx odstavec 3 nahrazuje tímto:

„3.   Where xxx XXX xxx xxxxxxx a request xx x&xxxx;X2X XXX xxxxxx xxxxxxxx to xxxxxxxxx 1, xxxx X2X XXX xxxxxx is xxxxxx xx xxxx xxxxx xxx participating XXX(x) a mandate xx xxxxx xxx X2X XXX xxxx xxx xxxxxxx xxxxxxxx to xxxxxxxxxx xxxxxxxxxxxx xxxxxxxx xx xxxxx securities xxxxxxxx.“;

6.

X&xxxx;xxxxxx&xxxx;28 xx xxxxxxxx 1 xxxxxxxxx tímto:

„1.   T2S XXX holders xxxxx xx xxxxxx xx xx xxxxx xx, xxxxx xxxxxx xxxx, xxx xxxxx be xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx relevant xxxxxxxxx xxxxxxxxxxx xxxx xxx xxxxxxxxxxx on xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxx xxxxxxxxxx. Xxxx shall be xxxxxx xx xx xxxxx xx, and xxxxx comply xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxxxxxxxx xx money xxxxxxxxxx xxx xxx financing xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx activities xxx xxx xxxxxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, in xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx any xxxxxxxx xxxxxxx xx credited xx xxxxx X2X XXXx. Xxxxx xx xxxxxxxx xxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx xxx X2X xxxxxxx xxxxxxx provider, X2X XXX holders shall xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx xxx data xxxxxxxxx xxxxxx.“;

7.

Xxxxxx&xxxx;30 xx nahrazuje xxxxx:

„Xxxxxxx&xxxx;30

Xxxxxxxxxxx xxxxxxxxxxxx xxxx xx XXX

1.&xxxx;&xxxx;&xxxx;X2X XXX xxxxxxx xxxxx xxxxxx:

(x)

xxxx xxxxxxxxx a contract xxxx xx XXX within xxx xxxxxxxxx of xxx xxxxxxxxxx xxxxxxxx xxxx that NSP xx order to xxxxxxxxx a technical connection xx TARGET2- ECB; xx

(x)

xxxxxxx xxx another xxxxxx xxxxx xxx xxxxxxxxx a contract xxxx xx XXX xxxxxx xxx xxxxxxxxx of xxx xxxxxxxxxx contract xxxx xxxx NSP.

2.   The xxxxx relationship xxxxxxx x&xxxx;X2X XXX xxxxxx xxx the XXX xxxxx xx xxxxxxxxxxx xxxxxxxx xx the xxxxx xxx conditions xx xxx separate xxxxxxxx xxxxxxxxx xxxx xx XXX as xxxxxxxx xx in xxxxxxxxx 1(x).

3.&xxxx;&xxxx;&xxxx;Xxx services xx be xxxxxxxx xx xxx NSP xxxxx xxx xxxx xxxx xx xxx xxxxxxxx xx be xxxxxxxxx xx xxx XXX in respect xx XXXXXX2.

4.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxx xx xxxxxx for any xxxx, errors xx xxxxxxxxx xx xxx XXX (xxxxxxxxx xxx xxxxxxxxx, xxxxx and xxxxxxxxxxxxxx), xx for xxx xxxx, xxxxxx xx xxxxxxxxx xx xxxxx parties xxxxxxxx xx xxxxxxxxxxxx xx xxxx xxxxxx to xxx NSP’s network.“;

8.

Vkládá xx xxxx xxxxxx&xxxx;34x, xxxxx xxx:

„Xxxxxxx&xxxx;34x

Xxxxxxxxxxxx provisions

Once xxx XXXXXX xxxxxx xx xxxxxxxxxxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, X2X DCA xxxxxxx xxxxx become X2X XXX xxxxxxx xx xxx TARGET xxxxxx.“;

9.

Xxxxxx xx xxxxx „X2X xxxxxxx service xxxxxxxx“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx čísle) v čl. 6 xxxx.&xxxx;1 xxxx. x) xxxx x), xx.&xxxx;9 xxxx.&xxxx;5, xx.&xxxx;10 odst. 6, xx.&xxxx;14 odst. 1 xxxx. x), xx.&xxxx;22 xxxx.&xxxx;1, xx.&xxxx;22 xxxx.&xxxx;2, xx.&xxxx;22 xxxx.&xxxx;3, xx.&xxxx;27 xxxx.&xxxx;5, xx.&xxxx;28 xxxx.&xxxx;1, xx.&xxxx;29 xxxx.&xxxx;1 xxxxxxx II x&xxxx;x&xxxx;xxxxxxxx 1 xxxxxxx X&xxxx;xx xxxxxxxxx odkazem „XXX“;

10.

X&xxxx;xxxxxxx X&xxxx;xx x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx b) xxxxx:

„(x)

Xxxx-xx-xxxxxxxxxxx xxxx (U2A)

U2A xxxxxxx xxxxxx xxxxxxxxxxxxx between x&xxxx;X2X XXX xxxxxx xxx the X2X XXX. Xxx information xx xxxxxxxxx in x&xxxx;xxxxxxx xxxxxxx xx x&xxxx;XX xxxxxx. Xxx X2X xxxxxx xxx XX xxxxxxxxxxxxxx xxx xx xx xxxx xx xxxxxxx xxxxxxx. Xxxxxxx xxxxxxx are xxxxxxxxx in the X2X Xxxx Xxxxxxxx.“.

PŘÍLOHA XXX

Xxxxxxx XXX xxxxxxxxxx ECB/2007/7 se xxxx xxxxx:

1.

Xxxxxx xx xxxxx „TIPS xxxxxxx xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx xxxxx) x&xxxx;xxxx xxxxxxx xx xxxxxxxxx odkazem „XXX“;

2.

Xxxxxx&xxxx;1 xx xxxx takto:

a)

definice xxxxx „reachable party“ xx nahrazuje xxxxx:

„—

“xxxxxxxxx xxxxx” means xx xxxxxx xxxxx: (x) xxxxx x&xxxx;XXX, (x) xx xxxxxxxxxx xx x&xxxx;xxxxxxxxx xxxxx by x&xxxx;XXXX XXX xxxxxx xx by xx xxxxxxxxx xxxxxx; (c) xx x&xxxx;xxxxxxxxxxxxx, customer xx xxxxxx of x&xxxx;XXXX XXX xxxxxx xx a participant xx xx xxxxxxxxx xxxxxx xx a correspondent, customer xx branch of x&xxxx;xxxxxxxxxxx xx xx xxxxxxxxx xxxxxx; xxx (x) is xxxxxxxxxxx xxxxxxx xxx XXXX Xxxxxxxx xxx is xxxx to xxxxxx xxxxxxx payment xxxxxx xxx receive xxxxxxx xxxxxxx xxxxxx xxxxxx xxx the XXXX XXX xxxxxx xx xxx ancillary system xx, xx so xxxxxxxxxx xx xxx XXXX DCA xxxxxx xx by xxx xxxxxxxxx xxxxxx, xxxxxxxx,“;

x)

xxxxxxxx xxxxx „xxxxxxx order“ xx nahrazuje tímto:

„—

“payment xxxxx”, xxxxxx xxxxx xxxx xx Articles 16 xx 18 xx xxxx Xxxxx, xxxxx xx xxxxxxx xxxxxxx order, x&xxxx;xxxxxxxx xxxxxx answer, x&xxxx;XX xx TIPS DCA xxxxxxxxx transfer xxxxx, x&xxxx;XXXX XXX xx XX liquidity transfer xxxxx, x&xxxx;XXXX XX xxxxxxxxx xxxxxxx to XXXX XXX xxxxxxxxx xxxxxxxx xxxxx xx x&xxxx;XXXX XXX xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxx,“;

x)

xxxxxxxx xxxxx „instant xxxxxxx xxxxx“ se xxxxxxxxx xxxxx:

„—

“xxxxxxx payment xxxxx” xxxxx, xx xxxx xxxx xxx Xxxxxxxx Xxxxxxxx Council's XXXX Instant Xxxxxx Xxxxxxxx (SCT Inst) xxxxxx, x&xxxx;xxxxxxx xxxxxxxxxxx xxxxx xxx xx xxxxxxxx 24 xxxxx x&xxxx;xxx any xxxxxxxx xxx xx xxx xxxx, xxxx xxxxxxxxx xx xxxxx xx xxxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxxx to xxx xxxxx xxx includes (x) TIPS DCA xx TIPS XXX xxxxxxx xxxxxxx xxxxxx, (x) XXXX XXX xx TIPS AS xxxxxxxxx xxxxxxx xxxxxxx xxxxxxx xxxxxx, (x) XXXX XX xxxxxxxxx xxxxxxx xx TIPS XXX xxxxxxx xxxxxxx xxxxxx xxx (d) XXXX XX xxxxxxxxx xxxxxxx xx XXXX XX technical xxxxxxx xxxxxxx xxxxxxx xxxxxx,“;

x)

xxxxxxxx xx nové definice, xxxxx znějí:

„—

“TIPS ancillary xxxxxx technical xxxxxxx (XXXX AS technical xxxxxxx)” means xx xxxxxxx xxxx xx xx xxxxxxxxx xxxxxx xx the CB xx xx xxxxxxxxx xxxxxx'x xxxxxx xx xxx XX’x XXXXXX2 xxxxxxxxx xxxxxx xxx xxx by that xxxxxxxxx xxxxxx xxx xxx purpose xx xxxxxxxx xxxxxxx payments xx its xxx xxxxx,

“XXXX DCA to XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxx” means xxx xxxxxxxxxxx to xxxxxxxx x&xxxx;xxxxxxxxx xxxxxx xx xxxxx xxxx x&xxxx;XXXX XXX to x&xxxx;XXXX XX xxxxxxxxx xxxxxxx xx fund the XXXX XXX holder’s xxxxxxxx (or the xxxxxxxx xx xxxxxxx xxxxxxxxxxx xx the xxxxxxxxx xxxxxx) in xxx xxxxx of xxx ancillary xxxxxx,

“XXXX XX technical xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxx” xxxxx the instruction xx xxxxxxxx a specified xxxxxx of funds xxxx x&xxxx;XXXX XX xxxxxxxxx account xx x&xxxx;XXXX XXX xx xxxxxx xxx XXXX XXX xxxxxx’x xxxxxxxx (xx xxx xxxxxxxx xx xxxxxxx xxxxxxxxxxx xx the xxxxxxxxx xxxxxx) xx xxx xxxxx xx xxx xxxxxxxxx xxxxxx,

“Xxxxxxxx Payments Xxxxxxx'x XXXX Xxxxxxx Xxxxxx Xxxxxxxx (SCT Xxxx) scheme” or “XXX Xxxx xxxxxx” xxxxx an automated, xxxx xxxxxxxxx xxxxxx xxxxxxxxx a set xx xxxxxxxxx rules to xx complied xxxx xx XXX Xxxx xxxxxxxxxxxx, allowing payment xxxxxxxx providers in XXXX to offer xx automated, SEPA-wide xxxx xxxxxxx xxxxxx xxxxxxxx product,

“mobile xxxxx xxxx-xx (MPL) service” xxxxx x&xxxx;xxxxxxx which xxxxxxx XXXX XXX xxxxxxx, ancillary systems xxxxx XXXX AS xxxxxxxxx xxxxxxxx xxx xxxxxxxxx xxxxxxx, xxx xxxxxxx from xxxxx xxxxxxxxx a request xx xxxxxxx xx xxxxxxx xxxxxxx xxxxx xx xxxxxx of x&xxxx;xxxxxxxxxxx xxxxxxxxxx with x&xxxx;xxxxx (x.x. a mobile xxxxxx), xx xxxxxxxx from xxx central XXX xxxxxxxxxx the corresponding xxxxxxxxxxx XXXX and xxx XXX to xx xxxx xx xxxxxx the relevant xxxxxxx in TIPS,

“Network Xxxxxxx Provider (XXX)” xxxxx xx xxxxxxxxxxx xxxx xxx been xxxxxxx x&xxxx;xxxxxxxxxx xxxx xxx Xxxxxxxxxx xx xxxxxxx connectivity services xxx xxx Xxxxxxxxxx Xxxxxx Market Xxxxxxxxxxxxxx Xxxxxxx,

“XXXX” xxxxx xxx xxxxxxxxxxxxx bank xxxxxxx xxxxxx which uniquely xxxxxxxxxx xx xxxxxxxxxx xxxxxxx xx x&xxxx;xxxxxxxx xxxxxxxxx institution xx x&xxxx;xxxxxxxxxx country.“;

e)

definice xxxxx „XXXX xxxxxxx xxxxxxx xxxxxxxx“ xx zrušuje;

3.

V čl. 3 xxxx.&xxxx;1 xx xxxxxxx xxxxx xx „Appendix X: XXXX connectivity xxxxxxxxx xxxxxxxxxxxx“;

4.

Xxxxxx&xxxx;4 se xxxx xxxxx:

x)

x&xxxx;xxxxxxxx 2 xx xxxxxxxx xxxx xxxxxxx k), které xxx:

„(x)

XXXX DCA to XXXX XX technical xxxxxxx xxxxxxxxx xxxxxxxx xxxxxx xxx XXXX XX technical xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxxx; xxx“;

x)

xxxxxxxx 3 xx xxxxxxxxx xxxxx:

„3.&xxxx;&xxxx;&xxxx;XXXXXX2 xxxxxxxx xxxx-xxxx xxxxx xxxxxxxxxx xxx xxxxxxxx xx xxxx, xxxx settlement xx central bank xxxxx across XX xxxxxxxx, X2X XXXx xxx XXXX XXXx.&xxxx;XXXXXX2 xx established xxx xxxxxxxxx on xxx xxxxx of the XXX xxxxxxx xxxxx xxxxxxx xxxxxx xxx xxxxxxxxx and processed xxx xxxxxxx xxxxx xxxxxxxx xxx xxxxxxxxxx xxxxxxxx in xxx xxxx xxxxxxxxx xxxxxx. Xx xxx xx xxx xxxxxxxxx operation xx xxx TIPS XXXx xxx TIPS XX xxxxxxxxx xxxxxxxx xx xxxxxxxxx, TARGET2 xx xxxxxxxxxxx xxxxxxxxxxx xxx functions xx xxx xxxxx xx xxx XXXX Platform. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx T2S XXXx is xxxxxxxxx, XXXXXX2 xx technically xxxxxxxxxxx xxx functions xx xxx xxxxx xx the T2S Xxxxxxxx.“;

5.

X&xxxx;xx.&xxxx;6 odst. 1 xxxx. x) se bod x) xxxxxxxxx xxxxx:

„(x)

xxxxxxx, xxxxxx, operate and xxxxxxx xxx xxxxxx xxx xxxxxxxx xx xxx xxxxxxxxx IT xxxxxxxxxxxxxx to xxxxxxx xx xxx TIPS Xxxxxxxx xxx submit xxxxxxx xxxxxx xx xx. Xx xxxxx xx, xxxxxxxxx XXXX XXX holders may xxxxxxx xxxxx parties, xxx xxxxxx xxxx xxxxxxxxx. In particular, xxxxxx xx xxxxxxxxxxx xxxxx xx xxxx, xxxxxxxxx XXXX XXX xxxxxxx shall xxxxx xxxx xx agreement xxxx xxx xx xxxx NSPs xx xxxxxx xxx xxxxxxxxx xxxxxxxxxx xxx xxxxxxxxxx, xx accordance xxxx xxx xxxxxxxxx xxxxxxxxxxxxxx xx Appendix X; xxx“;

6.

Xxxxxx&xxxx;9 xx xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;9

Xxxxxxxxxxx xxxxxxxxxxxx with xx XXX

1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx:

(x)

xxxxxxxx a contract xxxx xx XXX xxxxxx xxx xxxxxxxxx of xxx concession xxxxxxxx xxxx xxxx XXX xx order xx xxxxxxxxx a technical xxxxxxxxxx xx XXXXXX2-XXX; or

(b)

connect xxx xxxxxxx entity xxxxx xxx xxxxxxxxx x&xxxx;xxxxxxxx xxxx an XXX xxxxxx xxx xxxxxxxxx xx the xxxxxxxxxx xxxxxxxx xxxx xxxx XXX.

2.&xxxx;&xxxx;&xxxx;Xxx legal xxxxxxxxxxxx between a participant xxx xxx NSP xxxxx xx xxxxxxxxxxx xxxxxxxx by xxx xxxxx and conditions xx xxxxx separate xxxxxxxx as xxxxxxxx xx xx paragraph 1(x).

3.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxx xx xx xxxxxxxx xx xxx NSP xxxxx xxx xxxx part xx xxx xxxxxxxx xx xx xxxxxxxxx xx xxx XXX xx xxxxxxx xx XXXXXX2.

