Management of the external borders

The EU’s border management policy has witnessed considerable developments with the unprecedented arrival of refugees and irregular migrants, and in particular since mid-2015 when a series of shortcomings in EU policies on external borders and migration had been exposed. The challenges linked to the increase in mixed migration flows into the EU and heightened security concerns have triggered a new period of activity in the area of protecting the EU’s external borders, which also has an impact on its internal borders.

Legal basis

Article 3.2 of the Treaty on European Union (TEU).

Articles 67 and 77 of the Treaty on the Functioning of the European Union (TFEU).


A single area without internal border checks — the Schengen Area — also requires a common policy on external border management. Article 3.2 TEU calls for ‘appropriate measures with respect to external border controls’. The EU therefore sets out to establish common standards with regard to controls at its external borders and to gradually put in place an integrated system for the management of those borders.


The first step towards a common external border management policy was taken on 14 June 1985 when five of the then ten Member States of the European Economic Community signed an international treaty, the so-called Schengen Agreement, near the Luxembourgish border town of Schengen, which was supplemented five years later by the Convention implementing the Schengen Agreement[1]. The Schengen Area, the borderless zone created by the Schengen acquis (as the agreements and rules are collectively known), currently comprises 26 European countries[2].

A. The Schengen external borders acquis

The rules that make up today’s Schengen external borders acquis, which builds on the original acquis incorporated into the EU legal order by the Treaty of Amsterdam (1.1.3), are to be found across a broad range of measures, which can be roughly divided into five areas:

1. The Schengen Borders Code is the central pillar of external border management. It lays down rules on external border crossings and conditions governing the temporary reintroduction of internal border checks.

2. The Schengen Information System (SIS)

SIS is an information sharing system (database) that helps to maintain international security in the Schengen area where internal border controls do not exist. It is the most widely used and efficient IT system that the EU has in its area of freedom, security and justice (AFSJ) (4.2.1). Authorities across the EU use SIS to enter or consult alerts for wanted or missing people and objects. It contains over 80 million alerts and was consulted over 5 billion times by authorities in 2017, triggering more than 240 000 hits on foreign alerts (alerts issued by another country). SIS has recently been reinforced through updated rules that will address potential gaps in the system and introduce several essential changes regarding the types of alert entered.

After the most recent reform in 2018, the scope of the SIS is now defined in three legal instruments, which take the form of three regulations (replacing SIS II):

  • In the field of police and judicial cooperation in criminal matters;[3]
  • In the field of border checks;[4]
  • For the return of illegally staying third-country nationals.[5]

These three regulations introduce additional categories of alerts to the system, such as alerts on unknown suspects or wanted persons, preventive alerts for children at risk of parental abduction, alerts for the purpose of return, an alert in relation to return decisions issued to illegally staying third-country nationals, in addition to palm prints, fingerprints, facial images and DNA concerning missing persons so as to confirm their identity.

3. Internal Security Fund: Borders and Visa (ISF)

As not all Member States have external borders to control and not all are equally affected by border traffic flows. The EU uses its funds to attempt to offset some of the costs for the Member States whose own borders are the same as the EU’s external borders. For the 2014–2020 financial period, this burden-sharing mechanism has been set up with a total of EUR 3.8 billion for a seven-year period. The ISF’s main objective is to contribute to ensuring a high level of security in the Union while facilitating legitimate travel. Beneficiaries of the programmes implemented under this fund can be state and federal authorities, local public bodies, non-governmental organisations, humanitarian organisations, private and public law companies, and education and research organisations.

4. The Entry/Exit System (EES)

The Entry/Exit System (EES)[6] is an information system that speeds up and reinforces border checks for non-EU nationals travelling to the EU. The EES replaces the manual stamping of passports at the border with electronic registration in the database.

