52013DC0792

REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL

Second report assessing the implementation of the Directive on enhancing port security

(Text with EEA relevance)

1.           Introduction

The main objective of Directive 2005/65/EC[1] on enhancing port security (‘the Directive’) was to complement the measures adopted in 2004 by means of Regulation (EC) No 725/2004[2] on enhancing ship and port facility security (‘the Regulation’).

The scope of application of that Regulation was limited to cover security measures on board vessels and the immediate interface between vessels and ports. It is to these obligations, which essentially fall under the ISPS (International Ship and Port facility Security) Code which Member States have committed as a priority, before agreeing to implement further obligations as part of the adoption of the Directive. The Directive complements the mechanism provided for by establishing a security system for all of the port area, in order to ensure a high and equal level of security for all European ports[3].

Over 1 200 commercial maritime ports are operated along the 70 000 km of coastline in the European Union, one of the regions in the world with the largest number of ports. Around one thousand of these ports (see point 6.1) fall within the scope of the Directive, i.e all ports housing one or more port facilities which are the subject of a security plan approved under this Regulation.

The objective of the Directive is to improve security in areas of ports not covered by the Regulation and also to ensure that the enhancement of port security can support the security measures taken under the Regulation. Whilst responsibility for the implementation of security measures at port facility level essentially falls to the port operator, the appropriate security measures at port level are, as a priority, the responsibility of the port authority[4] and those authorities which are responsible for keeping public order and safety.

Article 19 of the Directive states that the Commission is to assess compliance with the Directive and the effectiveness of measures taken by 15 December 2008 and every five years thereafter.

The first report was adopted on 20 January 2009[5]. This second report on progress made in terms of implementing the Directive describes the measures which have been taken in order to promote the implementation of standardised port security measures across the Union, progress made during the last five-year reference period and the continued problems which have arisen during the implementation period[6].

The report is based on:

– exchanges of information between Member State authorities responsible for maritime security and other stakeholders;

– the results of port security inspections carried out by the Commission;

– ongoing dialogue between the national authorities and the various players from the maritime and port sectors.

The report draws attention to various difficulties encountered as regards achieving the desired outcomes but also in terms of the global impact of the implementation of the Directive.

2.           Conclusions of the first report

The first report stressed the fact that, although the Directive had been adopted at first reading and approved by a large majority at the European Parliament and unanimously at the Council, there have been significant delays in terms of transposing its provisions in the majority of Member States involved. This led to the opening of infringement proceedings, two of which had resulted in a judgment finding failure to fulfil obligations[7].

At the end of this assessment period, the main provisions of the Directive had finally been transposed into the national law of the vast majority of Member States. Unfortunately, there continued to be organisational and functional difficulties in terms of ensuring implementation in practical terms at port level, since local administrations did not yet have all the resources necessary in order to ensure the practical implementation of the Directive. The main difficulty related to defining the port perimeter from a security point of view.

3.           Support and monitoring measures since the previous evaluation period

The delays in preparing and adopting national transposition measures have had a knock-on effect, in that the relevant authorities at port level were not able to implement the Directive until the national measures had been finally approved.

Generally speaking, Member States correctly transposed the Directive, in other words the transposition measures were included in laws, regulations and administrative provisions. However, these provisions have yet to be implemented in practical terms at local level.

The Directive – in keeping with the principle of subsidiarity– stipulates that Member States should themselves establish each port’s boundaries, leaving ports free to decide whether they should also apply to adjacent areas. Member States should also ensure that port security assessments and plans are properly drawn up. However, in 2009, a large number of ports were still unable to meet the requirements of the Directive.

