Official Journal of the European Union
COMMISSION IMPLEMENTING REGULATION (EU) No 802/2014
of 24 July 2014
establishing models for national programmes and establishing the terms and conditions of the electronic data exchange system between the Commission and Member States pursuant to Regulation (EU) No 514/2014 of the European Parliament and of the Council laying down general provisions on the Asylum, Migration and Integration Fund and on the instrument for financial support for police cooperation, prevention and combating crime and crisis management
THE EUROPEAN COMMISSION,
Having regard to the Treaty on the Functioning of the European Union,
Having regard to Regulation (EU) No 514/2014 of the European Parliament and of the Council of 16 April 2014 laying down general provisions on the Asylum, Migration and Integration Fund and on the instrument for financial support for police cooperation, preventing and combating crime, and crisis management (1), and in particular Articles 14(4) and 24(5) thereof,
Regulation (EU) No 514/2014 together with the Specific Regulations referred to in Article 2(a) of Regulation (EU) No 514/2014, constitute a framework for Union funding to support the development of the area of freedom, security and justice.
Regulation (EU) No 514/2014 requires each Member State to propose a multiannual national programme. To ensure that the information provided to the Commission is consistent and comparable, it is necessary to establish a model which the national programme should follow.
Pursuant to Article 24(5) of Regulation (EU) No 514/2014 all official exchanges of information between Member States and the Commission are to be carried out using an electronic data exchange system. It is therefore necessary to establish the terms and conditions with which that electronic data exchange system should comply. In order to be cost-effective and ensure overall coherence with all Union shared management Funds, the terms and conditions of the electronic data exchange system are the same, to the extent possible, as those provided for in Commission Implementing Regulation (EU) No 184/2014 (2).
In order to improve the quality of information exchanged, and to render the information exchange system simpler and more useful, it is necessary to lay down basic requirements regarding the form and scope of the information to be exchanged.
Principles and rules should be laid down regarding the identification of the party responsible for uploading documents into the electronic data exchange system and updating those documents
Technical characteristics for an efficient electronic exchange system should be established in order to reduce the administrative burden for Member States and the Commission.
To ensure that both Member States and the Commission can continue to exchange information in cases of force majeure that hinder the use of electronic data exchange system, alternative means to encode and transfer data need to be specified.
Member States and the Commission should ensure that transfer of data through the electronic data exchange system is performed in a secured manner allowing for availability, integrity, authenticity, confidentiality and non-repudiation of information. Therefore rules on security should be set out.
This Regulation respects the fundamental rights and observes the principles recognised by the Charter of Fundamental Rights of the European Union, and notably the right to protection of personal data. This Regulation should therefore be applied in accordance with these rights and principles. Concerning personal data processed by Member States, Directive 95/46/EC of the European Parliament and of the Council (3) applies. Concerning the processing of personal data by the Union institutions and bodies and the free movement of such data, Regulation (EC) No 45/2001 of the European Parliament and of the Council (4) applies.
In order to allow for the prompt application of the measures provided for in this Regulation and not delay the approval of the national programmes, this Regulation should enter into force on the day following that of its publication in the Official Journal of the European Union.
The United Kingdom and Ireland are bound by Regulation (EU) No 514/2014 and are as a consequence bound by this Regulation.
Denmark is not bound by Regulation (EU) No 514/2014 nor by this Regulation.
The measures provided for in this Regulation are in accordance with the opinion of the ‘Asylum, Migration and Integration and Internal Security Funds’ Committee.
HAS ADOPTED THIS REGULATION:
Models for national programmes
The model for national programmes is set out in the Annex.
Establishment of electronic data exchange system
The Commission shall establish an electronic data exchange system for all official exchanges of information between Member States and the Commission (hereinafter referred to as ‘SFC2014’).
