Commission Regulation (EC, Euratom) No 1302/2008 of 17 December 2008 on the central exclusion database
Commission Regulation (EC, Euratom) No 1302/2008of 17 December 2008on the central exclusion databaseTHE COMMISSION OF THE EUROPEAN COMMUNITIES,Having regard to the Treaty establishing the European Community,Having regard to the Treaty establishing the European Atomic Energy Community,Having regard to Council Regulation (EC, Euratom) No 1605/2002 of 25 June 2002 on the Financial Regulation applicable to the general budget of the European CommunitiesOJ L 248, 16.9.2002, p. 1., and in particular Article 95 thereof,Having regard to Council Regulation (EC) No 215/2008 of 18 February 2008 on the Financial Regulation applicable to the 10th European Development FundOJ L 78, 19.3.2008, p. 1., in particular to Article 98 thereof,Whereas:(1)The Commission, which is responsible for executing the general budget of the European Union and any other funds managed by the Communities, is under an obligation to set up and operate a central data base, in compliance with Community rules on the protection of personal data, with the objectives to make efficient the exclusion mechanism provided for in the Financial Regulation and to protect the financial interests of the Communities. The database should in particular cover the execution of all Community funds independently from the applicable management mode.(2)The Financial Regulation places obligations on the institutions concerning the award of contracts and grants to third parties in the context of centralised management of Community funds. In particular, Articles 93 and 114(3) set out an obligation to exclude third parties from participation in procurement or grant award procedures where they are in one of the situations listed in Article 93(1). Articles 94 and 114(3) forbid the award of a contract or grant to third parties who, during a specific procurement or grant procedure, are in a situation of conflict of interest or misrepresentation in supplying the information required by the institution as a condition of participation in the procurement or award procedure. Articles 96 and 114(4) further establish the possibility for the contracting authority to impose administrative and financial penalties on third parties, in particular in the form of exclusion from the benefit of any Community fund for a period to be determined by the institution concerned pursuant to Article 133a of Commission Regulation (EC, Euratom) No 2342/2002 of 23 December 2002 laying down detailed rules for the implementation of Council Regulation (EC, Euratom) No 1605/2002 on the Financial Regulation applicable to the general budget of the European CommunitiesOJ L 357, 31.12.2002, p. 1..(3)Articles 74 and 75 of Commission Regulation (EC, Euratom) No 2343/2002 of 23 December 2002 on the framework Financial Regulation for the bodies referred to in Article 185 of Council Regulation (EC, Euratom) No 1605/2002 on the Financial Regulation applicable to the general budget of the European CommunitiesOJ L 357, 31.12.2002, p. 72. requires these bodies to apply the abovementioned provisions.(4)Article 50 of Commission Regulation (EC) No 1653/2004 of 21 September 2004 on a standard financial regulation for the executive agencies pursuant to Council Regulation (EC) No 58/2003 laying down the statute for executive agencies to be entrusted with certain tasks in the management of Community programmesOJ L 297, 22.9.2004, p. 6. requires the executive agencies to apply the abovementioned provisions of the Financial Regulation for the implementation for their operating budget.(5)Given that executive agencies have the status of authorising officers by delegation of the Commission for the implementation of operational appropriations for which they apply the Financial Regulation, they should have access to the exclusion database in the same manner as Commission services.(6)The objectives and the purpose of the exclusion database should be defined in order to determine the use of the data.(7)The European Anti-Fraud Office (OLAF) should have access to the exclusion database for pursuing its regulatory investigation tasks and its intelligence and fraud-prevention activities exercised pursuant to Article 1(2) of Regulation (EC) No 1073/1999 of the European Parliament and of the Council of 25 May 1999 concerning investigations conducted by the European Anti-Fraud Office (OLAF)OJ L 136, 31.5.1999, p. 1. and Council Regulation (Euratom) No 1074/1999 of 25 May 1999 concerning investigations conducted by the European Anti-Fraud Office (OLAF)OJ L 136, 31.5.1999, p. 8..(8)The accounting officer of the Commission should ensure the administration of the exclusion database and have the right to modify data in the database. The relevant Commission service or the other institutions should be responsible for requesting the entry of exclusion warnings into the exclusion database.(9)Rules for access to the exclusion database should differentiate between Commission services, executive agencies and all institutions and Community bodies using an accounting system provided by the Commission (hereinafter ABAC) which enables direct access to the warnings, on the one hand, and the other institutions, implementing authorities and bodies that do not have such access, on the other hand. Therefore these institutions should have access through designated contact points and implementing authorities or bodies should have access via liaison points.(10)It should be possible to limit access to the exclusion database where implementing authorities or bodies manage funds with a very limited level of decentralisation, which renders access to the exclusion database inappropriate or where such access has to be denied for data protection reasons.(11)In order to clearly define their responsibilities, the tasks of the contact points and liaison points should be determined.(12)In order to reflect the fact that the database should be common to the institutions, the data flow should be channelled directly to the accounting officer of the Commission.(13)In order to protect the financial interests of the Communities between an exclusion decided pursuant to Article 93(1) of the Financial Regulation for a specific procurement or grant procedure and the determination of the duration of the exclusion by the institution, the latter should be able to request provisional registration of an exclusion warning.(14)In order to avoid outdated warnings, in particular those concerning entities which have been wound up, warnings indicating an exclusion pursuant to Article 93(1)(a) and (d) of the Financial Regulation should be automatically removed after five years.(15)Given that exclusions pursuant to Article 94 of the Financial Regulation concern specific procurement or grant procedures and not – as under Article 93(1) – a general exclusion situation, the registration period should be limited and removed automatically.(16)The procedure for requests based on information from implementing authorities or bodies, which applies to all management modes with the exception of centralised direct management, should be clearly spelled out.(17)The share of responsibility of the implementing authorities or bodies as regards the data communicated, through the liaison point on one side and through the accounting officer on the other side, to the Commission service responsible, including rectification, updating or removal of the data should be clearly laid down.(18)In order to provide for a clear set of rules in all cases where the implementing authority or body did not determine an exclusion duration pursuant to Article 133a(1) of the Implementing Rules, it should be stated that the decision on the exclusion duration should be prepared by the Commission service responsible and adopted by the Commission.(19)The information flow between authorised users of the exclusion database should be detailed; contact warning persons for each warning should be determined, who shall provide information on the warning concerned to authorised users of the exclusion database.(20)A specific provision should cover cases where proof provided by third parties is not consistent with data in the exclusion database, in order to ensure that data in the exclusion database are correct and up to date.(21)In order to allow an exchange of best practices between institutions and to address issues related to the use of the exclusion database, a suitable framework should be defined.(22)The processing of personal data inherent to the operation of the exclusion database shall be made in accordance with the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, applicable to Member StatesOJ L 281, 23.11.1995, p. 31. and the Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such dataOJ L 8, 12.1.2001, p. 1., which are fully applicable.(23)The present Regulation has been drafted taking due consideration of the opinion of the European Data Protection Supervisor. Furthermore, Regulation (EC) No 45/2001 stipulates that such processing is subject to prior checking by the European Data Protection Supervisor following notification by the Commission Data Protection Officer.(24)For sake of clarity, data protection provisions should precise the rights of the persons whose data are or could be introduced into the exclusion database. Natural and legal persons should be informed of the introduction of data concerning them in the exclusion database.HAS ADOPTED THIS REGULATION: