1. A financial information service provider shall be eligible to access customer data under Article 5(1) if it is authorised by the competent authority of a Member State.
2. A financial information service provider shall submit an application for authorisation to the competent authority of the Member State of establishment of its registered office, together with the following:
(a) a programme of operations setting out in particular the type of access to data envisaged;
(b) a business plan including a forecast budget calculation for the first 3 financial years which demonstrates that the applicant is able to employ the appropriate and proportionate systems, resources and procedures to operate soundly;
(c) a description of the applicant's governance arrangements and internal control mechanisms, including administrative, risk management and accounting procedures, as well as arrangements for the use of ICT services in accordance with Regulation (EU) 2022/2554 of the European Parliament and
…