ANNEX

TABLE OF CONTENTS

GLOSSARY

5

INTRODUCTION

7

1.

Relevant legal provisions

8

2.

Implementation

8

3.

Data collection

9

4.

Data on dual-use items which are not classified as cyber-surveillance items according to Article 2(20) of the Regulation

9

4.1.

Types of items

9

4.2.

Information on authorisations

9

4.2.1.

Individual authorisations

9

4.2.2.

Global Export Authorisations

9

4.2.3.

National and Union General Authorisations

10

5.

Additional data for the EU annual report

10

5.1.

Overview of authorisations by their corresponding type (of licence)

10

5.2.

Registered users of National and EU General Export Authorisations

10

5.3.

Data on the use of General and Global Export Authorisations

10

6.

Denials and prohibitions

11

7.

Data on dual-use items classified as cyber surveillance items according to Article 2(20) of the Regulation

11

8.

Information on administration and enforcement

11

9.

Preparation of the EU annual report on dual-use export controls

11

9.1.

EU annual report on authorisations

12

9.1.1.

Individual authorisations

12

9.1.2.

Global Export Authorisations

13

9.1.3.

National General Export Authorisations

14

9.1.4.

Use of Global, Union and National General Export Authorisations

16

9.1.5.

Denials and prohibitions (Annex A)

18

9.1.6.

Cybersurveillance items

18

10.

Information on the administration and enforcement of controls

19

10.1.

Administration of controls

19

10.2.

Enforcement of controls

19

ANNEX A

20

CATEGORY 0 – NUCLEAR MATERIALS, FACILITIES AND EQUIPMENT

20

CATEGORY 1 – SPECIAL MATERIALS AND RELATED EQUIPMENT

20

CATEGORY 2 – MATERIALS PROCESSING

20

CATEGORY 3 – ELECTRONICS

20

CATEGORY 4 – COMPUTERS

21

CATEGORY 5 – TELECOMMUNICATIONS AND INFORMATION SECURITY

21

CATEGORY 6 – SENSORS AND LASERS

21

CATEGORY 7 – NAVIGATION AND AVIONICS

21

CATEGORY 8 – MARINE

21

CATEGORY 9 – AEROSPACE AND PROPULSION

22

NON-LISTED ITEMS

22

ANNEX B

23

GLOSSARY

This glossary explains or defines recurring terms used in these guidelines. The items marked with * refer to definitions from the EU dual-use Regulation (EU) 2021/821 and Regulation (EC) No 223/2009 (1). The descriptions of items without * should not be understood as legally binding definitions.

