Category: Uncategorized

The European Commission Legal Service held its first Annual Conference, during which many speakers discussed the crucial changes brought by the entry into force of the Digital Services Act and the Digital Markets Act and debated on the pressing matters of intergenerational justice and climate litigation. This post aims at giving a brief summary of the event.

The first Annual Conference organised by the European Commission Legal Service was held on 17 March 2023 in Brussels. The event was also streamed online, and it represented a timely opportunity to celebrate the 70^th anniversary of EU law and of the Legal Service itself. In fact, the creation of the Legal Service came with the entry into force of the Treaty of Paris establishing the European Coal and Steel Community in 1952.

The conference was kicked-off by the welcoming remarks of Mr. Daniel Calleja Crespo, Director-General of the EC Legal Service. The Director-General highlighted the importance of the two topics of the Conference, namely internet and platforms regulation (morning session) and intergenerational justice and climate litigation (afternoon session). Both topics address two Commission’s priorities for the years 2019-2024, notably “A Europe fit for the digital age” and “A European Green Deal”.

Continue reading “The first Annual Conference of the European Commission Legal Service:celebrating 70 years of EU law by discussing DSA, DMA, intergenerational justice and climate litigation”

Artificial intelligence brings numerous challenges to law enforcement frameworks. As States intend to ever more rely on artificial intelligence, such use remains challenging under European law. The intent of the French government to use algorithmic crowd surveillance reflects such challenges.

Continue reading “Challenges and Opportunities for algorithmic crowd surveillance”

By Isabella, Renuka, Thomas, and Yutong

Corruption scandal at the top of the EU

Increasing anti-fraud enforcement: the need to tackle fraud on a broader level

The European Union is a very complex structure, with a budget of a little less than EUR 190 billion for 2023. This could present an ideal environment for fraudsters, who may take advantage of this to commit and mask their crimes. We can give you an example: imagine you sit at one of the highest positions in the European Parliament, and you are approached by certain countries’ representatives willing to pay you so you can lobby in their favour at Parliament’s meetings. That is fraud and it – unfortunately – happened in real life, as seen in Qatargate.

Although Qatargate involved bribes paid to MEPs, constituents of an EU institution, it was not investigated by EU bodies, but by national authorities from Belgium. Therefore we formulated to research the case in-depth and the anti-fraud framework within the EU with the aim of providing an understanding as to why EU anti-fraud bodies, especially the European Anti-Fraud Office (OLAF) and European Public Prosecutor’s Office (EPPO), have not been directly involved in Qatargate.

Although the importance of these institutions in the EU cannot be overstated, the effectiveness of their power is subject to limitations. Firstly, their competencies, whilst broad, do not fully encapsulate the various forms that European financial fraud may take, and secondly, their relationship with the relevant national competent authorities. This was evidenced by the manner in which the investigation into Qatargate was conducted.

Anti-fraud enforcement in the EU: OLAF and EPPO

As already mentioned before, OLAF and EPPO are the two main bodies established to fight fraud in the EU; and even though both bodies pursue a common objective, significant differences exist between the two.

For OLAF, the investigation powers can be classified into external (concerning the area of the Member States and other countries) and internal investigations (focused within the EU institutions), however, it does not have any sanctioning powers. Because of that, there are concerns about its lacking of sufficient criminal enforcement and judicial materialisation of OLAF’s recommendations caused by national prosecutors in certain Member States, who narrow down their investigations to national aspects.

Unlike OLAF, EPPO is granted shared competence to investigate and prosecute offences with an EU dimension which are related to fraud that has a direct impact on the EU finances/budget. Furthermore, EPPO exercises its competence only via an investigation or by deciding to use its right of evocation. If the latter applies, EPPO will determine whether it wants to take over the case initiated by the Member State(s) after deliberation with the respective national authorities. In that case, the national authorities are required to confer the proceedings to EPPO.

Qatargate: a scandal in the EU Parliament and the EU’s anti-fraud enforcement

The view from the VIP lounge

Currently, Qatargate has only been investigated at the national level, by the Belgian authorities, instead of by OLAF and EPPO, but that does not mean they have not been kept busy. At approximately the same time which Qatargate took over the news, OLAF and EPPO were involved in another investigation into the Parliament.

In December 2022, OLAF issued an investigative report regarding a “suspicion of fraud detrimental to the EU budget, in relation to the management of the parliamentary allowance”, specifically regarding money paid to parliamentary assistants. It is interesting to point out that, as clarified by OLAF Director-General Ville Itälä, “there is no link between the issues investigated by OLAF and the issues under investigation in the ‘Qatargate’. When it comes to the so-called Qatargate, OLAF is following the matter very closely, in line with its investigative experience and analytical expertise. We are in contact with the Belgian authorities on the matter”.

Based on what we have discussed above, the inner logic of such clarification is the fact that, unlike EPPO, OLAF does not have any sanctioning powers. This means that OLAF does not possess the power to conduct criminal investigations and prosecutions; so without a request from national authorities, it cannot initiate an investigation, and can only provide limited information support. Currently, OLAF shows the willingness to support the investigation into Qatargate, but it does not seem to be actively engaged in Qatargate.

The most notable fact is that OLAF is a non-prosecutorial body, and is reliant on the individual Member States for their cooperation. For example, in 2015, Hungarian authorities refused to comply fully with an investigation into bid tenders related to the disbursement of funds under the Economic Operative Programme. In such instances, OLAF cannot compel a Member State to assist in its investigations other than to request the National Competent Authorities (NCAs) do so themselves or for the European Parliament. Progress in this regard has been made, with OLAF and the Office of the Prosecutor General of Hungary, its NCA, signing a cooperation agreement last year to protect EU funds from fraud and embezzlement in the country by strengthening the closeness of its investigations.

A similar problem exists for EPPO, in that Member States retain an ‘opt-out’ from the Area of Freedom, Security, and Justice (AFSJ). Currently, Hungary, Poland, and Sweden have not joined EPPO, with Denmark and Ireland maintaining the opt-out on a case-by-case basis. While negotiations remain ongoing with Denmark and Ireland as to the level of cooperation EPPO can expect from their NCAs, this highlights the issue EPPO, and OLAF, face in an inability to force Member States to cooperate if it simply wishes not to comply.