During the period 2009-13, the Commission has therefore continued its commitment to ensuring a more effective implementation of the Directive. The measures taken by the Commission took the form of initiatives to help Member States and also monitoring activities. These measures have focused on the following main areas:

– a second seminar on the implementation of the Directive;

– a study on the technical aspects of port area security (TAPS II) which was assigned to the Joint Research Centre (JRC – Ispra);

– collating and disseminating best practice at the MARSEC committee;

– setting up a system of regular reporting on the performance and implementation of action plans by Member States in order to ensure the practical implementation of the Directive;

– the performance of inspections to monitor implementation of the Directive in accordance with Regulation (EC) No 324/2008[8]

4.           Assisting the implementation of the Directive

4.1.        Seminar on 21 October 2010

A first seminar was organised in September 2006 to allow Member States and the Commission to exchange information on the methods for transposing and implementing the Directive. Nevertheless, the Member States with the greatest difficulties wanted to have additional information on the measures and practices already successfully implemented in certain ports in the European Union.

The Commission agreed, and so held a second seminar on 21 October 2010, during which various examples which had helped improve port security standards were presented.

The seminar provided a forum for presenting various approaches for defining port perimeters from a security point of view, depending on the geographical configuration of port areas and how they intertwine with residential districts and with industrial and commercial areas. Various solutions were chosen designed to establish the boundaries of the port area were established, in cases as varied as an estuary port (Bordeaux), a historic port (Valletta), a port situated in a very dense urban environment (Salerno) or even in one of the largest ports in the world (Rotterdam).

The workshop also provided an opportunity to remind participants of the fundamental objectives of the Directive and to stress all aspects relating to port security assessments, which is provides the cornerstone of the implementation of the Directive. The conclusions of the seminar were then approved by the MARSEC committee.

4.2.        Study on the technical aspects of port security (TAPS II)

In view of the difficulties experienced by some Member States, the Commission asked the Joint Research Centre (JRC) to carry out a study on the implementation of the Directive in European ports.

The study focused on methodologies to help ensure the smooth implementation of the Directive and on the technical measures to implement it. The objective of the study was to help establish common criteria for meeting the objectives of the Directive, by drawing up minimum standards, recommendations and guidelines and collating best practices. The definition of port perimeters was the subject of particular attention, given that some Member States experienced difficulties in defining the Directive’s scope and port security measures in general or were reluctant to do so. The final report proposed a methodology with two successive stages of checks, one defining port facilities and characteristics forming part of the port, and the other identifying, by means of a risk analysis, the port boundaries so as to establish the most efficient port security.

Before distributing the final report of the study to the Commission, the JRC’s Institute for the Protection and Security of the Citizen organised a meeting with all stakeholders on 9 and 10 March 2011 in Ispra (Italy), a meeting with all stakeholders, including 14 representatives from Member States and from the port industry, in order to present and discuss the study’s preliminary conclusions and recommendations, thus giving the authors of the study the opportunity to explain their findings.

On 20 September 2011, the results of the TAPS II study were distributed to the MARSEC Committee. A number of proposals, particularly those developing a systemic methodology for conducting a two-stage risk analysis in order to establish port boundaries, were presented as tools which were particularly useful and effective for the analytical work carried out prior to the practical implementation of the Directive[9].

On 24 January 2012, a working document was submitted to the members of the Committee on the chapter on determining port boundaries. The Member States generally felt that the approach presented in the study would help resolve certain difficulties in terms of determining boundaries of the port area. However, the possibility of mandatory use of such a methodology was categorically rejected even though – on a case-by-case and non-binding basis – the conclusions of the TAPS II study could be used for the next five-yearly review of port security assessments.

5.           Monitoring the implementation of the Directive

5.1.        Monitoring action plans for completion of the practical implementation of the Directive

Since 2009, the Commission has had a system for receiving regular information from Member States on the implementation of the Directive. A sustained dialogue has been opened with the authorities of the Member States in order to obtain regular and reliable information on the extent to which assessments have been carried out and port security plans adopted.

Those Member States with the greatest delays in terms of meeting their obligations were asked to submit national action plans with precise time-frames for conducting assessments and drawing up plans. Regular progress reports have also been requested in order to verify that commitments will indeed be complied with.

The situation has quickly improved for Member States with less than 30 ports. For this group of Member States, almost all assessments have been carried out and 96 % of port security plans have been established and approved.

