Animace načítání

Stránka se připravuje...

Přihlásit se Registrovat se
28 774 právních předpisů

Další údaje zde

Technická podpora

Poskytujeme technickou podporu zdarma

Zavolejte nám

+420 777 717 492

Plné znění - 32021D1758

  1. Úvodní strana
  2. Právní předpisy EU
  3. Plné znění - 32021D1758

Na co čekáte? Nečekejte už ani minutu.
Získejte přístup na tento text ještě dnes. Kontaktujte nás a my Vám obratem uděláme nabídku pro Vás přímo na míru.

Chci získat výhodný přístup

ROZHODNUTÍ EVROPSKÉ CENTRÁLNÍ XXXXX (EU) 2021/1758

xx xxx 21.&xxxx;xxxx 2021,

xxxxxx xx xxxx xxxxxxxxxx XXX/2007/7 x&xxxx;xxxxxxxxxx TARGET2-ECB (XXX/2021/43)

XXXXXXX RADA EVROPSKÉ XXXXXXXXX XXXXX,

x&xxxx;xxxxxxx xx Xxxxxxx o fungování Xxxxxxxx xxxx, x&xxxx;xxxxxxx xx xxxxx x&xxxx;xxxxxxx xxxxxxx xx.&xxxx;127 xxxx.&xxxx;2 této xxxxxxx,

x&xxxx;xxxxxxx xx statut Xxxxxxxxxx xxxxxxx xxxxxxxxxxx xxxx x&xxxx;Xxxxxxxx centrální xxxxx, a zejména xx xxxxxx&xxxx;11.6 x&xxxx;xxxxxx 17, 22 a 23 xxxxxx xxxxxxx,

xxxxxxxx x&xxxx;xxxxx xxxxxxx:

(1)

Xxxx xxxxxxxxx xxxxxxx&xxxx;(1) xxx 20.&xxxx;xxxxxxxx 2021 obecné xxxxxx Xxxxxxxx xxxxxxxxx xxxxx ECB/2012/27 (2) x&xxxx;xxxxx: x) xxxxxxxx, že xxxxxxxx XXXX XXX xxxxx x&xxxx;XXXXXX2 xxxxxxxxx xxxxxxxxxxxxxxx jednotného xxxxxxx xxxxx infrastruktury Xxxxxxxxxxx (Xxxxxxxxxx Xxxxxx Xxxxxx Xxxxxxxxxxxxxx Xxxxxxx) xx xxxxxxxxx 2021 a majitelé X2X XXX xxxxx x&xxxx;XXXXXX2 xxxxxxxxxxxxxxx xxxxxx xxxxxxx připojeni od xxxxxx 2022; b) xxxxxxxx x&xxxx;xxxxxxxx xxxxxxxx xxxxxxxx xx xxxxxxxxxx xxxxxxxxx na xxxxxxxxxx xxxxxxxxx xxxx XXXXXX2, xxx xx xxxxxxxxx, xx xx xxxxxx XXXXXX2 xxxx dále xxxxxxx xxx, aby xxx xxxxxxx čelit xxxxxxx v oblasti xxxxxxxxxxxx xxxxxxxxxxx; c) xxxxxx xxxxxxxxx, xxx xxxxxxxx xxxx XX, xxxxxx xxxxxxx xxxxxxxxx x&xxxx;xxxxxxxxxxxxx xxxxxxxx xxxx XXX, xxxxx xxxxxxxxxxx k uplatňování xxxxxxx XXX Xxxx xxxxxxxx dohody x&xxxx;xxxxxxxxxx xxxxxxx xxx xxxxxxxx xxxxxxxxxxxxx xxxxxxx XXXX, xxxx a zůstali xxxxxx xxxxxxxxxxx xx xxxxxxxxx XXXX xxxxxxxxxxxxxxx XXXX XXX, xxx aby xx xxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxx x&xxxx;xxxx Xxxx; x) zavést xxxxxxxxxxxxxxx, pokud jde x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx v TARGET2 xx odpovídající xxxxxxxxxxx xxxx v budoucím systému XXXXXX, xxx xxxx xxxxxxxxx xxxxxx xxxxxxx, x&xxxx;x) xxxxxxxx x&xxxx;xxxxxxxxxxxx xxxxxxx xxxxx xxxxxxx xxxxxxxx xxxxx XXX/2012/27.

(2)

Xxxxxxx xxxx xxxxxxxxxx xxxxxxx xxxxxxxxxxx T2-T2S, bude x&xxxx;xxxxx právní xxxxxxx xxxxxx xxxxxxxx zajistit xxxxxxxxxxxxxxx, xxxxx jde x&xxxx;xxxxxxx xxxxxxx xxxxxxxx x&xxxx;xxxx xxxxxxxxx v TARGET2-ECB xx odpovídající xxxxxxxxxxx xxxx.

(3)

Xxxxx xxxxxxxx xxxxx XXX/2012/27, které mají xxxx xx podmínky XXXXXX2-XXX, xx třeba xxxxxxxxx v rozhodnutí Evropské xxxxxxxxx banky ECB/2007/7 (3).

(4)

Rozhodnutí XXX/2007/7 xx xxxxx xxxxx xxxxxxxxxxxxx způsobem xxxxxx,

XXXXXXX TOTO XXXXXXXXXX:

Xxxxxx&xxxx;1

Xxxxx

Xxxxxxx I, XX x&xxxx;XXX xxxxxxxxxx XXX/2007/7 xx xxxx x&xxxx;xxxxxxx x&xxxx;xxxxxxxxx tohoto xxxxxxxxxx.

Xxxxxx&xxxx;2

Xxxxxxxxx xxxxxxxxxx

Xxxx rozhodnutí xxxxxxxx v platnost pátým xxxx xx xxxxxxxxxx x&xxxx;Xxxxxxx věstníku Xxxxxxxx xxxx.

Xxxxxxx xx ode xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx xxxx.&xxxx;1 písm. x) x&xxxx;xxxxxxxx 7 x&xxxx;9 xxxxxxx II xxxxxx rozhodnutí, které xx použijí xxx xxx 13. června 2022.

Xx Xxxxxxxxxx nad Xxxxxxx xxx 21. září 2021.

Xxxxxxxxxxx XXX

Xxxxxxxxx LAGARDE

(1)  Obecné xxxxxx Xxxxxxxx xxxxxxxxx xxxxx (XX) 2021/1759 xx dne 20. července 2021, xxxxxxx xx xxxx xxxxxx xxxxxx XXX/2012/27 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx xxxxxxxxx xxxxxx x&xxxx;xxxxxxx xxxx (XXXXXX2) (ECB/2021/30) [(viz xxxxxx 45 x&xxxx;xxxxx xxxxx Úředního xxxxxxxx).

(2)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2012/27 xx xxx 5.&xxxx;xxxxxxxx 2012 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxxx xxxxxxx zúčtování xxxxxx x&xxxx;xxxxxxx čase (TARGET2) (Xx. xxxx. X&xxxx;30, 30.1.2013, x. 1).

(3)&xxxx;&xxxx;Xxxxxxxxxx Xxxxxxxx centrální xxxxx XXX/2007/7 xx dne 24.&xxxx;xxxxxxxx 2007 x&xxxx;xxxxxxxxxx XXXXXX2-XXX (Xx. věst. X&xxxx;237, 8.9.2007, s. 71).

PŘÍLOHA X

Xxxxxxx X&xxxx;xxxxxxxxxx XXX/2007/7 xx mění xxxxx:

1.

Xxxxxx&xxxx;1 se mění xxxxx:

x)

xxxxxxxx pojmu „instant xxxxxxx xxxxx“ xx xxxxxxxxx tímto:

„—

“instant xxxxxxx xxxxx” means, in xxxx with xxx Xxxxxxxx Xxxxxxxx Xxxxxxx'x XXXX Xxxxxxx Xxxxxx Xxxxxxxx (XXX Xxxx) xxxxxx, a payment xxxxxxxxxxx xxxxx can xx xxxxxxxx 24 xxxxx x&xxxx;xxx xxx xxxxxxxx xxx of the xxxx, xxxx immediate xx close to xxxxxxxxx processing and xxxxxxxxxxxx xx xxx xxxxx and xxxxxxxx (x) the XXXX XXX xx XXXX XXX instant payment xxxxxx, (x) XXXX XXX to TIPS XX xxxxxxxxx xxxxxxx xxxxxxx payment xxxxxx, (x) TIPS AS xxxxxxxxx xxxxxxx xx XXXX DCA xxxxxxx xxxxxxx orders xxx (x) TIPS XX xxxxxxxxx xxxxxxx xx XXXX XX technical xxxxxxx xxxxxxx payment xxxxxx,“;

x)

xxxxxxxx xx xxxx xxxxxxxx, xxxxx xxxxx:

„—

“Xxxxxxxx Xxxxxxxx Xxxxxxx'x SEPA Xxxxxxx Credit Xxxxxxxx (XXX Inst) xxxxxx” xx “XXX Inst xxxxxx” means an xxxxxxxxx, open xxxxxxxxx xxxxxx xxxxxxxxx a set xx xxxxxxxxx xxxxx xx be complied xxxx xx XXX Xxxx xxxxxxxxxxxx, xxxxxxxx xxxxxxx xxxxxxxx xxxxxxxxx xx XXXX xx xxxxx xx xxxxxxxxx, XXXX-xxxx xxxx xxxxxxx xxxxxx transfer product,

“TIPS xxxxxxxxx system xxxxxxxxx xxxxxxx (TIPS XX xxxxxxxxx xxxxxxx)” xxxxx xx xxxxxxx xxxx xx an xxxxxxxxx xxxxxx xx x&xxxx;XX xx xx xxxxxxxxx xxxxxx'x xxxxxx in xxx XX’x XXXXXX2 xxxxxxxxx xxxxxx xxx xxx xx xxx xxxxxxxxx system xxx xxx xxxxxxx xx xxxxxxxx instant payments xx its xxx xxxxx,

“XXXX DCA to XXXX AS xxxxxxxxx xxxxxxx liquidity xxxxxxxx xxxxx” xxxxx xxx xxxxxxxxxxx to transfer x&xxxx;xxxxxxxxx amount xx xxxxx xxxx a TIPS XXX to x&xxxx;XXXX XX xxxxxxxxx xxxxxxx xx xxxx the XXXX XXX holder’s xxxxxxxx (or xxx xxxxxxxx of xxxxxxx xxxxxxxxxxx xx the xxxxxxxxx xxxxxx) in xxx xxxxx xx xxx ancillary system,

“TIPS XX xxxxxxxxx account xx TIPS XXX xxxxxxxxx xxxxxxxx xxxxx” xxxxx xxx instruction xx transfer x&xxxx;xxxxxxxxx xxxxxx xx xxxxx xxxx a TIPS AS xxxxxxxxx account xx x&xxxx;XXXX DCA xx xxxxxx xxx XXXX XXX xxxxxx’x position (xx xxx position xx xxxxxxx participant xx xxx xxxxxxxxx xxxxxx) xx xxx xxxxx xx xxx xxxxxxxxx xxxxxx,

“xxxxxxxxx xxxxx” xxxxx xx xxxxxx xxxxx: (a) holds x&xxxx;XXX; (x) xx xxxxxxxxxx xx a reachable xxxxx by a TIPS XXX xxxxxx xx xx xx xxxxxxxxx xxxxxx; (x) xx x&xxxx;xxxxxxxxxxxxx, xxxxxxxx or xxxxxx of a TIPS XXX xxxxxx xx x&xxxx;xxxxxxxxxxx xx xx xxxxxxxxx system, xx x&xxxx;xxxxxxxxxxxxx, xxxxxxxx, or xxxxxx xx a participant xx xx xxxxxxxxx xxxxxx; and (d) xx addressable through xxx XXXX Xxxxxxxx xxx xx able xx xxxxxx instant xxxxxxx xxxxxx xxx xxxxxxx xxxxxxx xxxxxxx xxxxxx xxxxxx xxx xxx XXXX XXX xxxxxx xx xxx xxxxxxxxx system xx, xx xx xxxxxxxxxx xx the TIPS XXX holder or xx xxx ancillary xxxxxx, directly.“;

c)

definice xxxxx „XXXX xxxxxxx service xxxxxxxx“ xx zrušuje;

2.

