In-flight supplies shall be screened before being taken into a security restricted area, unless:

1. (a)

   the required security controls have been applied to the supplies by an air carrier that delivers these to its own aircraft and the supplies have been protected from unauthorised interference from the time that those controls were applied until delivery at the aircraft; or

2. (b)

   the required security controls have been applied to the supplies by a regulated supplier and the supplies have been protected from unauthorised interference from the time that those controls were applied until arrival at the security restricted area or, where applicable, until delivery to the air carrier or another regulated supplier; or

3. (c)

   the required security controls have been applied to the supplies by a known supplier and the supplies have been protected from unauthorised interference from the time that those controls were applied until delivery to the air carrier or regulated supplier.

Where there is any reason to believe that in-flight supplies to which security controls have been applied have been tampered with or have not been protected from unauthorised interference from the time that those controls were applied, they shall be screened before being allowed into security restricted areas.

The security controls of in-flight supplies shall also be subject to the additional provisions laid down in Commission Implementing Decision C(2015) 8005.

When screening in-flight supplies, the means or method employed shall take into consideration the nature of the supplies and shall be of a standard sufficient to reasonably ensure that no prohibited articles are concealed in the supplies.

The screening of in-flight supplies shall also be subject to the additional provisions laid down in Commission Implementing Decision C(2015) 8005.

The following means or method of screening, either individually or in combination, shall be applied:

1. (a)

   visual check;

2. (b)

   hand search;

3. (c)

   x-ray equipment;

4. (d)

   EDS equipment;

5. (e)

   ETD equipment in combination with point (a);

6. (f)

   explosive detection dogs in combination with point (a).

Where the screener cannot determine whether or not the item contains any prohibited articles, it shall be rejected or rescreened to the screener's satisfaction.

Regulated suppliers shall be approved by the appropriate authority.

The approval as a regulated supplier shall be site specific.

Any entity that ensures the security controls as referred to in point 8.1.5 and delivers in-flight supplies directly to aircraft shall be approved as a regulated supplier. This shall not apply to an air carrier that applies these security controls itself and delivers supplies only to its own aircraft.

The following procedure shall apply for the approval of regulated suppliers:

1. (a)

   the entity shall seek approval from the appropriate authority of the Member State in which its site is located in order to be granted the status of regulated supplier.

   The applicant shall submit a security programme to the appropriate authority concerned. The programme shall describe the methods and procedures which are to be followed by the supplier in order to comply with the requirements of point 8.1.5. The programme shall also describe how compliance with these methods and procedures is to be monitored by the supplier itself.

   The applicant shall also submit the ‘Declaration of commitments — regulated supplier of in-flight supplies’ as contained in Attachment 8-A. This declaration shall be signed by the legal representative or by the person responsible for security.

   The signed declaration shall be retained by the appropriate authority concerned;

2. (b)

   the appropriate authority, or an EU aviation security validator acting on its behalf, shall examine the security programme and then make an on-site verification of the sites specified in order to assess whether the applicant complies with the requirements of point 8.1.5;

3. (c)

   F1if the appropriate authority is satisfied with the information provided in accordance with points (a) and (b), it shall ensure that the necessary details of the regulated supplier are entered into the Union database on supply chain security not later than the next working day. When making the database entry the appropriate authority shall give each approved site a unique alphanumeric identifier in the standard format. If the appropriate authority is not satisfied, the reasons shall promptly be notified to the entity seeking approval as a regulated supplier;

4. (d)

   F5a regulated supplier shall not be considered as approved until its details are listed in the Union database on supply chain security.

A regulated supplier shall be re-validated at regular intervals not exceeding 5 years. This shall include an on-site verification in order to assess whether the regulated supplier still complies with the requirements of point 8.1.5.

An inspection at the premises of the regulated supplier by the appropriate authority in accordance with its national quality control programme may be considered as an on-site verification, provided that it covers all the requirements of point 8.1.5.

If the appropriate authority is no longer satisfied that the regulated supplier complies with the requirements of point 8.1.5, it shall withdraw the status of regulated supplier for the specified sites.

Without prejudice to the right of each Member State to apply more stringent measures in accordance with Article 6 of Regulation (EC) No 300/2008, a regulated supplier approved in accordance with point 8.1.3 shall be recognised in all Member States.

Any entity (‘the supplier’) that ensures the security controls as referred to in point 8.1.5 and delivers in-flight supplies, but not directly to aircraft, shall be designated as a known supplier by the operator or the entity to whom it delivers (‘the designating entity’). This shall not apply to a regulated supplier.

In order to be designated as a known supplier, the supplier must provide the designating entity with:

1. (a)

   the ‘Declaration of commitments — known supplier of in-flight supplies’ as contained in Attachment 8-B. This declaration shall be signed by the legal representative; and

2. (b)

   the security programme covering the security controls as referred to in point 8.1.5.

All known suppliers must be designated on the basis of validations of:

1. (a)

   the relevance and completeness of the security programme in respect of point 8.1.5; and

2. (b)

   the implementation of the security programme without deficiencies.

If the appropriate authority or the designating entity is no longer satisfied that the known supplier complies with the requirements of point 8.1.5, the designating entity shall withdraw the status of known supplier without delay.

The appropriate authority shall define in its national civil aviation security programme as referred to in Article 10 of Regulation (EC) No 300/2008 if the validations of the security programme and its implementation shall be performed by a national auditor, an EU aviation security validator, or a person acting on behalf of the designating entity appointed and trained for that purpose.

Validations must be recorded and if not otherwise stated in this legislation, must take place before designation and repeated every 2 years thereafter.

If the validation is not done on behalf of the designating entity any record thereof must be made available to it.