Content of electronic data exchange system
1. SFC2014 shall contain at least the information specified in the models, formats and templates established in accordance with Article 1 of this Regulation, that are in accordance with the Regulation (EU) No 514/2014 and the Specific Regulations referred to in Article 2(a) of Regulation (EU) No 514/2014.
2. The information provided in the electronic forms embedded in SFC2014 (hereinafter referred to as ‘structured data’) shall not be replaced by non-structured data, including the use of hyperlinks or other types of non-structured data such as attachment of documents or images. Where a Member State transmits the same information in the form of structured data and non-structured data, the structured data shall be used in case of inconsistencies.
Operation of SFC2014
1. The Commission and the competent authorities referred to in Article 25 of Regulation (EU) No 514/2014 shall enter into SFC2014 the information for the transmission of which they are responsible, and any updates thereto.
2. Any transmission of information to the Commission shall be verified and submitted by a person other than the person who entered the data for that transmission. This separation of tasks shall be supported by SFC2014 or by the Member State's management and control information systems connected automatically with SFC2014.
3. Member States shall appoint, at national or regional level or at both national and regional levels, one or more persons responsible for managing access rights to SFC2014. Those persons shall fulfil the following tasks:
identifying users requesting access, making sure those users are employed by the organisation;
informing users about their obligations to preserve the security of the system;
verifying the entitlement of users to the required privilege level in relation to their tasks and their hierarchical position;
requesting the termination of access rights when those access rights are no longer needed or justified;
promptly reporting suspicious events that may undermine the security of the system;
ensuring the continued accuracy of user identification data by reporting any changes;
taking the necessary data protection and commercial confidentiality precautions in accordance with applicable Union and national rules; and
informing the Commission of any changes affecting the capacity of the Member State authorities or users of SFC2014 to carry out the responsibilities referred to in paragraph 1 or their personal capacity to carry out the responsibilities referred to in points (a) to (g).
4. Exchanges of data and transactions shall bear a compulsory electronic signature within the meaning of Directive 1999/93/EC of the European Parliament and of the Council (5). Member States and the Commission shall recognise the legal effectiveness and admissibility of the electronic signature used in SFC2014 as evidence in legal proceedings.
5. Information processed through SFC2014 shall respect the protection of privacy of personal data for individuals and commercial confidentiality for legal entities in accordance with Directive 2002/58/EC of the European Parliament and of the Council (6), Directive 2009/136/EC of the European Parliament and of the Council (7), Directive 95/46/EC and Regulation (EC) No 45/2001.
Characteristics of SFC2014
In order to ensure the electronic exchange of information, SFC2014 shall have the following characteristics:
interactive forms or forms pre-filled by the system on the basis of data already previously recorded in the system;
automatic calculations, where they reduce the encoding effort of users;
automatic embedded controls to verify internal consistency of transmitted data and consistency of this data with applicable rules;
system-generated alerts warning SFC2014 users that certain actions can or cannot be performed;
online status tracking of the treatment of information entered into the system; and
availability of historical data in respect of all information entered for a national programme.
Transmission of data through SFC2014
1. SFC2014 shall be accessible to Member States and the Commission either directly through an interactive user interface (that is to say, a Web application) or via a technical interface using predefined protocols (that is to say, Web services) that allows for automatic synchronisation and transmission of data between Member States information systems and SFC2014.
2. The date of electronic transmission of information by the Member State to the Commission and vice versa shall be considered to be the date of submission of the document concerned.
3. In cases of force majeure, a malfunctioning of SFC2014 or a lack of a connection with SFC2014 exceeding one working day in the last week before a regulatory deadline for the submission of information or five working days at other times, the information exchange between Member State and the Commission may take place in paper form using the models, formats and templates referred to in Article 3(1).
When the electronic exchange system ceases to malfunction, the connection with that system is re-established or the cause of force majeure ceases, the party concerned shall enter without delay the information already sent in paper form into SFC2014.
4. In cases referred to in paragraph 3 the date stamped by the post shall be considered to be the date of submission of the document concerned.
