12.2.2016   

EN

Official Journal of the European Union

L 37/104

(1)

For the performance of the specific tasks concerning policies relating to the prudential supervision of credit institutions, as conferred on the European Central Bank (ECB) by Regulation (EU) No 1024/2013, the ECB uses the European System of Central Banks (ESCB) and Eurosystem electronic applications, systems, platforms and services, as well as the new electronic applications, systems, platforms and services specific for carrying out the tasks entrusted to the ECB pursuant to Regulation (EU) No 1024/2013 on the basis of Article 127(6) of the Treaty and Article 25.2 of the Statute of the European System of Central Banks and of the European Central Bank.

(2)

It is necessary for the smooth, effective and consistent functioning of the Single Supervisory Mechanism (SSM) that practical arrangements for the cooperation between the ECB and the national competent authorities (NCAs) within the SSM include arrangements for the use of such electronic applications, systems, platforms and services that are necessary for the fulfilment of their responsibilities under Regulation (EU) No 1024/2013.

(3)

The public key infrastructure for the European System of Central Banks (hereinafter the ‘ESCB-PKI’) was established in Decision ECB/2013/1 (2). Pursuant to Article 3(1) of Decision ECB/2013/1, ESCB and Eurosystem electronic applications, systems, platforms and services with medium or above medium criticality should only be accessed and used if a user has been authenticated by means of an electronic certificate issued and managed by a certification authority accepted by the ESCB in accordance with the ESCB/SSM certificate acceptance framework, or by the ESCB-PKI certification authority or by certification authorities accepted by the ESCB for TARGET2 and TARGET2 Securities for those two applications.

(4)

The Governing Council has identified a need for advanced information security services, such as strong authentication, electronic signatures and encryption, through the use of electronic certificates for the electronic applications, systems, platforms and services that are necessary for the fulfilment of the ECB's and NCAs' responsibilities, as competent authorities within the SSM, under Regulation (EU) No 1024/2013. Hence, certificates issued by the ESCB-PKI may be used to access and use electronic applications, systems, platforms and services used for the functioning of the SSM.

(5)

The ECB and the NCAs of the SSM may decide to use certificates and services provided by the ESCB-PKI to access and use SSM electronic applications, systems, platforms and services,

1.

‘national competent authority’ (NCA) means a national competent authority designated by a participating Member State in accordance with Article 2(2) of Regulation (EU) No 1024/2013. This meaning is without prejudice to arrangements under national law that assign certain supervisory tasks to a national central bank (NCB) that is not designated as an NCA. With regard to such arrangements, a reference to an NCA in this Decision shall also refer to the NCB in respect of the supervisory tasks assigned to it by national law;

2.

‘competent authority’ means either an NCA or the ECB;

3.

‘ESCB and Eurosystem electronic applications, systems, platforms and services’, ‘certificate’ or ‘electronic certificate’, ‘ESCB-PKI certification authority’, ‘registration authority’, ‘user’, ‘Eurosystem central bank’, and ‘relying party’ have the meanings defined in Article 1 of Decision ECB/2013/1;

4.

‘SSM electronic applications, systems, platforms and services’ means electronic applications, systems, platforms and services that are used for the fulfilment of the ECB's and NCAs' responsibilities under Regulation (EU) No 1024/2013;

5.

‘ESCB/SSM certificate acceptance framework’ means the criteria established by the ESCB Information Technology Committee to identify the certification authorities, both internal and external to the ESCB, which can be trusted in relation to ESCB and Eurosystem electronic applications, systems, platforms and services and in relation to SSM electronic applications, systems, platforms and services.