EUR-Lex Access to European Union law

Back to EUR-Lex homepage

This document is an excerpt from the EUR-Lex website

Document 02005L0065-20190726

Consolidated text: Directive 2005/65/EC of the European Parliament and of the Council of 26 October 2005 on enhancing port security (Text with EEA relevance)Text with EEA relevance


02005L0065 — EN — 26.07.2019 — 002.001

This text is meant purely as a documentation tool and has no legal effect. The Union's institutions do not assume any liability for its contents. The authentic versions of the relevant acts, including their preambles, are those published in the Official Journal of the European Union and available in EUR-Lex. Those official texts are directly accessible through the links embedded in this document



of 26 October 2005

on enhancing port security

(Text with EEA relevance)

(OJ L 310 25.11.2005, p. 28)

Amended by:



Official Journal






  L 87





  L 198





of 26 October 2005

on enhancing port security

(Text with EEA relevance)

Article 1

Subject matter

1.  The main objective of this Directive is to introduce Community measures to enhance port security in the face of threats of security incidents. This Directive shall also ensure that security measures taken pursuant to Regulation (EC) No 725/2004 benefit from enhanced port security.

2.  The measures referred to in paragraph 1 shall consist of:

(a) common basic rules on port security measures;

(b) an implementation mechanism for these rules;

(c) appropriate compliance monitoring mechanisms.

Article 2


1.  This Directive lays down security measures which shall be observed in ports. Member States may apply the provisions of this Directive to port-related areas.

2.  The measures laid down in this Directive shall apply to every port located in the territory of a Member State in which one or more port facilities covered by an approved port facility security plan pursuant to Regulation (EC) No 725/2004 is or are situated. This Directive shall not apply to military installations in ports.

3.  Member States shall define for each port the boundaries of the port for the purposes of this Directive, appropriately taking into account information resulting from the port security assessment.

4.  Where the boundaries of a port facility within the meaning of Regulation (EC) No 725/2004 have been defined by a Member State as effectively covering the port, the relevant provisions of Regulation (EC) No 725/2004 shall take precedence over those of this Directive.

Article 3


For the purpose of this Directive:

1. ‘port’ means any specified area of land and water, with boundaries defined by the Member State in which the port is situated, containing works and equipment designed to facilitate commercial maritime transport operations;

2. ‘ship/port interface’ means the interactions that occur when a ship is directly and immediately affected by actions involving the movement of persons or goods or the provision of port services to or from the ship;

3. ‘port facility’ means a location where the ship/port interface takes place; this includes areas such as anchorages, waiting berths and approaches from seaward, as appropriate;

4. ‘focal point for port security’ means the body designated by each Member State to serve as contact point for the Commission and other Member States and to facilitate, follow up and provide information on the application of the port security measures laid down in this Directive;

5. ‘port security authority’ means the authority responsible for security matters in a given port.

Article 4

Coordination with measures taken in application of Regulation (EC) No 725/2004

Member States shall ensure that port security measures introduced by this Directive are closely coordinated with measures taken pursuant to Regulation (EC) No 725/2004.

Article 5

Port security authority

1.  Member States shall designate a port security authority for each port covered by this Directive. A port security authority may be designated for more than one port.

2.  The port security authority shall be responsible for the preparation and implementation of port security plans based on the findings of port security assessments.

3.  Member States may designate a ‘competent authority for maritime security’ provided for under Regulation (EC) No 725/2004 as port security authority.

Article 6

Port security assessment

1.  Member States shall ensure that port security assessments are carried out for the ports covered by this Directive. These assessments shall take due account of the specificities of different sections of a port and, where deemed applicable by the relevant authority of the Member State, of its adjacent areas if these have an impact on security in the port and shall take into account the assessments for port facilities within their boundaries as carried out pursuant to Regulation (EC) No 725/2004.

2.  Each port security assessment shall be carried out taking into account as a minimum the detailed requirements laid down in Annex I.

3.  Port security assessments may be carried out by a recognised security organisation as referred to in Article 11.

4.  Port security assessments shall be approved by the Member State concerned.

Article 7

Port security plan

1.  Subject to the findings of port security assessments, Member States shall ensure that port security plans are developed, maintained and updated. Port security plans shall adequately address the specificities of different sections of a port and shall integrate the security plans for port facilities within their boundaries established pursuant to Regulation (EC) No 725/2004.

2.  Port security plans shall identify, for each of the different security levels referred to in Article 8:

(a) the procedures to be followed;

(b) the measures to be put in place;

(c) the actions to be undertaken.

3.  Each port security plan shall take into account as a minimum the detailed requirements specified in Annex II. Where, and to the extent appropriate, the port security plan shall in particular include security measures to be applied to passengers and vehicles set for embarkation on seagoing vessels which carry passengers and vehicles. In the case of international maritime transport services, the Member States concerned shall cooperate in the security assessment.

4.  Port security plans may be developed by a recognised security organisation as referred to in Article 11.

5.  Port security plans shall be approved by the Member State concerned before implementation.

6.  Member States shall ensure that the implementation of port security plans is monitored. The monitoring shall be coordinated with other control activities carried out in the port.

7.  Member States shall ensure that adequate exercises are performed, taking into account the basic security training exercise requirements listed in Annex III.

Article 8

Security levels

1.  Member States shall introduce a system of security levels for ports or parts of ports.

2.  There shall be three security levels, as defined in Regulation (EC) No 725/2004:

 ‘Security level 1’ means the level for which minimum appropriate protective security measures shall be maintained at all times;

 ‘Security level 2’ means the level for which appropriate additional protective security measures shall be maintained for a period of time as a result of a heightened risk of a security incident;

 ‘Security level 3’ means the level for which further specific protective security measures shall be maintained for a limited period of time when a security incident is probable or imminent, although it may not be possible to identify the specific target.

3.  Member States shall determine the security levels in use for each port or part of a port. At each security level, a Member State may determine that different security measures are to be implemented in different parts of the port depending on the findings of the port security assessment.

4.  Member States shall communicate to the appropriate person or persons the security level in force for each port or part of a port as well as any changes thereto.

Article 9

Port security officer

1.  A port security officer shall be approved by the Member State concerned for each port. Each port shall, where practicable, have a different port security officer, but may, if appropriate, share a security officer.

2.  Port security officers shall fulfil the role of point of contact for port security related issues.

3.  Where the port security officer is not the same as the port facility(ies) security officer(s) under Regulation (EC) No 725/2004, close cooperation between them shall be ensured.

Article 10


1.  Member States shall ensure that port security assessments and port security plans are reviewed as appropriate. They shall be reviewed at least once every five years.

2.  The scope of the review shall be that of Articles 6 or 7, as appropriate.

Article 11

Recognised security organisation

Member States may appoint recognised security organisations for the purposes specified in this Directive. Recognised security organisations shall fulfil the conditions set out in Annex IV.

Article 12

Focal point for port security

Member States shall appoint for port security aspects a focal point. Member States may designate for port security aspects the focal point appointed under Regulation (EC) No 725/2004. The focal point for port security shall communicate to the Commission the list of ports concerned by this Directive and shall inform it of any changes to that list.

Article 13

Implementation and conformity checking

1.  Member States shall set up a system ensuring adequate and regular supervision of the port security plans and their implementation.

2.  The Commission shall, in cooperation with the focal points referred to in Article 12, monitor the implementation of this Directive by Member States.

3.  This monitoring shall be conducted jointly with the inspections provided for in Article 9(4) of Regulation (EC) No 725/2004.


Article 14

Amendments to Annexes I to IV

The Commission is empowered to adopt delegated acts in accordance with Article 14a amending Annexes I to IV in order to adapt them to the experience gained in their implementation without broadening the scope of this Directive.

Where, in the case of amendments required to adapt Annexes I to IV, imperative grounds of urgency so require, the procedure provided for in Article 14b shall apply to delegated acts adopted pursuant to this Article.


