Directive (EU) 2022/2557 on the resilience of critical entities and repealing Council Directive 2008/114/EC

Author (Corporate) ,
Series Title
Series Details L 333, Pages 164-198
Publication Date 27/12/2022
Content Type , , ,

Summary:

Directive (EU) 2022/2557 - formally adopted by the co-legislators on 14 December 2022, introducing a number of additional critical infrastructure protection (CIP) measures and replacing Council Directive 2008/114/EC - also known as ECI Directive. The Act is known as the Critical Entities Resilience (CER) Directive. This is a text with EEA relevance.

Further information:

This Directive lays down obligations on Member States to take specific measures aimed at ensuring the services which are essential for the maintenance of vital societal functions or economic activities within the scope of Article 114 TFEU are provided in an unobstructed manner in the internal market, in particular obligations to identify critical entities and to support critical entities in meeting the obligations imposed on them. It also lays down obligations aimed at enhancing their resilience and ability to provide services in the internal market. It establishes rules on the supervision of critical entities and enforcement, for the identification of critical entities of particular  significance and on advisory missions to assess the measures that such entities have put in place to meet their obligations. Finally, it establishes common procedures for cooperation and reporting on the application of this Directive, and it lays down measures with a view to achieving a high level of resilience of critical entities in order to ensure the provision of essential services within the European Union (EU) and to improve the functioning of the internal market.

The Act repeals Council Directive 2008/114/EC, which established an EU-wide process for identifying and designating European Critical Infrastructures (ECIs), and set out an approach for improving their protection.

The draft law was tabled by the European Commission on 16 December 2020, as part of a package which also includes a new EU Cybersecurity Strategy. It sought to address calls from the co-legislators concerning the revision of the existing approach in order to better reflect the increased challenges to critical entities, and to ensure closer alignment with Directive (EU) 2016/1148 (also known as NIS Directive). It also responded to an assessment conducted to the ECI Directive. It reflected national approaches in an increasing number of Member States, which tend to emphasise cross-sectoral and cross-border interdependencies and are increasingly informed by resilience thinking, in which protection is but one element alongside risk prevention and mitigation, business continuity and recovery.

The plenary of the European Parliament's adopted a negotiating position on 20 October 2021. The Council of the European Union adopted its general approach on 21 December. An informal agreement between the co-legislators on a compromise text was reached on 28 June 2022. This was formally endorsed by Parliament on 22 November and by the Council on 8 December. The Act was signed by the co-legislators on 14 December 2022 and published in the Official Journal on 27 December 2022.

The Act entered into force on 16 January 2023. On 25 July, the Commission adopted a Delegated Act comprising a list of essential services in the eleven sectors covered by the Directive.

Source Link http://data.europa.eu/eli/dir/2022/2557/oj
Related Links
Commentary and Analysis
EPRS: Briefing, February 2021: Improving the resilience of critical entities https://www.europarl.europa.eu/thinktank/en/document.html?reference=EPRS_BRI(2021)662614
Digital Europe: Policy Paper, 12/04/2021: Critical entities: ensuring coherence of non-cyber and cyber resilience https://www.digitaleurope.org/resources/critical-entities-ensuring-coherence-of-non-cyber-and-cyber-resilience/
EPRS: At a Glance, November 2022: Resilience of critical entities https://www.europarl.europa.eu/thinktank/en/document/EPRS_ATA(2022)738212

News
EurActiv, 21/12/2021: EU members agree on resilience of critical infrastructure https://www.euractiv.com/section/eu-council-presidency/news/eu-members-agree-on-resilience-of-critical-infrastructure/
EUObserver, 22/11/2022: MEPs approve bill to protect Europe's critical infrastructure amid Moscow threat https://euobserver.com/ukraine/156449

