ROZHODNUTÍ EVROPSKÉ XXXXXXXXX XXXXX (XX) 2021/1758
xx xxx 21. září 2021,
xxxxxx xx xxxx rozhodnutí XXX/2007/7 o podmínkách XXXXXX2-XXX (XXX/2021/43)
XXXXXXX RADA XXXXXXXX XXXXXXXXX BANKY,
s ohledem xx Xxxxxxx x&xxxx;xxxxxxxxx Evropské xxxx, x&xxxx;xxxxxxx xx xxxxx a čtvrtou xxxxxxx xx.&xxxx;127 xxxx.&xxxx;2 xxxx xxxxxxx,
x&xxxx;xxxxxxx xx xxxxxx Xxxxxxxxxx xxxxxxx xxxxxxxxxxx xxxx a Evropské xxxxxxxxx xxxxx, x&xxxx;xxxxxxx xx xxxxxx&xxxx;11.6 x&xxxx;xxxxxx 17, 22 x&xxxx;23 tohoto xxxxxxx,
xxxxxxxx x&xxxx;xxxxx xxxxxxx:
|
(1) |
Xxxx xxxxxxxxx změnila (1) xxx 20.&xxxx;xxxxxxxx 2021 xxxxxx xxxxxx Xxxxxxxx xxxxxxxxx xxxxx ECB/2012/27 (2) x&xxxx;xxxxx: x) xxxxxxxx, xx xxxxxxxx XXXX XXX xxxxx x&xxxx;XXXXXX2 připojeni xxxxxxxxxxxxxxx jednotného xxxxxxx xxxxx xxxxxxxxxxxxxx Eurosystému (Xxxxxxxxxx Single Market Xxxxxxxxxxxxxx Gateway) xx xxxxxxxxx 2021 a majitelé X2X XXX xxxxx x&xxxx;XXXXXX2 xxxxxxxxxxxxxxx tohoto xxxxxxx připojeni xx xxxxxx 2022; x) xxxxxxxx a rozšířit xxxxxxxx xxxxxxxx xx xxxxxxxxxx xxxxxxxxx xx bezpečnost xxxxxxxxx bodu XXXXXX2, xxx se xxxxxxxxx, xx xx xxxxxx XXXXXX2 bude xxxx xxxxxxx xxx, aby xxx xxxxxxx čelit xxxxxxx v oblasti kybernetické xxxxxxxxxxx; c) zavést xxxxxxxxx, xxx xxxxxxxx xxxx XX, xxxxxx xxxxxxx účastníci x&xxxx;xxxxxxxxxxxxx xxxxxxxx xxxx XXX, xxxxx xxxxxxxxxxx x&xxxx;xxxxxxxxxxx xxxxxxx SCT Inst xxxxxxxx dohody x&xxxx;xxxxxxxxxx xxxxxxx pro xxxxxxxx xxxxxxxxxxxxx převody XXXX, xxxx x&xxxx;xxxxxxx trvale xxxxxxxxxxx xx xxxxxxxxx XXXX xxxxxxxxxxxxxxx XXXX XXX, tak xxx xx xxxxxxxxx xxxxxxxxxx xxxxxxxxxx plateb v celé Xxxx; x) xxxxxx xxxxxxxxxxxxxxx, pokud xxx x&xxxx;xxxxxxx převodu xxxxxxxx x&xxxx;xxxx xxxxxxxxx x&xxxx;XXXXXX2 xx odpovídající nástupnické xxxx x&xxxx;xxxxxxxx xxxxxxx XXXXXX, aby byla xxxxxxxxx xxxxxx jistota, x&xxxx;x) vyjasnit a aktualizovat xxxxxxx xxxxx xxxxxxx xxxxxxxx xxxxx ECB/2012/27. |
|
(2) |
Jakmile xxxx xxxxxxxxxx projekt xxxxxxxxxxx X2-X2X, xxxx x&xxxx;xxxxx právní jistoty xxxxxx xxxxxxxx xxxxxxxx xxxxxxxxxxxxxxx, xxxxx jde x&xxxx;xxxxxxx převodu zůstatků x&xxxx;xxxx účastníků v TARGET2-ECB xx odpovídající xxxxxxxxxxx xxxx. |
|
(3) |
Xxxxx xxxxxxxx xxxxx XXX/2012/27, které xxxx xxxx na xxxxxxxx XXXXXX2-XXX, xx xxxxx xxxxxxxxx x&xxxx;xxxxxxxxxx Xxxxxxxx xxxxxxxxx banky ECB/2007/7 (3). |
|
(4) |
Rozhodnutí XXX/2007/7 je proto xxxxx xxxxxxxxxxxxx xxxxxxxx xxxxxx, |
XXXXXXX XXXX XXXXXXXXXX:
Xxxxxx&xxxx;1
Xxxxx
Xxxxxxx X, XX x&xxxx;XXX rozhodnutí XXX/2007/7 xx xxxx x&xxxx;xxxxxxx x&xxxx;xxxxxxxxx xxxxxx xxxxxxxxxx.
Xxxxxx&xxxx;2
Xxxxxxxxx xxxxxxxxxx
Xxxx xxxxxxxxxx xxxxxxxx x&xxxx;xxxxxxxx xxxxx xxxx po xxxxxxxxxx x&xxxx;Xxxxxxx xxxxxxxx Xxxxxxxx xxxx.
Xxxxxxx xx xxx xxx 21.&xxxx;xxxxxxxxx 2021, x&xxxx;xxxxxxxx odst. 1 xxxx. x) x&xxxx;xxxxxxxx 7 x&xxxx;9 xxxxxxx XX xxxxxx xxxxxxxxxx, xxxxx xx použijí xxx xxx 13.&xxxx;xxxxxx 2022.
Xx Xxxxxxxxxx nad Xxxxxxx dne 21.&xxxx;xxxx 2021.
Xxxxxxxxxxx XXX
Xxxxxxxxx XXXXXXX
(1)&xxxx;&xxxx;Xxxxxx xxxxxx Evropské xxxxxxxxx xxxxx (EU) 2021/1759 xx dne 20.&xxxx;xxxxxxxx 2021, xxxxxxx xx xxxx xxxxxx zásady XXX/2012/27 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxxx systému xxxxxxxxx xxxxxx x&xxxx;xxxxxxx xxxx (XXXXXX2) (ECB/2021/30) [(xxx xxxxxx 45 x&xxxx;xxxxx xxxxx Xxxxxxxx xxxxxxxx).
(2)&xxxx;&xxxx;Xxxxxx xxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2012/27 ze xxx 5. prosince 2012 x&xxxx;xxxxxxxxxxxxxx xxxxxxxxx automatizovaném xxxxxxx xxxxxxxxx xxxxxx x&xxxx;xxxxxxx čase (TARGET2) (Xx. věst. X&xxxx;30, 30.1.2013, x. 1).
(3)&xxxx;&xxxx;Xxxxxxxxxx Xxxxxxxx xxxxxxxxx xxxxx XXX/2007/7 xx xxx 24.&xxxx;xxxxxxxx 2007 o podmínkách XXXXXX2-XXX (Xx. xxxx. X&xxxx;237, 8.9.2007, s. 71).
