Participant requirements Bankgiro System

Institutions who wish to participate in the Bankgiro system must apply for participation. The institution must both at entry and continuously fulfil all participation requirements. Bankgirot conducts annual monitoring of each participant's compliance with the participation requirements.

1.

PARTICIPATION REQUIREMENTS BANKGIRO SYSTEM

1.1

Introductory requirements

1.1.1

Be a legal entity as well as a payment service provider according to chapter 1 § 3 in the payment services act (2010:751).

1.1.2

Participate in Bankgirot’s clearing and settlement service directly or through a representative.
   

1.2

Financial requirements

1.2.1

Meet the capital requirements stated in the legislation and the regulations applying to the relevant institution at any given time.

1.2.2

Have a commercial crime insurance with a principal amount of a minimum of SEK 200 million and a liability insurance covering pure economic loss with a principal  amount of a minimum of SEK 30 million. 

 

 

1.3

Technical requirements

1.3.1

Be able to connect technically to the Bankgiro System.

1.3.2

Have sufficiently secure technical systems in compliance with Bankgirot's criteria below: 

a) Is there an appropriate organisation in place to manage IT security?
b) Are there sufficient contingency procedures (redundancy) as regards: Employees, Data communication, System, Power supply?
c) Is there documentation of performing annual risk analysis?
d) Is there documentation of performing risk analysis for single point of failures?
e) Are there reports of annual intrusion analyses?
f) Is there protection against viruses and malware (malicious code)?
g) Is there access control?
h) Is there physical protection at the data operating site such as:
Perimeter protection, Fire protection and Water damage protection?

1.4

Risk management requirements

1.4.1

Maintain risk management routines necessary for the system which meet Bankgirot’s criteria below:

a) Are there persons in the organisation appointed as responsible for risk management?
b) Are there established policies and other relevant documentation concerning risks that have been created to ensure risk management?
c) Is there an established risk management plan within the organisation?
d) Are there procedures for the distribution of information concerning risk management within the organisation?
e) Is there an established methodology for managing operational
problems?
f) Are there escalation procedures for risk and problem situations,
including names recipients of non-conformance reports?
g) Is there an organised internal control function, i.e. internal auditing, risk control and compliance function?

1.5

Mandatory requirements

1.5.1

Have an organisation with defined roles and personnel who can meet the technical requirements, personnel trained in the Bankgiro System's regulations and services and personnel who can meet the risk management requirements.

 

 

1.6

Account and product requirements

1.6.1

Provide accounts to customers who wish to use the Bankgiro products.

1.6.2

Indentify accounts with clearing numbers.

1.6.3

Be able to be identified through BIC.

1.6.4

Receive account deposits.

1.6.5

Be able to accept transactions in SEK.

 

 

1.7

Other Requirements

1.7.1

Be able to enter and continuously fulfil the Bankgiro System's
framework agreement.

DISCLAIMER: The English version is a translation of the original Swedish version, for information purposes only. In case of a discrepancy, the Swedish original will take precedence.