Term	Definition
Annex I, Annex II or Annex IV to the EU dual-use Regulation	Annex I, Annex II or Annex IV to Regulation (EU) 2021/821. The annexes are updated annually by means of a Commission Delegated Act. For the latest update, see https://eur-lex.europa.eu
Authorisation	The definition of authorisation in the context of the annual EU report is to be found in Article 2(12), 2(13), 2(14), 2(15), 2(16) Regulation (EU) 2021/821 and further explained in Articles 4, 6, 7, 8, 11, 12 and 13 of the Regulation: — Individual and global authorisations, including for large projects — Union and national general export authorisations — Authorisations for the provision of brokering service — Transit authorisations — Authorisations for the provision of technical assistance — Intra-Union transfer authorisations — Authorisations for items not listed in Annex I but subject to authorisation under ‘catch-all’ — Authorisations under a national control measure: for items not listed in Annex I, but subject to control under national measures.
EUGEA	Union General Export Authorisation as defined in Regulation (EU) 2021/821.
Catch-all controls	Export controls for non-listed dual-use items according to the conditions especially referred to in Article 4, 5, 9 and 10 of the EU Dual-Use Regulation.
Cyber-surveillance items*	Dual-use items specially designed to enable the covert surveillance of natural persons by monitoring, extracting, collecting or analysing data from information and telecommunication systems – Article 2(20) Regulation (EU) 2021/821.
Denials/prohibitions	The definition of denials/prohibitions in the context of the annual report has to be found in Articles 3, 4, 6, 7 and 8 of the Regulation (EU) 2021/821: — Export denials (Article 3 and 4) — Denials for the provision of brokering services (Article 6) — Transit prohibitions (Article 7) — Denial for the provision of technical assistance (Article 8).
Dual-use items*	Items, including software and technology, which can be used for both civil and military purposes and includes items which can be used for the design, development, production or use of nuclear, chemical or biological weapons or their means of delivery, including all items which can be used for both non-explosive uses and assisting in any way in the manufacture of nuclear weapons or other nuclear explosive devices – Article 2(1).
Dual Use Regulation (also referred to as Regulation or DUR)	Regulation (EU) 2021/821 setting up an EU regime for the control of exports, brokering, technical assistance, transit and transfer of dual-use items.
Destination	Country where the consignee is located, according to information provided by the exporter to the competent authority. Country of final destination is where the end-user is located.
Export*	Defined as following: — an export procedure within the meaning of Article 269 of the Union Customs Code, — a re-export within the meaning of Article 270 of the Union Customs Code; a re-export also occurs if, during a transit through the customs territory of the Union according to point (11) of Article 2 of the EU dual-use Regulation, an exit summary declaration has to be lodged because the final destination of the items has been changed, — an outward processing procedure within the meaning of Article 259 of the Union Customs Code, — transmission of software or technology by electronic media, including by fax, telephone, electronic mail or any other electronic means to a destination outside the customs territory of the Union; it includes making available in an electronic form such software and technology to natural or legal persons or to partnerships outside the customs territory of the Union; it also includes the oral transmission of technology when the technology is described over a voice transmission medium – Article 2(2).
Exporter*	Any natural or legal person or any partnership that: — at the time when the export declaration or the re-export declaration or an exit summary declaration is accepted, holds the contract with the consignee in the third country and has the power to determine the sending of the items out of the customs territory of the Union; where no export contract has been concluded or if the holder of the contract does not act on its own behalf, exporter means the person who has the power to determine the sending of the items out of the customs territory of the Union, — decides to transmit software or technology by electronic media including by fax, telephone, electronic mail or by any other electronic means to a destination outside the customs territory of the Union or to make available in an electronic form such software and technology to natural or legal persons or to partnership outside the customs territory of the Union. Where the benefit of a right to dispose of the dual-use item belongs to a person resident or established outside the customs territory of the Union pursuant to the contract on which the export is based, the exporter shall be considered to be the contracting party resident or established in the customs territory of the Union. — Any natural person carrying the dual-use items to be exported where these dual-use items are contained in the person’s personal baggage within the meaning of point (a) of Article 1(19) of Commission Delegated Regulation (EU) 2015/2446 – Article 2(3).
Internal Compliance Programme (ICP)*	Ongoing effective, appropriate and proportionate policies and procedures adopted by exporters to facilitate compliance with the provisions and objectives of this Regulation and with the terms and conditions of the authorisations implemented under this Regulation, including, inter alia, due diligence measures assessing risks related to the export of the items to end-users and end-uses – Article 2(21).
Intra-EU transfer or transfer	Movement or transmission of a dual-use item listed in Annex IV to the EU dual-use Regulation from a supplier in one EU Member State to a recipient in another EU Member State.
Listed dual-use items	Dual-use items that are listed in Annex I to the EU dual-use Regulation.
Non-listed dual-use items	Dual-use items that are not listed in Annex I and IV to the EU dual-use Regulation and that can become subject to export controls (catch-all controls). It includes items that are (just) below the technical thresholds in Annex I to the EU dual-use Regulation.
DUCG	Dual Use Coordination Group established under Article 24 of the Regulation.

INTRODUCTION  (2)

With the adoption of Regulation (EU) 2021/821 (hereafter ‘the Regulation’), the EU demonstrates its commitment to maintaining robust legal requirements with regard to dual-use items, as well as to strengthening the exchange of relevant information and greater transparency. The Regulation provides for the first time that the publication of an EU annual report on the implementation of controls should include relevant information on the licensing and enforcement of controls under the Regulation, with due respect to the need to ensure the protection of the confidentiality of certain data, in particular where the transmission or publication of licensing data could affect defence, foreign policy or national security concerns or jeopardise the protection of personal and commercial sensitive information (Article 26).

Since 2013, the DUCG has developed, on a voluntary basis, a licensing data collection mechanism and supported the preparation of an annual report to the European Parliament and the Council that includes EU aggregated licensing data and other export control related information. The data collection took place on annual basis and the mechanism was progressively expanded in an effort to capture data relating to various types of authorisations and concerning the administration, implementation and enforcement of controls. It was based on a questionnaire developed in the DUCG.

