Animace načítání

Stránka se připravuje...


Na co čekáte? Nečekejte už ani minutu.
Získejte přístup na tento text ještě dnes. Kontaktujte nás a my Vám obratem uděláme nabídku pro Vás přímo na míru.

XXXXXXXXXX EVROPSKÉ XXXXXXXXX XXXXX (XX) 2021/1758

xx xxx 21. září 2021,

xxxxxx xx mění xxxxxxxxxx XXX/2007/7 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (XXX/2021/43)

XXXXXXX RADA EVROPSKÉ XXXXXXXXX XXXXX,

x&xxxx;xxxxxxx xx Xxxxxxx o fungování Evropské xxxx, x&xxxx;xxxxxxx xx xxxxx a čtvrtou odrážku xx.&xxxx;127 odst. 2 xxxx xxxxxxx,

x&xxxx;xxxxxxx xx xxxxxx Xxxxxxxxxx xxxxxxx xxxxxxxxxxx xxxx x&xxxx;Xxxxxxxx xxxxxxxxx xxxxx, a zejména xx xxxxxx&xxxx;11.6 x&xxxx;xxxxxx 17, 22 x&xxxx;23 tohoto xxxxxxx,

xxxxxxxx k těmto důvodům:

(1)

Rada xxxxxxxxx xxxxxxx&xxxx;(1) xxx 20.&xxxx;xxxxxxxx 2021 obecné xxxxxx Evropské centrální xxxxx XXX/2012/27&xxxx;(2) s cílem: x) xxxxxxxx, xx xxxxxxxx TIPS XXX xxxxx x&xxxx;XXXXXX2 xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxxxxx xxxxxxx xxxxx infrastruktury Xxxxxxxxxxx (Xxxxxxxxxx Xxxxxx Market Xxxxxxxxxxxxxx Gateway) xx xxxxxxxxx 2021 a majitelé X2X DCA xxxxx x&xxxx;XXXXXX2 xxxxxxxxxxxxxxx tohoto xxxxxxx připojeni xx xxxxxx 2022; x) xxxxxxxx x&xxxx;xxxxxxxx xxxxxxxx xxxxxxxx se dodržování xxxxxxxxx xx xxxxxxxxxx xxxxxxxxx xxxx TARGET2, xxx xx zajistilo, xx se xxxxxx XXXXXX2 bude xxxx xxxxxxx tak, aby xxx schopen xxxxx xxxxxxx x&xxxx;xxxxxxx kybernetické xxxxxxxxxxx; x) xxxxxx xxxxxxxxx, xxx xxxxxxxx xxxx PM, jejich xxxxxxx xxxxxxxxx x&xxxx;xxxxxxxxxxxxx xxxxxxxx xxxx XXX, xxxxx xxxxxxxxxxx x&xxxx;xxxxxxxxxxx xxxxxxx SCT Inst xxxxxxxx dohody o dodržování xxxxxxx xxx okamžité xxxxxxxxxxxxx xxxxxxx SEPA, xxxx x&xxxx;xxxxxxx trvale xxxxxxxxxxx xx xxxxxxxxx XXXX xxxxxxxxxxxxxxx TIPS XXX, xxx xxx xx xxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxx v celé Xxxx; d) zavést xxxxxxxxxxxxxxx, xxxxx xxx x&xxxx;xxxxxxx převodu zůstatků x&xxxx;xxxx účastníků v TARGET2 xx odpovídající xxxxxxxxxxx xxxx x&xxxx;xxxxxxxx systému XXXXXX, aby xxxx xxxxxxxxx xxxxxx xxxxxxx, x&xxxx;x) vyjasnit a aktualizovat xxxxxxx další xxxxxxx xxxxxxxx zásad XXX/2012/27.

(2)

Xxxxxxx xxxx zprovozněn projekt xxxxxxxxxxx T2-T2S, bude x&xxxx;xxxxx xxxxxx xxxxxxx xxxxxx nezbytné xxxxxxxx xxxxxxxxxxxxxxx, xxxxx xxx x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx účastníků x&xxxx;XXXXXX2-XXX xx xxxxxxxxxxxx xxxxxxxxxxx xxxx.

(3)

Xxxxx xxxxxxxx xxxxx XXX/2012/27, které xxxx xxxx na xxxxxxxx XXXXXX2-XXX, xx třeba xxxxxxxxx x&xxxx;xxxxxxxxxx Xxxxxxxx xxxxxxxxx xxxxx ECB/2007/7 (3).

(4)

Rozhodnutí XXX/2007/7 xx xxxxx xxxxx odpovídajícím způsobem xxxxxx,

XXXXXXX TOTO XXXXXXXXXX:

Xxxxxx&xxxx;1

Xxxxx

Xxxxxxx X, II x&xxxx;XXX rozhodnutí XXX/2007/7 xx xxxx x&xxxx;xxxxxxx x&xxxx;xxxxxxxxx tohoto xxxxxxxxxx.

Článek 2

Závěrečná xxxxxxxxxx

Xxxx xxxxxxxxxx xxxxxxxx x&xxxx;xxxxxxxx xxxxx xxxx xx xxxxxxxxxx x&xxxx;Xxxxxxx věstníku Evropské xxxx.

Xxxxxxx se ode xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx xxxx.&xxxx;1 písm. x) x&xxxx;xxxxxxxx 7 x&xxxx;9 přílohy XX xxxxxx xxxxxxxxxx, které xx xxxxxxx xxx xxx 13.&xxxx;xxxxxx 2022.

Xx Xxxxxxxxxx nad Xxxxxxx xxx 21. září 2021.

Xxxxxxxxxxx XXX

Xxxxxxxxx LAGARDE


(1)  Obecné xxxxxx Evropské centrální xxxxx (XX) 2021/1759 xx xxx 20.&xxxx;xxxxxxxx 2021, kterými se xxxx xxxxxx xxxxxx XXX/2012/27 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx zúčtování xxxxxx v reálném xxxx (XXXXXX2) (XXX/2021/30) [(xxx xxxxxx 45 v tomto xxxxx Xxxxxxxx věstníku).

(2)  Obecné xxxxxx Xxxxxxxx centrální xxxxx XXX/2012/27 xx xxx 5. prosince 2012 x&xxxx;xxxxxxxxxxxxxx expresním automatizovaném xxxxxxx xxxxxxxxx xxxxxx x&xxxx;xxxxxxx čase (XXXXXX2) (Xx. xxxx. X&xxxx;30, 30.1.2013, x. 1).

(3)  Rozhodnutí Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7 xx xxx 24.&xxxx;xxxxxxxx 2007 o podmínkách XXXXXX2-XXX (Xx. xxxx. X&xxxx;237, 8.9.2007, s. 71).


XXXXXXX I

Příloha X&xxxx;xxxxxxxxxx XXX/2007/7 xx xxxx xxxxx:

1.

Xxxxxx&xxxx;1 xx xxxx xxxxx:

x)

xxxxxxxx pojmu „xxxxxxx xxxxxxx xxxxx“ xx xxxxxxxxx xxxxx:

„—

“xxxxxxx payment xxxxx” means, xx xxxx xxxx the Xxxxxxxx Xxxxxxxx Xxxxxxx'x XXXX Instant Credit Xxxxxxxx (XXX Inst) xxxxxx, x&xxxx;xxxxxxx xxxxxxxxxxx xxxxx can xx xxxxxxxx 24 hours x&xxxx;xxx any xxxxxxxx xxx xx xxx xxxx, with xxxxxxxxx xx close xx xxxxxxxxx xxxxxxxxxx and xxxxxxxxxxxx xx xxx xxxxx and includes (x) xxx XXXX XXX xx TIPS XXX xxxxxxx xxxxxxx xxxxxx, (b) TIPS XXX xx TIPS XX technical xxxxxxx xxxxxxx xxxxxxx xxxxxx, (x) XXXX XX xxxxxxxxx account xx XXXX XXX instant xxxxxxx orders xxx (x) XXXX XX xxxxxxxxx account to XXXX XX technical xxxxxxx instant xxxxxxx xxxxxx,“;

x)

xxxxxxxx se xxxx xxxxxxxx, xxxxx xxxxx:

„—

“Xxxxxxxx Xxxxxxxx Xxxxxxx'x SEPA Xxxxxxx Xxxxxx Transfer (XXX Xxxx) xxxxxx” xx “XXX Xxxx xxxxxx” xxxxx xx xxxxxxxxx, open xxxxxxxxx xxxxxx xxxxxxxxx x&xxxx;xxx xx xxxxxxxxx xxxxx xx be xxxxxxxx xxxx xx SCT Xxxx xxxxxxxxxxxx, allowing xxxxxxx xxxxxxxx xxxxxxxxx xx SEPA xx xxxxx an automated, XXXX-xxxx euro xxxxxxx xxxxxx xxxxxxxx product,

“TIPS xxxxxxxxx xxxxxx xxxxxxxxx xxxxxxx (XXXX XX xxxxxxxxx account)” xxxxx xx xxxxxxx held xx an xxxxxxxxx xxxxxx or x&xxxx;XX xx xx xxxxxxxxx xxxxxx'x xxxxxx xx xxx XX’x TARGET2 xxxxxxxxx xxxxxx xxx xxx by xxx xxxxxxxxx xxxxxx xxx xxx xxxxxxx xx xxxxxxxx xxxxxxx xxxxxxxx xx xxx xxx xxxxx,

“XXXX DCA xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxx” means the xxxxxxxxxxx xx xxxxxxxx x&xxxx;xxxxxxxxx amount xx xxxxx xxxx x&xxxx;XXXX XXX xx x&xxxx;XXXX XX xxxxxxxxx account xx xxxx the XXXX XXX xxxxxx’x xxxxxxxx (xx the xxxxxxxx of xxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxx xxxxxx) xx xxx xxxxx xx xxx ancillary system,

“TIPS XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx transfer order” xxxxx xxx xxxxxxxxxxx xx xxxxxxxx a specified xxxxxx xx funds xxxx a TIPS XX xxxxxxxxx xxxxxxx xx x&xxxx;XXXX DCA xx xxxxxx xxx XXXX XXX xxxxxx’x position (xx the xxxxxxxx xx xxxxxxx participant xx xxx xxxxxxxxx xxxxxx) xx the xxxxx of the xxxxxxxxx xxxxxx,

“xxxxxxxxx xxxxx” xxxxx xx entity xxxxx: (a) holds x&xxxx;XXX; (x) xx xxxxxxxxxx xx a reachable xxxxx xx a TIPS XXX xxxxxx xx xx an xxxxxxxxx xxxxxx; (c) is x&xxxx;xxxxxxxxxxxxx, xxxxxxxx xx xxxxxx xx x&xxxx;XXXX XXX xxxxxx xx x&xxxx;xxxxxxxxxxx of xx xxxxxxxxx xxxxxx, or x&xxxx;xxxxxxxxxxxxx, xxxxxxxx, xx xxxxxx xx a participant xx xx xxxxxxxxx xxxxxx; xxx (x) xx addressable through xxx XXXX Xxxxxxxx xxx xx xxxx xx xxxxxx instant xxxxxxx orders and xxxxxxx xxxxxxx xxxxxxx xxxxxx xxxxxx xxx xxx XXXX XXX xxxxxx xx the xxxxxxxxx system xx, xx so xxxxxxxxxx xx xxx XXXX XXX xxxxxx or xx xxx xxxxxxxxx xxxxxx, xxxxxxxx.“;

x)

xxxxxxxx xxxxx „XXXX xxxxxxx xxxxxxx xxxxxxxx“ xx xxxxxxx;

2.

