- Latest available (Revised)
- Original (As adopted by EU)
Commission Delegated Regulation (EU) 2017/392Show full title
Commission Delegated Regulation (EU) 2017/392 of 11 November 2016 supplementing Regulation (EU) No 909/2014 of the European Parliament and of the Council with regard to regulatory technical standards on authorisation, supervisory and operational requirements for central securities depositories (Text with EEA relevance)
You are here:
What Version
More Resources
Legislation originating from the EU
When the UK left the EU, legislation.gov.uk published EU legislation that had been published by the EU up to IP completion day (31 December 2020 11.00 p.m.). On legislation.gov.uk, these items of legislation are kept up-to-date with any amendments made by the UK since then.
This item of legislation originated from the EU
Legislation.gov.uk publishes the UK version. EUR-Lex publishes the EU version. The EU Exit Web Archive holds a snapshot of EUR-Lex’s version from IP completion day (31 December 2020 11.00 p.m.).
Status:
This is the original version as it was originally adopted in the EU.
This legislation may since have been updated - see the latest available (revised) version
SECTION 3 Organisational requirements
Article 9Organisational chart
An application for authorisation shall include an organisational chart that describes the organisational structure of the applicant CSD. The chart shall include the following:
(a)
the identity and tasks of the persons responsible for the following positions:
(i)
senior management;
(ii)
managers in charge of the operational functions referred to in Article 47(3);
(iii)
managers in charge of the activities of any branches of the applicant CSD;
(iv)
other significant roles in the operations of the applicant CSD;
(b)
the number of staff members in each division and operational unit.
Article 10Staffing policies and procedures
An application for authorisation shall include the following information on the applicant CSD's policies and procedures related to staff:
(a)
a description of the remuneration policy including information about the fixed and variable elements of the remuneration of the senior management, the members of the management body and the staff employed in the risk-management, compliance and internal control, internal audit and technology functions of the applicant CSD;
(b)
the measures put in place by the applicant CSD to mitigate the risk of over-reliance on the responsibilities entrusted to any individual person.
Article 11Risk monitoring tools and governance arrangements
1.An application for authorisation shall include the following information on the governance arrangements and risk monitoring tools of the applicant CSD:
(a)a description of the governance arrangements of the applicant CSD established in accordance with paragraph 2 of Article 47;
(b)the policies, procedures and systems established in accordance with paragraph 1 of Article 47;
(c)a description of the composition, role and responsibilities of the members of the management body and senior management and the committees established in accordance with Article 48.
2.The information referred to in paragraph 1 shall include a description of the processes concerning the selection, appointment, performance evaluation and removal of senior management and members of the management body.
3.The applicant CSD shall describe its procedure to make its governance arrangements and the rules governing its activity available to the public.
4.Where the applicant CSD adheres to a recognised corporate governance code of conduct, the application shall identify any code, include a copy of that code and justify any situations where the applicant CSD deviates from the code.
Article 12Compliance, internal control and internal audit functions
1.An application for authorisation shall include a description of the procedures for the applicant CSD's internal reporting of infringements referred to in Article 26(5) of Regulation (EU) No 909/2014.
2.An application for authorisation shall include information regarding an applicant CSD's internal audit policies and procedures referred to in Article 51, including:
(a)a description of the monitoring and evaluation tools for the adequacy and effectiveness of the applicant CSD's internal audit systems;
(b)a description of the control and safeguard tools for the applicant CSD's information processing systems;
(c)a description of the development and application of the applicant CSD's internal audit methodology;
(d)a work plan of the internal audit function for three years following the date of application;
(e)a description of the roles and qualifications of each individual who is responsible for internal audit referred to in Article 47(3)(d) under the oversight of the audit committee referred to in Article 48(1)(b).
3.An application for authorisation shall include the following information concerning the compliance and internal control function of the applicant CSD's referred to in Article 47(3)(c):
(a)a description of the roles and qualifications of individuals who are responsible for the compliance and internal control function and of any other staff involved in the assessments of compliance, including a description of the means to ensure the independence of the compliance and internal control function from the rest of the business units;
(b)the policies and procedures of the compliance and internal control function, including a description of the compliance role of the management body and senior management;
(c)where available, the most recent internal report prepared by the persons responsible for the compliance and internal control function or by any other staff involved in the assessments of compliance within the applicant CSD.
Article 13Senior management, management body and shareholders
1.An application for authorisation shall include, for each member of the senior management and each member of the management body of the applicant CSD, the following information to enable the competent authority to assess compliance of the applicant CSD with Article 27(1) and (4) of Regulation (EU) No 909/2014:
(a)a copy of a curriculum vitae which sets out the experience and knowledge of each member;
(b)details regarding any criminal and administrative sanctions imposed on a member in connection with the provision of financial or data services or in relation to acts of fraud or misappropriation of funds, in the form of an appropriate official certificate where available in the relevant Member State;
(c)a self-declaration of good repute in relation to the provision of financial or data services, where all members of the senior management and management body shall state whether they have been subject to any of the following:
(i)
they have been convicted of any criminal or administrative offence in connection with the provision of financial or data services or in relation to acts of fraud or misappropriation of funds;
(ii)
they have been subject to an adverse decision in any proceedings of a disciplinary nature brought by a regulatory authority, a government body or agency or they are subject to any ongoing proceedings;
(iii)
they have been subject to an adverse judicial finding in civil proceedings before a court in connection with the provision of financial or data services, or fraud in the management of a business;
(iv)
they have been members of the management body or senior management of an undertaking whose registration or authorisation was withdrawn by a regulatory body while connected to the undertaking at least one year before the date of withdrawal of authorisation or registration;
(v)
they have been refused the right to carry on any type of activities which require registration or authorisation by a regulatory body;
(vi)
they have been members of the management body or of senior management of an undertaking against whom insolvency proceedings have been opened at least one year before proceedings have been opened;
(vii)
they have been members of the management body or the senior management of an undertaking that was subject to a sanction by a regulatory body while they were connected to the undertaking at least one year before such a sanction was imposed;
(viii)
they have been otherwise fined, suspended, disqualified or subject to any other sanction in connection with the provision of financial or data services by a government, regulatory or professional body;
(ix)
they have been disqualified from acting as a director or in any other managerial capacity, dismissed from employment or other appointment in an undertaking as a result of misconduct or malpractice.