The validation of the implementation of the security programme confirming the absence of deficiencies shall consist of either:

1. (a)

   an on-site visit of the supplier every 2 years; or

2. (b)

   regular checks upon reception of supplies delivered by that known supplier, starting after the designation, including:

   • a verification that the person delivering supplies on behalf of the known supplier was properly trained; and

   • a verification that the supplies are properly secured; and

   • screening of the supplies in the same way as supplies coming from an unknown supplier.

   These checks must be carried out in an unpredictable manner and take place at least either, once every three months or on 20 % of the known supplier's deliveries to the designating entity.

   Option (b) may only be used if the appropriate authority defined in its national civil aviation security programme that the validation shall be performed by a person acting on behalf of the designating entity.

The methods applied and procedures to be followed during and after designation shall be laid down in the security programme of the designating entity.

The designating entity shall keep:

1. (a)

   a list of all known suppliers it has designated indicating the expiry date of their designation, and

2. (b)

   the signed declaration, a copy of the security programme, and any reports recording its implementation for each known supplier, at least until 6 months after the expiry of its designation.

Upon request, these documents shall be made available to the appropriate authority for compliance monitoring purposes.

An air carrier, a regulated supplier and a known supplier of in-flight supplies shall:

1. (a)

   appoint a person responsible for security in the company; and

2. (b)

   ensure that persons with access to in-flight supplies receive general security awareness training in accordance with point 11.2.7 before being given access to these supplies; and

3. (c)

   prevent unauthorised access to its premises and in-flight supplies; and

4. (d)

   reasonably ensure that no prohibited articles are concealed in in- flight supplies; and

5. (e)

   apply tamper-evident seals to, or physically protect, all vehicles and/or containers that transport in-flight supplies.

   Point (e) shall not apply during airside transportation.

If a known supplier uses another company that is not a known supplier to the air carrier or regulated supplier for transporting supplies, the known supplier shall ensure that all security controls listed in point 8.1.5.1 are adhered to.

The security controls to be applied by an air carrier and a regulated supplier shall also be subject to the additional provisions laid down in Commission Implementing Decision C(2015) 8005.

In accordance with Regulation (EC) No 300/2008 of the European Parliament and of the Council34 and its implementing acts,

I declare that,

• to the best of my knowledge, the information contained in the company's security programme is true and accurate,

• the practices and procedures set out in this security programme will be implemented and maintained at all sites covered by the programme,

• this security programme will be adjusted and adapted to comply with all future relevant changes to Union legislation, unless [name of company] informs [name of appropriate authority] that it no longer wishes to deliver in-flight supplies directly to aircraft (and thus no longer wishes to trade as a regulated supplier),

• [name of company] will inform [name of appropriate authority] in writing of:

  1. (a)

     minor changes to its security programme, such as company name, person responsible for security or contact details, promptly but at least within 10 working days; and

  2. (b)

     major planned changes, such as new screening procedures, major building works which might affect its compliance with relevant Union legislation or change of site/address, at least 15 working days prior to their commencement/the planned change,

• in order to ensure compliance with relevant Union legislation, [name of company] will cooperate fully with all inspections, as required, and provide access to all documents, as requested by inspectors,

• [name of company] will inform [name of appropriate authority] of any serious security breaches and of any suspicious circumstances which may be relevant to in-flight supplies, in particular any attempt to conceal prohibited articles in supplies,

• [name of company] will ensure that all relevant staff receive training in accordance with Chapter 11 of the Annex to Implementing Regulation (EU) 2015/1998 and are aware of their security responsibilities under the company's security programme; and

• [name of company] will inform [name of appropriate authority] if:

  1. (a)

     it ceases trading;

  2. (b)

     it no longer delivers in-flight supplies directly to aircraft; or

  3. (c)

     it can no longer meet the requirements of the relevant Union legislation.

I shall accept full responsibility for this declaration.

Name:

Position in company:

Date:

Signature:

In accordance with Regulation (EC) No 300/2008 of the European Parliament and of the Council35 and its implementing acts,

I declare that,

• [name of company] will

  1. (a)

     appoint a person responsible for security in the company; and

  2. (b)

     ensure that persons with access to in-flight supplies receive general security awareness training in accordance with point 11.2.7 of the Annex to Implementing Regulation (EU) 2015/1998 before being given access to these supplies. In addition, ensure that persons implementing screening of in-flight supplies receive training according to 11.2.3.3 of the Annex to Implementing Regulation (EU) 2015/1998 and persons implementing other security controls in respect of in-flight supplies receive training according to 11.2.3.10 of the Annex to Implementing Regulation (EU) 2015/1998; and

  3. (c)

     prevent unauthorised access to its premises and in-flight supplies; and

  4. (d)

     reasonably ensure that no prohibited articles are concealed in in-flight supplies; and

  5. (e)

     apply tamper-evident seals to, or physically protect, all vehicles and/or containers that transport in-flight supplies (this point will not apply during airside transportation).

When using another company that is not a known supplier to the air carrier or regulated supplier for transporting supplies, [name of company] will ensure that all security controls listed above are adhered to,

• in order to ensure compliance, [name of company] will cooperate fully with all inspections, as required, and provide access to all documents, as requested by inspectors,

• [name of company] will inform [the air carrier or regulated supplier to whom it delivers in-flight supplies] of any serious security breaches and of any suspicious circumstances which may be relevant to in-flight supplies, in particular any attempt to conceal prohibited articles in supplies,

• [name of company] will ensure that all relevant staff receive training in accordance with Chapter 11 of the Annex to Implementing Regulation (EU) 2015/1998 and are aware of their security responsibilities, and

• [name of company] will inform [the air carrier or regulated supplier to whom it delivers in-flight supplies] if:

  1. (a)

     it ceases trading; or

  2. (b)

     it can no longer meet the requirements of the relevant Union legislation.

I shall accept full responsibility for this declaration.