Article 14a

Exercise of the delegation

1.  The power to adopt delegated acts is conferred on the Commission subject to the conditions laid down in this Article.

2.  The power to adopt delegated acts referred to in Article 14 shall be conferred on the Commission for a period of five years from 26 July 2019. The Commission shall draw up a report in respect of the delegation of power not later than nine months before the end of the five-year period. The delegation of power shall be tacitly extended for periods of an identical duration, unless the European Parliament or the Council opposes such extension not later than three months before the end of each period.

3.  The delegation of power referred to in Article 14 may be revoked at any time by the European Parliament or by the Council. A decision to revoke shall put an end to the delegation of the power specified in that decision. It shall take effect the day following the publication of the decision in the Official Journal of the European Union or at a later date specified therein. It shall not affect the validity of any delegated acts already in force.

4.  Before adopting a delegated act, the Commission shall consult experts designated by each Member State in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making ( 1 ).

5.  As soon as it adopts a delegated act, the Commission shall notify it simultaneously to the European Parliament and to the Council.

6.  A delegated act adopted pursuant to Article 14 shall enter into force only if no objection has been expressed either by the European Parliament or by the Council within a period of two months of notification of that act to the European Parliament and the Council or if, before the expiry of that period, the European Parliament and the Council have both informed the Commission that they will not object. That period shall be extended by two months at the initiative of the European Parliament or of the Council.

Article 14b

Urgency procedure

1.  Delegated acts adopted under this Article shall enter into force without delay and shall apply as long as no objection is expressed in accordance with paragraph 2. The notification of a delegated act to the European Parliament and to the Council shall state the reasons for the use of the urgency procedure.

2.  Either the European Parliament or the Council may object to a delegated act in accordance with the procedure referred to in Article 14a(6). In such a case, the Commission shall repeal the act immediately following the notification of the decision to object by the European Parliament or by the Council.

▼M2 —————


Article 16

Confidentiality and dissemination of information

1.  In applying this Directive, the Commission shall take, in accordance with Decision 2001/844/EC, ECSC, Euratom ( 2 ), appropriate measures to protect information subject to the requirement of confidentiality to which it has access or which is communicated to it by Member States.

Member States shall take equivalent measures in accordance with relevant national legislation.

2.  Any personnel carrying out security inspections, or handling confidential information related to this Directive, shall have an appropriate level of security vetting by the Member State of which the person concerned is a national.

Article 17


Member States shall ensure that effective, proportionate and dissuasive penalties are introduced for infringements of the national provisions adopted pursuant to this Directive.

Article 18


1.  Member States shall bring into force the laws, regulations and administrative provisions necessary to comply with this Directive by 15 June 2007. They shall forthwith inform the Commission thereof.

When Member States adopt these measures, they shall contain a reference to this Directive or shall be accompanied by such reference on the occasion of their official publication. The methods of making such reference shall be laid down by Member States.

2.  Member States shall communicate to the Commission the text of the main provisions of national law which they adopt in the field covered by this Directive.

Article 19

Evaluation report

By 15 December 2008 and every five years thereafter, the Commission shall submit an evaluation report to the European Parliament and the Council based, among other things, on the information obtained pursuant to Article 13. In the report, the Commission shall analyse compliance with this Directive by Member States and the effectiveness of the measures taken. If necessary, it shall present proposals for additional measures.

Article 20

Entry into force

This Directive shall enter into force on the 20th day following its publication in the Official Journal of the European Union.

Article 21


This Directive is addressed to the Member States which have ports as referred to in Article 2(2).



The port security assessment is the basis for the port security plan and its implementation. The port security assessment will cover at least:

 identification and evaluation of important assets and infrastructure which it is important to protect;

 identification of possible threats to the assets and infrastructure and the likelihood of their occurrence, in order to establish and prioritise security measures;

 identification, selection and prioritisation of counter-measures and procedural changes and their level of effectiveness in reducing vulnerability; and

 identification of weaknesses, including human factors in the infrastructure, policies and procedures.