X&xxxx;xxxxxx&xxxx;2 xxxxxx xxxxxxxx se xxxxxxxx xxxx xxxx, xxxxx zní:

„Appendix XXX:

Xxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxxxxx xxxxxxxxxx“;

3.

Xxxxxx&xxxx;3 xx xxxx xxxxx:

x)

x&xxxx;xxxxxxxx 2 xx xxxxxxx xx) xxxxxxxxx xxxxx:

„(xx)

XXXX XXX xx XX liquidity xxxxxxxx xxxxxx xxx XX to TIPS XXX xxxxxxxxx xxxxxxxx xxxxxx;“;

x)

x&xxxx;xxxxxxxx 2 se xxxxxx xxxx xxxxxxx xx), xxxxx xxx:

„(xx)

XXXX XXX xx XXXX XX xxxxxxxxx account xxxxxxxxx transfer orders xxx XXXX AS xxxxxxxxx account xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxxx; xxx“;

x)

xxxxxxxx 3 se xxxxxxxxx xxxxx:

„3.&xxxx;&xxxx;&xxxx;XXXXXX2 xxxxxxxx real-time xxxxx settlement xxx xxxxxxxx xx xxxx, xxxx settlement xx xxxxxxx xxxx xxxxx xxxxxx XX accounts, X2X XXXx and XXXX XXXx. XXXXXX2 xx xxxxxxxxxxx xxx xxxxxxxxx on xxx xxxxx of xxx XXX xxxxxxx which xxxxxxx xxxxxx xxx xxxxxxxxx xxx processed xxx xxxxxxx xxxxx xxxxxxxx are xxxxxxxxxx xxxxxxxx xx the xxxx xxxxxxxxx xxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx X2X XXXx is xxxxxxxxx, XXXXXX2 xx technically xxxxxxxxxxx xxx xxxxxxxxx xx xxx basis xx xxx X2X Xxxxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx XXXX XXXx and XXXX XX xxxxxxxxx xxxxxxxx xx concerned, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx and xxxxxxxxx xx xxx basis xx the XXXX Xxxxxxxx.“;

4.

Xxxxxx&xxxx;5 xx xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;5

Xxxxxx xxxxxxxxxxxx

XX xxxxxxx xxxxxxx xx XXXXXX2-XXX xxx xxxxxx participants xxx xxxxx comply xxxx the xxxxxxxxxxxx xxx xxx xx Xxxxxxx&xxxx;8(1) xxx&xxxx;(2). Xxxx xxxxx have xx xxxxx xxx XX xxxxxxx with xxx XXX. PM account xxxxxxx xxxx xxxx xxxxxxx to the XXX Xxxx xxxxxx xx signing xxx XXXX Xxxxxxx Xxxxxx Xxxxxxxx Xxxxxxxxx Xxxxxxxxx xxxxx xx xxx xxxxx xxxxxx xxxxxxxxx xx xxx XXXX Xxxxxxxx xx all xxxxx, xxxxxx xx x&xxxx;XXXX XXX holder xx as x&xxxx;xxxxxxxxx xxxxx xxx x&xxxx;XXXX XXX holder.“;

5.

Článek 22 xx xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;22

Xxxxxxxx Requirements xxx Xxxxxxx Procedures

1.   Participants xxxxx xxxxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx xx xxxxxxx their systems xxxx xxxxxxxxxxxx xxxxxx xxx use. Participants xxxxx be xxxxxxxxxxx xxxxxxxxxxx xxx xxx xxxxxxxx xxxxxxxxxx of xxx xxxxxxxxxxxxxxx, xxxxxxxxx xxx xxxxxxxxxxxx xx xxxxx xxxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx the XXX xx any xxxxxxxx-xxxxxxx xxxxxxxxx xx xxxxx xxxxxxxxx xxxxxxxxxxxxxx xxx, xxxxx xxxxxxxxxxx, xxxxxxxx-xxxxxxx xxxxxxxxx xxxx xxxxx xx the technical xxxxxxxxxxxxxx xx xxx xxxxx party xxxxxxxxx. Xxx XXX xxx xxxxxxx xxxxxxx information xxxxx xxx incident xxx, if xxxxxxxxx, xxxxxxx that the xxxxxxxxxxx take xxxxxxxxxxx xxxxxxxx xx prevent x&xxxx;xxxxxxxxxx of xxxx xx xxxxx.

3.&xxxx;&xxxx;&xxxx;Xxx ECB xxx impose additional xxxxxxxx requirements, xx xxxxxxxxxx with xxxxxx xx cybersecurity xx xxx prevention xx xxxxx, xx xxx xxxxxxxxxxxx and/or xx xxxxxxxxxxxx that xxx xxxxxxxxxx critical xx xxx ECB.

4.   Participants xxxxx xxxxxxx xxx XXX xxxx: (i) permanent xxxxxx xx their xxxxxxxxxxx of adherence xx xxxxx xxxxxx xxxxxxx xxxxxxx xxxxxxxx’x xxxxxxxx xxxxxxxx xxxxxxxxxxxx, xxx (ii) xx xx xxxxxx xxxxx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxx as xxxxxxxxx xx the XXX’x xxxxxxx in English.

4a.   The XXX shall assess xxx xxxxxxxxxxx’x xxxx-xxxxxxxxxxxxx xxxxxxxxx(x) xx the xxxxxxxxxxxx level of xxxxxxxxxx xxxx xxxx xx xxx requirements xxx out xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxxx. Xxxxx requirements xxx xxxxxx in Xxxxxxxx XXX, xxxxx xx addition xx xxx xxxxx Appendices xxxxxx xx Article 2(1), xxxxx xxxx xx xxxxxxxx part of xxxxx Xxxxxxxxxx.

4x.&xxxx;&xxxx;&xxxx;Xxx participant’s xxxxx xx xxxxxxxxxx xxxx the xxxxxxxxxxxx xx the XXXXXX2 xxxx-xxxxxxxxxxxxx shall be xxxxxxxxxxx as xxxxxxx, xx increasing xxxxx xx xxxxxxxx: ‘xxxx xxxxxxxxxx’; ‘minor xxx-xxxxxxxxxx’; xx ‘xxxxx xxx-xxxxxxxxxx’. Xxx xxxxxxxxx xxxxxxxx xxxxx: xxxx compliance xx xxxxxxx xxxxx xxxxxxxxxxxx xxxxxxx 100% xx xxx xxxxxxxxxxxx; xxxxx non-compliance is xxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxx xxxx than 100% xxx xx xxxxx 66% xx xxx xxxxxxxxxxxx and xxxxx xxx-xxxxxxxxxx where x&xxxx;xxxxxxxxxxx xxxxxxxxx xxxx xxxx 66% xx xxx xxxxxxxxxxxx. Xx a participant xxxxxxxxxxxx that a specific xxxxxxxxxxx is xxx xxxxxxxxxx to xx, xx xxxxx xx xxxxxxxxxx as xxxxxxxxx xxxx the xxxxxxxxxx xxxxxxxxxxx for xxx xxxxxxxx xx xxx xxxxxxxxxxxxxx. X&xxxx;xxxxxxxxxxx xxxxx xxxxx xx xxxxx ‘xxxx compliance’ xxxxx xxxxxx xx xxxxxx xxxx xxxxxxxxxxxxx how xx intends to xxxxx xxxx compliance. Xxx XXX shall xxxxxx the xxxxxxxx xxxxxxxxxxx xxxxxxxxxxx of xxx status xx xxxx xxxxxxxxxxx’x xxxxxxxxxx.

4x.&xxxx;&xxxx;&xxxx;Xx xxx xxxxxxxxxxx xxxxxxx xx grant xxxxxxxxx xxxxxx xx its xxxxxxxxxxx of adherence xx xxxxx chosen XXXx endpoint xxxxxxxx xxxxxxxxxxxx xx xxxx xxx xxxxxxx the XXXXXX2 xxxx-xxxxxxxxxxxxx xxx xxxxxxxxxxx’x xxxxx of xxxxxxxxxx xxxxx xx xxxxxxxxxxx as ‘xxxxx xxx-xxxxxxxxxx’.

4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxxxx xxxxxxxxxx xx xxxxxxxxxxxx on xx xxxxxx basis.

4e.   The XXX xxx xxxxxx xxx xxxxxxxxx measures xx xxxxxxx on participants xxxxx xxxxx of xxxxxxxxxx xxx xxxxxxxx xx xxxxx xx xxxxx non-compliance, xx xxxxxxxxxx xxxxx of xxxxxxxx:

(x)

xxxxxxxx xxxxxxxxxx: xxx xxxxxxxxxxx xxxxx xxxxxxx xxx ECB with x&xxxx;xxxxxxx xxxxxx, signed xx a senior xxxxxxxxx, xx their progress xx xxxxxxxxxx the xxx-xxxxxxxxxx. Xxx xxxxxxxxxxx xxxxx additionally incur x&xxxx;xxxxxxx xxxxxxx charge xxx each xxxxxxxx xxxxxxx xxxxx xx xxx monthly xxx xx xxx xxx xx xxxxxxxxx 1 xx Xxxxxxxx XX xxxxxxxxx xxx xxxxxxxxxxx xxxx. This measure xx xxxxxxx may xx xxxxxxx in xxx xxxxx the xxxxxxxxxxx xxxxxxxx x&xxxx;xxxxxx xxxxxxxxxxx xxxxxxxxxx xx xxxxx xxx-xxxxxxxxxx xx xx xxxxxxxxxx of xxxxx xxx-xxxxxxxxxx;

(xx)

xxxxxxxxxx: xxxxxxxxxxxxx xx XXXXXX2-XXX may xx xxxxxxxxx in xxx xxxxxxxxxxxxx xxxxxxxxx xx Article 28(2)(b) xxx (x) xx this Xxxxx. Xx xxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;28 xx xxxx Xxxxx, xxx participant xxxxx xx xxxxx xxxxx months’ xxxxxx xx such xxxxxxxxxx. Xxx participant xxxxx xxxxx x&xxxx;xxxxxxx xxxxxxx xxxxxx for xxxx xxxxxxxxx xxxxxxx of xxxxxx its xxxxxxx xxx as xxx xxx in xxxxxxxxx 1 xx Appendix XX, xxxxxxxxx the xxxxxxxxxxx xxxx. This xxxxxxx of redress xxx xx xxxxxxx xx xxx xxxxx xxx xxxxxxxxxxx xxxxxxxx x&xxxx;xxxxxx xxxxxxxxxxx xxxxxxxxxx xx xxxxx xxx-xxxxxxxxxx;

(xxx)

xxxxxxxxxxx: xxxxxxxxxxxxx xx TARGET2-ECB xxx xx xxxxxxxxxx xx the circumstances xxxxxxxxx xx Xxxxxxx&xxxx;28(2)(x) xxx (c) of xxxx Xxxxx. Xx xxx xx derogation xxxx Xxxxxxx&xxxx;28 xx xxxx Xxxxx, the xxxxxxxxxxx xxxxx be xxxxx three xxxxxx’ xxxxxx of xxxx xxxxxxxxxxx. The xxxxxxxxxxx xxxxx incur an xxxxxxxxxx penalty xxxxxx xx XXX 1000 xxx xxxx xxxxxxxxxx xxxxxxx. Xxxx xxxxxxx xx xxxxxxx may xx xxxxxxx if xxx xxxxxxxxxxx xxx xxx xxxxxxxxx xxx xxxxx non-compliance xx xxx satisfaction xx xxx XXX xxxxxxxxx xxxxx xxxxxx of xxxxxxxxxx.“;

6.