Legal representative

Name:

Date:

Signature:

Airport supplies shall be screened before being allowed into security restricted areas, unless:

1. (a)

   the required security controls have been applied to the supplies by an airport operator that delivers these to its own airport and the supplies have been protected from unauthorised interference from the time that those controls were applied until delivery to the security restricted area; or

2. (b)

   the required security controls have been applied to the supplies by a known supplier or regulated supplier and the supplies have been protected from unauthorised interference from the time that those controls were applied until delivery to the security restricted area.

Airport supplies which originate in the security restricted area may be exempted from these security controls.

Where there is any reason to believe that airport supplies to which security controls have been applied have been tampered with or have not been protected from unauthorised interference from the time that those controls were applied, they shall be screened before being allowed into security restricted areas.

When screening airport supplies, the means or method employed shall take into consideration the nature of the supply and shall be of a standard sufficient to reasonably ensure that no prohibited articles are concealed in the supply.

The screening of airport supplies shall also be subject to the additional provisions laid down in Commission Implementing Decision C(2015) 8005.

The following means or method of screening, either individually or in combination, shall be applied:

1. (a)

   visual check;

2. (b)

   hand search;

3. (c)

   x-ray equipment;

4. (d)

   EDS equipment;

5. (e)

   ETD equipment in combination with point (a);

6. (f)

   explosive detection dogs in combination with point (a).

Where the screener cannot determine whether or not the item contains any prohibited articles, it shall be rejected or rescreened to the screener's satisfaction.

Any entity (‘the supplier’) that ensures the security controls as referred to in point 9.1.4 and delivers airport supplies shall be designated as a known supplier by the airport operator.

In order to be designated as a known supplier, the supplier must provide the airport operator with:

1. (a)

   the ‘Declaration of commitments — known supplier of airport supplies’ as contained in Attachment 9-A. This declaration shall be signed by the legal representative; and

2. (b)

   the security programme covering the security controls as referred to in point 9.1.4.

All known suppliers must be designated on the basis of validations of:

1. (a)

   the relevance and completeness of the security programme in respect of point 9.1.4; and

2. (b)

   the implementation of the security programme without deficiencies.

If the appropriate authority or the airport operator is no longer satisfied that the known supplier complies with the requirements of point 9.1.4, the airport operator shall withdraw the status of known supplier without delay.

The appropriate authority shall define in its national civil aviation security programme as referred to in Article 10 of Regulation (EC) No 300/2008 if the validations of the security programme and its implementation shall be performed by a national auditor, an EU aviation security validator, or a person acting on behalf of the airport operator appointed and trained for that purpose.

Validations must be recorded and if not otherwise stated in this legislation, must take place before designation and repeated every 2 years thereafter.

If the validation is not done on behalf of the airport operator any record thereof must be made available to it.

The validation of the implementation of the security programme confirming the absence of deficiencies shall consist of either:

1. (a)

   an on-site visit of the supplier every 2 years; or

2. (b)

   regular checks upon access to the security restricted area of supplies delivered by that known supplier, starting after the designation, including:

   • a verification that the person delivering supplies on behalf of the known supplier was properly trained; and

   • a verification that the supplies are properly secured; and

   • screening of the supplies in the same way as supplies coming from an unknown supplier.

   These checks must be carried out in an unpredictable manner and take place at least either once every three months or on 20 % of the known supplier's deliveries to the airport operator.

   Option (b) may only be used if the appropriate authority defined in its national civil aviation security programme that the validation shall be performed by a person acting on behalf of the airport operator.

The methods applied and procedures to be followed during and after designation shall be laid down in the security programme of the airport operator.

The airport operator shall keep:

1. (a)

   a list of all known suppliers it has designated indicating the expiry date of their designation, and

2. (b)

   the signed declaration, a copy of the security programme, and any reports recording its implementation for each known supplier, at least until 6 months after the expiry of its designation.

Upon request, these documents shall be made available to the appropriate authority for compliance monitoring purposes.

A known supplier of airport supplies or airport operator delivering airport supplies to the security restricted area shall:

1. (a)

   appoint a person responsible for security in the company; and

2. (b)

   ensure that persons with access to airport supplies receive general security awareness training in accordance with point 11.2.7 before being given access to these supplies; and

3. (c)

   prevent unauthorised access to its premises and airport supplies; and

4. (d)

   reasonably ensure that no prohibited articles are concealed in airport supplies; and

5. (e)

   apply tamper-evident seals to, or physically protect, all vehicles and/or containers that transport airport supplies.

Point (e) shall not apply during airside transportation.

If a known supplier uses another company that is not a known supplier to the airport operator for transporting supplies to the airport, the known supplier shall ensure that all security controls listed in this point are adhered to.

In accordance with Regulation (EC) No 300/2008 of the European Parliament and of the Council36 and its implementing acts,

I declare that,

• [name of company] will

  1. (a)

     appoint a person responsible for security in the company; and

  2. (b)

     ensure that persons with access to airport supplies receive general security awareness training in accordance with point 11.2.7 of the Annex to Implementing Regulation (EU) 2015/1998 before being given access to these supplies. In addition, ensure that persons implementing screening of airport supplies receive training according to point 11.2.3.3 of the Annex to Implementing Regulation (EU) 2015/1998 and persons implementing other security controls in respect of airport supplies receive training according to point 11.2.3.10 of the Annex to Implementing Regulation (EU) 2015/1998; and

  3. (c)

     prevent unauthorised access to its premises and airport supplies; and

  4. (d)

     reasonably ensure that no prohibited articles are concealed in airport supplies; and

  5. (e)

     apply tamper-evident seals to, or physically protect, all vehicles and/or containers that transport airport supplies (this point will not apply during airside transportation).

