32001D0912

Decision of the European Central Bank

of 8 November 2001

on certain conditions regarding access to the Counterfeit Monitoring System (CMS)

(ECB/2001/11)

(2001/912/EC)

THE GOVERNING COUNCIL OF THE EUROPEAN CENTRAL BANK,

Having regard to the Treaty establishing the European Community and in particular to Article 106(1) thereof,

Having regard to the Statute of the European System of Central Banks and of the European Central Bank, and in particular to Article 16 thereof,

Whereas:

(1) Council Regulation (EC) No 1338/2001 of 28 June 2001 laying down measures necessary for the protection of the euro against counterfeiting(1) establishes certain measures in connection with the collection and storage of data related to counterfeit banknotes and coins and with access to these data.

(2) The fight against counterfeiting cannot be dealt with only at a euro area level; to this effect, the Council of the European Union has taken measures in relation to the euro under Title VI of the Treaty on European Union (i.e. the third pillar); also, Council Regulation (EC) No 1339/2001 extends the effects of Council Regulation (EC) No 1338/2001 to those Member States which have not adopted the euro as their single currency(2).

(3) The processes and systems already in place for the analysis of counterfeits and for the collection of information relating to counterfeiting need to be built on; the ECB had established the Counterfeit Analysis Centre and the Counterfeit Currency Database; it has become appropriate to reorganise and rename the latter as the "Counterfeit Monitoring System" (CMS) and define its characteristics.

(4) The ECB provides for the conditions that ensure the appropriate procedures for access to the relevant data of the CMS in compliance with Regulations (EC) No 1338/2001 and (EC) No 1339/2001. For this purpose, all national central banks (NCBs) of the European System of Central Banks need to establish their respective National Counterfeit Centres (NCCs) within each NCB and create the role of security administrator of the NCC. The ECB also reaches the necessary arrangements and agreements with the Commission and Europol in order to provide for their appropriate access to the data of the CMS and for the access of the European Technical and Scientific Centre also in compliance with Regulation (EC) No 1338/2001. Any access should respect the relevant minimum security standards. This respect is essential because of the confidential nature of the data of the CMS. The confidential nature of the data means that the information that each of the users of the CMS obtains from the CMS should be used exclusively for the purpose of fulfilling their responsibilities in the fight against counterfeiting of the euro. Limiting access to the data of the CMS helps to ensure confidentiality.

(5) A manual of procedures and the minimum security standards in connection with the CMS are in the process of being approved by the Governing Council of the ECB. They will not be published due to the confidential nature of the data to be introduced and to be accessible in the CMS and to the importance of maintaining a confidential environment for the use of the CMS,

HAS DECIDED AS FOLLOWS:

Article 1

Definitions

The definitions contained in Regulation (EC) No 1338/2001 shall apply in this Decision.

Article 2

Counterfeit Monitoring System

1. The Counterfeit Currency Database (CCD) is renamed as the Counterfeit Monitoring System (CMS). All references to the CCD contained in any previous legal acts are now deemed to be made to the CMS.

2. The CMS consists of a central database containing all technical and statistical information on counterfeiting, both on euro banknotes and coins, whether originated in the Member States or in third countries. The CMS includes, inter alia, browsing and editing applications and facilities for the downloading and uploading of data and networks linking the different users of the CMS to the CMS.

3. The organisation and management of the CMS are the competence of the Executive Board of the ECB, which takes account for these purposes of the views of the Banknote Committee.

Article 3

Access to the data of the Counterfeit Monitoring System

1. Apart from the access of the NCBs to the CMS, access to the relevant data of the CMS is granted to the other competent national authorities, including the National Analysis Centres (NACs) and the Coin National Analysis Centres (CNACs), as regards data related to coins, in accordance with Regulation (EC) No 1338/2001. For this purpose, the conditions established in Articles 5 to 9 of this Decision apply.

2. Access by the European Commission, the European Technical and Scientific Centre (ETSC) and Europol to the relevant data of the CMS is granted in accordance with Regulation (EC) No 1338/2001. The procedures for this access are specified in bilateral arrangements and agreements with the ECB, as appropriate.

3. Subject to any agreements concerning monetary relations between the Community and third parties, the ECB may grant access to the relevant data of the CMS to the designated authorities or centres of these third parties.