XXXXXXX X
Xxxxxxx I rozhodnutí XXX/2007/7 se mění xxxxx:
|
1. |
Xxxxxx&xxxx;1 xx mění xxxxx:
|
|
2. |
X&xxxx;xxxxxx&xxxx;2 xxxxxx xxxxxxxx se xxxxxxxx xxxx text, xxxxx zní:
|
|
3. |
Článek 3 xx xxxx xxxxx:
|
|
4. |
Xxxxxx&xxxx;5 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;5 Xxxxxx participants PM account xxxxxxx xx TARGET2-ECB xxx xxxxxx xxxxxxxxxxxx xxx xxxxx xxxxxx xxxx xxx requirements xxx xxx xx Xxxxxxx&xxxx;8(1) and (2). Xxxx xxxxx have at xxxxx one PM xxxxxxx xxxx xxx XXX. XX account xxxxxxx xxxx have xxxxxxx xx xxx XXX Xxxx xxxxxx xx signing the XXXX Xxxxxxx Xxxxxx Xxxxxxxx Xxxxxxxxx Xxxxxxxxx xxxxx xx and xxxxx xxxxxx xxxxxxxxx xx xxx XXXX Xxxxxxxx xx xxx xxxxx, either xx x&xxxx;XXXX XXX xxxxxx xx xx a reachable xxxxx via x&xxxx;XXXX XXX xxxxxx.“; |
|
5. |
Xxxxxx&xxxx;22 se xxxxxxxxx tímto: „Article 22 Security Xxxxxxxxxxxx xxx Xxxxxxx Procedures 1. Participants xxxxx xxxxxxxxx xxxxxxxx xxxxxxxx controls xx xxxxxxx xxxxx systems xxxx xxxxxxxxxxxx xxxxxx xxx xxx. Participants xxxxx be xxxxxxxxxxx xxxxxxxxxxx for xxx xxxxxxxx protection xx xxx confidentiality, xxxxxxxxx xxx xxxxxxxxxxxx xx xxxxx xxxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx xxx XXX xx xxx xxxxxxxx-xxxxxxx xxxxxxxxx xx xxxxx xxxxxxxxx infrastructure xxx, xxxxx appropriate, xxxxxxxx-xxxxxxx xxxxxxxxx xxxx xxxxx xx xxx technical xxxxxxxxxxxxxx xx the xxxxx party providers. Xxx XXX xxx xxxxxxx further xxxxxxxxxxx xxxxx xxx incident xxx, if xxxxxxxxx, xxxxxxx xxxx xxx xxxxxxxxxxx xxxx xxxxxxxxxxx xxxxxxxx xx xxxxxxx x&xxxx;xxxxxxxxxx of xxxx xx xxxxx. 3.&xxxx;&xxxx;&xxxx;Xxx ECB xxx xxxxxx xxxxxxxxxx xxxxxxxx xxxxxxxxxxxx, in xxxxxxxxxx xxxx regard xx xxxxxxxxxxxxx xx xxx prevention of xxxxx, xx xxx xxxxxxxxxxxx xxx/xx on xxxxxxxxxxxx xxxx xxx xxxxxxxxxx xxxxxxxx by xxx XXX. 4.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxxx xxx XXX xxxx: (i) xxxxxxxxx xxxxxx xx their xxxxxxxxxxx xx xxxxxxxxx xx xxxxx xxxxxx xxxxxxx xxxxxxx provider’s xxxxxxxx security xxxxxxxxxxxx, xxx (xx) on xx annual xxxxx xxx TARGET2 self-certification xxxxxxxxx xx xxxxxxxxx xx xxx ECB’s xxxxxxx xx Xxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxx xxx xxxxxxxxxxx’x self-certification xxxxxxxxx(x) on the xxxxxxxxxxxx xxxxx of xxxxxxxxxx xxxx each xx the requirements xxx xxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxxx. Xxxxx xxxxxxxxxxxx xxx xxxxxx xx Xxxxxxxx VII, which xx addition xx xxx xxxxx Xxxxxxxxxx xxxxxx xx Xxxxxxx&xxxx;2(1), xxxxx xxxx an xxxxxxxx xxxx of xxxxx Xxxxxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx participant’s xxxxx xx xxxxxxxxxx xxxx xxx xxxxxxxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx shall xx xxxxxxxxxxx xx xxxxxxx, xx xxxxxxxxxx xxxxx xx xxxxxxxx: ‘full xxxxxxxxxx’; ‘minor xxx-xxxxxxxxxx’; xx ‘xxxxx xxx-xxxxxxxxxx’. Xxx following xxxxxxxx xxxxx: full xxxxxxxxxx xx xxxxxxx where xxxxxxxxxxxx xxxxxxx 100% xx xxx xxxxxxxxxxxx; xxxxx xxx-xxxxxxxxxx xx xxxxx x&xxxx;xxxxxxxxxxx satisfies xxxx than 100% xxx at least 66% of xxx xxxxxxxxxxxx and xxxxx xxx-xxxxxxxxxx xxxxx a participant xxxxxxxxx xxxx xxxx 66% xx the xxxxxxxxxxxx. Xx a participant xxxxxxxxxxxx that x&xxxx;xxxxxxxx xxxxxxxxxxx is xxx xxxxxxxxxx xx xx, xx shall be xxxxxxxxxx xx compliant xxxx the respective xxxxxxxxxxx for xxx xxxxxxxx of the xxxxxxxxxxxxxx. A participant xxxxx xxxxx xx xxxxx ‘xxxx compliance’ xxxxx xxxxxx xx xxxxxx xxxx xxxxxxxxxxxxx xxx xx intends xx xxxxx xxxx compliance. Xxx XXX shall xxxxxx the xxxxxxxx xxxxxxxxxxx authorities xx xxx xxxxxx xx xxxx xxxxxxxxxxx’x xxxxxxxxxx. 4x.&xxxx;&xxxx;&xxxx;Xx xxx participant xxxxxxx xx grant permanent xxxxxx xx xxx xxxxxxxxxxx xx xxxxxxxxx xx xxxxx xxxxxx XXXx xxxxxxxx xxxxxxxx xxxxxxxxxxxx xx xxxx xxx provide xxx XXXXXX2 self-certification the xxxxxxxxxxx’x xxxxx xx xxxxxxxxxx shall xx xxxxxxxxxxx xx ‘major xxx-xxxxxxxxxx’. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxxxx xxxxxxxx xxxxxxxxxx xx xxxxxxxxxxxx xx xx xxxxxx xxxxx. 4x.&xxxx;&xxxx;&xxxx;Xxx XXX xxx impose the xxxxxxxxx xxxxxxxx xx xxxxxxx on xxxxxxxxxxxx xxxxx level xx xxxxxxxxxx xxx xxxxxxxx xx xxxxx or xxxxx non-compliance, in xxxxxxxxxx order xx xxxxxxxx:
|
|
6. |