For this purpose the assessment will at least:

 identify all areas which are relevant to port security, thus also defining the port boundaries. This includes port facilities which are already covered by Regulation (EC) No 725/2004 and whose risk assessment will serve as a basis;

 identify security issues deriving from the interface between port facility and other port security measures;

 identify which port personnel will be subject to background checks and/or security vetting because of their involvement in high-risk areas;

 subdivide, if useful, the port according to the likelihood of security incidents. Areas will be judged not only upon their direct profile as a potential target, but also upon their potential role of passage when neighbouring areas are targeted;

 identify risk variations, e.g. those based on seasonality;

 identify the specific characteristics of each sub-area, such as location, accesses, power supply, communication system, ownership and users and other elements considered security-relevant;

 identify potential threat scenarios for the port. The entire port or specific parts of its infrastructure, cargo, baggage, people or transport equipment within the port can be a direct target of an identified threat;

 identify the specific consequences of a threat scenario. Consequences can impact on one or more sub-areas. Both direct and indirect consequences will be identified. Special attention will be given to the risk of human casualties;

 identify the possibility of cluster effects of security incidents;

 identify the vulnerabilities of each sub-area;

 identify all organisational aspects relevant to overall port security, including the division of all security-related authorities, existing rules and procedures;

 identify vulnerabilities of the overarching port security related to organisational, legislative and procedural aspects;

 identify measures, procedures and actions aimed at reducing critical vulnerabilities. Specific attention will be paid to the need for, and the means of, access control or restrictions to the entire port or to specific parts of a port, including identification of passengers, port employees or other workers, visitors and ship crews, area or activity monitoring requirements, cargo and luggage control. Measures, procedures and actions will be consistent with the perceived risk, which may vary between port areas;

 identify how measures, procedures and actions will be reinforced in the event of an increase of security level;

 identify specific requirements for dealing with established security concerns, such as ‘suspect’ cargo, luggage, bunker, provisions or persons, unknown parcels, known dangers (e.g. bomb). These requirements will analyse desirability conditions for either clearing the risk where it is encountered or after moving it to a secure area;

 identify measures, procedures and actions aimed at limiting and mitigating consequences;

 identify task divisions allowing for the appropriate and correct implementation of the measures, procedures and actions identified;

 pay specific attention, where appropriate, to the relationship with other security plans (e.g. port facility security plans) and other existing security measures. Attention will also be paid to the relationship with other response plans (e.g. oil spill response plan, port contingency plan, medical intervention plan, nuclear disaster plan, etc.);

 identify communication requirements for implementation of the measures and procedures;

 pay specific attention to measures to protect security-sensitive information from disclosure;

 identify the need-to-know requirements of all those directly involved as well as, where appropriate, the general public.



The port security plan sets out the port's security arrangements. It will be based on the findings of the port security assessment. It will clearly set out detailed measures. It will contain a control mechanism allowing, where necessary, for appropriate corrective measures to be taken.

The port security plan will be based on the following general aspects:

 defining all areas relevant to port security. Depending on the port security assessment, measures, procedures and actions may vary from sub-area to sub-area. Indeed, some sub-areas may require stronger preventive measures than others. Special attention will be paid to the interfaces between sub-areas, as identified in the port security assessment;

 ensuring coordination between security measures for areas with different security characteristics;

 providing, where necessary, for varying measures both with regard to different parts of the port, changing security levels, and specific intelligence;

 identifying an organisational structure supporting the enhancement of port security.

