EUR-Lex Access to European Union law

Back to EUR-Lex homepage

This document is an excerpt from the EUR-Lex website

Document 52018DC0046


COM/2018/046 final


COM(2018) 46 final


Thirteenth progress report towards an effective and genuine Security Union


This is the thirteenth monthly report on the progress made towards building an effective and genuine Security Union and covers developments under two main pillars: tackling terrorism and organised crime and the means that support them; and strengthening our defences and building resilience against those threats.

The 14 December 2017 Joint Declaration on the EU's legislative priorities for 2018-2019, signed by the Presidents of the European Parliament, the rotating Council Presidency and the European Commission on behalf of the three Institutions, once again underlines the central importance of better protecting the security of citizens 1 by placing this at the heart of the Union's legislative work. Priority is given to initiatives designed to ensure that Member States' authorities know who is crossing the common EU external border, to establishing interoperable EU information systems for security, border and migration management, and to reinforcing the instruments in the fight against terrorism and against money laundering.

This report sets out the progress made in delivering the legislative priorities related to the Security Union. The Commission will continue to drive progress in this area, in close cooperation with all Institutions and in line with the Commission Work Programme 2018 that also prioritises this work. 2 This work will feed into the informal Leaders' meeting on internal security in Vienna in September 2018 as announced in the Leaders' Agenda. 3

This report also sets out a number of actions the Commission will take to step up the support to Member States in countering radicalisation both offline and online, in particular by following up on the preliminary findings and recommendations of the High-Level Expert Group on Radicalisation 4 and by stepping up work with internet platforms against terrorist content online. Preventing and countering radicalisation remains a key challenge for Member States that requires a joined up approach between governments and at local level. The Expert Group, established in July 2017 to elaborate recommendations for future work, identified a number of priority topics that require further action.

Finally, this report also sets out the progress made in the implementation of other priority files in the Security Union, namely on cybersecurity, the protection of public spaces, security research and the external dimension of counter-terrorism.


In the Joint Declaration on the EU's legislative priorities for 2018-2019, the three Institutions agree to give priority treatment in the legislative process to 31 new initiatives for a more united, stronger and more democratic Union, with the aim to ensure substantial progress and, where possible, delivery before the European elections of 2019. Better protecting the security of our citizens is the first area listed in the working document attached to the Joint Declaration.

Among the legislative priorities listed are the Commission proposals on interoperability 5 of information systems for security, border and migration management, which were adopted in December 2017 and on which work has now started in the European Parliament and in Council. The Commission presented the proposals to the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE) on 15 January 2018. First discussions took place at Council working group level. In view of the high priority given to this initiative, the Commission is working with the European Parliament and Council to progress as quickly as possible. As regards the work on closing information gaps, trilogues are ongoing between the co-legislators on the Commission's proposal to establish a European Travel Information and Authorisation System (ETIAS). 6  Given the importance of this proposal, also in the context of the shared objective to reach swift progress on interoperability, the Commission urges the co-legislators to reach an agreement in the coming weeks.

As regards the work on maximising the benefits of existing information systems, trilogues are on-going between the co-legislators on the three legislative proposals to strengthen the Schengen Information System (SIS). 7 The Commission urges both co-legislators to reach swift agreement on these proposals as an important step towards stronger and smarter information systems for borders and security and their interoperability. 8  Concerning the supplementary Commission proposal to facilitate the exchange of criminal records of third-country nationals in the EU through the European Criminal Records Information System (ECRIS) 9 , the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE) is due to vote on its negotiating mandate on 25 January 2018. The Commissions calls on both co-legislators to reach an agreement on the proposals reforming the European Criminal Records Information System without delay. In parallel to this legislative work, practical efforts to step up the exchange on information are yielding results. For example, Europol reports that over the course of 2017, more than one million SIENA messages were exchanged among Europol, Member States and third parties. 10 The Commission continues to work with all Member States on the full implementation and application of existing information systems, notably with those Member States that are still at an insufficiently advanced stage of implementation of the EU Passenger Name Record (PNR) Directive 11 that needs to be fully implemented by 25 May 2018.

In June 2017, the Commission presented a legislative proposal 12 to strengthen the mandate of eu-LISA 13 , enabling the agency to ensure the technical implementation of the new approach to the management of data for borders and security. At its January 2018 Plenary session, the European Parliament adopted its mandate to enter into negotiation on the Commission proposal, allowing for the start of the inter-institutional discussions.

