1.The central administrator shall take all reasonable steps to ensure that:
(a)the Union Registry is available for access by account representatives and national administrators 24 hours a day, 7 days a week;
(b)the communication links referred to in Article 7 between the Union Registry, the EUTL and the ITL are maintained 24 hours a day, 7 days a week;
(c)backup hardware and software necessary in the event of a breakdown in operations of the primary hardware and software is provided for;
(d)the Union Registry and the EUTL respond promptly to requests made by account representatives.
2.The central administrator shall ensure that the Union Registry and EUTL incorporate robust systems and procedures to safeguard all relevant data and facilitate the prompt recovery of data and operations in the event of failure or disaster.
3.The central administrator shall keep interruptions to the operation of the Union Registry and EUTL to a minimum.
1.National administrators shall provide assistance and support to account holders and account representatives in the Union Registry that are administered by them through national helpdesks.
2.The central administrator shall provide support to national administrators through a central helpdesk for the purposes of helping them to provide assistance in accordance with paragraph 1.
1.The identity of the Union Registry shall be authenticated by the EUTL having regard to the data exchange and technical specifications provided for in Article 105.
2.The Member States and the Union shall use the digital certificates issued by the Secretariat to the UNFCCC, or an entity designated by it, to authenticate their KP registries to the ITL for the purposes of establishing the communication link referred to in Article 7.
1.Account representatives shall be able to access their accounts in the Union Registry through the secure area of the Union Registry. The central administrator shall ensure that the secure area of the Union Registry website is accessible through the Internet. The website of the Union Registry shall be available in all official languages of the Union.
2.Following the opening of a platform account pursuant to Article 14(1) or Article 20(1), the central administrator shall establish the connectivity between the platform and the Union Registry. The central administrator shall ensure that accounts in the Union Registry, where access through external trading platforms in accordance with Article 21(4) is enabled and one authorised representative is also the authorised representative of an external trading platform account, are accessible to the external trading platform operated by the holder of that external trading platform account.
3.Communications between authorised representatives or platforms and the secure area of Union Registry shall be encrypted having regard to the security requirements set out in the data exchange and technical specifications provided for in Article 105.
4.The central administrator shall take all necessary steps to ensure that unauthorised access to the secure area of the Union Registry website does not occur.
5.If the security of the credentials of an authorised representative or additional authorised representative has been compromised, the authorised representative or additional authorised representative shall immediately suspend access to the relevant account, inform the administrator of the account thereof and request a replacement.
1.The central administrator shall ensure that the Union Registry issues each authorised representative and additional authorised representative a username and password to authenticate them for the purposes of accessing the registry.
2.An authorised representative or additional authorised representative shall only have access to accounts in the Union Registry for which he is authorised and shall only be able to request the initiation of processes for which he is authorised pursuant to Article 23. That access or request shall take place through a secure area of the website of the Union Registry.
3.In addition to the username and password referred to in paragraph 1, an authorised representative or additional authorised representative shall use secondary authentication to access the Union Registry, having regard to the types of secondary authentication mechanisms set out in the data exchange and technical specifications provided for in Article 105.
4.The administrator of an account may assume that a user who was successfully authenticated by the Union Registry is the authorised representative or additional authorised representative registered under the provided authentication credentials, unless the authorised representative or additional authorised representative informs the administrator of the account that the security of his credentials has been compromised and requests a replacement of his credentials.
5.The authorised representative shall take all necessary measures to prevent the loss, theft or compromise of its credentials. The authorised representative shall immediately report to the national administrator the loss, theft or compromise of its credentials.
1.The Commission may instruct the central administrator to suspend access to the Union Registry or the EUTL or any part thereof where it has a reasonable suspicion that there is a breach of security of the Union Registry or the EUTL or that there exists a serious security risk to the Union Registry or the EUTL that threatens the integrity of the system, which includes the back-up facilities referred to in Article 91.
2.In the event of a breach of security or a security risk that may lead to suspension of access, a national administrator who becomes aware of the breach or risk shall promptly inform the central administrator of any risks posed to other parts of the Union Registry. The central administrator shall inform all national administrators.
3.If a national administrator becomes aware of a situation that requires the suspension of all access to the accounts that it manages in accordance with this Regulation, it shall inform the central administrator and account holders with such prior notice of the suspension as is practicable. The central administrator shall inform all national administrators as soon as possible.
4.The notice referred to in paragraph 3 shall include the likely duration of the suspension and shall be clearly displayed on the public area of the EUTL's web site.
1.A national administrator or a national administrator acting on request of the competent authority may suspend access to allowances or Kyoto units in the part of the Union Registry it administers:
(a)for a maximum period of four weeks if it suspects that the allowances or Kyoto units have been the subject of a transaction constituting fraud, money laundering, terrorist financing, corruption or other serious crime, or
(b)on the basis of and in accordance with national law provisions that pursue a legitimate objective.
2.The Commission may instruct the central administrator to suspend access to allowances or Kyoto units in the Union Registry or the EUTL for a maximum period of four weeks if it suspects that the allowances or Kyoto units have been the subject of a transaction constituting fraud, money laundering, terrorist financing, corruption or other serious crime.
3.The national administrator or the Commission shall immediately inform the competent law enforcement authority of the suspension.
4.A national law enforcement authority of the Member State of the national administrator may also instruct the administrator to implement a suspension on the basis of and in accordance with national law.
1.The national administrator, its directors and its employees shall cooperate fully with the relevant competent authorities to establish adequate and appropriate procedures to forestall and prevent operations related to money laundering or terrorist financing.