X&xxxx;xxxxxx&xxxx;33 xx xxxxxxxx 1 xxxxxxxxx tímto:

„1.   Participants xxxxx xx deemed xx xx xxxxx xx, xxxxx xxxxxx xxxx, xxx shall xx able xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx relevant xxxxxxxxx xxxxxxxxxxx xxxx xxx xxxxxxxxxxx on xxxx relating xx xxxxxxxxxxx on data xxxxxxxxxx. They shall xx xxxxxx xx xx aware of, xxx shall comply xxxx all obligations xx xxxx relating xx legislation xx xxxxxxxxxx xx xxxxx xxxxxxxxxx xxx xxx xxxxxxxxx xx terrorism, xxxxxxxxxxxxx-xxxxxxxxx nuclear xxxxxxxxxx xxx xxx xxxxxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx systems, in xxxxxxxxxx xx xxxxx xx implementing appropriate xxxxxxxx concerning any xxxxxxxx debited xx xxxxxxxx on xxxxx XX xxxxxxxx. Participants xxxxx xxxxxx xxxx xxxx xxx informed xxxxx xxx TARGET2 xxxxxxx service xxxxxxxx’x xxxx retrieval xxxxxx xxxxx xx xxxxxxxx xxxx the xxxxxxxxxxx xxxxxxxxxxxx xxxx the XXXXXX2 xxxxxxx service xxxxxxxx.“;

7.

Xxxxxx xx nový xxxxxx&xxxx;39x, xxxxx xxx:

„Xxxxxxx&xxxx;39x

Xxxxxxxxxxxx xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxxx the XXXXXX xxxxxx xx operational xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, XX xxxxxxx balances xxxxx xx transferred xx xxx account xxxxxx’x xxxxxxxxxxxxx xxxxxxxxx accounts xx xxx TARGET xxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxx requirement xxxx XX xxxxxxx holders, xxxxxxxx Participants xxx xxxxxxxxxxx XXX xxxxxxx xxxxxxxx to the XXX Xxxx xxxxxx xx xxxxxxxxx xx xxx XXXX Xxxxxxxx xxxxxxxx xx Article 5 xxxxx xxxxx as xx 25 February 2022.“;

8.

X&xxxx;xxxxxxx X&xxxx;xx v odst. 8 xxxxxxx. 4 nahrazuje xxxxxxx x) xxxxx:

„(x)

Xxxx-xx-xxxxxxxxxxx xxxx (X2X)

X2X xxxxxxx xxxxxx xxxxxxxxxxxxx xxxxxxx x&xxxx;xxxxxxxxxxx and the XXX. Xxx xxxxxxxxxxx xx xxxxxxxxx xx x&xxxx;xxxxxxx running xx x&xxxx;XX xxxxxx (XXXXX Xxxxxxxx XxxXxxxxxx xx xxxxxxx xxxxxxxxx, as xxx xx xxxxxxxx xx XXXXX). Xxx X2X xxxxxx xxx XX xxxxxxxxxxxxxx xxx xx be able xx xxxxxxx xxxxxxx. Xxxxxxx xxxxxxx are xxxxxxxxx xx xxx XXX User Handbook.“;

9.

V dodatku XX xx x&xxxx;xxxxxxxx 6 xxxxxxxxx xxxxxxx x) tímto:

„(g)

for contingency xxxxxxxxxx xx xxxxxxx xxxxxx, participants shall xxxxxxx eligible xxxxxx xx xxxxxxxxxx. Xxxxxx xxxxxxxxxxx xxxxxxxxxx, xxxxxxxx xxxxxxxxxxx xxxxxxxx xxx xx xxxx to xxxx xxxxxxxx xxxxxxxxxxx xxxxxxxx. Xxx xxx xxxxxxxx of contingency xxxxxxxxxx, xxxxxxxxxxxx’ xxxxxxxxx xxxxxxxxx may xxx xx taken xxxx xxxxxxx xx xxx XXX.“;

10.

Xxxxxxxx xx xxxx xxxxxxx XXX, xxxxx xxx:

„Xxxxxxxx XXX

Xxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxx security xxxxxxxxxx xxx xxxxxxxx xxxxxxxxxx xxxxxxxxxx

Xxxxxxxxxxx security xxxxxxxxxx

Xxxxx xxxxxxxxxxxx xxx applicable xx each participant, xxxxxx xxx xxxxxxxxxxx xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx is not xxxxxxxxxx xx it. Xx xxxxxxxxxxxx xxx xxxxx of xxxxxxxxxxx xx xxx requirements xxxxxx xxx xxxxxxxxxxxxxx, xxx xxxxxxxxxxx should xxxxxxxx the elements xxxx xxx xxxx xx the Payment Xxxxxxxxxxx Chain (PTC). Xxxxxxxxxxxx, xxx XXX xxxxxx xx x&xxxx;Xxxxx xx Xxxxx (XxX), x.x. a system involved xx xxx xxxxxxxx xx transactions (x.x. xxxxxxxxxxxx, front-office and xxxx-xxxxxx applications, middleware), xxx xxxx at xxx xxxxxx xxxxxxxxxxx xx xxxx xxx xxxxxxx to XXXXX (x.x. XXXXX VPN Xxx) xx Xxxxxxxx (xxxx xxx xxxxxx xxxxxxxxxx xx Internet-based Xxxxxx).

Xxxxxxxxxxx 1.1: Information xxxxxxxx xxxxxx

Xxx xxxxxxxxxx xxxxx xxx x&xxxx;xxxxx xxxxxx direction in xxxx xxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxx xxxxxxx xxx xxx xxxxxxxxxx xx information xxxxxxxx xxxxxxx xxx xxxxxxxx, approval xxx xxxxxxxxxxx xx xx xxxxxxxxxxx xxxxxxxx policy xxxxxx xx managing xxxxxxxxxxx security xxx xxxxx resilience across xxx xxxxxxxxxxxx in xxxxx xx xxxxxxxxxxxxxx, xxxxxxxxxx and xxxxxxxxx xx information security xxx cyber resilience xxxxx. Xxx policy xxxxxx xxxxxxx at xxxxx xxx following xxxxxxxx: xxxxxxxxxx, scope (xxxxxxxxx domains such xx xxxxxxxxxxxx, xxxxx xxxxxxxxx, xxxxx management xxx.), xxxxxxxxxx xxx xxxxxxxxxx of xxxxxxxxxxxxxxxx.

Xxxxxxxxxxx 1.2: Xxxxxxxx xxxxxxxxxxxx

Xx xxxxxxxxxxx security xxxxxxxxx xxxxx xx established xx xxxxxxxxx the xxxxxxxxxxx xxxxxxxx xxxxxx xxxxxx xxx organisation. Xxx xxxxxxxxxx xxxxx xxxxxxxxxx xxx xxxxxx xxx establishment xx xxx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xx xxxxxx xxx xxxxxxxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxx xxxxxx (xx per Xxxxxxxxxxx 1.1) xxxxxx xxx xxxxxxxxxxxx, xxxxxxxxx xxx xxxxxxxxxx xx xxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxx xx xxxxxxxx xxxxxxxxxxxxxxxx xxx xxxx xxxxxxx.

Xxxxxxxxxxx 1.3: External xxxxxxx

Xxx xxxxxxxx xx xxx xxxxxxxxxxxx’x information xxx xxxxxxxxxxx processing xxxxxxxxxx xxxxxx not xx xxxxxxx xx xxx introduction xx, xxx/xx xxx xxxxxxxxxx xx, an xxxxxxxx xxxxx/xxxxxxx xx xxxxxxxx/xxxxxxxx xxxxxxxx by xxxx. Xxx xxxxxx to xxx organisation’s xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx by xxxxxxxx xxxxxxx xxxxx xx controlled. Xxxx xxxxxxxx xxxxxxx xx xxxxxxxx/xxxxxxxx xx xxxxxxxx xxxxxxx xxx required xx xxxxxx xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx, x&xxxx;xxxx xxxxxxxxxx xxxxx be xxxxxxx xxx xx xxxxxxxxx xxx xxxxxxxx implications xxx control xxxxxxxxxxxx. Xxxxxxxx xxxxx xx xxxxxx xxx xxxxxxx xx xx agreement xxxx xxxx relevant xxxxxxxx party.

Requirement 1.4: Xxxxx management

All information xxxxxx, xxx business xxxxxxxxx and the xxxxxxxxxx information xxxxxxx, xxxx xx operating xxxxxxx, infrastructures, xxxxxxxx xxxxxxxxxxxx, off-the-shelf products, xxxxxxxx and xxxx-xxxxxxxxx xxxxxxxxxxxx, in the xxxxx of the Xxxxxxx Xxxxxxxxxxx Xxxxx xxxxx xx xxxxxxxxx xxx xxx have x&xxxx;xxxxxxxxx xxxxx. The xxxxxxxxxxxxxx for xxx xxxxxxxxxxx and the xxxxxxxxx of xxxxxxxxxxx xxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxx xxx xxxxxxx XX xxxxxxxxxx xx safeguard xxx information assets xxxxx xx xxxxxxxx. Xxxx: the owner xxx xxxxxxxx the xxxxxxxxxxxxxx of specific xxxxxxxx xx appropriate, xxx xxxxxxx xxxxxxxxxxx xxx xxx xxxxxx xxxxxxxxxx of the xxxxxx.

Xxxxxxxxxxx 1.5: Xxxxxxxxxxx xxxxxx classification

Information assets xxxxx be xxxxxxxxxx xx terms xx xxxxx xxxxxxxxxxx to xxx xxxxxx delivery xx xxx xxxxxxx xx xxx participant. Xxx xxxxxxxxxxxxxx xxxxx xxxxxxxx xxx xxxx, xxxxxxxxxx and xxxxxx xx xxxxxxxxxx required xxxx handling the xxxxxxxxxxx asset xx xxx relevant business xxxxxxxxx xxx xxxxx xxxx xxxx xxxx xxxxxxxxxxxxx xxx underlying XX components. Xx xxxxxxxxxxx xxxxx classification xxxxxx approved by xxx xxxxxxxxxx shall xx xxxx xx xxxxxx an xxxxxxxxxxx xxx xx xxxxxxxxxx xxxxxxxx throughout the xxxxxxxxxxx xxxxx xxxxxxxxx (xxxxxxxxx xxxxxxx xxx xxxxxxxxxxx xx information xxxxxx) and xx xxxxxxxxxxx xxx xxxx xxx xxxxxxxx handling xxxxxxxx.

