Commission Implementing Regulation (EU) 2019/917 of 4 June 2019 establishing tech... (32019R0917)
EU - Rechtsakte: 19 Area of freedom, security and justice

COMMISSION IMPLEMENTING REGULATION (EU) 2019/917

of 4 June 2019

establishing technical specifications, measures and other requirements required for the system of interconnection of insolvency registers in accordance with Article 25 of Regulation (EU) 2015/848 of the European Parliament and of the Council

THE EUROPEAN COMMISSION,
Having regard to the Treaty on the Functioning of the European Union,
Having regard to Regulation (EU) 2015/848 of the European Parliament and of the Council of 20 May 2015 on insolvency proceedings (1), and in particular Article 25(2)(a) to (f) thereof,
Whereas:
(1) In order to establish the system of interconnection of insolvency registers, it is necessary to define and adopt technical specifications, measures and other requirements which ensure uniform conditions for the implementation of the system.
(2) The technical specifications, measures and other requirements provided for in this Regulation are in accordance with the opinion of the Committee on Insolvency Proceedings,
HAS ADOPTED THIS REGULATION:

Article 1

The technical specifications, measures and other requirements which ensure uniform conditions for the implementation of the system of interconnection of insolvency registers referred to in Article 25(2)(a) to (f) of Regulation (EU) 2015/848 shall be as set out in the Annex.
The insolvency registers shall be interconnected according to these technical specifications, measures and other requirements by 30 June 2021.

Article 2

This Regulation shall enter into force on the twentieth day following that of its publication in the
Official Journal of the European Union
.
This Regulation shall be binding in its entirety and directly applicable in all the Member States in accordance with the Treaties.
Done at Brussels, 4 June 2019.
For the Commission
The President
Jean-Claude JUNCKER
(1)  
OJ L 141, 5.6.2015, p. 19
.

ANNEX

SETTING OUT THE TECHNICAL SPECIFICATIONS, MEASURES AND OTHER REQUIREMENTS REFERRED TO IN ARTICLE 1

1.   

Subject matter

The Insolvency Registers Interconnection system (IRI) is a decentralised system interconnecting the national registers and the European e-Justice Portal. IRI serves as a central search service making available all of the mandatory information on insolvency set by Regulation (EU) 2015/848 along with any other information or documents included in the national registers.

2.   

Definitions

(a) ‘HyperText Transport Protocol Secure’ or ‘HTTPS’ means encrypted communication and secure connection channels;
(b) ‘Insolvency record’ means the set of information concerning insolvency proceedings of one debtor referred to in Article 24 of Regulation (EU) No 2015/848 that is to be published in the national electronic insolvency registers and available via the central public electronic access point (the European e-Justice Portal), as set out in Article 25 of Regulation (EU) 2015/848;
(c) ‘MS IR end-point’ means the source of the insolvency record information; acting as the owner of this information, a MS IR end-point is consulted by the e-Justice Portal and provides the requested data;
(d) ‘National Registration Number’ means the register number under which the legal entity is registered in the Commercial Register or Comparable register or the Personal Identification Number or equivalent for individuals.
(e) ‘Non-repudiation of origin’ means the measures providing the proof of the integrity and proof of origin of the data through methods such as digital certification, public key infrastructure and digital signatures;
(f) ‘Non-repudiation of receipt’ means the measures providing the proof of the receipt of the data to the originator by the intended recipient of the data through methods such as digital certification, public key infrastructure and digital signatures;
(g) ‘Platform’ means the central search system part of the e-Justice Portal;
(h) ‘Registers’ means insolvency registers as set out in article 24 of Regulation (EU) 2015/848;
(i) ‘Simple Object Access Protocol’ means, as per the standards of World Wide Web Consortium, a messaging protocol specification for exchanging structured information in the implementation of web services in computer networks;
(j) ‘Web service’ means a software system designed to support interoperable machine-to-machine interaction over a network; it has an interface described in a machine-processable format.

3.   

Methods of communication

3.1.   IRI shall use service-based methods of electronic communication, such as Web-services or other reusable Digital Service Infrastructures, for the purpose of interconnection of registers.
3.2.   The communication between the e-Justice Portal and the platform, and between a MS IR end-point and the platform, shall be one-to-one communication. The communication from the platform to the registers may be one-to-one communication or one-to-many communication.

4.   

Communication protocols

4.1.   Secure internet protocols, such as HTTPS, shall be used for the communication between the portal, the platform, the registers and the optional access points.
4.2.   Standard communication protocols, such as Simple Object Access Protocol, shall be used for the transmission of structured data and metadata.

5.   

Security standards

For the communication and distribution of information via IRI, the technical measures for ensuring minimum information technology security standards shall include:
(a) measures to ensure confidentiality of information, including by using secure channels (HTTPS);
(b) measures to ensure the integrity of data while being exchanged;
(c) measures to ensure the non-repudiation of origin of the sender of information within IRI and the non-repudiation of receipt of information;
(d) measures to ensure logging of security events in line with recognized international recommendations for information technology security standards;
(e) measures to ensure the authentication and authorisation of any registered users and measures to verify the identity of systems connected to the portal, the platform or the registers within IRI;
(f) measures to protect against automated searches, such as using the captcha module, and copying of registers, such as limiting the results returned by each register to a maximum number.

6.   

Data to be exchanged between registers and IRI

6.1.   The common set of information with the same structure and types for all registers in the Member States is referred to as ‘core insolvency record’
Each Member State shall have the possibility to extend the core insolvency record with specific information. The data from the insolvency record shall be modelled based on the established interface specification.
6.2.   The exchange of information shall also include messages necessary for the acknowledgement of receipt, logging and reporting.

7.   

Structure of the standard message format

The exchange of information between the registers, the platform and the portal shall be based on standard data-structuring methods and shall be expressed in a standard message format such as XML.

8.   

Data for the platform

8.1.   Interoperability requirements mandate that the services to be exposed by each Register are unified and present the same interface so that the calling application, such as the e-Justice portal has to interact with one single kind of interface exposing a common set of data elements. This approach requires that Member States align their internal data structure to meet the interface specifications provided by the Commission.
8.2.   The following type of data shall be provided for the platform to perform its functions:
(a) data allowing for the identification of systems that are connected to the platform; those data could consist of URLs identifying each system within IRI;
(b) any other operational data that is necessary for the platform to ensure the proper and efficient functioning of the search service and the interoperability of registers; those data may include code lists, reference data, glossaries and related translations of those metadata, as well as logging and reporting data.
8.3.   The data and metadata handled by the platform shall be processed and stored in line with the security standards outlined in section 5 of this Annex.

9.   

Methods of operation of the system and information technology services provided by the platform

9.1.   For the distribution and exchange of information, the system shall be based on the following technical method of operation:
(a) for the delivery of messages in the relevant language version, the platform shall provide reference data artefacts, such as code lists, controlled vocabularies and glossaries;
(b) where relevant, the terms from the vocabularies and glossaries shall be translated into the EU official languages; where possible, recognised standards and standardized messages shall be used.
9.2.   The Commission will share with Member States the details on the technical method of operation and the implementation of the information technology services provided by the platform.

10.   

Search criteria

10.1.   At least one country must be selected when running a search via IRI.
10.2.   The Portal shall provide the following harmonised criteria for the search:
(a) name,
(b) national Registration Number
These two criteria can be used alternatively and additionally.
10.3.   Further search criteria may be available on the Portal.

11.   

Payment modalities

11.1.   For the documents and particulars for which Member States charge fees and which are made available on the e-Justice portal via IRI, the system shall allow users to pay online by using widely used payment modalities such as credit and debit cards.
11.2.   The system may also provide alternative online payment methods, such as bank transfers or virtual wallets (deposit).

12.   

Availability of services

12.1.   The service time frame shall be 24/7days, with an availability rate of the system of at least 98 % excluding scheduled maintenance.
12.2.   Member States shall notify the Commission of maintenance activities as follows:

(a)

five working days in advance for maintenance operations that may cause an unavailability period of up to 4 hours;

(b)

10 working days in advance for maintenance operations that may cause an unavailability period of up to 12 hours;

(c)

30 working days in advance for infrastructure computer room maintenance, which may cause up to six days unavailability period per year.

To the extent possible, maintenance operations shall be planned outside working hours (19:00h-8:00h CET).
12.3.   Where Member States have fixed weekly service windows, they shall inform the Commission of the time and day of the week when such fixed weekly windows are planned. Without prejudice to the obligations in points (a) to (c) of point 12.2, if Member States systems become unavailable during such a fixed window, Member States may choose not to notify the Commission on each occasion.
12.4.   In case of unexpected technical failure of the Member States systems, Member States shall inform the Commission without delay of their system unavailability, and, if known, of the projected resuming of the service.
12.5.   In case of any change that may affect the connection with the central platform, the Member State shall inform the Commission in advance, as soon as sufficient technical details in relation to the change are available.
12.6.   In case of unexpected failure of the central platform or of the portal, the Commission shall inform the Member States without delay of the platform or portal unavailability, and if known, of the projected resuming of the service.

13.   

Rules of Transcription and transliteration

Each Member State implementation shall support the national standards of transcription, romanisation and transliteration in relation to the usage of special characters, the search input and the returned results.
Markierungen
Leseansicht