Participant requirements Payments in real time

Institutions who wish to participate in Payments in real time must apply for participation. The institution must both at entry and continuously fulfil all participation requirements. Bankgirot conducts annual monitoring of each participant's compliance with the participation requirements.

1.

PARTICIPANT REQUIREMENTS PAYMENTS IN REAL TIME 

1.1

Introductory requirements

1.1.2

1.1.3 Participate in BiR settlement service directly or through a settlement representative. 1.2 Financial requirements 1.2.1

1.1.3

Participate in BiR settlement service directly or through a settlement representative.
   

1.2

Financial requirements

1.2.1

Meet the capital requirements stated in the legislation and the regulations applying to the relevant institution at any given time.

1.2.2

Hold crime insurance with an insurance sum of at least SEK 200 million, as well as liability insurance covering pure economic loss with an insurance sum of at least SEK 30 million.
   

1.3

Technical requirements

1.3.1

Be able to connect technically to BiR.

1.3.2

Have sufficiently secure technical systems in compliance with Bankgirot's criteria below:

a) Is there an appropriate organisation in place to manage IT security?
b) Are there sufficient contingency procedures (redundancy) as regards: Employees, Data communication, System, Power supply?
c) Is there documentation of performing annual risk analysis?
d) Is there documentation of performing risk analysis for single point of failures?
e) Are there reports of annual intrusion analyses?
f) Is there protection against viruses and malware (malicious code)?
g) Is there access control?
h) Is there physical protection at the data operating site such as:
Perimeter protection, Fire protection and Water damage protection?

1.4

Risk management requirements

1.4.1

Maintain risk management routines necessary for the system which meet Bankgirot’s criteria below:

a) Are there persons in the organisation appointed as responsible for risk management?
b) Are there established policies and other relevant documentation concerning risks that have been created to ensure risk management?
c) Is there an established risk management plan within the organisation?
d) Are there procedures for the distribution of information concerning risk management within the organisation?
e) Is there an established methodology for managing operational
problems?
f) Are there escalation procedures for risk and problem situations,
including names recipients of non-conformance reports?
g) Is there an organised internal control function, i.e. internal auditing, risk control and compliance function?

1.5

Mandatory requirements

1.5.1

Have an organisation with defined roles and personnel who can meet the technical requirements, personnel trained in BiR Regulations and BiR Payment products as well as personnel who can meet the risk management requirements.
   

1.6

Account and product requirements

1.6.1

Be able to be identified via BIC. 

1.6.2

Receive credits in currencies within the framework for BiR, irrespective of which BiR Payment product or Participant-specific BiR Payment product in which the BiR Payment transaction is initiated, and irrespective of whether the BiR Payment transaction is initiated by another Participant or by an Authorised System.
   

1.7

Other Requirements

1.7.1

Be able to enter and continuously fulfil the BiR framework agreement.

DISCLAIMER: The English version is a translation of the original Swedish version, for information purposes only. In case of a discrepancy, the Swedish original will take precedence.