Xxxxxxxxxxx 1.6: Human xxxxxxxxx security

Security responsibilities xxxxx xx xxxxxxxxx xxxxx xx xxxxxxxxxx xx xxxxxxxx xxx xxxxxxxxxxxx xxx xx xxxxx and conditions xx xxxxxxxxxx. All xxxxxxxxxx xxx xxxxxxxxxx, xxxxxxxxxxx and xxxxx xxxxx users xxxxx xx adequately xxxxxxxx, xxxxxxxxxx xxx xxxxxxxxx xxxx. Xxxxxxxxx, contractors xxx xxxxx xxxxx xxxxx xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xxxx xx agreement xx xxxxx xxxxxxxx xxxxx xxx responsibilities. Xx xxxxxxxx level xx xxxxxxxxx shall xx xxxxxxx xxxxx xxx xxxxxxxxx, xxxxxxxxxxx xxx xxxxx party xxxxx, and xxxxxxxxx xxx xxxxxxxx xx xxxxxxxx xxxxxxxxxx xxx xxx correct xxx xx xxxxxxxxxxx processing xxxxxxxxxx xxxxx xx xxxxxxxx xx xxxx xx xxxxxxxx xxxxxxxx xxxxxxxx xxxxx. A formal xxxxxxxxxxxx process xxx xxxxxxxx xxxxxxxx breaches xxxxx xx xxxxxxxxxxx xxx employees. Xxxxxxxxxxxxxxxx xxxxx xx in xxxxx xx xxxxxx xxxx an employee’s, xxxxxxxxxx’x xx third xxxxx xxxx’x xxxx xxxx or transfer xxxxxx xxx xxxxxxxxxxxx xx xxxxxxx, and xxxx the xxxxxx xx xxx xxxxxxxxx xxx the xxxxxxx xx all access xxxxxx xxx xxxxxxxxx.

Xxxxxxxxxxx 1.7: Xxxxxxxx xxx xxxxxxxxxxxxx xxxxxxxx

Xxxxxxxx or xxxxxxxxx xxxxxxxxxxx processing xxxxxxxxxx xxxxx be xxxxxx in secure xxxxx, protected by xxxxxxx xxxxxxxx xxxxxxxxxx, xxxx appropriate xxxxxxxx xxxxxxxx xxx xxxxx xxxxxxxx. They shall xx xxxxxxxxxx xxxxxxxxx xxxx xxxxxxxxxxxx access, xxxxxx and interference. Xxxxxx xxxxx xx xxxxxxx xxxx xx xxxxxxxxxxx xxx xxxx xxxxxx xxx xxxxx xx Requirement 1.6. Xxxxxxxxxx and xxxxxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx xxxxxxxx xxxxx xxxxxxxxxx xxxxxxxxxxx xxxxxx xxxx xx xxxxxxx.

Xxxxxxxxx shall xx xxxxxxxxx xxxx physical xxx xxxxxxxxxxxxx xxxxxxx. Xxxxxxxxxx of xxxxxxxxx (xxxxxxxxx xxxxxxxxx xxxx xxx-xxxx) xxx against xxx xxxxxxx xx xxxxxxxx xx necessary xx xxxxxx the xxxx of xxxxxxxxxxxx xxxxxx xx xxxxxxxxxxx xxx xx xxxxx xxxxxxx xxxx or xxxxxx xx equipment xx xxxxxxxxxxx. Xxxxxxx xxxxxxxx xxx xx xxxxxxxx to protect xxxxxxx xxxxxxxx xxxxxxx xxx xx safeguard xxxxxxxxxx xxxxxxxxxx xxxx xx xxx xxxxxxxxxx xxxxxx xxx xxxxxxx xxxxxxxxxxxxxx.

Xxxxxxxxxxx 1.8: Operations xxxxxxxxxx

Xxxxxxxxxxxxxxxx xxx xxxxxxxxxx xxxxx xx established xxx xxx xxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxx systems xx xxx Payment Xxxxxxxxxxx Xxxxx xxx-xx-xxx.

Xx regards xxxxxxxxx procedures, xxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxx xx XX xxxxxxx, segregation xx xxxxxx xxxxx xx xxxxxxxxxxx, xxxxx xxxxxxxxxxx, xx xxxxxx xxx risk xx xxxxxxxxx xx xxxxxxxxxx xxxxxx xxxxxx. Xxxxx xxxxxxxxxxx xx xxxxxx xxxxxx be xxxxxxxxxxx xxx to documented xxxxxxxxx xxxxxxx, compensatory xxxxxxxx xxxxx xx xxxxxxxxxxx xxxxxxxxx x&xxxx;xxxxxx xxxx analysis. Xxxxxxxx xxxxx be xxxxxxxxxxx xx prevent xxx xxxxxx xxx introduction xx xxxxxxxxx xxxx xxx systems xx xxx Payment Xxxxxxxxxxx Xxxxx. Controls xxxxx xx xxxx xxxxxxxxxxx (xxxxxxxxx user awareness) xx xxxxxxx, xxxxxx xxx remove xxxxxxxxx xxxx. Mobile xxxx xxxxx be xxxx xxxx from xxxxxxx xxxxxxx (x.x. xxxxxx Xxxxxxxxx COM xxxxxxxxxx xxx Xxxx Applets). Xxx configuration xx xxx browser (x.x. xxx use xx xxxxxxxxxx xxx plugins) xxxxx be strictly xxxxxxxxxx.

Xxxx backup xxx xxxxxxxx policies xxxxx xx xxxxxxxxxxx xx xxx xxxxxxxxxx; xxxxx xxxxxxxx xxxxxxxx shall xxxxxxx x&xxxx;xxxx xx xxx xxxxxxxxxxx xxxxxxx xxxxx xx xxxxxx xx regular xxxxxxxxx xx xxxxx xxxxxxxx.

Xxxxxxx xxxx xxx xxxxxxxx xxx xxx xxxxxxxx xx xxxxxxxx shall xx monitored and xxxxxx xxxxxxxx xx xxxxxxxxxxx security xxxxx xx recorded. Operator xxxx xxxxx xx xxxx xx ensure xxxx xxxxxxxxxxx xxxxxx xxxxxxxx xxx xxxxxxxxxx. Xxxxxxxx xxxx xxxxx xx xxxxxxxxx reviewed xx x&xxxx;xxxxxx basis, xxxxx xx xxx xxxxxxxxxxx xx xxx xxxxxxxxxx. System xxxxxxxxxx xxxxx xx xxxx xx xxxxx xxx xxxxxxxxxxxxx xx controls xxxxx xxx xxxxxxxxxx xx critical for xxx xxxxxxxx of xxxxxxxx and xx xxxxxx xxxxxxxxxx xx xx xxxxxx policy xxxxx.

Xxxxxxxxx xx xxxxxxxxxxx xxxxxxx xxxxxxxxxxxxx shall xx xxxxx on x&xxxx;xxxxxx xxxxxxxx xxxxxx, xxxxxxx out xx xxxx xxxx exchange xxxxxxxxxx xxxxx xxx xxxxxxxx xxxxxxx xxx xxxxx xx compliant xxxx xxx relevant xxxxxxxxxxx. Xxxxx xxxxx xxxxxxxx xxxxxxxxxx xxxxxxxx xx xxx xxxxxxxx xx information with XXXXXX2 (xxxx software xxxxxxxx xxxx x&xxxx;Xxxxxxx Xxxxxx in scenario 2 xx xxx xxxxx xxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx) xxxx xx xxxx xxxxx x&xxxx;xxxxxx xxxxxxxxx with xxx third xxxxx.

Xxxxxxxxxxx 1.9: Xxxxxx control

Access xx xxxxxxxxxxx xxxxxx xxxxx xx xxxxxxxxx xx xxx xxxxx xx xxxxxxxx xxxxxxxxxxxx (xxxx-xx-xxxx&xxxx;(1)) and xxxxxxxxx xx the established xxxxxxxxx xx xxxxxxxxx xxxxxxxx (including xxx xxxxxxxxxxx xxxxxxxx xxxxxx). Xxxxx xxxxxx control xxxxx xxxxx xx xxxxxxx xxxxx xx xxx principle of xxxxx xxxxxxxxx&xxxx;(2) xx xxxxxxx xxxxxxx the xxxxx xx the xxxxxxxxxxxxx xxxxxxxx and XX xxxxxxxxx. Where xxxxxxxx (x.x. for xxxxxx management) xxxxxxx xxxxxx xxxxxxx xxxxxx xx consistent with xxxxxxxx access xxxxxxx xxxxxx xxxxx are xxxxxxxx xxxxxxxxxxxx controls xx place (x.x. xxxxxxxxxx, xxxxxxxx xxxx xxxxxxxxxxxxx).

Xxxxxx xxx documented xxxxxxxxxx xxxxx be xx xxxxx xx xxxxxxx xxx xxxxxxxxxx xx access xxxxxx xx xxxxxxxxxxx xxxxxxx xxx services xxxx xxxx xxxxxx xxx xxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxx xxxxxxxxxx xxxxx xxxxx xxx stages xx xxx xxxxxxxxx xx xxxx xxxxxx, xxxx xxx initial xxxxxxxxxxxx xx xxx xxxxx to xxx xxxxx xxxxxxxxxxxxxx of xxxxx xxxx xx xxxxxx xxxxxxx xxxxxx.

Xxxxxxx xxxxxxxxx xxxxx xx xxxxx, where appropriate, xx the xxxxxxxxxx xx access xxxxxx xx such xxxxxxxxxxx xxxx the abuse xx xxxxx access xxxxxx xxxxx lead xx x&xxxx;xxxxxx xxxxxxx xxxxxx xx xxx xxxxxxxxxx xx xxx xxxxxxxxxxx (x.x. xxxxxx xxxxxx allowing xxxxxx xxxxxxxxxxxxxx, xxxxxxxx xx xxxxxx xxxxxxxx, direct xxxxxx to business xxxx).

Xxxxxxxxxxx xxxxxxxx xxxxx xx put xx xxxxx xx xxxxxxxx, xxxxxxxxxxxx xxx authorise xxxxx xx specific xxxxxx xx xxx xxxxxxxxxxxx’x xxxxxxx, x.x. xxx local and xxxxxx access xx xxxxxxx xx the Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx xxxxxxxx xxxxx xxx xx xxxxxx xx xxxxx to xxxxxx accountability.

For xxxxxxxxx, xxxxx shall be xxxxxxxxxxx xxx enforced xx xxxxxxxx xxxxxxxx xx xxxxxx xxxx xxxxxxxxx xxxxxx xx xxxxxx xxxxxxx, e.g. xxxxxxxxxx xxxxx and xxxxxxx-xxxx validity. X&xxxx;xxxx xxxxxxxx xxxxxxxx xxx/xx xxxxx xxxxxxxx shall xx xxxxxxxxxxx.

X&xxxx;xxxxxx shall xx xxxxxxxxx xxx xxxxxxxxxxx xx xxx xxx of cryptographic xxxxxxxx to xxxxxxx xxx xxxxxxxxxxxxxxx, xxxxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx. X&xxxx;xxx management xxxxxx xxxxx xx xxxxxxxxxxx to xxxxxxx xxx use of xxxxxxxxxxxxx controls.

There xxxxx xx xxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx xx screen or xx xxxxx (x.x. x&xxxx;xxxxx xxxxxx, x&xxxx;xxxxx xxxx xxxxxx) xx xxxxxx xxx xxxx xx unauthorised xxxxxx.

Xxxx xxxxxxx xxxxxxxx, xxx xxxxx of working xx xx xxxxxxxxxxx xxxxxxxxxxx xxxxx xx xxxxxxxxxx and xxxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxxxxxx xxxxxxxx xxxxx xx xxxxxxx.

Xxxxxxxxxxx 1.10: Information xxxxxxx xxxxxxxxxxx, development xxx maintenance

Security xxxxxxxxxxxx xxxxx xx identified xxx xxxxxx xxxxx xx xxx development xxx/xx xxxxxxxxxxxxxx xx xxxxxxxxxxx xxxxxxx.

Xxxxxxxxxxx xxxxxxxx xxxxx be xxxxx xxxx xxxxxxxxxxxx, including xxxx-xxxxxxxxx xxxxxxxxxxxx, xx xxxxxx correct xxxxxxxxxx. Xxxxx controls shall xxxxxxx xxx xxxxxxxxxx xx xxxxx data, xxxxxxxx xxxxxxxxxx and xxxxxx xxxx. Xxxxxxxxxx xxxxxxxx xxx xx xxxxxxxx xxx xxxxxxx xxxx xxxxxxx, or xxxx an impact xx, sensitive, xxxxxxxx xx xxxxxxxx xxxxxxxxxxx. Xxxx controls xxxxx xx xxxxxxxxxx on xxx basis xx xxxxxxxx xxxxxxxxxxxx xxx xxxx xxxxxxxxxx xxxxxxxxx xx xxx established xxxxxxxx (x.x. xxxxxxxxxxx xxxxxxxx xxxxxx, xxxxxxxxxxxxx xxxxxxx xxxxxx).

Xxx operational xxxxxxxxxxxx xx xxx xxxxxxx xxxxx xx xxxxxxxxxxx, xxxxxxxxxx and xxxxxx prior to xxxxx xxxxxxxxxx and xxx. Xx xxxxxxx xxxxxxx security, appropriate xxxxxxxx, including xxxxxxxxxxxx xxx xxxxxx management, xxxxxx xx implemented xxxxx xx xxx xxxxxxxxxxx xx data xxxxx xxx the xxxxx xx risk xx xxx xxxxxxx xxxxx xx the xxxxxxxxxxxx. Xxxxx shall xx xxxxxxxx xxxxxxxx xx xxxxxxx sensitive xxxxxxxxxxx xxxxxxx xxxx xxxxxx networks.

Access xx xxxxxx xxxxx xxx xxxxxxx xxxxxx code xxxxx xx xxxxxxxxxx xxx XX projects xxx xxxxxxx activities xxxxxxxxx in x&xxxx;xxxxxx xxxxxx. Xxxx xxxxx xx taken xx xxxxx exposure xx xxxxxxxxx data in xxxx xxxxxxxxxxxx. Xxxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxxxxxxxx xx xxxxxxx xx xxxxxxxxxx xxxxx be xxxxxxxx xxxxxxxxxx. X&xxxx;xxxx assessment xx xxx xxxxx xxxxxxx xx xx xxxxxxxx xx xxxxxxxxxx xxxxx xx conducted.

Regular xxxxxxxx xxxxxxx activities xx systems xx xxxxxxxxxx xxxxx also xx conducted xxxxxxxxx xx x&xxxx;xxxxxxxxxx xxxx xxxxx xx xxx xxxxxxx xx a risk xxxxxxxxxx, xxx xxxxxxxx xxxxxxx xxxxx xxxxxxx, xx least, vulnerability xxxxxxxxxxx. All of xxx shortcomings highlighted xxxxxx xxx xxxxxxxx xxxxxxx xxxxxxxxxx xxxxx xx assessed xxx xxxxxx xxxxx xx xxxxx xxx identified xxx xxxxx xx xxxxxxxx xxx xxxxxxxx xx xx x&xxxx;xxxxxx xxxxxxx.

Xxxxxxxxxxx 1.11: Xxxxxxxxxxx xxxxxxxx xx xxxxxxxx&xxxx;(3) xxxxxxxxxxxxx

Xx xxxxxx protection xx the xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx xxxxxxx xxxx xxx accessible xx xxxxxxxxx, xxxxxxxxxxx xxxxxxxx requirements for xxxxxxxxxx the xxxxx xxxxxxxxxx xxxx xxxxxxxx’x xxxxxx shall xx xxxxxxxxxx xxx xxxxxxxx xxxxxx xxxx xxxx xxx supplier.

Requirement 1.12: Xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxxxx and xxxxxxxxxxxx

Xx xxxxxx x&xxxx;xxxxxxxxxx xxx xxxxxxxxx xxxxxxxx xx xxx management xx xxxxxxxxxxx xxxxxxxx xxxxxxxxx, xxxxxxxxx xxxxxxxxxxxxx xx xxxxxxxx xxxxxx xxx weaknesses, roles, xxxxxxxxxxxxxxxx xxx procedures, xx business and xxxxxxxxx level, xxxxx xx established xxx xxxxxx to ensure x&xxxx;xxxxx, xxxxxxxxx and xxxxxxx xxx xxxxxx xxxxxxx from information xxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxxxx related xx x&xxxx;xxxxx-xxxxxxx xxxxx (x.x. x&xxxx;xxxxx xxxxxxx xx xx xxxxxxxx xxxxxxxx xx xx xx xxxxxxx). Personnel involved xx xxxxx xxxxxxxxxx xxxxx xx adequately xxxxxxx.

Xxxxxxxxxxx 1.13: Xxxxxxxxx xxxxxxxxxx xxxxxx

X&xxxx;xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx systems (e.g. xxxx xxxxxx systems, xxxxxxxx networks xxx xxxxxxxx network xxxxxxxxxxxx) xxxxx xx xxxxxxxxx xxxxxxxx xxx xxxxxxxxxx xxxx xxx organisation’s xxxxxxxxxxx xxxxxxxxx of xxxxxxxx (x.x. information xxxxxxxx xxxxxx, xxxxxxxxxxxxx xxxxxxx xxxxxx).

Xxxxxxxxxxx 1.14: Xxxxxxxxxxxxxx

Xxxxx xxxxxxx xxxxxxxx xxxxx comply xxxx xxx the xxxxxxxx xxxxxxxx xxxx xxx xxx for xxxxxxxx xxxxxxxx xxx xxxxxxx (x.x. hardening, xxxxxxx). Xxxxxxxx xxxxxxxx xx xxxxxxxxxxx xxxx include: xxxxxxxxx xx xxx xxxxxxxxxx xxx the xxxxxxx xxxxxxxxx xxxxxx, xxxxxxx xxxxxxxx, xxxxxx xxxxxxxxxx xx xxxxxxxxx xxxxxxxxxxxx (x.x. xxxxxxxxxx xxx xxxxxxxxxxx). Xxxxxxxxxxx xxxxxxxxxx, logging xxx xxxxxxxxxx as well xx xxxxxxxx of xxxxxx xxxxxx, in xxxxxxxxxx xxx xxxx xxxxxxxxxx accounts, shall xx xxxxxxxxxxx based xx x&xxxx;xxxx xxxxxxxxxx. Xxxxx xxxxxxx machines xxxxxxx xx xxx xxxx hypervisor xxxxx xxxx x&xxxx;xxxxxxx risk xxxxxxx.

Xxxxxxxxxxx 1.15: Xxxxx xxxxxxxxx

Xxx usage of xxxxxx and/or xxxxxx xxxxx solutions xx xxx Xxxxxxx Transaction Xxxxx xxxx be xxxxx xx a formal xxxx assessment, xxxxxx xxxx account xxx xxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxxx clauses xxxxxxx to xxx xxxxx xxxxxxxx.

Xx xxxxxx xxxxx solutions xxx xxxx, it xx xxxxxxxxxx that the xxxxxxxxxxx xxxxx xx xxx xxxxxxx system xx xxx highest xxx of the xxxxxxxxx xxxxxxx. All xx-xxxxxxxx components of xxx hybrid xxxxxxxxx xxxx xx xxxxxxxxxx xxxx the xxxxx xx-xxxxxxxx xxxxxxx.

Xxxxxxxx xxxxxxxxxx xxxxxxxxxx (xxxxxxxxxx xxxx xx xxxxxxxx xxxxxxxxxxxx)

Xxx xxxxxxxxx xxxxxxxxxxxx (2.1 xx 2.6) xxxxxx xx xxxxxxxx continuity xxxxxxxxxx. Each XXXXXX2 xxxxxxxxxxx xxxxxxxxxx xx xxx Xxxxxxxxxx xx xxxxx xxxxxxxx xxx xxx xxxxxx xxxxxxxxxxx xx xxx XXXXXX2 xxxxxx shall have x&xxxx;xxxxxxxx xxxxxxxxxx strategy xx xxxxx xxxxxxxxxx xxx xxxxxxxxx elements.

Requirement 2.1

:

Xxxxxxxx continuity xxxxx xxxxx be developed xxx xxxxxxxxxx xxx xxxxxxxxxxx them are xx place.

Requirement 2.2

:

An xxxxxxxxx xxxxxxxxxxx site xxxxx be available.

Requirement 2.3

:

Xxx risk xxxxxxx xx xxx xxxxxxxxx xxxx xxxxx xx xxxxxxxxx from that xx the xxxxxxx xxxx, xx xxxxx xx xxxxx xxxx xxxx xxxxx xxx xxxxxxxx xx xxx xxxx xxxxx xx xxx xxxx xxxx. Xxx xxxxxxx, xxx xxxxxxxxx xxxx shall xx xx a different xxxxx xxxx xxx xxxxxxx xxxxxxxxxxxxxxxxx xxxxxxx xxxx xxxxx xx xxx xxxxxxx xxxxxxxx xxxxxxxx.

Xxxxxxxxxxx 2.4

:

Xx xxx xxxxx xx a major xxxxxxxxxxx xxxxxxxxxx xxxxxxxxx xxx primary xxxx xxxxxxxxxxxx xxx/xx xxxxxxxx xxxxx unavailable, the xxxxxxxx xxxxxxxxxxx shall xx xxxx xx xxxxxx xxxxxx xxxxxxxxxx xxxx xxx xxxxxxxxx xxxx, xxxxx xx xxxxx be xxxxxxxx xx xxxxxxxx xxxxx xxx xxxxxxxx xxx xxx xxxx xxx xxxxxxxxx business xxx(x).

Xxxxxxxxxxx 2.5

:

Xxxxxxxxxx shall xx xx xxxxx xx xxxxxx that xxx xxxxxxxxxx xx xxxxxxxxxxxx xx xxxxxxx xxxx xxx xxxxxxxxx site xxxxxx x&xxxx;xxxxxxxxxx timeframe xxxxx xxx xxxxxxx xxxxxxxxxx of service xxx xxxxxxxxxxxx xx xxx criticality xx xxx xxxxxxxx xxxx xxx disrupted.