X&xxxx;xxxxxx&xxxx;33 xx xxxxxxxx 1 nahrazuje xxxxx: „1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xx deemed xx xx xxxxx xx, xxxxx xxxxxx xxxx, and xxxxx xx xxxx xx xxxxxxxxxxx xxxx xxxxxxxxxx xx xxx relevant xxxxxxxxx xxxxxxxxxxx with xxx xxxxxxxxxxx xx xxxx relating xx xxxxxxxxxxx xx data xxxxxxxxxx. They xxxxx xx deemed to xx xxxxx xx, xxx xxxxx xxxxxx xxxx xxx xxxxxxxxxxx xx them xxxxxxxx xx legislation on xxxxxxxxxx xx money xxxxxxxxxx and xxx xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx xxx xxxxxxxxxxx xx xxxxxxx xxxxxxx xxxxxxxx systems, in xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx appropriate xxxxxxxx xxxxxxxxxx any xxxxxxxx xxxxxxx or xxxxxxxx on xxxxx XX xxxxxxxx. Xxxxxxxxxxxx xxxxx xxxxxx xxxx xxxx are xxxxxxxx xxxxx xxx XXXXXX2 xxxxxxx xxxxxxx xxxxxxxx’x xxxx xxxxxxxxx xxxxxx xxxxx xx entering xxxx the xxxxxxxxxxx xxxxxxxxxxxx with xxx XXXXXX2 network xxxxxxx xxxxxxxx.“; |
|
7. |
Xxxxxx xx nový xxxxxx&xxxx;39x, který zní: „Article 39a Transitional xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxxx xxx TARGET xxxxxx xx operational xxx XXXXXX2 xxx xxxxxx xxxxxxxxx, XX xxxxxxx xxxxxxxx shall xx xxxxxxxxxxx to xxx account holder’s xxxxxxxxxxxxx xxxxxxxxx xxxxxxxx xx xxx XXXXXX xxxxxx. 2.&xxxx;&xxxx;&xxxx;Xxx requirement xxxx XX xxxxxxx xxxxxxx, xxxxxxxx Xxxxxxxxxxxx xxx xxxxxxxxxxx XXX xxxxxxx xxxxxxxx xx the XXX Xxxx xxxxxx xx reachable xx xxx XXXX Xxxxxxxx xxxxxxxx to Xxxxxxx&xxxx;5 xxxxx apply as xx 25 February 2022.“; |
|
8. |
X&xxxx;xxxxxxx X&xxxx;xx v odst. 8 xxxxxxx. 4 xxxxxxxxx xxxxxxx x) xxxxx:
|
|
9. |
X&xxxx;xxxxxxx XX xx v odstavci 6 xxxxxxxxx xxxxxxx x) xxxxx:
|
|
10. |
Xxxxxxxx se xxxx xxxxxxx XXX, xxxxx xxx: „Xxxxxxxx XXX Xxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx business xxxxxxxxxx xxxxxxxxxx Xxxxxxxxxxx xxxxxxxx xxxxxxxxxx Xxxxx xxxxxxxxxxxx xxx applicable xx xxxx xxxxxxxxxxx, xxxxxx xxx participant xxxxxxxxxxxx that x&xxxx;xxxxxxxx xxxxxxxxxxx is xxx xxxxxxxxxx xx xx. Xx xxxxxxxxxxxx xxx xxxxx xx xxxxxxxxxxx xx xxx xxxxxxxxxxxx xxxxxx xxx infrastructure, xxx participant xxxxxx xxxxxxxx xxx elements xxxx are part xx xxx Payment Xxxxxxxxxxx Xxxxx (PTC). Xxxxxxxxxxxx, xxx XXX xxxxxx xx x&xxxx;Xxxxx xx Xxxxx (XxX), x.x. x&xxxx;xxxxxx xxxxxxxx xx xxx xxxxxxxx xx transactions (e.g. xxxxxxxxxxxx, xxxxx-xxxxxx xxx xxxx-xxxxxx applications, xxxxxxxxxx), xxx xxxx at xxx xxxxxx xxxxxxxxxxx xx xxxx xxx xxxxxxx xx SWIFT (x.x. SWIFT VPN Xxx) xx Xxxxxxxx (xxxx xxx xxxxxx xxxxxxxxxx xx Xxxxxxxx-xxxxx Xxxxxx). Xxxxxxxxxxx 1.1: Information xxxxxxxx xxxxxx Xxx management xxxxx xxx x&xxxx;xxxxx xxxxxx direction xx xxxx xxxx xxxxxxxx xxxxxxxxxx xxx xxxxxxxxxxx xxxxxxx xxx and xxxxxxxxxx to xxxxxxxxxxx xxxxxxxx through the xxxxxxxx, approval xxx xxxxxxxxxxx xx xx xxxxxxxxxxx xxxxxxxx xxxxxx xxxxxx xx xxxxxxxx xxxxxxxxxxx xxxxxxxx and xxxxx resilience xxxxxx xxx organisation in xxxxx xx xxxxxxxxxxxxxx, xxxxxxxxxx xxx treatment xx information security xxx xxxxx resilience xxxxx. The policy xxxxxx xxxxxxx xx xxxxx the following xxxxxxxx: objectives, xxxxx (xxxxxxxxx xxxxxxx xxxx xx xxxxxxxxxxxx, xxxxx xxxxxxxxx, xxxxx xxxxxxxxxx xxx.), principles xxx xxxxxxxxxx xx xxxxxxxxxxxxxxxx. Xxxxxxxxxxx 1.2: Xxxxxxxx xxxxxxxxxxxx Xx xxxxxxxxxxx xxxxxxxx xxxxxxxxx xxxxx xx established xx xxxxxxxxx the xxxxxxxxxxx security xxxxxx xxxxxx xxx organisation. Xxx xxxxxxxxxx xxxxx xxxxxxxxxx and xxxxxx xxx establishment xx xxx information xxxxxxxx xxxxxxxxx xx xxxxxx xxx implementation of xxx information xxxxxxxx xxxxxx (xx xxx Xxxxxxxxxxx 1.1) xxxxxx xxx organisation, xxxxxxxxx xxx xxxxxxxxxx xx xxxxxxxxxx xxxxxxxxx xxx xxxxxxxxxx of xxxxxxxx xxxxxxxxxxxxxxxx xxx xxxx xxxxxxx. Xxxxxxxxxxx 1.3: Xxxxxxxx xxxxxxx Xxx xxxxxxxx xx xxx organisation’s xxxxxxxxxxx xxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxx xxx xx reduced xx xxx xxxxxxxxxxxx xx, xxx/xx the xxxxxxxxxx xx, xx xxxxxxxx xxxxx/xxxxxxx or xxxxxxxx/xxxxxxxx xxxxxxxx by them. Xxx xxxxxx xx xxx organisation’s xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xx xxxxxxxx xxxxxxx xxxxx xx controlled. When xxxxxxxx xxxxxxx xx xxxxxxxx/xxxxxxxx of xxxxxxxx xxxxxxx xxx xxxxxxxx xx access the xxxxxxxxxxxx’x information processing xxxxxxxxxx, a risk xxxxxxxxxx xxxxx xx xxxxxxx xxx to xxxxxxxxx xxx security xxxxxxxxxxxx xxx xxxxxxx xxxxxxxxxxxx. Xxxxxxxx xxxxx be xxxxxx xxx xxxxxxx xx xx agreement xxxx xxxx xxxxxxxx xxxxxxxx xxxxx. Xxxxxxxxxxx 1.4: Xxxxx management All xxxxxxxxxxx xxxxxx, the business xxxxxxxxx xxx the xxxxxxxxxx xxxxxxxxxxx xxxxxxx, xxxx as operating xxxxxxx, xxxxxxxxxxxxxxx, xxxxxxxx xxxxxxxxxxxx, off-the-shelf xxxxxxxx, xxxxxxxx xxx xxxx-xxxxxxxxx xxxxxxxxxxxx, xx xxx xxxxx of xxx Xxxxxxx Xxxxxxxxxxx Xxxxx xxxxx xx xxxxxxxxx xxx xxx xxxx x&xxxx;xxxxxxxxx owner. Xxx xxxxxxxxxxxxxx for xxx xxxxxxxxxxx and xxx xxxxxxxxx xx appropriate xxxxxxxx xx xxx xxxxxxxx processes xxx xxx xxxxxxx XX xxxxxxxxxx xx safeguard xxx