The Euroclear Finland S Information System - A Case Study

Transcription

1 Data security regulations as well as preparations for malfunction and other exceptional situations Decision of Euroclear Finland s CEO To: Account operators Issuer agents Clearing parties Reference to the Rules: Ratified: 23 January 2015 Entry into force: 2 February 2015 Supersedes: the Decisision in force as of 1 July 2013

2 1. Scope of application This Decision shall apply to organisations applying for the rights of an account operator, its agent or a clearing party and to organisations operating with the said status. This Decision shall apply to the OM system and the systems of a party connected thereto as well as to the Infinity and the systems connected thereto. 2. Purpose and aims This Decision shall determine the principles to be complied with in order to maintain the data security of Euroclear Finland s information systems. The aim is to ensure the standard of data security and the uninterrupted operation of the book-entry register, the clearing systems and related systems and parties. 3. Contents of the Decision 3.1. General data security principles A party connected to Euroclear Finland s systems is required to have a security policy and data security principles derived therefrom. The party shall document the general security principles approved by the management of the party concerned. Internal instructions and supervision shall be used to ensure users are aware of the security policy, the data security principles and the instructions drawn up based thereon, to ensure users comply with them and know their responsibilities relating thereto. A party shall appoint an owner for the information systems to be connected to Euroclear Finland s information systems. The owner shall have overall responsibility for the use of the systems and shall be notified to Euroclear Finland. The owner of the information system of an account operator shall ensure that the users updating the data in the book-entry system either directly or indirectly through a sub-system of another party know their responsibilities as persons maintaining data in the book-entry register. The owner of the information system or the person in charge of registrations or the person appointed thereby shall, without delay, in error situations contact Euroclear Finland s book-entry registrar, who shall chart and issue instructions relating to the rectification measures. Notification of errors shall also be regulated in the Decision of the Managing Director of Euroclear Finland on the duty to draw up a plan on the settlement of errors and discrepancies. 2(5)

3 The owner of an account operator s information system shall ensure compliance with the secrecy obligation of the users of the information system of the account operator. The secrecy obligation shall also be ensured in error situations where irrelevant or otherwise erroneous customer information is transmitted to an account operator from another book-entry register as a result of an error of another account operator User authorisation documentation In systems connected to Euroclear Finland s information systems, the practical arrangements relating to the maintenance of user authorisations shall be dealt with in a reliable and safe manner. A user authorisation shall always be personal and individual. Each user authorisation shall include a reliable identification procedure and it shall be possible to block/freeze each user authorisation, where necessary. Each user shall be responsible for the user authorisation entrusted to him. A party shall ensure that the users understand that reliable and secure care of the user authorisation is a safety factor for the whole system. The authorisation of the performer of each transaction and registration shall be filed as part of the transaction log in all systems connected to Euroclear Finland s systems. If computer software is the source of a transaction in a party s information system, the authorisation identifying the source software of the said transaction shall be registered in the transaction log instead of a user authorisation. The source of each transaction transmitted to Euroclear Finland s information systems shall be identifiable on the basis of the information on the performer registered in the transaction log. Maintenance of a party s user authorisations to Euroclear Finland s information systems shall always be dealt with in accordance with the instructions issued by the business operations unit of the application in question. Maintenance operations shall be carried out only at the request of the information system owner or by a person authorised thereby and the party shall be responsible for these requests as for its own maintenance. All user authorisation registrations pertaining to authorisations to be restricted or to terminated employment relationships shall be processed without delay. If authorisations are restricted or if the employment relationship of a user is terminated, this shall immediately be taken into account in user authorisation specifications. The owner of the system of the account operator shall have at his disposal up-to-date information on the user authorisations of persons updating data in the book-entry register and of their scope. 3(5)

4 3.3. Structural safeguards of the information systems The production and development environments of the systems to be connected to Euroclear Finland s information systems shall operate separately. A party shall ensure that the transmission of test material to Euroclear Finland s production systems from the development environment shall not be possible under any circumstances. The operating principles and technical solutions shall ensure that interruptions in the hardware or software of a party s own systems connected to Euroclear Finland s information systems do not jeopardise the performance of Euroclear Finland s daily schedule in the different systems. If the system of a party connected to Euroclear Finland s systems or a part thereof forms a significant part of the book-entry register or of clearing operations due to the volume of transactions or the service provided, it shall be doubled. For example, the system of an account operator shall always be deemed such a significant system if accounts are kept therein in the name of the customers. In the event of serious malfunction, a backup system shall be available for use within 24 hours. If the information system of a party connected to Euroclear Finland s systems consists of several interconnected sub-systems each having their own data communications connections outside the party s system, the party shall pay special attention to ensuring data security and correctness of both external and cross-system data communications. If transactions that are produced by the customer itself, created by using software or otherwise without the contribution of the user of the party are transmitted from a party s information system of the party to Euroclear Finland s information systems, the security of the procedure shall be ensured prior to its introduction. The correctness and origin of transactions to be transmitted shall be checked. The information system shall keep a log document of transactions transmitted to Euroclear Finland s system. This log shall indicate, in addition to the identification information, the source of the transaction, the time of its registration and the target system Back-up recordings Back-up recordings shall be made at regular intervals of all the information systems of a party connected to Euroclear Finland s information systems. Account operators systems are required to have a separate back-up recording plan indicating back-up recording schedules, the data media and programs to be used, the place and period of storing back-up copies, the measures for taking back-up copies into use and the persons in charge. 4(5)

5 Recovery copies shall be made of the account operator s system so often that recovery of the information system is possible irrespective of the type of interruption and time of its occurrence. If an account operator keeps customer accounts, transaction logs shall ensure that the balances and transaction history of the accounts may be reconstructed. The source code of the programs of the account operator s system shall always be ensured when making changes in the program Change management s in the information system Any significant changes in the software and working methods of an account operator s system shall be tested with the testing environment of the book-entry register prior to their introduction. All changes in the application and utility programs relating to the account operator s system shall be dealt with carefully so as not to interrupt the normal daily operations of the book-entry system. Sufficient back-up recordings shall be made of the account operator s system prior to the transfer of the changes to production so that, in unexpected error situations, it is possible to return to the situation preceding the change Physical security arrangements and access control Physical security arrangements and access control shall be used to ensure no unauthorised persons will, without constant control, have access to premises where the hardware, systems or workstations connected to Euroclear Finland s information systems are located. With regard to the computer hall, operating centre and other similar premises, access control shall be particularly thorough. Forms containing input information of the book-entry system, reports produced by the account operator s system and other corresponding material relating to use of the system shall be classified and stored appropriately so that they will not diminish the data security of the whole system Account operators acting solely on their own behalf The Managing Director of Euroclear Finland may grant an account operator acting solely on its own behalf permission to derogate from these requirements in accordance with this decision where this is possible without jeopardising the reliability of the whole book-entry system. 5(5)