On 21 October 2024, a new role of permission administrator was introduced.
We presented details of these changes in the correspondence below:
FAQ
What is the role of the permission administrator?
The permission administrator is a person authorised by a participant to grant and revoke permissions on its behalf to other persons to act in KDPW applications in the roles of user or administrator of a particular service.
How do I request permission administrator access?
Requests for permission administrator access can be submitted in the Service Portal https://online.kdpw.pl/
Requests are made in the same was as requests for service administrator or user access, by completing a form in the application.
Requests are made in the same was as requests for service administrator or user access, by completing a form in the application.
Who can act as permission administrator, only the Company’s Management Board?
The function of permission administrator may be performed by any person who is authorised to represent the company in this respect. This can be a member of the Management Board, if he or she has the authority to represent the Company single-handedly or holds a power of attorney from the Management Board granted to him or her to act as permission administrator, or any other person who is an agent of the Company.
Can the permission administrator process events in the application?
No. A permission administrator in this role does not have the authority to act directly in the application. Nevertheless, a person in this role can simultaneously act as a service user but must submit a separate access request in this role. The user’s access request must in this case be approved by another administrator as a person in the permission administrator role cannot authorise themselves to act in the application in another role.
Can a permission administrator act as a user in an application?
The role of permission administrator is solely to manage access for persons acting in other roles (user, service administrator), and therefore, when acting in permission administrator role, they will not have access to the application’s production environments.
However, a person acting as permission administrator can access the application as a user, but their permissions will have to be approved by another person acting as administrator.
However, a person acting as permission administrator can access the application as a user, but their permissions will have to be approved by another person acting as administrator.
Can a permission administrator approve a user request for themselves?
No. A request for user rights from a person in the role of permission administrator must be approved by another administrator.
Can there be more than one permission administrator?
Yes. A participant may authorise more than one person to act as permission administrator.
I am a direct participant of KDPW. After the introduction of the permission administrator under the LEI code, will the permissions for application users be granted as before under the participation codes?
Yes, once the changes have been implemented, user access to KDPW applications will continue unchanged, i.e. separately for each application and separately for each institution code.
I am a direct participant of KDPW. Can I appoint a permission administrator for each institution code I hold in KDPW?
No, the new permission model does not allow you to appoint a permission administrator for each institution code. The permission administrator (new role) will manage permissions for all institution codes of the direct participant (in CSD services), as well as permissions under the entity's other institution codes in other KDPW services (e.g. TR, ARM, if the entity is a participant in those services) included in the group of services assigned to the direct participant.
However, it will still be possible for the permission administrator to appoint a service administrator (existing role) to manage user permissions within a given application which the participant uses under a given institution code.
However, it will still be possible for the permission administrator to appoint a service administrator (existing role) to manage user permissions within a given application which the participant uses under a given institution code.
Can an entity which is both a KDPW direct participant and an issuer appoint one person as permission administrator to manage access to all KDPW applications?
No. If a participant holds both issuer and direct participant status, it is required to appoint at least two permission administrators, one for each participation status.
I am a direct participant of KDPW. Will the changes related to the introduction of the permission administrator affect the administrator permissions I currently hold?
No, the introduction of the new role of permission administrator will not affect the existing permissions granted in KDPW applications to administrators of the applications (the only exception being the permissions granted to persons representing FIZ in the Benefit Payments application – see question below).
Therefore, the roles of service administrator that have been granted so far will still be able to be performed. These roles apply only in individual applications, while the role of permission administrator covers all applications in which the participant acts or will act in the future. Therefore, the role of the current service administrator has much narrower permissions than the role of permission administrator, so the participant will be required to appoint a person or persons to perform this role.
Therefore, the roles of service administrator that have been granted so far will still be able to be performed. These roles apply only in individual applications, while the role of permission administrator covers all applications in which the participant acts or will act in the future. Therefore, the role of the current service administrator has much narrower permissions than the role of permission administrator, so the participant will be required to appoint a person or persons to perform this role.
Does the obligation to establish a permission administrator cover all issuers of securities which have an agreement with KDPW?
The obligation to establish a permission administrator for the applications offered by KDPW in the services provided to issuers of securities, such as Corporate actions, General Meetings, Issuers' Obligations, only covers those issuers which access these applications directly and not through other entities representing them.
The obligation therefore does not cover issuers acting through an issue agent and a paying agent.
The obligation therefore does not cover issuers acting through an issue agent and a paying agent.
Are participants with issuer status who have not yet obtained or requested access to KDPW applications due to their issue being handled by the Paying Agent required to appoint a permission administrator?
No. Issuers on whose behalf paying agents are acting are not required to appoint a permission administrator.