Search Legislation

Commission Implementing Regulation (EU) No 802/2014Show full title

Commission Implementing Regulation (EU) No 802/2014 of 24 July 2014 establishing models for national programmes and establishing the terms and conditions of the electronic data exchange system between the Commission and Member States pursuant to Regulation (EU) No 514/2014 of the European Parliament and of the Council laying down general provisions on the Asylum, Migration and Integration Fund and on the instrument for financial support for police cooperation, prevention and combating crime and crisis management

 Help about what version

What Version

 Help about advanced features

Advanced Features

 Help about UK-EU Regulation

Legislation originating from the EU

When the UK left the EU, legislation.gov.uk published EU legislation that had been published by the EU up to IP completion day (31 December 2020 11.00 p.m.). On legislation.gov.uk, these items of legislation are kept up-to-date with any amendments made by the UK since then.

Close

This item of legislation originated from the EU

Legislation.gov.uk publishes the UK version. EUR-Lex publishes the EU version. The EU Exit Web Archive holds a snapshot of EUR-Lex’s version from IP completion day (31 December 2020 11.00 p.m.).

Changes over time for: Commission Implementing Regulation (EU) No 802/2014 (without Annexes)

 Help about opening options

Status:

Point in time view as at 31/12/2020.

Changes to legislation:

There are currently no known outstanding effects by UK legislation for Commission Implementing Regulation (EU) No 802/2014. Help about Changes to Legislation

Close

Changes to Legislation

Revised legislation carried on this site may not be fully up to date. At the current time any known changes or effects made by subsequent legislation have been applied to the text of the legislation you are viewing by the editorial team. Please see ‘Frequently Asked Questions’ for details regarding the timescales for which new effects are identified and recorded on this site.

Article 1U.K.Models for national programmes

The model for national programmes is set out in the Annex.

Article 2U.K.Establishment of electronic data exchange system

The Commission shall establish an electronic data exchange system for all official exchanges of information between Member States and the Commission (hereinafter referred to as ‘SFC2014’).

Article 3U.K.Content of electronic data exchange system

1.SFC2014 shall contain at least the information specified in the models, formats and templates established in accordance with Article 1 of this Regulation, that are in accordance with the Regulation (EU) No 514/2014 and the Specific Regulations referred to in Article 2(a) of Regulation (EU) No 514/2014.

2.The information provided in the electronic forms embedded in SFC2014 (hereinafter referred to as ‘structured data’) shall not be replaced by non-structured data, including the use of hyperlinks or other types of non-structured data such as attachment of documents or images. Where a Member State transmits the same information in the form of structured data and non-structured data, the structured data shall be used in case of inconsistencies.

Article 4U.K.Operation of SFC2014

1.The Commission and the competent authorities referred to in Article 25 of Regulation (EU) No 514/2014 shall enter into SFC2014 the information for the transmission of which they are responsible, and any updates thereto.

2.Any transmission of information to the Commission shall be verified and submitted by a person other than the person who entered the data for that transmission. This separation of tasks shall be supported by SFC2014 or by the Member State's management and control information systems connected automatically with SFC2014.

3.Member States shall appoint, at national or regional level or at both national and regional levels, one or more persons responsible for managing access rights to SFC2014. Those persons shall fulfil the following tasks:

(a)identifying users requesting access, making sure those users are employed by the organisation;

(b)informing users about their obligations to preserve the security of the system;

(c)verifying the entitlement of users to the required privilege level in relation to their tasks and their hierarchical position;

(d)requesting the termination of access rights when those access rights are no longer needed or justified;

(e)promptly reporting suspicious events that may undermine the security of the system;

(f)ensuring the continued accuracy of user identification data by reporting any changes;

(g)taking the necessary data protection and commercial confidentiality precautions in accordance with applicable Union and national rules; and

(h)informing the Commission of any changes affecting the capacity of the Member State authorities or users of SFC2014 to carry out the responsibilities referred to in paragraph 1 or their personal capacity to carry out the responsibilities referred to in points (a) to (g).

4.Exchanges of data and transactions shall bear a compulsory electronic signature within the meaning of Directive 1999/93/EC of the European Parliament and of the Council(1). Member States and the Commission shall recognise the legal effectiveness and admissibility of the electronic signature used in SFC2014 as evidence in legal proceedings.

5.Information processed through SFC2014 shall respect the protection of privacy of personal data for individuals and commercial confidentiality for legal entities in accordance with Directive 2002/58/EC of the European Parliament and of the Council(2), Directive 2009/136/EC of the European Parliament and of the Council(3), Directive 95/46/EC and Regulation (EC) No 45/2001.

Article 5U.K.Characteristics of SFC2014

In order to ensure the electronic exchange of information, SFC2014 shall have the following characteristics:

(a)

interactive forms or forms pre-filled by the system on the basis of data already previously recorded in the system;

(b)

automatic calculations, where they reduce the encoding effort of users;

(c)

automatic embedded controls to verify internal consistency of transmitted data and consistency of this data with applicable rules;

(d)

system-generated alerts warning SFC2014 users that certain actions can or cannot be performed;

(e)

online status tracking of the treatment of information entered into the system; and

(f)

availability of historical data in respect of all information entered for a national programme.

Article 6U.K.Transmission of data through SFC2014

1.SFC2014 shall be accessible to Member States and the Commission either directly through an interactive user interface (that is to say, a Web application) or via a technical interface using predefined protocols (that is to say, Web services) that allows for automatic synchronisation and transmission of data between Member States information systems and SFC2014.

