Skip to main content
Version status: Applicable | Document consolidation status: Updated to reflect all known changes
Version date: 3 January 2018 - onwards
Version 3 of 3

Article 8 Testing and capacity

1. A data reporting services provider shall implement clearly delineated development and testing methodologies, ensuring that:

(a) the operation of the IT systems satisfies the data reporting services provider's regulatory obligations;

(b) compliance and risk management controls embedded in IT systems work as intended;

(c) the IT systems can continue to work effectively at all times.

2. A data reporting services provider shall also use the methodologies referred to in paragraph 1 prior to and following the deployment of any updates of the IT systems.

3. A data reporting services provider shall promptly notify the competent authority of its home Member State of any planned significant changes to the IT system prior to their implementation.

4. In the case of ARMs, the notifications referred to in paragraph 3 shall also be made to any competent authority to whom the ARM submits transaction reports.

5. A data reporting services provider shall set up an on-going programme for periodically reviewing and, where needed, modifying the development and testing methodologies.