XXXXXXXXXX XXXXXXXX CENTRÁLNÍ XXXXX (XX) 2021/1758
xx xxx 21. září 2021,
kterým xx xxxx rozhodnutí XXX/2007/7 o podmínkách XXXXXX2-XXX (XXX/2021/43)
XXXXXXX XXXX EVROPSKÉ XXXXXXXXX XXXXX,
x&xxxx;xxxxxxx xx Xxxxxxx x&xxxx;xxxxxxxxx Xxxxxxxx xxxx, a zejména na xxxxx x&xxxx;xxxxxxx odrážku xx.&xxxx;127 xxxx.&xxxx;2 xxxx xxxxxxx,
x&xxxx;xxxxxxx na xxxxxx Xxxxxxxxxx systému centrálních xxxx x&xxxx;Xxxxxxxx xxxxxxxxx xxxxx, x&xxxx;xxxxxxx xx xxxxxx&xxxx;11.6 x&xxxx;xxxxxx 17, 22 x&xxxx;23 tohoto xxxxxxx,
xxxxxxxx x&xxxx;xxxxx xxxxxxx:
(1) |
Xxxx xxxxxxxxx změnila (1) xxx 20.&xxxx;xxxxxxxx 2021 xxxxxx xxxxxx Evropské xxxxxxxxx xxxxx ECB/2012/27 (2) x&xxxx;xxxxx: x) vyjasnit, xx xxxxxxxx TIPS DCA xxxxx k TARGET2 xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxxxxx xxxxxxx xxxxx xxxxxxxxxxxxxx Eurosystému (Xxxxxxxxxx Single Xxxxxx Xxxxxxxxxxxxxx Gateway) od xxxxxxxxx 2021 x&xxxx;xxxxxxxx X2X XXX xxxxx x&xxxx;XXXXXX2 prostřednictvím tohoto xxxxxxx xxxxxxxxx od xxxxxx 2022; x) xxxxxxxx x&xxxx;xxxxxxxx xxxxxxxx xxxxxxxx xx xxxxxxxxxx xxxxxxxxx xx xxxxxxxxxx xxxxxxxxx bodu XXXXXX2, xxx se xxxxxxxxx, xx se systém XXXXXX2 bude xxxx xxxxxxx xxx, xxx xxx xxxxxxx čelit xxxxxxx v oblasti kybernetické xxxxxxxxxxx; x) xxxxxx xxxxxxxxx, aby xxxxxxxx xxxx XX, xxxxxx xxxxxxx xxxxxxxxx x&xxxx;xxxxxxxxxxxxx xxxxxxxx xxxx BIC, xxxxx xxxxxxxxxxx k uplatňování xxxxxxx XXX Xxxx xxxxxxxx xxxxxx o dodržování xxxxxxx pro xxxxxxxx xxxxxxxxxxxxx xxxxxxx XXXX, xxxx a zůstali xxxxxx xxxxxxxxxxx xx platformě XXXX xxxxxxxxxxxxxxx XXXX XXX, xxx xxx xx zajistila xxxxxxxxxx xxxxxxxxxx plateb x&xxxx;xxxx Xxxx; x) xxxxxx xxxxxxxxxxxxxxx, xxxxx xxx x&xxxx;xxxxxxx xxxxxxx zůstatků x&xxxx;xxxx účastníků v TARGET2 xx xxxxxxxxxxxx xxxxxxxxxxx xxxx v budoucím xxxxxxx XXXXXX, xxx byla xxxxxxxxx xxxxxx jistota, x&xxxx;x) xxxxxxxx a aktualizovat xxxxxxx xxxxx xxxxxxx xxxxxxxx xxxxx ECB/2012/27. |
(2) |
Jakmile xxxx xxxxxxxxxx xxxxxxx xxxxxxxxxxx X2-X2X, bude x&xxxx;xxxxx xxxxxx jistoty xxxxxx nezbytné xxxxxxxx xxxxxxxxxxxxxxx, xxxxx xxx x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx x&xxxx;XXXXXX2-XXX xx odpovídající xxxxxxxxxxx xxxx. |
(3) |
Xxxxx xxxxxxxx xxxxx XXX/2012/27, které mají xxxx na xxxxxxxx XXXXXX2-XXX, xx třeba xxxxxxxxx x&xxxx;xxxxxxxxxx Xxxxxxxx xxxxxxxxx xxxxx ECB/2007/7 (3). |
(4) |
Rozhodnutí XXX/2007/7 xx proto xxxxx xxxxxxxxxxxxx xxxxxxxx xxxxxx, |
XXXXXXX TOTO XXXXXXXXXX:
Xxxxxx&xxxx;1
Xxxxx
Xxxxxxx X, XX x&xxxx;XXX xxxxxxxxxx XXX/2007/7 xx mění x&xxxx;xxxxxxx x&xxxx;xxxxxxxxx xxxxxx rozhodnutí.
Xxxxxx&xxxx;2
Xxxxxxxxx xxxxxxxxxx
Xxxx xxxxxxxxxx xxxxxxxx v platnost pátým xxxx xx zveřejnění x&xxxx;Xxxxxxx xxxxxxxx Xxxxxxxx xxxx.
Xxxxxxx se ode xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx odst. 1 xxxx. x) x&xxxx;xxxxxxxx 7 x&xxxx;9 xxxxxxx XX xxxxxx xxxxxxxxxx, které xx xxxxxxx xxx xxx 13.&xxxx;xxxxxx 2022.
Xx Xxxxxxxxxx nad Xxxxxxx xxx 21.&xxxx;xxxx 2021.
Xxxxxxxxxxx XXX
Xxxxxxxxx XXXXXXX
(1)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx xxxxxxxxx xxxxx (XX) 2021/1759 xx dne 20.&xxxx;xxxxxxxx 2021, xxxxxxx xx xxxx xxxxxx zásady XXX/2012/27 o transevropském expresním xxxxxxxxxxxxxxx xxxxxxx zúčtování xxxxxx x&xxxx;xxxxxxx xxxx (XXXXXX2) (XXX/2021/30) [(xxx xxxxxx 45 x&xxxx;xxxxx xxxxx Xxxxxxxx xxxxxxxx).
(2)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx centrální xxxxx XXX/2012/27 ze xxx 5.&xxxx;xxxxxxxx 2012 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx automatizovaném xxxxxxx xxxxxxxxx plateb x&xxxx;xxxxxxx xxxx (TARGET2) (Xx. xxxx. X&xxxx;30, 30.1.2013, x. 1).
(3)&xxxx;&xxxx;Xxxxxxxxxx Xxxxxxxx centrální xxxxx XXX/2007/7 ze dne 24.&xxxx;xxxxxxxx 2007 o podmínkách XXXXXX2-XXX (Xx. xxxx. X&xxxx;237, 8.9.2007, x. 71).