2.The national administrator, its directors and its employees, shall cooperate fully with the FIU referred to in Article 21 of Directive 2005/60/EC by promptly:
(a)informing the FIU, on their own initiative, where they know, suspect or have reasonable grounds to suspect that money laundering, terrorist financing or criminal activity is being or has been committed or attempted;
(b)providing the FIU, at its request, with all necessary information, in accordance with the procedures established by the applicable legislation.
3.The information referred to in paragraph 2 shall be forwarded to the financial intelligence unit (FIU) of the Member State of the national administrator. The national measures transposing the compliance management and communication policies and procedures, referred to in Article 34(1) of Directive 2005/60/EC, shall designate the person or persons responsible for forwarding information pursuant to this Article.
4.The Member State of the national administrator shall ensure that the national measures transposing Articles 26 to 29 and Articles 32 and 35 of Directive 2005/60/EC apply to the national administrator.
1.The Commission may instruct the central administrator to temporarily suspend the acceptance by the EUTL of some or all processes originating from the Union Registry if it is not operated and maintained in accordance with the provisions of this Regulation. It shall immediately notify national administrators concerned.
2.The central administrator may temporarily suspend the initiation or acceptance of some or all processes in the Union Registry for the purposes of carrying out scheduled or emergency maintenance on the Union Registry.
3.A national administrator may request the Commission to reinstate processes suspended in accordance with paragraph 1 if it considers that the outstanding issues that caused the suspension have been resolved. If this is the case, the Commission shall instruct the central administrator to reinstate those processes. It shall otherwise reject the request within a reasonable period and inform the national administrator without delay, stating its reasons and setting out criteria to be fulfilled for a subsequent request to be accepted.
1.All processes must conform to the general IT-requirements of electronic messaging that ensure the successful reading, checking and recording of a process by the Union Registry. All processes must conform to the specific process-related requirements set out in this Regulation.
2.The central administrator shall ensure that the EUTL conducts automated checks having regard to the data exchange and technical specifications provided for in Article 105 for all processes to identify irregularities and discrepancies, where a proposed process does not conform to the requirements of Directive 2003/87/EC, Decision No 406/2009/EC and this Regulation.
1.In the case of processes completed through the direct communication link between the Union Registry and the EUTL referred to in Article 7(3), the central administrator shall ensure that the EUTL terminates any processes where it identifies discrepancies upon conducting the automated checks referred to in Article 102(2), and informs thereof the Union Registry and the administrator of the accounts involved in the terminated transaction by returning an automated check response code. The central administrator shall ensure that the Union Registry immediately informs the relevant account holders that the process has been terminated.
2.In case of transactions completed through the ITL referred to in Article 7(1), the ITL shall terminate any processes where discrepancies are identified either by the ITL or the EUTL upon conducting the automated checks referred to in Article 102(2). Following a termination by the ITL, the central administrator shall ensure that the EUTL also terminates the transaction. The ITL informs the administrators of the registries involved of the termination of the transaction by returning an automated check response code. If one of the registries involved is the Union Registry, the central administrator shall ensure that the Union Registry also informs the administrator of the Union Registry accounts involved in the terminated transaction by returning an automated check response code. The central administrator shall ensure that the Union Registry immediately informs the relevant account holders that the process has been terminated.
1.The central administrator and Member States shall ensure that the Union Registry and other KP registries shall contain check input codes and check response codes to ensure the correct interpretation of information exchanged during each process. The check codes shall have regard to those contained in the data exchange and technical specifications provided for in Article 105.
2.The central administrator shall ensure that, prior to and during the execution of all processes, the Union Registry conducts appropriate automated checks to ensure that discrepancies are detected and incorrect processes are terminated in advance of automated checks being conducted by the EUTL.
1.The central administrator shall ensure that the EUTL periodically initiates data reconciliation to ensure that the EUTL's records of accounts, holdings of Kyoto units and allowances match the records of these holdings in the Union Registry. The central administrator shall ensure that the EUTL records all processes.
2.If during the data reconciliation process referred to in paragraph 1, an inconsistency is identified by the EUTL, whereby the information regarding accounts, holdings of Kyoto units and allowances provided by the Union Registry as part of the periodic reconciliation process differs from the information contained in the EUTL, the central administrator shall ensure that the EUTL prevents any further processes to be completed with any of the accounts, allowances or Kyoto units which are the subject of the inconsistency. The central administrator shall ensure that the EUTL immediately informs the central administrator and the administrators of the relevant accounts of any inconsistency.
1.All transactions communicated to the ITL in accordance with Article 7(1) shall be final when the ITL notifies the EUTL that it has completed the process.
2.All transactions and other processes communicated to the EUTL in accordance with Article 7(3) shall be final when the EUTL notifies the Union Registry that it has completed the processes. The central administrator shall ensure that the EUTL automatically aborts the completion of a transaction or process if it could not be completed within 24 hours of its communication.
3.The data reconciliation process referred to in Article 103(1) shall be final when all inconsistencies between the information contained in the Union Registry and the information contained in the EUTL for a specific time and date have been resolved, and the data reconciliation process has been successfully re-initiated and completed.
1.The Commission shall make available to national administrators data exchange and technical specifications necessary for exchanging data between registries and transaction logs, including the identification codes, automated checks, response codes and data logging requirements, as well as the testing procedures and security requirements necessary for the launching of data exchange.
2.The data exchange and technical specifications shall be drawn up in consultation with the Administrators' Working Group of the Climate Change Committee and shall be consistent with the functional and technical specifications for data exchange standards for registry systems under the Kyoto Protocol elaborated pursuant to Decision 12/CMP.1.
If a new version or release of the Union Registry software is required, the central administrator shall ensure that the testing procedures set out in the data exchange and technical specifications provided for in Article 105 are completed before a communication link is established and activated between the new version or release of that software and the EUTL or ITL.