(fra kommisjonsforordningen)

(1)    Commission Regulation (EU) No 18/2010  added Annex II to Regulation (EC) No 300/2008 on common specifications for the national quality control programmes of Member States in the field of civil aviation security.

(2)    Considering the continuous evolution of the international standards, practices, methodologies and tools in monitoring compliance with civil aviation security rules since the adoption of Annex II, it is important to amend the existing specifications for the national quality control programmes and to update them accordingly.

(3)    In particular, two new standards requiring Contracting States to ensure that their national civil aviation security quality control programmes define processes for the reporting of information concerning incidents of acts of unlawful interference and preparatory acts thereto (standard 5.1.6), as well as a confidential reporting system for analysing security information provided by sources such as passengers, crew and ground personnel (standard 3.5.1 (d)), have been added to Annex 17 to the Chicago Convention on International Civil Aviation of 7 December 1944. 

(4)    In accordance with third subparagraph of Article 11(2) of Regulation (EC) No 300/2008, the national quality control programme of the Member State is to allow for the swift detection and correction of deficiencies. To achieve this objective more efficiently, the new ICAO standards referred to in recital (3) should be reflected in the national civil aviation security quality control programmes. 

(5)    In particular, to inform policymaking, simplify the reporting by operators and entities responsible for the implementation of the national civil aviation security programme and to support compliance with the relevant standards set out in Annex 17 to the Chicago Convention, a common framework for gathering, sharing and analysing data from aviation security related occurrences should be established, thus replacing the current fragmented regulatory environment at national level.  

(6)    To ensure effectiveness and efficiency of the reporting mechanism, the common framework should require operators and entities responsible for the implementation of the national civil aviation security programme to report information on aviation security incidents, acts of unlawful interference and preparatory acts thereto to the relevant authorities within set deadlines, depending on how serious and immediate the impact is on aviation security, and they should put in place an internal reporting system to be used by all their personnel. In establishing their internal reporting systems, operators and entities should designate responsible persons or entities, improve data consistency, recruit and train persons designated to perform reporting tasks, standardise reporting forms and use a common classification.

(7)    The obligations to report information on aviation security occurrences, incidents, acts of unlawful interference and preparatory acts thereto established in this Regulation are without prejudice to the current reporting obligations regarding certain aviation security occurrences with impact on aviation safety established in Regulation (EU) No 376/2014 of the European Parliament and of the Council  and its implementing rules. Those implementing rules will be amended to take into account the provisions of this Regulation.

(8)    To ensure the necessary level of confidentiality, the information contained in the reports should be protected during its processing and storage, and such information should not be used for purposes other than aviation security. The confidentiality of the identity of the reporter and of the persons mentioned in the report should be safeguarded, subject to the requirements on criminal, disciplinary or administrative proceedings under national law.

(9)    To ensure the promptness of any necessary initiative by the Commission, other Member States, other national authorities including aviation safety authorities, industry and international partners, adequate procedures should be established for sharing, as appropriate, relevant information contained in the reports and on follow up actions.

(10)    To ensure effective overview of the aviation security occurrences and incidents in the Union, Member States should be required to submit an annual report to the Commission with statistics on the reports received and their analysis.

(11)    Aviation security occurrences should be reported in a harmonised manner through a standardised template for reporting such information. That template is based on the existing guidance material developed by the International Civil Aviation Organisation and made available in “Reporting of Aviation Security Occurrences and Incidents” published in June 2022.

(12)    Furthermore, the experience gained with the implementation of Annex II to Regulation (EC) 300/2008, as well as the evolution of the global compliance monitoring methodology and sectoral terminology, have shown the need for minor amendments to the common specifications for national quality control programmes in the field of civil aviation security. These amendments concern certain definitions (such as security measures) and improvements in the existing provisions (such as setting frequencies for the inspection of airports).

(13)    Regulation (EC) No 300/2008 should therefore be amended accordingly. As the number and extent of the amendments being introduced are deemed to significantly modify the existing Annex II to Regulation (EC) No 300/2008, it is more appropriate to replace that Annex.

(14)    The establishment of the mechanism and process for the reporting, classification, processing, storage, protection, analysis and aggregation of information on aviation security incidents, acts of unlawful interference and preparatory acts thereto requires an adequate preparatory period. The application of some of the related provisions laid down in the Annex should therefore be delayed to allow Member States the necessary time to ensure an effective and efficient fulfilment of the requirements.

(15)    The Stakeholders’ Advisory Group established by Article 17 of Regulation (EC) No 300/2008 has been consulted and closely involved in the development of the newly added requirements on aviation security occurrence reporting.

(16)    The measures provided for in this Regulation are in accordance with the opinion of the Committee established by Article 19 of Regulation (EC) No 300/2008,