XXXXXXX X
Xxxxxxx X&xxxx;xxxxxxxxxx XXX/2007/7 xx mění xxxxx:
1. |
Xxxxxx&xxxx;1 xx mění xxxxx:
|
2. |
X&xxxx;xxxxxx&xxxx;2 xxxxxx xxxxxxxx xx xxxxxxxx xxxx xxxx, xxxxx xxx:
|
3. |
Xxxxxx&xxxx;3 xx xxxx xxxxx:
|
4. |
Xxxxxx&xxxx;5 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;5 Xxxxxx xxxxxxxxxxxx XX account xxxxxxx in TARGET2-ECB xxx direct participants xxx xxxxx xxxxxx xxxx xxx requirements xxx xxx xx Xxxxxxx&xxxx;8(1) and (2). Xxxx xxxxx have at xxxxx xxx XX xxxxxxx xxxx xxx XXX. XX xxxxxxx xxxxxxx that xxxx xxxxxxx xx xxx XXX Xxxx scheme xx xxxxxxx the XXXX Instant Xxxxxx Xxxxxxxx Xxxxxxxxx Xxxxxxxxx xxxxx xx and xxxxx xxxxxx xxxxxxxxx xx xxx XXXX Xxxxxxxx xx all xxxxx, either xx x&xxxx;XXXX XXX xxxxxx xx xx x&xxxx;xxxxxxxxx xxxxx xxx x&xxxx;XXXX XXX xxxxxx.“; |
5. |
Xxxxxx&xxxx;22 se xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;22 Xxxxxxxx Requirements xxx Xxxxxxx Xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxxxx adequate xxxxxxxx controls to xxxxxxx their systems xxxx xxxxxxxxxxxx xxxxxx xxx xxx. Xxxxxxxxxxxx xxxxx xx exclusively xxxxxxxxxxx xxx the xxxxxxxx xxxxxxxxxx of xxx xxxxxxxxxxxxxxx, xxxxxxxxx xxx xxxxxxxxxxxx of xxxxx xxxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx shall xxxxxx the ECB xx xxx security-related xxxxxxxxx xx xxxxx xxxxxxxxx xxxxxxxxxxxxxx and, xxxxx xxxxxxxxxxx, security-related xxxxxxxxx that xxxxx xx the xxxxxxxxx xxxxxxxxxxxxxx xx xxx xxxxx party xxxxxxxxx. Xxx XXX may xxxxxxx further xxxxxxxxxxx xxxxx xxx xxxxxxxx xxx, xx xxxxxxxxx, xxxxxxx that xxx xxxxxxxxxxx xxxx xxxxxxxxxxx xxxxxxxx to xxxxxxx x&xxxx;xxxxxxxxxx of xxxx xx event. 3. The XXX xxx xxxxxx xxxxxxxxxx xxxxxxxx requirements, xx xxxxxxxxxx with regard xx cybersecurity or xxx prevention xx xxxxx, on all xxxxxxxxxxxx and/or xx xxxxxxxxxxxx that are xxxxxxxxxx critical xx xxx XXX. 4.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxx xxx XXX xxxx: (x) xxxxxxxxx xxxxxx xx xxxxx xxxxxxxxxxx of xxxxxxxxx xx xxxxx chosen xxxxxxx service provider’s xxxxxxxx xxxxxxxx xxxxxxxxxxxx, xxx (xx) xx xx xxxxxx basis xxx TARGET2 xxxx-xxxxxxxxxxxxx xxxxxxxxx as xxxxxxxxx xx xxx XXX’x xxxxxxx xx English. 4a. The XXX xxxxx assess xxx participant’s xxxx-xxxxxxxxxxxxx xxxxxxxxx(x) on xxx xxxxxxxxxxxx level xx xxxxxxxxxx with each xx the xxxxxxxxxxxx xxx out xx xxx XXXXXX2 self-certification xxxxxxxxxxxx. These requirements xxx xxxxxx xx Xxxxxxxx XXX, which xx xxxxxxxx xx xxx xxxxx Xxxxxxxxxx xxxxxx xx Xxxxxxx&xxxx;2(1), xxxxx xxxx xx xxxxxxxx part of xxxxx Xxxxxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx participant’s xxxxx xx xxxxxxxxxx xxxx the xxxxxxxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx shall be xxxxxxxxxxx as xxxxxxx, xx xxxxxxxxxx xxxxx xx severity: ‘full xxxxxxxxxx’; ‘minor xxx-xxxxxxxxxx’; xx ‘xxxxx non-compliance’. Xxx xxxxxxxxx criteria xxxxx: full xxxxxxxxxx xx xxxxxxx xxxxx xxxxxxxxxxxx xxxxxxx 100% xx xxx xxxxxxxxxxxx; xxxxx non-compliance xx xxxxx a participant satisfies xxxx xxxx 100% xxx xx xxxxx 66% xx xxx xxxxxxxxxxxx xxx xxxxx xxx-xxxxxxxxxx where x&xxxx;xxxxxxxxxxx xxxxxxxxx less than 66% of xxx xxxxxxxxxxxx. Xx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx that x&xxxx;xxxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxxx to it, xx xxxxx xx xxxxxxxxxx as xxxxxxxxx xxxx xxx respective xxxxxxxxxxx for xxx xxxxxxxx of xxx xxxxxxxxxxxxxx. X&xxxx;xxxxxxxxxxx xxxxx xxxxx xx reach ‘xxxx xxxxxxxxxx’ xxxxx xxxxxx xx action xxxx xxxxxxxxxxxxx xxx xx xxxxxxx xx xxxxx xxxx xxxxxxxxxx. Xxx XXX xxxxx xxxxxx xxx xxxxxxxx xxxxxxxxxxx xxxxxxxxxxx xx xxx status xx xxxx xxxxxxxxxxx’x xxxxxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xx xxx xxxxxxxxxxx xxxxxxx xx grant permanent xxxxxx to its xxxxxxxxxxx of xxxxxxxxx xx their xxxxxx XXXx xxxxxxxx security xxxxxxxxxxxx xx xxxx xxx xxxxxxx the XXXXXX2 self-certification xxx xxxxxxxxxxx’x level xx xxxxxxxxxx xxxxx xx xxxxxxxxxxx xx ‘major xxx-xxxxxxxxxx’. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX shall xxxxxxxx xxxxxxxxxx xx xxxxxxxxxxxx xx xx xxxxxx xxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxx xxxxxx xxx xxxxxxxxx xxxxxxxx xx xxxxxxx xx xxxxxxxxxxxx xxxxx xxxxx xx xxxxxxxxxx xxx assessed xx xxxxx or xxxxx xxx-xxxxxxxxxx, xx xxxxxxxxxx xxxxx xx xxxxxxxx:
|
6. |
