1.   Member States shall establish effective mechanisms to encourage the reporting to competent authorities of breaches of this Regulation.

Those mechanisms shall include at least those referred to in Article 61(2) of Directive (EU) 2015/849.

2.   Payment service providers and crypto-asset service providers, in cooperation with the competent authorities, shall establish appropriate internal procedures for their employees, or persons in a comparable position, to report breaches internally through a secure, independent, specific and anonymous channel, proportionate to the nature and size of the payment service provider or the crypto-asset service provider concerned.