xxxxxxxxxxx xxxxxx xxxxx be xxxxxxxx. Xxxx: xxx xxxxx xxx xxxxxxxx xxx xxxxxxxxxxxxxx xx specific xxxxxxxx xx xxxxxxxxxxx, xxx remains xxxxxxxxxxx xxx the xxxxxx xxxxxxxxxx of xxx xxxxxx. Xxxxxxxxxxx 1.5: Xxxxxxxxxxx xxxxxx classification Information assets xxxxx xx xxxxxxxxxx xx xxxxx xx xxxxx xxxxxxxxxxx xx xxx xxxxxx xxxxxxxx xx xxx service xx xxx participant. Xxx classification xxxxx xxxxxxxx the xxxx, xxxxxxxxxx xxx xxxxxx xx xxxxxxxxxx xxxxxxxx xxxx xxxxxxxx xxx xxxxxxxxxxx xxxxx in xxx xxxxxxxx business xxxxxxxxx xxx xxxxx xxxx xxxx xxxx xxxxxxxxxxxxx xxx underlying XX components. An xxxxxxxxxxx asset xxxxxxxxxxxxxx xxxxxx xxxxxxxx xx xxx xxxxxxxxxx xxxxx xx xxxx xx xxxxxx an xxxxxxxxxxx xxx xx protection xxxxxxxx throughout the xxxxxxxxxxx xxxxx xxxxxxxxx (xxxxxxxxx xxxxxxx xxx xxxxxxxxxxx xx xxxxxxxxxxx xxxxxx) xxx xx xxxxxxxxxxx xxx xxxx xxx xxxxxxxx xxxxxxxx xxxxxxxx. Xxxxxxxxxxx 1.6: Human xxxxxxxxx xxxxxxxx Xxxxxxxx xxxxxxxxxxxxxxxx xxxxx xx addressed xxxxx xx xxxxxxxxxx xx xxxxxxxx job xxxxxxxxxxxx and xx xxxxx xxx xxxxxxxxxx xx xxxxxxxxxx. Xxx xxxxxxxxxx xxx employment, xxxxxxxxxxx and third xxxxx xxxxx xxxxx xx xxxxxxxxxx xxxxxxxx, xxxxxxxxxx xxx sensitive xxxx. Xxxxxxxxx, xxxxxxxxxxx xxx third party xxxxx of xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xxxx xx xxxxxxxxx xx xxxxx xxxxxxxx xxxxx xxx responsibilities. Xx adequate level xx awareness xxxxx xx xxxxxxx among xxx employees, xxxxxxxxxxx xxx third party xxxxx, and education xxx xxxxxxxx xx xxxxxxxx procedures and xxx correct xxx xx xxxxxxxxxxx processing xxxxxxxxxx shall be xxxxxxxx xx xxxx xx xxxxxxxx xxxxxxxx xxxxxxxx risks. X&xxxx;xxxxxx xxxxxxxxxxxx xxxxxxx xxx xxxxxxxx security breaches xxxxx xx xxxxxxxxxxx xxx xxxxxxxxx. Xxxxxxxxxxxxxxxx xxxxx be in xxxxx xx ensure xxxx an employee’s, xxxxxxxxxx’x xx third xxxxx xxxx’x exit xxxx xx transfer xxxxxx xxx organisation xx managed, and xxxx the xxxxxx xx xxx xxxxxxxxx xxx xxx removal xx xxx xxxxxx xxxxxx xxx xxxxxxxxx. Xxxxxxxxxxx 1.7: Xxxxxxxx xxx xxxxxxxxxxxxx xxxxxxxx Xxxxxxxx or xxxxxxxxx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxx xx xxxxxx in xxxxxx xxxxx, xxxxxxxxx xx xxxxxxx xxxxxxxx xxxxxxxxxx, xxxx appropriate security xxxxxxxx xxx xxxxx xxxxxxxx. Xxxx shall xx xxxxxxxxxx xxxxxxxxx xxxx xxxxxxxxxxxx xxxxxx, xxxxxx xxx xxxxxxxxxxxx. Xxxxxx xxxxx xx xxxxxxx xxxx xx xxxxxxxxxxx xxx xxxx xxxxxx xxx scope xx Requirement 1.6. Xxxxxxxxxx xxx standards xxxxx be xxxxxxxxxxx xx xxxxxxx xxxxxxxx xxxxx xxxxxxxxxx information xxxxxx xxxx in xxxxxxx. Xxxxxxxxx xxxxx xx xxxxxxxxx xxxx xxxxxxxx xxx xxxxxxxxxxxxx xxxxxxx. Xxxxxxxxxx xx xxxxxxxxx (xxxxxxxxx equipment xxxx xxx-xxxx) xxx xxxxxxx xxx removal of xxxxxxxx xx xxxxxxxxx xx reduce the xxxx of xxxxxxxxxxxx xxxxxx to information xxx xx xxxxx xxxxxxx loss xx xxxxxx xx xxxxxxxxx xx xxxxxxxxxxx. Special xxxxxxxx xxx xx xxxxxxxx xx protect xxxxxxx xxxxxxxx threats xxx to safeguard xxxxxxxxxx xxxxxxxxxx such xx xxx xxxxxxxxxx xxxxxx xxx cabling xxxxxxxxxxxxxx. Xxxxxxxxxxx 1.8: Operations xxxxxxxxxx Xxxxxxxxxxxxxxxx and procedures xxxxx xx xxxxxxxxxxx xxx the xxxxxxxxxx xxx xxxxxxxxx xx xxxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxx systems xx xxx Payment Transaction Xxxxx xxx-xx-xxx. Xx regards xxxxxxxxx xxxxxxxxxx, xxxxxxxxx xxxxxxxxx xxxxxxxxxxxxxx of XX xxxxxxx, xxxxxxxxxxx xx duties shall xx xxxxxxxxxxx, xxxxx xxxxxxxxxxx, to reduce xxx xxxx xx xxxxxxxxx xx deliberate xxxxxx xxxxxx. Xxxxx xxxxxxxxxxx xx duties xxxxxx xx implemented xxx xx xxxxxxxxxx xxxxxxxxx xxxxxxx, compensatory xxxxxxxx shall be xxxxxxxxxxx following x&xxxx;xxxxxx xxxx analysis. Controls xxxxx xx xxxxxxxxxxx xx xxxxxxx xxx xxxxxx the xxxxxxxxxxxx xx xxxxxxxxx xxxx xxx xxxxxxx xx xxx Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx xxxxx xx also xxxxxxxxxxx (xxxxxxxxx xxxx awareness) xx prevent, xxxxxx xxx xxxxxx malicious xxxx. Mobile xxxx xxxxx xx used xxxx xxxx xxxxxxx xxxxxxx (e.g. signed Xxxxxxxxx COM xxxxxxxxxx xxx Xxxx Xxxxxxx). Xxx xxxxxxxxxxxxx xx xxx xxxxxxx (x.x. xxx xxx xx xxxxxxxxxx and xxxxxxx) xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxx xxxxxx xxx xxxxxxxx policies xxxxx xx xxxxxxxxxxx xx xxx xxxxxxxxxx; those xxxxxxxx xxxxxxxx shall xxxxxxx a plan xx xxx xxxxxxxxxxx xxxxxxx xxxxx xx xxxxxx xx regular intervals xx least xxxxxxxx. Xxxxxxx xxxx xxx critical xxx xxx xxxxxxxx xx payments xxxxx xx xxxxxxxxx and xxxxxx relevant to xxxxxxxxxxx security xxxxx xx xxxxxxxx. Xxxxxxxx xxxx shall xx xxxx xx xxxxxx xxxx xxxxxxxxxxx xxxxxx xxxxxxxx are xxxxxxxxxx. Xxxxxxxx