Legal provisions of COM(2022)524 - State of play of preparations for the full implementation of the Interoperability Regulations per Art. 78(5) Regulation 2019/817 and Art. 74(5) of Regulation 2019/818 - Main contents
Please note
This page contains a limited version of this dossier in the EU Monitor.
| dossier | COM(2022)524 - State of play of preparations for the full implementation of the Interoperability Regulations per Art. 78(5) Regulation ... |
|---|---|
| document | COM(2022)524  |
| date | October 13, 2022 |
Brussels, 13.10.2022
COM(2022) 524 final
REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL
on the state of play of preparations for the full implementation of the Interoperability Regulations in accordance with Article 78(5) of Regulation (EU) 2019/817 and Article 74(5) of Regulation (EU) 2019/818
1.Introduction
The implementation of interoperability of information systems, underpinning the area of freedom, security and justice, is essential to strengthen the effectiveness and efficiency of checks at the external borders to prevent illegal immigration, to improve the implementation of the common visa policy, and to prevent, detect and investigate terrorist offences and other serious criminal offences and facilitate the identification of unknown persons.
On 11 June 2019, the Interoperability Regulations 1 entered into force. They lay down provisions on monitoring and evaluation by the Commission 2 and the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA) on the state of implementation of Interoperability. 3
The Commission submitted a first report on the implementation of the Interoperability Regulations on 21 August 2020 4 and a second report on 10 November 2021 5 . This third report covers the period between the publication of the previous progress report in November 2021 and the preparation of this report in July 2022.
This third report comes at a critical time for the interoperability project. Work on the implementation of the Interoperability Regulations continues to progress across Member States, Schengen associated countries and EU agencies with different pace. Some Member States face specific challenges in their preparation for the new IT architecture for EU information systems and their interoperability, linked to national delays in public procurement, contractual issues, insufficient availability of expertise and necessary human resources, among others.
Due to delays in the delivery of the Entry/Exit System (EES) at central level, a revised timeline for the new IT systems was confirmed by the Ministers at the informal meeting of the Justice and Home affairs Council on 11 July 2022. According to the new timeline, the implementation of all the new systems related to the management of the external borders (SIS, EES and ETIAS) will be finalised by the end of 2023 in accordance with the overall political objective, whereas the interoperability components will be developed in the course of 2023 and should be progressively put into operation not later than June 2024.
As a joint endeavour Interoperability requires all stakeholders to work in a coordinated manner as delays in one part of the system affect all. In the coming months, the Commission will continue to closely monitor and support Member States in order to achieve the important goal of interoperability within the agreed timeframe.
2.State of play
Work for the development and implementation of the new IT architecture for EU information systems for borders, migration and security and their interoperability is ongoing. The Commission has kept the Council and the European Parliament closely informed on the progress achieved through annual reporting and through the proceedings of the Commission’s Committees and Expert Groups. In addition, the Commission has regularly invited the European Parliament and the Council to relevant fora for information exchange with the Member States, such as the bi-annual Interoperability Forum. The state of play has also been continuously discussed at technical and political level, including in the relevant Council bodies such as the Council Working Party on JHA Information Exchange (IXIM), Coreper as well as the Justice and Home Affairs Council.
·IT Systems and their interoperability
In November 2022, the Schengen Information System (SIS) will be renewed with new alerts, upgraded data and enhanced functionalities. The novelties in the SIS will improve the system by enhancing cooperation between Member States, protecting the most vulnerable, making better the management of irregular migration, combating criminality and safeguarding the rights of citizens.
In preparation for the entry into operation of the EES in May 2023, all the required implementing and delegated acts have been adopted 6 . The implementation of the system is entering the final development and testing stages both at central and national level. In view of challenges in the timely execution and delivery of the EES at central level, eu-LISA and the Commission engaged in discussions with representatives of the consortium developing the EES to reduce as much as possible the risk of further delays. To alleviate pressure on already charged border-crossing points, the Commission is assessing the possibility of allowing Member States, following the entry into operation of the EES, in exceptional situations, to temporarily create a certain portion of EES files without biometric data.