Having explained why OLAF is not directly involved, EPPO’s reasoning is different. EPPO’s main focus is the protection of the EU budget, and because of that, as there is no evidence, so far, that the wrongdoings investigated in Qatargate have an impact on EU finances, this body – even though it has the power to conduct judicial investigations – was not involved. Yet.

Overlaps between OLAF and EPPO

In addition to the matters raised in the section above, there is another aspect that needs to be considered. Given OLAF and EPPO’s similar roles, there can often be unintentional overlap in the investigations they carry out, see the graph below.

To ensure there are no conflicts, EPPO’s Regulation expressly directs the organisation to maintain a close relationship with OLAF based on mutual cooperation, information exchange, and complimentary support. However, EPPO does not have to inform OLAF of its investigations, per Article 8(1) of the OLAF Regulation, creating a potential lack of communication and duplication of investigative resources. EPPO is only required to consider doing so where there is suspected illegal conduct relating to the financial interests of the EU. This may have occurred with Qatargate given OLAF was investigating Eva Kaili’s parliamentary assistants before EPPOs publication of its investigation.

Protecting your money: How OLAF and the EPPO can help each other fight the misuse of EU funds.

OLAF and EPPO are considerable investigative forces in the EU, but due to the factors discussed in this blog post, might be possible that fraudulent practices that hurt the EU’s and its citizens’ interests go undetected and unprosecuted, given that fraud is unavoidable to a degree in a Union so large. Therefore, expanding the strength of their investigative and prosecutorial powers and increasing their cooperation, will, in the authors’ opinion, decrease the overall levels of financial mismanagement and fraud in the EU.

By Eloise, Marina and Amber

The EPPO

Imagine you are a national who is a suspect or accused in a criminal proceeding of the EPPO. Are you aware of your exact rights as a defendant?

Defence rights in EPPO proceedings: Who cares?

The European Public Prosecutor’s Office (EPPO) is a powerful body. It can investigate and prosecute the offences that are affecting the EU’s financial interests. The actual prosecution by the EPPO always takes place before a national court in one of the EU Member States. A consequence could be that you as an individual have to take on the battle against the EPPO in a criminal proceeding. Now, it can be noticed that specific defence rights are not laid down in the EPPO Regulation itself. How could you defend yourself properly in this case?

In this blog post, we will provide you with some answers. We will guide you through the problems that we potentially have to deal with in a criminal proceeding by the EPPO. Especially in the case that the proceedings are referred to as a cross-border case. Additionally, we will lay out the arguments that you as the defendant could make. To make sure that in the end, you still stand a chance of effectively arranging your defence.

The defendant (left) against the powerful EPPO (right)

Criminal proceedings with a cross-border dimension: What to expect, or maybe even fear?

The EPPO has the power to choose a different Member State for prosecution than your own. It might therefore not be foreseeable before which court your trial will be held. Do you have any possibility to request a change of jurisdiction? Or that you will at least be heard before such a jurisdictional change is made? Unfortunately not. You do not have a voice or choice when it comes to the forum selection.

Secondly, in the case of a so-called cross-border prosecution, the investigation and obtaining evidence by the EPPO has taken place in multiple Member States. The delegated prosecutors of the EPPO are allowed to exchange and submit relevant evidence to the case file. Therefore, you as the defendant could be confronted with multiple documents based on different national procedural rules. If you want to argue that a piece of foreign evidence is illegally obtained, you need to take into account that the court will evaluate this argument based on its national procedural law. You could be confronted with the issue that the ‘potentially illegal’ evidence is stipulated as legal under their applicable procedural standards.

Another complexity you should become aware of is that your right to access the case file is limited. There are no uniform standards for handling the information in the case file laid down in the EPPO Regulation. There are no rules regarding access to such case files, nor are there any safeguards to ensure that the content of the information in the case management system always adequately reflects the case file.

Lastly, the EPPO Regulation does refer to the Charter of Fundamental Rights of the European Union as well as the ABC-Directives, to guarantee procedural rights. Therefore, it would seem that you receive enough protection and defence rights against the acts of the EPPO. But do not cheer too quickly. As noted, the national law of the state where the trial is held determines the procedural standards applicable. If a Member State has not implemented specific defence rights from these Directives, you can rely solely on the national procedural safeguards applicable. The level of protection of defence rights will be determined by the procedural rules of the state where the proceedings take place.

How to set up a successful defence

Looking at the issue of forum selection, you should be granted the ability to have more insight into where the proceedings will take place. Especially since this could simplify the process of selecting a lawyer. On this basis, you could use the argument that there should be a right to request a change of jurisdiction. Or at least, you should be granted a chance to be heard before such a jurisdictional change is made. Consideration should be given to your personal circumstances. The issue of foreseeability and the possibility of forum shopping means that the defendant must be guaranteed that there will be no change in the court’s jurisdiction during ongoing proceedings, as it is difficult to predict the court where the trial will be held.

Access to the case file is another important defence element. You could argue that complete access to information is necessary in order to prepare an effective defence strategy. The EPPO Regulation’s limited provision of free exchange of evidence makes it almost impossible for you to become aware of all documents obtained under all various procedural rules. You could use the argument of disproportionality in light of all the knowledge necessary to actually be able to understand the case file. The extra costs for an effective defence due to this complexity can be deemed unbearable.

The same argument can be used to challenge the lack of specific defence rights in the EPPO Regulation itself. As a defendant, it does not seem right to be dependent on the procedural rules of the Member State in which the proceedings take place.

Goal achieved?

