Central Bank-designated roles

The Central Bank shall undertake continuous monitoring of its supervised entities.

The Central Bank will operate through its mandate of oversight and supervision to ensure that their licensees and entities under their supervision:

1. Offer their services to DFSPs:

   • At a high technical level;

   • At a high security level;

   • At a high availability level in ensuring uninterrupted communications and/or data transfer for customers;

   • In an effective and affordable manner;

   • In a fair and equitable manner;

   • Not in a manner that may amount to abuse of their license or authorization to operate to the detriment of other entities reliant on these resources.

   • Transparently;

   • Without exercising any price, access, and Quality of Service differentiation between DFSPs;

   • Without delaying the transfer and the delivery of any service messages;

   • Without violating any intellectual property rights

   • Whilst ensuring the availability of service access in accordance with applicable standards;

2. Do not act in a manner that may amount to anti-competitive behaviour.

3. Undertake, as may be required, continuous testing, intrusion filtering and monitoring of their infrastructure to ensure that there is no unauthorized access, disruption, or use; and expeditiously:

   • Provide to the Central Bank reports on penetration tests that relate to the security of their systems. These reports must include any remedial action taken if applicable.

   • Provide to the Central Bank reports on incidents that relate to authorized access to their systems and data. These reports must include any actual and potential data losses and breaches of consumer data protection measures, and any remedial action taken.

   • Implement the most recent international technical and security standards;

4. Allow DFS consumers to choose any of the available DFSPs, without any restrictions, discrimination, or preferential treatment among them.