logs shall xx regularly reviewed xx x&xxxx;xxxxxx xxxxx, xxxxx xx xxx xxxxxxxxxxx xx xxx xxxxxxxxxx. Xxxxxx xxxxxxxxxx xxxxx xx xxxx xx xxxxx xxx xxxxxxxxxxxxx xx controls xxxxx xxx xxxxxxxxxx xx critical xxx xxx security xx xxxxxxxx xxx xx xxxxxx xxxxxxxxxx xx xx xxxxxx policy xxxxx. Xxxxxxxxx xx xxxxxxxxxxx xxxxxxx organisations xxxxx xx xxxxx xx x&xxxx;xxxxxx exchange policy, xxxxxxx xxx in xxxx xxxx xxxxxxxx xxxxxxxxxx among xxx xxxxxxxx xxxxxxx xxx xxxxx xx xxxxxxxxx xxxx any relevant xxxxxxxxxxx. Xxxxx party xxxxxxxx xxxxxxxxxx xxxxxxxx xx xxx xxxxxxxx xx information xxxx XXXXXX2 (like software xxxxxxxx xxxx a Service Xxxxxx xx scenario 2 xx xxx xxxxx xxxxxxx xx xxx XXXXXX2 xxxx-xxxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx) xxxx xx xxxx xxxxx x&xxxx;xxxxxx xxxxxxxxx with xxx xxxxx party. Requirement 1.9: Xxxxxx control Access xx xxxxxxxxxxx xxxxxx xxxxx xx xxxxxxxxx xx xxx xxxxx xx xxxxxxxx xxxxxxxxxxxx (xxxx-xx-xxxx&xxxx;(1)) xxx xxxxxxxxx xx xxx established xxxxxxxxx of corporate xxxxxxxx (xxxxxxxxx xxx xxxxxxxxxxx security policy). Xxxxx access xxxxxxx xxxxx shall be xxxxxxx xxxxx xx xxx xxxxxxxxx xx xxxxx privilege (2) to xxxxxxx xxxxxxx the xxxxx xx xxx xxxxxxxxxxxxx xxxxxxxx xxx XX processes. Where xxxxxxxx (x.x. for xxxxxx xxxxxxxxxx) xxxxxxx xxxxxx xxxxxxx xxxxxx xx xxxxxxxxxx xxxx xxxxxxxx access xxxxxxx xxxxxx there xxx xxxxxxxx xxxxxxxxxxxx controls xx xxxxx (e.g. xxxxxxxxxx, personal xxxx xxxxxxxxxxxxx). Xxxxxx xxx documented xxxxxxxxxx shall xx xx xxxxx xx xxxxxxx the allocation xx access xxxxxx xx xxxxxxxxxxx xxxxxxx xxx xxxxxxxx that xxxx within xxx xxxxx xx xxx Xxxxxxx Transaction Chain. Xxx xxxxxxxxxx shall xxxxx xxx xxxxxx xx the lifecycle xx xxxx xxxxxx, xxxx xxx xxxxxxx xxxxxxxxxxxx of xxx xxxxx xx xxx xxxxx xxxxxxxxxxxxxx xx xxxxx xxxx xx xxxxxx require access. Special xxxxxxxxx shall xx xxxxx, where appropriate, xx the xxxxxxxxxx xx xxxxxx rights xx such xxxxxxxxxxx xxxx xxx xxxxx xx those access xxxxxx xxxxx xxxx xx a severe xxxxxxx xxxxxx xx xxx xxxxxxxxxx xx xxx xxxxxxxxxxx (e.g. access xxxxxx allowing system xxxxxxxxxxxxxx, xxxxxxxx xx xxxxxx xxxxxxxx, direct xxxxxx to xxxxxxxx xxxx). Xxxxxxxxxxx xxxxxxxx xxxxx xx xxx xx xxxxx xx xxxxxxxx, xxxxxxxxxxxx xxx xxxxxxxxx xxxxx xx specific xxxxxx xx the xxxxxxxxxxxx’x network, x.x. xxx xxxxx and xxxxxx access xx xxxxxxx in the Xxxxxxx Xxxxxxxxxxx Xxxxx. Xxxxxxxx xxxxxxxx shall xxx xx shared xx order xx xxxxxx accountability. For xxxxxxxxx, xxxxx xxxxx xx xxxxxxxxxxx xxx enforced xx xxxxxxxx xxxxxxxx xx xxxxxx that xxxxxxxxx xxxxxx be xxxxxx xxxxxxx, x.x. xxxxxxxxxx xxxxx xxx xxxxxxx-xxxx xxxxxxxx. X&xxxx;xxxx xxxxxxxx xxxxxxxx xxx/xx xxxxx xxxxxxxx xxxxx xx xxxxxxxxxxx. X&xxxx;xxxxxx xxxxx xx xxxxxxxxx and xxxxxxxxxxx on xxx xxx xx xxxxxxxxxxxxx xxxxxxxx xx protect xxx xxxxxxxxxxxxxxx, xxxxxxxxxxxx xxx integrity of xxxxxxxxxxx. X&xxxx;xxx management xxxxxx xxxxx xx xxxxxxxxxxx xx support xxx xxx of xxxxxxxxxxxxx controls. There xxxxx xx policy xxx xxxxxxx confidential information xx xxxxxx xx xx xxxxx (x.x. x&xxxx;xxxxx xxxxxx, x&xxxx;xxxxx xxxx xxxxxx) xx xxxxxx xxx risk xx xxxxxxxxxxxx xxxxxx. Xxxx xxxxxxx xxxxxxxx, xxx xxxxx xx working xx an xxxxxxxxxxx xxxxxxxxxxx xxxxx xx xxxxxxxxxx xxx appropriate xxxxxxxxx xxx organisational xxxxxxxx xxxxx xx xxxxxxx. Xxxxxxxxxxx 1.10: Xxxxxxxxxxx xxxxxxx acquisition, xxxxxxxxxxx xxx xxxxxxxxxxx Xxxxxxxx xxxxxxxxxxxx xxxxx be xxxxxxxxxx xxx xxxxxx prior xx the development xxx/xx implementation xx xxxxxxxxxxx xxxxxxx. Xxxxxxxxxxx xxxxxxxx xxxxx xx built xxxx xxxxxxxxxxxx, xxxxxxxxx xxxx-xxxxxxxxx xxxxxxxxxxxx, xx xxxxxx correct processing. Xxxxx xxxxxxxx xxxxx xxxxxxx xxx xxxxxxxxxx xx input xxxx, xxxxxxxx processing xxx xxxxxx xxxx. Xxxxxxxxxx xxxxxxxx xxx be xxxxxxxx xxx xxxxxxx xxxx process, xx xxxx xx xxxxxx xx, xxxxxxxxx, xxxxxxxx xx xxxxxxxx xxxxxxxxxxx. Xxxx controls shall xx xxxxxxxxxx xx xxx xxxxx xx xxxxxxxx requirements xxx xxxx assessment according xx xxx established xxxxxxxx (e.g. xxxxxxxxxxx xxxxxxxx policy, xxxxxxxxxxxxx xxxxxxx policy). The xxxxxxxxxxx xxxxxxxxxxxx xx new xxxxxxx xxxxx xx xxxxxxxxxxx, documented and xxxxxx prior to xxxxx xxxxxxxxxx and xxx. As regards xxxxxxx xxxxxxxx, xxxxxxxxxxx xxxxxxxx, xxxxxxxxx xxxxxxxxxxxx xxx xxxxxx xxxxxxxxxx, xxxxxx xx implemented xxxxx xx xxx xxxxxxxxxxx xx xxxx xxxxx and the xxxxx xx risk xx xxx xxxxxxx xxxxx in xxx xxxxxxxxxxxx. There xxxxx xx specific xxxxxxxx xx protect sensitive xxxxxxxxxxx passing xxxx xxxxxx networks. Access xx xxxxxx files and xxxxxxx xxxxxx code xxxxx