These guidelines describe the new methodology for the collection and publication of data that the annual report needs to include. The methodology is to be applied by Member States’ licensing authorities (herein after also referred to also as ‘competent authorities’) – in cooperation with other authorities (such as customs) where appropriate – and the Commission for the purpose of preparing the EU annual report on dual-use export control (3), which covers all EU activities in the dual-use export control area.

The criteria for defining the methodology for data collection and for the preparation of the annual report in accordance to Article 26(2) of the Regulation shall take into account in particular the need to reduce administrative burdens and costs. Therefore, the methodology does not go beyond what is necessary in order to achieve the objectives of the Regulation, whilst ensuring an effective exchange of relevant information.

The present guidelines were prepared by a technical expert group composed by representatives of Member States’ export control authorities (4) and chaired by the European Commission DG TRADE. The guidelines also take into consideration the results of the stakeholder consultation conducted by the European Commission DG TRADE between 24 January and 28 February 2023  (5).

These guidelines are made available for the preparation of the EU annual report concerning dual-use licensing data and apply to 2022 licensing data and onwards. In consideration of the current state of implementation of the new Dual Use Regulation, these guidelines on the methodology may be further updated and improved as needed in the future.

1.   Relevant legal provisions

Article 26(2) para. 2 specifies the information that the EU annual report needs to include in general. The first sentence sets the baseline for reporting on authorisations, denials and prohibitions: ‘the annual report shall include information on authorisations (in particular number and value by types of items and by destinations at Union and Member State levels), denials and prohibitions under this Regulation. The annual report shall also include information on the administration (in particular staffing, compliance and outreach activities, dedicated licensing or classification tools), and enforcement of controls (in particular the number of infringements and penalties)’.

The wording ‘by types of items and by destinations’ in Article 26(2) para. 2 between brackets has to be read as requiring to report authorisations by destinations and, separately, by types of items. This interpretation is considered consistent with the need to protect sensitive information under Article 26(3) and the need to avoid the risk of undercutting restrictive licensing decisions in the Union (6).

‘ Information on authorisations ’ refers to licences for dual-use exports issued/granted by the Member States under the EU Dual Use Regulation or national laws.

With regards to denials and prohibitions, relevant figures will be reported at EU level, since the wording ‘number and value by types of items and by destinations at Union and Member State levels’ is absent in the relevant part of Article 26(2).

With regards to cyber surveillance items, the third paragraph of Article 26(2) provides that ‘the annual report shall include dedicated information on authorisations, in particular on the number of applications received by item, the issuing Member State and the destinations concerned by those applications, and on the decisions taken on those applications’.

Therefore, the annual report will feature a specific section on cyber surveillance items. It will include the number of applications received by Member States as well as the list of all destinations concerned by those applications and the Member States concerned. The wording ‘decisions taken on those applications’ is interpreted as either authorisation or denial/prohibition, and this information will be expressed as EU total figure for all the relevant cyber-surveillance items.

2.   Implementation

The Commission will aim at publishing the annual report mentioned in Article 26 of the Regulation in the first semester of the following year (reference year +1), depending on the actual availability and completeness of national data and other relevant factors.

The complete and correct transmission of data from Member States to the Commission will therefore have to be completed at the latest on 30 April every year (7).

The Commission services will review the data transmitted by the competent authorities and will prepare the annual report in consultation with the DUCG.

3.   Data collection

Under the provisions of the Dual Use Regulation, Member States will be required to submit to the Commission information on authorisations for the preparation of the annual report.

The present data collection methodology should remain sustainable over time, allowing for Member States to provide relevant information to the Commission in an efficient and cost-effective manner, that is statistically sound and with due consideration to the protection of personal information, commercially sensitive information or protected defence, foreign policy or national security information. The methodology should also require minimum need for revisions, bearing in mind the regular annual updates of Annex I to the Regulation. This methodology – including the collected data – shall not be used of any other purpose than the preparation of the EU annual report in accordance to Article 26 of the Regulation.

4.   Data on dual-use items which are not classified as cyber-surveillance items according to Article 2(20) of the Regulation

4.1.    Types of items

The classification of dual-use items in Annex I is very detailed – with over 1 800 entries, following the complete alpha-numerical classification. That is the underlying rationale that led the EU legislators to group the entries in Annex I in ‘types of items’ (Article 26(2) para. 1) for the purpose of the EU annual report.