2.The date of electronic transmission of information by the Member State to the Commission and vice versa shall be considered to be the date of submission of the document concerned.

3.In cases of force majeure, a malfunctioning of SFC2014 or a lack of a connection with SFC2014 exceeding one working day in the last week before a regulatory deadline for the submission of information or five working days at other times, the information exchange between Member State and the Commission may take place in paper form using the models, formats and templates referred to in Article 3(1).

When the electronic exchange system ceases to malfunction, the connection with that system is re-established or the cause of force majeure ceases, the party concerned shall enter without delay the information already sent in paper form into SFC2014.

4.In cases referred to in paragraph 3 the date stamped by the post shall be considered to be the date of submission of the document concerned.

Article 7U.K.Security of data transmitted through SFC2014

1.The Commission shall establish an information technology security policy (hereinafter referred to as ‘SFC IT security policy’) for SFC2014 applicable to personnel using SFC2014 in accordance with relevant Union rules, in particular Commission Decision C(2006)3602(4) and its implementing rules. The Commission shall designate one or more persons responsible for defining, maintaining and ensuring the correct application of the security policy for SFC2014.

2.Member States and European institutions other than the Commission, who have received access rights to SFC2014, shall comply with the IT security terms and conditions published in the SFC2014 portal and the measures that are implemented in SFC2014 by the Commission to secure the transmission of data, in particular in relation to the use of the technical interface referred to in Article 6(1) of this Regulation.

3.Member States and the Commission shall implement and ensure effectiveness of security measures adopted to protect the data they have stored and transmitted through SFC2014.

4.Member States shall adopt national, regional or local information technology security policies covering access to SFC2014 and automatic input of data into it, ensuring a minimum set of security requirements. These national, regional or local IT security policies may refer to other security documents. Each Member State shall ensure that these IT security policies apply to all authorities using SFC2014.

5.These national, regional or local IT security policies shall include:

(a)the IT security aspects of the work performed by the person or persons responsible for managing the access rights referred to in Article 4(3) of this Regulation when working directly in SFC2014; and

(b)the IT security measures for those national, regional or local computer systems connected to SFC2014 through a technical interface referred to in Article 6(1) of this Regulation.

For the purposes of point (b) of the first subparagraph, the following aspects of IT security shall be covered, as appropriate:

(a)

physical security;

(b)

data media and access control;

(c)

storage control;

(d)

access and password control;

(e)

monitoring;

(f)

interconnection to SFC2014;

(g)

communication infrastructure;

(h)

human resources; and

(i)

incident management.

6.The national, regional or local IT security policies shall be based on a risk assessment and the measures described shall be proportionate to the risks identified.

7.The documents setting out the national, regional or local IT security policies shall be made available to the Commission upon request.

8.Member States shall designate, at a national or regional level, one or more persons responsible for maintaining and ensuring the application of the national, regional or local IT security policies. That person or those persons shall act as contact point with the person or persons designated by the Commission and referred to in paragraph 1.

9.Both the SFC IT security policy and the relevant national, regional or local IT security policies shall be updated in the event of technological changes, the identification of new threats or other relevant developments. In any event, they shall be reviewed on an annual basis to ensure that they continue to provide an appropriate response.

Article 8U.K.

This Regulation shall enter into force on the day following that of its publication in the Official Journal of the European Union.

This Regulation shall be binding in its entirety and directly applicable in Member States in accordance with the Treaties.

Done at Brussels, 24 July 2014.

For the Commission

The President

José Manuel Barroso

Back to top

Options/Help

Print Options

Close

Legislation is available in different versions:

Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.

Original (As adopted by EU): The original version of the legislation as it stood when it was first adopted in the EU. No changes have been applied to the text.

Point in Time: This becomes available after navigating to view revised legislation as it stood at a certain point in time via Advanced Features > Show Timeline of Changes or via a point in time advanced search.

Close

See additional information alongside the content

Geographical Extent: Indicates the geographical area that this provision applies to. For further information see ‘Frequently Asked Questions’.

Show Timeline of Changes: See how this legislation has or could change over time. Turning this feature on will show extra navigation options to go to these specific points in time. Return to the latest available version by using the controls above in the What Version box.

Close

Opening Options

Different options to open legislation in order to view more content on screen at once

Close

More Resources

Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:

  • the original print PDF of the as adopted version that was used for the EU Official Journal
  • lists of changes made by and/or affecting this legislation item
  • all formats of all associated documents
  • correction slips
  • links to related legislation and further information resources
Close

Timeline of Changes

This timeline shows the different versions taken from EUR-Lex before exit day and during the implementation period as well as any subsequent versions created after the implementation period as a result of changes made by UK legislation.

The dates for the EU versions are taken from the document dates on EUR-Lex and may not always coincide with when the changes came into force for the document.

For any versions created after the implementation period as a result of changes made by UK legislation the date will coincide with the earliest date on which the change (e.g an insertion, a repeal or a substitution) that was applied came into force. For further information see our guide to revised legislation on Understanding Legislation.

Close

More Resources

Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:

  • the original print PDF of the as adopted version that was used for the print copy
  • correction slips

Click 'View More' or select 'More Resources' tab for additional information including:

  • lists of changes made by and/or affecting this legislation item
  • confers power and blanket amendment details
  • all formats of all associated documents
  • links to related legislation and further information resources