When using another company that is not a known supplier to the airport operator for transporting supplies, [name of company] will ensure that all security controls listed above are adhered to,

• in order to ensure compliance, [name of company] will cooperate fully with all inspections, as required, and provide access to all documents, as requested by inspectors,

• [name of company] will inform [the airport operator] of any serious security breaches and of any suspicious circumstances which may be relevant to airport supplies, in particular any attempt to conceal prohibited articles in supplies,

• [name of company] will ensure that all relevant staff receive training in accordance with Chapter 11 of the Annex to Implementing Regulation (EU) 2015/1998 and are aware of their security responsibilities, and

• [name of company] will inform [the airport operator] if:

  1. (a)

     it ceases trading; or

  2. (b)

     it can no longer meet the requirements of the relevant EU legislation.

I shall accept full responsibility for this declaration.

Legal representative

Name:

Date:

Signature:

Persons shall have successfully completed relevant training before being authorised to implement security controls unsupervised.

Training of persons performing tasks as listed in points 11.2.3.1 to 11.2.3.5 and point 11.2.4 shall include theoretical, practical and on- the-job training elements.

The content of courses shall be specified or approved by the appropriate authority before:

1. (a)

   an instructor delivers any training required under Regulation (EC) No 300/2008 and its implementing acts; or

2. (b)

   a computer based training course is used in order to meet the requirements of Regulation (EC) No 300/2008 and its implementing acts.

   Computer based training may be used with or without the support of an instructor or coach.

Training records shall be kept for all persons trained for at least the duration of their contract.

Job specific training of persons implementing screening of persons, cabin baggage, items carried and hold baggage shall result in all of the following competencies:

1. (a)

   understanding of the configuration of the screening checkpoint and the screening process;

2. (b)

   knowledge of how prohibited articles may be concealed;

3. (c)

   ability to respond appropriately to the detection of prohibited articles;

4. (d)

   knowledge of the capabilities and limitations of security equipment or screening methods used;

5. (e)

   knowledge of emergency response procedures.

In addition, where the designated tasks of the person concerned so require, training shall also result in the following competences:

1. (f)

   interpersonal skills, in particular how to deal with cultural differences and with potentially disruptive passengers;

2. (g)

   knowledge of hand searching techniques;

3. (h)

   ability to carry out hand searches to a standard sufficient to reasonably ensure the detection of concealed prohibited articles;

4. (i)

   knowledge of exemptions from screening and special security procedures;

5. (j)

   ability to operate the security equipment used;

6. (k)

   ability to correctly interpret images produced by security equipment; and

7. (l)

   knowledge of protection requirements for hold baggage.

Training of persons implementing screening of cargo and mail shall result in all of the following competencies:

1. (a)

   knowledge of previous acts of unlawful interference with civil aviation, terrorist acts and current threats;

2. (b)

   awareness of the relevant legal requirements;

3. (c)

   knowledge of the objectives and organisation of aviation security, including the obligations and responsibilities of persons implementing security controls in the supply chain;

4. (d)

   ability to identify prohibited articles;

5. (e)

   ability to respond appropriately to the detection of prohibited articles;

6. (f)

   knowledge of the capabilities and limitations of security equipment or screening methods used;

7. (g)

   knowledge of how prohibited articles may be concealed;

8. (h)

   knowledge of emergency response procedures;

9. (i)

   knowledge of protection requirements for cargo and mail;

In addition, where the designated tasks of the person concerned so require, training shall also result in the following competences:

1. (j)

   knowledge of screening requirements for cargo and mail, including exemptions and special security procedures;

2. (k)

   knowledge of screening methods appropriate for different types of cargo and mail;

3. (l)

   knowledge of hand searching techniques;

4. (m)

   ability to carry out hand searches to a standard sufficient to reasonably ensure the detection of concealed prohibited articles;

5. (n)

   ability to operate the security equipment used;

6. (o)

   ability to correctly interpret images produced by security equipment;

7. (p)

   knowledge of transportation requirements.

Training of persons implementing screening of air carrier mail and materials, in-flight supplies and airport supplies shall result in all of the following competencies:

1. (a)

   knowledge of previous acts of unlawful interference with civil aviation, terrorist acts and current threats;

2. (b)

   awareness of the relevant legal requirements;

3. (c)

   knowledge of the objectives and organisation of aviation security, including the obligations and responsibilities of persons implementing security controls in the supply chain;

4. (d)

   ability to identify prohibited articles;

5. (e)

   ability to respond appropriately to the detection of prohibited articles;

6. (f)

   knowledge of how prohibited articles may be concealed;

7. (g)

   knowledge of emergency response procedures;

8. (h)

   knowledge of the capabilities and limitations of security equipment or screening methods used;

In addition, where the designated tasks of the person concerned so require, training shall also result in the following competences:

1. (i)

   knowledge of hand searching techniques;

2. (j)

   ability to carry out hand searches to a standard sufficient to reasonably ensure the detection of concealed prohibited articles;

3. (k)

   ability to operate the security equipment used;

4. (l)

   ability to correctly interpret images produced by security equipment;

5. (m)

   knowledge of transportation requirements.

Specific training of persons performing vehicle examinations shall result in all of the following competencies:

1. (a)

   knowledge of the legal requirements for vehicle examinations, including exemptions and special security procedures;

2. (b)

   ability to respond appropriately to the detection of prohibited articles;

3. (c)

   knowledge of how prohibited articles may be concealed;

4. (d)

   knowledge of emergency response procedures;

5. (e)

   knowledge of vehicle examination techniques;

6. (f)

   ability to carry out vehicle examinations to a standard sufficient to reasonably ensure the detection of concealed prohibited articles.