Adopted in November 2017, the main objectives of EES are:

  • To reduce border check delays and improve the quality of border checks by automatically calculating the authorised stay of each traveller;
  • To ensure systematic and reliable identification of over-stayers;
  • To strengthen internal security and the fight against terrorism by allowing law enforcement authorities access to travel history records.

Access to EES is granted to national law-enforcement authorities and Europol, but not to asylum authorities. The possibility of transferring data for law enforcement or return purposes to third countries and EU Member States not participating in the EES is allowed but under certain conditions. EES will register travellers’ data (name, type of travel document, fingerprints, visual image, and the date and place of entry and exit) when crossing the Schengen external borders. It will apply to all non-EU nationals, both those who require a visa and those who are exempt. It will be used by consular and border authorities.

5. The European Border and Coast Guard Agency (Frontex)

The European Border and Coast Guard (EBCG) is the European Border and Coast Guard Agency (EBCGA — Frontex) and the national authorities combined.[7]

The regulation extends the scope of the activities of Frontex to include enhanced support for Member States in the field of migration management, the fight against cross-border crime, and search and rescue operations. It provides for a greater role for Frontex in returning migrants to their countries of origin, according to decisions taken by national authorities. The Council, based on a Commission proposal, may ask the agency to intervene and assist Member States in exceptional circumstances. This is the case when: (1) a Member State does not comply (within a set time limit) with a binding decision of the agency’s management board to address vulnerabilities in its border management; and (2) there is specific and disproportionate pressure on the external border that puts the functioning of the Schengen area at risk. If a Member State opposes a Council decision to provide assistance, the other Member States may temporarily reintroduce internal border checks.

In September 2018, the Commission presented a new proposal to strengthen the European Border and Coast Guard Agency[8]. The agency would gain a new mandate and its own means and powers to protect external borders, carry out returns more effectively and cooperate with non-EU countries. On 1 April 2019, the Council gave a green light to the political agreement reached and on 2 April 2019 Parliament’s Committee for Civil Liberties, Justice and Home Affaires (LIBE) voted in favour of the agreement. The final stamp of approval was put to vote in Parliament’s April plenary session. The regulation is planned to enter into force at the end of 2019.

The cornerstone of this reinforced agency will be a standing corps of 10 000 border guards with executive powers who will be ready to support the Member States at any time. The agency will also have a stronger mandate on returning migrants back to their country of origin and will cooperate more closely with non-EU Member States, including those that are not the EU’s immediate neighbours. The new European Border and Coast Guard standing corps will be available for deployment as of 2021. By 2027, it will be fully operational and will reach its full capacity of 10 000 border guards.

B. Developments in the EU’s management of its external borders

1. The pace of change has quickened with the large-scale loss of life in the Mediterranean over recent years, coupled with the huge influx of refugees and migrants since September 2015.

Prior to the outbreak of the European humanitarian refugee crisis, only three countries had resorted to erecting fences at external borders to prevent migrants and refugees from reaching their territories: Spain (where building work was completed in 2005 and extended in 2009), Greece (completed in 2012) and Bulgaria (in response to Greece, completed in 2014). Contrary to Article 14(2) of the Schengen Borders Code, which stipulates that ‘entry may only be refused by a substantiated decision stating the precise reasons for the refusal’, an increasing number of Member States have gradually embarked on the construction of border walls or fences with the aim of indiscriminately preventing migrants and asylum seekers from accessing their national territories. Moreover, without explicit EU rules on the erection of fences at external Schengen borders, Member States have also put up barriers with third countries (notably Morocco and Russia), including pre-accession candidates (the Republic of North Macedonia, Serbia and Turkey) and one EU Schengen candidate country — Croatia. Fences have also been constructed within the Schengen area, such as the fence between Austria and Slovenia, while Spanish practices in Melilla have come under scrutiny from the European Court of Human Rights in Strasbourg.

2. In November 2016, the Commission presented a legislative proposal for the establishment of a European Travel Information and Authorisation System (ETIAS).