While some of the items are easily identifiable final products – e.g. nuclear reactor (ECCN 0A001) many others are smaller parts and components of other products e.g. valves, pumps, special materials, components for integrated circuits, etc. In order to allow for the required level of transparency of public reporting while ensuring efficient and sustainable data collection over time, it was decided that the baseline for the determination of the types of items will build on the classification of dual-use items at 5-digit level while ensuring that the determination of ‘types of items’ supports the provision of meaningful information from a security, policy and trade perspective.

Annex A to the present guidelines therefore describes the list of ‘types of items’ to be used for the collection of licensing data and the preparation of the EU annual report.

Authorisations will be broken down by type of item and by relevant destinations in line with the requirements of the Regulation whilst considering the nature, purpose and characteristics of the different types of authorisations, as well as the varying practices in Member States for granting authorisations and collecting data. It is therefore necessary to adapt the relevant data collection and submission by the Member States to the Commission according to the specificities of the different types of authorisations and national practices.

This methodology also acknowledges that authorisations may refer to multiple items falling within multiple types of item.

The reference year will be the year when the authorisation was issued.

4.2.    Information on authorisations

4.2.1.   Individual authorisations

Individual Export Authorisations, Brokering Authorisations, Technical Assistance Authorisations, Transit Authorisations, Intra-EU Transfer Authorisations, Authorisations under a national control measure and Authorisations for non-listed items will be all considered individual licences for the purpose of this methodology. Member States shall provide licensing data to the Commission accordingly.

4.2.2.   Global Export Authorisations

Mindful of the nature, purpose and characteristics of each type of authorisation, this methodology acknowledges that global export authorisations most often contain estimated or open-ended export values and are granted either for one or multiple items and a single destination or for one or multiple items for multiple destinations. As such, global authorisations lessen the administrative burden of competent authorities and exporters for similar and/or frequent transactions. In order to safeguard non-proliferation objectives, exporters are required to draft and submit an internal compliance programme in order to qualify for a global license. Because the Regulation leaves the concrete configuration of global authorisations to the Member States, different practices across Member States also apply. To the purpose of providing meaningful information to the public, while taking into account different national practices and the rationale of global export authorisations – as explained further above – Global Export Authorisations require to adapt the relevant data collection and reporting, in accordance to the tables below, as this is considered most representative and useful for public reporting. Member States will provide relevant licensing data to the Commission accordingly.

4.2.3.   National and Union General Authorisations

Mindful of the nature of each type of authorisations this methodology takes into consideration that:

—

Union General Export Authorisations (EU GEAs) are granted ex lege by the European Union to exporters who notify competent authorities while complying with the relevant pre-conditions established in the Regulation, including adoption and compliance with relevant internal compliance programmes and reporting obligations, as established by applicable national laws.

—

National General Export Authorisations are granted ex lege by the Member States to exporters who notify competent authorities while complying with the relevant pre-conditions established by applicable national laws, including adoption and compliance with relevant internal compliance programmes and reporting obligations.

—	From a non-proliferation perspective, National and Union General Export Authorisations are issued to facilitate trade of dual-use items while reducing administrative burden for exporters and export control authorities

It is therefore considered appropriate to adapt the relevant data collection and reporting methodology and Member States will provide relevant licensing data to the Commission accordingly.

The annual report by the Commission will refer to the latest publication of the EU GEAs as well as to the National General Export Authorisations as an annex of the annual report.

5.   Additional data for the EU annual report

5.1.    Overview of authorisations by their corresponding type (of licence)

While this is not mandatory under the applicable legal provisions, it is considered useful that Member States additionally submit data on a voluntary basis on the number and value of authorisations by types of licence.

5.2.    Registered users of National and EU General Export Authorisations

In order to provide information on exporters’ notifications in accordance to the Regulation (8), it is considered appropriate that Member States communicate information on a voluntary basis on the number of exporters that have notified or are registered with the competent authority to use Union or National general authorisations.

5.3.    Data on the use of General and Global Export Authorisations

In light of the fact that Global Export Authorisations, Union and National General Export Authorisations are the legal basis for a high portion of the overall EU export for dual-use items, it is considered useful that Member States provide additional data on the use of such authorisations, when available.

For reasons of consistency the report by the Commission will reflect accordingly that data on authorisations is not synonymous with data that represents the use of authorisations.