Security of data transmitted through SFC2014
1. The Commission shall establish an information technology security policy (hereinafter referred to as ‘SFC IT security policy’) for SFC2014 applicable to personnel using SFC2014 in accordance with relevant Union rules, in particular Commission Decision C(2006)3602 (8) and its implementing rules. The Commission shall designate one or more persons responsible for defining, maintaining and ensuring the correct application of the security policy for SFC2014.
2. Member States and European institutions other than the Commission, who have received access rights to SFC2014, shall comply with the IT security terms and conditions published in the SFC2014 portal and the measures that are implemented in SFC2014 by the Commission to secure the transmission of data, in particular in relation to the use of the technical interface referred to in Article 6(1) of this Regulation.
3. Member States and the Commission shall implement and ensure effectiveness of security measures adopted to protect the data they have stored and transmitted through SFC2014.
4. Member States shall adopt national, regional or local information technology security policies covering access to SFC2014 and automatic input of data into it, ensuring a minimum set of security requirements. These national, regional or local IT security policies may refer to other security documents. Each Member State shall ensure that these IT security policies apply to all authorities using SFC2014.
5. These national, regional or local IT security policies shall include:
the IT security aspects of the work performed by the person or persons responsible for managing the access rights referred to in Article 4(3) of this Regulation when working directly in SFC2014; and
the IT security measures for those national, regional or local computer systems connected to SFC2014 through a technical interface referred to in Article 6(1) of this Regulation.
For the purposes of point (b) of the first subparagraph, the following aspects of IT security shall be covered, as appropriate:
data media and access control;
access and password control;
interconnection to SFC2014;
human resources; and
6. The national, regional or local IT security policies shall be based on a risk assessment and the measures described shall be proportionate to the risks identified.
7. The documents setting out the national, regional or local IT security policies shall be made available to the Commission upon request.
8. Member States shall designate, at a national or regional level, one or more persons responsible for maintaining and ensuring the application of the national, regional or local IT security policies. That person or those persons shall act as contact point with the person or persons designated by the Commission and referred to in paragraph 1.
9. Both the SFC IT security policy and the relevant national, regional or local IT security policies shall be updated in the event of technological changes, the identification of new threats or other relevant developments. In any event, they shall be reviewed on an annual basis to ensure that they continue to provide an appropriate response.
This Regulation shall enter into force on the day following that of its publication in the Official Journal of the European Union.
This Regulation shall be binding in its entirety and directly applicable in Member States in accordance with the Treaties.
Done at Brussels, 24 July 2014.
For the Commission
José Manuel BARROSO
(1) OJ L 150, 20.5.2014, p. 112.
(2) Commission Implementing Regulation (EU) No 184/2014 of 25 February 2014 laying down pursuant to Regulation (EU) No 1303/2013 of the European Parliament and of the Council laying down common provisions on the European Regional Development Fund, the European Social Fund, the Cohesion Fund, the European Agricultural Fund for Rural Development and the European Maritime and Fisheries Fund and laying down general provisions on the European Regional Development Fund, the European Social Fund, the Cohesion Fund and the European Maritime and Fisheries Fund, the terms and conditions applicable to the electronic data exchange system between the Member States and the Commission and adopting pursuant to Regulation (EU) No 1299/2013 of the European Parliament and of the Council on specific provisions for the support from the European Regional Development Fund to the European territorial cooperation goal, the nomenclature of the categories of intervention for support from the European Regional Development Fund under the European territorial cooperation goal (OJ L 57, 27.2.2014, p. 7).
(3) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (OJ L 281, 23.11.1995, p. 31).
(4) Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data (OJ L 8, 12.1.2001, p. 1).
(5) Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures (OJ L 13, 19.1.2000, p. 12).
(6) Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) (OJ L 201, 31.7.2002, p. 37).