Official
European Commission: Register of Delegated & Implementing Acts: Directive (EU) 2022/2557 of the European Parliament and of the Council of 14 December 2022 on the resilience of critical entities and repealing Council Directive 2008/114/EC (Text with EEA relevance) https://webgate.ec.europa.eu/regdel/#/legislativeActs/1184?lang=en
EUR-LEX: COM(2020)829: Proposal for a Directive on the resilience of critical entities https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=COM:2020:829:FIN
EUR-LEX: SWD(2020)358: Staff Working Document accompanying the Proposal - Impact Assessment https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=SWD:2020:358:FIN
EUR-LEX: SWD(2020)359: Staff Working Document accompanying the Proposal - Executive Summary of the Impact Assessment https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=SWD:2020:359:FIN
European Parliament: Legislative Observatory: Procedure File for Proposal on Resilience of critical entities (2020/0365(COD)) https://oeil.secure.europarl.europa.eu/oeil/popups/ficheprocedure.do?l=en&reference=2020/0365(COD)
European Parliament: Legislative Train Schedule: Proposal for additional measures on Critical Infrastructure Protection https://www.europarl.europa.eu/legislative-train/theme-promoting-our-european-way-of-life/file-critical-infrastructure-protection
European Commission: Priorities 2019-2024: European Security Union https://ec.europa.eu/info/strategy/priorities-2019-2024/promoting-our-european-way-life/european-security-union_en
General Secretariat of the Council: Policies: How the EU responds to crises and builds resilience https://www.consilium.europa.eu/en/policies/eu-crisis-response-resilience/
European Commission: Press Release, 16/12/2020: New EU Cybersecurity Strategy and new rules to make physical and digital critical entities more resilient https://ec.europa.eu/commission/presscorner/detail/en/IP_20_2391
European Commission: New EU Cybersecurity Strategy and new rules to make physical and digital critical entities more resilient – Questions and Answers (16 December 2020) https://ec.europa.eu/commission/presscorner/detail/en/qanda_20_2392
European Commission: Opening remarks by Vice-President Margaritis Schinas at the press conference on the cybersecurity strategy (16 December 2020) https://ec.europa.eu/commission/presscorner/detail/en/speech_20_2460
European Parliament: Press Release, 12/10/2021: Essential infrastructure: new rules to boost co-operation and resilience https://www.europarl.europa.eu/news/en/press-room/20211006IPR14307/
Renew Europe EP Group: Newsroom, 12/10/2021: Time to strengthen the resilience of EU critical infrastructure https://www.reneweuropegroup.eu/news/2021-10-12/time-to-strengthen-the-resilience-of-eu-critical-infrastructure
Council of the European Union: Press Release, 20/12/2021: Strengthening EU resilience: Council adopts negotiating mandate on the resilience of critical entities https://www.consilium.europa.eu/en/press/press-releases/2021/12/20/strengthening-eu-resilience-council-adopts-negotiating-mandate-on-the-resilience-of-critical-entities/
Council of the European Union: Press Release, 28/06/2022: EU resilience: Council presidency and European Parliament reach political agreement to strengthen the resilience of critical entities https://www.consilium.europa.eu/en/press/press-releases/2022/06/28/eu-resilience-council-presidency-and-european-parliament-reach-political-agreement-to-strengthen-the-resilience-of-critical-entities/
European Commission: Press Release, 28/06/2022: Security Union: Commission welcomes today's political agreement on new rules to enhance the resilience of critical entities https://ec.europa.eu/commission/presscorner/detail/en/ip_22_4157
Renew Europe EP Group: Newsroom, 28/06/2022: Deal to protect critical infrastructure from future pandemics, food crises and other disruptive incidents https://www.reneweuropegroup.eu/news/2022-06-28/resilience-of-critical-entities-deal-to-secure-protection-of-eu-critical-infrastructure-from-disruptive-incidents
EPP EP Group: Newsroom, 10/10/2022: Massively step up protection of critical infrastructure https://www.eppgroup.eu/newsroom/news/massively-step-up-protection-of-critical-infrastructure
European Parliament: Press Release, 22/11/2022: MEPs approve new rules to protect essential infrastructure https://www.europarl.europa.eu/news/en/press-room/20221118IPR55705/
Renew Europe EP Group: Newsroom, 22/11/2022: New legislation to prevent future vulnerabilities of critical infrastructure https://www.reneweuropegroup.eu/news/2022-11-22/new-legislation-to-prevent-future-vulnerabilities-of-critical-infrastructure
Council of the European Union: Press Release, 08/12/2022: EU resilience: Council adopts a directive to strengthen the resilience of critical entities https://www.consilium.europa.eu/en/press/press-releases/2022/12/08/eu-resilience-council-adopts-a-directive-to-strengthen-the-resilience-of-critical-entities/
European Commission: Press Release, 25/07/2023: Enhancing EU resilience: A step forward to identify critical entities for key sectors https://ec.europa.eu/commission/presscorner/detail/en/ip_23_3992

Subject Categories ,
Subject Tags , ,
International Organisations