This methodology takes into consideration that

—	Member States can provide this additional data on a voluntary basis.

—	For additional data on the use of Global, National and Union General Export Authorisations, Member States can decide to provide either data from customs’ statistics on actual exports or data reported by exporters, depending on actual availability (9).

—	In some cases, this data will reflect authorisations granted prior to the year of reference, as the use of the license takes place over multiple years after the authorisation has been granted.

—	In line with the provision of the Regulation Member States currently have different administrative practices on notification requirements by their exporters.

6.   Denials and prohibitions

Article 26 of the Regulation states that the EU annual report shall include information on denials and prohibition. The Regulation does not indicate that relevant data should be reported by number, value, destination at Union and Member States level. It is however considered appropriate to report the number of denials and prohibitions at EU level as well as their total value for statistical purposes, as in the current annual reporting practice.

While the value of denials is not required by the Regulation, it is considered useful that Member States communicate this data on a voluntary basis for the purpose of preparing the annual report.

7.   Data on dual-use items classified as cyber surveillance items according to Article 2(20) of the Regulation

The definition of Article 2(20) for cyber-surveillance items comprises those listed in Annex I as well as non-listed items.

Annex B describes the items listed in Annex I to the Regulation which are considered to fulfil the definition of Article 2(20). The decision as to whether a specific non-listed item meets the requirements of the legal definition must be taken on a case-by-case basis by the Member States.

Applications and authorisations for non-listed cyber surveillance items have also to included in the annual report, based on data provided by the Member States.

Applications and authorisations for other listed items can be included in the report, based on the decision of the relevant competent authority.

Member States will provide to the Commission relevant licensing data accordingly.

8.   Information on administration and enforcement

In order to comply with the transparency requirements set by the Regulation, Member States will communicate to the Commission information on:

—	Staffing in the administration (Number of licensing officers /experts working on dual-use controls)

—	Compliance and outreach activities conducted in the year (conferences, meetings with industry associations, etc.)

—	Licensing or other export control tools implemented.

—	Number of infringements occurred and penalties applied in the year (with due consideration of applicable legislation, for example on personal data protection).

—	Member States will also provide on a voluntary basis information on national annual reports published on the implementation of dual-use controls in the reference year and relevant internet sources, as available (10).

9.   Preparation of the EU annual report on dual-use export controls

The Commission will prepare the annual report based on data made available by Member States according to the methodology described in these guidelines. The report will make use of data visualisation tools and charts to ensure comparability over time.

Tables below provide examples of data tables that will be used for the preparation of the annual report.

9.1.    EU annual report on authorisations

9.1.1.   Individual authorisations

Table 1

Publication in the annual EU report of individual authorisations (number and value) by types of items

Example

Year	Type of item	Type of Item description	Member States	Value EUR	Number of authorisations
2022	0EC1	Type of Item 1	XX	300	3
			XY	200	2
		Total		500	5
	1EC2	Type of Item 2	XY	1 200	8
			XZ	1 000	10
		Total		2 200	18
	2EC3	Type of Item 3	XZ	500	5
		Total		500	5
	Total			3 200	28

Table 2

Publication in the annual EU-report of individual authorisations (number and value) by destinations.

Example

Year	Destination	Member States	Value EUR (11)	Number of authorisations
2022	Brazil	XZ	500	5
	China	XY	1 000	10
	USA	XX	200	2
	Total		1 700	17

Article 26 of the Regulation does not indicate that the annual report should include a breakdown of authorisations by their type. It is however considered useful and appropriate to report this information, based on data provided by Member States on a voluntary basis.

9.1.2.   Global Export Authorisations

Publicaton of data concerning global export authorisations (destinations and types of items) (12)

Example

Table 3

Destinations

Destination ISO ID	Member State ISO ID	Number of global authorisations issued
US		3
		2
		4
		1
CN		2
		5
MY		4
		3

Table 4

Type of items

Type of items	Member State ISO ID	Number of global authorisations issued
0EC01		4
		1
		1
		4
1EC03		2
		5
4EC05		5
		3

Table 5

Value of Global Export Authorisations  (13)

Member State ISO ID	Value EUR
HU
NL

9.1.3.   National General Export Authorisations

Table 6

Destinations

Example

Destination ISO ID	Member State ISO ID	Number of national general export authorisations (14)
US		3
		2
		4
		1
CN		2
		5
MY		4
		3