Based on those general aspects, the port security plan will attribute tasks and specify work plans in the following fields:

 access requirements. For some areas, requirements will only enter into force when security levels exceed minimal thresholds. All requirements and thresholds will be comprehensively included in the port security plan;

 ID, luggage and cargo control requirements. Requirements may or may not apply to sub-areas; requirements may or may not apply in full to different sub-areas. Persons entering or within a sub-area may be liable to control. The port security plan will appropriately respond to the findings of the port security assessment, which is the tool by which the security requirements of each sub-area and at each security level will be identified. When dedicated identification cards are developed for port security purposes, clear procedures will be established for the issue, the use-control and the return of such documents. Such procedures will take into account the specificities of certain groups of port users allowing for dedicated measures in order to limit the negative impact of access control requirements. Categories will at least include seafarers, authority officials, people regularly working in or visiting the port, residents living in the port and people occasionally working in or visiting the port;

 liaison with cargo control, baggage and passenger control authorities. Where necessary, the plan is to provide for the linking up of the information and clearance systems of these authorities, including possible pre-arrival clearance systems;

 procedures and measures for dealing with suspect cargo, luggage, bunker, provisions or persons, including identification of a secure area; as well as for other security concerns and breaches of port security;

 monitoring requirements for sub-areas or activities within sub-areas. Both the need for technical solutions and the solutions themselves will be derived from the port security assessment;

 signposting. Areas with access and/or control requirements will be properly signposted. Control and access requirements will appropriately take into account all relevant existing law and practices. Monitoring of activities will be appropriately indicated if national legislation so requires;

 communication and security clearance. All relevant security information will be properly communicated according to security clearance standards included in the plan. In view of the sensitivity of some information, communication will be based on a need-to-know basis, but it will include where necessary procedures for communications addressed to the general public. Security clearance standards will form part of the plan and are aimed at protecting security sensitive information against unauthorised disclosure;

 reporting of security incidents. With a view to ensuring a rapid response, the port security plan will set out clear reporting requirements to the port security officer of all security incidents and/or to the port security authority;

 integration with other preventive plans or activities. The plan will specifically deal with integration with other preventive and control activities in force in the port;

 integration with other response plans and/or inclusion of specific response measures, procedures and actions. The plan will detail interaction and coordination with other response and emergency plans. Where necessary conflicts and shortcomings will be resolved;

 training and exercise requirements;

 operational port security organisation and working procedures. The port security plan will detail the port security organisation, its task division and working procedures. It will also detail the coordination with port facility and ship security officers, where appropriate. It will delineate the tasks of the port security committee, if this exists;

 procedures for adapting and updating the port security plan.



Various types of training exercises which may involve participation of port facility security officers, in conjunction with the relevant authorities of Member States, company security officers, or ship security officers, if available, will be carried out at least once each calendar year with no more than 18 months elapsing between the training exercises. Requests for the participation of company security officers or ships security officers in joint training exercises will be made bearing in mind the security and work implications for the ship. These training exercises will test communication, coordination, resource availability and response. These training exercises may be:

(1) full scale or live;

(2) tabletop simulation or seminar; or

(3) combined with other exercises held such as emergency response or other port State authority exercises.



A recognised security organisation will be able to demonstrate:

(1) expertise in relevant aspects of port security;

(2) an appropriate knowledge of port operations, including knowledge of port design and construction;

(3) an appropriate knowledge of other security relevant operations potentially affecting port security;

(4) the capability to assess the likely port security risks;

(5) the ability to maintain and improve the port security expertise of its personnel;

(6) the ability to monitor the continuing trustworthiness of its personnel;

(7) the ability to maintain appropriate measures to avoid unauthorised disclosure of, or access to, security-sensitive material;

(8) knowledge of relevant national and international legislation and security requirements;

(9) knowledge of current security threats and patterns;

(10) the ability to recognise and detect weapons, dangerous substances and devices;

(11) the ability to recognise, on a non-discriminatory basis, characteristics and behavioural patterns of persons who are likely to threaten port security;

(12) knowledge of techniques used to circumvent security measures;

(13) knowledge of security and surveillance equipment and systems and their operational limitations.

A recognised security organisation which has made a port security assessment or review of such an assessment for a port is not allowed to establish or review the port security plan for the same port.

( 1 ) OJ L 123, 12.5.2016, p. 1.

( 2 ) OJ L 317, 3.12.2001, p. 1. Decision as last amended by Decision 2005/94/EC, Euratom (OJ L 31, 4.2.2005, p. 66).