X&xxxx;xxxxxx&xxxx;33 se odstavec 1 xxxxxxxxx xxxxx: „1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx be xxxxxx xx be xxxxx xx, xxxxx xxxxxx xxxx, xxx shall xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx with xxx xxxxxxxxxxx on xxxx xxxxxxxx to xxxxxxxxxxx xx data xxxxxxxxxx. Xxxx xxxxx xx xxxxxx to xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx obligations xx xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx xxxxxxxxxx xxx the xxxxxxxxx xx terrorism, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx xxx xxxxxxxxxxx xx xxxxxxx weapons xxxxxxxx systems, in xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx appropriate xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx or xxxxxxxx xx xxxxx XX accounts. Xxxxxxxxxxxx xxxxx ensure xxxx xxxx xxx xxxxxxxx xxxxx xxx TARGET2 xxxxxxx xxxxxxx xxxxxxxx’x xxxx xxxxxxxxx xxxxxx xxxxx to xxxxxxxx xxxx the xxxxxxxxxxx xxxxxxxxxxxx with the XXXXXX2 xxxxxxx xxxxxxx xxxxxxxx.“; |
7. |
Xxxxxx se xxxx xxxxxx&xxxx;39x, který xxx: „Xxxxxxx&xxxx;39x Xxxxxxxxxxxx xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxx xxx TARGET xxxxxx xx operational xxx XXXXXX2 has xxxxxx xxxxxxxxx, XX xxxxxxx balances xxxxx xx transferred xx xxx xxxxxxx xxxxxx’x xxxxxxxxxxxxx xxxxxxxxx xxxxxxxx xx the XXXXXX xxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx xxxx XX account xxxxxxx, xxxxxxxx Xxxxxxxxxxxx and xxxxxxxxxxx XXX xxxxxxx xxxxxxxx xx the XXX Inst scheme xx xxxxxxxxx xx xxx XXXX Xxxxxxxx xxxxxxxx xx Xxxxxxx&xxxx;5 xxxxx xxxxx as xx 25 Xxxxxxxx 2022.“; |
8. |
X&xxxx;xxxxxxx I se v odst. 8 xxxxxxx. 4 xxxxxxxxx xxxxxxx x) xxxxx:
|
9. |
V dodatku XX xx x&xxxx;xxxxxxxx 6 xxxxxxxxx xxxxxxx x) xxxxx:
|
10. |
Xxxxxxxx se xxxx xxxxxxx VII, xxxxx xxx: „Xxxxxxxx VII Requirements regarding xxxxxxxxxxx security xxxxxxxxxx xxx xxxxxxxx continuity xxxxxxxxxx Xxxxxxxxxxx xxxxxxxx xxxxxxxxxx Xxxxx xxxxxxxxxxxx xxx xxxxxxxxxx xx xxxx xxxxxxxxxxx, xxxxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx is xxx xxxxxxxxxx to it. Xx xxxxxxxxxxxx xxx xxxxx of xxxxxxxxxxx xx the xxxxxxxxxxxx xxxxxx xxx xxxxxxxxxxxxxx, xxx xxxxxxxxxxx should xxxxxxxx xxx xxxxxxxx xxxx xxx xxxx xx xxx Xxxxxxx Xxxxxxxxxxx Chain (PTC). Xxxxxxxxxxxx, xxx XXX xxxxxx at a Point xx Xxxxx (PoE), x.x. x&xxxx;xxxxxx xxxxxxxx xx xxx xxxxxxxx xx xxxxxxxxxxxx (x.x. xxxxxxxxxxxx, front-office xxx xxxx-xxxxxx xxxxxxxxxxxx, xxxxxxxxxx), xxx xxxx at xxx xxxxxx responsible xx send the xxxxxxx to SWIFT (x.x. SWIFT VPN Xxx) or Xxxxxxxx (xxxx xxx xxxxxx xxxxxxxxxx xx Internet-based Xxxxxx). Xxxxxxxxxxx 1.1: Xxxxxxxxxxx xxxxxxxx policy The xxxxxxxxxx xxxxx xxx x&xxxx;xxxxx xxxxxx direction xx xxxx xxxx business xxxxxxxxxx xxx demonstrate xxxxxxx xxx and xxxxxxxxxx to xxxxxxxxxxx xxxxxxxx through xxx xxxxxxxx, xxxxxxxx and xxxxxxxxxxx of xx xxxxxxxxxxx xxxxxxxx policy xxxxxx at xxxxxxxx xxxxxxxxxxx security xxx xxxxx xxxxxxxxxx xxxxxx xxx organisation in xxxxx of xxxxxxxxxxxxxx, xxxxxxxxxx and xxxxxxxxx xx xxxxxxxxxxx security xxx cyber xxxxxxxxxx xxxxx. Xxx policy xxxxxx xxxxxxx xx xxxxx xxx xxxxxxxxx xxxxxxxx: objectives, scope (xxxxxxxxx domains xxxx xx xxxxxxxxxxxx, human xxxxxxxxx, xxxxx management xxx.), principles xxx xxxxxxxxxx xx responsibilities. Requirement 1.2: Xxxxxxxx xxxxxxxxxxxx Xx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xxxxx be xxxxxxxxxxx xx implement the xxxxxxxxxxx security xxxxxx xxxxxx xxx xxxxxxxxxxxx. Xxx xxxxxxxxxx shall xxxxxxxxxx and review xxx establishment of xxx information security xxxxxxxxx to xxxxxx xxx xxxxxxxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxx xxxxxx (as per Xxxxxxxxxxx 1.1) across xxx xxxxxxxxxxxx, xxxxxxxxx xxx allocation xx xxxxxxxxxx resources xxx xxxxxxxxxx xx security xxxxxxxxxxxxxxxx for this xxxxxxx. Xxxxxxxxxxx 1.3: External xxxxxxx Xxx xxxxxxxx xx xxx organisation’s xxxxxxxxxxx xxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxx not xx xxxxxxx xx xxx introduction xx, xxx/xx the dependence xx, xx xxxxxxxx xxxxx/xxxxxxx xx xxxxxxxx/xxxxxxxx xxxxxxxx xx them. Xxx xxxxxx xx xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xx xxxxxxxx parties xxxxx xx xxxxxxxxxx. When xxxxxxxx xxxxxxx or xxxxxxxx/xxxxxxxx of external xxxxxxx xxx xxxxxxxx xx xxxxxx xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx, x&xxxx;xxxx xxxxxxxxxx xxxxx be carried xxx to determine xxx security implications xxx control xxxxxxxxxxxx. Xxxxxxxx shall xx xxxxxx xxx xxxxxxx xx xx agreement xxxx xxxx xxxxxxxx xxxxxxxx xxxxx. Xxxxxxxxxxx 1.4: Xxxxx management All xxxxxxxxxxx xxxxxx, xxx xxxxxxxx xxxxxxxxx xxx xxx xxxxxxxxxx xxxxxxxxxxx xxxxxxx, xxxx xx operating xxxxxxx, xxxxxxxxxxxxxxx, business xxxxxxxxxxxx, xxx-xxx-xxxxx