V článku 2 xxxxxx xxxxxxxx xx xxxxxxxx xxxx text, xxxxx xxx:

„Xxxxxxxx VII:

 Requirements xxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxxxxx management“;

3.

Článek 3 se xxxx takto:

a)

v odstavci 2 xx xxxxxxx xx) xxxxxxxxx xxxxx:

„(xx)

XXXX DCA xx XX xxxxxxxxx xxxxxxxx xxxxxx and XX xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxxx;“;

x)

x&xxxx;xxxxxxxx 2 xx xxxxxx nové xxxxxxx xx), xxxxx xxx:

„(xx)

XXXX XXX to XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx transfer xxxxxx xxx XXXX XX xxxxxxxxx account xx XXXX XXX xxxxxxxxx xxxxxxxx orders; xxx“;

x)

xxxxxxxx 3 xx nahrazuje xxxxx:

„3.&xxxx;&xxxx;&xxxx;XXXXXX2 provides real-time xxxxx settlement xxx xxxxxxxx xx xxxx, xxxx xxxxxxxxxx xx xxxxxxx xxxx xxxxx xxxxxx XX accounts, X2X XXXx xxx XXXX DCAs. XXXXXX2 xx established and xxxxxxxxx xx xxx xxxxx of xxx XXX xxxxxxx which xxxxxxx xxxxxx xxx xxxxxxxxx xxx processed xxx xxxxxxx which xxxxxxxx xxx xxxxxxxxxx xxxxxxxx xx xxx xxxx technical xxxxxx. Xx far as xxx technical xxxxxxxxx xx xxx T2S XXXx is concerned, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx the xxxxx xx the X2X Xxxxxxxx. As xxx xx xxx technical xxxxxxxxx xx xxx XXXX XXXx xxx XXXX XX technical xxxxxxxx xx xxxxxxxxx, XXXXXX2 xx technically xxxxxxxxxxx xxx xxxxxxxxx xx xxx basis xx the TIPS Xxxxxxxx.“;

4.

Xxxxxx&xxxx;5 xx nahrazuje xxxxx:

„Xxxxxxx&xxxx;5

Xxxxxx xxxxxxxxxxxx

XX xxxxxxx xxxxxxx xx TARGET2-ECB xxx xxxxxx participants xxx shall xxxxxx xxxx the xxxxxxxxxxxx xxx xxx xx Xxxxxxx&xxxx;8(1) xxx&xxxx;(2). They xxxxx have xx xxxxx xxx XX xxxxxxx xxxx the XXX. XX xxxxxxx xxxxxxx xxxx have xxxxxxx to xxx XXX Xxxx xxxxxx xx xxxxxxx the XXXX Xxxxxxx Xxxxxx Xxxxxxxx Xxxxxxxxx Xxxxxxxxx xxxxx be xxx xxxxx xxxxxx xxxxxxxxx xx xxx XXXX Xxxxxxxx xx all xxxxx, xxxxxx xx x&xxxx;XXXX XXX xxxxxx xx xx a reachable xxxxx via a TIPS XXX holder.“;

5.

Článek 22 xx xxxxxxxxx tímto:

„Article 22

Security Xxxxxxxxxxxx xxx Xxxxxxx Xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx implement xxxxxxxx xxxxxxxx xxxxxxxx xx xxxxxxx xxxxx systems xxxx unauthorised access xxx use. Xxxxxxxxxxxx xxxxx xx exclusively xxxxxxxxxxx xxx the xxxxxxxx protection xx xxx xxxxxxxxxxxxxxx, xxxxxxxxx xxx xxxxxxxxxxxx of xxxxx xxxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx xxx ECB xx xxx xxxxxxxx-xxxxxxx xxxxxxxxx in their xxxxxxxxx infrastructure and, xxxxx appropriate, xxxxxxxx-xxxxxxx xxxxxxxxx xxxx xxxxx xx xxx xxxxxxxxx xxxxxxxxxxxxxx xx xxx xxxxx xxxxx xxxxxxxxx. Xxx ECB xxx xxxxxxx further xxxxxxxxxxx xxxxx xxx xxxxxxxx xxx, xx xxxxxxxxx, xxxxxxx xxxx the xxxxxxxxxxx take appropriate xxxxxxxx to xxxxxxx x&xxxx;xxxxxxxxxx xx xxxx xx xxxxx.

3.&xxxx;&xxxx;&xxxx;Xxx ECB xxx xxxxxx xxxxxxxxxx xxxxxxxx xxxxxxxxxxxx, xx xxxxxxxxxx xxxx xxxxxx xx xxxxxxxxxxxxx xx xxx prevention xx xxxxx, xx xxx xxxxxxxxxxxx and/or xx xxxxxxxxxxxx xxxx are xxxxxxxxxx xxxxxxxx xx xxx XXX.

4.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxx xxx XXX xxxx: (x) permanent xxxxxx xx their xxxxxxxxxxx of xxxxxxxxx xx xxxxx xxxxxx xxxxxxx xxxxxxx xxxxxxxx’x xxxxxxxx xxxxxxxx xxxxxxxxxxxx, xxx (xx) xx xx annual xxxxx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxx as xxxxxxxxx xx the XXX’x xxxxxxx in Xxxxxxx.

4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxx xxx participant’s self-certification xxxxxxxxx(x) xx xxx xxxxxxxxxxxx xxxxx of xxxxxxxxxx with each xx xxx requirements xxx xxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxxx. Xxxxx requirements xxx xxxxxx in Xxxxxxxx VII, which xx xxxxxxxx to xxx xxxxx Xxxxxxxxxx xxxxxx xx Xxxxxxx&xxxx;2(1), xxxxx form xx xxxxxxxx part xx xxxxx Xxxxxxxxxx.

4x.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxxxxx’x xxxxx xx compliance xxxx xxx xxxxxxxxxxxx xx the XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxx xx xxxxxxxxxxx as xxxxxxx, xx xxxxxxxxxx order xx severity: ‘full xxxxxxxxxx’; ‘minor non-compliance’; xx ‘xxxxx xxx-xxxxxxxxxx’. Xxx xxxxxxxxx criteria xxxxx: full xxxxxxxxxx xx reached where xxxxxxxxxxxx xxxxxxx 100% xx the xxxxxxxxxxxx; xxxxx xxx-xxxxxxxxxx is xxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxx xxxx xxxx 100% xxx xx xxxxx 66% xx xxx xxxxxxxxxxxx xxx xxxxx xxx-xxxxxxxxxx xxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxx less xxxx 66% xx xxx xxxxxxxxxxxx. Xx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxxx xx xx, xx xxxxx xx xxxxxxxxxx xx xxxxxxxxx xxxx xxx xxxxxxxxxx xxxxxxxxxxx for the xxxxxxxx xx xxx xxxxxxxxxxxxxx. X&xxxx;xxxxxxxxxxx which xxxxx xx xxxxx ‘xxxx xxxxxxxxxx’ xxxxx xxxxxx an xxxxxx xxxx demonstrating xxx xx xxxxxxx to xxxxx xxxx xxxxxxxxxx. Xxx XXX xxxxx xxxxxx the xxxxxxxx xxxxxxxxxxx authorities of xxx status xx xxxx xxxxxxxxxxx’x compliance.

4c.   If xxx xxxxxxxxxxx xxxxxxx xx xxxxx permanent xxxxxx xx its xxxxxxxxxxx xx adherence xx xxxxx xxxxxx XXXx endpoint xxxxxxxx xxxxxxxxxxxx or xxxx xxx provide xxx XXXXXX2 xxxx-xxxxxxxxxxxxx the xxxxxxxxxxx’x xxxxx xx xxxxxxxxxx xxxxx xx xxxxxxxxxxx xx ‘xxxxx xxx-xxxxxxxxxx’.

4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxxxx xxxxxxxxxx of xxxxxxxxxxxx on an xxxxxx xxxxx.

4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxx xxxxxx xxx xxxxxxxxx xxxxxxxx xx xxxxxxx xx xxxxxxxxxxxx xxxxx xxxxx xx xxxxxxxxxx was xxxxxxxx xx xxxxx xx xxxxx xxx-xxxxxxxxxx, in xxxxxxxxxx xxxxx xx xxxxxxxx:

(x)

xxxxxxxx xxxxxxxxxx: xxx xxxxxxxxxxx xxxxx xxxxxxx xxx XXX xxxx x&xxxx;xxxxxxx xxxxxx, xxxxxx xx a senior xxxxxxxxx, xx xxxxx xxxxxxxx xx xxxxxxxxxx xxx xxx-xxxxxxxxxx. Xxx xxxxxxxxxxx xxxxx xxxxxxxxxxxx xxxxx x&xxxx;xxxxxxx penalty xxxxxx xxx each xxxxxxxx xxxxxxx equal xx xxx xxxxxxx xxx xx set xxx xx paragraph 1 xx Appendix XX xxxxxxxxx xxx xxxxxxxxxxx xxxx. Xxxx measure xx xxxxxxx xxx xx imposed in xxx event the xxxxxxxxxxx xxxxxxxx x&xxxx;xxxxxx xxxxxxxxxxx xxxxxxxxxx xx xxxxx xxx-xxxxxxxxxx xx xx assessment xx xxxxx non-compliance;

(ii)

suspension: xxxxxxxxxxxxx xx XXXXXX2-XXX xxx xx xxxxxxxxx in xxx xxxxxxxxxxxxx described xx Article 28(2)(b) and (x) of this Xxxxx. By way xx xxxxxxxxxx from Xxxxxxx&xxxx;28 of xxxx Xxxxx, xxx xxxxxxxxxxx xxxxx xx xxxxx xxxxx xxxxxx’ xxxxxx xx such xxxxxxxxxx. Xxx xxxxxxxxxxx shall xxxxx x&xxxx;xxxxxxx xxxxxxx xxxxxx for xxxx xxxxxxxxx xxxxxxx xx xxxxxx its xxxxxxx xxx xx xxx xxx in xxxxxxxxx 1 of Xxxxxxxx XX, xxxxxxxxx xxx xxxxxxxxxxx fees. Xxxx xxxxxxx xx xxxxxxx xxx xx xxxxxxx xx xxx event xxx xxxxxxxxxxx xxxxxxxx x&xxxx;xxxxxx xxxxxxxxxxx xxxxxxxxxx xx major xxx-xxxxxxxxxx;

(xxx)

xxxxxxxxxxx: xxxxxxxxxxxxx xx XXXXXX2-XXX xxx xx xxxxxxxxxx xx xxx xxxxxxxxxxxxx xxxxxxxxx xx Xxxxxxx&xxxx;28(2)(x) xxx (x) xx xxxx Annex. By xxx of xxxxxxxxxx xxxx Xxxxxxx&xxxx;28 of xxxx Annex, the xxxxxxxxxxx xxxxx xx xxxxx three xxxxxx’ xxxxxx xx xxxx xxxxxxxxxxx. Xxx participant xxxxx incur an xxxxxxxxxx penalty xxxxxx xx XXX 1000 xxx xxxx xxxxxxxxxx xxxxxxx. This xxxxxxx xx xxxxxxx xxx xx imposed xx xxx xxxxxxxxxxx xxx xxx xxxxxxxxx xxx xxxxx xxx-xxxxxxxxxx xx xxx satisfaction xx xxx XXX following xxxxx months xx xxxxxxxxxx.“;

6.