Specific training of persons implementing access control at an airport as well as surveillance and patrols shall result in all of the following competencies:

1. (a)

   knowledge of the legal requirements for access control, including exemptions and special security procedures;

2. (b)

   knowledge of access control systems used at the airport;

3. (c)

   knowledge of authorisations, including identification cards and vehicle passes, providing access to airside areas and ability to identify those authorisations;

4. (d)

   knowledge of procedures for patrolling and for challenging persons and of circumstances in which persons should be challenged or reported:

5. (e)

   ability to respond appropriately to the detection of prohibited articles;

6. (f)

   knowledge of emergency response procedures;

7. (g)

   interpersonal skills, in particular how to deal with cultural differences and with potentially disruptive passengers.

Training of persons implementing aircraft security searches shall result in all of the following competencies:

1. (a)

   knowledge of the legal requirements for aircraft security searches;

2. (b)

   knowledge of the configuration of the type(s) of aircraft on which the person is to implement aircraft security searches;

3. (c)

   ability to identify prohibited articles;

4. (d)

   ability to respond appropriately to the detection of prohibited articles;

5. (e)

   knowledge of how prohibited articles may be concealed;

6. (f)

   ability to implement aircraft security searches to a standard sufficient to reasonably ensure the detection of concealed prohibited articles.

In addition, where the person holds an airport identification card, training shall also result in all of the following competences:

1. (g)

   knowledge of previous acts of unlawful interference with civil aviation, terrorist acts and current threats;

2. (h)

   knowledge of the legal framework for aviation security;

3. (i)

   knowledge of the objectives and organisation of aviation security, including the obligations and responsibilities of persons implementing security controls;

4. (j)

   understanding of the configuration of the screening checkpoint and the screening process;

5. (k)

   awareness of access control and relevant screening procedures;

6. (l)

   knowledge of airport identification card used at the airport.

Training of persons implementing aircraft protection shall result in all of the following competencies:

1. (a)

   knowledge of how to protect and prevent unauthorised access to aircraft;

2. (b)

   knowledge of procedures for sealing aircraft, if applicable for the person to be trained;

3. (c)

   knowledge of identification card systems used at the airport;

4. (d)

   knowledge of procedures for challenging persons and of circumstances in which persons should be challenged or reported; and

5. (e)

   knowledge of emergency response procedures.

In addition, where the person holds an airport identification card, training shall also result in all of the following competences:

1. (f)

   knowledge of previous acts of unlawful interference with civil aviation, terrorist acts and current threats;

2. (g)

   knowledge of the legal framework for aviation security;

3. (h)

   knowledge of the objectives and organisation of aviation security, including the obligations and responsibilities of persons implementing security controls;

4. (i)

   understanding of the configuration of the screening checkpoint and the screening process;

5. (j)

   awareness of access control and relevant screening procedures.

Training of persons implementing baggage reconciliation shall result in all of the following competencies:

1. (a)

   knowledge of previous acts of unlawful interference with civil aviation, terrorist acts and current threats;

2. (b)

   awareness of the relevant legal requirements;

3. (c)

   knowledge of the objectives and organisation of aviation security, including the obligations and responsibilities of persons implementing security controls;

4. (d)

   ability to respond appropriately to the detection of prohibited articles;

5. (e)

   knowledge of emergency response procedures;

6. (f)

   knowledge of passenger and baggage reconciliation requirements and techniques;

7. (g)

   knowledge of protection requirements for air carrier materials used for passenger and baggage processing.

F5In addition, where the person holds an airport identification card, training shall also result in all of the following competences:

1. (h)

   understanding of the configuration of the screening checkpoint and the screening process;

2. (i)

   awareness of access control and relevant screening procedures;

3. (j)

   knowledge of airport identification cards used at the airport;

4. (k)

   knowledge of reporting procedures;

5. (l)

   ability to respond appropriately to security related incidents.

Training of persons implementing security controls for cargo and mail other than screening shall result in all of the following competencies:

1. (a)

   knowledge of previous acts of unlawful interference with civil aviation, terrorist acts and current threats;

2. (b)

   awareness of the relevant legal requirements;

3. (c)

   knowledge of the objectives and organisation of aviation security, including the obligations and responsibilities of persons implementing security controls in the supply chain;

4. (d)

   knowledge of procedures for challenging persons and of circumstances in which persons should be challenged or reported;

5. (e)

   knowledge of reporting procedures;

6. (f)

   ability to identify prohibited articles;

7. (g)

   ability to respond appropriately to the detection of prohibited articles;

8. (h)

   knowledge of how prohibited articles may be concealed;

9. (i)

   knowledge of protection requirements for cargo and mail;

10. (j)

    knowledge of transportation requirements, if applicable.

F5In addition, where the person holds an airport identification card, training shall also result in all of the following competences:

1. (k)

   understanding of the configuration of the screening checkpoint and the screening process;

2. (l)

   awareness of access control and relevant screening procedures;

3. (m)

   knowledge of identification cards in use;

4. (n)

   ability to respond appropriately to security related incidents.

Training of persons implementing security controls for air carrier mail and materials, in-flight supplies and airport supplies other than screening shall result in all of the following competencies:

1. (a)

   knowledge of previous acts of unlawful interference with civil aviation, terrorist acts and current threats;

2. (b)

   awareness of the relevant legal requirements;

3. (c)

   knowledge of the objectives and organisation of aviation security, including the obligations and responsibilities of persons implementing security controls;

4. (d)

   knowledge of procedures for challenging persons and of circumstances in which persons should be challenged or reported;

5. (e)

   knowledge of reporting procedures;

6. (f)

   ability to identify prohibited articles;

7. (g)

   ability to respond appropriately to the detection of prohibited articles;

8. (h)

   knowledge of how prohibited articles may be concealed;

9. (i)

   knowledge of protection requirements for air carrier mail and materials, in-flight supplies and airport supplies, as applicable;

10. (j)

    knowledge of transportation requirements, if applicable.

F5In addition, where the person holds an airport identification card, training shall also result in all of the following competences:

1. (k)

   understanding of the configuration of the screening checkpoint and the screening process;

2. (l)

   awareness of access control and relevant screening procedures;

3. (m)

   knowledge of identification cards in use;

4. (n)

   ability to respond appropriately to security related incidents.