Since you as a defendant are facing the consequences of an EPPO proceeding, you should be protected in all of your rights to be able to set up an effective and fair defence. In light of the difficulties that the defendant could face in a cross-border procedure of the EPPO, the individual needs to be made aware of applicable rights and possibilities to arrange his defence as effectively and successfully as possible. The Charter and the ABC-Directives are well-known instruments for defence rights. However, it would be easier and more efficient to include defence rights provisions, forum selection and a regression clause in the already existing EPPO Regulation. Cross-border prosecution is complex and deserves a general, harmonised and clear defence rights framework.

 

 

 

By An Nhien, Iman, Liudmila, Timothy and Alice

National Security vs. Privacy

By An Nhien, Iman, Liudmila, Timothy and Alice

In the ever-evolving battle against serious and organized crime, law enforcement agencies (LEAs) are turning to a new weapon: lawful hacking. But as the supporting role of using hacking techniques by the and other agencies becomes more prevalent, questions are being raised about the impact on fundamental rights, particularly the right to privacy. With events like the high-profile EncroChat case and a landmark decision of the Court of Justice of the European Union (‘CJEU’), the legality and implications of hacking techniques in general, and the supporting role of Europol in facilitating lawful hacking in particular, are under intense scrutiny. Join us as we delve into the legal limbo and decode the delicate balance between privacy and public safety in the realm of facilitating lawful hacking by Europol.

What is Lawful Hacking?

There is no singular definition at the EU level. Similar terms such as “lawful hacking”, “law enforcement hacking”, “government hacking”, or “network investigative techniques” are often used interchangeably. However, Liguori argued that “lawful hacking” could be the most appropriate term as it broadly implies both the technical means of this investigative method and the lawful nature of the activity. Hence, he defines “lawful hacking” as the use of hacking techniques by LEAs to gain access to computer systems and networks for the purpose of investigating criminal activity. Simply put, LEAs would exploit the vulnerabilities of software, hardware, or firmware, to gain access to technical devices and then extract data and evidence from such devices. For instance, LEAs can conduct a forensic examination of seized smartphones after using algorithms to find the password of such smartphones.

Europol has declared the need to use lawful hacking due to the strong encryption on electronic devices that undermines the investigation and prosecution of organized crimes as the data is unavailable or unidentifiable. The use of encryption has increased the number of serious crimes, which has been identified by Europol as a threat to public order and safety, the efficiency of the criminal justice system, and the rule of law. On the contrary, the use of lawful hacking itself can also pose risks to the protection of fundamental rights. Indeed, the application of this method can, for instance, potentially interfere with individuals’ privacy if LEAs excessively access personal data without sufficient valid reasons or legitimate aims. As such, LEAs’ use of lawful hacking has become a contentious issue in the European Union (EU), raising questions about the balance between LEAs’ needs and individual privacy rights. The landmark is a stark example of the potential impact of lawful hacking by Europol and national LEAs on fundamental rights, particularly the right to privacy. Keep reading as we uncover the ramifications of lawful hacking, considering the EncroChat case.

EncroChat’s Downfall: Privacy at Stake.

In the world of encrypted communication networks, EncroChat was the king of security – until its downfall. EncroChat, an encrypted communication network advertised as a secure means of communication with complete anonymity, was dismantled by a French-Dutch joint investigation team in July 2020. Specifically, in the Encrochat case, LEAs hacked into a secure messaging platform that has been believed to be exploited by criminals, gaining access to private conversations and gathering evidence and leading to the arrest of several suspects across Europe. While the investigative method of lawful hacking helped in capturing criminals, does it also negatively impact the privacy of other normal users like us?

Article 8 of the European Convention on Human Rights (ECHR) guarantees our privacy rights. However, the EncroChat operation involved the development and distribution of malware disguised as an update, raising questions about the legality of the evidence obtained and the right to privacy. The lack of transparency in the methods used has caused uproar in legal circles, with debates about the potential misuse of lawful hacking. This means that while LEAs might have legitimate aims when they broke into the EncroChat system, they should do this very carefully because of the complex legal issues that arise alongside them, especially those related to privacy protection. In short, before deciding to apply or assisting the lawful hacking application, LEAs must take into account whether and to what extent this method can interfere with the individual’s privacy.

Legal Limbo: Hacking Techniques Challenged by European Parliament and CJEU.

In a report published by the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) in 2017, even before the EncroChat case, concerns about the legality of lawful hacking activities conducted or supported by LEAs were raised. According to the report, there is a risk that the use of hacking techniques may infringe on fundamental rights. These concerns have been further amplified by the CJEU’s decision in the case of Accordingly, the CJEU ruled that the UK’s regime for public authorities’ retention and access to communications data, including LEAs, was inconsistent with EU law. The Court held that communications data’s retention on a general and indiscriminate basis, without any differentiation, limitation, or exception for the objective of fighting crime, was impermissible.

Privacy vs. Public Safety: Decoding Lawful Hacking by Europol

Although there are concerns about the possible violation of privacy rights by lawful hacking, it should be noted that this right is not absolute as it can be restricted under certain circumstances. Simply put, your privacy is only respected if it does not hamper the protection of the fundamental rights of other individuals or, on a larger scale, the interests of public safety/national security. If your privacy affects the latter, it is justified for you to “compromise” your interests for that of public security when you are legally requested, for instance, to provide access to your personal information by LEAs. It is, therefore, a matter of balancing different (and perhaps opposing) fundamental rights and interests of different parties involved. Concerning the use of lawful hacking for investigation purposes, one of the most important tasks of LEAs is to balance individuals’ right to privacy and national security, public safety and/or other individuals’ fundamental rights. To do this, Europol must refer to the Charter of Fundamental Rights of the EU (The Charter) and the ECHR since these legal documents protect and balance fundamental rights within the EU.