As regards the European Travel Information and Authorisation System (ETIAS), implementation activities are ongoing for an entry into operation by mid-November 2023. All implementing and delegated acts necessary for the development of the system have been adopted or reached a stable version. The remaining acts are also in the final stages of adoption. An extensive communication campaign as well as a dedicated ETIAS website are being prepared to ensure that travellers to Europe will be adequately informed about the new requirements in a timely manner.
The development of the European Criminal Records Information System on third-country nationals (ECRIS-TCN) is progressing for going live in mid-November 2023 in line with the latest decision of the JHA Council. As regards the Visa Information System (VIS), work is underway in the Commission for the preparation of secondary legislation necessary for the development of the revised VIS, also in the context of the wider interoperability framework.
Substantial efforts are being deployed in the Member States in preparatory work for the entry into operation of the Interoperability components
·Implementing legislation on Interoperability
The Interoperability Regulations provide that implementing legislation should be adopted in order to supplement and implement certain detailed technical aspects of the Regulations. Some of these acts are necessary to fully enable eu-LISA to commence its design and development of the components in the context of the overall system architecture, especially as this requires defining technical specifications and preparing procurement procedures in order to work with contractors. Other acts are needed to lay down technical rules to facilitate operation on the ground by the relevant authorities, for example through the use of standard forms and establishing cooperation procedures to address security incidents.
Since the last progress report, the Commission continued to discuss in the relevant committees and expert groups a series of implementing and delegated acts necessary for the development of the interoperability components. To date, the vast majority of these acts have been adopted in cooperation with the European Parliament and the Council of the EU as foreseen in the applicable procedures 7 . The Commission adopted in total 3 delegated and 9 implementing acts stemming from the Interoperability Regulations on the matters of: technical procedures and replies from the European search portal (ESP) (article 9.7), the performance of the shared biometric matching service (article 13.5), necessary forms in case of a red link (article 32.5) and of a white link (article 33.6), data quality (article 37.4), cooperation procedures in case of security incidents (article 43.5), on operation of the web portal (article 49.6) and on technical solution to manage law enforcement user access requests (article 78.10) 8 . Three of the already adopted acts are under revision in order to incorporate amendments stemming from the new Regulation concerning the Visa Information System (VIS) and consequential amendments to the European Travel Information and Authorisation System (ETIAS): the acts on technical rules for creating links between data from different EU information systems (article 28.7) and for the ESP user profiles (article 8.2) and the act on the Central Repository for Reporting and Statistics (article 39.5). The delegated act on the procedures to determine the cases in which identity data can be considered to be the same or similar (article 28.5) was objected to by the European Parliament in January 2022. The Commission revised the act in order to address the concerns of the European Parliament as well as to incorporate amendments stemming from the new VIS Regulation and consequential amendments to the ETIAS. The preparation process included due consultation of the Interoperability Subgroup of the Expert Group on Information Systems for Borders and Security, with the participation of experts from the European Parliament. The Commission adopted the revised act on same or similar data in July 2022.
One act remains to be adopted – the implementing act on the universal message format (UMF) (article 38.3). This act is undergoing adoption procedure within the Commission at the time of preparation of this report.
3.State of implementation by Member States and Union agencies
The Commission continued to convene on a regular basis meetings with the Member States to discuss the implementation of interoperability of large-scale EU information systems. Since the last progress report in November 2021, the Commission held eight Expert Groups on Interoperability and three Committee meetings on Interoperability to discuss remaining delegated and implementing acts for adoption and revision as well as to support the development of an Interoperability Handbook for end-users.
In 2020, the Commission set up a Rapid Alert Process (RAP-IT) for monitoring the implementation and use of the IT systems in the area of migration, security and justice, and their interoperability. RAP-IT uses existing means and mechanisms to continuously monitor Member States implementation in order to provide feedback and support. Since the creation of RAP-IT, the Commission has made use of it for monitoring and information gathering.