Requirement 2.6

:

The xxxxxxx xx xxxx xxxx operational xxxxxxxxxxx xxxxx xx tested xx xxxxx xxxx x&xxxx;xxxx and critical xxxxx shall be xxxxxxxxxxxxx xxxxxxx. Xxx xxxxxxx period xxxxxxx xxxxx xxxxx xxx xxxxxx xxx xxxx.

“.

(1)&xxxx;&xxxx;Xxx xxxx-xx-xxxx xxxxxxxxx refers xx the identification xx xxx xxx xx information xxxx xx xxxxxxxxxx xxxxx xxxxxx xx in xxxxx to xxxxx xxx her/his xxxxxx.

(2)&xxxx;&xxxx;Xxx xxxxxxxxx xx xxxxx xxxxxxxxx xxxxxx xx xxxxxxxxx x&xxxx;xxxxxxx’x access xxxxxxx xx xx XX xxxxxx xx xxxxx xx xxxxx xxx xxxxxxxxxxxxx xxxxxxxx xxxx.

(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx xx xxx xxxxxxx xx xxxx xxxxxxxx should xx xxxxxxxxxx as xxx xxxxx xxxxx (xxx xxx personnel) xxxxx xx xxxxx xxxxxxxx (xxxxxxxxx), xxxx xxx xxxxxxxxxxx, to xxxxxxx x&xxxx;xxxxxxx xxx under xxx xxxxxxx xxxxxxxxx xxx xxxxx party (xxx xxx xxxxxxxxx) xx xxxxxxx xxxxxx, xxxxxx remotely xx xx-xxxx, xx xxxxxxxxxxx xxx/xx xxxxxxxxxxx systems xxx/xx xxxxxxxxxxx processing xxxxxxxxxx xx xxx xxxxxxxxxxx in xxxxx xx xxxxxxxxxx xx xxx xxxxx covered xxxxx xxx xxxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx.


PŘÍLOHA II

Příloha XX xxxxxxxxxx XXX/2007/7 xx xxxx takto:

1.

Článek 1 xx xxxx xxxxx:

x)

xxxxxxxx xxxxx „xxxxxxx xxxxxxx xxxxx“ xx xxxxxxxxx xxxxx:

„—

“xxxxxxx xxxxxxx order” xxxxx, xx xxxx with xxx Xxxxxxxx Payments Xxxxxxx'x SEPA Xxxxxxx Xxxxxx Transfer (XXX Xxxx) scheme, a payment xxxxxxxxxxx which can xx xxxxxxxx 24 xxxxx a day any xxxxxxxx xxx xx xxx xxxx, with xxxxxxxxx xx xxxxx xx xxxxxxxxx processing xxx xxxxxxxxxxxx to xxx payer xxx xxxxxxxx (x) xxx XXXX DCA to XXXX XXX xxxxxxx xxxxxxx orders, (ii) XXXX XXX xx XXXX XX xxxxxxxxx xxxxxxx instant xxxxxxx xxxxxx, (iii) XXXX XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxx payment xxxxxx xxx (iv) XXXX XX technical account xx TIPS AS xxxxxxxxx account instant xxxxxxx xxxxxx,“;

x)

xxxxxxxx se xxxx xxxxxxxx, které xxxxx:

„—

“XXXX xxxxxxxxx system xxxxxxxxx xxxxxxx (XXXX XX xxxxxxxxx account)” xxxxx xx xxxxxxx xxxx xx xx xxxxxxxxx system xx x&xxxx;XX xx xx xxxxxxxxx xxxxxx'x xxxxxx xx xxx XX’x XXXXXX2 xxxxxxxxx system xxx xxx xx xxx xxxxxxxxx system xxx xxx xxxxxxx xx settling xxxxxxx xxxxxxxx in its xxx xxxxx,

“XXXX DCA xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx order” means xxx xxxxxxxxxxx xx xxxxxxxx a specified xxxxxx xx xxxxx xxxx x&xxxx;XXXX XXX xx x&xxxx;XXXX AS technical xxxxxxx xx fund xxx XXXX XXX xxxxxx’x xxxxxxxx (xx xxx xxxxxxxx xx xxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxx system) xx xxx books xx xxx ancillary xxxxxx,

“XXXX XX xxxxxxxxx xxxxxxx to XXXX XXX liquidity transfer xxxxx” means xxx xxxxxxxxxxx xx xxxxxxxx x&xxxx;xxxxxxxxx xxxxxx xx xxxxx from a TIPS XX xxxxxxxxx xxxxxxx xx a TIPS XXX xx defund xxx XXXX XXX xxxxxx’x xxxxxxxx (xx xxx xxxxxxxx of xxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxx xxxxxx) in xxx xxxxx xx xxx xxxxxxxxx xxxxxx,

“Xxxxxxx Xxxxxxx Provider (XXX)” xxxxx xx undertaking xxxx xxx been xxxxxxx x&xxxx;xxxxxxxxxx with xxx Xxxxxxxxxx xx xxxxxxx xxxxxxxxxxxx xxxxxxxx xxx the Xxxxxxxxxx Xxxxxx Market Infrastructure Xxxxxxx.“;

x)

xxxxxxxx xxxxx „T2S xxxxxxx service xxxxxxxx“ xx xxxxxxx;

2.

X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 xx xxxxxxx xx) xxxxxxxxx tímto:

„(fc)

TIPS XXX xx XX xxxxxxxxx xxxxxxxx xxxxxx and XX xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxxx;“;

3.

X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 se xxxxxx xxxx písmeno xx), které zní:

„(fd)

TIPS XXX xx XXXX XX xxxxxxxxx account xxxxxxxxx xxxxxxxx xxxxxx xxx XXXX AS xxxxxxxxx xxxxxxx xx XXXX DCA liquidity xxxxxxxx xxxxxx; xxx“;

4.

X&xxxx;xxxxxx&xxxx;4 xx xxxxxxxx 3 xxxxxxxxx tímto:

„3.   TARGET2 provides xxxx-xxxx xxxxx settlement xxx payments xx xxxx, with xxxxxxxxxx xx xxxxxxx xxxx xxxxx xxxxxx PM xxxxxxxx, X2X XXXx xxx XXXX XXXx. XXXXXX2 xx established xxx functions on xxx basis of xxx SSP through xxxxx xxxxxxx orders xxx submitted and xxxxxxxxx and xxxxxxx xxxxx xxxxxxxx xxx xxxxxxxxxx xxxxxxxx in xxx same xxxxxxxxx xxxxxx. Xx far xx the xxxxxxxxx xxxxxxxxx of xxx X2X DCAs xx xxxxxxxxx, XXXXXX2 is xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx xx xxx X2X Xxxxxxxx. Xx xxx xx the xxxxxxxxx xxxxxxxxx xx xxx XXXX DCAs xxx XXXX AS xxxxxxxxx xxxxxxxx is xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx and xxxxxxxxx xx the xxxxx xx the XXXX Xxxxxxxx. The XXX is xxx xxxxxxxx xx services xxxxx xxxxx Xxxxxxxxxx. Xxxx and xxxxxxxxx xx xxx XXX-xxxxxxxxx XXXx xxx xxx 4XXx xxxxx xx xxxxxxxxxx xxxx xxx xxxxxxxxx of xxx XXX, xxx which xx xxxxx xxxxxx xxxxxxxxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;21 of xxxx Xxxxx. Xxxxxxxxxxxxx xxxxxxxx xx xxxxx Xxxxxxxxxx xxxxx xxx xxxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxxxxx X2X DCA xxxxxxx xxx the XXX-xxxxxxxxx XXXx or xxx 4CBs xxxx xxx xx xxx xxxxxx xxxx xx xxxx capacity. Xxxxxxxxxxxx, xxxxxxxx or xxxxxxxxxxx xxxxx a T2S XXX xxxxxx receives xxxx, xx xxxxx xx, xxx SSP xx X2X Platform xx xxxxxxxx to xxx xxxxxxxx xxxxxxxx xxxxx xxxxx Xxxxxxxxxx are xxxxxx xx xx xxxxxxxx xxxx, xx xxxx to, the XXX.“;

5.

X&xxxx;xxxxxx&xxxx;8 xx odstavec 3 nahrazuje xxxxx:

„3.&xxxx;&xxxx;&xxxx;Xxxxx xxx ECB has xxxxxxx x&xxxx;xxxxxxx by x&xxxx;X2X DCA xxxxxx xxxxxxxx xx xxxxxxxxx 1, that T2S XXX xxxxxx xx xxxxxx to have xxxxx xxx xxxxxxxxxxxxx XXX(x) a mandate xx xxxxx xxx X2X XXX with xxx xxxxxxx relating to xxxxxxxxxx transactions xxxxxxxx xx those xxxxxxxxxx xxxxxxxx.“;

6.

X&xxxx;xxxxxx&xxxx;28 xx odstavec 1 nahrazuje xxxxx:

„1.&xxxx;&xxxx;&xxxx;X2X XXX holders shall xx xxxxxx xx xx xxxxx xx, xxxxx xxxxxx with, xxx xxxxx xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx xxxxxxxx competent xxxxxxxxxxx xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx to xxxxxxxxxxx xx xxxx xxxxxxxxxx. Xxxx xxxxx be xxxxxx xx xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx obligations on xxxx relating xx xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx xxxxxxxxxx xxx xxx xxxxxxxxx xx xxxxxxxxx, proliferation-sensitive xxxxxxx xxxxxxxxxx xxx xxx xxxxxxxxxxx of xxxxxxx weapons xxxxxxxx xxxxxxx, in xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx appropriate xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx T2S XXXx. Prior xx xxxxxxxx xxxx the xxxxxxxxxxx relationship with xxx X2X network xxxxxxx xxxxxxxx, X2X XXX holders shall xxxxxx that they xxx xxxxxxxx xxxxx xxx xxxx xxxxxxxxx xxxxxx.“;

7.

Xxxxxx&xxxx;30 se nahrazuje xxxxx:

„Xxxxxxx&xxxx;30

Xxxxxxxxxxx relationship xxxx xx NSP

1.   T2S DCA xxxxxxx xxxxx either:

(a)

have xxxxxxxxx x&xxxx;xxxxxxxx with xx NSP xxxxxx xxx xxxxxxxxx of xxx xxxxxxxxxx contract xxxx xxxx XXX xx order xx xxxxxxxxx x&xxxx;xxxxxxxxx xxxxxxxxxx xx XXXXXX2- ECB; xx

(x)

xxxxxxx xxx another xxxxxx xxxxx has xxxxxxxxx x&xxxx;xxxxxxxx xxxx xx NSP xxxxxx xxx framework xx xxx concession contract xxxx xxxx XXX.

2.&xxxx;&xxxx;&xxxx;Xxx xxxxx relationship xxxxxxx x&xxxx;X2X XXX xxxxxx xxx xxx XXX xxxxx be exclusively xxxxxxxx xx the xxxxx and xxxxxxxxxx xx xxx separate xxxxxxxx concluded with xx XXX xx xxxxxxxx xx xx xxxxxxxxx 1(x).

3.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxx xx xx provided xx the XXX xxxxx xxx xxxx xxxx xx xxx xxxxxxxx xx xx xxxxxxxxx xx the XXX xx xxxxxxx xx TARGET2.

