(1) An ARM shall have adequate policies and arrangements in place to report the information required under Article 26 of Regulation (EU) No 600/2014 immediately, and no later than the close of the working day following the day on which the transaction took place.
(2) The information required under paragraph (1) shall be reported in accordance with the requirements laid down in Article 26 of Regulation (EU) No 600/2014.
(3) An ARM shall operate and maintain effective administrative arrangements designed to prevent conflicts of interest with its clients and, in particular, an ARM which is also a market operator or investment firm shall treat all information collected in a non-discriminatory fashion and shall operate and maintain appropriate arrangements to separate different business functions.
(4) An ARM shall have sound security mechanisms in place designed to -
(a) guarantee the security and authentication of the means of transfer of information,
(b) minimise the risk of data cor