In 2022, the Commission organised with the support of eu-LISA bilateral meetings with over fourteen Member States, Schengen Associated Countries and EU agencies in order to track progress, identify areas of potential concern and ensure readiness for the start of operation of the EU information systems and their interoperability. In addition, the Commission held, with the support of eu-LISA, regular trilateral exchanges with those Member States facing specific challenges in the implementation of the interoperability project in order to provide support for resolving outstanding issues.
In April 2022, the Commission held the seventh Interoperability Forum to discuss progress and outstanding challenges in the implementation of the new IT architecture for EU information systems for borders, migration and security. As per the usual practice, the Commission consulted Member States and EU Agencies on their implementation progress through targeted questionnaires and presented to participants an overview of the state of play of implementation of the new IT architecture for EU information systems for borders, migration and security by Member States and EU agencies. Targeted discussions revolved around the readiness of Member States and EU agencies for the entry into operation of the EU large-scale information systems, progress achieved and outstanding challenges for the timely implementation, including in relation to testing, contracts and financing.
The information exchanges at the Forum showed an overall substantial progress of Member States in a number of areas of preparation for the implementation of the EU information systems and their interoperability. The discussions pointed to an overall visible progress in the preparation of the entry into operation for the SIS recast with an overall confidence by the Member States and eu-LISA that the milestone for the start of operations will be met. The exchanges with the Member States highlighted some critical challenges to be addressed in preparation for the EES, including delays by the eu-LISA contractor, consequences for testing at national level and readiness at border-crossing points. Most Member States reported to be on track for a start of operation of ETIAS and work on VIS is ongoing with the aim to have the system in place as soon as possible. The Commission encouraged Member States and eu-LISA to bring any serious risks of delays to the respective management bodies and political level in order to take full consideration any outstanding risks in view of the planning, governance and politically agreed timelines for the implementation of the new IT architecture. On the basis of outlined progress and outstanding challenges brought forward by Member States and eu-LISA, the Justice and Home Affairs Council confirmed changes to the implementation timeline at its meeting of 11 July 2022.
4.Training needs
Centrally coordinated training at EU level is essential for ensuring the correct and efficient implementation and use of interoperability. The Interoperability Regulations task eu-LISA to provide training on the technical use of the interoperability components and requires Member States authorities and Union agencies to provide training programmes on data security, data quality, data protection rules, the procedures applicable to data processing 9 .
The Commission continued to support Member State and EU agencies with regard to training, including by providing relevant material and information on the use of the interoperability framework and components in dedicated meetings. The Commission regularly participates and supports in particular CEPOL in the process of identifying training needs and it delivered training in relation to the interoperability framework. In particular, the Commission supported the work of the new CEPOL Knowledge Centre on Law Enforcement Cooperation, Information Exchange and Interoperability (CKC INT), including by appointing experts to the relevant work streams.
The Commission also organised two thematic workshops on Interoperability with a focus on various business processes to support Member States in preparation for the implementation of interoperability.
5.EU funds
The Legislative Financial Statement annexed to the European Commission’s proposals for the two Regulations establishing a framework for the interoperability of EU information systems in the area of justice and home affairs indicated that the proposal requires EUR 461 million budget in total over the period 2019-2027. This amount includes relevant budget for the Member States (EUR 136.3 million) for adaptation of their national systems and training to end users, for the EBCG Agency (EUR 4.8 million) for a specialised team to support the MID transitional period, for Europol (EUR 48.9 million) for the necessary upgrade of the agency IT systems, for CEPOL (EUR 2.0 million) for training to operational staff and for eu-LISA (EUR 261.3 million) for the development and maintenance costs of interoperability components as well as for activities related to migration of data, update, network, training and meetings. 10 Current expenditures are below the amounts estimated in the legislative financial statement and no risk of overspending has been identified to date.