In the area of detecting and preventing terrorist financing, the Council of EU and the European Parliament reached a political agreement on 13 December 2017 on the EU Commission's proposal to amend the Fourth Anti-Money Laundering Directive (so-called the 5th AMLD). 14 The final compromise text still needs to be formally endorsed by both institutions. The amended Directive may likely be published in the Official Journal of the EU by mid-2018, bringing the entry into force 18 months after its publication, i.e. by the end of 2019. The Directive contains several new measures to help national authorities to better track illegal financial flows. A key element of this Directive is its increase in transparency about who really owns companies and trusts and other legal arrangements by strenghtenning the requirements related to the beneficial ownership registers. The register on beneficial owners of companies will be fully public, while the one on trusts and other legal arrangements will be fully accessible to the competent authorities and obliged entities (such as banks) and to any member of the public who can prove a legitimate interest to have access to such information. The Directive also enhances the access of Financial Intelligence Units (FIUs) to relevant information, including land registries and to newly-created centralised bank account registers. It also increases the cooperation and facilitates the exchange of information between financial supervisors in the EU. Another key element of the Directive is the important reduction of anonymity surrounding products like pre-paid cards and virtual currencies. Lastly, the Directive adds additional criteria, including transparency, for listing high-risk third countries, thereby ensuring a high level of safeguards for financial flows from high-risk third countries.

Following the adoption by the European Parliament of its position on 11 December 2017 regarding the Commission proposal for a Directive to harmonise the definition and criminal sanctions of money laundering 15 , the inter-institutional discussions have started on 17 January 2018.

In the area of cyber security, co-legislators are examining the Commission proposal 16 for a Regulation setting out a new mandate for the EU Agency for Network and Information Security (ENISA) and a European framework for certification ('Cybersecurity Act'). Several rounds of discussions have taken place at Council working group level. The European Parliament's Committee on Industry, Research and Energy (ITRE) held a first hearing on 27 November 2017. In view of the fast evolving cyber threats, the Commission urges the co-legislators to continue work on the proposal as a matter of priority, with the view to reach an agreement by the end of the year.


1.High-Level Expert Group on Radicalisation

The High-Level Expert Group on Radicalisation, established to step up efforts to prevent and counter radicalisation and to improve coordination and cooperation between all relevant stakeholders, delivered its Interim Report 17 in November 2017. The Justice and Home Affairs Council discussed the Expert Group's findings and recommendations on 7 December 2017. In the Interim Report, the Expert Group highlights the work done on the prevention of radicalisation at EU level, in particular through initiatives such as the Radicalisation Awareness Network (RAN), the EU Internet Forum and the European Strategic Communications Network (ESCN). The Interim Report calls for more systematic exchanges on anti-radicalisation between Member States, practitioners and researchers and stronger support structures at EU level. This corresponds to the findings of the comprehensive assessment of EU security policies that highlighted a need for enhanced coordination of EU prevent work. 18

Following up the Interim Report, the Commission is working to step up existing initiatives on countering radicalisation, to strengthen the involvement of Member States and to establish a cooperation mechanism at EU level. The Commission will pursue a gradual approach and, as a first step, it will strengthen the coordination of prevent work at EU level.

The Commission will also follow up on the Expert Group's recommendations for further action in a number of priority areas to match the scale and pace of the challenges posed by radicalisation. These recommendations will be implemented notably through the work of the Radicalisation Awareness Network Centre of Excellence, as reflected in its Annual Activity Plan for 2018. Morevoer, in order to promote common values through education, the Commission adopted on 17 January 2018 a specific Recommendation that asks Member States to take further steps to strengthen critical thinking, media literacy and shared values to consolidate a stronger sense of belonging at local and national level. 19

One priority area highlighted by the Expert Group is radicalisation in prisons which remains a major concern. The Commission will strengthen the exchange of best practices and targeted research and explore with Member States the organisation of peer reviews of de-radicalisation programmes using the Radicalisation Awareness Network. On 27 February 2018, the Commission will organise, in cooperation with the Bulgarian Presidency, the European Organisation of Prison and Correctional Services (EUROPRIS) and the Confederation of European Probation, a conference to exchange best practice between judges, prosecutors and prison and probation staff on radicalisation in prisons. The Commission will also continue to provide, under its Justice Programme, action grants to support projects in this area, including projects related to judicial training of judges, prosecutors, prison and probation staff. Building on exchanges with practitioners, Member States' policy makers and public actors, the Radicalisation Awareness Network Centre of Excellence is preparing a new edition of its handbook on countering radicalisation in prisons and probation practices setting out new practices.