For instance, Article 8(2) ECHR states that a public authority cannot restrict privacy right unless it adheres to the law and is necessary to protect national security/public safety, etc. This interpretation was confirmed by the Court in Malone v. UK, ruling that a method allowing communications interception to support investigations by LEAs was essential if it met conditions provided by Article 8(2). Three main conditions for a lawful interception by LEAs include:

1. such interference/interception is provided by the law;
2. it is necessary and proportionate, and
3. it aims to pursue legitimate aims such as the protection of public safety or national security or the prevention of crime/disorder

Since lawful hacking is one example of lawful interception, it is also subjected to these requirements. As long as the three conditions are met, the role of Europol in supporting lawful hacking does not violate the right to privacy enshrined in the ECHR and the Charter. Europol, in the joint Eurojust-Europol annual report on encryption in 2021, emphasizes it would follow such requirements by stating that their technologies must be accompanied by suitable protections, such as standards of necessity and proportionality to ensure the admissibility of collected electronic evidence in court. So, don’t worry whenever the LEAs are hacking your devices because they will respect and protect your privacy while doing so.

 

Safety and privacy

 

 

 

 

 

 

 

 

 

 

 

By Georgios, Maren & Julian

 

 

Significant banks can still cause severe dangers to the European financial market as shown by the SRBs first resolution case, Banco Popular. Banco Popular had severe liquidity issues which endangered the financial stability of Spain and Portugal. The swift resolution could have prevented a tremendous impact on the economy and possible costs of a state bail-out. The blog post aims to give an insight into how the SRB makes such a resolution decision looking at the Banco Popular case. Which shows that decisions made by the SRB are subject to democratic legitimacy concerns in the form of: judicial accountability, institutional balance and the amounts of discretion the Agency thereby.

 

Let’s talk about the development of the EBU and the SRB subsequent to the financial crisis

In response to the global financial crisis the EU created the SRB, an EU agency, to make the financial market more resilient and stable and to move towards the European Banking Union (EBU). This is one of the most significant developments in European Integration since the establishment of the Economic and Monetary Union; which was meant  to restore confidence in the European banking systems after the double threat of the international financial crisis and the sovereign debt crisis. The EBU consists of 3 pillars: the Single Supervisory Mechanism, the Single Resolution Mechanism (SRM) and the European Deposit Insurance Scheme which is still under construction, as can be seen in Figure 1.

(Figure 1 – Banking Union)

The SRB is the EBUs resolution authority and therefore part of the SRM and has been established by the SRM Regulation (Regulation No 806/2014 (SRMR)). When a bank is failing or is likely to fail despite stronger supervision through the SSM, the SRM allows the effective resolution of the bank. The core mission of the SRB is to ensure an orderly resolution of failing banks, with minimum impact on the economy and public finances of EU countries, avoiding state bail-outs, which happened to a massive extent during the financial crisis to the detriment of the taxpayers.

The SRB as an EU agency has a broad mandate and an autonomous budget as independence is especially crucial when resolving significant banks. This mission is one of great societal relevance and one the author’s stand behind.

 

How does the SRB resolve a bank looking at the Banco Popular case

(Figure 2 – Resolution making process)

The procedure according to which the SRB adopts resolution schemes and according to which the resolution becomes a fully-fledged resolution plan, is described in Art. 18 SRMR. (Figure 2).

More specifically, in order for the SRB to draft a resolution scheme three conditions need to be fulfilled:

• Step1: Bank is failing or likely to fail
• Step 2: Private sector financing or any other private alternative does not exist
• Step 3: Public interest assessment

Step1: Bank is failing or likely to fail

First, the ECB should find a bank is failing or likely to fail, but it is also possible for the SRB to proceed to a similar assessment on its own. However, this only happens when the ECB is specifically requested by the SRB to make an assessment and when the ECB fails to act within three days of the request. In the case of Banco Popular the SRB initiated proceedings on the 3^rd June 2017 and asked the ECB to assess Banco Populars situation. On the 6^th June 2017 the ECB determined that the bank was failing or likely to fail as ‘[i]t is likely that the institution will not be able to pay back its debts or other liabilities in the near future’ (Art. 2). Thereby, the first condition of Article 18 (1)(a) is fulfilled, the bank is having severe liquidity issues endangering the financial stability of Spain and Portugal.

Step 2: Private sector financing or any other private alternative does not exist

Secondly, the SRB should assess that there is no reasonable prospect that any private sector financing, other private alternative or supervisory action could prevent the failure of the entity. The resolution, in other words, must be rendered as the most suitable and proportionate measure to avert the collapse of a certain bank. SRB in cooperation with the ECB determined that there is no reasonable prospect for private measures (Art. 3).

Step 3: Public interest assessment

Lastly, the adoption of the resolution must serve the public interest (Art. 18 (1), (5) SRMR). The SRB in cooperation with the ECB determined that the resolution is in the public interest to safeguard financial stability in Spain and Portugal (Art. 4).

In the Banco Popular case, the SRBs executive session, which consists of the Chair and four full-time members, which are observed by the Commission and the ECB, determined the three conditions given. Shortly after, it adopted the resolution scheme on the 7^th June at 5:30 am according to Art. 18 (1) SRMR.

Thereafter, the Commission, within 24 hours of the transmission, could endorse or object to the resolution draft. If specific circumstances under the SRMR are given, within 12 hours of the transmission, the Council could be involved and asked to endorse or object to the draft within the next 12 hours. When the Commission remains silent and does not express any objections, the resolution enters into force automatically after 24 hours (Art. 18 (7) SRMR). If the draft is objected to, the SRB should reform the draft, incorporating the objections within the next 8 hours.

In the Banco Popular case, the Commission took 1 hour (5:30-6:30) to assess the decision and endorsed it. In a statement of reasons it stated: ‘[t]he Commission agrees with the resolution scheme[,] [i]n particular it agrees with the reasons of the SRB why it is necessary in the public interest’. This short time frame gives doubts to whether it just copy-pasted the decision or actually assessed it as required per the Art. 18 (7) SRMR and whether they sufficiently assessed the discretionary aspect of the scheme. Although the Commission is an observer in the entire process, it does not show how they assessed and evaluated each decision made by the SRB. Instead of merely saying ‘we agree’ some thorough reasoning why the Commission agrees is important to avoid future democratic legitimacy concerns in the SRB’s decision making process.