Persons other than passengers requiring unescorted access to security restricted areas and not falling under points 11.2.3 to 11.2.5 and 11.5 shall receive security awareness training before being issued with an authorisation granting unescorted access to security restricted areas.

For objective reasons, the appropriate authority may exempt persons from this training requirement if their access is limited to areas in the terminal accessible to passengers.

Security awareness training shall result in all of the following competencies:

1. (a)

   knowledge of previous acts of unlawful interference with civil aviation, terrorist acts and current threats;

2. (b)

   awareness of the relevant legal requirements;

3. (c)

   knowledge of the objectives and organisation of aviation security, including the obligations and responsibilities of persons implementing security controls;

4. (d)

   understanding of the configuration of the screening checkpoint and the screening process;

5. (e)

   awareness of access control and relevant screening procedures;

6. (f)

   knowledge of airport identification cards used at the airport;

7. (g)

   knowledge of reporting procedures;

8. (h)

   ability to respond appropriately to security related incidents.

Each person undergoing security awareness training shall be required to demonstrate understanding of all subjects referred to in point 11.2.6.2 before being issued with an authorisation granting unescorted access to security restricted areas.

Member States shall approve EU aviation security validators based on conformity assessment capacity, which shall comprise:

1. (a)

   independence from the validated industry, unless otherwise stated; and

2. (b)

   appropriate personnel competence in the security area to be validated as well as methods to maintain such competence at the level referred to in 11.6.3.5; and

3. (c)

   the functionality and appropriateness of validation processes.

Where relevant, the approval shall take account of accreditation certificates in relation to the relevant harmonised standards, namely with EN-ISO/IEC 17020 instead of re-assessing conformity assessment capacity.

An EU aviation security validator may be any individual or a legal entity.

The national accreditation body established pursuant to Regulation (EC) No 765/2008 of the European Parliament and of the Council37 may be empowered to accredit the conformity assessment capacity of legal entities to perform EU aviation security validation, adopt administrative measures in that respect and carry out the surveillance of EU aviation security validation activities.

Every individual performing EU aviation security validation shall have appropriate competence and background, and shall meet all of the following requirements:

1. (a)

   have been subject to a background check in accordance with 11.1.3 that shall be recurrent at least every five years;

2. (b)

   perform EU aviation security validation impartially and objectively, shall understand the meaning of independence and apply methods to avoid situations of conflict of interest in respect of the validated entity;

3. (c)

   have sufficient theoretical knowledge and practical experience in the field of quality control as well as respective skills and personal attributes to collect, record and assess findings based on a checklist, in particular regarding:

   1. (1)

      compliance monitoring principles, procedures and techniques;

   2. (2)

      factors affecting human performance and supervision;

   3. (3)

      the role and powers of the validator, including on conflict of interest;

4. (d)

   provide proof of appropriate competence based on training and/or a minimum work experience in respect of the following areas:

   1. (1)

      general aviation security principles of Union and ICAO aviation security standards;

   2. (2)

      specific standards related to the activity validated and how they are applied to operations;

   3. (3)

      security technologies and techniques relevant for the validation process;

5. (e)

   undergo recurrent training at a frequency sufficient to ensure that existing competencies are maintained and new competencies are acquired to take account of developments in the field of aviation security.

The appropriate authority shall either itself provide training for EU aviation security validator or approve and maintain a list of appropriate security training courses.

Member States may limit the approval of an EU aviation security validator to validation activities which are carried out solely on the territory of that Member State on behalf of the appropriate authority of that Member State. In such cases, the requirements of point 11.6.4.2 do not apply.

The approval of an EU aviation security validator shall expire after a maximum period of five years.

An EU aviation security validator shall not be considered as approved until its details are listed in the ‘Union database on supply chain security’. Every EU aviation security validator shall be provided with proof of its status by or on behalf of the appropriate authority. For the period the Union database on supply chain security cannot accommodate entries with regard to EU aviation security validators, the appropriate authority shall communicate the necessary details of the EU aviation security validator to the Commission which shall make them available to all Member States.

Approved EU aviation security validators shall be recognised by all Member States.

When a Member State is no longer satisfied that an EU aviation security validator meets the requirements referred to in points 11.6.3.1 or 11.6.3.5, it shall withdraw the approval and remove the validator from the Union database on supply chain security, or inform the appropriate authority that approved it, sharing the basis for its concern.

Industry associations and entities under their responsibility operating quality assurance programmes may be approved as EU aviation security validators provided equivalent measures of those programmes ensure impartial and objective validation. Recognition shall be done in cooperation of the appropriate authorities of at least two Member States.

The Commission may recognise validation activities undertaken by authorities or aviation security validators under the jurisdiction of and recognised by a third country or an international organisation where it can confirm their equivalency to EU aviation security validation. A list thereof shall be kept in Attachment 6-Fiii.

The validation report shall record the EU aviation security validation and contain at least:

1. (a)

   a completed checklist signed by the EU aviation security validator including, where requested, comments by the validated entity in the necessary detail; and

2. (b)

   a declaration of commitments signed by the validated entity; and

3. (c)

   an independence declaration in respect of the entity validated signed by the individual performing the EU aviation security validation.

The EU aviation security validator shall establish the level of compliance with the objectives contained in the checklist and record these findings in the appropriate part of the checklist.

A declaration of commitment shall state the validated entity's commitment to continue operation under the successfully validated operation standards.

The validated entity may declare its agreement or disagreement to the validation report's established compliance level. Such a declaration shall become an integral part of the validation report.

Page numbering, date of the EU aviation security validation and initialling by the validator and the validated entity on each page shall prove the validation report's integrity.

F4Manual initialling on each page may be replaced by an electronic signature of the entire document.

