29.12.2020   

EN

Official Journal of the European Union

L 439/1


COMMISSION IMPLEMENTING REGULATION (EU) 2020/2244

of 17 December 2020

laying down rules for the application of Directive (EU) 2017/1132 of the European Parliament and of the Council as regards technical specifications and procedures for the system of interconnection of registers and repealing Commission Implementing Regulation (EU) 2015/884

(Text with EEA relevance)

THE EUROPEAN COMMISSION,

Having regard to the Treaty on the Functioning of the European Union,

Having regard to Directive (EU) 2017/1132 of the European Parliament and of the Council of 14 June 2017 relating to certain aspects of company law (1), and in particular Articles 24 and 13i(5) thereof,

Whereas:

(1)

Commission Implementing Regulation (EU) 2015/884 (2) sets out the technical specifications and procedures required for the system of interconnection of registers established by Directive 2009/101/EC of the European Parliament and of the Council (3), which has been codified and repealed by Directive (EU) 2017/1132. Further procedures for the system of interconnection of registers have subsequently been introduced in Directive (EU) 2017/1132 by Directive (EU) 2019/1151 of the European Parliament and of the Council (4) together with a requirement for the Commission to adopt implementing acts setting out the corresponding technical specifications and procedures by 1 February 2021.

(2)

It is necessary to lay down technical specifications defining the methods of exchange of information between the register of the company and the register of the branch in case a branch is opened or closed or when changes occur in the data and information of the company.

(3)

There is a need to specify what should be the detailed list of data when providing information between the register of the company and the register of the branch in order to ensure efficient exchange of data.

(4)

The procedure and technical requirements for the connection of the optional access points for Commission or other Union institutions, bodies, offices or agencies to the platform needs to be specified to ensure consistent rules for the establishment of such access points.

(5)

For the exchange of information on disqualified directors established by Directive (EU) 2019/1151 detailed arrangements and technical details need to be laid down to ensure effective, efficient and prompt exchange of information.

(6)

In order to ensure clarity and legal certainty, all the procedures and technical specifications for the system of interconnection of registers required by Directive (EU) 2017/1132 should be included in a single Implementing Regulation. Implementing Regulation (EU) 2015/884 should therefore be repealed and the technical specifications and procedures set out in that Implementing Regulation should be included in this Regulation.

(7)

Any processing of personal data under this Regulation is subject to Regulation (EU) 2016/679 of the European Parliament and of the Council (5) and Regulation (EU) 2018/1725 of the European Parliament and of the Council (6), as applicable.

(8)

The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 and delivered an opinion on 31 July 2020.

(9)

The measures provided for in this Regulation are in accordance with the opinion of the Committee on the Interconnection of Central, Commercial and Companies Registers,

HAS ADOPTED THIS REGULATION:

Article 1

The technical specifications and procedures for the system of interconnection of registers referred to in Article 22(2) of Directive (EU) 2017/1132 are set out in the Annex.

Article 2

Implementing Regulation (EU) 2015/884 is repealed.

References to the repealed Implementing Regulation shall be construed as references to this Regulation.

Article 3

This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

This Regulation shall be binding in its entirety and directly applicable in all Member States.

Done at Brussels, 17 December 2020.

For the Commission

The President

Ursula VON DER LEYEN


(1)  OJ L 169, 30.6.2017, p. 46.

(2)  Commission Implementing Regulation (EU) 2015/884 of 8 June 2015 establishing technical specifications and procedures required for the system of interconnection of registers established by Directive 2009/101/EC of the European Parliament and of the Council (OJ L 144, 10.6.2015, p. 1)

(3)  Directive 2009/101/EC of the European Parliament and of the Council of 16 September 2009 on coordination of safeguards which, for the protection of the interests of members and third parties, are required by Member States of companies within the meaning of the second paragraph of Article 48 of the Treaty with a view to making such safeguards equivalent (OJ L 258, 1.10.2009, p. 11).

(4)  Directive (EU) 2019/1151 of the European Parliament and of the Council of 20 June 2019 amending Directive (EU) 2017/1132 as regards the use of digital tools and processes in company law (OJ L 186, 11.7.2019, p. 80).

(5)  Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).

(6)  Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).


ANNEX

Technical specifications and procedures

Where reference is made in this Annex to ‘registers’, it is to be understood as ‘central, commercial and companies registers’.

The system of interconnection of registers is in this Annex referred to as the ‘Business Registers Interconnection System (BRIS)’.

1.   Methods of communication

BRIS shall use service-based methods of electronic communication, such as Web-services, for the purpose of interconnection of registers.

The communication between the portal and the platform, and between a register and the platform, shall be one-to-one communication. The communication from the platform to the registers may be one-to-one or one-to-many.

2.   Communication protocols

Secure internet protocols, such as Hypertext Transfer Protocol Secure (HTTPS), shall be used for the communication between the portal, the platform, the registers and the optional access points.

Standard communication protocols, such as Simple Object Access Protocol (SOAP), shall be used for the transmission of structured data and metadata.

3.   Security standards

For the communication and distribution of information via BRIS, the technical measures for ensuring minimum information technology security standards shall include:

(a)

measures to ensure confidentiality of information, including by using secure channels (HTTPS);

(b)

measures to ensure the integrity of data while being exchanged;

(c)

measures to ensure the non-repudiation of origin of the sender of information within BRIS and the non-repudiation of receipt of information;

(d)

measures to ensure logging of security events in line with recognized international recommendations for information technology security standards;

(e)

measures to ensure the authentication and authorisation of any registered users and measures to verify the identity of systems connected to the portal, the platform or the registers within BRIS.

4.   Methods of exchange of information between the register of the company and the register of the branch

4.1.   Branch disclosure notification

The following method shall be used for the exchange of information between the register of the company and the register of the branch in accordance with Articles 20 and 34 of Directive (EU) 2017/1132:

(a)

The register of the company shall make available, without delay, to the platform the information on the opening and termination of any winding-up or insolvency proceedings and on the striking-off of the company (‘disclosed information’);

(b)

To ensure receipt without delay of the disclosed information, the register of the branch shall request that information from the platform. That request may consist of indicating to the platform the companies on which the register of the branch is interested to receive disclosed information;

(c)

Upon that request, the platform shall ensure that the register of the branch has access to the disclosed information without delay.

4.2.   Branch registration notification

The following method shall be used for the exchange of information between the register of the branch and the register of the company in accordance with Article 28a of Directive (EU) 2017/1132:

(a)

The register of the branch shall send a message, without delay, through BRIS to the register of the company (‘branch registration notification’);

(b)

Upon receipt of the notification, the register of the company shall, without delay, send a message acknowledging the receipt of the notification (‘acknowledgement of receipt of branch registration notification’).

4.3.   Branch closure notification

The following method shall be used for the exchange of information between the register of the branch and the register of the company in accordance with Article 28c of Directive (EU) 2017/1132:

(a)

The register of the branch shall send a message, without delay, through BRIS to the register of the company (‘branch closure notification’);

(b)

Upon receipt of the notification, the register of the company shall, without delay, send a message acknowledging the receipt of the notification (‘acknowledgement of receipt of branch closure notification’).

4.4.   Notification on changes to documents and information about the company

The following method shall be used for the exchange of information between the register of the company and the register of the branch in accordance with Article 30a of Directive (EU) 2017/1132:

(a)

The register of the company shall make available, without delay, to the platform the information on changes to documents and information about the company (‘disclosed information’). The message format shall make it possible to include attachments;

(b)

To ensure receipt without delay of the disclosed information, the register of the branch shall request that information from the platform. That request may consist of indicating to the platform the companies on which the register of the branch is interested to receive disclosed information:

(c)

Upon that request, the platform shall ensure that the register of the branch has access to the disclosed information without delay.

(d)

Upon receipt of the disclosed information, the register of the branch shall, without delay, send a message acknowledging the receipt of the notification (‘acknowledgement of receipt on the notification on changes to documents and information of the company’).

4.5.   Communication errors

Appropriate technical measures and procedures shall be in place to handle any communication error between the register and the platform.

5.   List of data to be exchanged between registers

5.1.   Branch disclosure notification

For the purposes of this Annex, the exchange of information between registers set out in Articles 20 and 34 of Directive (EU) 2017/1132 shall be referred to as ‘branch disclosure notification’. The proceeding triggering that notification shall be referred to as ‘branch disclosure event’.

For each branch disclosure notification referred to in point 4.1, Member States shall exchange the following data:

Data type

Description

Cardinality (1)

Additional description

Issuance Date and Time

Date and time when the notification was sent

1

Date and Time

Issuing Organisation

Name/Identifier of the organisation that issues this notification

1

Party data structure

Legislation Reference

Reference to relevant national or Union legislation

0…n

Text

Proceeding-related data

 

1

Group of Elements

Effective Date

Date when the proceeding affecting the company has come into effect

1

Date

Proceeding Type

Type of proceeding leading to a branch disclosure event as referred to in Article 20 of Directive (EU) 2017/1132