X&xxxx;xxxxxx&xxxx;33 xx xxxxxxxx 1 xxxxxxxxx xxxxx:

„1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xx xxxxxx xx be xxxxx xx, shall xxxxxx xxxx, xxx xxxxx xx able to xxxxxxxxxxx that compliance xx xxx xxxxxxxx xxxxxxxxx authorities xxxx xxx xxxxxxxxxxx xx xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxx xxxxxxxxxx. Xxxx shall xx deemed xx xx xxxxx xx, xxx xxxxx comply xxxx all obligations xx xxxx xxxxxxxx xx xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx xxxxxxxxxx xxx xxx xxxxxxxxx xx terrorism, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx the xxxxxxxxxxx xx nuclear xxxxxxx xxxxxxxx systems, in xxxxxxxxxx in terms xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx XX xxxxxxxx. Xxxxxxxxxxxx xxxxx ensure that xxxx xxx xxxxxxxx xxxxx xxx XXXXXX2 xxxxxxx service xxxxxxxx’x xxxx xxxxxxxxx policy xxxxx xx xxxxxxxx xxxx the contractual xxxxxxxxxxxx xxxx xxx XXXXXX2 xxxxxxx xxxxxxx xxxxxxxx.“;

7.

Xxxxxx xx xxxx xxxxxx&xxxx;39x, xxxxx xxx:

„Xxxxxxx&xxxx;39x

Xxxxxxxxxxxx xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxxx the XXXXXX xxxxxx xx operational xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, PM xxxxxxx balances xxxxx xx xxxxxxxxxxx to xxx account xxxxxx’x xxxxxxxxxxxxx xxxxxxxxx xxxxxxxx xx the XXXXXX xxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxx requirement xxxx XX xxxxxxx xxxxxxx, xxxxxxxx Xxxxxxxxxxxx xxx xxxxxxxxxxx XXX xxxxxxx xxxxxxxx xx xxx XXX Xxxx xxxxxx xx reachable xx xxx TIPS Xxxxxxxx xxxxxxxx xx Xxxxxxx&xxxx;5 xxxxx apply xx xx 25 Xxxxxxxx 2022.“;

8.

X&xxxx;xxxxxxx X&xxxx;xx x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 nahrazuje xxxxxxx x) xxxxx:

„(x)

Xxxx-xx-xxxxxxxxxxx xxxx (U2A)

U2A xxxxxxx xxxxxx communication between x&xxxx;xxxxxxxxxxx and xxx XXX. The xxxxxxxxxxx xx xxxxxxxxx in x&xxxx;xxxxxxx xxxxxxx xx x&xxxx;XX xxxxxx (XXXXX Xxxxxxxx XxxXxxxxxx xx xxxxxxx xxxxxxxxx, xx xxx be xxxxxxxx xx XXXXX). For X2X xxxxxx the XX xxxxxxxxxxxxxx has xx xx xxxx xx xxxxxxx cookies. Xxxxxxx xxxxxxx xxx xxxxxxxxx xx the XXX Xxxx Handbook.“;

9.

V dodatku XX xx x&xxxx;xxxxxxxx 6 nahrazuje xxxxxxx x) xxxxx:

„(x)

xxx xxxxxxxxxxx xxxxxxxxxx xx xxxxxxx xxxxxx, xxxxxxxxxxxx xxxxx xxxxxxx xxxxxxxx assets xx xxxxxxxxxx. Xxxxxx xxxxxxxxxxx processing, xxxxxxxx xxxxxxxxxxx xxxxxxxx xxx xx used to xxxx xxxxxxxx xxxxxxxxxxx xxxxxxxx. Xxx the xxxxxxxx xx xxxxxxxxxxx xxxxxxxxxx, xxxxxxxxxxxx’ xxxxxxxxx xxxxxxxxx xxx xxx xx xxxxx xxxx xxxxxxx xx the XXX.“;

10.

Xxxxxxxx xx xxxx xxxxxxx VII, xxxxx xxx:

„Xxxxxxxx XXX

Xxxxxxxxxxxx regarding xxxxxxxxxxx xxxxxxxx management xxx xxxxxxxx xxxxxxxxxx xxxxxxxxxx

Xxxxxxxxxxx xxxxxxxx xxxxxxxxxx

Xxxxx xxxxxxxxxxxx are xxxxxxxxxx xx each xxxxxxxxxxx, xxxxxx xxx participant xxxxxxxxxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxxx xx xx. Xx xxxxxxxxxxxx the xxxxx xx application xx xxx xxxxxxxxxxxx xxxxxx xxx xxxxxxxxxxxxxx, xxx xxxxxxxxxxx xxxxxx xxxxxxxx the xxxxxxxx xxxx xxx xxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx (XXX). Xxxxxxxxxxxx, the PTC xxxxxx xx x&xxxx;Xxxxx xx Xxxxx (XxX), x.x. x&xxxx;xxxxxx involved xx xxx creation xx xxxxxxxxxxxx (x.x. xxxxxxxxxxxx, front-office xxx xxxx-xxxxxx xxxxxxxxxxxx, xxxxxxxxxx), xxx xxxx xx xxx xxxxxx responsible xx xxxx xxx xxxxxxx xx SWIFT (x.x. SWIFT XXX Xxx) xx Xxxxxxxx (xxxx xxx latter xxxxxxxxxx to Internet-based Xxxxxx).

Xxxxxxxxxxx 1.1: Information xxxxxxxx xxxxxx

Xxx management xxxxx xxx x&xxxx;xxxxx xxxxxx direction in xxxx xxxx business xxxxxxxxxx xxx demonstrate xxxxxxx xxx and xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx through xxx xxxxxxxx, xxxxxxxx xxx xxxxxxxxxxx of an xxxxxxxxxxx xxxxxxxx xxxxxx xxxxxx xx managing xxxxxxxxxxx security and xxxxx resilience across xxx xxxxxxxxxxxx xx xxxxx of identification, xxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxx xxxxx xxxxxxxxxx xxxxx. Xxx xxxxxx xxxxxx contain xx xxxxx xxx following xxxxxxxx: xxxxxxxxxx, xxxxx (xxxxxxxxx xxxxxxx xxxx xx xxxxxxxxxxxx, xxxxx xxxxxxxxx, asset xxxxxxxxxx xxx.), xxxxxxxxxx xxx xxxxxxxxxx of xxxxxxxxxxxxxxxx.

Xxxxxxxxxxx 1.2: Xxxxxxxx organisation

An xxxxxxxxxxx xxxxxxxx xxxxxxxxx xxxxx xx xxxxxxxxxxx xx implement xxx xxxxxxxxxxx xxxxxxxx xxxxxx xxxxxx xxx xxxxxxxxxxxx. Xxx xxxxxxxxxx shall xxxxxxxxxx xxx xxxxxx xxx xxxxxxxxxxxxx xx xxx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xx xxxxxx xxx xxxxxxxxxxxxxx xx xxx information security xxxxxx (as xxx Xxxxxxxxxxx 1.1) xxxxxx xxx xxxxxxxxxxxx, including xxx allocation xx xxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxx xx security xxxxxxxxxxxxxxxx xxx this xxxxxxx.

Xxxxxxxxxxx 1.3: Xxxxxxxx xxxxxxx

Xxx xxxxxxxx xx xxx organisation’s xxxxxxxxxxx xxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx should xxx xx xxxxxxx by xxx introduction xx, xxx/xx xxx xxxxxxxxxx xx, an xxxxxxxx xxxxx/xxxxxxx xx products/services xxxxxxxx xx xxxx. Xxx xxxxxx to xxx xxxxxxxxxxxx’x information xxxxxxxxxx xxxxxxxxxx xx xxxxxxxx xxxxxxx shall xx xxxxxxxxxx. Xxxx xxxxxxxx xxxxxxx xx xxxxxxxx/xxxxxxxx xx external xxxxxxx xxx required xx xxxxxx xxx xxxxxxxxxxxx’x information xxxxxxxxxx xxxxxxxxxx, x&xxxx;xxxx xxxxxxxxxx xxxxx be carried xxx xx xxxxxxxxx xxx xxxxxxxx xxxxxxxxxxxx xxx control requirements. Xxxxxxxx xxxxx xx xxxxxx xxx defined xx xx agreement xxxx xxxx xxxxxxxx xxxxxxxx party.

Requirement 1.4: Xxxxx xxxxxxxxxx

Xxx information xxxxxx, xxx business xxxxxxxxx and the xxxxxxxxxx xxxxxxxxxxx xxxxxxx, xxxx xx xxxxxxxxx xxxxxxx, xxxxxxxxxxxxxxx, xxxxxxxx xxxxxxxxxxxx, off-the-shelf products, xxxxxxxx and xxxx-xxxxxxxxx xxxxxxxxxxxx, xx the xxxxx xx the Xxxxxxx Transaction Chain xxxxx xx accounted xxx xxx have x&xxxx;xxxxxxxxx xxxxx. The xxxxxxxxxxxxxx for xxx xxxxxxxxxxx xxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xx the xxxxxxxx xxxxxxxxx xxx xxx related XX xxxxxxxxxx to safeguard xxx xxxxxxxxxxx xxxxxx xxxxx xx assigned. Xxxx: the xxxxx xxx delegate xxx xxxxxxxxxxxxxx of specific xxxxxxxx xx appropriate, xxx xxxxxxx xxxxxxxxxxx xxx xxx xxxxxx xxxxxxxxxx of xxx xxxxxx.

Xxxxxxxxxxx 1.5: Xxxxxxxxxxx xxxxxx classification

Information xxxxxx xxxxx be xxxxxxxxxx xx xxxxx xx xxxxx xxxxxxxxxxx xx xxx smooth delivery xx xxx xxxxxxx xx xxx participant. Xxx xxxxxxxxxxxxxx shall xxxxxxxx xxx xxxx, xxxxxxxxxx xxx xxxxxx xx protection xxxxxxxx xxxx xxxxxxxx xxx xxxxxxxxxxx asset xx xxx xxxxxxxx xxxxxxxx xxxxxxxxx and xxxxx xxxx xxxx xxxx xxxxxxxxxxxxx the underlying XX xxxxxxxxxx. Xx xxxxxxxxxxx xxxxx xxxxxxxxxxxxxx xxxxxx xxxxxxxx xx xxx xxxxxxxxxx xxxxx xx xxxx xx xxxxxx xx xxxxxxxxxxx xxx xx protection xxxxxxxx xxxxxxxxxx the xxxxxxxxxxx asset xxxxxxxxx (xxxxxxxxx xxxxxxx and xxxxxxxxxxx xx xxxxxxxxxxx xxxxxx) xxx xx xxxxxxxxxxx xxx need xxx xxxxxxxx xxxxxxxx xxxxxxxx.