4.   The ECB xxxxx xxx be xxxxxx xxx xxx xxxx, xxxxxx xx xxxxxxxxx of xxx XXX (including its xxxxxxxxx, staff xxx xxxxxxxxxxxxxx), xx xxx xxx xxxx, errors xx xxxxxxxxx of xxxxx xxxxxxx selected xx xxxxxxxxxxxx xx xxxx access xx xxx NSP’s xxxxxxx.“;

8.

Xxxxxx xx nový xxxxxx&xxxx;34x, xxxxx zní:

„Article 34a

Transitional xxxxxxxxxx

Xxxx xxx TARGET system xx xxxxxxxxxxx xxx XXXXXX2 xxx ceased xxxxxxxxx, X2X DCA xxxxxxx shall xxxxxx X2X DCA holders xx xxx TARGET xxxxxx.“;

9.

Xxxxxx xx pojem „X2X xxxxxxx xxxxxxx xxxxxxxx“ (v jednotném xxxx xxxxxxx čísle) x&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 xxxx. a) xxxx i), xx.&xxxx;9 xxxx.&xxxx;5, xx.&xxxx;10 xxxx.&xxxx;6, xx.&xxxx;14 xxxx.&xxxx;1 xxxx. x), xx.&xxxx;22 xxxx.&xxxx;1, xx.&xxxx;22 xxxx.&xxxx;2, xx.&xxxx;22 xxxx.&xxxx;3, čl. 27 xxxx.&xxxx;5, xx.&xxxx;28 xxxx.&xxxx;1, xx.&xxxx;29 xxxx.&xxxx;1 xxxxxxx II x&xxxx;x&xxxx;xxxxxxxx 1 xxxxxxx X&xxxx;xx nahrazují xxxxxxx „XXX“;

10.

X&xxxx;xxxxxxx X&xxxx;xx x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx b) tímto:

„(b)

User-to-application xxxx (X2X)

X2X xxxxxxx xxxxxx xxxxxxxxxxxxx xxxxxxx x&xxxx;X2X XXX xxxxxx xxx xxx T2S XXX. The xxxxxxxxxxx xx xxxxxxxxx xx x&xxxx;xxxxxxx running on x&xxxx;XX system. For X2X xxxxxx the XX xxxxxxxxxxxxxx has xx xx xxxx xx xxxxxxx xxxxxxx. Xxxxxxx xxxxxxx xxx xxxxxxxxx xx xxx X2X Xxxx Xxxxxxxx.“.

PŘÍLOHA XXX

Xxxxxxx III xxxxxxxxxx XXX/2007/7 se xxxx xxxxx:

1.

Xxxxxx na xxxxx „TIPS xxxxxxx xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx xxxxx) x&xxxx;xxxx příloze xx xxxxxxxxx xxxxxxx „XXX“;

2.

Xxxxxx&xxxx;1 xx xxxx xxxxx:

x)

xxxxxxxx xxxxx „reachable xxxxx“ xx nahrazuje xxxxx:

„—

“xxxxxxxxx xxxxx” xxxxx xx xxxxxx xxxxx: (x) xxxxx a BIC, (x) xx designated xx x&xxxx;xxxxxxxxx xxxxx xx x&xxxx;XXXX XXX xxxxxx xx by xx xxxxxxxxx system; (c) xx x&xxxx;xxxxxxxxxxxxx, customer xx branch xx x&xxxx;XXXX XXX xxxxxx xx x&xxxx;xxxxxxxxxxx xx xx xxxxxxxxx system xx x&xxxx;xxxxxxxxxxxxx, customer xx xxxxxx xx x&xxxx;xxxxxxxxxxx xx xx xxxxxxxxx xxxxxx; xxx (x) xx xxxxxxxxxxx xxxxxxx the XXXX Xxxxxxxx xxx xx xxxx to xxxxxx xxxxxxx payment xxxxxx xxx xxxxxxx xxxxxxx xxxxxxx xxxxxx either xxx the XXXX XXX xxxxxx or xxx ancillary xxxxxx xx, xx xx xxxxxxxxxx by xxx XXXX DCA xxxxxx xx xx xxx xxxxxxxxx xxxxxx, directly,“;

b)

definice xxxxx „xxxxxxx xxxxx“ xx xxxxxxxxx xxxxx:

„—

“xxxxxxx xxxxx”, xxxxxx where xxxx xx Articles 16 to 18 xx this Annex, xxxxx an xxxxxxx xxxxxxx xxxxx, x&xxxx;xxxxxxxx xxxxxx xxxxxx, x&xxxx;XX xx XXXX XXX xxxxxxxxx transfer xxxxx, x&xxxx;XXXX DCA to XX xxxxxxxxx xxxxxxxx xxxxx, x&xxxx;XXXX AS xxxxxxxxx xxxxxxx to XXXX XXX xxxxxxxxx xxxxxxxx order xx x&xxxx;XXXX DCA to XXXX XX technical xxxxxxx xxxxxxxxx xxxxxxxx xxxxx,“;

x)

xxxxxxxx xxxxx „xxxxxxx xxxxxxx order“ xx xxxxxxxxx xxxxx:

„—

“xxxxxxx xxxxxxx xxxxx” xxxxx, in xxxx xxxx xxx Xxxxxxxx Payments Xxxxxxx'x XXXX Xxxxxxx Xxxxxx Xxxxxxxx (SCT Xxxx) xxxxxx, x&xxxx;xxxxxxx instruction xxxxx xxx xx xxxxxxxx 24 hours x&xxxx;xxx xxx calendar xxx of the xxxx, with xxxxxxxxx xx close xx xxxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxxx to xxx xxxxx and includes (x) XXXX XXX xx XXXX DCA xxxxxxx payment xxxxxx, (x) XXXX XXX xx TIPS XX xxxxxxxxx account xxxxxxx xxxxxxx xxxxxx, (x) XXXX XX technical xxxxxxx xx XXXX XXX xxxxxxx xxxxxxx xxxxxx xxx (d) XXXX XX technical xxxxxxx xx TIPS XX technical xxxxxxx xxxxxxx xxxxxxx orders,“;

d)

vkládají xx nové definice, xxxxx xxxxx:

„—

“XXXX ancillary xxxxxx technical xxxxxxx (XXXX AS xxxxxxxxx xxxxxxx)” xxxxx an xxxxxxx xxxx by xx ancillary xxxxxx xx xxx XX xx an xxxxxxxxx xxxxxx'x xxxxxx in xxx CB’s XXXXXX2 xxxxxxxxx system for xxx xx that xxxxxxxxx system for xxx xxxxxxx of xxxxxxxx xxxxxxx payments xx xxx own xxxxx,

“XXXX DCA to XXXX XX technical xxxxxxx liquidity xxxxxxxx xxxxx” xxxxx the xxxxxxxxxxx xx transfer x&xxxx;xxxxxxxxx amount of xxxxx xxxx a TIPS XXX to x&xxxx;XXXX XX xxxxxxxxx account xx xxxx xxx XXXX DCA holder’s xxxxxxxx (xx xxx xxxxxxxx of another xxxxxxxxxxx xx the xxxxxxxxx system) xx xxx xxxxx xx xxx xxxxxxxxx xxxxxx,

“XXXX XX xxxxxxxxx xxxxxxx xx TIPS XXX xxxxxxxxx xxxxxxxx xxxxx” xxxxx xxx xxxxxxxxxxx xx transfer a specified xxxxxx of xxxxx xxxx a TIPS XX xxxxxxxxx xxxxxxx xx x&xxxx;XXXX XXX xx xxxxxx xxx TIPS XXX holder’s xxxxxxxx (xx xxx position xx another xxxxxxxxxxx xx xxx ancillary xxxxxx) xx the xxxxx xx xxx xxxxxxxxx xxxxxx,

“Xxxxxxxx Xxxxxxxx Xxxxxxx'x XXXX Xxxxxxx Xxxxxx Xxxxxxxx (SCT Xxxx) xxxxxx” or “XXX Xxxx scheme” xxxxx an xxxxxxxxx, xxxx xxxxxxxxx scheme xxxxxxxxx x&xxxx;xxx of xxxxxxxxx rules xx xx complied xxxx xx XXX Inst xxxxxxxxxxxx, xxxxxxxx payment xxxxxxxx xxxxxxxxx xx XXXX to offer xx automated, XXXX-xxxx xxxx xxxxxxx xxxxxx xxxxxxxx xxxxxxx,

“xxxxxx xxxxx xxxx-xx (MPL) xxxxxxx” xxxxx x&xxxx;xxxxxxx which xxxxxxx XXXX DCA xxxxxxx, xxxxxxxxx xxxxxxx xxxxx XXXX AS xxxxxxxxx xxxxxxxx xxx xxxxxxxxx xxxxxxx, who xxxxxxx from their xxxxxxxxx a request xx xxxxxxx xx xxxxxxx xxxxxxx xxxxx xx xxxxxx xx a beneficiary xxxxxxxxxx xxxx x&xxxx;xxxxx (x.x. x&xxxx;xxxxxx number), xx retrieve xxxx xxx central MPL xxxxxxxxxx xxx xxxxxxxxxxxxx xxxxxxxxxxx XXXX xxx xxx XXX to xx xxxx xx xxxxxx xxx xxxxxxxx xxxxxxx in XXXX,

“Xxxxxxx Xxxxxxx Xxxxxxxx (XXX)” xxxxx an xxxxxxxxxxx xxxx has been xxxxxxx x&xxxx;xxxxxxxxxx with xxx Xxxxxxxxxx xx xxxxxxx xxxxxxxxxxxx xxxxxxxx xxx xxx Eurosystem Xxxxxx Xxxxxx Xxxxxxxxxxxxxx Xxxxxxx,

“XXXX” xxxxx xxx xxxxxxxxxxxxx xxxx xxxxxxx xxxxxx which xxxxxxxx xxxxxxxxxx an xxxxxxxxxx xxxxxxx at x&xxxx;xxxxxxxx xxxxxxxxx institution in x&xxxx;xxxxxxxxxx xxxxxxx.“;

x)

xxxxxxxx xxxxx „XXXX xxxxxxx xxxxxxx xxxxxxxx“ se zrušuje;

3.

V čl. 3 xxxx.&xxxx;1 xx xxxxxxx xxxxx xx „Xxxxxxxx X: XXXX connectivity xxxxxxxxx xxxxxxxxxxxx“;

4.

Xxxxxx&xxxx;4 se xxxx takto:

a)

v odstavci 2 xx xxxxxxxx xxxx xxxxxxx k), xxxxx xxx:

„(x)

XXXX XXX xx XXXX XX technical xxxxxxx xxxxxxxxx transfer xxxxxx xxx TIPS XX technical xxxxxxx xx XXXX XXX xxxxxxxxx transfer orders; xxx“;

x)

xxxxxxxx 3 se xxxxxxxxx tímto:

„3.   TARGET2 xxxxxxxx xxxx-xxxx gross xxxxxxxxxx xxx payments xx xxxx, xxxx settlement xx xxxxxxx xxxx xxxxx across XX xxxxxxxx, X2X DCAs xxx XXXX DCAs. TARGET2 xx xxxxxxxxxxx xxx xxxxxxxxx on xxx xxxxx xx xxx XXX through xxxxx xxxxxxx xxxxxx xxx xxxxxxxxx and xxxxxxxxx xxx xxxxxxx xxxxx xxxxxxxx xxx xxxxxxxxxx xxxxxxxx xx xxx xxxx technical xxxxxx. Xx far xx xxx xxxxxxxxx xxxxxxxxx xx xxx XXXX XXXx and XXXX XX technical xxxxxxxx xx xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx on xxx xxxxx xx xxx XXXX Xxxxxxxx. Xx far as xxx xxxxxxxxx xxxxxxxxx xx the X2X XXXx xx xxxxxxxxx, XXXXXX2 xx technically xxxxxxxxxxx and functions xx the xxxxx xx xxx T2S Xxxxxxxx.“;

5.

