RTS on third country supervisory cooperation

Article 107(1) of Regulation (EU) 2023/1114 requires the competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; of Member States to conclude, where necessary, cooperation arrangements with supervisory authorities of third countries concerning the exchange of information and the enforcement of obligations arising under that Regulation in third countries.

In concluding new cooperation arrangements and updating existing cooperation arrangements with third-country authorities, the competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; should, where possible, use the template document set out in this Regulation.

Any transfer of personal datameans personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679; to supervisory authorities of third countries should be undertaken in full compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council(²)Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (OJ L 119, 4.5.2016, p. 1, ELI: http://data.europa.eu/eli/reg/2016/679/oj).. Appropriate safeguards for the exchange of personal datameans personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679; between competent authoritiesmeans one or more authorities:designated by each Member State in accordance with Article 93 concerning offerors, persons seeking admission to trading of crypto-assets other than asset-referenced tokens and e-money tokens, issuers of asset-referenced tokens, or crypto-asset service providers;designated by each Member State for the application of Directive 2009/110/EC concerning issuers of e-money tokens; of Member States and supervisory authorities of third countries may be provided for, among other things, by administrative arrangements referred to in Article 46(3), point (b), of Regulation (EU) 2016/679, which include enforceable and effective data subject rights.