Merci de désactiver le bloqueurs de pub pour visualiser cette vidéo.

Article 721-7 into force since

  • Version into force since
ELI : /en/eli/fr/aai/amf/rg/article/721-7/20191219/notes

I. - The digital assets services provider shall comply with the following requirements:

  1. It shall have at least one senior manager. He is responsible for ensuring that the company fulfils its legal and regulatory obligations. He is required to regularly assess and check the efficiency of systems and procedures mentioned in this Title. Any significant incidents shall be reported immediately to the effective executive corporate officer(s);

  2. It shall constantly have human and technical resources that are sufficient and appropriate for the services that it provides;

  3. It shall establish, implement and keep operational appropriate internal control mechanisms and procedures making it possible to ensure that it fulfils its legal and regulatory obligations. When the digital assets services provider is an investment services provider, the compliance system referred to in Article  312-1 shall include digital assets services; and

  4. It shall employ staff with sufficient qualifications, knowledge and expertise to exercise the responsibilities entrusted to them. It shall ensure that the staff are properly aware of the procedures which must be followed for the proper discharge of their responsibilities.

II. - It shall establish, implement and keep operational systems and procedures for safeguarding the security, integrity and confidentiality of information in a manner which is appropriate with regard to the nature of the information in question.

III. - It shall establish, implement and keep operational systems and procedures making it possible to resume operations as soon as possible in order to guarantee, in the event of the interruption of its systems and procedures, the safeguarding of its essential data and functions and the continuity of its digital assets services or, where this is impossible, in order to enable the recovery as quickly as possible of these data and functions and the resumption of its operations as quickly as possible.

IV. - It shall check and assess each year the adequacy and effectiveness of the internal control systems and mechanisms and other systems established in accordance with I to III, and take appropriate measures to correct any shortcomings.

V. - It shall take into account the scale, organisation, nature, importance and complexity of its activity in order to comply with the requirements referred to in this Article.