Table 7

Type of items

Example

Type of items code	Member State ISO ID	Number of national general export authorisations (15)
0EC01		4
		1
		1
		4
1EC03		2
		5
4EC05		5
		3

Table 8

Value of National General Export Authorisations  (16)

Example

Member State ISO ID	Value

Table 9

Publication in the annual EU-report of authorisations (number and value) by types of licences

Example

Year	Licence Type ID	Licence Type	Data type	Member State ISO ID		Value EUR (17)	Number
2022	ID1	Individual export authorisation	Authorisations			100	70
						200	30
			Total			300	100
	ID2	Global export authorisation (18)	Authorisations			200	20
						100	40
			Total			300	60
	ID3	National general export authorisation	Authorisations			If applicable	3
						If applicable	4
			Total			XXX	7
	ID4	Union General export authorisation (19)	Authorisations			If applicable	8
						If applicable	8
			Total			XXX	16
	ID5	Brokering authorisation (20)	Authorisations			50	10
						50	3
			Total			100	13
	ID6	Technical assistance authorisation (21)	Authorisations			700	40
						100	5
			Total			800	45
	ID7	Transit authorisation (22)	Authorisations			80	3
						50	1
			Total			130	4
	ID8	Authorisation under a national control measure (23)	Authorisations			50	40
						50	10
			Total			100	50
	ID9	Authorisation for non-listed items (24)	Authorisations			100	10
						50	5
			Total			150	15
	ID10	Intra-EU Transfer authorisation (25)	Authorisations			60	25
						20	15
			Total			80	40
	Total					XXX	YYY

9.1.4.   Use of Global, Union and National General Export Authorisations (26)

Table 10

Use of EUGEAs by exporters

First use notifications –Example

Year	Member State ISO 2 ID	EU001 (27)	Value (28) EUR	EU002	Value EUR	EU003	Value EUR	EU004	Value EUR	EU008	Value EUR
2022		4		1		1		4		4
2022		5		4		2		3		5
2022		7		5		4		2		6
2022		1		6		5		1		3
2022		2		7		5		3		2
2022		3		8		3		5		1
2022		8		6		2		5		4
2022		4		7		1		2		5

Table 11

Total number of exporters using EUGEAs

Example

Member State ISO 2 ID	EU001	EU002	EU003	EU004	EU005	EU006	EU007	EU008
	14
	20
	16

Table 12

Use of National General Export Authorisations by exporters

Example

Year	Member State ISO 2 ID	Number of first-use notifications or first registrations in the year	Total number of exporters using National General Export Authorisations
2022		14
2022		20
2022		16

Table 13

Additional data  (29) : detail by type of items

Example

Year	Member State ISO 2 ID (30)	Type of Item ref. code	Value EUR	Short description of relevant Global Export Authorisation, National General Export Authorisation or code of the EUGEAs
2022		0EC01	300
2022		1EC03	1 000

Table 14

Additional data  (31) : detail by destinations

Example

Year	Member State ISO 2 ID	Destination Country ISO 2 ID	Value EUR	Short description of relevant Global Export Authorisation, National General Export Authorisation or code of the EUGEAs
2022		US	300
2022		CN	1 000

9.1.5.   Denials and prohibitions (Annex A)

Table 15

Data published in the EU annual report concerning denials and prohibitions

Example

Year XXXX

Number of denials and prohibitions (EU total)

XX

The EU annual report will also indicate the relative percentage of denied transactions on the total EU dual-use authorisation value in the reference year.

9.1.6.   Cybersurveillance items

Table 16

Publication in the EU annual report of data concerning applications for cyber-surveillance items (Annex B)

Example

	Intrusion software	Telecommunications interception systems	Internet surveillance systems	Communication monitoring software	Forensic tools/investigative	Other (listed) (32)	Other (non-listed) (33)	Total	Destinations  (34)
Applications received	54	89	76	3	4	4		XXX	X,Y,Z,W
Issuing Member States  (35)	List of MS	List of MS	List of MS	List of MS	List of MS	List of MS	List of MS

Table 17

Publication in the EU annual report of data on authorisations, denials and prohibitions for cyber-surveillance items (Annex B)

Example

Year 2022 – EU
Number of denials and prohibitions issued	List of relevant MS
Number of authorisations issued	List of relevant MS

10.   Information on the administration and enforcement of controls

The EU annual report will include the following information.