For the purposes of point (c)(i) of this paragraph, the self-declaration shall not be required where an official certificate is submitted under point (b) of this paragraph.
2.The application for authorisation shall include the following information regarding the management body of the applicant CSD:
(a)evidence of compliance with Article 27(2) of Regulation (EU) No 909/2014;
(b)a description of the roles and responsibilities of the members of the management body;
(c)the target for the representation of the underrepresented gender in the management body, the relevant policy on how to meet that target and the method used by the applicant CSD to make public the target, policy and its implementation.
3.The application for authorisation shall include the following information concerning the ownership structure and shareholders of the applicant CSD:
(a)a description of the ownership structure of the applicant CSD referred to in point (i) of Article 4(2), including a description of the identity and size of interests of any entity in a position to exercise control over the operation of the applicant CSD;
(b)a list of the shareholders and persons who are in a position to exercise, directly or indirectly, control over the management of the applicant CSD.
Article 14Management of conflicts of interest
1.An application for authorisation shall include the following information on the policies and procedures put in place to identify and manage potential conflicts of interest by the applicant CSD in accordance with Article 50:
(a)a description of the policies and procedures concerning the identification, management and disclosure to the competent authority of potential conflicts of interest and of the process used to ensure that the staff of the applicant CSD is informed of those policies and procedures;
(b)a description of the controls and measures put in place to ensure that the requirements referred to in point (a) on the management of conflicts of interest are met;
(c)a description of the following elements:
(i)
the roles and responsibilities of key personnel, especially where they also have responsibilities in other entities;
(ii)
arrangements ensuring that individuals who have a permanent conflict of interest are excluded from the decision making process and from the receipt of any relevant information concerning the matters affected by the permanent conflict of interest;
(iii)
an up-to-date register of existing conflicts of interest at the time of the application and a description of how those conflicts of interest are managed.
2.Where the applicant CSD is part of a group, the register referred to in point (c)(iii) of paragraph 1 shall include a description of the conflicts of interest arising from other undertakings within the group in relation to any service provided by the applicant CSD, and the arrangements put in place to manage those conflicts of interest.
Article 15Confidentiality
1.An application for authorisation shall include the applicant CSD's policies and procedures put in place for preventing the unauthorised use or disclosure of confidential information. Confidential information shall include the following information:
(a)information relating to participants, clients, issuers or other users of the applicant CSD services;
(b)other information held by the applicant CSD as a result of its business activity not permitted to be used for commercial purposes.
2.An application for authorisation shall include the following information concerning the access of staff to information held by the applicant CSD:
(a)the internal procedures concerning permissions of access to information that ensure secured access to data;
(b)a description of any restrictions on the use of data for reasons of confidentiality.
Article 16User committee
An application for authorisation shall include the following information on each user committee:
(a)
the mandate of the user committee;
(b)
the governance arrangements of the user committee;
(c)
the operating procedures of the user committee;
(d)
the admission criteria and the election mechanism for the members of the user committee;
(e)
a list of the proposed members of the user committee and the indication of interests that they represent.
Article 17Record-keeping
1.An application for authorisation shall include a description of the record-keeping systems, policies and procedures of the applicant CSD, established and maintained in accordance with Chapter VIII of this Regulation.
2.Where an applicant CSD applies for authorisation before the date of application of Article 54, the application for authorisation shall contain the following information:
(a)an analysis of the extent to which the applicant CSD's existing record-keeping systems, policies and procedures are compliant with the requirements under Article 54;
(b)an implementation plan detailing how the applicant CSD will comply with the requirements referred to in Article 54 by the date on which it becomes applicable.
Options/Help
Print Options
PrintThe Whole Regulation
PrintThe Whole Chapter
PrintThis Section only
Legislation is available in different versions:
Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.
Original (As adopted by EU): The original version of the legislation as it stood when it was first adopted in the EU. No changes have been applied to the text.
Opening Options
Different options to open legislation in order to view more content on screen at once
More Resources
Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as adopted version that was used for the EU Official Journal
- lists of changes made by and/or affecting this legislation item
- all formats of all associated documents
- correction slips
- links to related legislation and further information resources
More Resources
Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as adopted version that was used for the print copy
- correction slips
Click 'View More' or select 'More Resources' tab for additional information including:
- lists of changes made by and/or affecting this legislation item
- confers power and blanket amendment details
- all formats of all associated documents
- links to related legislation and further information resources
All content is available under the Open Government Licence v3.0 except where otherwise stated. This site additionally contains content derived from EUR-Lex, reused under the terms of the Commission Decision 2011/833/EU on the reuse of documents from the EU institutions. For more information see the EUR-Lex public statement on re-use.