4. In addition to paragraph 3 above and on the basis of Article 9 of Regulation (EC) No 1338/2001, the ECB may grant access to the relevant data of the CMS to the designated authorities or centres of third countries. They may also be provided with ad hoc data of the CMS when this is deemed necessary by the Counterfeit Analysis Centre (CAC) of the ECB.

Article 4

Introduction of data into the Counterfeit Monitoring System by National Analysis Centres and Coin National Analysis Centres

The introduction by any and all NACs into the CMS of data relating to counterfeit euro banknotes which are discovered and the sending of every new type of suspected counterfeit euro banknotes to the CAC of the ECB takes place in accordance with Regulation (EC) No 1338/2001 and with the relevant manual of procedures approved by the Governing Council of the ECB with the contribution of the General Council of the ECB. Those NACs that are not an NCB or which have not been established within an NCB are consulted on the manual of procedures. The necessary adaptations of the manual of procedures regarding the introduction of data related to coins by the ETSC and the CNACs into the CMS will also take place.

Article 5

National Counterfeit Centres

1. The task of administering access to the CMS referred to in Article 3 in the Member States is performed by an NCC established in each NCB. This NCC also facilitates communication regarding all CMS-related matters in the Member States. The role of security administrator is created within each NCC in connection with these tasks.

2. Upon agreement of the ECB, the NCC authorises the different levels of access to the CMS referred to in Article 3, in accordance with paragraph one above. For this purpose, the necessary users names and the different categories of users and different levels of access among these users are created and established by the security administrator of the NCC referred to above.

Article 6

Compliance with the security standards of the Counterfeit Monitoring System

The minimum security standards to be followed by all authorities or centres (NAC and/or CNAC) where there are users of the CMS and by such users, in connection with access to the CMS, are adopted by the Governing Council of the ECB with the contribution of the General Council of the ECB. They are notified to the NCCs.

Article 7

Confidentiality

1. Each authority or centre in which there are users of the CMS informs them of the confidential nature of the data of the CMS and of any limitations on access applicable to each of the users of that authority or centre and of the other authorities or centres, as these limitations are communicated to the latter by the security administrator of the relevant NCC from time to time. The relevant NCC may request that each authority or centre signs a confidentiality declaration in which it states that it has taken due notice of the content of this Decision. Each authority or centre consults with the relevant NCC on any relevant matter in connection with the confidentiality of the data of the CMS. The NCCs consult with the CAC of the ECB about the outcome of any such request or consultation.

2. The relevant NCC is consulted on communications containing CMS data addressed to the public, to credit institutions and to the manufacturers of relevant equipment. It also consults with the CAC of the ECB.

3. The ECB consults with the relevant NCC in connection with any suspension of access. Both the ECB and the relevant NCC may suspend access to the CMS of any users of the CMS when this is necessary to preserve the confidential nature of the data of the CMS. The relevant NCC consults with the authority or centre to which such users belong in order for the appropriate conditions for the utilisation of the CMS to be restored.

4. The minimum security standards mentioned in Article 6, as well as the manual of procedures mentioned in Article 4, once approved by the Governing Council, shall not be published due to their confidential nature.

Article 8

Monitoring

NCCs establish, in consultation with the relevant authorities or centres, procedures allowing the monitoring of their compliance with Articles 6 and Article 7 and the adoption of appropriate measures in connection therewith. These procedures also allow for the participation of the ECB in such monitoring. In consultation with the NCBs, the ECB also establishes procedures to monitor compliance by the NCCs with this Decision.

Article 9

Implementation

The Executive Board of the ECB shall take any measures to implement this Decision which are necessary for the efficiency and the security of the CMS, including any measures relating to the manual of procedures or the minimum security standards respectively mentioned in Articles 4 and 6. For these purposes, it shall take account of the views of the Banknote Committee. The Executive Board shall inform the Governing Council of any measures that it takes in application of this Article. In addition, the ECB may generally provide technical clarifications and specifications concerning the utilisation or the security of the CMS.

Article 10

Final provisions

This Decision shall enter into force on 1 December 2001.

This Decision shall be published in the Official Journal of the European Communities.

Done at Frankfurt am Main, 8 November 2001.

The President of the ECB

Willem F. Duisenberg

(1) OJ L 181, 4.7.2001, p. 6.

(2) OJ L 181, 4.7.2001, p. 11.