Document from CIS Legislation database © 2003-2021 SojuzPravoInform LLC

RESOLUTION OF BOARD OF THE NATIONAL BANK OF UKRAINE

of November 30, 2020 No. 151

About approval of the Regulations on determination of objects of critical infrastructure in bank system of Ukraine

According to Articles 7, of 15, 56 Laws of Ukraine "About the National Bank of Ukraine", for the purpose of ensuring implementation of requirements of the Law of Ukraine "About the basic principles of ensuring cyber security of Ukraine" concerning determination of objects of critical infrastructure and objects of critical information infrastructure in bank system of Ukraine the Board of the National Bank of Ukraine DECIDES:

1. Approve Regulations on determination of objects of critical infrastructure in bank system of Ukraine (further - Provisions) which are applied.

2. To department of safety (Igor Konovalov) after official publication to inform banks information on adoption of this resolution for use in work.

3. To impose control over the implementation of this resolution on the Chairman of National Bank Kirill Shevchenko.

4. The resolution becomes effective from the date of its official publication.

Chairman

K. Shevchenko

Approved by the Resolution of Board of the National Bank of Ukraine of November 30, 2020 No. 151

Regulations on determination of objects of critical infrastructure in bank system of Ukraine

1. This Provision is developed according to the Laws of Ukraine "About the National Bank of Ukraine", "About the basic principles of ensuring cyber security of Ukraine", for the purpose of settlement of cyberprotection in bank system of Ukraine.

2. This Provision establishes criteria and procedure for reference of banks to objects of critical infrastructure in bank system of Ukraine and determines information systems of the banks carried to objects of critical information infrastructure.

3. The terms used in this Provision are used in such values:

1) object of critical infrastructure in bank system of Ukraine - banks of Ukraine which permanent functioning provides banking system stability has essential value for economy and safety of the state, functioning of society and which are of considerable public interest;

2) object of critical information infrastructure - information system of object of critical infrastructure in bank system of Ukraine, cyber attack to which will directly influence steady functioning of such object of critical infrastructure;

3) the list of objects of critical infrastructure - the summary list of banks which according to requirements of this provision are carried by the National Bank of Ukraine (further - National Bank) to objects of critical infrastructure in bank system of Ukraine;

4) the register of objects of critical information infrastructure are data on information systems which according to requirements of this provision belong to objects of critical information infrastructure.

Other terms in this Provision are used in the values determined by the Laws of Ukraine "About the National Bank of Ukraine", "About banks and banking activity", "About the basic principles of ensuring cyber security of Ukraine" and regulatory legal acts of National Bank.

4. Requirements of this Provision extend to banks of Ukraine.

5. In bank system of Ukraine regarding ensuring cyber security and banking system stability treat objects of critical infrastructure:

1) National Bank;

2) banks which answer at least one of the following criteria: bank which is included in the list systemically of important banks;

bank which is included in the list of the banks authorized for work (implementation of transactions) during the special period;

bank in which the state directly or indirectly owns share more than 75% of the authorized capital of bank.

6. The National Bank creates the list of objects of critical infrastructure in bank system of Ukraine according to the criteria determined in the subitem 2 of Item 5 of this provision.

The list of objects of critical infrastructure affirms as bank system of Ukraine the relevant decision of Board of National Bank.

7. The National Bank informs bank on its inclusion in the list of objects of critical infrastructure in bank system of Ukraine in the form of the letter.

8. In bank system of Ukraine treat objects of critical information infrastructure of objects of critical infrastructure:

1) system of automation of bank;

2) information system of the skilled supplier of electronic confidential services;

3) intra bank interfilial payment system;

4) system of remote servicing;

5) system of depositary accounting of securities of bank.

9. The bank shall carry to objects of critical information infrastructure (except determined in Item 8 of this provision) and other information systems, cyberincident or cyber attack to which can significantly influence steady functioning of bank.

10. The bank shall within a month from the date of receipt of the notification on inclusion in the list of objects of critical infrastructure in bank to system of Ukraine approve by the internal document the list of the information systems of bank carried to objects of critical information infrastructure and provide this list to National Bank.

The bank shall support the list of the information systems of bank carried to objects of critical information infrastructure in urgent condition and instantly provide updated information to National Bank.

11. Banks annually review the list of the information systems of bank carried to objects of critical information infrastructure and provide its relevance. Banks inform National Bank on results of review and changes annually, till December 20.

12. The banks carried to objects of critical infrastructure in bank system of Ukraine shall provide within a month after approval of own list of objects of critical information infrastructure to National Bank of the data on objects of critical information infrastructure for entering into the register of objects of critical information infrastructure in bank system of Ukraine in the form given in appendix to this Provision.

Appendix

to Regulations on determination of objects of critical infrastructure in bank system of Ukraine (Item 12)

Data which move in the register the owner of object of critical infrastructure in bank system of Ukraine

1. The complete name of object of critical infrastructure which part objects of critical information infrastructure, locations of the legal entity (legal address), pattern of ownership, code on EGRPOU are.

Warning!!!

This is not a full text of document! Document shown in Demo mode!

If you have active License, please Login, or get License for Full Access.

With Full access you can get: full text of document, original text of document in Russian, attachments (if exist) and see History and Statistics of your work.

Get License for Full Access Now

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info

Effectively work with search system

Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system

Get help

If you cannot find the required document, or you do not know where to begin, go to Help section.

In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.

You also may open the section Frequently asked questions. This section provides answers to questions set by users.

Search engine created by SojuzPravoInform LLC. UI/UX design by Intelliants.