1. A non-qualified trust service provider providing non-qualified trust services shall:
(a) have appropriate policies and take corresponding measures to manage legal, business, operational and other direct or indirect risks to the provision of the non-qualified trust service, which shall, notwithstanding Article 21 of Directive (EU) 2022/2555, include at least measures relating to:
(i) registration and onboarding procedures for a trust service;
(ii) procedural or administrative checks needed to provide trust services;
(iii) the management and implementation of trust services;
(b) notifying the supervisory body, the identifiable affected individuals, the public if it is of public interest and, where applicable, other relevant competent authorities, of any security breaches or disruptions in the provision of the service or the implementation of the measures referred to in point (a)(i), (ii) or (iii), that have a significant impact on the trust service provided or on the personal data mai
…