10.1.    Administration of controls

Number of staff (full-time equivalent) directly involved in the administration of controls in the EU: xx

Use of export control tools:

—	Electronic licensing system: list of Member States using an e-licensing system

—	Classification tool: list of Member States using classification tools

—	Other tools: list of Member States using other tools or software to support exporters and/or export control authorities in the application of controls

Number of outreach events organised in the referenced year: yy

Hyperlinks to national reports, as available.

10.2.    Enforcement of controls

Number of compliance audits conducted: xx Including those conducted by customs or other agencies.

Number of infringements reported: yy

Number of administrative and criminal penalties/fines imposed: xx By any relevant national enforcement agency, in case of infringement of export control regulations.

---

(1)  Regulation (EC) No 223/2009 of the European Parliament and of the Council of 11 March 2009 on European statistics and repealing Regulation (EC, Euratom) No 1101/2008 of the European Parliament and of the Council on the transmission of data subject to statistical confidentiality to the Statistical Office of the European Communities, Council Regulation (EC) No 322/97 on Community Statistics, and Council Decision 89/382/EEC, Euratom establishing a Committee on the Statistical Programmes of the European Communities (OJ L 87, 31.3.2009, p. 164).

(2)  These guidelines concern the preparation of the EU annual report on dual-use export control, while acknowledging that Member States’ competent authorities have different practices about public reporting on a national basis.

(3)  This is without prejudice to information exchange between Member States and the Commission ‘with a view to enhance the efficiency of the Union export control regime and to ensure the consistent and effective implementation and enforcement of control throughout the customs territory of the Union’, in accordance with Article 23 of Regulation (EU) 2021/821.

(4)  The technical expert group held several meetings between February 2022 and June 2023.

(5)  https://policy.trade.ec.europa.eu/consultations/guidelines-data-collection-and-preparation-eu-annual-report-dual-use-export-controls-under_en

(6)  Combining data on authorisations by destination and by types of items in one table would very likely lead to significant violations of exporters confidentiality or could undercut restrictive licensing decisions in the EU.

(7)  EUR/USD/national currency conversion tables will be provided by the Commission’s services in early January every year.

(8)  See relevant provisions for Union General Export Authorisations ‘The exporter who uses this authorisation shall notify the competent authority of the Member State where the exporter is resident or established of the first use of this authorisation within 30 days from the date when the first export took place or, alternatively, and in accordance with a requirement by the competent authority of the Member State where the exporter is resident or established, prior to the first use of this authorisation. Member States shall notify the Commission of the notification mechanism chosen for this authorisation. The Commission shall publish the information notified to it in the C series of the Official Journal of the European Union ’.

(9)  Regarding data provided by exporters, Member States can submit it in line with the notification requirements by the exporters in the respective Global and National General Authorisations. In order to ensure comparability and coherence in accordance to Regulation (EC) No 223/2009, further revisions of this methodology will consider the possibility to use only customs data.

(10)  Not legally required but published for further information.

(11)  Thousand EUR.

(12)  Depending on actual availability of data from Member States.

(13)  As not all Member States require exporters to indicate a relevant value when applying for Global Export Authorisations, this table will apply as appropriate.

(14)  That include the relevant destination.

(15)  That include the relevant type of item.

(16)  If applicable according to the national practice.

(17)  Million EUR.

(18)  Based on value provided by Member States on a voluntary basis, as applicable.

(19)  Value provided by Member States on a voluntary basis.

(20)  As made available by Member States to the Commission on a voluntary basis.

(21)  See above.

(22)  See above.

(23)  See above.

(24)  See above.

(25)  See above.

(26)  According to data voluntarily made available by Member States on the use of EUGEAs.

(27)  Number of first-use notifications by exporters in the year – For all applicable EUGEAs.

(28)  Total value of export based on customs statistics or reports by exporters. According to value data as voluntarily made available by Member States on the use of EUGEAs, as applicable.

(29)  As made available by Member States on a voluntary basis on the use of Global, National General Authorisations and EU General Export Authorisations.

(30)  Only relevant Member States that have provided relevant data on a voluntary basis.

(31)  See above.

(32)  Other listed items that can be used as cyber-surveillance items.

(33)  Other non-listed cyber-surveillance items that can be used as cyber-surveillance items.