Xxxxxxxxxxx 1.6: Xxxxx xxxxxxxxx security

Security responsibilities xxxxx xx xxxxxxxxx xxxxx xx xxxxxxxxxx xx xxxxxxxx xxx xxxxxxxxxxxx and xx xxxxx xxx conditions xx xxxxxxxxxx. Xxx xxxxxxxxxx xxx employment, xxxxxxxxxxx and xxxxx xxxxx users shall xx xxxxxxxxxx screened, xxxxxxxxxx for xxxxxxxxx xxxx. Xxxxxxxxx, xxxxxxxxxxx xxx xxxxx party xxxxx of xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx shall xxxx xx xxxxxxxxx xx their security xxxxx xxx responsibilities. Xx adequate xxxxx xx awareness xxxxx xx ensured xxxxx xxx employees, xxxxxxxxxxx xxx xxxxx xxxxx xxxxx, xxx education xxx xxxxxxxx xx xxxxxxxx procedures xxx xxx correct xxx xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xx xxxxxxxx xx xxxx xx xxxxxxxx xxxxxxxx xxxxxxxx xxxxx. X&xxxx;xxxxxx xxxxxxxxxxxx xxxxxxx xxx xxxxxxxx security xxxxxxxx xxxxx xx xxxxxxxxxxx xxx employees. Responsibilities xxxxx be xx xxxxx to ensure xxxx xx xxxxxxxx’x, xxxxxxxxxx’x xx third xxxxx xxxx’x xxxx xxxx xx xxxxxxxx xxxxxx xxx organisation xx managed, xxx xxxx xxx xxxxxx xx all equipment xxx xxx removal xx xxx xxxxxx xxxxxx xxx completed.

Requirement 1.7: Xxxxxxxx and xxxxxxxxxxxxx security

Critical xx xxxxxxxxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xx xxxxxx in xxxxxx xxxxx, protected xx xxxxxxx xxxxxxxx xxxxxxxxxx, xxxx xxxxxxxxxxx xxxxxxxx xxxxxxxx xxx xxxxx xxxxxxxx. They xxxxx xx physically xxxxxxxxx xxxx unauthorised xxxxxx, xxxxxx xxx xxxxxxxxxxxx. Xxxxxx xxxxx xx xxxxxxx xxxx xx xxxxxxxxxxx xxx xxxx xxxxxx xxx xxxxx xx Xxxxxxxxxxx 1.6. Xxxxxxxxxx xxx xxxxxxxxx xxxxx xx xxxxxxxxxxx xx protect xxxxxxxx xxxxx containing xxxxxxxxxxx xxxxxx xxxx xx xxxxxxx.

Xxxxxxxxx xxxxx be xxxxxxxxx xxxx physical xxx environmental threats. Xxxxxxxxxx xx xxxxxxxxx (xxxxxxxxx xxxxxxxxx xxxx xxx-xxxx) xxx xxxxxxx xxx xxxxxxx of xxxxxxxx is necessary xx reduce xxx xxxx xx xxxxxxxxxxxx xxxxxx xx xxxxxxxxxxx xxx xx xxxxx xxxxxxx loss or xxxxxx xx xxxxxxxxx xx information. Xxxxxxx xxxxxxxx xxx be xxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx xxx xx xxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxx xx xxx electrical xxxxxx xxx xxxxxxx xxxxxxxxxxxxxx.

Xxxxxxxxxxx 1.8: Xxxxxxxxxx xxxxxxxxxx

Xxxxxxxxxxxxxxxx xxx xxxxxxxxxx xxxxx xx xxxxxxxxxxx xxx xxx xxxxxxxxxx xxx operation of xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxx xxxxxxx in xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxx-xx-xxx.

Xx regards xxxxxxxxx procedures, xxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxx of XX systems, xxxxxxxxxxx xx duties xxxxx xx implemented, xxxxx xxxxxxxxxxx, to xxxxxx xxx xxxx xx xxxxxxxxx or xxxxxxxxxx xxxxxx misuse. Xxxxx xxxxxxxxxxx xx xxxxxx xxxxxx xx xxxxxxxxxxx xxx xx xxxxxxxxxx xxxxxxxxx xxxxxxx, xxxxxxxxxxxx xxxxxxxx shall be xxxxxxxxxxx xxxxxxxxx x&xxxx;xxxxxx xxxx xxxxxxxx. Xxxxxxxx xxxxx xx established xx xxxxxxx xxx xxxxxx xxx xxxxxxxxxxxx xx xxxxxxxxx code xxx systems xx xxx Payment Transaction Xxxxx. Xxxxxxxx shall xx xxxx established (xxxxxxxxx xxxx awareness) xx prevent, detect xxx remove xxxxxxxxx xxxx. Xxxxxx xxxx xxxxx be xxxx xxxx from xxxxxxx xxxxxxx (x.x. xxxxxx Xxxxxxxxx COM xxxxxxxxxx xxx Xxxx Xxxxxxx). Xxx xxxxxxxxxxxxx of xxx browser (x.x. xxx use of xxxxxxxxxx xxx xxxxxxx) xxxxx be xxxxxxxx xxxxxxxxxx.

Xxxx xxxxxx xxx xxxxxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx xx xxx xxxxxxxxxx; xxxxx xxxxxxxx policies shall xxxxxxx x&xxxx;xxxx of xxx xxxxxxxxxxx xxxxxxx xxxxx is xxxxxx xx xxxxxxx intervals xx xxxxx xxxxxxxx.

Xxxxxxx xxxx are critical xxx xxx xxxxxxxx xx payments xxxxx xx xxxxxxxxx xxx xxxxxx xxxxxxxx to xxxxxxxxxxx security xxxxx xx recorded. Xxxxxxxx xxxx xxxxx be xxxx xx xxxxxx xxxx xxxxxxxxxxx system xxxxxxxx are xxxxxxxxxx. Xxxxxxxx xxxx shall xx regularly xxxxxxxx xx x&xxxx;xxxxxx xxxxx, xxxxx on xxx xxxxxxxxxxx xx the xxxxxxxxxx. System monitoring xxxxx be used xx xxxxx xxx xxxxxxxxxxxxx of xxxxxxxx xxxxx are xxxxxxxxxx xx critical xxx xxx security xx xxxxxxxx xxx to xxxxxx conformity to xx xxxxxx xxxxxx xxxxx.

Xxxxxxxxx xx xxxxxxxxxxx xxxxxxx organisations xxxxx xx based xx x&xxxx;xxxxxx xxxxxxxx xxxxxx, xxxxxxx out xx xxxx xxxx xxxxxxxx xxxxxxxxxx among xxx xxxxxxxx parties xxx xxxxx xx xxxxxxxxx xxxx any xxxxxxxx xxxxxxxxxxx. Third xxxxx xxxxxxxx components xxxxxxxx xx the xxxxxxxx xx xxxxxxxxxxx xxxx XXXXXX2 (xxxx xxxxxxxx xxxxxxxx from x&xxxx;Xxxxxxx Xxxxxx xx xxxxxxxx 2 xx the xxxxx xxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx) xxxx xx xxxx xxxxx x&xxxx;xxxxxx xxxxxxxxx with xxx xxxxx xxxxx.

Xxxxxxxxxxx 1.9: Xxxxxx xxxxxxx

Xxxxxx xx xxxxxxxxxxx xxxxxx xxxxx xx justified xx the xxxxx xx xxxxxxxx requirements (xxxx-xx-xxxx&xxxx;(1)) and according xx the xxxxxxxxxxx xxxxxxxxx xx xxxxxxxxx xxxxxxxx (including the xxxxxxxxxxx xxxxxxxx policy). Xxxxx xxxxxx xxxxxxx xxxxx xxxxx xx xxxxxxx xxxxx on xxx principle of xxxxx xxxxxxxxx&xxxx;(2) xx xxxxxxx closely the xxxxx xx the xxxxxxxxxxxxx xxxxxxxx xxx XX processes. Where xxxxxxxx (e.g. xxx xxxxxx xxxxxxxxxx) logical xxxxxx control xxxxxx xx xxxxxxxxxx xxxx xxxxxxxx access xxxxxxx xxxxxx there are xxxxxxxx xxxxxxxxxxxx xxxxxxxx xx xxxxx (x.x. xxxxxxxxxx, personal data xxxxxxxxxxxxx).

Xxxxxx xxx xxxxxxxxxx xxxxxxxxxx shall xx xx xxxxx xx xxxxxxx xxx xxxxxxxxxx xx access xxxxxx xx information xxxxxxx xxx services xxxx xxxx xxxxxx xxx xxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxx procedures xxxxx xxxxx xxx xxxxxx xx xxx lifecycle xx xxxx xxxxxx, xxxx xxx initial xxxxxxxxxxxx of new xxxxx to xxx xxxxx xxxxxxxxxxxxxx xx xxxxx that xx xxxxxx xxxxxxx xxxxxx.

Xxxxxxx xxxxxxxxx xxxxx xx xxxxx, xxxxx xxxxxxxxxxx, xx xxx allocation xx xxxxxx rights xx such xxxxxxxxxxx xxxx the xxxxx xx xxxxx xxxxxx xxxxxx could xxxx xx x&xxxx;xxxxxx xxxxxxx xxxxxx xx xxx xxxxxxxxxx of xxx xxxxxxxxxxx (e.g. xxxxxx xxxxxx xxxxxxxx xxxxxx xxxxxxxxxxxxxx, xxxxxxxx xx xxxxxx controls, xxxxxx xxxxxx xx xxxxxxxx xxxx).

Xxxxxxxxxxx xxxxxxxx xxxxx xx xxx xx xxxxx to identify, xxxxxxxxxxxx xxx authorise xxxxx xx specific xxxxxx xx xxx xxxxxxxxxxxx’x xxxxxxx, e.g. xxx xxxxx xxx xxxxxx access to xxxxxxx in the Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx xxxxxxxx xxxxx xxx xx shared xx order xx xxxxxx accountability.

For xxxxxxxxx, xxxxx xxxxx xx xxxxxxxxxxx and enforced xx xxxxxxxx controls xx ensure xxxx xxxxxxxxx xxxxxx xx xxxxxx guessed, x.x. xxxxxxxxxx xxxxx and xxxxxxx-xxxx xxxxxxxx. X&xxxx;xxxx xxxxxxxx xxxxxxxx xxx/xx xxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx.

X&xxxx;xxxxxx xxxxx xx developed and xxxxxxxxxxx on xxx xxx xx xxxxxxxxxxxxx xxxxxxxx to xxxxxxx xxx xxxxxxxxxxxxxxx, xxxxxxxxxxxx xxx xxxxxxxxx of xxxxxxxxxxx. A key xxxxxxxxxx xxxxxx xxxxx xx xxxxxxxxxxx xx xxxxxxx xxx use of xxxxxxxxxxxxx controls.

There shall xx xxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxxxxxxxx xx xxxxxx xx xx print (e.g. x&xxxx;xxxxx xxxxxx, x&xxxx;xxxxx xxxx policy) to xxxxxx xxx xxxx xx xxxxxxxxxxxx xxxxxx.

Xxxx xxxxxxx remotely, xxx xxxxx of xxxxxxx xx xx unprotected xxxxxxxxxxx xxxxx xx xxxxxxxxxx xxx appropriate xxxxxxxxx and organisational xxxxxxxx shall xx xxxxxxx.

Xxxxxxxxxxx 1.10: Information xxxxxxx acquisition, xxxxxxxxxxx xxx xxxxxxxxxxx

Xxxxxxxx xxxxxxxxxxxx xxxxx xx xxxxxxxxxx xxx xxxxxx prior xx xxx xxxxxxxxxxx xxx/xx xxxxxxxxxxxxxx of xxxxxxxxxxx xxxxxxx.

Xxxxxxxxxxx xxxxxxxx xxxxx be built xxxx xxxxxxxxxxxx, xxxxxxxxx xxxx-xxxxxxxxx applications, xx xxxxxx xxxxxxx processing. Xxxxx controls xxxxx xxxxxxx the xxxxxxxxxx xx input data, xxxxxxxx processing and xxxxxx data. Xxxxxxxxxx xxxxxxxx xxx xx xxxxxxxx xxx xxxxxxx xxxx xxxxxxx, xx xxxx xx xxxxxx xx, sensitive, xxxxxxxx xx xxxxxxxx xxxxxxxxxxx. Xxxx xxxxxxxx xxxxx xx xxxxxxxxxx on xxx xxxxx of xxxxxxxx xxxxxxxxxxxx and xxxx assessment according xx xxx xxxxxxxxxxx xxxxxxxx (x.x. xxxxxxxxxxx xxxxxxxx xxxxxx, cryptographic xxxxxxx xxxxxx).

Xxx xxxxxxxxxxx xxxxxxxxxxxx xx xxx xxxxxxx xxxxx xx xxxxxxxxxxx, xxxxxxxxxx xxx xxxxxx prior xx xxxxx xxxxxxxxxx xxx xxx. Xx regards xxxxxxx xxxxxxxx, xxxxxxxxxxx xxxxxxxx, xxxxxxxxx segmentation xxx xxxxxx xxxxxxxxxx, xxxxxx be xxxxxxxxxxx xxxxx on xxx xxxxxxxxxxx of data xxxxx and the xxxxx of xxxx xx the network xxxxx xx the xxxxxxxxxxxx. Xxxxx xxxxx xx specific xxxxxxxx xx xxxxxxx sensitive xxxxxxxxxxx passing over xxxxxx xxxxxxxx.

Xxxxxx xx xxxxxx xxxxx xxx xxxxxxx source code xxxxx be controlled xxx XX projects xxx xxxxxxx xxxxxxxxxx xxxxxxxxx in x&xxxx;xxxxxx xxxxxx. Xxxx xxxxx xx xxxxx to xxxxx xxxxxxxx xx xxxxxxxxx xxxx xx xxxx xxxxxxxxxxxx. Xxxxxxx xxx xxxxxxx xxxxxxxxxxxx xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxxxxxxxx of xxxxxxx in production xxxxx xx xxxxxxxx xxxxxxxxxx. X&xxxx;xxxx xxxxxxxxxx xx xxx xxxxx xxxxxxx xx be xxxxxxxx xx production xxxxx be xxxxxxxxx.

Xxxxxxx xxxxxxxx xxxxxxx activities xx xxxxxxx in xxxxxxxxxx xxxxx xxxx xx xxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxxxxxx plan xxxxx on the xxxxxxx xx x&xxxx;xxxx xxxxxxxxxx, and security xxxxxxx shall xxxxxxx, xx least, xxxxxxxxxxxxx xxxxxxxxxxx. Xxx xx xxx xxxxxxxxxxxx xxxxxxxxxxx xxxxxx xxx xxxxxxxx xxxxxxx xxxxxxxxxx xxxxx xx xxxxxxxx and xxxxxx plans to xxxxx xxx xxxxxxxxxx xxx xxxxx xx xxxxxxxx and followed xx xx x&xxxx;xxxxxx xxxxxxx.

Xxxxxxxxxxx 1.11: Information xxxxxxxx xx supplier (3) xxxxxxxxxxxxx

Xx xxxxxx xxxxxxxxxx xx xxx participant’s xxxxxxxx xxxxxxxxxxx xxxxxxx xxxx are xxxxxxxxxx xx xxxxxxxxx, information xxxxxxxx xxxxxxxxxxxx xxx xxxxxxxxxx xxx xxxxx xxxxxxxxxx with xxxxxxxx’x xxxxxx xxxxx be xxxxxxxxxx xxx xxxxxxxx xxxxxx upon xxxx xxx supplier.

Requirement 1.12: Xxxxxxxxxx xx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xxx xxxxxxxxxxxx

Xx xxxxxx x&xxxx;xxxxxxxxxx xxx effective approach xx xxx xxxxxxxxxx xx xxxxxxxxxxx security xxxxxxxxx, xxxxxxxxx communication xx xxxxxxxx xxxxxx xxx xxxxxxxxxx, xxxxx, xxxxxxxxxxxxxxxx xxx xxxxxxxxxx, xx business xxx xxxxxxxxx xxxxx, xxxxx xx xxxxxxxxxxx and xxxxxx to ensure x&xxxx;xxxxx, xxxxxxxxx xxx xxxxxxx xxx xxxxxx xxxxxxx xxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxxxx xxxxxxx xx x&xxxx;xxxxx-xxxxxxx xxxxx (e.g. x&xxxx;xxxxx xxxxxxx by xx xxxxxxxx attacker xx by xx xxxxxxx). Personnel xxxxxxxx xx xxxxx procedures xxxxx xx xxxxxxxxxx xxxxxxx.

Xxxxxxxxxxx 1.13: Xxxxxxxxx xxxxxxxxxx xxxxxx

X&xxxx;xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx xxxxxxx (e.g. xxxx xxxxxx xxxxxxx, xxxxxxxx xxxxxxxx xxx xxxxxxxx network connectivity) xxxxx be regularly xxxxxxxx xxx xxxxxxxxxx xxxx xxx organisation’s xxxxxxxxxxx framework xx xxxxxxxx (e.g. information xxxxxxxx policy, xxxxxxxxxxxxx xxxxxxx xxxxxx).

Xxxxxxxxxxx 1.14: Xxxxxxxxxxxxxx

Xxxxx virtual machines xxxxx comply xxxx xxx the xxxxxxxx xxxxxxxx xxxx are xxx xxx xxxxxxxx xxxxxxxx xxx xxxxxxx (x.x. xxxxxxxxx, xxxxxxx). Xxxxxxxx xxxxxxxx xx xxxxxxxxxxx xxxx include: xxxxxxxxx xx xxx xxxxxxxxxx xxx the xxxxxxx xxxxxxxxx system, xxxxxxx patching, xxxxxx xxxxxxxxxx of xxxxxxxxx xxxxxxxxxxxx (x.x. xxxxxxxxxx xxx development). Xxxxxxxxxxx xxxxxxxxxx, logging and xxxxxxxxxx xx well xx xxxxxxxx xx xxxxxx rights, xx xxxxxxxxxx xxx xxxx xxxxxxxxxx xxxxxxxx, shall xx xxxxxxxxxxx xxxxx xx x&xxxx;xxxx xxxxxxxxxx. Xxxxx xxxxxxx machines xxxxxxx xx xxx xxxx xxxxxxxxxx xxxxx xxxx x&xxxx;xxxxxxx risk xxxxxxx.

Xxxxxxxxxxx 1.15: Cloud xxxxxxxxx

Xxx usage of xxxxxx xxx/xx hybrid xxxxx xxxxxxxxx xx xxx Payment Xxxxxxxxxxx Xxxxx must xx xxxxx xx x&xxxx;xxxxxx xxxx assessment, xxxxxx xxxx account xxx xxxxxxxxx xxxxxxxx xxx xxx contractual xxxxxxx xxxxxxx to xxx xxxxx xxxxxxxx.

Xx xxxxxx xxxxx solutions are xxxx, xx xx xxxxxxxxxx xxxx xxx xxxxxxxxxxx level of xxx xxxxxxx system xx the xxxxxxx xxx xx the xxxxxxxxx xxxxxxx. Xxx xx-xxxxxxxx xxxxxxxxxx xx xxx xxxxxx xxxxxxxxx xxxx be xxxxxxxxxx xxxx xxx other xx-xxxxxxxx systems.

Business xxxxxxxxxx xxxxxxxxxx (xxxxxxxxxx xxxx xx xxxxxxxx xxxxxxxxxxxx)

Xxx xxxxxxxxx xxxxxxxxxxxx (2.1 xx 2.6) xxxxxx xx business xxxxxxxxxx xxxxxxxxxx. Each TARGET2 xxxxxxxxxxx xxxxxxxxxx by xxx Xxxxxxxxxx as xxxxx xxxxxxxx xxx xxx xxxxxx xxxxxxxxxxx xx xxx TARGET2 xxxxxx xxxxx xxxx x&xxxx;xxxxxxxx xxxxxxxxxx strategy xx xxxxx comprising xxx xxxxxxxxx xxxxxxxx.

Xxxxxxxxxxx 2.1

:

Xxxxxxxx xxxxxxxxxx xxxxx xxxxx xx xxxxxxxxx xxx procedures xxx xxxxxxxxxxx xxxx xxx xx xxxxx.

Xxxxxxxxxxx 2.2

:

Xx xxxxxxxxx operational xxxx xxxxx xx xxxxxxxxx.

Xxxxxxxxxxx 2.3

:

Xxx xxxx xxxxxxx xx the xxxxxxxxx xxxx xxxxx be xxxxxxxxx from xxxx xx xxx primary xxxx, xx order xx avoid xxxx xxxx xxxxx xxx xxxxxxxx xx xxx xxxx event xx xxx same time. Xxx xxxxxxx, xxx xxxxxxxxx site xxxxx xx xx x&xxxx;xxxxxxxxx xxxxx grid and xxxxxxx xxxxxxxxxxxxxxxxx xxxxxxx xxxx those of xxx primary xxxxxxxx xxxxxxxx.

Xxxxxxxxxxx 2.4

:

In the xxxxx xx x&xxxx;xxxxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxx xxx xxxxxxx site xxxxxxxxxxxx and/or critical xxxxx xxxxxxxxxxx, xxx xxxxxxxx xxxxxxxxxxx xxxxx xx xxxx xx xxxxxx xxxxxx xxxxxxxxxx xxxx xxx alternate xxxx, where xx xxxxx xx xxxxxxxx xx properly xxxxx xxx xxxxxxxx xxx xxx xxxx xxx xxxxxxxxx xxxxxxxx xxx(x).

Xxxxxxxxxxx 2.5

:

Xxxxxxxxxx xxxxx be xx xxxxx xx xxxxxx xxxx xxx xxxxxxxxxx xx transactions xx resumed xxxx xxx xxxxxxxxx xxxx xxxxxx a reasonable xxxxxxxxx xxxxx xxx xxxxxxx xxxxxxxxxx of service xxx xxxxxxxxxxxx xx xxx xxxxxxxxxxx of xxx business that xxx xxxxxxxxx.

Xxxxxxxxxxx 2.6

:

Xxx xxxxxxx xx xxxx xxxx operational xxxxxxxxxxx xxxxx be xxxxxx xx xxxxx once x&xxxx;xxxx xxx xxxxxxxx xxxxx xxxxx xx xxxxxxxxxxxxx trained. The xxxxxxx xxxxxx xxxxxxx xxxxx xxxxx not xxxxxx xxx xxxx.
“.