be xxxxxxxxxx xxx XX projects xxx support xxxxxxxxxx xxxxxxxxx xx x&xxxx;xxxxxx xxxxxx. Xxxx xxxxx xx taken xx xxxxx xxxxxxxx of xxxxxxxxx data in xxxx environments. Project xxx support xxxxxxxxxxxx xxxxx xx xxxxxxxx xxxxxxxxxx. Xxxxxxxxxx xx xxxxxxx xx xxxxxxxxxx xxxxx be xxxxxxxx xxxxxxxxxx. A risk xxxxxxxxxx xx xxx xxxxx xxxxxxx to xx xxxxxxxx xx xxxxxxxxxx xxxxx xx xxxxxxxxx. Xxxxxxx xxxxxxxx xxxxxxx xxxxxxxxxx xx systems xx xxxxxxxxxx shall also xx xxxxxxxxx according xx x&xxxx;xxxxxxxxxx plan xxxxx xx the xxxxxxx xx x&xxxx;xxxx xxxxxxxxxx, xxx xxxxxxxx xxxxxxx shall include, xx xxxxx, vulnerability xxxxxxxxxxx. Xxx xx xxx xxxxxxxxxxxx xxxxxxxxxxx xxxxxx xxx xxxxxxxx xxxxxxx xxxxxxxxxx xxxxx xx xxxxxxxx xxx xxxxxx xxxxx to xxxxx xxx xxxxxxxxxx xxx shall xx xxxxxxxx xxx followed xx xx a timely xxxxxxx. Xxxxxxxxxxx 1.11: Xxxxxxxxxxx xxxxxxxx xx supplier (3) xxxxxxxxxxxxx Xx ensure protection xx xxx xxxxxxxxxxx’x xxxxxxxx xxxxxxxxxxx systems xxxx xxx xxxxxxxxxx xx suppliers, xxxxxxxxxxx xxxxxxxx requirements xxx xxxxxxxxxx the xxxxx xxxxxxxxxx with xxxxxxxx’x xxxxxx xxxxx be xxxxxxxxxx xxx formally xxxxxx xxxx with xxx supplier. Requirement 1.12: Xxxxxxxxxx xx information xxxxxxxx xxxxxxxxx xxx xxxxxxxxxxxx Xx xxxxxx x&xxxx;xxxxxxxxxx xxx effective approach xx the management xx xxxxxxxxxxx xxxxxxxx xxxxxxxxx, including communication xx security events xxx xxxxxxxxxx, xxxxx, xxxxxxxxxxxxxxxx xxx xxxxxxxxxx, xx xxxxxxxx and xxxxxxxxx xxxxx, xxxxx xx xxxxxxxxxxx xxx xxxxxx xx xxxxxx x&xxxx;xxxxx, effective and xxxxxxx and xxxxxx xxxxxxx xxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxx including xxxxxxxxx xxxxxxx xx x&xxxx;xxxxx-xxxxxxx xxxxx (x.x. x&xxxx;xxxxx pursued by xx external xxxxxxxx xx xx xx xxxxxxx). Personnel xxxxxxxx xx xxxxx procedures xxxxx xx xxxxxxxxxx xxxxxxx. Xxxxxxxxxxx 1.13: Technical xxxxxxxxxx xxxxxx X&xxxx;xxxxxxxxxxx’x internal xxxxxxxxxxx xxxxxxx (x.x. xxxx xxxxxx xxxxxxx, xxxxxxxx xxxxxxxx xxx xxxxxxxx xxxxxxx connectivity) xxxxx xx xxxxxxxxx xxxxxxxx xxx compliance xxxx xxx xxxxxxxxxxxx’x xxxxxxxxxxx xxxxxxxxx xx xxxxxxxx (x.x. xxxxxxxxxxx xxxxxxxx xxxxxx, cryptographic xxxxxxx xxxxxx). Xxxxxxxxxxx 1.14: Xxxxxxxxxxxxxx Xxxxx virtual xxxxxxxx xxxxx xxxxxx xxxx xxx the xxxxxxxx xxxxxxxx that xxx xxx xxx xxxxxxxx xxxxxxxx xxx xxxxxxx (x.x. hardening, xxxxxxx). Xxxxxxxx relating to xxxxxxxxxxx xxxx xxxxxxx: xxxxxxxxx of xxx xxxxxxxxxx xxx xxx xxxxxxx xxxxxxxxx system, xxxxxxx patching, strict xxxxxxxxxx of xxxxxxxxx xxxxxxxxxxxx (x.x. production xxx xxxxxxxxxxx). Xxxxxxxxxxx xxxxxxxxxx, xxxxxxx xxx xxxxxxxxxx as well xx xxxxxxxx xx xxxxxx xxxxxx, in xxxxxxxxxx xxx xxxx xxxxxxxxxx xxxxxxxx, xxxxx xx xxxxxxxxxxx xxxxx xx x&xxxx;xxxx assessment. Xxxxx virtual xxxxxxxx xxxxxxx by the xxxx xxxxxxxxxx shall xxxx x&xxxx;xxxxxxx risk xxxxxxx. Xxxxxxxxxxx 1.15: Xxxxx xxxxxxxxx Xxx xxxxx xx xxxxxx and/or xxxxxx xxxxx solutions xx xxx Payment Xxxxxxxxxxx Xxxxx xxxx be xxxxx on x&xxxx;xxxxxx xxxx assessment, xxxxxx xxxx xxxxxxx xxx xxxxxxxxx xxxxxxxx xxx xxx xxxxxxxxxxx xxxxxxx xxxxxxx xx the xxxxx solution. If hybrid xxxxx solutions are xxxx, it xx xxxxxxxxxx xxxx the xxxxxxxxxxx xxxxx of xxx overall system xx xxx xxxxxxx xxx xx xxx xxxxxxxxx xxxxxxx. Xxx xx-xxxxxxxx xxxxxxxxxx xx xxx xxxxxx xxxxxxxxx xxxx xx xxxxxxxxxx xxxx xxx xxxxx xx-xxxxxxxx xxxxxxx. Xxxxxxxx xxxxxxxxxx xxxxxxxxxx (applicable xxxx xx xxxxxxxx xxxxxxxxxxxx) Xxx xxxxxxxxx requirements (2.1 xx 2.6) relate xx xxxxxxxx xxxxxxxxxx xxxxxxxxxx. Each XXXXXX2 xxxxxxxxxxx xxxxxxxxxx xx xxx Eurosystem xx xxxxx critical xxx xxx xxxxxx xxxxxxxxxxx xx xxx XXXXXX2 xxxxxx xxxxx have x&xxxx;xxxxxxxx xxxxxxxxxx xxxxxxxx xx place xxxxxxxxxx xxx xxxxxxxxx xxxxxxxx.
|
(1) The xxxx-xx-xxxx principle refers xx the xxxxxxxxxxxxxx xx xxx xxx xx xxxxxxxxxxx xxxx xx xxxxxxxxxx xxxxx xxxxxx xx in xxxxx xx xxxxx xxx xxx/xxx duties.
(2) The xxxxxxxxx of xxxxx xxxxxxxxx xxxxxx to xxxxxxxxx x&xxxx;xxxxxxx’x xxxxxx xxxxxxx xx xx XX system xx xxxxx xx xxxxx xxx corresponding xxxxxxxx xxxx.
(3)&xxxx;&xxxx;X&xxxx;xxxxxxxx xx xxx xxxxxxx xx xxxx xxxxxxxx xxxxxx xx xxxxxxxxxx xx xxx xxxxx party (xxx xxx personnel) xxxxx xx xxxxx xxxxxxxx (xxxxxxxxx), with xxx xxxxxxxxxxx, to xxxxxxx x&xxxx;xxxxxxx xxx xxxxx xxx xxxxxxx xxxxxxxxx xxx third xxxxx (xxx its personnel) xx xxxxxxx xxxxxx, xxxxxx xxxxxxxx or xx-xxxx, xx information xxx/xx information systems xxx/xx xxxxxxxxxxx processing xxxxxxxxxx xx xxx xxxxxxxxxxx xx scope xx associated xx xxx xxxxx covered xxxxx xxx exercise xx the TARGET2 xxxx-xxxxxxxxxxxxx.
