A registered account information service provider may be a legal person or natural person pursuing a business activity registered in the Republic of Croatia that has been issued a decision by the Croatian National Bank on the entry in the register of payment service providers and electronic money issuers.
The registered account information service provider may not provide other payment services, except account information service.
Submission of the application for entry in the register
A natural person pursuing a business activity registered in the Republic of Croatia or a legal person intending to provide an account information payment service (hereinafter referred to as 'applicant') submits to the Croatian National Bank an application for entry in the register of payment service providers and electronic money issuers, accompanied by other prescribed documentation and information in accordance with Article 132 of the Payment System Act.
The prescribed documentation and information to be submitted to the Croatian National Bank for the purpose of entry in the register of payment service providers and electronic money issuers are specified in the Guidelines on the information to be provided for the authorisation of payment institutions and e-money institutions and for the registration of account information service providers under Article 5(5) of Directive (EU) 2015/2366.
Specific requirements regarding relevant documentation and information submitted by the applicant, based on Article 132, paragraph (2) of the Payment System Act referring to the application of Article 85 of that Act, are governed in more detail in the following regulations:
- with regard to the requirement referred to in Article 85, paragraph (2), item (8) of the Payment System Act for the submission of a description of the rules for the use of information and communication technology (ICT) services are prescribed in more detail in Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (DORA);
- with regard to the requirement referred to in Article 85, paragraph (2), item (9) of the Payment System Act concerning the incident reporting mechanism, incident reporting obligations, prescribed in more detail in Chapter III of Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (DORA), should be taken into account;
- with regard to the requirement referred to in Article 85, paragraph (2), item (11) of the Payment System Act for the submission of a description of business continuity arrangements, including a clear identification of the critical operations, effective ICT business continuity policy and plans, ICT response and recovery plans and a procedure to regularly test and review the adequacy and efficiency of such plans are prescribed in more detail in Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (DORA);
- with regard to the requirement referred to in Article 85, paragraph (2), item (13) of the Payment System Act for the submission of a description of security control and risk mitigation measures taken to ensure a high level of digital operational resilience are prescribed in more detail in Chapter II of Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (DORA) and Guidelines EBA/2019/04 on ICT and security risk management should also be taken into account in addition to their latest amendment (Guidelines amending Guidelines EBA/2019/04 on ICT and security risk management);
- with regard to the requirement for the submission of evidence of a concluded professional indemnity insurance contract or comparable guarantee referred to in Article 132, paragraph (2) of the Payment System Act, the applicant submits the requested evidence in accordance with Article 101 of that Act, i.e. in accordance with the Guidelines on the criteria on how to stipulate the minimum monetary amount of the professional indemnity insurance or other comparable guarantee under Article 5(4) of Directive (EU) 2015/2366.
In addition to the application form and the prescribed documentation, the applicant should also submit a completed and signed Form for the collection and processing of personal data.
Decision of the Croatian National Bank
Based on the submitted application for entry in the register of payment service providers and electronic money issuers and the submitted documentation and information, the Croatian National Bank decides on the application in an administrative procedure and adopts a decision on entry in the register if all the conditions for entry in the register prescribed in Article 131 of the Payment System Act have been met. Legal persons may provide an account information service only after that payment service has been entered as a business activity in the register of companies or the crafts register.
Based on the issued decision on entry in the register, a registered account information service provider may, under the conditions prescribed by the Payment System Act, provide the account information payment service in the territory of another Member State, under the right of establishment (through a branch with a head office in the host Member State or through an agent with a head office or place of residence in the host Member State) or based on the freedom to provide services (directly or through an agent with a head office or place of residence in the host Member State). The registered account information service provider which intends to provide services in the territory of another Member State is required to notify the Croatian National Bank thereof in advance.