(1)&xxxx;&xxxx;Xxx xxxx-xx-xxxx xxxxxxxxx xxxxxx xx xxx xxxxxxxxxxxxxx xx the xxx xx xxxxxxxxxxx xxxx xx individual xxxxx xxxxxx to xx xxxxx xx xxxxx xxx xxx/xxx xxxxxx.

(2)&xxxx;&xxxx;Xxx xxxxxxxxx of least xxxxxxxxx refers to xxxxxxxxx x&xxxx;xxxxxxx’x xxxxxx xxxxxxx xx xx XX system in xxxxx xx xxxxx xxx xxxxxxxxxxxxx xxxxxxxx xxxx.

(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx xx xxx xxxxxxx xx xxxx xxxxxxxx xxxxxx be xxxxxxxxxx as any xxxxx xxxxx (xxx xxx personnel) which xx xxxxx contract (xxxxxxxxx), with the xxxxxxxxxxx, xx xxxxxxx x&xxxx;xxxxxxx xxx under xxx xxxxxxx xxxxxxxxx xxx third xxxxx (xxx xxx xxxxxxxxx) xx xxxxxxx xxxxxx, xxxxxx xxxxxxxx xx xx-xxxx, xx xxxxxxxxxxx xxx/xx information systems xxx/xx information xxxxxxxxxx xxxxxxxxxx xx xxx xxxxxxxxxxx in xxxxx xx xxxxxxxxxx xx xxx scope xxxxxxx xxxxx xxx exercise xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx.

PŘÍLOHA XX

Xxxxxxx XX xxxxxxxxxx XXX/2007/7 se xxxx xxxxx:

1.

Xxxxxx&xxxx;1 xx xxxx takto:

a)

definice pojmu „xxxxxxx xxxxxxx order“ xx xxxxxxxxx xxxxx:

„—

“xxxxxxx xxxxxxx order” xxxxx, xx xxxx with xxx European Payments Xxxxxxx'x XXXX Xxxxxxx Xxxxxx Xxxxxxxx (XXX Xxxx) xxxxxx, a payment xxxxxxxxxxx xxxxx can xx executed 24 xxxxx a day any xxxxxxxx xxx of xxx xxxx, with xxxxxxxxx xx xxxxx xx xxxxxxxxx xxxxxxxxxx xxx notification xx xxx xxxxx xxx xxxxxxxx (x) xxx XXXX XXX xx XXXX XXX xxxxxxx xxxxxxx orders, (xx) XXXX XXX xx XXXX AS technical xxxxxxx xxxxxxx xxxxxxx xxxxxx, (xxx) XXXX XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxx xxxxxxx xxxxxx xxx (xx) XXXX XX xxxxxxxxx xxxxxxx xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxx xxxxxxx xxxxxx,“;

x)

xxxxxxxx xx xxxx xxxxxxxx, xxxxx xxxxx:

„—

“XXXX xxxxxxxxx system xxxxxxxxx account (XXXX XX technical xxxxxxx)” xxxxx xx xxxxxxx xxxx by xx xxxxxxxxx system xx x&xxxx;XX xx an xxxxxxxxx xxxxxx'x xxxxxx xx the XX’x XXXXXX2 component xxxxxx xxx xxx xx xxx xxxxxxxxx xxxxxx xxx xxx purpose xx xxxxxxxx xxxxxxx xxxxxxxx xx xxx xxx xxxxx,

“XXXX DCA xx TIPS XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxx” xxxxx xxx instruction xx xxxxxxxx x&xxxx;xxxxxxxxx xxxxxx xx xxxxx xxxx x&xxxx;XXXX XXX xx x&xxxx;XXXX AS technical xxxxxxx to fund xxx TIPS XXX xxxxxx’x xxxxxxxx (or xxx xxxxxxxx xx xxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxx xxxxxx) xx xxx xxxxx xx xxx ancillary xxxxxx,

“XXXX AS xxxxxxxxx xxxxxxx to XXXX XXX xxxxxxxxx transfer xxxxx” xxxxx the xxxxxxxxxxx xx xxxxxxxx x&xxxx;xxxxxxxxx xxxxxx xx xxxxx xxxx x&xxxx;XXXX XX xxxxxxxxx account xx x&xxxx;XXXX XXX xx defund the XXXX XXX holder’s xxxxxxxx (or xxx xxxxxxxx xx another xxxxxxxxxxx xx xxx xxxxxxxxx xxxxxx) xx xxx books xx xxx xxxxxxxxx xxxxxx,

“Xxxxxxx Xxxxxxx Provider (NSP)” xxxxx xx xxxxxxxxxxx xxxx has xxxx xxxxxxx x&xxxx;xxxxxxxxxx with xxx Eurosystem to xxxxxxx connectivity services xxx xxx Eurosystem Xxxxxx Xxxxxx Infrastructure Xxxxxxx.“;

x)

xxxxxxxx pojmu „T2S xxxxxxx xxxxxxx provider“ xx xxxxxxx;

2.

X&xxxx;xx.&xxxx;4 odst. 2 xx písmeno fc) xxxxxxxxx xxxxx:

„(xx)

XXXX XXX xx XX liquidity xxxxxxxx xxxxxx xxx XX xx XXXX XXX xxxxxxxxx transfer xxxxxx;“;

3.

X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 se xxxxxx xxxx písmeno xx), xxxxx zní:

„(fd)

TIPS XXX xx XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx xxxxxx xxx TIPS XX xxxxxxxxx xxxxxxx to XXXX DCA xxxxxxxxx xxxxxxxx xxxxxx; xxx“;

4.

X&xxxx;xxxxxx&xxxx;4 xx xxxxxxxx 3 xxxxxxxxx xxxxx:

„3.&xxxx;&xxxx;&xxxx;XXXXXX2 xxxxxxxx xxxx-xxxx xxxxx xxxxxxxxxx xxx xxxxxxxx in xxxx, xxxx xxxxxxxxxx xx central xxxx xxxxx across XX xxxxxxxx, X2X DCAs xxx TIPS DCAs. XXXXXX2 xx xxxxxxxxxxx xxx functions xx xxx xxxxx xx xxx XXX through xxxxx payment xxxxxx xxx submitted xxx xxxxxxxxx xxx xxxxxxx xxxxx payments xxx xxxxxxxxxx received xx xxx same xxxxxxxxx xxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx of xxx X2X XXXx xx xxxxxxxxx, XXXXXX2 is xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx xx xxx X2X Xxxxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx XXXX XXXx xxx TIPS XX xxxxxxxxx xxxxxxxx is xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx xx xxx XXXX Platform. Xxx XXX is xxx xxxxxxxx xx xxxxxxxx xxxxx xxxxx Conditions. Xxxx xxx xxxxxxxxx xx the SSP-providing XXXx xxx xxx 4XXx shall be xxxxxxxxxx acts xxx xxxxxxxxx xx xxx XXX, xxx xxxxx xx shall xxxxxx xxxxxxxxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;21 xx xxxx Xxxxx. Participation xxxxxxxx xx xxxxx Xxxxxxxxxx xxxxx not xxxxxx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxxxxx X2X XXX xxxxxxx xxx the XXX-xxxxxxxxx XXXx xx xxx 4XXx xxxx xxx of xxx xxxxxx acts in xxxx capacity. Xxxxxxxxxxxx, xxxxxxxx xx information xxxxx a T2S XXX xxxxxx receives from, xx xxxxx xx, xxx XXX xx X2X Xxxxxxxx xx xxxxxxxx to the xxxxxxxx xxxxxxxx xxxxx xxxxx Conditions xxx xxxxxx to xx xxxxxxxx xxxx, xx xxxx to, xxx XXX.“;

5.

X&xxxx;xxxxxx&xxxx;8 xx xxxxxxxx 3 xxxxxxxxx xxxxx:

„3.&xxxx;&xxxx;&xxxx;Xxxxx xxx XXX xxx xxxxxxx a request xx x&xxxx;X2X XXX xxxxxx xxxxxxxx xx xxxxxxxxx 1, xxxx X2X XXX holder is xxxxxx to xxxx xxxxx the xxxxxxxxxxxxx XXX(x) a mandate xx xxxxx xxx X2X XXX xxxx xxx xxxxxxx xxxxxxxx to xxxxxxxxxx xxxxxxxxxxxx xxxxxxxx xx xxxxx xxxxxxxxxx xxxxxxxx.“;

6.

X&xxxx;xxxxxx&xxxx;28 xx xxxxxxxx 1 xxxxxxxxx xxxxx:

„1.&xxxx;&xxxx;&xxxx;X2X XXX xxxxxxx xxxxx xx xxxxxx to xx aware xx, xxxxx xxxxxx xxxx, xxx xxxxx xx xxxx to xxxxxxxxxxx xxxx xxxxxxxxxx to xxx xxxxxxxx competent xxxxxxxxxxx xxxx xxx xxxxxxxxxxx on them xxxxxxxx xx xxxxxxxxxxx xx xxxx protection. Xxxx xxxxx be xxxxxx xx xx xxxxx xx, xxx xxxxx comply xxxx xxx obligations on xxxx xxxxxxxx to xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx laundering xxx the xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx activities xxx xxx development xx xxxxxxx weapons delivery xxxxxxx, xx particular xx xxxxx xx xxxxxxxxxxxx xxxxxxxxxxx measures xxxxxxxxxx xxx xxxxxxxx xxxxxxx xx xxxxxxxx xx xxxxx X2X XXXx. Prior xx xxxxxxxx xxxx xxx xxxxxxxxxxx relationship xxxx xxx T2S xxxxxxx xxxxxxx xxxxxxxx, X2X XXX xxxxxxx xxxxx xxxxxx xxxx xxxx xxx xxxxxxxx about xxx xxxx xxxxxxxxx xxxxxx.“;

7.

Xxxxxx&xxxx;30 xx nahrazuje xxxxx:

„Xxxxxxx&xxxx;30

Xxxxxxxxxxx relationship with xx XXX

1.&xxxx;&xxxx;&xxxx;X2X DCA xxxxxxx xxxxx either:

(a)

have xxxxxxxxx x&xxxx;xxxxxxxx with xx NSP xxxxxx xxx framework of xxx concession contract xxxx xxxx XXX xx xxxxx xx xxxxxxxxx a technical connection xx XXXXXX2- ECB; xx

(x)

xxxxxxx xxx xxxxxxx xxxxxx which has xxxxxxxxx a contract xxxx xx XXX within xxx xxxxxxxxx of xxx xxxxxxxxxx contract xxxx xxxx XXX.

2.&xxxx;&xxxx;&xxxx;Xxx xxxxx relationship between x&xxxx;X2X XXX xxxxxx xxx the XXX xxxxx be xxxxxxxxxxx xxxxxxxx xx xxx xxxxx xxx xxxxxxxxxx xx xxx separate xxxxxxxx concluded with xx NSP xx xxxxxxxx to xx xxxxxxxxx 1(x).

3.&xxxx;&xxxx;&xxxx;Xxx xxxxxxxx xx xx provided xx the XXX xxxxx xxx xxxx xxxx of xxx xxxxxxxx to xx xxxxxxxxx by xxx XXX xx xxxxxxx xx XXXXXX2.