In line with the Commission proposal for the Interoperability Regulations, the impact on the operational expenditure for eu-LISA for the development of interoperability is estimated at EUR 45.2 million for the year 2021 and EUR 57.9 million in 2022 11 . According to eu-LISA’s 5th Interoperability Progress Report, by 11 November 2021, the amount of EUR 5.1 million has been used to contract necessary development and implementation activities with the development contract having been signed in December 2021. The agency reports that the plans for budget commitments in 2021 have been impacted negatively, among others, by the Covid-19 pandemic affecting procurement and contracting activities. As a result, eu-LISA had to shorten the duration of some of the planned activities and increase the number of parallel activities 12 .
Member States are encouraged to use the available resources under their Internal Security Fund programmes to implement the Interoperability Regulations. Member States are also invited to prioritise under the new Home Affairs Funds programmes for 2021-2027, in particular the programme of the Instrument for Financial Support for Border Management and Visa Policy (BMVI), actions for the development and further implementation of the interoperability of EU information systems. In addition, the Commission has set up a Specific Action under the BMVI making available a budget of EUR 31.75 million to support Member States to comply with the implementation of the interoperability legal framework. Specifically, funds under this specific action can be used for activities such as adaptation of national business processes, national handbooks and manuals, training of end users, among others. The vast majority of Member States have applied for this specific funding in 2022 – 21 out of 26 eligible Member States. 13
6.Conclusion
The implementation of interoperability is essential for the European Union to render the European border management system fit for purpose and capable of contributing to a more robust control of migration flows and to combatting illegal immigration, terrorism and other serious crimes.
Based on the politically endorsed revised timeline, all the new IT systems related to the management of the external borders will be finalised by the end of 2023 in accordance with the overall political objective. Concerning the interoperability components, delays after the end of 2023 should be reduced to the minimum with the objective of delivering them earlier than June 2024.
The Commission will continue to closely monitor progress and assess the risks for the implementation of the new IT architecture for EU information systems for borders, migration and security and their interoperability. It will continue to regularly engage with all concerned stakeholders, including in the framework of RAP-IT, in order to coordinate and monitor actions, identify areas of potential concern and reduce to a minimum risks related to the implementation of interoperability and to support timely and efficient implementation of the initiative in respect of the politically agreed timeline.
(1)
Regulations (EU) 2019/817 and 2019/818.
(2)
In accordance with Article 78(5) of Regulation (EU) 2019/817 and Article 74(5) of Regulation (EU) 2019/818, the Commission shall submit a report to the European Parliament and to the Council on the state of play of preparations for the full implementation of the Regulations. The report should include detailed information about the costs incurred and information as to any risks that may impact the overall costs, as provided for in the Interoperability Regulations. Reports on the state of play of preparations for the full implementation of interoperability are to be submitted by the Commission every year until the dates of the start of operations of the interoperability components are determined by means of the Commission implementing acts referred to in Article 72 of Regulation (EU) 2019/817 and Article 68 of Regulation (EU) 2019/818.
(3)
In accordance with article 74.2 of the Interoperability Regulations, , eu-LISA has issued regular progress reports on the development of interoperability: 2019-307, 2020-148, 2020-373, 2021-155 and 2021-390 REV2
(4)
COM(2020) 428 final.
(5)
COM(2021) 688 final.
(6)
An implementing act laying down rules on a functionality for the centralised management of lists of authorities for both Entry/Exit Systems and Visa Information System is under preparation at Commission level.
(7)
In accordance with article 290.2 of the Treaty on the Functioning of the European Union, a delegated act may enter into force only if no objection has been expressed by the European Parliament or the Council within a period set by the legislative act.
(8)
Due to the presence of two Interoperability Regulations, two sets of delegated and implementing acts with similar content had to be adopted. Therefore, the total number of adopted acts is double.
(9)
Article 76 Regulation (EU) 2019/817, Article 72 Regulation (EU) 2019/818.
(10)
COM(2018) 478 final.
(11)
COM(2018) 478 final.
(12)
eu-LISA, 5th Interoperability Progress Report 2021-390 REV2.
(13)
The scope of the specific action include all Member States in the Schengen Area that operate external borders. This excludes Ireland and Liechtenstein, but includes the Schengen Associated countries.