(7) Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC on universal service and users' rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws (OJ L 337, 18.12.2009, p. 11).
(8) Commission Decision C(2006) 3602 of 16 August 2006 concerning the security of information systems used by the European Commission.
MODEL FOR NATIONAL PROGRAMME
Competent authorities responsible for the management and control systems (Article 25 of Regulation (EU) No 514/2014)
Identification and contact details:
Name of the authority
Head of the authority
Date of designation
Delegated Authority 1
Delegated Authority 2
Delegated Authority n (10 max)
Attached document: notification of designation with:
the main division of responsibilities between its organisational units;
where appropriate, its relationship with delegated authorities, the activities to be delegated, and the main procedures for supervising these delegated activities; and
a summary of the main procedures for processing financial claims from beneficiaries and for authorising and recording expenditure
Provide a summary description of the envisaged management and control system (Article 14(2)(g) of Regulation (EU) No 514/2014).
Provide an overall summary of the entire programme, highlighting national strategies, national objectives and targets (desired outcomes and results).
Baseline situation in the Member State (article 14(2)(a) and (b) of Regulation (EU) No 514/2014)
The baseline situation is a summary of the state of play as of December 2013 in the Member State for the fields relevant to the Fund. This section shall include:
a description of the baseline situation in the Member State, completed with the necessary factual information to assess the requirements correctly,
an analysis of requirements in the Member State, including the key issues from the outcome of the policy dialogue,
measures undertaken so far, including measures implemented with the former Home Affairs Funds,
national needs assessment, including challenges identified in relevant evaluations, and
indicative annual resources from the national budget, broken down by specific objectives set in the national programmes.
The information must be self-contained and cannot refer to information in attached documents or contain hyperlinks. A document may be attached with additional details.
Any attached document will not form part of the Commission decision approving the national programme referred to in Article 14(7) of Regulation (EU) No 514/2014.
Programme objectives (article 14(2)(b), (c) and (d) of Regulation (EU) No 514/2014)
The information in the specific objectives shall be self-contained and cannot refer to information in any attached document or contain hyperlinks.
Specific objective (as laid down in the Specific Regulations): provide the appropriate strategy, identifying the national objectives, including a description of how the objectives of the Specific Regulations are covered, in order to meet the requirements identified in the baseline situation.
: provide a brief description of the main actions to achieve the national objective, indicating those example actions that will be supported by the national programme (i.e. funding priorities), and as part of the description provide the targets (desired outcomes and results).
Specific action (as laid down in the Specific Regulations):
describe how the action will be carried out and provide justification for the allocated amount,
for joint actions (transnational projects), the lead Member State only should list the participating Member States, including their role and possible financial contribution, if applicable, and
participating Member States should describe their role and financial contribution, if applicable.
SPECIFIC OBJECTIVE N: Title
National objective n: title
Specific action n: title
Indicative timetable: for each national objective enter the three main actions to be supported with the national programme. For each action enter the year when it is planned (e.g. call for proposals), when it will be implemented (e.g. contracts/grants signed), and when the action will be closed or completed (e.g. final report).
(Article 14(2)(c) of Regulation (EU) No 514/2014)
Name of action
Start of planning
Start of implementation
Specific objective n:
National objective n:
In the case where the national programme includes pledging, provide the numbers for each category for the respective pledging period, when applicable.
By completing the pledging plan, the Member State confirms that there is an official national commitment to honour the pledge during the respective pledging period and that the measures will be effectively carried out during the period.
Pledging plan: provide a justification for the pledge, the official commitment to honour the pledge, an indicative timetable, selection process and operations needed to carry out the pledge.
Common indicators and programme specific indicators (article 14(2)(f) of Regulation (EU) No 514/2014)
Common indicator (as set out in the Specific Regulations): for each specific objective pursued provide the target value for each common indicator and the source of the data (e.g. project reports).