xxxxxxxx, xxxxxxxx xxx user-developed xxxxxxxxxxxx, xx xxx xxxxx of the Xxxxxxx Xxxxxxxxxxx Xxxxx xxxxx be accounted xxx and xxxx x&xxxx;xxxxxxxxx xxxxx. The xxxxxxxxxxxxxx xxx xxx xxxxxxxxxxx and xxx xxxxxxxxx xx appropriate xxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxx xxx xxxxxxx XX xxxxxxxxxx xx xxxxxxxxx xxx xxxxxxxxxxx xxxxxx xxxxx xx xxxxxxxx. Xxxx: the xxxxx xxx delegate the xxxxxxxxxxxxxx xx xxxxxxxx xxxxxxxx xx appropriate, xxx remains accountable xxx xxx xxxxxx xxxxxxxxxx xx the xxxxxx. Xxxxxxxxxxx 1.5: Xxxxxxxxxxx xxxxxx xxxxxxxxxxxxxx Xxxxxxxxxxx xxxxxx xxxxx be classified xx xxxxx of xxxxx xxxxxxxxxxx xx xxx smooth delivery xx the xxxxxxx xx xxx participant. Xxx xxxxxxxxxxxxxx xxxxx xxxxxxxx xxx need, xxxxxxxxxx xxx xxxxxx xx xxxxxxxxxx required xxxx xxxxxxxx xxx xxxxxxxxxxx xxxxx in xxx xxxxxxxx xxxxxxxx xxxxxxxxx xxx xxxxx xxxx xxxx xxxx xxxxxxxxxxxxx xxx underlying XX xxxxxxxxxx. Xx xxxxxxxxxxx xxxxx xxxxxxxxxxxxxx xxxxxx xxxxxxxx xx xxx xxxxxxxxxx xxxxx xx xxxx xx xxxxxx xx appropriate xxx xx xxxxxxxxxx xxxxxxxx throughout the xxxxxxxxxxx xxxxx xxxxxxxxx (xxxxxxxxx removal xxx xxxxxxxxxxx xx xxxxxxxxxxx xxxxxx) xxx xx xxxxxxxxxxx xxx need xxx xxxxxxxx xxxxxxxx xxxxxxxx. Xxxxxxxxxxx 1.6: Xxxxx xxxxxxxxx xxxxxxxx Xxxxxxxx xxxxxxxxxxxxxxxx xxxxx be xxxxxxxxx xxxxx xx xxxxxxxxxx xx xxxxxxxx job xxxxxxxxxxxx xxx in xxxxx xxx xxxxxxxxxx xx employment. Xxx xxxxxxxxxx xxx employment, xxxxxxxxxxx and third xxxxx xxxxx xxxxx xx adequately xxxxxxxx, xxxxxxxxxx for xxxxxxxxx xxxx. Xxxxxxxxx, contractors xxx xxxxx xxxxx xxxxx of xxxxxxxxxxx xxxxxxxxxx facilities shall xxxx xx agreement xx their security xxxxx xxx responsibilities. Xx xxxxxxxx xxxxx xx xxxxxxxxx xxxxx xx ensured xxxxx xxx employees, xxxxxxxxxxx xxx xxxxx xxxxx xxxxx, and education xxx xxxxxxxx in xxxxxxxx xxxxxxxxxx xxx xxx xxxxxxx xxx xx xxxxxxxxxxx processing xxxxxxxxxx shall xx xxxxxxxx xx them xx minimise xxxxxxxx xxxxxxxx xxxxx. X&xxxx;xxxxxx xxxxxxxxxxxx process for xxxxxxxx xxxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xxx xxxxxxxxx. Xxxxxxxxxxxxxxxx xxxxx be xx xxxxx to ensure xxxx xx employee’s, xxxxxxxxxx’x or xxxxx xxxxx xxxx’x xxxx xxxx xx xxxxxxxx xxxxxx xxx xxxxxxxxxxxx xx xxxxxxx, xxx xxxx the xxxxxx xx all equipment xxx xxx removal xx all xxxxxx xxxxxx xxx xxxxxxxxx. Xxxxxxxxxxx 1.7: Xxxxxxxx xxx xxxxxxxxxxxxx security Critical xx xxxxxxxxx information xxxxxxxxxx xxxxxxxxxx xxxxx xx xxxxxx xx xxxxxx xxxxx, protected by xxxxxxx security xxxxxxxxxx, xxxx xxxxxxxxxxx security xxxxxxxx xxx xxxxx xxxxxxxx. They shall xx physically xxxxxxxxx xxxx xxxxxxxxxxxx access, xxxxxx xxx interference. Xxxxxx xxxxx be xxxxxxx only xx xxxxxxxxxxx xxx xxxx xxxxxx xxx scope xx Xxxxxxxxxxx 1.6. Xxxxxxxxxx xxx xxxxxxxxx xxxxx be xxxxxxxxxxx xx xxxxxxx xxxxxxxx xxxxx xxxxxxxxxx xxxxxxxxxxx xxxxxx xxxx xx xxxxxxx. Xxxxxxxxx xxxxx be xxxxxxxxx xxxx physical xxx xxxxxxxxxxxxx xxxxxxx. Xxxxxxxxxx xx equipment (xxxxxxxxx equipment xxxx xxx-xxxx) and xxxxxxx xxx xxxxxxx of xxxxxxxx is xxxxxxxxx xx xxxxxx xxx xxxx xx xxxxxxxxxxxx xxxxxx xx information xxx xx guard xxxxxxx loss or xxxxxx xx xxxxxxxxx xx xxxxxxxxxxx. Xxxxxxx xxxxxxxx may xx xxxxxxxx to xxxxxxx xxxxxxx physical xxxxxxx xxx xx safeguard xxxxxxxxxx xxxxxxxxxx such xx xxx xxxxxxxxxx xxxxxx and cabling xxxxxxxxxxxxxx. Xxxxxxxxxxx 1.8: Xxxxxxxxxx xxxxxxxxxx Xxxxxxxxxxxxxxxx xxx xxxxxxxxxx xxxxx xx xxxxxxxxxxx xxx the management xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxx xxxxxxx xx xxx Payment Xxxxxxxxxxx Xxxxx xxx-xx-xxx. Xx xxxxxxx xxxxxxxxx xxxxxxxxxx, including xxxxxxxxx xxxxxxxxxxxxxx xx XX systems, xxxxxxxxxxx xx xxxxxx xxxxx xx xxxxxxxxxxx, xxxxx xxxxxxxxxxx, xx reduce xxx xxxx xx xxxxxxxxx or deliberate xxxxxx misuse. Where xxxxxxxxxxx of xxxxxx xxxxxx be xxxxxxxxxxx xxx xx xxxxxxxxxx xxxxxxxxx reasons, xxxxxxxxxxxx xxxxxxxx shall xx xxxxxxxxxxx following a formal xxxx xxxxxxxx. Controls xxxxx be xxxxxxxxxxx xx xxxxxxx xxx xxxxxx xxx introduction xx xxxxxxxxx code xxx systems xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx xxxxx xx xxxx xxxxxxxxxxx (xxxxxxxxx xxxx xxxxxxxxx) xx prevent, xxxxxx xxx xxxxxx xxxxxxxxx xxxx. Xxxxxx code xxxxx xx used xxxx xxxx xxxxxxx xxxxxxx (e.g. signed Xxxxxxxxx COM xxxxxxxxxx xxx Xxxx Applets). Xxx xxxxxxxxxxxxx xx xxx browser (x.x. xxx use xx xxxxxxxxxx and xxxxxxx) xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxx xxxxxx and xxxxxxxx xxxxxxxx shall xx xxxxxxxxxxx xx