There is also a need to increase efforts to counter terrorist propaganda. In addition to the work on countering online radicalisation (see section below), the European Strategic Communications Network and the Radicalisation Awareness Network Centre of Excellence provide support to Member States through the exchange of best practice on alternative and counter narratives and the stepping up of their capacity for strategic communication responses to terrorist narratives.

To strengthen support for action at local level, the Commission will look into existing support structures and multi-agency approaches, with a view to identify good practices for local cooperation in areas such as information sharing protocols or vetting of civil society partners. Experiences of EU funded projects, study visits and dedicated workshops of the Radicalisation Awareness Network's Local Working Group will feed into this overview. The Radicalisation Awareness Network stands ready to offer targeted counselling services to support efforts to counter radicalisation at local and national level.

Another priority area is the phenomenon of foreign terrorist fighters returning from conflict zones.  Following the territorial losses of Daesh in Syria and Iraq, there is much debate among experts and in the wider public on how to deal with challenges such as those posed by children and families returning from conflict zones or were raised in a radicalised environment. The Commission will organise, together with the Bulgarian Presidency, a conference in Sofia in April 2018 to exchange related best practices and lessons learned among Member States in dealing with returnees, including women and children. Moreover, given the need for tailored responses to address the situation of children in the context of returnees, the Commission will conduct a comparative analysis of existing approaches on risks and needs assessment as well as early detection. At the same time, cooperation with third countries, in particular Turkey, and international bodies, including the UN and the Global Counterterrorism Forum, is crucial.

Acknowledging the nexus between internal and external security, the Commission will, in cooperation with European External Action Service, increase its support for prevent strategies and cooperation mechanisms in partner countries outside the EU. It will establish a pool of EU experts and partners suited for external deployment and will support the establishment of a Civil Society Organisations platform that will function as a hub for action to prevent radicalisation outside the EU. In 2018, the Commission will launch several calls supporting local research on drivers to violent extremism in priority regions.

2.Countering terrorist content online

As set out in the Commission Work Programme for 2018 and in previous Security Union reports, the Commission is promoting cooperation with platforms to detect and remove terrorist and other illegal content online, and if necessary will propose legislation on removing terrorist content. On 9 January 2018, the Commission convened a roundtable with high-level representatives from online platforms to discuss progress made in tackling the spread of illegal content online. The Commission urged the platforms to enhance and accelerate the progress achieved so far and the resources invested, in order to better protect EU citizens. The Commission is counting on online platforms to step up and speed up their efforts, covering amongst others closer cooperation with national and international law enforcement authorities, increased sharing of know-how between online players, further action against the reappearance of removed illegal content, the speed of removals and further investment for automated detection tools, in line with the Commission communication of September 2017.  20 The Commission is working on new ways to track progress through specific indicators, as well as to make existing dialogues more focused and concrete. The EU Internet Forum is developing a specific reporting mechanism with indicators for the removal of terrorist content, on the basis of which internet platforms were requested to submit information in view of the Forum's next Senior Officials' Meeting in February 2018.

The Commission is also now looking into more specific steps which could be swiftly taken to improve the response to terrorist content online, before the Commission takes a decision on whether legislation will be required.


1.    Cybersecurity

The Commission continues, in cooperation with the European External Action Service, to implement the actions set out in the September 2017 Joint Communication 21 on Resilience, Deterrence and Defence: Building strong cybersecurity for the EU. The Commission is consulting stakeholders and is working towards an Impact Assessment for a legislative proposal to establish a Network of Cybersecurity Competence Centres with a European Cybersecurity Research and Competence Centre at its heart. This is in line with the November 2017 Council Conclusions on the Joint Communication that calls on the Commission to present the legislative proposal by mid-2018. The Commission has also started a mapping exercise of competences across the EU. The Commission's research will be supplemented by the results of a self-registration survey launched on 10 January 2018. 22 The Commission invites all interested cybersecurity centres across the EU to share information about their competences and activities. Finally, the Commission has acted on its commitment to launch a pilot project of EUR 50 million under the Horizon 2020 Framework Programme to support the creation of the network of competence centres. The Commission submitted to Member States a proposal of an amendment of the 2018-2020 Work Programme and is planning to launch a call from proposals in the first quarter of 2018.

In September 2017, the Commission proposed 23 to boost deterrence through new measures to combat fraud and the counterfeiting of non-cash means of payment. The proposed Directive will strengthen the ability of law enforcement authorities to tackle this form of crime and will also introduce common rules on the level of penalties and clarify the scope of Member States' jurisdiction in such offences. The Commission calls on the co-legislators to adopt their negotiation mandates to allow inter-institutional discussions to start on the proposal, with the view to reach an agreement by the end of the year.