4.&xxxx;&xxxx;&xxxx;Xxx ECB xxxxx xxx xx xxxxxx xxx xxx acts, xxxxxx xx xxxxxxxxx xx xxx XXX (xxxxxxxxx its directors, xxxxx xxx xxxxxxxxxxxxxx), xx xxx any xxxx, xxxxxx or xxxxxxxxx by third xxxxxxx selected by xxxxxxxxxxxx xx xxxx xxxxxx xx the XXX’x network.“;

7.

Článek 10 xx xxxxxxx;

8.

Xxxxxx xx xxxx xxxxxx&xxxx;11x, xxxxx xxx:

„Xxxxxxx&xxxx;11x

XXX xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxx xxxxxxx XXX xxxxxxxxxx contains xxx xxxxx – IBAN xxxxxxx xxxxx xxx xxx xxxxxxxx xx xxx XXX xxxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxxx xxxxx xxx xx xxxxxx to only xxx IBAN. Xx XXXX may be xxxxxx xx xxx xx xxxxxxxx xxxxxxx.

3.&xxxx;&xxxx;&xxxx;Xxxxxxx&xxxx;29 xxxxx xxxxx to xxx xxxx xxxxxxxxx xx the XXX xxxxxxxxxx.“;

9.

X&xxxx;xxxxxx&xxxx;12 xx xxxxxxx xxxxxxxx 9;

10.

Xxxxxx&xxxx;16 xx xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;16

Xxxxx xx xxxxxxx xxxxxx xx XXXX XXX

Xxx xxxxxxxxx xxx xxxxxxxxxx as xxxxxxx xxxxxx xxx xxx xxxxxxxx of xxx XXXX xxxxxxx:

(x)

xxxxxxx xxxxxxx xxxxxx;

(x)

xxxxxxxx recall xxxxxxx;

(x)

XXXX XXX xx XX xxxxxxxxx transfer xxxxxx;

(x)

XXXX XXX to XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxxx; xxx

(x)

XXXX XX xxxxxxxxx account xx XXXX DCA xxxxxxxxx xxxxxxxx xxxxxx.“;

11.

X&xxxx;xxxxxx&xxxx;18 xx xxxxxxxx 6 xxxxxxxxx xxxxx:

„6.&xxxx;&xxxx;&xxxx;Xxxxx x&xxxx;XXXX DCA xx PM xxxxxxxxx xxxxxxxx order, x&xxxx;XXXX XXX xx TIPS XX xxxxxxxxx xxxxxxx xxxxxxxxx transfer xxxxx xx a TIPS XX xxxxxxxxx xxxxxxx xx XXXX DCA liquidity xxxxxxxx xxxxx has xxxx accepted xx xxxxxxxx to in Xxxxxxx&xxxx;17, the TARGET2-ECB xxxxx check xxxxxxx xxxxxxxxxx funds xxx xxxxxxxxx xx xxx xxxxx'x account. Xx xxxxxxxxxx xxxxx xxx xxx xxxxxxxxx xxx xxxxxxxxx xxxxxxxx order xxxxx xx rejected. Xx xxxxxxxxxx xxxxx xxx available xxx xxxxxxxxx xxxxxxxx xxxxx xxxxx xx settled xxxxxxxxxxx.“;

12.

X&xxxx;xx.&xxxx;20 xxxx.&xxxx;1 xx xxxxxxx x) nahrazuje xxxxx:

„(x)

XXXX XXX xx XX xxxxxxxxx xxxxxxxx xxxxxx, positive xxxxxx xxxxxxx and TIPS XXX xx TIPS XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx orders xxx deemed xxxxxxx xxxx XXXXXX2-XXX and xxxxxxxxxxx at xxx xxxxxx xxxx the xxxxxxxx TIPS DCA xx debited. TIPS XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxxx xxx deemed entered xxxx XXXXXX2-XXX xxx xxxxxxxxxxx at xxx xxxxxx xxxx xxx xxxxxxxx XXXX AS xxxxxxxxx xxxxxxx is xxxxxxx.“;

13.

X&xxxx;xxxxxx&xxxx;30 se xxxxxxxx 1 nahrazuje xxxxx:

„1.&xxxx;&xxxx;&xxxx;XXXX XXX xxxxxxx xxxxx xx xxxxxx xx xx xxxxx xx, xxxxx xxxxxx xxxx xxx xxxxx xx xxxx xx demonstrate xxxx compliance xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx with all xxxxxxxxxxx xx xxxx xxxxxxxx to xxxxxxxxxxx xx data xxxxxxxxxx. Xxxx xxxxx xx xxxxxx xx xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx obligations xx xxxx xxxxxxxx to xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx laundering xxx the financing xx terrorism, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx and xxx xxxxxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, xx xxxxxxxxxx xx terms xx xxxxxxxxxxxx appropriate xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx or xxxxxxxx xx their XXXX XXXx. TIPS XXX xxxxxxx xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx xxxxx xxxxxx XXX'x xxxx xxxxxxxxx xxxxxx xxxxx to xxxxxxxx xxxx a contractual xxxxxxxxxxxx xxxx xxxx XXX.“;

14.

Xxxxxx se nový xxxxxx&xxxx;35x, který xxx:

„Xxxxxxx&xxxx;35x

Xxxxxxxxxxxx xxxxxxxxx

Xxxx the XXXXXX xxxxxx xx xxxxxxxxxxx xxx xxx XXXXXX2 xxx ceased xxxxxxxxx, XXXX XXX xxxxxxx xxxxx xxxxxx XXXX XXX xxxxxxx in xxx XXXXXX xxxxxx.“;

15.

X&xxxx;xxxxxxx X&xxxx;xx xxxxxxx v odstavci 2 xxxxxxxxx xxxxx:

„Xxxxxxx Xxxx

Xxxxxxx Name

Pacs.002

FIToFIPayment Xxxxxx Xxxxxx

Xxxx.004

XxxxxxxXxxxxx

Xxxx.008

XXXxXXXxxxxxxxXxxxxxXxxxxxxx

Xxxx.028

XXXxXXXxxxxxxXxxxxxXxxxxxx

xxxx.003

XxxXxxxxxx

xxxx.004

XxxxxxXxxxxxx

xxxx.005

XxxXxxxxxxxxxx

xxxx.006

XxxxxxXxxxxxxxxxx

xxxx.011

XxxxxxXxxxx

xxxx.019

XxxxxxXxxxxxxxXxxXxxxxxxxxxx

xxxx.025

Xxxxxxx

xxxx.029

XxxxxxxxxxXxXxxxxxxxxxxxx

xxxx.050

XxxxxxxxxXxxxxxXxxxxxxx

xxxx.052

XxxxXxXxxxxxxxXxxxxxxXxxxxx

xxxx.053

XxxxXxXxxxxxxxXxxxxxxxx

xxxx.054

XxxxXxXxxxxxxxXxxxxXxxxxxXxxxxxxxxxxx

xxxx.056

XXXxXXXxxxxxxXxxxxxxxxxxxXxxxxxx

xxxx.010

XxxxxxxXxxxxxxXxxxxxxxxxxxxxx

xxxx.011

XxxxxxxXxxxxxxXxxxxxxxx

xxxx.015

XxxxxxxXxxxxxxxXxxxxxxXxxxxxxxxxxXxxxxxx

xxxx.016

XxxxxXxxxxxXxxxxxX01

xxxx.022

XxxxxXxxxxxxxxxxxXxxxxxxX01“

16.

X&xxxx;xxxxxxx I se v odst. 6 xxxxxxx. 1 xxxxxxxxx xxxxxxx b) xxxxx:

„(x)

Xxxx-xx-xxxxxxxxxxx xxxx (U2A)

U2A permits xxxxxx xxxxxxxxxxxxx xxxxxxx x&xxxx;XXXX XXX xxxxxx xxx the TIPS XXX. Xxx xxxxxxxxxxx xx displayed xx x&xxxx;xxxxxxx running xx x&xxxx;XX xxxxxx. Xxx X2X xxxxxx xxx XX xxxxxxxxxxxxxx xxx xx xx able xx xxxxxxx xxxxxxx. Xxxxxxx details are xxxxxxxxx xx the XXXX Xxxx Xxxxxxxx.“;

17.

X&xxxx;xxxxxxx XX xx xxxxxxx xxxxxxxx 2;

18.

Xxxxxxx X&xxxx;xx xxxxxxx.