XXXXXXX XX
Xxxxxxx XX xxxxxxxxxx XXX/2007/7 xx xxxx xxxxx:
|
1. |
Xxxxxx&xxxx;1 xx xxxx takto:
|
|
2. |
X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 xx písmeno fc) xxxxxxxxx xxxxx:
|
|
3. |
X&xxxx;xx.&xxxx;4 xxxx.&xxxx;2 xx xxxxxx xxxx písmeno xx), které zní:
|
|
4. |
X&xxxx;xxxxxx&xxxx;4 xx odstavec 3 xxxxxxxxx tímto: „3. TARGET2 xxxxxxxx xxxx-xxxx gross xxxxxxxxxx xxx payments in xxxx, xxxx xxxxxxxxxx xx xxxxxxx bank xxxxx xxxxxx PM xxxxxxxx, X2X XXXx xxx XXXX DCAs. XXXXXX2 xx xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx of xxx XXX through xxxxx payment xxxxxx xxx xxxxxxxxx and xxxxxxxxx xxx through xxxxx xxxxxxxx xxx xxxxxxxxxx xxxxxxxx in xxx xxxx xxxxxxxxx xxxxxx. As xxx xx the xxxxxxxxx xxxxxxxxx of the X2X DCAs xx xxxxxxxxx, XXXXXX2 xx xxxxxxxxxxx xxxxxxxxxxx xxx xxxxxxxxx xx xxx xxxxx xx the X2X Xxxxxxxx. Xx xxx xx the xxxxxxxxx xxxxxxxxx of xxx XXXX XXXx xxx XXXX XX xxxxxxxxx xxxxxxxx xx xxxxxxxxx, TARGET2 xx xxxxxxxxxxx established xxx xxxxxxxxx xx xxx xxxxx xx xxx XXXX Xxxxxxxx. Xxx XXX is xxx xxxxxxxx xx services xxxxx xxxxx Xxxxxxxxxx. Xxxx xxx xxxxxxxxx xx xxx XXX-xxxxxxxxx XXXx xxx xxx 4XXx xxxxx xx xxxxxxxxxx xxxx xxx xxxxxxxxx xx the XXX, xxx which xx shall xxxxxx xxxxxxxxx xx xxxxxxxxxx xxxx Xxxxxxx&xxxx;21 of xxxx Annex. Xxxxxxxxxxxxx xxxxxxxx to xxxxx Xxxxxxxxxx xxxxx not xxxxxx a contractual xxxxxxxxxxxx xxxxxxx X2X XXX xxxxxxx xxx the XXX-xxxxxxxxx XXXx xx xxx 4CBs xxxx xxx of xxx xxxxxx xxxx xx xxxx capacity. Xxxxxxxxxxxx, xxxxxxxx or xxxxxxxxxxx xxxxx x&xxxx;X2X XXX xxxxxx xxxxxxxx xxxx, xx xxxxx xx, xxx SSP or X2X Xxxxxxxx xx xxxxxxxx to xxx xxxxxxxx xxxxxxxx xxxxx xxxxx Xxxxxxxxxx xxx xxxxxx xx xx xxxxxxxx from, or xxxx xx, xxx XXX.“; |
|
5. |
X&xxxx;xxxxxx&xxxx;8 se xxxxxxxx 3 nahrazuje tímto: „3. Where xxx XXX has xxxxxxx x&xxxx;xxxxxxx by x&xxxx;X2X DCA xxxxxx xxxxxxxx xx xxxxxxxxx 1, that X2X XXX xxxxxx xx xxxxxx xx have xxxxx xxx xxxxxxxxxxxxx XXX(x) x&xxxx;xxxxxxx to xxxxx xxx T2S XXX xxxx the xxxxxxx relating xx xxxxxxxxxx transactions xxxxxxxx xx those xxxxxxxxxx xxxxxxxx.“; |
|
6. |
X&xxxx;xxxxxx&xxxx;28 xx xxxxxxxx 1 nahrazuje xxxxx: „1.&xxxx;&xxxx;&xxxx;X2X XXX xxxxxxx xxxxx xx xxxxxx to xx xxxxx xx, xxxxx xxxxxx with, xxx shall xx xxxx xx demonstrate xxxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx with all xxxxxxxxxxx xx xxxx xxxxxxxx xx legislation xx xxxx xxxxxxxxxx. Xxxx xxxxx xx xxxxxx xx be xxxxx of, xxx xxxxx xxxxxx xxxx xxx xxxxxxxxxxx xx xxxx relating to xxxxxxxxxxx on prevention xx money xxxxxxxxxx xxx the financing xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx activities and xxx development of xxxxxxx weapons delivery xxxxxxx, xx xxxxxxxxxx xx xxxxx xx xxxxxxxxxxxx appropriate xxxxxxxx xxxxxxxxxx any payments xxxxxxx xx credited xx their X2X XXXx. Prior xx xxxxxxxx xxxx xxx xxxxxxxxxxx relationship xxxx xxx T2S xxxxxxx xxxxxxx xxxxxxxx, T2S XXX holders xxxxx xxxxxx that xxxx xxx informed about xxx data xxxxxxxxx xxxxxx.“; |
|
7. |
Xxxxxx&xxxx;30 se xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;30 Xxxxxxxxxxx xxxxxxxxxxxx xxxx xx NSP 1. T2S DCA xxxxxxx xxxxx either:
2.&xxxx;&xxxx;&xxxx;Xxx xxxxx xxxxxxxxxxxx xxxxxxx x&xxxx;X2X XXX xxxxxx xxx xxx XXX xxxxx xx xxxxxxxxxxx xxxxxxxx xx xxx xxxxx xxx xxxxxxxxxx xx xxx xxxxxxxx xxxxxxxx xxxxxxxxx with xx NSP xx xxxxxxxx xx in xxxxxxxxx 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx services xx be xxxxxxxx xx xxx XXX xxxxx not xxxx xxxx xx xxx xxxxxxxx xx xx xxxxxxxxx xx the XXX xx xxxxxxx xx XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx ECB xxxxx xxx xx xxxxxx xxx xxx xxxx, xxxxxx xx xxxxxxxxx of xxx XXX (xxxxxxxxx its xxxxxxxxx, xxxxx xxx xxxxxxxxxxxxxx), xx for xxx xxxx, xxxxxx xx xxxxxxxxx of xxxxx parties xxxxxxxx xx xxxxxxxxxxxx to xxxx access xx xxx XXX’x xxxxxxx.“; |
|
8. |
Xxxxxx xx xxxx xxxxxx&xxxx;34x, xxxxx xxx: „Xxxxxxx&xxxx;34x Xxxxxxxxxxxx xxxxxxxxxx Xxxx xxx XXXXXX xxxxxx xx operational xxx XXXXXX2 has xxxxxx xxxxxxxxx, T2S XXX xxxxxxx xxxxx become X2X XXX xxxxxxx xx xxx TARGET xxxxxx.“; |
|
9. |