1

Code

(Winding-up Opening

Winding-up Termination

Winding-up Opening and Termination

Winding-up Revocation

Insolvency Opening

Insolvency Termination

Insolvency Opening and Termination

Insolvency Revocation

Striking-off)

Company data

 

1

Group of Elements

EUID

Unique identifier of the company making subject of this notification

1

Identifier

See section 8 of this Annex for structure of the EUID

Alternate ID

Other identifiers of the company (e.g. Legal Entity Identifier)

0…n

Identifier

Legal form

Type of legal form

1

Code

As referred to in Annex II to Directive (EU) 2017/1132

Name

Name of the company making subject of this notification

1

Text

Registered Office

Registered office of the company

1

Text

Register Name

Name of the register where the company is registered

1

Text

The notification message may also include technical data necessary for the proper transmission of the message.

The exchange of information shall also include technical messages necessary for the acknowledgement of receipt, logging and reporting purposes.

5.2.   Branch registration notification

For each branch registration notification referred to in point 4.2, Member States shall exchange the following data:

Data type

Description

Cardinality (2)

Additional description

Issuance Date and Time

Date and time when the notification was sent

1

Date and Time

Issuing Organisation

Name/Identifier of the organisation that issues this notification

1

Party data structure

Recipient Organisation

Name/Identifier of the register where the company is registered

1

Party data structure

Legislation Reference

Reference to relevant national or Union legislation

0…n

Text

Branch data

 

1

Group of Elements

Date of registration

Date when the branch was registered.

1

Date

Effective date

Date when the opening of the branch becomes effective, if available

0

Date

Name of the branch if it is different from the company name

Name of the branch subject of the notification. If it is the same as the company this field should be left empty

0

Text

As referred to in Article 30(1)(d) of Directive (EU) 2017/1132

Additional names of the branch

If the branch has more than one name, the additional names can be included.

0…n

Text

EUID

Unique identifier of the branch subject of this notification

1

Identifier

Address of the branch

Address of the branch subject of the notification

1

Full address

Company data

 

1

Group of Elements

EUID

Unique identifier of the company to which the branch belongs

1

Identifier

Alternate ID

Other identifiers of the company (e.g. Legal Entity Identifier)

0…n

Identifier

Legal form

Type of legal form

0

Code

As referred to in Annex II to Directive (EU) 2017/1132

Name

Name of the company subject of this notification

0

Text

The notification message may also include technical data necessary for the proper transmission of the message.

The exchange of information shall also include technical messages necessary for the acknowledgement of receipt, logging and reporting purposes.

5.3.   Branch closure notification

For each branch closure notification referred to in point 4.3, Member States shall exchange the following data:

Data type

Description

Cardinality (3)

Additional description

Issuance Date and Time

Date and time when the notification was sent

1

Date and Time

Issuing Organisation

Name/Identifier of the organisation that issues this notification

1

Party data structure

Recipient Organisation

Name/Identifier of the register where the company is registered

1

Party data structure

Legislation Reference

Reference to relevant national or Union legislation

0…n

Text

Branch data

 

1

Group of Elements

Date of striking off of the branch from the register

Date when the branch was stricken off from the register

1

Date

Effective date

Date when the closure of the branch becomes effective, if available

0

Date

Name of the branch if it is different from the company name

Name of the branch subject of the notification. If it is the same as the company this field should be left empty

0

Text

As referred to in Article 30(1)(d) of Directive (EU) 2017/1132

Additional names of the branch

If the branch has more than one name, the additional names can be included.

0…n

Text

EUID

Unique identifier of the branch subject of this notification

1

Identifier

Company data

 

1

Group of Elements

EUID

Unique identifier of the company to which the branch belongs to

1

Identifier

Alternate ID

Other identifiers of the company (e.g. Legal Entity Identifier)

0…n

Identifier

Legal form

Type of legal form

0

Code

As referred to in in Annex II to Directive (EU) 2017/1132

Name

Name of the company subject of this notification

0

Text

The notification message may also include technical data necessary for the proper transmission of the message.

The exchange of information shall also include technical messages necessary for the acknowledgement of receipt, logging and reporting purposes.

5.4.   Notification on changes to documents and information of the company

For each notification on changes to documents and information of the company referred to in point 4.4, Member States shall exchange the following data:

Data type

Description

Cardinality (4)

Additional description

Issuance Date and Time

Date and time when the notification was sent

1

Date and Time

Issuing Organisation

Name/Identifier of the organisation that issues this notification

1

Party data structure

Recipient Organisation

Name/Identifier of the register where the branch is registered

1

Party data structure

Legislation Reference

Reference to relevant national or Union legislation

0…n

Text

Proceedings-related data

 

1

Group of Elements

Proceedings Type

Type of proceeding leading to a notification on changes to documents and information of the company

1

(a)

change in the company’s name;

(b)

change in the company’s registered office;

(c)

change in the company’s registration number in the register;

(d)

change in the company’s legal form;

(e)

change in the documents and information referred to in point (d) of Article 14;

(f)

change in the documents and information referred to in point (f) of Article 14

Date of registration

Date when the change to documents and information of the company was registered

1

Date

Effective date

Date when the change to documents and information of the company takes effect, if available

0

Date

Relevant data to be updated, depending on the Proceeding Type

Change in the company data

1

One of the following:

(a)

company’s new name and the previous name

(b)

company’s new registered office and the previous registered office;

(c)

company’s new registration number in the register and the previous registration number;

(d)

company’s new legal form and the previous legal form;

(e)

New documents and information referred to in point (d) of Article 14 (attachments possible), which shall include the following data:

whether it is a natural person or legal person.

In case of a natural person

Name, surname,

date of birth if available, otherwise the national identification number,

In case of a legal person:

name of the company

EUID of the company or, if available, other registration number if not a company listed in Annex II to Directive (EU) 2017/1132,

legal form

Notwithstanding whether it is a natural person or legal person:

Address (if available in the register).

whether it is an appointment or a termination, or an update to an existing appointment

whether the person falls under Article 14(d) (i) or 14(d) (ii),

in case of persons falling under 14(d) (i), whether alone or joint representation with the option to provide additional information, if needed, in a document or text, or, in other cases, a description provided in a document or a text

title

option to provide a document or a text describing possible restrictions to the power of representation (e.g. value and type of business).

option to provide only documents for the persons falling under Art 14(d)(ii)

(f)

new documents and information referred to in point (f) of Article 14 (attachments possible), which shall include the following metadata: financial year.

Additional data to be, provided optionally regarding point (d) of Article 14

Change in the company data

0…n

Optional data:

National personal identification number

Number of identification document (ID card, passport)

Nationality/ies

Place of birth

Company data

 

1

Group of Elements

EUID

Unique identifier of the company to which the branch belongs

1

Identifier

Alternate ID

Other identifiers of the company (e.g. Legal Entity Identifier)

0…n

Identifier

The new documents and information referred to in point (f) of Article 14 of Directive (EU) 2017/1132 shall not be sent to the register of the branch if the Member State in question applies the option referred to in the second paragraph of Article 31 of that Directive.

The notification message may also include technical data necessary for the proper transmission of the message.

The exchange of information shall also include technical messages necessary for the acknowledgement of receipt, logging and reporting purposes.

5.5.   Cross-border merger notification

For the purposes of this Annex, the exchange of information between registers as referred to in Article 130 of Directive (EU) 2017/1132 shall be referred to as ‘cross-border merger notification’. For each cross-border merger notification referred to in Article 130 of Directive (EU) 2017/1132, Member States shall exchange the following data:

Data type

Description

Cardinality (5)

Additional description

Issuance Date Time

Date and time when the notification was sent

1

Date and Time

Issuing Organisation

Organisation that issued this notification

1

Party data structure

Recipient Organisation

Organisation this notification is addressed to

1

Party data structure

Legislation Reference

Reference to relevant national or Union legislation

0…n

Text

Merger-related data

 

1

Group of Elements

Effective Date

Date when the merger became effective

1

Date

Merger Type

Type of merger as defined by Article 119(2) of Directive (EU) 2017/1132

1

Code

(Cross-border merger by acquisition

Cross-border merger by formation of new company

Cross-border merger of wholly owned company)

Resulting company

 

1

Group of Elements

EUID

Unique identifier of the company resulting from the merger

1

Identifier

See section 8 of this Annex for structure of the EUID

Alternate IDs

Other identifiers

0…n

Identifier

Legal form

Type of legal form

1

Code

As referred to in Annex II to Directive (EU) 2017/1132

Name

Name of the company resulting from the merger

1

Text

Registered Office

Registered office of the company resulting from the merger

1

Text

Register Name

Name of the register where the company resulting from the merger was registered

1

Text

Merging Company

 

1…n

Group of Elements

EUID

Unique identifier of the company being merged

1

Identifier

See section 8 of this Annex for structure of the EUID

Alternate IDs

Other identifiers

0…n

Identifier

Legal Form

Type of legal form

1

Code

As referred to in Annex II to Directive (EU) 2017/1132

Name

Name of the company taking part in the merger

1

Text

Registered Office

Registered office of the company taking part in the merger

0…1

Text

Register Name

Register where the merging company was registered

1

Text

The notification message may also include technical data necessary for the proper transmission of the message.