xxx xxxxxxxxxx; xxxxx xxxxxxxx xxxxxxxx shall xxxxxxx a plan xx xxx xxxxxxxxxxx xxxxxxx xxxxx is xxxxxx xx regular xxxxxxxxx xx xxxxx annually. Systems xxxx are xxxxxxxx xxx xxx security xx payments shall xx monitored xxx xxxxxx xxxxxxxx to xxxxxxxxxxx security shall xx xxxxxxxx. Operator xxxx shall xx xxxx to xxxxxx xxxx information xxxxxx xxxxxxxx are xxxxxxxxxx. Xxxxxxxx xxxx xxxxx xx xxxxxxxxx xxxxxxxx xx x&xxxx;xxxxxx xxxxx, xxxxx on xxx xxxxxxxxxxx xx xxx xxxxxxxxxx. Xxxxxx xxxxxxxxxx xxxxx xx used xx check the xxxxxxxxxxxxx xx xxxxxxxx xxxxx are xxxxxxxxxx xx xxxxxxxx for xxx security of xxxxxxxx and to xxxxxx conformity to xx access policy xxxxx. Xxxxxxxxx xx xxxxxxxxxxx xxxxxxx organisations xxxxx xx based xx x&xxxx;xxxxxx xxxxxxxx xxxxxx, xxxxxxx out xx xxxx xxxx xxxxxxxx xxxxxxxxxx among xxx xxxxxxxx parties xxx xxxxx be xxxxxxxxx xxxx any relevant xxxxxxxxxxx. Xxxxx xxxxx xxxxxxxx components employed xx xxx xxxxxxxx xx xxxxxxxxxxx with XXXXXX2 (xxxx software xxxxxxxx xxxx x&xxxx;Xxxxxxx Xxxxxx xx xxxxxxxx 2 of the xxxxx xxxxxxx of xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx) xxxx xx xxxx xxxxx x&xxxx;xxxxxx agreement xxxx xxx xxxxx xxxxx. Xxxxxxxxxxx 1.9: Access control Access xx information xxxxxx xxxxx xx xxxxxxxxx xx xxx xxxxx xx xxxxxxxx xxxxxxxxxxxx (xxxx-xx-xxxx&xxxx;(1)) xxx according xx the xxxxxxxxxxx xxxxxxxxx of xxxxxxxxx xxxxxxxx (xxxxxxxxx xxx xxxxxxxxxxx security xxxxxx). Xxxxx access xxxxxxx xxxxx shall be xxxxxxx based on xxx xxxxxxxxx xx xxxxx xxxxxxxxx&xxxx;(2) to xxxxxxx xxxxxxx the xxxxx xx the xxxxxxxxxxxxx xxxxxxxx xxx XX xxxxxxxxx. Xxxxx xxxxxxxx (x.x. for xxxxxx xxxxxxxxxx) logical xxxxxx xxxxxxx xxxxxx xx xxxxxxxxxx xxxx xxxxxxxx xxxxxx xxxxxxx xxxxxx there xxx xxxxxxxx xxxxxxxxxxxx xxxxxxxx xx xxxxx (x.x. xxxxxxxxxx, xxxxxxxx data xxxxxxxxxxxxx). Xxxxxx xxx documented xxxxxxxxxx xxxxx be xx xxxxx xx xxxxxxx the allocation xx xxxxxx xxxxxx xx xxxxxxxxxxx systems xxx xxxxxxxx xxxx xxxx within xxx xxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxx xxxxxxxxxx xxxxx xxxxx xxx xxxxxx xx xxx xxxxxxxxx xx xxxx xxxxxx, xxxx xxx xxxxxxx xxxxxxxxxxxx xx xxx xxxxx xx xxx xxxxx xxxxxxxxxxxxxx xx xxxxx that xx xxxxxx xxxxxxx xxxxxx. Xxxxxxx xxxxxxxxx xxxxx be xxxxx, xxxxx xxxxxxxxxxx, xx the allocation xx xxxxxx rights xx xxxx criticality xxxx xxx xxxxx xx xxxxx xxxxxx xxxxxx xxxxx xxxx xx x&xxxx;xxxxxx adverse xxxxxx on the xxxxxxxxxx xx xxx xxxxxxxxxxx (e.g. xxxxxx xxxxxx xxxxxxxx xxxxxx xxxxxxxxxxxxxx, override xx xxxxxx xxxxxxxx, xxxxxx xxxxxx xx xxxxxxxx xxxx). Xxxxxxxxxxx xxxxxxxx xxxxx xx xxx xx xxxxx xx identify, xxxxxxxxxxxx xxx authorise xxxxx at xxxxxxxx xxxxxx xx xxx xxxxxxxxxxxx’x xxxxxxx, x.x. xxx local xxx xxxxxx access xx xxxxxxx in the Xxxxxxx Transaction Xxxxx. Xxxxxxxx xxxxxxxx xxxxx xxx xx xxxxxx xx order xx xxxxxx xxxxxxxxxxxxxx. Xxx passwords, xxxxx shall be xxxxxxxxxxx xxx xxxxxxxx xx xxxxxxxx xxxxxxxx xx ensure xxxx xxxxxxxxx cannot xx xxxxxx xxxxxxx, e.g. xxxxxxxxxx rules xxx xxxxxxx-xxxx validity. X&xxxx;xxxx xxxxxxxx recovery xxx/xx xxxxx protocol xxxxx xx established. A policy xxxxx xx xxxxxxxxx and xxxxxxxxxxx on xxx xxx of xxxxxxxxxxxxx xxxxxxxx xx protect xxx xxxxxxxxxxxxxxx, xxxxxxxxxxxx xxx xxxxxxxxx of xxxxxxxxxxx. X&xxxx;xxx management xxxxxx xxxxx be xxxxxxxxxxx xx xxxxxxx xxx xxx xx xxxxxxxxxxxxx xxxxxxxx. Xxxxx xxxxx xx xxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx xx xxxxxx or xx print (x.x. x&xxxx;xxxxx xxxxxx, x&xxxx;xxxxx xxxx xxxxxx) xx xxxxxx xxx risk xx xxxxxxxxxxxx xxxxxx. Xxxx xxxxxxx xxxxxxxx, the xxxxx xx working xx an xxxxxxxxxxx xxxxxxxxxxx shall be xxxxxxxxxx and appropriate xxxxxxxxx xxx organisational xxxxxxxx xxxxx xx xxxxxxx. Xxxxxxxxxxx 1.10: Xxxxxxxxxxx xxxxxxx xxxxxxxxxxx, xxxxxxxxxxx xxx xxxxxxxxxxx Xxxxxxxx requirements xxxxx xx xxxxxxxxxx xxx agreed xxxxx xx xxx development xxx/xx xxxxxxxxxxxxxx xx xxxxxxxxxxx xxxxxxx. Xxxxxxxxxxx xxxxxxxx xxxxx xx xxxxx xxxx xxxxxxxxxxxx, including xxxx-xxxxxxxxx applications, xx xxxxxx xxxxxxx xxxxxxxxxx. Xxxxx controls xxxxx xxxxxxx xxx validation xx input data, xxxxxxxx xxxxxxxxxx xxx xxxxxx xxxx. Xxxxxxxxxx xxxxxxxx may be xxxxxxxx xxx systems xxxx xxxxxxx, xx xxxx xx impact xx, sensitive, xxxxxxxx xx xxxxxxxx xxxxxxxxxxx. Xxxx xxxxxxxx shall xx determined on xxx xxxxx xx xxxxxxxx requirements xxx xxxx assessment xxxxxxxxx xx xxx established xxxxxxxx (x.x. information xxxxxxxx policy, xxxxxxxxxxxxx xxxxxxx policy). The xxxxxxxxxxx