Xxxxxx na pojem „X2X network xxxxxxx xxxxxxxx“ (x&xxxx;xxxxxxxxx nebo xxxxxxx čísle) x&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 xxxx. x) xxxx i), xx.&xxxx;9 xxxx.&xxxx;5, xx.&xxxx;10 xxxx.&xxxx;6, xx.&xxxx;14 xxxx.&xxxx;1 písm. x), xx.&xxxx;22 xxxx.&xxxx;1, xx.&xxxx;22 odst. 2, xx.&xxxx;22 xxxx.&xxxx;3, xx.&xxxx;27 xxxx.&xxxx;5, xx.&xxxx;28 xxxx.&xxxx;1, xx.&xxxx;29 xxxx.&xxxx;1 xxxxxxx II x&xxxx;x&xxxx;xxxxxxxx 1 xxxxxxx X&xxxx;xx xxxxxxxxx xxxxxxx „XXX“; |
|
10. |
X&xxxx;xxxxxxx I se v odst. 8 xxxxxxx. 4 nahrazuje xxxxxxx x) tímto:
|
PŘÍLOHA III
Příloha XXX xxxxxxxxxx ECB/2007/7 xx xxxx xxxxx:
|
1. |
Xxxxxx xx xxxxx „XXXX network xxxxxxx xxxxxxxx“ (v jednotném xxxx xxxxxxx xxxxx) x&xxxx;xxxx příloze xx xxxxxxxxx xxxxxxx „XXX“; |
|
2. |
Xxxxxx&xxxx;1 xx xxxx xxxxx:
|
|
3. |
X&xxxx;xx.&xxxx;3 xxxx.&xxxx;1 xx xxxxxxx xxxxx xx „Xxxxxxxx X: XXXX xxxxxxxxxxxx xxxxxxxxx xxxxxxxxxxxx“; |
|
4. |
Xxxxxx&xxxx;4 xx xxxx xxxxx:
|
|
5. |
X&xxxx;xx.&xxxx;6 xxxx.&xxxx;1 písm. x) se bod x) xxxxxxxxx xxxxx:
|
|
6. |
Xxxxxx&xxxx;9 xx nahrazuje xxxxx: „Xxxxxxx&xxxx;9 Xxxxxxxxxxx xxxxxxxxxxxx with xx XXX 1.&xxxx;&xxxx;&xxxx;Xxxxxxxxxxxx xxxxx xxxxxx:
2.&xxxx;&xxxx;&xxxx;Xxx xxxxx xxxxxxxxxxxx xxxxxxx x&xxxx;xxxxxxxxxxx xxx xxx NSP xxxxx xx exclusively xxxxxxxx xx the xxxxx and conditions xx xxxxx separate xxxxxxxx as xxxxxxxx xx xx xxxxxxxxx 1(x). 3.&xxxx;&xxxx;&xxxx;Xxx services xx xx xxxxxxxx by xxx NSP shall xxx form xxxx xx xxx xxxxxxxx xx xx performed xx xxx ECB xx xxxxxxx xx XXXXXX2. 4.&xxxx;&xxxx;&xxxx;Xxx XXX shall xxx xx xxxxxx xxx xxx acts, xxxxxx xx xxxxxxxxx xx xxx XXX (xxxxxxxxx its xxxxxxxxx, xxxxx xxx xxxxxxxxxxxxxx), xx xxx any xxxx, errors or xxxxxxxxx by xxxxx xxxxxxx selected xx xxxxxxxxxxxx xx gain xxxxxx to the XXX’x xxxxxxx.“; |
|
7. |
Xxxxxx&xxxx;10 xx xxxxxxx; |
|
8. |
Xxxxxx xx nový xxxxxx&xxxx;11x, který zní: „Article 11a MPL xxxxxxxxxx 1.&xxxx;&xxxx;&xxxx;Xxx xxxxxxx MPL xxxxxxxxxx contains xxx xxxxx – XXXX xxxxxxx table xxx xxx xxxxxxxx xx xxx XXX service. 2. Each xxxxx may xx xxxxxx to xxxx xxx IBAN. An XXXX may be xxxxxx to one xx xxxxxxxx proxies. 3. Article 29 xxxxx apply xx xxx xxxx contained xx the XXX xxxxxxxxxx.“; |
|
9. |
X&xxxx;xxxxxx&xxxx;12 se xxxxxxx xxxxxxxx 9; |
|
10. |
Článek 16 xx xxxxxxxxx xxxxx: „Xxxxxxx&xxxx;16 Xxxxx xx xxxxxxx xxxxxx in XXXX DCA The following xxx xxxxxxxxxx xx xxxxxxx xxxxxx xxx xxx xxxxxxxx xx xxx XXXX xxxxxxx:
|
|
11. |
X&xxxx;xxxxxx&xxxx;18 xx xxxxxxxx 6 nahrazuje xxxxx: „6.&xxxx;&xxxx;&xxxx;Xxxxx x&xxxx;XXXX XXX xx XX xxxxxxxxx xxxxxxxx xxxxx, x&xxxx;XXXX XXX to TIPS XX xxxxxxxxx account xxxxxxxxx xxxxxxxx order xx x&xxxx;XXXX AS xxxxxxxxx xxxxxxx xx XXXX XXX xxxxxxxxx xxxxxxxx order xxx xxxx xxxxxxxx as xxxxxxxx xx xx Xxxxxxx&xxxx;17, xxx TARGET2-ECB xxxxx xxxxx whether xxxxxxxxxx funds xxx xxxxxxxxx xx xxx xxxxx'x xxxxxxx. If xxxxxxxxxx xxxxx are xxx available xxx xxxxxxxxx xxxxxxxx xxxxx xxxxx xx rejected. Xx sufficient xxxxx xxx available the xxxxxxxxx xxxxxxxx xxxxx xxxxx be settled xxxxxxxxxxx.“; |
|
12. |
X&xxxx;xx.&xxxx;20 xxxx.&xxxx;1 xx xxxxxxx x) nahrazuje xxxxx:
|
|
13. |
X&xxxx;xxxxxx&xxxx;30 se xxxxxxxx 1 xxxxxxxxx tímto: „1. TIPS XXX xxxxxxx shall xx xxxxxx to xx xxxxx xx, xxxxx comply with xxx xxxxx be xxxx xx xxxxxxxxxxx xxxx compliance to xxx xxxxxxxx xxxxxxxxx xxxxxxxxxxx xxxx xxx xxxxxxxxxxx on xxxx xxxxxxxx xx legislation xx data xxxxxxxxxx. Xxxx xxxxx xx xxxxxx xx xx xxxxx xx, xxx xxxxx comply with xxx xxxxxxxxxxx xx xxxx relating to xxxxxxxxxxx xx xxxxxxxxxx xx xxxxx xxxxxxxxxx xxx xxx xxxxxxxxx xx xxxxxxxxx, xxxxxxxxxxxxx-xxxxxxxxx xxxxxxx xxxxxxxxxx xxx xxx xxxxxxxxxxx of xxxxxxx xxxxxxx xxxxxxxx xxxxxxx, xx particular xx xxxxx xx xxxxxxxxxxxx xxxxxxxxxxx xxxxxxxx xxxxxxxxxx xxx payments xxxxxxx or credited xx their XXXX XXXx. XXXX XXX xxxxxxx xxxxxx xxxx xxxx xxx xxxxxxxx xxxxx their xxxxxx XXX'x xxxx retrieval xxxxxx prior to xxxxxxxx xxxx x&xxxx;xxxxxxxxxxx xxxxxxxxxxxx xxxx xxxx XXX.“; |
|
14. |
Xxxxxx xx xxxx xxxxxx&xxxx;35x, xxxxx xxx: „Xxxxxxx&xxxx;35x Xxxxxxxxxxxx xxxxxxxxx Xxxx the TARGET xxxxxx xx xxxxxxxxxxx xxx the XXXXXX2 xxx ceased xxxxxxxxx, XXXX DCA xxxxxxx xxxxx become XXXX XXX xxxxxxx in xxx XXXXXX system.“; |
|
15. |
V dodatku X&xxxx;xx tabulka x&xxxx;xxxxxxxx 2 xxxxxxxxx xxxxx:
|
|
16. |
X&xxxx;xxxxxxx I se x&xxxx;xxxx.&xxxx;6 xxxxxxx. 1 nahrazuje xxxxxxx x) xxxxx:
|
|
17. |
X&xxxx;xxxxxxx XX se xxxxxxx xxxxxxxx 2; |
|
18. |
Dodatek X&xxxx;xx xxxxxxx. |