The SRB decided to use the sale of business tool (Figure 3), which enabled the conversion of capital into shares which were subsequently bought by Banco Santander for the symbolic amount of 1 Euro. Banco Santander was able to provide the necessary liquidity and Banco Popular was able to open the next day as a subsidiary of Banco Santander.      

    

(Figure 3 – Resolution Tools)

The implementation of the adopted resolution relied solely on the relevant National Resolution Board. Nonetheless, according to Art. 29 SRMR, where a national resolution authority has not applied, not complied or has applied it in a way which poses a threat to any of the resolution objectives or the efficient implementation, the SRB may take over the implementation of the resolution, after informing the Authority and the Commission. In the Banco Popular case the Spanish authority swiftly implemented the SRB resolution scheme.

What democratic legitimacy challenges may arise from this process?

In our opinion it seems like the Banco Popular resolution has been successful in the way that it has prevented depositors of the bank and the taxpayer to lose money and safeguarded the financial stability in Spain and Portugal. However, despite the evident effectiveness of the resolution and the resolution-making process, legal and institutional challenges remain, which were also raised by the shareholders borning the burden of the bank’s rescue. The General Court rejected all of their claims in five separate cases. However, democratic legitimacy concerns persist to arise, also from certain aspects of the overall resolution making process provided in the SRMR as:

Firstly, even though it did not occur in Banco Popular, the SRB could come to the assessment that the three criteria are not fulfilled, thus no resolution decision would be concluded. As occurred in the ABLV case, whereto the ECJ decided  that the SRB’s non-resolution decision could not be challenged (Ernests Bernis case). The action for annulment (Art. 263 TFEU) by the shareholders, on which the decision had an economic effect, was inadmissible due to the missing legal effect on them. This makes the non-resolution decision unchallengeable for the ones economically affected, questioning the legal accountability.

Secondly, the SRB’s resolution scheme can be automatically adopted, if the Commission remains silent for the 24 hours after transmission. Then the SRB exercises discretionary policy-making powers with questionable safeguard of accountability in place.

Thirdly, even when the SRB’s decisions are reviewed by the Commission or the Council, the short deadlines of 24 hours and 12 hours provided by the SRMR, could cause doubt to a thorough review. Creating concerns about the de facto integrity and actual facilitation of such a review process. The 77 minute long Commission’s review of the Banco Popular resolution scheme, indicates more of an approval of  SRB’s decisions, without any real assessment. although it could be argued that the Commission is involved as an observer beforehand and therefore steers the SRB, using their final say as a negotiation tool. However, is this sufficient to quantify a thorough assessment.

These three questions relating to democratic legitimacy remain after looking at the Banco Popular ‘saga’ and the SRB’s resolution process.

 

By Daan, Giulio, Henrik and Majed

Section I – ECHA: There’s more than meets the eye

 Chemicals are of fundamental importance for the well-functioning of modern society. Think of chemicals such as hydrogen and bromine. However, dangerous chemicals, such as asbestos, have led to the loss of many lives. Therefore, the European Chemicals Agency (ECHA) is concerned with the safe use of chemicals within the internal market. However, officially it is not an enforcement agency. Paradoxically, a closer examination of this ‘non-enforcement’ agency reveals that it has powers that can be classified as enforcement powers. The arguments for and against the ECHA possessing direct and indirect enforcement capacities are carefully weighed in this blog post.

As this post shows, some arguments point to the ECHA’s lacking enforcement capacities, such as its reliance on national authorities and its lack of direct involvement with citizens in the various stages under REACH. However, various other arguments can be presented that point in the direction of it, in reality, possessing different variations of enforcement powers. Not only can it take binding decisions in the registration phase, but also by delivering its scientific opinions, it is in the driver’s seat of an enforcement network which is built upon the National Competent Authorities’ (NCAs) powers. With that said, in the end, it is up to you to decide how to view ECHA’s enforcement powers.

Direct and indirect enforcement

 Enforcement can be understood as the capacity to prevent potential violations of the law while ensuring compliance with its obligations. Direct enforcement can be understood as monitoring, investigating, and sanctioning individuals and businesses who are subject to the rules and regulations of substantive law. On the other hand, indirect enforcement concerns those instances where public authorities coordinate and influence the application of the law by national or European authorities, but not directly against citizens.

The iceberg: a schematic overview of ECHA’s enforcement capacities

Section II – The ECHA lacking enforcement capacities The ball is in the Member States’ court

Looking at the ECHA’s operations shows that the Agency lacks enforcement powers. Be it the checking for completeness of the dossiers filed by companies or the evaluations of the compliance of the information with the required standards, ECHA’s decisions are effectively made by its Member State Committee. Take, for instance, the evaluation of chemicals. What the Agency does is draw up a ‘Community Rolling Action Plan’ which is a list of chemicals the Member States’ authorities can discretionally choose from to later assess the chemical in complete autonomy.

Next, is that the national authority prepares a draft decision, which in most cases is the final decision in respect of the chemical at issue that will be made by the ECHA itself. Therefore, the impression is that of an Agency that limits itself to rubber-stamping what in reality is the working of the competent authorities of the individual Member States. After all, Article 45(1) of the REACH Regulation unequivocally states that “the Agency shall rely on the competent authorities of Member States” with regard to the role they play in the proper evaluation of chemicals.

Direct enforcement or bureaucratic pen-pushing?

 Secondly, the REACH Regulation sets out the ECHA’s functions in respect of the registration, evaluation, authorisation, and restriction of chemicals. With regards to authorisation and restriction, the role of the Agency is purely advisory, whereas, in the registration and evaluation processes, its decisions are technically binding. Yet is it really the case that the faculty to make binding decisions provides the Agency with direct enforcement powers? A mere glance over the Agency’s tasks suggests that it is not. It is true that the Agency may accept (unconditionally or conditionally) or reject a company’s application for placing a chemical on the market, but that is virtually all its direct enforcement ability. During that phase, the Agency enforces the standards of information required by REACH directly in relation to the applicant. All the while, this direct enforcement is little more than a formal check to verify whether the information included in the applicant’s dossier is complete. Past this bureaucracy-dictated check, there is little in the Agency’s activities that may amount to direct enforcement. As said, in the authorisation and restriction stages, its role is purely advisory and, with regards to the evaluation stage, the Member States’ authorities are the ones in charge of verifying the substantial compliance of the information with the legal standards.