The exchange of information shall also include technical messages necessary for the acknowledgement of receipt, logging and reporting purposes.

6.   Structure of the standard message format

The exchange of information between the registers, the platform and the portal shall be based on standard data-structuring methods and shall be expressed in a standard message format such as XML.

7.   Data for the platform

The following type of data shall be provided for the platform to perform its functions:

(a)

Data allowing for the identification of systems that are connected to the platform. Those data could consist of URLs or any other number or code uniquely identifying each system within BRIS;

(b)

An index of the particulars listed in Article 19(2) of Directive (EU) 2017/1132. This data shall be used to ensure consistent and quick results of the search service. Where the data is not made available to the platform for indexation, Member States shall make the same particulars available for the purpose of the search service in a way that guarantees the same level of service as provided by the platform;

(c)

Unique identifiers of companies referred to in Article 16(1) of Directive (EU) 2017/1132 and unique identifiers of branches referred to in Article 29(4) of Directive (EU) 2017/1132. These identifiers shall be used to ensure the interoperability of registers via the platform;

(d)

Any other operational data that is necessary for the platform to ensure the proper and efficient functioning of the search service and the interoperability of registers. Those data may include code lists, reference data, glossaries and related translations of those metadata, as well as logging and reporting data.

The data and metadata handled by the platform shall be processed and stored in line with the security standards outlined in section 3 of this Annex.

8.   Structure and use of the unique identifier

The unique identifier for the purpose of communication between registers shall be referred to as the EUID (European Unique Identifier).

The structure of the EUID shall be compliant with ISO 6523 and shall contain the following elements:

EUID element

Description

Additional description

Country code

Elements making it possible to identify the Member State of the register

Mandatory

Register Identifier

Elements making it possible to identify the domestic register of origin of the company and of the branch respectively

Mandatory

Registration number

Company/branch number refers to the registration number of the company/branch in the domestic register of origin

Mandatory

Verification digit

Elements making it possible to avoid identification errors

Optional

The EUID shall be used to unequivocally identify companies and branches for the purpose of the exchange of information between registers via the platform.

9.   Methods of operation of the system and information technology services provided by the platform

For the distribution and exchange of information, the system shall be based on the following technical method of operation:

Image 1

For the delivery of messages in the relevant language version, the platform shall provide reference data artefacts, such as code lists, controlled vocabularies and glossaries. Where relevant, these shall be translated into the official languages of the Union. Where possible, recognised standards and standardized messages shall be used.

The Commission shall share with the Member State further details on the technical method of operation and the implementation of the information technology services provided by the platform.

10.   Search criteria

At least one country shall be selected when running a search.

The portal shall provide the following harmonised criteria for the search:

company name,

registration number of the company or the branch in the domestic register.

Further search criteria may be available on the portal.

11.   Payment modalities

For the documents and particulars for which Member States charge fees and which are made available on the e-Justice portal via BRIS, the system shall allow users to pay online by using widely used payment modalities such as credit and debit cards.

The system may also provide alternative online payment methods, such as bank transfers or virtual wallets (deposit).

12.   Explanatory labels

In relation to the particulars and types of documents listed in Article 14 of Directive (EU) 2017/1132, Member States shall provide the following explanatory labels:

(a)

A short title for each particular and document (for example: ‘Articles of incorporation’);

(b)

As appropriate, a brief description of the content of each document or particular, including, optionally, information on the legal value of the document.

13.   Availability of services

The service time frame shall be 24/7days, with an availability rate of the system of at least 98 % excluding scheduled maintenance.

Member States shall notify the Commission of maintenance activities as follows:

(a)

5 working days in advance for maintenance operations that may cause an unavailability period of up to 4 hours;

(b)

10 working days in advance for maintenance operations that may cause an unavailability period of up to 12 hours;

(c)

30 working days in advance for infrastructure computer room maintenance, which may cause up to 6 days unavailability period per year.

To the extent possible, maintenance operations shall be planned outside working hours (19:00h – 8:00h CET).

Where Member States have fixed weekly service windows, they shall inform the Commission of the time and day of the week when such fixed weekly windows are planned. Without prejudice to the obligations in points (a) to (c) of the second paragraph, if Member States systems become unavailable during such a fixed window, Member States may choose not to notify the Commission on each occasion.

In case of unexpected technical failure of the Member States systems, Member States shall inform the Commission without delay of their system unavailability, and, if known, of the projected resuming of the service.