4.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx not be xxxxxx xxx xxx xxxx, errors xx xxxxxxxxx xx the XXX (including xxx xxxxxxxxx, staff xxx xxxxxxxxxxxxxx), xx xxx xxx xxxx, xxxxxx xx xxxxxxxxx xx xxxxx xxxxxxx xxxxxxxx xx participants xx xxxx access xx xxx XXX’x xxxxxxx.“;

8.

Xxxxxx xx xxxx xxxxxx&xxxx;34x, xxxxx xxx:

„Xxxxxxx&xxxx;34x

Xxxxxxxxxxxx xxxxxxxxxx

Xxxx xxx TARGET xxxxxx xx xxxxxxxxxxx xxx XXXXXX2 xxx ceased xxxxxxxxx, T2S XXX xxxxxxx xxxxx become X2X XXX xxxxxxx xx xxx XXXXXX xxxxxx.“;

9.

Xxxxxx xx xxxxx „X2X xxxxxxx xxxxxxx xxxxxxxx“ (v jednotném xxxx xxxxxxx xxxxx) x&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 xxxx. a) xxxx x), xx.&xxxx;9 xxxx.&xxxx;5, xx.&xxxx;10 xxxx.&xxxx;6, xx.&xxxx;14 xxxx.&xxxx;1 xxxx. x), čl. 22 odst. 1, xx.&xxxx;22 xxxx.&xxxx;2, xx.&xxxx;22 xxxx.&xxxx;3, čl. 27 xxxx.&xxxx;5, xx.&xxxx;28 odst. 1, xx.&xxxx;29 xxxx.&xxxx;1 xxxxxxx XX x&xxxx;x&xxxx;xxxxxxxx 1 dodatku X&xxxx;xx xxxxxxxxx xxxxxxx „XXX“;

10.

X&xxxx;xxxxxxx X&xxxx;xx x&xxxx;xxxx.&xxxx;8 xxxxxxx. 4 xxxxxxxxx xxxxxxx x) xxxxx:

„(x)

Xxxx-xx-xxxxxxxxxxx xxxx (X2X)

X2X xxxxxxx xxxxxx xxxxxxxxxxxxx xxxxxxx x&xxxx;X2X XXX xxxxxx xxx the X2X XXX. The information xx displayed xx x&xxxx;xxxxxxx xxxxxxx xx x&xxxx;XX xxxxxx. Xxx X2X access xxx XX infrastructure has xx xx xxxx xx xxxxxxx xxxxxxx. Xxxxxxx xxxxxxx xxx xxxxxxxxx xx xxx X2X User Xxxxxxxx.“.

XXXXXXX XXX

Xxxxxxx XXX xxxxxxxxxx ECB/2007/7 xx xxxx xxxxx:

1.

Xxxxxx na xxxxx „TIPS xxxxxxx xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx xxxx xxxxxxx xxxxx) x&xxxx;xxxx xxxxxxx se xxxxxxxxx xxxxxxx „XXX“;

2.

Xxxxxx&xxxx;1 xx xxxx xxxxx:

x)

xxxxxxxx xxxxx „xxxxxxxxx xxxxx“ xx xxxxxxxxx xxxxx:

„—

“xxxxxxxxx xxxxx” means xx xxxxxx which: (a) xxxxx x&xxxx;XXX, (b) xx xxxxxxxxxx xx x&xxxx;xxxxxxxxx xxxxx xx x&xxxx;XXXX XXX xxxxxx xx xx xx xxxxxxxxx xxxxxx; (x) xx x&xxxx;xxxxxxxxxxxxx, xxxxxxxx xx xxxxxx xx x&xxxx;XXXX XXX holder xx a participant of xx xxxxxxxxx xxxxxx xx x&xxxx;xxxxxxxxxxxxx, xxxxxxxx xx xxxxxx xx x&xxxx;xxxxxxxxxxx xx xx xxxxxxxxx system; and (x) xx addressable xxxxxxx xxx TIPS Xxxxxxxx xxx is xxxx xx xxxxxx xxxxxxx payment xxxxxx xxx xxxxxxx xxxxxxx xxxxxxx orders xxxxxx xxx xxx XXXX XXX xxxxxx xx xxx ancillary xxxxxx xx, if xx xxxxxxxxxx xx xxx XXXX DCA xxxxxx xx xx the xxxxxxxxx xxxxxx, directly,“;

b)

definice xxxxx „xxxxxxx xxxxx“ xx nahrazuje xxxxx:

„—

“xxxxxxx xxxxx”, except xxxxx xxxx xx Articles 16 xx 18 xx this Xxxxx, xxxxx xx instant xxxxxxx xxxxx, a positive xxxxxx xxxxxx, x&xxxx;XX xx TIPS DCA xxxxxxxxx xxxxxxxx order, x&xxxx;XXXX DCA xx XX xxxxxxxxx xxxxxxxx xxxxx, x&xxxx;XXXX XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxx xx x&xxxx;XXXX XXX to XXXX XX xxxxxxxxx xxxxxxx xxxxxxxxx transfer xxxxx,“;

x)

xxxxxxxx xxxxx „instant xxxxxxx xxxxx“ se xxxxxxxxx xxxxx:

„—

“xxxxxxx payment xxxxx” xxxxx, xx xxxx xxxx xxx Xxxxxxxx Xxxxxxxx Xxxxxxx'x XXXX Instant Xxxxxx Xxxxxxxx (XXX Xxxx) xxxxxx, x&xxxx;xxxxxxx xxxxxxxxxxx xxxxx can be xxxxxxxx 24 xxxxx x&xxxx;xxx xxx xxxxxxxx xxx xx xxx xxxx, xxxx xxxxxxxxx xx xxxxx to xxxxxxxxx processing xxx xxxxxxxxxxxx xx xxx xxxxx and includes (x) TIPS XXX xx TIPS XXX xxxxxxx xxxxxxx orders, (x) XXXX XXX xx XXXX XX xxxxxxxxx xxxxxxx instant xxxxxxx xxxxxx, (x) XXXX AS technical xxxxxxx to XXXX XXX instant xxxxxxx xxxxxx xxx (x) XXXX XX xxxxxxxxx xxxxxxx xx TIPS XX xxxxxxxxx account xxxxxxx payment xxxxxx,“;

x)

xxxxxxxx xx xxxx definice, xxxxx xxxxx:

„—

“XXXX xxxxxxxxx xxxxxx xxxxxxxxx account (XXXX XX technical xxxxxxx)” xxxxx an xxxxxxx xxxx xx xx ancillary xxxxxx xx xxx CB xx xx xxxxxxxxx xxxxxx'x xxxxxx xx xxx CB’s TARGET2 xxxxxxxxx xxxxxx for xxx xx xxxx xxxxxxxxx system for xxx xxxxxxx xx xxxxxxxx instant payments xx xxx xxx xxxxx,

“XXXX XXX to XXXX XX technical xxxxxxx xxxxxxxxx xxxxxxxx xxxxx” xxxxx xxx xxxxxxxxxxx xx xxxxxxxx x&xxxx;xxxxxxxxx amount of xxxxx xxxx a TIPS XXX xx a TIPS XX xxxxxxxxx account xx xxxx the XXXX DCA xxxxxx’x xxxxxxxx (xx xxx xxxxxxxx xx xxxxxxx xxxxxxxxxxx xx xxx xxxxxxxxx xxxxxx) xx xxx xxxxx of xxx xxxxxxxxx xxxxxx,

“XXXX XX technical xxxxxxx xx TIPS XXX xxxxxxxxx xxxxxxxx order” xxxxx xxx instruction xx xxxxxxxx x&xxxx;xxxxxxxxx xxxxxx xx xxxxx xxxx a TIPS XX xxxxxxxxx xxxxxxx to x&xxxx;XXXX XXX to xxxxxx xxx TIPS XXX holder’s position (xx xxx xxxxxxxx xx another xxxxxxxxxxx xx the xxxxxxxxx xxxxxx) xx the xxxxx of xxx xxxxxxxxx xxxxxx,

“Xxxxxxxx Xxxxxxxx Xxxxxxx'x SEPA Instant Xxxxxx Xxxxxxxx (XXX Xxxx) scheme” or “XXX Xxxx scheme” xxxxx xx xxxxxxxxx, xxxx xxxxxxxxx xxxxxx xxxxxxxxx a set xx xxxxxxxxx xxxxx xx xx xxxxxxxx with xx SCT Xxxx xxxxxxxxxxxx, xxxxxxxx xxxxxxx xxxxxxxx providers in XXXX to offer xx automated, XXXX-xxxx xxxx xxxxxxx credit xxxxxxxx product,

“mobile xxxxx xxxx-xx (MPL) service” xxxxx x&xxxx;xxxxxxx which xxxxxxx XXXX XXX xxxxxxx, xxxxxxxxx xxxxxxx xxxxx XXXX AS xxxxxxxxx xxxxxxxx xxx xxxxxxxxx parties, xxx xxxxxxx xxxx xxxxx xxxxxxxxx a request to xxxxxxx xx xxxxxxx xxxxxxx xxxxx xx xxxxxx of x&xxxx;xxxxxxxxxxx xxxxxxxxxx with x&xxxx;xxxxx (x.x. x&xxxx;xxxxxx xxxxxx), xx retrieve from xxx xxxxxxx XXX xxxxxxxxxx xxx corresponding xxxxxxxxxxx XXXX xxx xxx BIC xx xx xxxx to xxxxxx the relevant xxxxxxx in TIPS,

“Network Xxxxxxx Provider (XXX)” xxxxx xx undertaking xxxx xxx xxxx xxxxxxx x&xxxx;xxxxxxxxxx with xxx Xxxxxxxxxx xx xxxxxxx xxxxxxxxxxxx xxxxxxxx xxx xxx Xxxxxxxxxx Xxxxxx Xxxxxx Xxxxxxxxxxxxxx Xxxxxxx,

“XXXX” xxxxx xxx xxxxxxxxxxxxx xxxx xxxxxxx xxxxxx which xxxxxxxx xxxxxxxxxx an xxxxxxxxxx xxxxxxx xx a specific xxxxxxxxx xxxxxxxxxxx in x&xxxx;xxxxxxxxxx country.“;

e)

definice xxxxx „XXXX network service xxxxxxxx“ xx xxxxxxx;

3.

X&xxxx;xx.&xxxx;3 xxxx.&xxxx;1 xx xxxxxxx xxxxx xx „Appendix X: TIPS xxxxxxxxxxxx xxxxxxxxx requirements“;

4.

Článek 4 xx xxxx xxxxx:

x)

x&xxxx;xxxxxxxx 2 xx xxxxxxxx xxxx xxxxxxx x), xxxxx xxx:

„(x)

XXXX DCA xx XXXX AS xxxxxxxxx xxxxxxx xxxxxxxxx transfer xxxxxx xxx XXXX XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx xxxxxx; xxx“;

x)

xxxxxxxx 3 se xxxxxxxxx tímto:

„3.   TARGET2 provides xxxx-xxxx xxxxx settlement xxx xxxxxxxx in xxxx, xxxx xxxxxxxxxx xx xxxxxxx bank xxxxx across PM xxxxxxxx, X2X XXXx xxx TIPS DCAs. TARGET2 xx xxxxxxxxxxx and xxxxxxxxx xx xxx xxxxx xx xxx XXX through xxxxx xxxxxxx xxxxxx are xxxxxxxxx xxx processed xxx through xxxxx xxxxxxxx are xxxxxxxxxx xxxxxxxx xx xxx xxxx technical xxxxxx. Xx xxx xx xxx xxxxxxxxx xxxxxxxxx xx xxx TIPS XXXx and TIPS XX xxxxxxxxx xxxxxxxx xx xxxxxxxxx, TARGET2 xx xxxxxxxxxxx established xxx xxxxxxxxx xx xxx xxxxx xx xxx XXXX Xxxxxxxx. Xx far as xxx xxxxxxxxx xxxxxxxxx xx xxx T2S XXXx is concerned, XXXXXX2 is xxxxxxxxxxx xxxxxxxxxxx xxx functions xx xxx xxxxx xx xxx X2X Xxxxxxxx.“;

5.

X&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 písm. x) xx xxx x) xxxxxxxxx tímto:

„(i)

install, xxxxxx, xxxxxxx xxx xxxxxxx xxx xxxxxx xxx security xx xxx xxxxxxxxx IT xxxxxxxxxxxxxx to xxxxxxx xx xxx XXXX Xxxxxxxx xxx xxxxxx xxxxxxx orders xx xx. In doing xx, xxxxxxxxx XXXX XXX holders xxx xxxxxxx xxxxx parties, xxx xxxxxx sole xxxxxxxxx. In particular, xxxxxx xx xxxxxxxxxxx xxxxx xx used, xxxxxxxxx XXXX DCA xxxxxxx xxxxx enter xxxx xx xxxxxxxxx xxxx xxx xx xxxx XXXx to xxxxxx the xxxxxxxxx xxxxxxxxxx xxx admissions, xx accordance xxxx xxx xxxxxxxxx xxxxxxxxxxxxxx xx Appendix X; xxx“;

6.

Xxxxxx&xxxx;9 xx xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;9

Xxxxxxxxxxx xxxxxxxxxxxx with xx XXX

1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx:

(x)

xxxxxxxx a contract with xx NSP xxxxxx xxx xxxxxxxxx xx xxx xxxxxxxxxx contract xxxx xxxx NSP xx xxxxx xx xxxxxxxxx x&xxxx;xxxxxxxxx xxxxxxxxxx xx TARGET2-ECB; xx

(x)

xxxxxxx xxx xxxxxxx entity xxxxx xxx xxxxxxxxx x&xxxx;xxxxxxxx with xx XXX xxxxxx the xxxxxxxxx xx xxx xxxxxxxxxx xxxxxxxx with xxxx NSP.

2.   The xxxxx xxxxxxxxxxxx xxxxxxx a participant xxx the XXX xxxxx be exclusively xxxxxxxx xx the xxxxx xxx xxxxxxxxxx xx xxxxx separate xxxxxxxx xx xxxxxxxx xx in xxxxxxxxx 1(x).

3.&xxxx;&xxxx;&xxxx;Xxx services xx xx xxxxxxxx xx xxx NSP xxxxx xxx xxxx xxxx xx xxx xxxxxxxx xx xx performed xx xxx XXX xx respect xx XXXXXX2.

4.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxx xx xxxxxx xxx xxx xxxx, xxxxxx or xxxxxxxxx xx xxx XXX (xxxxxxxxx xxx directors, xxxxx xxx xxxxxxxxxxxxxx), xx xxx any xxxx, errors xx xxxxxxxxx by xxxxx xxxxxxx xxxxxxxx xx xxxxxxxxxxxx xx xxxx xxxxxx to xxx XXX’x xxxxxxx.“;

7.

Xxxxxx&xxxx;10 xx xxxxxxx;

8.

Xxxxxx se xxxx xxxxxx&xxxx;11x, který zní:

„Article 11a

MPL xxxxxxxxxx

1.&xxxx;&xxxx;&xxxx;Xxx xxxxxxx XXX xxxxxxxxxx xxxxxxxx xxx xxxxx – XXXX xxxxxxx xxxxx for xxx purposes xx xxx MPL xxxxxxx.

2.&xxxx;&xxxx;&xxxx;Xxxx xxxxx xxx xx xxxxxx to xxxx xxx XXXX. Xx XXXX xxx be xxxxxx xx xxx xx multiple xxxxxxx.

3.&xxxx;&xxxx;&xxxx;Xxxxxxx&xxxx;29 xxxxx xxxxx to xxx xxxx xxxxxxxxx xx xxx XXX xxxxxxxxxx.“;

9.

X&xxxx;xxxxxx&xxxx;12 se xxxxxxx xxxxxxxx 9;

10.

Článek 16 xx xxxxxxxxx xxxxx:

„Xxxxxxx&xxxx;16

Xxxxx of xxxxxxx xxxxxx xx XXXX XXX

Xxx following xxx classified xx xxxxxxx xxxxxx for xxx xxxxxxxx xx xxx TIPS xxxxxxx:

(x)

xxxxxxx xxxxxxx xxxxxx;

(x)

xxxxxxxx recall xxxxxxx;

(x)

XXXX DCA to XX liquidity xxxxxxxx xxxxxx;

(x)

XXXX XXX xx XXXX AS xxxxxxxxx xxxxxxx liquidity transfer xxxxxx; xxx

(x)

XXXX XX xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx orders.“;

11.

V článku 18 xx xxxxxxxx 6 nahrazuje xxxxx:

„6.&xxxx;&xxxx;&xxxx;Xxxxx a TIPS XXX xx XX xxxxxxxxx xxxxxxxx xxxxx, a TIPS XXX to TIPS XX xxxxxxxxx xxxxxxx xxxxxxxxx xxxxxxxx order xx x&xxxx;XXXX XX xxxxxxxxx xxxxxxx to XXXX DCA xxxxxxxxx xxxxxxxx xxxxx has xxxx xxxxxxxx xx xxxxxxxx xx in Xxxxxxx&xxxx;17, xxx TARGET2-ECB xxxxx xxxxx whether xxxxxxxxxx xxxxx are xxxxxxxxx on xxx xxxxx'x account. Xx xxxxxxxxxx funds are xxx xxxxxxxxx xxx xxxxxxxxx xxxxxxxx xxxxx xxxxx be xxxxxxxx. Xx xxxxxxxxxx funds xxx xxxxxxxxx xxx xxxxxxxxx xxxxxxxx xxxxx xxxxx xx settled xxxxxxxxxxx.“;

12.

X&xxxx;xx.&xxxx;20 xxxx.&xxxx;1 se xxxxxxx b) nahrazuje xxxxx:

„(x)

XXXX DCA xx XX xxxxxxxxx transfer xxxxxx, positive recall xxxxxxx xxx TIPS XXX xx XXXX XX xxxxxxxxx account xxxxxxxxx xxxxxxxx xxxxxx xxx xxxxxx xxxxxxx xxxx TARGET2-ECB xxx xxxxxxxxxxx xx the xxxxxx xxxx the xxxxxxxx XXXX DCA xx xxxxxxx. XXXX XX technical account xx TIPS XXX xxxxxxxxx transfer orders xxx deemed xxxxxxx xxxx TARGET2-ECB xxx xxxxxxxxxxx xx xxx xxxxxx xxxx xxx xxxxxxxx XXXX XX xxxxxxxxx xxxxxxx xx xxxxxxx.“;

13.

X&xxxx;xxxxxx&xxxx;30 xx odstavec 1 xxxxxxxxx tímto:

„1.   TIPS XXX xxxxxxx shall xx xxxxxx xx xx xxxxx xx, xxxxx xxxxxx xxxx xxx shall xx xxxx xx demonstrate xxxx compliance xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx xxxx all xxxxxxxxxxx on them xxxxxxxx xx xxxxxxxxxxx xx xxxx xxxxxxxxxx. Xxxx shall xx xxxxxx xx xx xxxxx of, xxx xxxxx xxxxxx xxxx xxx obligations xx xxxx xxxxxxxx to xxxxxxxxxxx xx xxxxxxxxxx xx money laundering xxx xxx financing xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx xxx xxxxxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, xx particular xx xxxxx of xxxxxxxxxxxx xxxxxxxxxxx measures xxxxxxxxxx xxx xxxxxxxx xxxxxxx or xxxxxxxx xx xxxxx TIPS XXXx. XXXX DCA xxxxxxx ensure xxxx xxxx xxx xxxxxxxx xxxxx their xxxxxx XXX'x data retrieval xxxxxx xxxxx xx xxxxxxxx xxxx a contractual xxxxxxxxxxxx xxxx xxxx XXX.“;

14.

Xxxxxx se nový xxxxxx&xxxx;35x, xxxxx xxx:

„Xxxxxxx&xxxx;35x

Xxxxxxxxxxxx xxxxxxxxx

Xxxx xxx XXXXXX xxxxxx xx xxxxxxxxxxx xxx xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, XXXX XXX xxxxxxx xxxxx xxxxxx XXXX XXX holders xx xxx XXXXXX system.“;

15.

V dodatku X&xxxx;xx xxxxxxx x&xxxx;xxxxxxxx 2 xxxxxxxxx tímto:

„Message Xxxx

Xxxxxxx Xxxx

Xxxx.002

XXXxXXXxxxxxx Xxxxxx Xxxxxx

Xxxx.004

XxxxxxxXxxxxx

Xxxx.008

XXXxXXXxxxxxxxXxxxxxXxxxxxxx

Xxxx.028

XXXxXXXxxxxxxXxxxxxXxxxxxx

xxxx.003

XxxXxxxxxx

xxxx.004

XxxxxxXxxxxxx

xxxx.005

XxxXxxxxxxxxxx

xxxx.006

XxxxxxXxxxxxxxxxx

xxxx.011

XxxxxxXxxxx

xxxx.019

XxxxxxXxxxxxxxXxxXxxxxxxxxxx

xxxx.025

Xxxxxxx

xxxx.029

XxxxxxxxxxXxXxxxxxxxxxxxx

xxxx.050

XxxxxxxxxXxxxxxXxxxxxxx

xxxx.052

XxxxXxXxxxxxxxXxxxxxxXxxxxx

xxxx.053

XxxxXxXxxxxxxxXxxxxxxxx

xxxx.054

XxxxXxXxxxxxxxXxxxxXxxxxxXxxxxxxxxxxx

xxxx.056

XXXxXXXxxxxxxXxxxxxxxxxxxXxxxxxx

xxxx.010

XxxxxxxXxxxxxxXxxxxxxxxxxxxxx

xxxx.011

XxxxxxxXxxxxxxXxxxxxxxx

xxxx.015

XxxxxxxXxxxxxxxXxxxxxxXxxxxxxxxxxXxxxxxx

xxxx.016

XxxxxXxxxxxXxxxxxX01

xxxx.022

XxxxxXxxxxxxxxxxxXxxxxxxX01“

16.

X&xxxx;xxxxxxx I se x&xxxx;xxxx.&xxxx;6 xxxxxxx. 1 xxxxxxxxx xxxxxxx b) tímto:

„(b)

User-to-application xxxx (X2X)

X2X xxxxxxx xxxxxx xxxxxxxxxxxxx xxxxxxx x&xxxx;XXXX DCA xxxxxx xxx xxx TIPS XXX. Xxx xxxxxxxxxxx xx displayed xx x&xxxx;xxxxxxx xxxxxxx xx x&xxxx;XX xxxxxx. For X2X xxxxxx the XX infrastructure has xx xx able xx xxxxxxx xxxxxxx. Xxxxxxx details xxx xxxxxxxxx in xxx XXXX User Handbook.“;

17.

V dodatku XX xx zrušuje xxxxxxxx 2;

18.

Dodatek X&xxxx;xx xxxxxxx.