Section III – The ECHA possessing enforcement capacities The EU’s chemistry expert

The ECHA is a pre-decision-making agency. Even though the ECHA does not make a certain decision by itself, it influences the outcome to a great extent. The ECHA can have such influence over decisions through the drafting of decisions, opinions and recommendations. Since the ECHA is considered the leading expert on the EU’s chemicals policy, other parties require good arguments in order to diverge from the ECHA’s stance. Thus, while formally the decision might be made by the Commission, factually, it is the agency that stipulates what will happen. The rationale behind this phenomenon is that the Commission does not possess the expertise required in order to assess the ECHA’s recommendations and thus it will usually adopt the ECHA’s stance. Thus, although the ECHA legally lacks direct enforcement powers in most fields, through indirect enforcement the ECHA factually enforce rules in the field of EU chemical policy. This makes sense because EU agencies are usually set up to be the experts in their field and it would be inefficient not to provide these experts with the tools to materialize their knowledge.

A closer look: direct and indirect enforcement in practice through the ECHA

 While the ECHA does not legally possess enforcement capacities, it does play a central role in the enforcement of the EU’s chemicals policy. In terms of direct enforcement, the ECHA is capable of taking binding and consequential decisions directly on individuals and businesses during the dossier submission stage, where it undertakes a ‘completeness check’ of the content of applications. At this stage and during the registration phase, the ECHA can solely decide whether to accept or reject the application of the chemical in question. A negative decision by the ECHA can have significant consequences on the applicants, who will need to either appeal the decision or submit a revised registration application. This can delay or prevent registration altogether and, consequently, the subsequent circulation of a chemical substance into the Union. The ECHA is therefore capable through this capacity of independently preventing potential violations of REACH while achieving compliance with its obligations.

Following the registration phase, the ECHA continues to play an important role in the evaluation and authorization stages. Here, the agency harmonizes and supervises cooperation with NCAs in a manner akin to that of an enforcement network, inducing a high level of collaboration between the different NCAs. In addition, decisions adopted by those NCAs often rely on the scientific opinions of the ECHA, demonstrating how the agency contributes to the indirect enforcement of the obligations under REACH.

By Lisa, Jasper and Sophine

Eurojust opinions may jeopardize the rights of suspects and nothing can be done to hold Eurojust accountable. Member States of the EU (MS) prefer to follow the opinion of Eurojust on choices of jurisdiction and this has implications for the fundamental rights protection of suspects.

For this reason, this blog post addresses the problematic nature of the lack of judicial review of opinions on jurisdiction issues by Eurojust.

©

Eurojust – who again?

Eurojust is a European Union (EU) agency. Eurojust aims to allow effective cooperation among the MS and ensure that cross-border crimes are properly addressed. Eurojust is a network of public prosecutors of the MS who can support each other in obtaining mutual cooperation in criminal matters and can take joint decisions on the most suitable place for prosecution.

‘On paper’ the documents produced by Eurojust are non-binding and therefore not subject to judicial review. However, to what extent is this true? After the new 2018 Regulation, Eurojust’s powers got stronger and more influential, to the point in which they can be de facto and de jure binding. As will be highlighted, Eurojust opinions are often followed. Furthermore, Eurojust has soft law mechanisms to ensure compliance with its opinions (naming and shaming). Although the powers of Eurojust got stronger, there is still a lack of judicial review regarding its written opinions. Since there is no judicial review of these opinions on jurisdiction there is no way for a suspect to challenge these decisions. This leaves the suspect defenceless regarding forum choices.

Are States like sheep and is Eurojust their shepherd?

As a starting point, when analyzing the influence of Eurojust on matters concerning conflicts of jurisdiction, it is necessary to understand what we are dealing with. Conflicts of jurisdiction can be either positive or negative. The first refers to situations in which MS have an “overlap” meaning that more than one MS has the opportunity or intends to exercise jurisdiction over a crime. In the second scenario, no MS wants to exercise its jurisdiction over a crime, which risks impunity. Both situations are not ideal and should be addressed.

©

Within its powers, Eurojust has the ability to issue opinions either on the basis of a MS’s request or autonomously to assist national authorities struggling with conflicts of jurisdiction. Eurojust can provide insightful recommendations and opinions regarding the most suitable and effective MS to exercise jurisdiction. By doing so it prevents impunity and preserves the rule of law.

©

Something important to remember is that on paper Eurojust does not have powers to issue binding decisions. However, this official lack of binding powers does not seem to apply in concreto, since Eurojust can indirectly pressure MS into complying with their requests.   

In fact, Eurojust has been successful in pressuring MS to cooperate through the ‘naming and shaming’ of non-cooperative MS. These MS can be mentioned by Eurojust in their annual report or MS’s decision of non-compliance can be brought up to the Council’s attention. This could be enough to keep the MS on their toes. In the recent publication by Eurojust, one can notice that MSs practically always follow the guidelines set out by the agency. This report shows that since 2016, all solutions proposed by Eurojust have been followed by national authorities, except in one case.

This shows how Eurojust influences and sometimes dictates the decisions of the MS on conflicts of jurisdiction through their written opinions and recommendations. The issue which arises from this is that, on paper, Eurojust cannot issue binding decisions on the MSs, therefore there is no possibility of having a Eurojust act reviewed. When it comes to the choice of forum, the decision on the matter is significant since it affects the entire criminal proceedings. For this reason, the importance of judicial review will be highlighted in the next paragraph.

©

Eurojust slips through the cracks of judicial review

The problematic nature of the lack of judicial review of Eurojust’s opinions can be illustrated with the following examples.