In the case where the national programme includes programme-specific indicators provide: the link to the relevant specific objective; a description of the indicator; the measurement unit; the baseline value; the target value to reach; and the source of the data. Each programme-specific indicator must be linked to a single specific objective.
Source of data
Specific objective n: title
Framework for preparation and implementation of the programme by the Member State
6.1. Partnership involvement in the preparation of the programme (Article 12(3) of Regulation (EU) No 514/2014)
Summary of the approach taken, the composition and involvement of partners and key stages of broader consultation, where relevant, including a list of the main partners (or types of partners) involved or consulted.
6.2. Monitoring Committee (Article 12(4) of Regulation (EU) No 514/2014)
6.3. Common monitoring and evaluation framework (Article 14(2)(f) of Regulation (EU) No 514/2014)
Provide a brief description of the planned approach and methods to be used.
Include replies to the following:
Where will the evaluation and monitoring function be located? Who will be the entity responsible for evaluation?
Will the evaluation or monitoring be outsourced?
How will data on projects and indicators be collected (monitoring system)?
6.4. Partnership involvement in the implementation, monitoring and evaluation of the national programme (Articles 12(3) and 14(2)(h) of Regulation (EU) No 514/2014)
Provide a brief description of the approach that will be taken for partners, their level of involvement and key stages of broader consultation, where relevant, including a list of the types of partners involved or consulted (or the main partners).
6.5. Information and publicity (Articles 14(2)(j) and 53 of Regulation (EU) No 514/2014)
Provide a description of the mechanisms and methods to be used to publicise the national programme.
6.6. Coordination and complementarity with other instruments (Article 14(2)(e) and 14(5)(f) of Regulation (EU) No 514/2014)
Briefly describe the mechanisms to ensure coordination between the instruments established by the Specific Regulations and with other Union and national instruments. This should include, if applicable, the identification of bodies responsible for coordination in these areas and, where appropriate, the structures or arrangements (e.g. committees, consultation procedures) used for this purpose.
As regards the complementarity with other Union instruments the following should be considered:
European Structural and Investment Funds (European Regional Development Fund, European Social Fund, Cohesion Fund, European Agricultural Fund for Rural Development, European Maritime and Fisheries Fund),
Other EU Funds or programmes (e.g. Lifelong learning programme, culture programme, ‘Youth in action’ programme),
EU external relations instruments (e.g. Instrument for Pre-accession Assistance, European Neighbourhood and Partnership Instrument, Instrument for Stability), as far as actions in or in relation with third countries are concerned.
6.7. Beneficiaries and direct award
6.7.1. List the main types of beneficiaries of the programme (use the list below)
The types of beneficiaries are: State/federal authorities, local public bodies, non-governmental organisations, international public organisations, national Red Cross, International Committee of the Red Cross, the International Federation of Red Cross and Red Crescent Societies, private and public law companies, education/research organisations, social partners.
6.7.2. Direct award
Indicate the national objective, when it is intended to use direct award and provide a justification for each circumstance.
The financing plan of the programme (article 14(2)(i) of Regulation (EU) No 514/2014)
Financing plan of the national programme specifying, for the whole programming period, the amount of the total EU contribution to each specific objective pursued. The amounts for national objectives within a specific objective are indicative. The total technical assistance expenditure is indicated.
7.1. Financing plan by specific objectives
Specific objective: title
National objective n
Subtotal of national objectives
Specific action n
Total 1 SO
National objective n + 1
Subtotal of national objectives
Specific action n + 1
Total special cases
(Maximum = fixed amount + (Total allocation) * 5 or 5,5 % in accordance with the Specific Regulations)
Indicative financing plan of the national programme specifying the total EU contribution for each financial year
7.2. Financing plan by financial year
7.3. Justification for any deviation from the minimum shares set in the Specific Regulations. (Only required if the minima are not met) Article 14(5)(b)
Provide a detailed explanation for derogating from the minimum shares as set out in the Specific Regulations.