In October 2017 the Commission set out a set of measures to support law enforcement and judicial authorities when they encounter the use of encryption by criminals. In line with this, in the 12th Security Union Progress Report, the Commission undertook to report on the funds made available to support law enforcement when they encounter encryption in criminal investigations. 24 Considering Member States' call for further support at the Justice and Home Affairs Council in December 2017, the Commission will amend the 2018 Europol budget with an additional EUR 5 million to reinforce Europol's capabilitites to decrypt information lawfully obtained in criminal investigations. As announced in October 2017, there is a need for continuous assessment of technical and legal aspects of the role of encryption in criminal investigations given the constant development of encryption techniques, their increased use by criminals and the effect on criminal investigations. The Commission will continue this important work.

Last autumn, the European External Action Service, in cooperation with the Commission, held Cyber Dialogues with China, India, the US and Brazil where the implementation of cyber norms, cyber security confidence building measures, application of existing international law in cyberspace, and internal cyber policies of the EU and the partners were discussed. In addition, progress has been made on cyber capacity building in third countries. On cyber defence, the Cyber Defence Policy Framework implementation report was adopted by the Political and Security Committee. The annual EU-NATO high level staff-to-staff cyber consultations took place on 8 December 2017, concentrating on the implementation of the cyber actions under the Joint Declaration. In December 2017, the European External Action Service also held an exercise with the Member States to operationalise the Implementation Guidelines of the EU Framework for Joint Diplomatic Response to Cyber Attacks by state and non-state actors.

2.    Protection of public spaces

The Commission is implementing the Action Plan to support the protection of public spaces 25 as a matter of priority, in line with the Commission Work Programme for 2018. On 20 December 2017, the Commission organised the first meeting of the EU Operators' Forum bringing together public authorities and private operators of various public spaces such as transport areas, exhibition centres, stadiums, hospitals, shopping centres, and entertainment sectors. The aim of the Forum is to promote public-private cooperation on the protection of public spaces by sharing lessons learned and good practices, exchange information, encouraging cross-sector learning and developing guidance. This covers activities such as detection, testing of new technology and security solutions, developing standards and performing risk and vulnerability assessments. All participants underlined the importance of developing a genuine public-private partnership, both at EU and national level and need to pursue work in dedicated meetings addressing specific sectors such as transport, mass events and entertainment, hospitality or commerce. Back-to-back with the first meeting of the EU Operators' Forum, and taking into account the fact that a number of terrorist attacks involved rental vehicles, the Commission also organised a meeting with the car rental industry on 21 December 2017. The operators agreed with Member States on the importance of further awareness raising so that staff are equipped with the tools and skills to recognise suspicious rentals from a counter-terrorism perspective. The Commission will establish a portal to facilitate sharing of good practices in this area.

The Action Plan calls for establishing a close dialogue with regional and local authorities. To that end, the Commission and the Committee of the Regions are organising a conference in Brussels on the 8 March to bring together mayors from a large number of European cities, including those cities that were hit by terrorist attacks, in order to facilitate the exchange on the protection of public spaces. The conference will draw lessons from recent attacks and identify best practices emerging in cities across the Union. It will also take stock of ongoing or planned pilot projects and aims to identify how EU funding can best support these efforts.

Funding is indeed an important aspect of the support for the protection of public spaces. The launch of the Action Plan was accompanied by calls for proposals through the Internal Security Fund Police for a total amount of EUR 18.5 million, as well as, for the longer term, the announcement of additional funding of up to EUR 100 million under Urban Innovative Actions (UIA) 26 as part of the European Regional Development Fund. Following the end of the public consultation launched on 15 September 2017, a workshop with stakeholders was organised by the Commission in Brussels on 18 January 2018 on the urban perspective of security in public spaces. Participants discussed the main security issues in cities and responses to be provided at local level with representatives from national and local governments, European networks, academics and researchers, NGOs and other international institutions. The results of this workshop will contribute to define the scope of actions in relation to the Urban Innovative Actions and the Urban Agenda for the EU.

Furthermore the Commission is taking action to address the security risks to the commercial road transport sector. A security toolkit is being published in January 2018 to provide operational guidance to help European truck drivers, haulage companies and other key stakeholders to address cargo theft, stowaway entry to trucks, and possible threats from terrorism. It also updates and upgrades contemporary good security practices that are rapidly becoming outdated amid a constantly evolving threat, emerging technologies, and regulatory changes.

3.    Security research

With a research and innovation budget of EUR 1 billion, the Security Union is one of four focus areas under the 2018-2020 work programme for Horizon 2020, which represents 50% of overall public funding for security research in the EU. Research on security threats will underpin a coordinated EU response, and mitigate risks linked to terrorism, serious crime, border security, cybercrime, hybrid threats, and other areas.

Within the Community of Users for Security and Resilient Societies, the Commission organised two workshops in December 2017 on projects related to radicalisation and on projects related to cybercrime. The workshop on anti-radicalisation brought together participants of relevant research projects under the Framework Programme 7, Horizon 2020 (security research) and the Internal Security Fund-Police programme, as well as members of the Radicalisation Awareness Network. It allowed identifying areas for synergies where security research can support in EU action to counter radicalisation. The workshop on cybercrime brought together participants of related research projects, the European Cybercrime Centre (EC3) at Europol and representatives of two law enforcement networks of practitioners that had been established last year under Horizon 2020 to improve research market uptake. The workshop allowed a number of projects to present their results in various areas of cybercrime, such as digital forensics and evidence, financially motivated malware, virtual currencies, detection of terrorist content online or big data analysis.

4.    External dimension of counter-terrorism

The EU has currently a network of counter-terrorism/security experts posted to 13 EU Delegations in third countries. This network has been delivering real added-value by providing the crucial link between the EU's external and the internal security and represents an important part of the EU support to third countries in the fight against terrorism. The June 2017 Council Conclusions on EU external action in this area acknowledged the value of the work done by the EU experts on the ground and called for broadening of the geographic and functional scope of the network. This decision was taken on 18 January 2018 by the High Representative of the Union for Foreign Affairs and Security Policy/Vice-President of the Commission (HR/VP). Four new experts will soon be sent to the following EU Delegations: the EU Mission to ASEAN based in Jakarta with geographic coverage of South East Asia, the EU Delegation in Bishkek, Kyrgyzstan with geographic coverage of Central Asian countries, the EU Delegation in Nairobi, Kenya with geographic coverage of the Horn of Africa, and the EU Delegation in Addis Ababa, Ethiopia to liaise with the African Union and its regional and functional institutions.


This report sets out the progress made in delivering the security-related initiatives identified in the Joint Declaration on the EU's legislative priorities for 2018-2019. Delivering these initiatives will be of key importance for completing an effective and genuine Security Union, better protecting the security of our citizens.

This report also provides an update on a number of actions taken at EU level across various policy areas to enhance internal security, in particular actions to step up the support for Member States' efforts to counter radicalisation at national and local level, reflecting the interim recommendations of the High-Level Expert Group on Radicalisation. The Commission calls on all actors involved to pursue this work as a matter of priority, cooperating across sectors and policy levels and sharing best practices in order to address radicalisation as a shared challenge.

The Commission will continue to report regularly on the progress made towards building an effective and genuine Security Union.

(2)      COM(2017) 650 final (24.10.2017).
(5)      COM(2017) 793 final and COM(2017) 794 final (12.12.2017).
(6)      COM(2016) 731 final (16.11.2016).
(7)      COM(2016) 881 final, 882 final and 883 final (21.12.2016).
(8)      See the April 2016 Communication on 'Stronger and Smarter Information Systems for Borders and Security' (COM(2016) 205 final, 6.4.2016) and the Commission's approach to the management of data for borders and security as set out in the Seventh progress report towards an effective and genuine Security Union (COM2017) 261 final, 16.5.2017).
(9)      COM(2017) 344 final (29.6.2017).
(10) . SIENA is the Secure Information Exchange Network Application, managed by Europol which enables a swift and secure communication and exchange of operational and strategic crime-related information.
(11)      Directive 2016/681 (27.4.2016).
(12)      COM(2017) 352 final (29.6.2017).
(13)      The European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice.
(14)      COM(2016) 450 final (5.7.2016).
(15)      COM(2016) 826 final (21.12.2016).
(16)      COM(2017) 477 final (13.9.2017).
(18)      See the Ninth Progress Report Towards an Effective and Genuine Security Union (COM(2017) 407 final of 26.7.2017) and the annexed Commission Staff Working Document (SWD(2017) 278 final).
(19)      COM (2018)23 final (17 January 2018).
(20)       COM(2017) 555 final (28.9.2017).
(21)      JOIN(2017) 450 final (13.9.2017).
(22) .
(23)      COM(2017) 489 final (13.9.2017).
(24)      COM(2017) 779 final (12.12.2017).
(25)      COM(2017) 612 final (18.10.2017).