First of all, the European Union is based on the rule of law, which means that individuals must have the right to challenge the legality of acts before the national courts. Therefore, this means that all acts of the Union should be open to judicial review. Direct review is only possible by and before the Court of Justice of the EU (CJEU) and indirect review is possible through the prejudicial ruling procedure. However, Eurojust’s written opinions and decisions are not considered acts because they are not legally binding as is decided in the ESMA Shortselling case. Therefore, they cannot be subjected to judicial review by the CJEU.

Secondly, it may be the case that Eurojust has to write an opinion on two MS from which one has an evidently higher observance of fundamental rights than the other. This may lead to forum shopping because prosecutors may choose the jurisdiction based on its lower standards, which is detrimental to the interests of the suspect. The Eurojust written guidelines on choices of jurisdiction address this problem. However, these are not binding and therefore, judicial accountability is not engaged when they are not adhered to.

Thirdly, although non-binding, the written opinions and decisions of Eurojust can influence both the protection of the fundamental rights of the suspect and the position of the defence. The opinions issued by Eurojust influence where a person faces their final prosecution. There is sadly still divergence in the level of protection of fundamental rights between Member States. Therefore, the choice of forum is important to accused persons. However, since the opinions of Eurojust are non-binding this leaves the accused defenceless against forum choices based on Eurojust’s opinions.

 

In sum, de facto or de jure binding, does it matter? No, because although Eurojust’s opinions affect the interests of suspects, they still slip through the cracks of judicial review.

By Yanfui, Ana, Clara and Sebastian

As the European Union agency for “European integrated border management”, Frontex is the centre for border control activities at the EU’s external borders, sharing intelligence and expertise with all Member States and with neighbouring non-EU countries affected by migratory trends and cross-border crime. It plays an active role in return operations. Under Article 3 of Directive 2008/115, return decisions are taken when the stay of the third-country national is declared illegal, which occurs when the person does not fulfil the requirements of that Member State, not carrying the required visa or residence permit.

Regarding the critics of Frontex, according to a report from 2020, Frontex faces 3 main challenges concerning pushbacks: accountability and transparency. These issues have become increasingly visible in recent years. Nevertheless, the protection of Fundamental Rights has still not been sufficiently improved. This is particularly paradoxical, as this topic has been the subject of countless publications in the legal literature and the EU legislator is also aware of the problematic situation, given that the protection of Fundamental Rights is mentioned more than 230 times in the corresponding Regulation. In the context of this blog post, we will show where the greatest deficits exist regarding transparency and accountability, and thus where the greatest need for legislative action exists. To wake up the legislator and ultimately push the legislator to real sustainable action, we will suggest that the Ombudsman could take on a decisive role. 

When Borders Become Barriers: The Unintended Consequences of Europe’s Approach to Border Control

In February, the sinking of a vessel carrying 59 refugees from Turkey to Italy was blamed on Greece. With regards to Frontex, it has cooperated in protecting the coast, which made refugees decide on circumventing the Greek islands and taking the more life-risking approach by attempting to reach Italy. Consequently, both Greece and Frontex have been accused of taking part in those deaths, and we still lack information on their participation in this incident during their border protection activity.

Unfortunately, this is only one of the numerous examples in which migrants coming in seek of asylum are subject to violence, detained, stripped, confiscated of their belongings, and pushed back to their territory.

No transparency in reality

Despite being an extremely regulated agency, the observable deficits in Frontex’s way of functioning raise doubts about its role as a border control agency. The lack of transparency and accountability in Frontex’s activities has been subject to debate since the Agency was created, with several calls demanding a solution to this issue at a national and European level, with no significant changes to this date.

When Frontex does not meet its transparency obligations, holding it effectively accountable for its actions is further complicated by the non-accessibility of all information. Even though a transparency mechanism can be found in Regulation 1049/2001 -to which Frontex is subject to access to Frontex’s documents remains highly restricted on account of the nature of the information they contain. This cult of secrecy is further increased by the requisites prescribed in the Regulation: To access Frontex’s documents the person must be a citizen of the European Union. This reduces many potential information requests, as those primarily affected by Frontex’s actions do not meet this requirement.

Moreover, from an accountability point of view, much has been reviewed and promised yet no noticeable changes can be seen. Being an EU Agency, Frontex is bound by the Charter, which consequently shields migrants from refoulement and collective expulsions. It also prohibits the conduction of pushbacks, as well as any sort of participation in them and the omission of acting against them. At first sight, the law is clear, and the system should work. Yet it is still extremely complicated to hold Frontex accountable when it does not comply with the said obligation, even when tools created with significant effort such as the ‘individual complaint mechanism’ exist. The reason is not surprising: Frontex is formed by multiple actors from quite diverse backgrounds which makes it particularly challenging to allocate responsibility in case of wrongdoing, specifically in the context of pushbacks.

Enhancing political attention as the way forward in addressing the non-accessibility hurdle

The main changes needed to improve accessibility are more or less obvious. The right of access to information must be made more effective by also granting it to non-EU citizens. In addition, the requirements for refusing the right to information on public security grounds must be made more stringent, so that this straightforward way of denying access is no longer available. Since the EU legislator, despite frequent and repeated criticism, has so far not genuinely chosen to strengthen the protection of fundamental rights at the expense of less effective border protection, the question arises of how the legislator can be pushed to such legislative changes.

For this purpose, the European Ombudsman should be involved to a greater extent by receiving complaints about Frontex activities. The broad mandate from Art. 228 (1) TFEU would allow the Ombudsman to deal with such complaints, to make them public and to enter into an accountability dialogue with Frontex. It is true that here, too, only natural persons residing within the EU can file a complaint, which will probably never be the case in practice regarding persons who have been pushed back. However, legal persons located within the EU can also file corresponding complaints and thus draw the attention of the Ombudsman to deficiencies in the work of Frontex at the border. Such legal persons are non-governmental organizations (NGOs), most of which have a registered office within the EU. These could serve here as a spokesperson for the third-country nationals who have been pushed back. The Ombudsman can then forward the submitted complaints to the European Parliament through so-called special reports, which would ensure that the issue is debated and thus gains political attention.