However, change has been much slower in the case of Member States with more than 30 ports. 92 % of assessments have currently been carried out and just over two-thirds (70 %) of port security plans have been established and approved. The main countries concerned are the United Kingdom, Spain, Greece and Germany. The lack of willingness on the part of these Member States to show their commitment to prioritising the implementation of the Directive has prompted the Commission to open infringement proceedings (see point 5.3.).

5.2.        Inspections carried out by the Commission in order to monitor the implementation of the Directive

The procedures for monitoring the implementation of the Directive were carried out during inspections by the Commission in accordance with Regulation (EC) No 324/2008.

Since 2009, the working programme for carrying out maritime security inspections has systematically included a section for verifying that the procedures for monitoring the implementation of the Directive have been correctly applied.

However, until 2012, inspections have unfortunately been hindered by delays in practical implementation in real terms, local administrations having not received the instructions and resources necessary in order to carry out port security assessments.

The inspections carried out since 2012, both by national administrations and in the form of direct inspections of a sample of ports, have shown that although the general framework of the implementation of the Directive has now been correctly applied, there is a large discrepancy between the objective of improving port security and the still imperfect results which have actually been reported. Amongst other things, inspectors regularly report that assessments have not been conducted in keeping with the appropriate procedures, plans are not consistent with the results of the assessment, port security officers have not always been appointed, a system for regular monitoring of port security plans is not properly in place and provisions relating to training or drills are not always implemented.

5.3.        Infringement procedures

Although the Commission has maintained constant dialogue with all Member States in order to ensure the consistent and coherent implementation of the Directive, it has had to initiate five infringement proceedings over the period 2009-2013.

Three of these cases relate to incomplete implementation of the Directive due to delays in performing assessments and adopting port security plans. The proceedings in question relate to Greece, Spain and the United Kingdom. The countries involved are now committed to new action plans with a view to ensuring that assessments and plans are implemented in full by the first quarter of 2014.

Two other proceedings relate to the incorrect implementation of the Directive as revealed during inspections:

– the first relates to the port of Malmö (Sweden), where inspectors found that the eleven port facilities constituting the port had been identified as separate ports in order to avoid having to implement the main provisions of the Directive. This case was closed following a review of the port security assessment which resulted in the establishment of a single port in Malmö (Malmö Hamn), comprising the eleven port facilities[10].

– The second concerns the ports of the Land of Mecklenburg-Western Pomerania (Germany), where inspections revealed that assessments and port security plans had not yet been drawn up and implemented. Following the sending of a reasoned opinion, the German authorities have agreed to carry out further security assessments in ports with several port facilities, in order to prepare port security plans which meet the requirements of the Directive.

6.           Specific points resulting from the assessments

6.1.        Critical size of the ports subject to the requirements of the practical implementation of the Directive

During discussions with stakeholders, the view is often expressed that the Directive is generally well designed for large ports with high commercial activity but that implementation is harder for small ports.

It should be noted that the Directive applies to all ports situated in Member States housing one or more port facilities covered by a port facility security plan approved under Regulation (EC) No 725/2004 (Article 2(2)) and also that Member States are required to ensure that port security measures are closely coordinated with measures taken in application of the Regulation (Articles 4 and 7). The Directive stipulates that the Member States should themselves establish each port’s boundaries and allows them discretion in terms of deciding whether to apply the Directive to adjacent areas.

Consequently, in order to ensure the balanced implementation of useful measures in accordance with the principle of proportionality, the co-legislators have taken the precaution provided for in Article 2(4) that if the boundaries of a port facility within the meaning of Regulation (EC) No 725/2004 have been defined as effectively covering the entire port, the relevant provisions of the Regulation shall take precedence over the provisions of the Directive.

This provision has been widely used by Member States in ports with only one port facility under the Regulation. On the basis of the port security assessment, the port boundaries have very often (but not always) been defined as being the same as that of the port facility. Therefore, of the 1 052 ports[11] housing one or several port facilities covered by a ship security plan approved under the Regulation, 586 ports have been considered as falling under the provisions of Article 2(4) of the Directive, i.e. 55 % of ports in the European Union. This has particularly been the case in Member States with small ports scattered along coastlines or on islands[12].