The purpose of this new centralised information system[9] is to collect information on non-EU nationals who do not require a visa to enter the Schengen area, and to identify any potential security or irregular migration risks. The database will conduct checks in advance (see infographic I) on visa-exempt travellers and deny them travel authorisation if they are considered to pose a risk[10]. The database will be similar to already existing systems that are in place, for example in the USA (ESTA), Canada and Australia, among others.

ETIAS will bring several benefits such as improved internal security, better prevention of illegal immigration, reduced public health risks and reduced delays at borders. Although the system will conduct prior checks, the final decision on whether to grant or refuse entry, even in cases where the person has a valid travel authorisation, will be taken by the national border guards conducting the border controls, according to the rules of the Schengen Borders Code. ETIAS will be developed by the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA). ETIAS will have three main functions:

  • Verifying the information submitted online by visa-exempt third-country nationals ahead of their travel to the EU;
  • Processing applications by checking them against other EU information systems (such as SIS, VIS, Europol’s database, Interpol’s database, the EES and Eurodac);
  • Issuing travel authorisations in cases where no hits or elements requiring further analysis are identified.

In most cases, travel authorisations should be obtained in a matter of minutes. An application fee of EUR 7 will be charged. In June 2017, the Council had decided to split the proposal into two distinct legal acts[11], on the basis that the (Schengen) legal basis of the proposal cannot cover amendments to the Europol Regulation. On 12 September 2019, the regulations establishing ETIAS were signed by the presidents of both institutions. However, ETIAS will not become operational before 2021.

3. eu-LISA

Established in 2011, eu-LISA is responsible for the operational management of three EU centralised information systems: SIS, VIS and Eurodac.[12]

In June 2017, the Commission presented a proposal to revise the mandate of eu-LISA. The proposal is part of the Commission’s approach to improving and expanding EU information systems in the AFSJ and to achieving interoperability between these systems by 2020.

4. Interoperability between EU information systems in the field of borders

The EU has been developing large-scale centralised IT systems (SIS, VIS, Eurodac, EES and ETIAS) for collecting, processing and sharing information that is vital for security cooperation, and for managing external borders and migration. In December 2017, the Commission proposed to make these information systems interoperable at EU level — i.e. be, able to exchange data and share information so that the authorities have all the information they need, when and where they need it. Interoperability refers to the ability of information technology systems and of the business processes they support to exchange data and to enable the sharing of information and knowledge, so as to avoid information gaps caused by the complexity and fragmentation of these systems[13].

In December 2017, the Commission put forward two specific proposals on interoperability: one for a regulation establishing a framework for interoperability between EU information systems on borders and visas and another for a regulation establishing a framework for interoperability between EU information systems on police and judicial cooperation, asylum and migration.

The Commission proposed four interoperability solutions:

  • The European Search Portal (ESP) will enable simultaneous searches on multiple EU information systems and provide a ‘one-stop shop’ (on a single computer screen) for all the document check results;
  • The Shared Biometric Matching service (SBM) will enable the querying of and comparison of multiple identities. In order to ensure that the border guards and police officers have complete and accurate information available, appropriate data quality control mechanisms will be established;
  • The Common Identity Repository (CIR) will provide basic biographical and biometric information, such as names and dates of birth of non-EU citizens, so that they can be identified effectively;
  • Lastly, the Multiple-Identity Detector (MID) will help to establish that different names belong to the same identity and alert border guards and police cases of fraudulent activity.