xxxxxxxxxxxx xx xxx xxxxxxx shall be xxxxxxxxxxx, documented and xxxxxx xxxxx xx xxxxx xxxxxxxxxx and xxx. Xx xxxxxxx xxxxxxx security, xxxxxxxxxxx xxxxxxxx, including segmentation xxx xxxxxx xxxxxxxxxx, xxxxxx xx xxxxxxxxxxx xxxxx xx xxx xxxxxxxxxxx of xxxx xxxxx xxx the xxxxx xx xxxx xx xxx xxxxxxx xxxxx in the xxxxxxxxxxxx. There xxxxx xx xxxxxxxx xxxxxxxx xx xxxxxxx xxxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxxxxx xxxxxxxx. Xxxxxx to xxxxxx files xxx xxxxxxx xxxxxx code xxxxx xx xxxxxxxxxx xxx IT xxxxxxxx xxx xxxxxxx xxxxxxxxxx xxxxxxxxx in x&xxxx;xxxxxx xxxxxx. Care xxxxx xx xxxxx to xxxxx xxxxxxxx xx xxxxxxxxx data xx xxxx xxxxxxxxxxxx. Xxxxxxx xxx xxxxxxx environments xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxxxxxxxx xx xxxxxxx xx xxxxxxxxxx xxxxx xx xxxxxxxx xxxxxxxxxx. X&xxxx;xxxx assessment xx xxx xxxxx xxxxxxx xx xx xxxxxxxx in xxxxxxxxxx xxxxx xx xxxxxxxxx. Xxxxxxx xxxxxxxx xxxxxxx xxxxxxxxxx xx xxxxxxx xx xxxxxxxxxx xxxxx also xx xxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxxxxxx xxxx xxxxx on xxx xxxxxxx of x&xxxx;xxxx xxxxxxxxxx, and security xxxxxxx shall include, xx least, xxxxxxxxxxxxx xxxxxxxxxxx. All xx xxx shortcomings xxxxxxxxxxx xxxxxx xxx security xxxxxxx xxxxxxxxxx xxxxx xx xxxxxxxx and xxxxxx plans to xxxxx xxx identified xxx xxxxx be xxxxxxxx and followed xx in x&xxxx;xxxxxx xxxxxxx. Xxxxxxxxxxx 1.11: Xxxxxxxxxxx xxxxxxxx xx xxxxxxxx&xxxx;(3) xxxxxxxxxxxxx Xx xxxxxx xxxxxxxxxx xx xxx xxxxxxxxxxx’x xxxxxxxx information xxxxxxx xxxx are xxxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxx xxxxxxxx requirements xxx xxxxxxxxxx xxx xxxxx xxxxxxxxxx xxxx xxxxxxxx’x xxxxxx shall xx xxxxxxxxxx xxx xxxxxxxx xxxxxx upon with xxx xxxxxxxx. Xxxxxxxxxxx 1.12: Xxxxxxxxxx of xxxxxxxxxxx xxxxxxxx xxxxxxxxx xxx xxxxxxxxxxxx Xx ensure x&xxxx;xxxxxxxxxx xxx xxxxxxxxx xxxxxxxx xx xxx xxxxxxxxxx xx information security xxxxxxxxx, xxxxxxxxx xxxxxxxxxxxxx xx xxxxxxxx xxxxxx xxx xxxxxxxxxx, xxxxx, xxxxxxxxxxxxxxxx and xxxxxxxxxx, xx xxxxxxxx and xxxxxxxxx xxxxx, xxxxx xx established and xxxxxx xx ensure x&xxxx;xxxxx, xxxxxxxxx and xxxxxxx and safely xxxxxxx xxxx information xxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxx xx x&xxxx;xxxxx-xxxxxxx xxxxx (x.x. x&xxxx;xxxxx pursued xx xx xxxxxxxx xxxxxxxx xx by an xxxxxxx). Personnel xxxxxxxx xx xxxxx procedures xxxxx be xxxxxxxxxx xxxxxxx. Xxxxxxxxxxx 1.13: Technical xxxxxxxxxx xxxxxx X&xxxx;xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx systems (x.x. xxxx office xxxxxxx, xxxxxxxx networks and xxxxxxxx xxxxxxx xxxxxxxxxxxx) xxxxx xx xxxxxxxxx xxxxxxxx for compliance xxxx xxx xxxxxxxxxxxx’x xxxxxxxxxxx framework xx xxxxxxxx (e.g. information xxxxxxxx policy, xxxxxxxxxxxxx xxxxxxx xxxxxx). Xxxxxxxxxxx 1.14: Xxxxxxxxxxxxxx Xxxxx xxxxxxx machines xxxxx comply xxxx xxx the security xxxxxxxx xxxx xxx xxx xxx xxxxxxxx xxxxxxxx xxx xxxxxxx (x.x. xxxxxxxxx, xxxxxxx). Xxxxxxxx relating xx xxxxxxxxxxx xxxx include: xxxxxxxxx xx xxx xxxxxxxxxx xxx xxx xxxxxxx operating xxxxxx, xxxxxxx xxxxxxxx, xxxxxx xxxxxxxxxx xx xxxxxxxxx xxxxxxxxxxxx (x.x. xxxxxxxxxx xxx development). Centralised xxxxxxxxxx, xxxxxxx xxx xxxxxxxxxx xx xxxx xx managing of xxxxxx xxxxxx, xx xxxxxxxxxx for high xxxxxxxxxx xxxxxxxx, xxxxx xx xxxxxxxxxxx xxxxx xx a risk xxxxxxxxxx. Xxxxx xxxxxxx xxxxxxxx xxxxxxx xx xxx xxxx xxxxxxxxxx xxxxx xxxx a similar xxxx xxxxxxx. Xxxxxxxxxxx 1.15: Cloud xxxxxxxxx Xxx xxxxx xx xxxxxx and/or xxxxxx xxxxx solutions xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxx be xxxxx xx x&xxxx;xxxxxx xxxx xxxxxxxxxx, xxxxxx xxxx account the xxxxxxxxx xxxxxxxx and xxx contractual clauses xxxxxxx xx xxx xxxxx xxxxxxxx. Xx hybrid xxxxx xxxxxxxxx xxx xxxx, xx xx xxxxxxxxxx xxxx the xxxxxxxxxxx level xx xxx xxxxxxx system xx xxx xxxxxxx xxx xx the xxxxxxxxx systems. Xxx xx-xxxxxxxx xxxxxxxxxx xx xxx hybrid xxxxxxxxx xxxx be segregated xxxx xxx xxxxx xx-xxxxxxxx systems. Business xxxxxxxxxx xxxxxxxxxx (xxxxxxxxxx xxxx xx xxxxxxxx participants) The xxxxxxxxx xxxxxxxxxxxx (2.1 xx 2.6) xxxxxx xx xxxxxxxx xxxxxxxxxx xxxxxxxxxx. Xxxx XXXXXX2 xxxxxxxxxxx xxxxxxxxxx by xxx Xxxxxxxxxx as xxxxx critical xxx xxx smooth xxxxxxxxxxx xx xxx XXXXXX2 xxxxxx xxxxx have x&xxxx;xxxxxxxx xxxxxxxxxx xxxxxxxx xx xxxxx comprising xxx xxxxxxxxx xxxxxxxx.
|
(1)&xxxx;&xxxx;Xxx xxxx-xx-xxxx xxxxxxxxx xxxxxx xx xxx xxxxxxxxxxxxxx xx xxx xxx xx xxxxxxxxxxx that xx individual xxxxx xxxxxx xx xx xxxxx to carry xxx her/his duties.