X&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 písm. x) xx xxx x) nahrazuje xxxxx:

„(x)

xxxxxxx, xxxxxx, operate xxx xxxxxxx xxx xxxxxx xxx security xx xxx necessary XX xxxxxxxxxxxxxx xx xxxxxxx xx xxx XXXX Xxxxxxxx and xxxxxx xxxxxxx xxxxxx to xx. In xxxxx xx, applicant TIPS XXX xxxxxxx may xxxxxxx xxxxx parties, xxx xxxxxx sole xxxxxxxxx. In xxxxxxxxxx, xxxxxx xx instructing xxxxx is xxxx, xxxxxxxxx XXXX DCA xxxxxxx xxxxx enter xxxx an agreement xxxx xxx xx xxxx NSPs to xxxxxx the xxxxxxxxx xxxxxxxxxx xxx xxxxxxxxxx, xx accordance xxxx xxx xxxxxxxxx specifications xx Appendix X; xxx“;

6.

Xxxxxx&xxxx;9 se xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;9

Xxxxxxxxxxx xxxxxxxxxxxx with xx XXX

1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx shall xxxxxx:

(x)

xxxxxxxx a contract xxxx xx XXX xxxxxx xxx xxxxxxxxx of xxx xxxxxxxxxx xxxxxxxx xxxx xxxx XXX xx xxxxx xx xxxxxxxxx x&xxxx;xxxxxxxxx xxxxxxxxxx xx XXXXXX2-XXX; or

(b)

connect xxx another xxxxxx xxxxx xxx xxxxxxxxx x&xxxx;xxxxxxxx xxxx xx XXX xxxxxx the xxxxxxxxx xx xxx xxxxxxxxxx xxxxxxxx with xxxx XXX.

2.&xxxx;&xxxx;&xxxx;Xxx legal xxxxxxxxxxxx between x&xxxx;xxxxxxxxxxx xxx xxx XXX xxxxx xx xxxxxxxxxxx xxxxxxxx xx xxx xxxxx and xxxxxxxxxx xx xxxxx xxxxxxxx xxxxxxxx xx xxxxxxxx xx in paragraph 1(x).

3.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxx to xx xxxxxxxx by xxx XXX xxxxx xxx xxxx part xx xxx xxxxxxxx xx xx xxxxxxxxx xx xxx XXX xx xxxxxxx xx XXXXXX2.

4.&xxxx;&xxxx;&xxxx;Xxx XXX shall xxx xx xxxxxx xxx any acts, xxxxxx xx xxxxxxxxx xx xxx XXX (xxxxxxxxx xxx directors, xxxxx xxx xxxxxxxxxxxxxx), xx xxx xxx xxxx, xxxxxx xx xxxxxxxxx by third xxxxxxx xxxxxxxx xx xxxxxxxxxxxx to xxxx xxxxxx xx xxx XXX’x xxxxxxx.“;

7.

Xxxxxx&xxxx;10 xx xxxxxxx;

8.

Xxxxxx se xxxx xxxxxx&xxxx;11x, xxxxx zní:

„Article 11a

MPL xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxx xxxxxxx MPL xxxxxxxxxx xxxxxxxx xxx xxxxx – IBAN xxxxxxx xxxxx for xxx xxxxxxxx of xxx MPL xxxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxxx xxxxx may xx xxxxxx to xxxx xxx XXXX. Xx XXXX xxx be xxxxxx xx xxx xx xxxxxxxx xxxxxxx.

3.&xxxx;&xxxx;&xxxx;Xxxxxxx&xxxx;29 xxxxx apply xx xxx xxxx contained xx the MPL xxxxxxxxxx.“;

9.

X&xxxx;xxxxxx&xxxx;12 xx xxxxxxx xxxxxxxx 9;

10.

Xxxxxx&xxxx;16 xx xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;16

Xxxxx xx xxxxxxx orders in XXXX DCA

The xxxxxxxxx xxx classified xx xxxxxxx orders for xxx xxxxxxxx xx xxx XXXX service:

(a)

instant xxxxxxx xxxxxx;

(x)

xxxxxxxx xxxxxx xxxxxxx;

(x)

XXXX XXX to XX liquidity xxxxxxxx xxxxxx;

(x)

XXXX XXX xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxxx; and

(e)

TIPS XX xxxxxxxxx xxxxxxx to XXXX XXX liquidity xxxxxxxx orders.“;

11.

V článku 18 xx xxxxxxxx 6 nahrazuje xxxxx:

„6.&xxxx;&xxxx;&xxxx;Xxxxx x&xxxx;XXXX XXX xx XX xxxxxxxxx xxxxxxxx xxxxx, a TIPS XXX xx TIPS XX xxxxxxxxx account xxxxxxxxx xxxxxxxx xxxxx xx a TIPS XX xxxxxxxxx account xx XXXX XXX liquidity xxxxxxxx xxxxx xxx xxxx xxxxxxxx as xxxxxxxx xx xx Xxxxxxx&xxxx;17, xxx TARGET2-ECB xxxxx xxxxx xxxxxxx xxxxxxxxxx funds xxx xxxxxxxxx xx xxx xxxxx'x xxxxxxx. Xx xxxxxxxxxx xxxxx xxx xxx available xxx xxxxxxxxx transfer order xxxxx xx rejected. Xx sufficient xxxxx xxx xxxxxxxxx xxx xxxxxxxxx xxxxxxxx xxxxx xxxxx be settled xxxxxxxxxxx.“;

12.

X&xxxx;xx.&xxxx;20 xxxx.&xxxx;1 xx xxxxxxx b) xxxxxxxxx xxxxx:

„(x)

XXXX XXX to XX liquidity xxxxxxxx xxxxxx, xxxxxxxx xxxxxx xxxxxxx and XXXX XXX xx TIPS XX xxxxxxxxx account xxxxxxxxx xxxxxxxx orders xxx deemed entered xxxx XXXXXX2-XXX xxx xxxxxxxxxxx xx the xxxxxx xxxx xxx xxxxxxxx TIPS XXX xx xxxxxxx. XXXX XX technical xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx orders xxx deemed xxxxxxx xxxx TARGET2-ECB and xxxxxxxxxxx xx xxx xxxxxx xxxx xxx xxxxxxxx TIPS XX xxxxxxxxx xxxxxxx xx xxxxxxx.“;

13.

X&xxxx;xxxxxx&xxxx;30 xx odstavec 1 xxxxxxxxx xxxxx:

„1.&xxxx;&xxxx;&xxxx;XXXX XXX xxxxxxx shall xx deemed xx xx aware xx, xxxxx xxxxxx with xxx shall xx xxxx to xxxxxxxxxxx xxxx xxxxxxxxxx to xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx xx data xxxxxxxxxx. Xxxx xxxxx xx xxxxxx xx be xxxxx xx, and xxxxx xxxxxx xxxx xxx obligations on xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx laundering xxx xxx xxxxxxxxx xx terrorism, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx xxx xxxxxxxxxxx xx xxxxxxx weapons xxxxxxxx xxxxxxx, in particular xx xxxxx xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx xx credited xx their XXXX XXXx. TIPS XXX xxxxxxx xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx xxxxx xxxxxx XXX'x data retrieval xxxxxx xxxxx to xxxxxxxx xxxx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx xxxx XXX.“;

14.

Xxxxxx xx nový xxxxxx&xxxx;35x, xxxxx xxx:

„Xxxxxxx&xxxx;35x

Xxxxxxxxxxxx xxxxxxxxx

Xxxx xxx XXXXXX xxxxxx xx operational xxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, XXXX DCA xxxxxxx xxxxx xxxxxx XXXX XXX xxxxxxx in xxx XXXXXX xxxxxx.“;

15.

X&xxxx;xxxxxxx X&xxxx;xx tabulka x&xxxx;xxxxxxxx 2 xxxxxxxxx tímto:

„Message Xxxx

Xxxxxxx Xxxx

Xxxx.002

XXXxXXXxxxxxx Xxxxxx Xxxxxx

Xxxx.004

XxxxxxxXxxxxx

Xxxx.008

XXXxXXXxxxxxxxXxxxxxXxxxxxxx

Xxxx.028

XXXxXXXxxxxxxXxxxxxXxxxxxx

xxxx.003

XxxXxxxxxx

xxxx.004

XxxxxxXxxxxxx

xxxx.005

XxxXxxxxxxxxxx

xxxx.006

XxxxxxXxxxxxxxxxx

xxxx.011

XxxxxxXxxxx

xxxx.019

XxxxxxXxxxxxxxXxxXxxxxxxxxxx

xxxx.025

Xxxxxxx

xxxx.029

XxxxxxxxxxXxXxxxxxxxxxxxx

xxxx.050

XxxxxxxxxXxxxxxXxxxxxxx

xxxx.052

XxxxXxXxxxxxxxXxxxxxxXxxxxx

xxxx.053

XxxxXxXxxxxxxxXxxxxxxxx

xxxx.054

XxxxXxXxxxxxxxXxxxxXxxxxxXxxxxxxxxxxx

xxxx.056

XXXxXXXxxxxxxXxxxxxxxxxxxXxxxxxx

xxxx.010

XxxxxxxXxxxxxxXxxxxxxxxxxxxxx

xxxx.011

XxxxxxxXxxxxxxXxxxxxxxx

xxxx.015

XxxxxxxXxxxxxxxXxxxxxxXxxxxxxxxxxXxxxxxx

xxxx.016

XxxxxXxxxxxXxxxxxX01

xxxx.022

XxxxxXxxxxxxxxxxxXxxxxxxX01“

16.

X&xxxx;xxxxxxx I se v odst. 6 xxxxxxx. 1 xxxxxxxxx xxxxxxx x) xxxxx:

„(x)

Xxxx-xx-xxxxxxxxxxx xxxx (U2A)

U2A xxxxxxx xxxxxx xxxxxxxxxxxxx xxxxxxx x&xxxx;XXXX XXX xxxxxx xxx xxx XXXX XXX. Xxx xxxxxxxxxxx xx xxxxxxxxx in x&xxxx;xxxxxxx running xx x&xxxx;XX xxxxxx. For X2X xxxxxx the XX infrastructure xxx xx be able xx xxxxxxx xxxxxxx. Xxxxxxx details are xxxxxxxxx in the XXXX Xxxx Xxxxxxxx.“;

17.

X&xxxx;xxxxxxx XX se xxxxxxx xxxxxxxx 2;

18.

Xxxxxxx V se xxxxxxx.