Regulation on the Application of EBA Guidelines on Governance Arrangements for Asset-Referenced Token Issuers

Page 1 of 2 Pursuant to the third paragraph of Article 13 of the Banking Act (Official Gazette of the Republic of Slovenia, Nos. 92/21 and 123/21 [ZBNIP]; hereinafter: the ZBan-3) and the first paragraph of Article 31 of the Bank of Slovenia Act (Official Gazette of the Republic of Slovenia, Nos. 72/06 [official consolidated version], 59/11 and 55/17), and in connection with the first indent of the fifth paragraph of Article 4 of the Act Implementing the Regulation (EU) on Markets in Crypto-Assets (Official Gazette of the Republic of Slovenia, No. 95/24), the Governing Board of Banka Slovenije hereby issues the following REGULATION on the application of the EBA Guidelines on the minimum content of the governance arrangements for issuers of asset-referenced tokens Article 1 (purpose and field of application of guidelines) (1) Pursuant to Article 16(1) of Regulation (EU) No 1093/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC (OJ L 331 of 15 December 2010, p. 12; hereinafter: Regulation (EU) No 1093/2010), on 6 June 2024 the European Banking Authority published the Guidelines on the minimum content of the governance arrangements for issuers of asset-referenced tokens (EBA/GL/2024/06; hereinafter: the guidelines) on its website. (2) The guidelines specify the following: a) the minimum content of the governance arrangements for issuers of asset-referenced tokens, in particular regarding the monitoring tools for the risks, the business continuity plans, the internal control mechanism and the audits; and b) the minimum documentation to be used in the audits. (3) The guidelines are applied for the purpose of ensuring sound internal governance arrangements at issuers of asset-referenced tokens, who on the basis of the principle of proportionality should have regard for their risk profile, their size and internal organisation, their business model, and the nature, scale and complexity of their activities. The guidelines regulate the internal governance arrangements on the basis of detailed requirements regarding: a) the role and responsibilities of the management body in its management and supervisory functions; b) the organisational framework and structure on an individual and a consolidated basis; c) the arrangements for the use of outsourcing; d) the risk culture, the corporate values and the code of conduct; e) the internal control framework and mechanisms, and the implementation of internal controls; f) risk management, including operational risk management and ICT risk management; g) the new products policy and arrangements with third-party providers;1 h) the independent internal control functions (risk management function, compliance function and internal audit function); i) the arrangements for business continuity management; and j) the transparency of the operations of issuers of asset-referenced tokens. (4) The guidelines are addressed to:

1. competent authorities defined in point 35(a) of Article 3(1) of Regulation (EU) 2023/1114;

1 Including agreements with third-party entities for operating the reserve of assets, for the investment of the reserve assets, the custody of the reserve assets, or the distribution of the asset-referenced tokens to the public

Page 2 of 2 2. issuers of asset-referenced tokens as defined in point 10 of Article 3(1) of Regulation (EU) 2023/1114, namely asset-referenced tokens as defined in point 6 of Article 3(1) of the aforementioned regulation. When an issuer of asset-referenced tokens is also a credit institution, it is required to uphold Title I, Sections 12, 12.1, 12.2 and 12.3, and Titles V, VI and VII in connection with Directive 2013/36/EU and the EBA’s guidelines on internal governance. Article 2 (content of regulation and scope of application of guidelines) (1) By virtue of this regulation Banka Slovenije sets out the application of the guidelines, and all future amendments thereto unless provided otherwise in respect of a particular amendment to the guidelines, to:

1. banks and savings banks (hereinafter: banks) for whose supervision Banka Slovenije is responsible in accordance with the law governing banking and Council Regulation (EU) No 1024/2013 of 15 October 2013 conferring specific tasks on the European Central Bank concerning policies relating to the prudential supervision of credit institutions (OJ L 287 of 29 October 2013, p. 63), and who have obtained an authorisation to issue asset-referenced tokens in accordance with the law governing banking; and
2. Banka Slovenije, when in accordance with the law governing banking in its role as the competent authority it is exercising supervisory powers and tasks over banks referred to in point 1 of this paragraph. (2) Banks referred to in point 1 of the first paragraph of this article shall take full account of the provisions of the guidelines in the parts addressed to banks. (3) When exercising supervisory powers and tasks in accordance with the ZBan-3 and Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and investment firms and amending Regulation (EU) No 648/2012 (OJ L 176 of 27 June 2013, p. 1), Banka Slovenije shall take full account of the provisions of the guidelines in the parts addressed to the exercise of the powers and tasks of the competent authority. Article 3 (entry into force) This regulation shall enter into force on the day after its publication in the Official Gazette of the Republic of Slovenia, and shall begin to be applied on 20 December 2024. Ljubljana, 4. 11. 2024 Boštjan Vasle President, Governing Board of Banka Slovenije