(34)  List of country codes.

(35)  When only one or two Member States are listed as issuing authorities, the Commission services will consult with the concerned authorities, and obtain a positive answer from the consulted Member States in order to report data in a way that protects confidentiality of personal or commercial information, protected defence, foreign policy or national security.

ANNEX A

Types of items according to Article 26(2) para. 2 Regulation (EU) 2021/821 (not including cybersurveillance items)

CATEGORY 0 – NUCLEAR MATERIALS, FACILITIES AND EQUIPMENT

Ref. code	Types of item
0EC1	Nuclear materials, facilities, plants and equipment
0EC2	Software for nuclear materials facilities and equipment
0EC3	Technology for nuclear materials facilities and equipment

CATEGORY 1 – SPECIAL MATERIALS AND RELATED EQUIPMENT

Ref. code	Types of item
1EC1	Materials, components and structures for aircraft/aerospace
1EC2	Explosives, propellants and related equipment
1EC3.	Fibrous, filamentary materials, and production equipment
1EC4	Special metals and alloys and equipment therefor
1EC5	Nuclear related items and equipment
1EC6	Toxic chemicals, precursors, pathogens, toxins and genetically-modified organisms, related protective and detection equipment and components
1EC7	Software for special materials and related equipment
1EC8	Technology for special materials and related equipment

CATEGORY 2 – MATERIALS PROCESSING

Ref. code	Types of item
2EC1	Machine tools and systems and components for industrial equipment
2EC2	Chemical and biological manufacturing equipment
2EC3	Software for materials processing
2EC4	Technology for materials processing

CATEGORY 3 – ELECTRONICS

Ref. code	Types of item
3EC1	Electronic items and components
3EC2	Electronic assemblies, modules and equipment
3EC3	Electronic items usable in nuclear applications
3EC4	Equipment for the manufacturing and testing of semiconductor devices or materials
3EC5	Semiconductor materials
3EC6	Software for electronics
3EC7	Technology for electronics

CATEGORY 4 – COMPUTERS

Ref. code	Types of item or ‘item’
4EC1	Computers
4EC2	Software for computers
4EC3	Technology for computers

CATEGORY 5 – TELECOMMUNICATIONS AND INFORMATION SECURITY

Ref. code	Types of item or ‘item’
5EC1	Telecommunications items and equipment
5EC2	Information security and crypto-analysis items and equipment
5EC3	Software for telecommunications and information security
5EC4	Technology for telecommunications and information security

CATEGORY 6 – SENSORS AND LASERS

Ref. code	Types of item
6EC1	Optical and acoustic equipment, related components and materials; other sensors
6EC2	Lasers, related equipment and materials
6EC3	Radar systems, related equipment and components
6EC4	Software for sensors and lasers
6EC5	Technology for sensors and lasers

CATEGORY 7 – NAVIGATION AND AVIONICS

Ref. code	Types of item
7EC1	Equipment for inertial navigation
7EC2	Other equipment related to navigation and avionics
7EC3	Flight control systems
7EC4	Production equipment for navigation and avionics
7EC5	Software for navigation and avionics
7EC6	Technology for navigation and avionics

CATEGORY 8 – MARINE

Ref. code	Types of item
8EC1	Submersible vehicles and surface vessels and related marine systems, equipment and components
8EC2	Materials and equipment for marine vessels
8EC3	Software for marine
8EC4	Technology for marine

CATEGORY 9 – AEROSPACE AND PROPULSION

Ref. code	Types of item
9EC1	Aerospace engines and gas turbines (except UAV)
9EC2	UAV and propulsions therefor
9EC3	Rockets and spacecraft
9EC4	Rocket engines
9EC5	Equipment for wind tunnels, test facilities and chambers
9EC6	Software for aerospace and propulsion
9EC7	Technology for aerospace and propulsion

NON-LISTED ITEMS

Ref. code	Types of item
XEC1	Other/non-listed

ANNEX B

Cyber-surveillance items according to Article 2(20) of Regulation (EU) 2021/821

Ref. code	Cyber-surveillance items
CS1	Intrusion software
CS2	Telecommunications interception systems
CS3	Internet surveillance systems
CS4	Communication monitoring software
CS5	Forensic tools/investigative
CS6	Other listed items that can be used as cyber-surveillance items
CS7	Other non-listed cyber-surveillance items that can be used as cyber-surveillance items