In case of unexpected failure of the central platform or of the portal, the Commission shall inform the Member States without delay of the platform or portal unavailability, and if known, of the projected resuming of the service.

14.   Optional access points

14.1.   Optional access points to BRIS according to the first subparagraph of Article 22(4) of Directive (EU) 2017/1132

14.1.1.   Procedure

Member States shall provide information on the planned timing of the establishment of the optional access points, the number of optional access points that will connect to the platform, and contact details of the person(s) that could be contacted for the purpose of establishing the technical connection.

The Commission shall provide the Member States with the necessary technical details and support for the testing and deployment of the connection of each optional access point to the platform.

14.1.2.   Technical requirements

For the connection of optional access points to the platform, Member States shall comply with the relevant technical specifications set out in this Annex, including security requirements for transmission of data via the optional access points.

Where payment is necessary via an optional access point, Member States shall provide the payment methods of their choice and shall handle the related payment operations.

Member States shall carry out appropriate testing before the connection to the platform becomes operational and before any significant changes are made to an existing connection.

After successful connection of the optional access point to the platform, Member States shall inform the Commission of any upcoming significant change of the access point that may affect the functioning of the platform, in particular the closing of the access point. Member States shall provide sufficient technical details in relation to the change, in order to allow for proper integration of any related changes.

Member States shall indicate on each optional access point that the search service is provided via BRIS.

14.2.   Optional access points to BRIS according to the second subparagraph of Article 22(4) of Directive (EU) 2017/1132

14.2.1.   Procedure

The Commission shall assess any request received for the establishment of an optional access point in accordance with the second subparagraph of Article 22(4) of Directive (EU) 2017/1132.

The requester shall provide all the information needed for the proper assessment of the request.

The Commission shall provide the requester with the necessary technical details and support for the testing and deployment of the establishment of each optional access point to the platform.

14.2.2.   Technical requirements

For the establishment of optional access points to the platform, the requester shall comply with the relevant technical specifications set out in this Annex, including security requirements for transmission of data via the optional access points.

Where payment is necessary via an optional access point, the requester shall provide the payment methods of their choice and shall handle the related payment operations.

The requester shall carry out appropriate testing before the establishment to the platform becomes operational and before any significant changes are made to an existing connection.

After successful establishment of the optional access point to the platform, the requester shall inform the Commission of any upcoming significant change of the access point that may affect the functioning of the platform, in particular the closing of the access point. The requester shall provide sufficient technical details in relation to the change, in order to allow for proper integration of any related changes.

The requester shall indicate on each optional access point that the search service is provided via BRIS.

14.3.   Requirements applicable to optional access points according to Article 22(4), first and second subparagraph

The Commission shall inform the Member States about a request received.

The technical requirements shall also include measures to ensure that optional access points do not affect the correct functioning of BRIS nor compliance with the safety, security and data protection requirements, with due regard to the respective responsibility of each party within the part of the system under its technical control.

15.   Exchange of information on disqualified directors

15.1.   Introduction

The exchange of information referred to in Article 13i(4) of Directive (EU) 2017/1132 shall cover cases where a person is disqualified from becoming a director of a company of one of the types listed in Annex II to that Directive further to a decision of a court or another competent authority of a Member State based on its national law.

The exchange of information shall not cover cases where, under national law, a person is generally incapable of contracting or restricted in his or her general legal capacity or further to a decision of a court or another competent authority of a Member State based on its national law and therefore unable to become a director of a company of the type referred to in the first paragraph.

The exchange of information shall not cover cases based on specific rules under Union law, such as the rules on fitness and propriety provided under Article 91(1) of Directive 2013/36/EU of the European Parliament and of the Council (6).

Where, in accordance with national law in a Member State, legal persons are allowed to be directors of companies of the type referred to in the first paragraph, such legal persons shall fall under the scope of the exchange of information. Each Member State shall inform the other Member States and the Commission whether this possibility exists in its national law.

15.2.   Methods of exchange of information between Member States

The following method shall be used for the exchange of information between the registers in accordance with Article 13i of Directive (EU) 2017/1132.

The queries and the answers under this section shall be transferred through BRIS using end-to-end encryption.

Member States shall exchange the information needed to correlate queries and the answers under this section concerning the same request.

15.2.1.   First level of exchange of information

15.2.1.1.   First level query on disqualification

Member States’ competent authorities may request, through BRIS, information from one or more Member States on whether a person who applies to become a director of a company of one of the types listed in Annex II to Directive (EU) 2017/1132 is disqualified or is recorded in any of their registers that contain information relevant for disqualification of directors.

The requesting Member State shall decide to which Member State or Member States the query shall be sent. The queries shall be sent with a view to ensure effective, efficient and prompt exchange of information.

Each query shall cover one single person and shall provide the data for identification of the person. The requesting Member State shall process such data in compliance with Regulation (EU) 2016/679. The Member States shall ensure that only necessary data and only data concerning the applicant in question is exchanged.

15.2.1.2.   First level answer on disqualification

Upon receipt of the query, the competent authorities of the requested Member State shall, without delay, provide an answer through BRIS.

The answer shall indicate whether the person identified in the query is disqualified or is recorded in any of the registers of the requested Member State that contain information relevant for disqualification of directors.

In case the answer is that the person is disqualified or is recorded in any of the registers that contain information relevant for disqualification of directors, the requested Member State may indicate in its answer, which specific data provided by the requesting Member State matches the data available in the requested Member State and which specific data included in the query cannot be confirmed by the requested Member State as it is not recorded in its registers.

If it is necessary, the requested Member State may ask the requesting Member State to provide further data to ensure unequivocal identification of the person. Such data shall be processed in compliance with Regulation (EU) 2016/679.

15.2.2.   Second level of exchange of information

The exchange for additional information may take place through other appropriate means than BRIS. If the second level of exchange of information is carried out through BRIS, the rules set out in points 15.2.2.1, 15.2.2.2, 15.3.3 and 15.3.4 shall apply.

15.2.2.1.   Second level query on disqualification

In case a requested Member State indicates in the first level answer that a given person is disqualified or is recorded in any of its registers that contain information relevant for disqualification of directors, the requesting Member States may request further information from the requested Member State concerning the person identified in the first level query.

The second level query shall cover the same person as the first level query and first level answer.

15.2.2.2.   Second level answer on disqualification

The requested Member State may decide, under its national law, which additional information to provide. In case that Member State’s national law does not allow further exchange of information, it shall inform accordingly the requesting Member State.

15.3.   Detailed list of data

For the exchange of information on disqualified directors, Member States shall include the following data.

15.3.1.   First level query on disqualification

Data type

Description

Cardinality (7)

Additional description

Issuance Date and Time

Date and time when this query was sent

1

Date and Time

Issuing Organisation

Name/Identifier of the organisation that issues this query

1

Party data structure

Recipient Organisation

Name/Identifier of the register of the requested Member State

1

Party data structure

Legislation Reference

Reference to relevant national or Union legislation

0…n

Text

First level query on disqualification

If the person who applies to be a director is a natural person

 

 

 

First name

First name of the person who applies to be a director

1

Text

Surname

Surname of the person who applies to be a director

1

Text

Date of birth

Date of birth of the person who applies to be a director

1

Date

Further identification data

Further data processed according to the requesting Member State’s national law and in compliance with Regulation (EU) 2016/679

0…n

Text/date/identifier

First level query on disqualification

If the person who applies to be a director is a legal person

 

 

 

Name of the legal entity

Name of the legal entity which applies to be a director

1

Text

Legal form

Legal form of the legal entity which applies to be a director

1

Code

As referred to in Annex II to Directive (EU) 2017/1132 of the company therein or other legal form if the legal entity falls outside of the scope Directive (EU) 2017/1132

EUID

EUID if it is a company listed in Annex II to Directive (EU) 2017/1132.

1

Identifier

Other registration number

Other registration number if not a company listed in Annex II to Directive (EU) 2017/1132.

0

Identifier

Alternate ID

Other identifiers of the company (e.g. Legal Entity Identifier)

0…n

Identifier

Member States shall provide information on the means of identification needed for an efficient exchange of information on disqualified directors. That information may consist in providing the data that is necessary to identify the persons covered by a request.

Member States may also use e-identification means for the identification of persons in the exchange of information.

Queries covering a legal person shall be sent only to those Member States which allow legal persons to be directors and which allow disqualification of such legal persons.

15.3.2.   First level answer on disqualification

Data type

Description

Cardinality (8)

Additional description

Issuance Date and Time

Date and time when this answer was sent

1

Date and Time

Issuing Organisation

Name/Identifier of the organisation that issues this answer

1

Party data structure

Recipient Organisation

Name/Identifier of the register of the requesting Member State

1

Party data structure

Legislation Reference

Reference to relevant national or Union legislation

0…n

Text

Yes/no/no sufficient data for identification

‘Yes’ if the person is disqualified or is recorded in any of its registers that contain information relevant for disqualification of directors

‘No’ if the person is not disqualified or is not recorded in any of its registers that contain information relevant for disqualification of directors

‘No sufficient data for identification’ if the data provided does not make it possible to unequivocally identify the person and more information is needed.

1

Select an option

Further identification data required

Indicate what data is needed for unequivocal identification

1…n (only if no sufficient data for identification)

Text/date/identifier

No second level answer will be provided through BRIS

If “yes”, option to indicate that no answer will be provided for second level query through BRIS

0

Select the option

15.3.2.1.   Provision of further identification data

In case the requested Member State requires further identification data to ensure unequivocal identification, the requesting Member State shall provide the data using the following message format:

Data type

Description

Cardinality (9)

Additional description

Issuance Date and Time

Date and time when this query was sent

1

Date and Time

Issuing Organisation

Name/Identifier of the organisation that issues this query

1

Party data structure

Recipient Organisation

Name/Identifier of the register of the requested Member State

1

Party data structure

Legislation Reference

Reference to relevant national or Union legislation

0…n

Text

Further identification data

Further data required by the requested Member State to ensure unequivocal identification processed according to the requesting Member State’s national law and in compliance with Regulation (EU) 2016/679

1…n

Text/date/identifier

15.3.3.   Second level query on disqualification

Data type

Description

Cardinality (10)

Additional description

Issuance Date and Time

Date and time when this query was sent

1

Date and Time

Issuing Organisation

Name/Identifier of the organisation that issues this query

1

Party data structure

Recipient Organisation

Name/Identifier of the register of the requested Member State

1

Party data structure

Legislation Reference

Reference to relevant national or Union legislation

0…n

Text

Request further information

Request for further information

1…n

Request further information at least on one of the following:

grounds for disqualification under national law,

date of decision,

period or validity of the disqualification,

file number, issuer of the decision.

Information on any limitation to such disqualification (e.g. sector specific disqualifications)

15.3.4.   Second level answer on disqualification

Data type

Description

Cardinality (11)

Additional description

Issuance Date and Time

Date and time when this answer was sent

1

Date and Time

Issuing Organisation

Name/Identifier of the organisation that issues this answer

1

Party data structure

Recipient Organisation

Name/Identifier of the register of the requesting Member State

1

Party data structure

Legislation Reference

Reference to relevant national or Union legislation

0…n

Text

Further information

Request for further information

1…n

Further information at least on one of the following:

grounds for disqualification under national law,

date of decision,

period or validity of the disqualification,

file number, issuer of the decision.

Information on any limitation to such disqualification (e.g. sector specific disqualifications)

No further information provided in case the Member State’s national law does not allow further exchange of information - list data on which further information is not provided.

(attachment of documents possible)

15.4.   Operation of the exchange of information

Member States shall indicate if they face difficulties due to high numbers of queries received. In such a case, the Commission and the Member States shall assess the issue with a view of ensuring smooth operation of the exchange of information and further development of the system.


(1)  Cardinality 0 means that the data is optional. Cardinality 1 means that the data is mandatory. Cardinality 0…n or 1…n means that more than one piece of the same type of data may be provided.

(2)  Cardinality 0 means that the data is optional. Cardinality 1 means that the data is mandatory. Cardinality 0…n or 1…n means that more than one piece of the same type of data may be provided.

(3)  Cardinality 0 means that the data is optional. Cardinality 1 means that the data is mandatory. Cardinality 0…n or 1…n means that more than one piece of the same type of data may be provided.

(4)  Cardinality 0 means that the data is optional. Cardinality 1 means that the data is mandatory. Cardinality 0…n or 1…n means that more than one piece of the same type of data may be provided.

(5)  Cardinality 0 means that the data is optional. Cardinality 1 means that the data is mandatory. Cardinality 0…n or 1…n means that more than one piece of the same type of data may be provided.

(6)  Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).

(7)  Cardinality 0 means that the data is optional. Cardinality 1 means that the data is mandatory. Cardinality 0…n or 1…n means that more than one piece of the same type of data may be provided.

(8)  Cardinality 0 means that the data is optional. Cardinality 1 means that the data is mandatory. Cardinality 0…n or 1…n means that more than one piece of the same type of data may be provided.

(9)  Cardinality 0 means that the data is optional. Cardinality 1 means that the data is mandatory. Cardinality 0…n or 1…n means that more than one piece of the same type of data may be provided.

(10)  Cardinality 0 means that the data is optional. Cardinality 1 means that the data is mandatory. Cardinality 0…n or 1…n means that more than one piece of the same type of data may be provided.

(11)  Cardinality 0 means that the data is optional. Cardinality 1 means that the data is mandatory. Cardinality 0…n or 1…n means that more than one piece of the same type of data may be provided.