Finansinspektionen’s regulations regarding protective security (FFFS 2022:17)

Finansinspektionen’s Regulatory Code Publisher: Chief Legal Counsel Eric Leijonram, Finansinspektionen, Sweden, www.fi.se ISSN 1102-7460 This translation is furnished solely for information purposes. Only the printed version of the regulation in Swedish applies for the application of the law. 1 Finansinspektionen’s regulations regarding protective security; decided 25 October 2022. Finansinspektionen, following consultation with the Swedish Security Service and the Swedish Armed Forces, prescribes the following pursuant to Chapter 8, section 10 of the Protective Security Ordinance (2021:955). Scope Section 1 These regulations apply to those that

1. conduct a security-sensitive activity as referred to in Chapter 1, section 1, first paragraph of the Protective Security Act (2018:585), and
2. are included in Finansinspektionen’s scope of supervision pursuant to Chapter 8, section 1 of the Protective Security Ordinance (2021:955). The regulations supplement the Swedish Security Service’s regulations (PMFS 2022:1) on protective security. Section 2 Terms and expressions used in these regulations have the same meaning as those defined in the Protective Security Act (2018:585) and the Protective Security Ordinance (2021:955). Notification of security-sensitive activities Section 3 Provisions regarding that an entity shall notify the supervisory authority that it is conducting a security-sensitive activity and that it has terminated the security-sensitive activity are set out in Chapter 2, section 6 of the Protective Security Act (2018:585). Section 4 An entity shall submit notification pursuant to Chapter 2, section 6 of the Protective Security Act (2018:585) to Finansinspektionen using the form provided on the authority’s website. Notification of protective security agreements Section 5 Provisions regarding that an entity shall notify the supervisory authority of the intention to enter into a protective security agreement, that the agreement has been entered into, and that the agreement has been terminated are set out in Chapter 6, sections 4 and 5 of the Protective Security Ordinance (2021:955). FFFS 2022:17 Published on 31 October 2022

FFFS 2022:17 2 Pursuant to Chapter 7, section 1 of the Swedish Security Service’s regulations (PMFS 2022:1) on protective security, an entity shall submit a notification pursuant to Chapter 6, section 5 of the Protective Security Ordinance using a form as instructed by the Swedish Security Service. Section 6 An entity shall submit to Finansinspektionen notification pursuant to Chapter 6, section 4 of the Protective Security Ordinance (2021:955) if the entity intends to enter a protective security agreement using the form as instructed on the authority’s website. Notification of consultation Section 7 Provisions regarding an entity’s consultation with the supervisory authority in matters requiring protective security agreements and prior to the transfer of security-sensitive activities and certain property are set out in Chapter 4, section 9 and 15 of the Protective Security Act (2018:585). Provisions regarding the required content of a notification of consultation to the supervisory authority are set out in Chapter 7, sections 12 and 13 of the Swedish Security Service’s regulations (PMFS 2022:1) on protective security. Section 8 An entity shall submit notification of consultation to Finansinspektionen using the form as instructed on the authority’s website. Security classification assignment Section 9 Provisions regarding that Finansinspektionen in some cases decides on an assignment of a position to security classification level 2 or 3 are set out in Chapter 5, section 10 of the Protective Security Ordinance (2021:955). Section 10 An entity, when submitting a request to Finansinspektionen for the authority to decide on assignment to a security classification level, shall include a basis for such an assignment. The entity shall submit its request using the form as instructed by the authority on its website. Register controls Section 11 Provisions regarding that the Swedish Security Service shall a perform register control, or a special personal investigation, when an employment or other participation in a security-sensitive activity has been assigned to a security classification level are set out in Chapter 5, sections 11, 14, and 16 of the Protective Security Ordinance (2021:955). The party deciding on a security classification assignment, pursuant to Chapter 6, section 7 of the Swedish Security Service’s regulations (PMFS 2022:1) on protective security, shall apply for a register control and special personal investigation using the form as instructed by the Swedish Security Service. Section 12 An entity shall submit a request that Finansinspektionen apply for a register control or special personal investigation using a form as referred to in section 11. The entity shall include with its request a confirmation that the party to whom the control or investigation refers has agreed to the control.

FFFS 2022:17 3 Exceptions Section 13 Finansinspektionen may decide on exceptions to the requirement to use a certain form given special grounds.

---

These regulations shall enter into force on 01 December 2022. ERIK THEDÉEN Anna Körlof