Article 62 – Amendments to Regulation (EU) No 600/2014

Regulation (EU) No 600/2014 is amended as follows:

  1. Article 27g is amended as follows:
    1. paragraph 4 is replaced by the following:
      ‘4. An APA shall comply with the requirements concerning the security of network and information systems set out in Regulation (EU) 2022/2554 of the European Parliament and of the Council (*4).
    2. in paragraph 8, point (c) is replaced by the following:
      ‘(c) the concrete organisational requirements laid down in paragraphs 3 and 5.’;
  2. Article 27h is amended as follows:
    1. paragraph 5 is replaced by the following:
      ‘5. A CTP shall comply with the requirements concerning the security of network and information systems set out in Regulation (EU) 2022/2554.’.
    2. in paragraph 8, point (e) is replaced by the following:
      ‘(e) the concrete organisational requirements laid down in paragraph 4.’;
  • Article 27i is amended as follows:
    1. paragraph 3 is replaced by the following:
      ‘3. An ARM shall comply with the requirements concerning the security of network and information systems set out in Regulation (EU) 2022/2554.’;
    2. in paragraph 5, point (b) is replaced by the following:
      ‘(b) the concrete organisational requirements laid down in paragraphs 2 and 4.’.
(*4) Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (OJ L 333, 27.12.2022, p. 1).’;”