Even if an EU institution would not be obliged to comply with the Ombudsman’s recommendations, it can be pressured towards compliance through public ‘naming-and-shaming’. Even if immediate changes would fail to materialize due to the lack of far-reaching powers of the Ombudsman, the Ombudsman’s activities and demands could prepare the ground for later secondary legislation changes by increasing political pressure by highlighting the deficiencies to the public. The Ombudsman’s ability to persuade the legislator to amend the legislation has been proven, for instance, by the introduction of the complaint mechanism in Art. 111 of the Frontex Regulation, which was ultimately also based on the suggestion of the Ombudsman.

By Leo, Liza and Matteo

Source: ESG Risk Management: How to Conduct Risk Assessments, Analyze and Prioritize

Amongst its most important priorities, ESMA has identified the aim to tackle ‘greenwashing’. Enforcing the Sustainable Finance Disclosure Regulation 2019/2088 (“SFDR”) is a relevant tool for that purpose. This blog post will set forth how the tasks conferred to ESMA under the SFDR will likely prove themselves to be insufficient. Expanding the authority’s tasks may be an effective step, but ESMA cannot act with full discretion.

Financial greenwashing

The term greenwashing generally refers to companies presenting their business activities as more sustainable than they actually are. The increased demand for sustainable products has led financial operators to capitalise on the “green” inclinations of their investors. This has resulted in a growing number of companies making unsubstantiated claims about their “green” products. As a result, investors have come to buy financial assets that only appear climate-friendly Greenwashing hinders the financial sector as it harms the confidence of shareholders in green products. Facing greenwashing in the financial sector is challenging especially because of the risk of regulatory arbitrage, as ESMA pointed out. Indeed, Member States apply different rules to define “green” financial products. Hence, the regulated companies may establish their registered offices in countries with softer regulations.

The EU Sustainable Finance Framework: information disclosure

In a broader effort to increase the supply and demand of green capital, the European Commission launched the 2018 Action Plan “Financing Sustainable Growth”. The plan consists of three building blocks: (1) a taxonomy of sustainable activities, (2) disclosure requirements for financial and non-financial companies and (3) investment tools such as benchmarks, standards and labels. The second building block tackles greenwashing as it aims
to provide investors with the necessary environmental information to make informed and sustainable decisions on the market.

Source: Strategy for Financing the Transition to a Sustainable Economy

The Sustainable Finance Disclosure Regulation

A key contributor to the Commission’s second building block has been the Sustainable Finance Disclosure Regulation 2019/2088. The provisions of the SFDR entered into force in 2021 and impose extensive sustainability disclosure requirements on a number of financial institutions such as banks. For this purpose, the SFDR defines various categories of financial products, plus “sustainable investments”. These categories vary from initiatives without any climate-friendly considerations to those with specified environmental objectives. Overall, the regulation aims to increase transparency, maintain a level playing field within the EU and address the issue of greenwashing.

As ESMA is one of the three European Supervisory Authorities (“ESAs”), it operates within the ESA Joint Committee. This Joint Committee received a mandate to review and revise the Regulatory Technical Standards (“RTS”) under the SFDR. In February 2021, the ESAs accordingly presented their final report on draft RTS regarding the content, methodologies and presentation of sustainability-related disclosures. Currently, the Joint Committee is still working on finalizing its draft RTS. It is expected that the ESAs will issue a Final Report before November 2023.

The role of ESMA

Currently, the SFDR does not name ESMA as the sole EU regulatory supervisor. As the supervision and enforcement of the SFDR is a task for national competent authorities (NCAs), ESMA is bound by a shared enforcement system: whilst ESMA can establish RTS under the SFDR, only NCAs can sanction financial operators in case of non-compliance. Even in the absence of regulatory arbitrage at the level of NCAs, this could lead to an ineffective approach towards greenwashing.

Indeed, some argue that the regulation lacks clarity. The regulation does not clearly define either “sustainable investments” or the abovementioned categories of financial products. The EU Commission recently released a Q&A to define sustainable investments, but the Commission’s answers have been considered “broad and neutral”. The SFDR may be ineffective in the absence of a clear definition of legal notions such as “sustainable investments” as investors may be unable to assess whether an investment is indeed green. Consequently, financial institutions may greenwash by indicating an investment as green even if its sustainability is debatable. Indeed, some have already raised concerns about potential greenwashing effects arising from the SFDR unclarity.

An unclear Regulation like the SFDR may cause different interpretations of both the “sustainable investments” and the financial products’ categories across the NCAs. It has been argued that ESMA should be appointed as the sole supervisor and enforcer of the SFDR to ensure EU supervisory harmonisation and to increase regulatory harmonisation. This situation may also result in national interventions aiming to define sustainable investments and the abovementioned financial products’ categories. These interventions would harm the harmonisation process and be an obstacle to a sole EU supervisor. Alternatively, ESMA could define the abovementioned unclear notions to properly enforce the SFDR. However, agencies, including ESMA, are subject to some constraints under the New Delegation Doctrine, that developed the Meroni Doctrine.

Source: EU Institution: Court of Justice of the European Union (CJEU)

The 1958 Meroni Doctrine stated that European institutions can delegate powers to agencies, but the latter cannot have any discretion  in applying these powers. Consequently, agencies cannot be delegated any regulatory power. Instead, they can only exercise “clearly defined executive powers”. However, the Court of Justice of the European Union currently supports more extensive delegations of powers to the EU agencies. Indeed, the 2014 New Delegation Doctrine ensured that EU agencies can make legally binding decisions. Nonetheless, the content of such decisions must be specific, precise conditions and criteria must limit the authorities’ discretion, and the legally-binding measures must allow for judicial review. Compared to the Meroni Doctrine, the New Delegation Doctrine seems to incentivise the delegation of regulatory powers to the EU agencies. Still, ESMA cannot be delegated full discretionary powers to take legally-binding measures in order to address greenwashing. This principle would limit ESMA’s discretion to define sustainable investments and the various financial products considered by the SFDR. Still, there is ground for an effective extension of ESMA’s supervisory tasks under the New Delegation Doctrine