(2) The xxxxxxxxx xx xxxxx xxxxxxxxx xxxxxx to xxxxxxxxx a subject’s xxxxxx xxxxxxx xx an XX system xx xxxxx xx xxxxx xxx xxxxxxxxxxxxx xxxxxxxx xxxx.
(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx xx xxx xxxxxxx xx xxxx xxxxxxxx should xx xxxxxxxxxx xx xxx xxxxx party (and xxx xxxxxxxxx) which xx xxxxx contract (xxxxxxxxx), xxxx the xxxxxxxxxxx, xx xxxxxxx x&xxxx;xxxxxxx xxx xxxxx xxx xxxxxxx xxxxxxxxx xxx xxxxx xxxxx (xxx xxx xxxxxxxxx) xx xxxxxxx xxxxxx, xxxxxx xxxxxxxx or xx-xxxx, to xxxxxxxxxxx xxx/xx information systems xxx/xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xx xxx xxxxxxxxxxx xx xxxxx xx associated xx xxx xxxxx xxxxxxx xxxxx the xxxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx.
XXXXXXX XX
Xxxxxxx XX xxxxxxxxxx XXX/2007/7 se xxxx takto:
1. |
Článek 1 xx xxxx xxxxx:
|
2. |
X&xxxx;xx.&xxxx;4 odst. 2 xx písmeno xx) xxxxxxxxx tímto:
|
3. |
X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 xx xxxxxx xxxx xxxxxxx xx), xxxxx zní:
|
4. |
X&xxxx;xxxxxx&xxxx;4 xx odstavec 3 xxxxxxxxx tímto: „3. TARGET2 xxxxxxxx xxxx-xxxx gross xxxxxxxxxx xxx payments in xxxx, with xxxxxxxxxx xx xxxxxxx bank xxxxx across XX xxxxxxxx, T2S DCAs xxx XXXX DCAs. XXXXXX2 xx xxxxxxxxxxx xxx functions xx xxx xxxxx xx xxx SSP xxxxxxx xxxxx xxxxxxx orders xxx submitted and xxxxxxxxx xxx through xxxxx xxxxxxxx xxx xxxxxxxxxx received xx xxx xxxx xxxxxxxxx xxxxxx. Xx far xx xxx technical xxxxxxxxx of the X2X DCAs is xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx xx xxx X2X Platform. Xx xxx as the xxxxxxxxx xxxxxxxxx xx xxx TIPS DCAs xxx XXXX XX xxxxxxxxx accounts xx xxxxxxxxx, XXXXXX2 is xxxxxxxxxxx established xxx xxxxxxxxx on xxx xxxxx of the XXXX Xxxxxxxx. Xxx XXX is xxx xxxxxxxx of services xxxxx these Xxxxxxxxxx. Xxxx xxx xxxxxxxxx xx xxx XXX-xxxxxxxxx XXXx xxx xxx 4XXx shall xx xxxxxxxxxx xxxx xxx xxxxxxxxx xx xxx XXX, for xxxxx xx xxxxx xxxxxx xxxxxxxxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;21 xx xxxx Annex. Xxxxxxxxxxxxx xxxxxxxx xx these Xxxxxxxxxx xxxxx xxx xxxxxx x&xxxx;xxxxxxxxxxx relationship xxxxxxx X2X XXX xxxxxxx xxx xxx XXX-xxxxxxxxx XXXx xx xxx 4XXx xxxx xxx xx xxx xxxxxx xxxx xx xxxx capacity. Xxxxxxxxxxxx, xxxxxxxx or information xxxxx x&xxxx;X2X XXX xxxxxx receives xxxx, xx xxxxx to, xxx XXX xx X2X Xxxxxxxx xx xxxxxxxx to the xxxxxxxx provided xxxxx xxxxx Conditions xxx xxxxxx to xx xxxxxxxx xxxx, xx xxxx xx, xxx XXX.“; |
5. |
X&xxxx;xxxxxx&xxxx;8 xx xxxxxxxx 3 nahrazuje xxxxx: „3.&xxxx;&xxxx;&xxxx;Xxxxx xxx XXX has xxxxxxx a request by x&xxxx;X2X DCA holder xxxxxxxx xx xxxxxxxxx 1, xxxx X2X XXX xxxxxx xx xxxxxx to have xxxxx the participating XXX(x) x&xxxx;xxxxxxx xx xxxxx xxx X2X XXX xxxx xxx xxxxxxx xxxxxxxx xx xxxxxxxxxx xxxxxxxxxxxx xxxxxxxx xx those xxxxxxxxxx xxxxxxxx.“; |
6. |
X&xxxx;xxxxxx&xxxx;28 xx xxxxxxxx 1 nahrazuje tímto: „1. T2S XXX holders xxxxx xx xxxxxx xx xx xxxxx xx, xxxxx xxxxxx with, xxx xxxxx xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx with xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx legislation xx xxxx xxxxxxxxxx. Xxxx xxxxx be xxxxxx to be xxxxx xx, xxx xxxxx xxxxxx xxxx xxx obligations on xxxx xxxxxxxx xx xxxxxxxxxxx on prevention xx money xxxxxxxxxx xxx xxx financing xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx activities xxx xxx development xx xxxxxxx weapons delivery xxxxxxx, in xxxxxxxxxx xx terms xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx or xxxxxxxx xx xxxxx T2S XXXx. Xxxxx xx xxxxxxxx xxxx xxx xxxxxxxxxxx xxxxxxxxxxxx with xxx X2X xxxxxxx xxxxxxx provider, X2X XXX holders xxxxx xxxxxx xxxx they xxx xxxxxxxx about xxx xxxx xxxxxxxxx xxxxxx.“; |
7. |
Xxxxxx&xxxx;30 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;30 Xxxxxxxxxxx xxxxxxxxxxxx xxxx xx XXX 1.&xxxx;&xxxx;&xxxx;X2X DCA xxxxxxx shall xxxxxx:
2.&xxxx;&xxxx;&xxxx;Xxx xxxxx relationship between x&xxxx;X2X DCA holder xxx the XXX xxxxx xx exclusively xxxxxxxx by the xxxxx and xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxx xxxxxxxxx xxxx xx XXX xx xxxxxxxx xx in xxxxxxxxx 1(a). 3. The xxxxxxxx xx xx xxxxxxxx xx xxx NSP xxxxx not xxxx xxxx xx xxx xxxxxxxx xx xx xxxxxxxxx xx the XXX xx xxxxxxx xx XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx ECB xxxxx not be xxxxxx xxx xxx xxxx, xxxxxx xx xxxxxxxxx of xxx XXX (xxxxxxxxx xxx xxxxxxxxx, xxxxx xxx xxxxxxxxxxxxxx), xx for xxx xxxx, xxxxxx xx omissions of xxxxx xxxxxxx xxxxxxxx xx xxxxxxxxxxxx to xxxx xxxxxx xx xxx XXX’x network.“; |
8. |
Vkládá xx xxxx xxxxxx&xxxx;34x, xxxxx xxx: „Xxxxxxx&xxxx;34x Xxxxxxxxxxxx provisions Once xxx XXXXXX xxxxxx xx operational xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, T2S XXX xxxxxxx xxxxx become X2X XXX holders xx xxx XXXXXX xxxxxx.“; |
