Source: OJ L, 2024/1620, 19.6.2024

Current language: EN

Article 47 FIU.net

    1. The Authority shall ensure adequate, uninterrupted and secure hosting of FIU.net, and ensure the management, maintenance and development of FIU.net. Taking into account the needs of FIUs, the Authority shall ensure that the most advanced and secure technology available is used for FIU.net, subject to a cost-benefit analysis.

    1. The Authority shall ensure uninterrupted functioning of FIU.net and keep it up-to-date. Where necessary to support or strengthen the exchange of information and cooperation between FIUs and based on the needs of FIUs, the Authority shall design and implement, or otherwise make available, upgraded or additional functionalities of FIU.net.

    1. The Authority shall also be responsible for the following tasks relating to FIU.net:

      1. implement appropriate technical and organisational measures to ensure a level of security that protects personal data;

      2. plan, coordinate, manage and support any testing activities;

      3. ensure adequate financial resources;

      4. provide training on the technical use of FIU.net by end-users.

    1. For the purposes of carrying out the tasks referred to in paragraphs 1, 2 and 3, the Authority shall be empowered to conclude or enter into legally binding contracts or agreements with third-party service providers, after appropriate audits of their security standards.

    1. The Authority shall adopt and implement the measures necessary for the fulfilment of the tasks referred to in this Article, including a security plan, a business continuity plan and a disaster recovery plan for FIU.net.

    1. The General Board in FIU composition, acting unanimously, may decide to suspend the access of an FIU, its counterpart in a third countrymeans any jurisdiction, independent state or autonomous territory that is not part of the Union and that has its own AML/CFT legislation or enforcement regime;, or a Union body, office or agency, to FIU.net where it has grounds to believe that such access would jeopardise the implementation of Chapter III of Directive (EU) 2024/1640 and the security and confidentiality of the information held by FIUs and exchanged through the FIU.net system, including where there are concerns in relation to an FIU’s lack of independence and autonomy.

    2. Where the General Board in FIU composition adopts a decision suspending the access of an FIU to FIU.net, the General Board shall act unanimously by vote of all members of the General Board in FIU composition, except the head of the FIU in question.

    3. The General Board in FIU composition shall define the criteria for the suspension of access to FIU.net and adopt rules of procedure for such suspension.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod