Regulation (EU) 2018/1726 of the European Parliament and of the Council of 14 November 2018 on the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), and amending Regulation (EC) No 1987/2006 and Council Decision 2007/533/JHA and repealing Regulation (EU) No 1077/2011

CHAPTER I SUBJECT MATTER AND OBJECTIVES

Article 1 Subject matter

A European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (the Agency) is hereby established.

The Agency, as established by this Regulation, shall replace and succeed the European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice, as established by Regulation (EU) No 1077/2011.

The Agency shall be responsible for the operational management of the Schengen Information System (SIS II), the Visa Information System (VIS) and Eurodac.

The Agency shall be responsible for the preparation, development or operational management of the Entry/Exit System (EES), DubliNet, the European Travel Information and Authorisation System (ETIAS), ECRIS-TCN and the ECRIS reference implementation.

4a.

The Agency shall be responsible for the development and operational management, including technical evolutions, of the computerised system for the cross-border electronic exchange of data in the area of judicial cooperation in civil and criminal matters (the ‘e-CODEX system’).

4b.

The Agency shall be responsible for the development and operational management, including technical evolutions, of the joint investigation teams collaboration platform (‘JITs collaboration platform’).

The Agency may be made responsible for the preparation, development or operational management of large-scale IT systems in the area of freedom, security and justice other than those referred to in paragraphs 3, 4 and 4a of this Article, including existing systems, only if so provided by relevant Union legal acts governing those systems, based on Articles 67 to 89 TFEU, taking into account, where appropriate, the developments in research referred to in Article 14 of this Regulation and the results of pilot projects and proofs of concept referred to in Article 15 of this Regulation.

Operational management shall consist of all the tasks necessary to keep large-scale IT systems functioning in accordance with the specific provisions applicable to each of them, including responsibility for the communication infrastructure used by them. Those large-scale IT systems shall not exchange data or enable sharing of information or knowledge, unless so provided in a specific Union legal act.

The Agency shall also be responsible for the following tasks:

ensuring data quality in accordance with Article 12;
developing the necessary actions to enable interoperability in accordance with Article 13;
carrying out research activities in accordance with Article 14;
carrying out pilot projects, proofs of concept and testing activities in accordance with Article 15; and
providing support to Member States and the Commission in accordance with Article 16.

Article 2 Objectives

Without prejudice to the respective responsibilities of the Commission and of the Member States under the Union legal acts governing large-scale IT systems, the Agency shall ensure:

the development of large-scale IT systems using an adequate project management structure for efficiently developing such systems;
the effective, secure and continuous operation of large-scale IT systems;
the efficient and financially accountable management of large-scale IT systems;
an adequately high quality of service for users of large-scale IT systems;
continuity and uninterrupted service;
a high level of data protection, in accordance with Union data protection law, including specific provisions for each large-scale IT system;
an appropriate level of data and physical security, in accordance with the applicable rules, including specific provisions for each large-scale IT system.

CHAPTER II TASKS OF THE AGENCY

Article 3 Tasks relating to SIS II

In relation to SIS II, the Agency shall perform:

the tasks conferred on the Management Authority by Regulation (EC) No 1987/2006 and Decision 2007/533/JHA; and
tasks relating to training on the technical use of SIS II, in particular for SIRENE staff (SIRENE — Supplementary Information Request at the National Entries), and training of experts on the technical aspects of SIS II in the framework of Schengen evaluation.

Article 4 Tasks relating to the VIS

Article 5 Tasks relating to Eurodac

Article 6 Tasks relating to the EES

Article 7 Tasks relating to ETIAS

Article 8 Tasks relating to DubliNet

Article 8a Tasks related to ECRIS-TCN and the ECRIS reference implementation

Article 8b Tasks related to the e-CODEX system

Article 8c Tasks related to the JITs collaboration platform

Article 8d Tasks related to the Prüm II router

Article 9 Tasks relating to the preparation, development and operational management of other large-scale IT systems

Article 10 Technical solutions requiring specific conditions before implementation

Article 11 Tasks relating to the communication infrastructure

Article 12 Data quality

Article 13 Interoperability

Article 14 Monitoring of research

Article 15 Pilot projects, proofs of concept and testing activities

Article 16 Support to Member States and the Commission

CHAPTER III STRUCTURE AND ORGANISATION

Article 17 Legal status and location

Article 18 Structure

Article 19 Functions of the Management Board

Article 20 Composition of the Management Board

Article 21 Chairperson of the Management Board

Article 22 Meetings of the Management Board

Article 23 Voting rules of the Management Board

Article 24 Responsibilities of the Executive Director

Article 25 Appointment of the Executive Director

Article 26 Deputy Executive Director

Article 27 Advisory Groups

CHAPTER IV GENERAL PROVISIONS

Article 28 Staff

Article 29 Public interest

Article 30 Headquarters Agreement and agreements concerning the technical sites

Article 31 Privileges and immunities

Article 32 Liability

Article 33 Language arrangements

Article 34 Transparency and communication

Article 35 Data protection

Article 36 Purposes of processing personal data

Article 37 Security rules on the protection of classified information and sensitive non-classified information

Article 38 Security of the Agency

Article 39 Evaluation

Article 40 Administrative inquiries

Article 41 Cooperation with Union institutions, bodies, offices and agencies

Article 42 Participation by countries associated with the implementation, application and development of the Schengen acquis and with Dublin- and Eurodac-related measures

Article 43 Cooperation with international organisations and other relevant entities

CHAPTER V ESTABLISHMENT AND STRUCTURE OF THE BUDGET

SECTION 1 Single programming document

Article 44 Single programming document

Article 45 Establishment of the budget

SECTION 2 Presentation, implementation and control of the budgET

Article 46 Structure of the budget

Article 47 Implementation and control of the budget

Article 48 Prevention of conflicts of interest

Article 49 Financial rules

Article 50 Combating fraud

CHAPTER VI AMENDMENTS TO OTHER UNION LEGAL ACTS

Article 51 Amendment to Regulation (EC) No 1987/2006

Article 52 Amendment to Decision 2007/533/JHA

CHAPTER VII TRANSITIONAL PROVISIONS

Article 53 Legal succession

Article 54 Transitional arrangements concerning the Management Board and the Advisory Groups

Article 55 Maintenance in force of the internal rules adopted by the Management Board