9. |
Xxxxxx na xxxxx „X2X network service xxxxxxxx“ (x&xxxx;xxxxxxxxx nebo xxxxxxx čísle) x&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 písm. a) xxxx i), xx.&xxxx;9 xxxx.&xxxx;5, xx.&xxxx;10 odst. 6, xx.&xxxx;14 odst. 1 xxxx. x), čl. 22 xxxx.&xxxx;1, xx.&xxxx;22 xxxx.&xxxx;2, xx.&xxxx;22 xxxx.&xxxx;3, xx.&xxxx;27 xxxx.&xxxx;5, xx.&xxxx;28 odst. 1, xx.&xxxx;29 xxxx.&xxxx;1 xxxxxxx XX x&xxxx;x&xxxx;xxxxxxxx 1 dodatku X&xxxx;xx xxxxxxxxx xxxxxxx „XXX“; |
10. |
X&xxxx;xxxxxxx X&xxxx;xx x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx x) xxxxx:
|
XXXXXXX XXX
Xxxxxxx XXX xxxxxxxxxx ECB/2007/7 xx xxxx takto:
1. |
Odkazy xx xxxxx „XXXX network xxxxxxx provider“ (x&xxxx;xxxxxxxxx xxxx množném xxxxx) x&xxxx;xxxx xxxxxxx se xxxxxxxxx xxxxxxx „XXX“; |
2. |
Xxxxxx&xxxx;1 xx xxxx takto:
|
3. |
X&xxxx;xx.&xxxx;3 xxxx.&xxxx;1 se xxxxxxx xxxxx xx „Appendix X: XXXX xxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxx“; |
4. |
Xxxxxx&xxxx;4 se xxxx xxxxx:
|
5. |
X&xxxx;xx.&xxxx;6 odst. 1 xxxx. x) se bod x) xxxxxxxxx xxxxx:
|
6. |
Xxxxxx&xxxx;9 xx nahrazuje xxxxx: „Xxxxxxx&xxxx;9 Xxxxxxxxxxx xxxxxxxxxxxx with xx NSP 1. Participants xxxxx xxxxxx:
2.&xxxx;&xxxx;&xxxx;Xxx xxxxx xxxxxxxxxxxx xxxxxxx a participant xxx the XXX xxxxx xx exclusively xxxxxxxx xx xxx xxxxx and xxxxxxxxxx xx xxxxx xxxxxxxx xxxxxxxx xx xxxxxxxx xx xx xxxxxxxxx 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx services to xx xxxxxxxx by xxx XXX shall xxx xxxx xxxx xx xxx services xx xx xxxxxxxxx xx xxx ECB xx xxxxxxx xx XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx ECB shall xxx xx liable xxx xxx acts, xxxxxx xx xxxxxxxxx xx the XXX (xxxxxxxxx xxx directors, xxxxx and xxxxxxxxxxxxxx), xx for xxx xxxx, xxxxxx xx xxxxxxxxx xx xxxxx xxxxxxx xxxxxxxx xx xxxxxxxxxxxx xx xxxx xxxxxx to the XXX’x xxxxxxx.“; |
7. |
Xxxxxx&xxxx;10 xx xxxxxxx; |
8. |
Xxxxxx xx nový xxxxxx&xxxx;11x, xxxxx xxx: „Xxxxxxx&xxxx;11x XXX xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxx xxxxxxx MPL xxxxxxxxxx xxxxxxxx the xxxxx – IBAN xxxxxxx xxxxx xxx xxx purposes of xxx XXX xxxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxxx xxxxx xxx be xxxxxx xx xxxx xxx IBAN. Xx XXXX xxx xx xxxxxx to one xx xxxxxxxx xxxxxxx. 3.&xxxx;&xxxx;&xxxx;Xxxxxxx&xxxx;29 xxxxx apply xx xxx xxxx xxxxxxxxx xx xxx XXX xxxxxxxxxx.“; |
9. |
X&xxxx;xxxxxx&xxxx;12 se xxxxxxx xxxxxxxx 9; |
10. |
Xxxxxx&xxxx;16 xx xxxxxxxxx tímto: „Article 16 Types of xxxxxxx xxxxxx xx XXXX XXX Xxx following xxx xxxxxxxxxx xx xxxxxxx orders for xxx xxxxxxxx xx xxx XXXX xxxxxxx:
|
11. |
V článku 18 xx xxxxxxxx 6 nahrazuje xxxxx: „6.&xxxx;&xxxx;&xxxx;Xxxxx a TIPS XXX xx XX liquidity xxxxxxxx xxxxx, a TIPS XXX xx TIPS XX xxxxxxxxx account xxxxxxxxx xxxxxxxx order xx x&xxxx;XXXX XX xxxxxxxxx account xx XXXX XXX xxxxxxxxx xxxxxxxx order xxx xxxx accepted as xxxxxxxx xx in Xxxxxxx&xxxx;17, xxx XXXXXX2-XXX xxxxx xxxxx whether xxxxxxxxxx funds xxx xxxxxxxxx xx xxx xxxxx'x xxxxxxx. If xxxxxxxxxx xxxxx are xxx xxxxxxxxx the xxxxxxxxx xxxxxxxx order xxxxx xx rejected. Xx sufficient xxxxx xxx xxxxxxxxx xxx xxxxxxxxx xxxxxxxx xxxxx xxxxx be xxxxxxx xxxxxxxxxxx.“; |
12. |
X&xxxx;xx.&xxxx;20 odst. 1 se xxxxxxx b) xxxxxxxxx xxxxx:
|
13. |
X&xxxx;xxxxxx&xxxx;30 xx xxxxxxxx 1 xxxxxxxxx tímto: „1. TIPS XXX xxxxxxx shall xx deemed xx xx xxxxx of, xxxxx comply xxxx xxx shall xx xxxx to xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx xxxxxxxx competent xxxxxxxxxxx xxxx all xxxxxxxxxxx xx them xxxxxxxx xx legislation xx xxxx protection. Xxxx shall xx xxxxxx to xx xxxxx xx, xxx xxxxx xxxxxx with xxx xxxxxxxxxxx xx xxxx relating xx xxxxxxxxxxx on xxxxxxxxxx xx xxxxx laundering xxx the xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx xxx xxxxxxxxxxx of xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, in xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx appropriate xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx XXXX XXXx. XXXX XXX xxxxxxx xxxxxx that xxxx are xxxxxxxx xxxxx xxxxx xxxxxx XXX'x xxxx xxxxxxxxx xxxxxx xxxxx xx xxxxxxxx xxxx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx xxxx XXX.“; |
14. |
Xxxxxx se xxxx xxxxxx&xxxx;35x, xxxxx zní: „Article 35a Transitional xxxxxxxxx Xxxx xxx TARGET xxxxxx is operational xxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, XXXX XXX holders xxxxx xxxxxx TIPS XXX holders xx xxx TARGET xxxxxx.“; |
15. |
X&xxxx;xxxxxxx X&xxxx;xx tabulka x&xxxx;xxxxxxxx 2 xxxxxxxxx tímto:
|
16. |
X&xxxx;xxxxxxx X&xxxx;xx v odst. 6 xxxxxxx. 1 nahrazuje xxxxxxx b) tímto:
|
17. |
X&xxxx;xxxxxxx XX xx xxxxxxx xxxxxxxx 2; |
18. |
Xxxxxxx V se xxxxxxx. |