By default the report shall be in English and delivered to the appropriate authority, where applicable, along with the validated entity within a maximum of one month after the on-site verification.

Walk-through metal detection equipment (WTMD) shall be able to detect and to indicate by means of an alarm at least specified metallic items, both individually and in combination.

The detection by WTMD shall be independent of the position and orientation of the metallic item.

WTMD shall be firmly fixed to a solid base.

WTMD shall have a visual indicator to show that the equipment is in operation.

The means for adjusting the detection settings of WTMD shall be protected and accessible only to authorised persons.

WTMD shall give both a visual alarm and an audible alarm when it detects metallic items as referred to in point 12.1.1.1. Both types of alarm shall be noticeable at a range of 2 metres.

The visual alarm shall give an indication of the strength of signal detected by the WTMD.

There shall be two standards for WTMD. Detailed requirements on these standards are laid down in Commission Implementing Decision C(2015) 8005.

All WTMD exclusively used for screening persons other than passengers shall meet at least standard 1.

All WTMD used for screening of passengers shall meet standard 2.

All WTMD equipment used in combination with shoe metal detection (SMD) equipment shall be able to detect and indicate by means of a visual indication at least specified metallic items, both individually and in combination, and this shall correspond to the height at which this item (or items) is located on the person passing through it. This shall be irrespective of the type and number of items and their orientation.

All WTMD equipment used in combination with SMD equipment shall be able to detect and indicate all alarms generated by metallic items on a person in at least two zones. The first zone shall correspond to the lower legs of a person and shall be between the floor and a maximum of 35 cm above the floor. All other zones shall be above the first zone.

Explosive detection systems equipment (EDS) shall be able to detect and to indicate by means of an alarm specified and higher individual quantities of explosive material contained in baggage or other consignments.

The detection shall be independent of the shape, position or orientation of the explosive material.

EDS shall give an alarm in each of the following circumstances:

• when it detects explosive material, and

• when it detects the presence of an item that prevents explosive material from being detected, and

• when the contents of a bag or consignment are too dense to be analysed.

All EDS installed before 1 September 2014 shall at least meet standard 2.

Standard 2 shall expire on 1 September 2020.

The appropriate authority may permit standard 2 EDS installed between 1 January 2011 and 1 September 2014 to continue to be used until 1 September 2022 at the latest.

The appropriate authority shall inform the Commission when it grants permission to permit standard 2 EDS to continue to be used as of 1 September 2020.

All EDS installed as from 1 September 2014 shall meet standard 3.

All EDS shall meet standard 3 as from 1 September 2020 at the latest, unless point 12.4.2.3 applies.

All EDS equipment designed to screen cabin baggage shall meet at least standard C1.

All EDS equipment designed to screen cabin baggage containing portable computers and other large electrical items shall meet at least standard C2.

All EDS equipment designed to screen cabin baggage containing portable computers and other large electrical items and LAGS shall meet at least standard C3.

Threat image projection (TIP) shall be able to project combined threat images (CTI) or fictional threat images (FTI).

CTI are x-ray images of bags or other consignments containing threat articles.

FTI are x-ray images of threat articles which are projected into x-ray images of bags or other consignments being screened.

Threat articles shall appear within the x-ray image of bags and other consignments in an evenly distributed manner and not in a fixed position.

It shall be possible to set the percentage of CTI and FTI to be projected.

Where CTI are used:

1. (a)

   the concept of operation must ensure that the screener cannot see the bags or other consignments that are introduced into the x-ray or EDS equipment and cannot determine that a CTI is or might be projected to him/her; and

2. (b)

   the TIP system and library size shall reasonably ensure that a screener is not exposed to the same CTI again within 12 months.

F2Where CTI TIP is deployed with EDS equipment used exclusively for hold baggage screening, the requirement in point (b) shall only apply as of 1 September 2020.

TIP shall not impair the performance and normal functioning of x-ray or EDS equipment.

No indication shall be given to the screener that a CTI or FTI is about to be projected or has been projected until a message is presented in accordance with point 12.5.2.2.

The means for managing TIP shall be protected and accessible only to authorised persons.

There shall be a TIP administrator responsible for the configuration management of the TIP system.

The appropriate authority shall regularly monitor the correct implementation of the TIP systems and ensure that the systems are correctly configured, including realistic and relevant projection of CTI and FTI where in use, are in compliance with the requirements and have up-to-date image libraries.

TIP shall comprise of at least:

1. (a)

   a library of CTI or FTI; and

2. (b)

   a means for presenting messages and for messages to be cleared; and

3. (c)

   a means for recording and presenting the results of the responses of individual screeners.

TIP shall present a message to the screener in each of the following circumstances:

1. (a)

   where the screener responded and a CTI or FTI was projected;

2. (b)

   where the screener did not respond and a CTI or FTI was projected;

3. (c)

   where the screener responded and no CTI or FTI was projected;

4. (d)

   where an attempt to project a CTI or FTI failed and was visible to the screener.

The message shall be presented so that it does not obscure the image of the bag or consignment to which it refers.

The message shall remain until it has been cleared by the screener. In the case of points (a) and (b) the message shall be presented together with the CTI or FTI.

Access to equipment with TIP installed and deployed shall require that the screener uses a unique identifier.

TIP shall be able to store the results of the responses of individual screeners for a minimum of 12 months and in a format to allow the provision of reports.

The composition of TIP shall also be subject to the additional detailed requirements laid down in Commission Implementing Decision C(2015) 8005.

LEDS equipment shall be able to detect and to indicate by means of an alarm specified and higher individual quantities of threat materials in LAGs.

The equipment shall be used in a manner that ensures that the container is positioned and orientated so as to ensure that the detection capabilities are utilised in full.