6.2.        Awareness of the threat and awareness-raising amongst players

The work carried out during assessments makes it possible to identify the assets and infrastructure which need to be protected against the threats and risks of intentional illegal action facing port activities. The next phase involves designing and implementing appropriate measures which can be used to counteract threats, at each of the three risk levels identified (normal, increased, high), by means of specific procedures and by using technical equipment tailored to the needs of ports and which make it possible to provide the right response to the potential vulnerability of infrastructure.

The Directive has made it possible to set up port security committees responsible for providing practical advice (9th recital). In Member States with this type of structure, this generally consists of local representatives from the bodies responsible for security (police, coastguards, maritime affairs, customs, etc.). This provides an appropriate forum for the essential exchange of information and a forum for the dissemination of knowledge of the threat, thus promoting awareness amongst all stakeholders.

Increasing awareness of the protection of ports forms part of general security policy, of which all staff employed at the port (i.e. staff of port undertakings but also those employed by external companies involved in port activities) and also the various users of the port need to be aware. Awareness-raising activities provide key tools for ensuring effective dissemination and appropriate ways of raising awareness as regards security measures. It is important that security measures are seen as a means to encouraging a port’s economic activities and how to develop these activities.

By taking better account of requirements as regards staff training and port security drills[13], as has been regularly mentioned in inspection reports, the general level of knowledge required for the protection of ports could be improved.

6.3.        Inspection and supervision of port security plans

In accordance with Article 13 of the Directive, Member States shall conduct inspections in a way that enables them to monitor, in an appropriate and regular manner, port security plans and the implementation of those plans. This is a crucial issue which is still not performed adequately in all Member States, due to the delays in transposition, but also due to the discrepancy between the objectives established and the resources needed to conduct such checks.

Each Member State has developed its own monitoring system depending on its own internal organisation and the resources available. This monitoring role has been devolved to either central or local government, or even to multi-purpose teams combining several administrative bodies (transport, police, customs, harbour-master offices, etc.). The audits were designed to verify that the plans complied with the rules, that the reality of security measures matched the requirements of the plan and that they had been correctly implemented.

These tasks are carried out in keeping with a work programme which is approved on a regular basis. If a shortcoming is identified, a proposal is made in order to rectify the problem. On the basis of the report submitted to the competent administration, a new or updated port security assessment may be required. One important subject of concern for the inspectors is to verify the existence of coordination between the measures taken at port facility level and those envisaged at port level. The monitoring of corrective measures is done through random audits.

The reports, both of national auditors and also of those of Commission inspectors, serve as a basis for the national authorities to provide advice and assistance to the competent authorities at the ports, with a view to rectifying the shortcomings identified. This practice should be encouraged and extended. However, some Member States have not yet put in place the structures needed in order to provide this verification of compliance on a regular and appropriate basis[14]. It is important for the human or financial resources needed for these monitoring tasks to be put in place as soon as possible. Further attention will be paid in the future as regards this point; the current systems for monitoring port security plans still need improvement.

7.           CONCLUSION

The assessment of the implementation of Directive 2005/65/EC has shown that the measures needed to implement all provisions of the Directive in full still need to be improved in most Member States.

However, experience acquired during the monitoring of the implementation of the Directive has shown that significant progress has been made. There is no doubt that the level of security has increased in European ports. The combination of the implementation of the Regulation and the application of the Directive has made possible a credible framework for preventing security breaches in ports and to obtain adequate protection for maritime and port activities. Although it is difficult to assess the impact of these measures in terms of providing a deterrent for terrorist acts, port authorities agree that there has been a major impact in terms of smuggling, theft and malicious acts, which have been greatly reduced. Furthermore, the introduction of security measures have often led to a review of the organisation of ports, such as–for example–the movement and storage of goods, the control of access to different areas of the port or a definition of restricted areas. These measures have proved to be very important for making port activities more efficient, in a highly competitive environment.

As recalled by the Commission in its Communication dated 23 May 2013 (‘Ports: an engine for growth’)[15], the European Union is extremely dependent on maritime ports for trade with the rest of the world and also within its own internal market. The security of ports and their approaches is therefore essential to ensuring the overall security of maritime transport. Conditions of port security require a high level of vigilance on the part of Member States and the preparation of all those involved in order to ensure high and comparable security for all European ports. All players involved must therefore continue to work towards the constant improvement of prevention, protection and response in order to combat the new threats. To this end, port facility security systems and those of the port must complement each other fully. Ensuring effective relationships between the port, its port facilities and the ships which serve them, continues to be a major challenge for operators and administrations.

In the coming months, Member States will have to re-examine port security assessment and plans in accordance with the provisions of Article 10 of the Directive, which lays down that this review should take place at least once every five years. The Commission therefore considers that the methodology developed in the TAPS II study could be useful where necessary, in order to redefine the perimeter of ports, including the necessity to take due account of the water side boundaries.

Moreover, the Commission’s multi-annual inspections work programme will enter a phase of more detailed examination. For example, the implementation and application of procedures under the port security plans to be applied to passengers and vehicles to be loaded on RO-RO vessels (which are, by nature, particularly vulnerable) will be the subject of further examination. Similarly, in the case of international maritime transport services, checks will be carried out on both sides of this route to verify that the Member States concerned are cooperating in port security assessments.

Finally, the Commission will continue to work with Member States to improve the implementation of the Directive, with the common objective of better safeguarding EU ports for the benefit of all port users, transport users, the maritime transport economy and society as a whole. It will continue to monitor the correct application of this Directive and continue to take legal action where it considers necessary.

[1]               Directive 2005/65/EC of the European Parliament and of the Council of 26 October 2005 on enhancing port security – OJ L 310, 25.11.2005, p. 2

[2]               Regulation (EC) No 725/2004 of the European Parliament and of the Council of 31 March 2004 on enhancing ship and port facility security - OJ L 129, 29.4.2004, p. 6

[3]               Since the Directive only relates to seaports, the obligations do not apply to Austria, the Czech Republic, Hungary, Luxembourg and Slovakia. Furthermore, the EFTA Surveillance Authority ensures that Iceland and Norway comply with their obligations under the agreement on the European Economic Area.

[4]               The port security authority is appointed by the Member State in accordance with Article 5 of the Directive.

[5]               COM(2009)2 final

[6]               The implementation of the Directive has not yet been the subject of an assessment.

[7]               Case C-464/08 Commission v Estonia, 3 September 2009 and Case C-527/08 Commission v United Kingdom, 3 September 2009.

[8]               Commission Regulation (EC) No 324/2008 of 9 April 2008 laying down revised procedures for conducting Commission inspections in the field of maritime security, OJ L 98, 10.4.2008, p.5.

[9]               During inspections, the pedagogical benefit and lines of thinking proposed by the TAPS II study were –repeatedly–discussed.

[10]             A follow-up inspection verified and confirmed compliance with the Directive in Malmö.

[11]             The difference between this and the figure quoted in the 2009 report (754 ports) can be explained by the fact that some Member States had initially not included ports coming under Article 2(4) in their list of ports affected by the Directive. This was corrected at the Commission’s request (figures as of 16.9.2013).

[12]             These ports with a single port facility represent a significant proportion of ports in Finland (65/78, or 83 %), Sweden (131/162, or 81 %), Greece (82/119, or 69 %), the United Kingdom (119/175, or 68 %) and Denmark (51/82, or 62 %).

[13]             On 4 May 2012, following the production of a practical handbook on port security drills and exercises, an exercise was conducted in the port of Antwerp (Belgium). The drill was observed by observers from Member States and the Commission.

[14]             In the context of the exchange of information, Member States have been asked to provide records of their programmes. Some have sent precise figures on the recruitment of auditors and their records relating to the performance of port audits, while others have not been able to send as accurate information.

[15]             COM(2013)295 final