The equipment shall give an alarm in each of the following circumstances:

1. (a)

   when it detects threat material;

2. (b)

   when it detects the presence of an item that prevents threat material from being detected;

3. (c)

   when it cannot assess whether the LAG is benign or not;

4. (d)

   when the contents of the screened bag are too dense to be analysed.

There shall be three standards for LEDS equipment. Detailed requirements on these standards are laid down in Commission Implementing Decision C(2015) 8005.

All LEDS equipment shall meet standard 2.

An explosive detection dog (EDD) shall be able to detect and indicate specified and higher individual quantities of explosive material.

The detection shall be independent of the shape, position or orientation of the explosive materials.

An EDD shall give an alarm, in the form of a passive response, when it detects explosive materials set in Attachment 12-D of Commission Implementing Decision C(2015) 8005.

An EDD and its handler can be used for screening if they both have been approved independently and in combination as a team.

An EDD and its handler shall be subject to initial and recurrent training to ensure that required competencies are learned and maintained and, where appropriate, new competencies are learned.

In order to be approved, an EDD team, consisting of an EDD and handler(s), shall have successfully passed a training course.

An EDD team shall be approved by or on behalf of the appropriate authority in accordance with the Attachment 12-E and 12-F of Commission Implementing Decision C(2015) 8005.

After approval by the appropriate authority, an EDD team may be used for security screening by use of free running or remote explosive scent tracing method.

The performance requirements for an EDD are laid down in Attachment 12-D of Commission Implementing Decision C(2015) 8005.

An EDD team used for the screening of persons, cabin baggage, items carried by persons other than passengers, vehicles, aircraft, in-flight supplies and airport supplies, and security restricted areas of an airport shall meet detection standard 1.

An EDD team used for the screening of hold baggage, air carrier mail, air carrier materials, cargo and mail shall meet detection standard 2.

An EDD team approved to detect explosive materials using the remote explosive scent tracing method may only be used in screening of cargo, but no other areas included in standard 2.

An EDD used for the detection of explosive materials shall be fitted with appropriate means to allow for the unique identification of the EDD.

When performing explosive detection duties, an EDD shall always be accompanied by the handler who is approved to work with the EDD.

An EDD approved for free running method shall only have one handler. One handler may be approved for leading a maximum of two EDDs.

An EDD approved for remote explosive scent tracing method shall be led by a maximum of two handlers per EDD.

The approval procedure shall ensure that all of the following competencies are measured:

1. (a)

   ability of the EDD to meet the detection performance laid down in the Attachment 12-D of Commission Implementing Decision C(2015) 8005;

2. (b)

   ability of the EDD to give a passive indication on the presence of explosive materials;

3. (c)

   ability of the EDD and its handler(s) to work effectively as a team;

4. (d)

   ability of the handler to correctly lead the EDD, interpret and respond appropriately to the EDD's reaction to the presence of an explosive material.

The approval procedure shall simulate each of the work areas in which the EDD team shall work.

The EDD team shall have successfully completed training in each area for which the approval is sought.

The approval procedures shall be carried out in accordance with the Attachments 12-E and 12-F of Commission Implementing Decision C(2015) 8005.

The validity of each approval period shall not be longer than 12 months.

The EDD team shall be subject to quality control measures set out in the Attachment 12-G of Commission Implementing Decision C(2015) 8005.

All security scanners shall meet standard 1.

Standard 1 shall expire on 1 January 2022.

Standard 2 shall apply to security scanners installed as of 1 January 2019.

Standard 2.1 shall apply to security scanners installed from 1 January 2021.

Shoe metal detection (SMD) equipment shall be able to detect and to indicate by means of an alarm at least specified metallic items, both individually and in combination.

Shoe explosive detection (SED) equipment shall be able to detect and indicate by means of an alarm at least specified explosives items.

The detection by SMD and SED shall be independent of the position and orientation of the metallic or explosive items.

SMD and SED shall be placed on a solid base.

SMD and SED shall have a visual indicator to show that the equipment is in operation.

The means for adjusting the detection settings of SMD and SED shall be protected and accessible only to authorised persons.

SMD shall give at least a visual alarm and an audible alarm when it detects metallic items as refers to in point 12.12.1.1. Both types of alarm shall be noticeable at a range of 1 m.

SED shall give at least a visual alarm and an audible alarm when it detects explosive items as refers to in point 12.12.1.2. Both types of alarm shall be noticeable at a range of 1 m.

There shall be two standards for SMD. Detailed requirements on these standards are laid down in Commission Implementing Decision C(2015) 8005.

All SMD exclusively used for screening persons other than passengers shall meet at least standard 1.

All SMD used for screening of passengers shall meet standard 2.

All SMD shall be able to resolve alarms generated on a WTMD, in the area between the surface supporting the shoe and at least 35 cm above.

Detailed requirements on this standard are laid down in Commission Implementing Decision C(2015) 8005.

Auto clear software (ACS) shall be able to assess all radioscopic images produced by x-ray or EDS equipment to ascertain if they may contain threat items and should be able to directly clear simple images without threat items.

ACS shall display to a screener those images that contain possible threat items or are too complex for the software to analyse.

ACS shall not impair the performance and normal functioning of x-ray and EDS equipment.

When ACS is running, a visual indication shall be given to the screener.

When used on EDS equipment ACS shall not prevent an alarm indication.

ACS shall not clear CTI and the radioscopic images produced by x-ray or EDS equipment containing FTI projected by TIP.

The means for managing the ACS shall be protected and accessible only to authorised persons.

Detailed provisions for performance requirements for ACS are laid down in Commission Implementing Decision C(2015) 8005.

All EVD equipment used for the screening of hold baggage or cargo shall meet at least standard 1.

All EVD equipment used for the screening of persons or cabin baggage shall meet at least standard 3.

Detailed requirements on these standards are laid down in Commission Implementing Decision C(2015) 8005.