On 5 February 2019, the Council and Parliament reached a preliminary agreement on the two proposed regulations.[14]

Role of the European Parliament

The European Parliament has had mixed reactions to the development of external border management policy. It has broadly supported the upgraded organisational role of the EBCGA and the other relevant Union agencies, often calling for their role to be further enhanced as the EU grapples with the migration crisis in the Mediterranean. While Parliament’s view of the EBCGA’s development has been largely positive, its stance on smart borders has been far warier. After the 2013 Commission proposal, it voiced misgivings over the vast technological build-up and the mass processing of personal data proposed for the external borders. Moreover, the anticipated costs of the Smart Borders technology, coupled with doubts surrounding its benefits, left Parliament with a number of concerns. In its 12 September 2013 resolution on the second report on the implementation of the Internal Security Strategy, Parliament asserted that ‘new IT systems in the area of migration and border management, such as the Smart Borders initiatives, should be carefully analysed, especially in the light of the principles of necessity and proportionality’. It followed this up with an oral question to the Commission and the Council in September 2015, asking for their stance on law enforcement access to the system and their views on the relevance of the Court of Justice of the European Union ruling of April 2014 on the Data Retention Directive (see 4.2.8). If no swift progress is made on the proposed reform of the Dublin III regulation[15], Parliament could freeze ongoing negotiations on all files that are of interest to justice and home affairs ministries, such as the recent interoperability proposal, the revision of the Eurodac system and other relevant files. It had already successfully adopted this approach in 2012 with the so-called ‘Schengen freeze’, when it decided to cease cooperation on the main JHA dossiers under negotiation in response to the Council’s decision to change the legal basis for the Schengen Governance Package. In its resolution on the annual report on the functioning of the Schengen area[16], Parliament sought to draw attention to the fact that although the EU had adopted so many measures to strengthen its external borders, including border controls, there had been no corresponding reaction in terms of the removal of internal border controls.

Parliament has also insisted on the need for action to take place with due regard for the EU’s borders, asylum acquis and the EU Charter of Fundamental Rights. For a while, Parliament has been calling for reliable and fair procedures and for a holistic approach to migration at EU level.[17]


[1]The Schengen acquis — Convention of 19 June 1990 implementing the Schengen Agreement of 14 June 1985 between the Governments of the States of the Benelux Economic Union, the Federal Republic of Germany and the French Republic on the gradual abolition of checks at their common borders, OJ L 239, 22.9.2000, p. 19.
[2]The countries do not include the UK, Ireland, Croatia, Bulgaria and Romania. It does, however, include three non EU Member States: Switzerland, Norway and Liechtenstein.
[3]Regulation (EU) 2018/1862 of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of police cooperation and judicial cooperation in criminal matters, amending and repealing Council Decision 2007/533/JHA, and repealing Regulation (EC) No 1986/2006 of the European Parliament and of the Council and Commission Decision 2010/261/EU, OJ L 312, 7.12.2018, p. 56–106.
[4]Regulation (EU) 2018/1861 of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of border checks, and amending the Convention implementing the Schengen Agreement, and amending and repealing Regulation (EC) No 1987/2006, OJ L 312, 7.12.2018, p. 14–55.
[5]Regulation (EU) 2018/1860 of 28 November 2018 on the use of the Schengen Information System for the return of illegally staying third-country nationals, OJ L 312, 7.12.2018.
[6]Regulation (EU)2017/2226 of 30 November 2017 establishing an Entry/Exit System to register entry and exit data and refusal of entry data of third-country nationals crossing the external borders of the Member States and determining the conditions for access to the EES for law enforcement purposes, and amending the Convention implementing the Schengen Agreement and Regulations (EC) No 767/2008 and (EU) No 1077/2011, OJ L 327, 9.12.2017, p. 20.
[7]European Border and Coast Guard Regulation (EU)2016/1624 of 14.9.2016  on the European Border and Coast Guard and amending Regulation (EU) 2016/ and repealing Regulation (EC) No 863/2007 of the European Parliament and of the Council, Council Regulation (EC) No 2007/2004 and Council Decision 2005/267/EC, OJ L 251, 16.9.2016, p. 1.
[8]Proposal for a regulation on the European Border and Coast Guard and repealing Council Joint Action No 98/700/JHA, Regulation (EU) No 1052/2013 of the European Parliament and of the Council and Regulation (EU) No 2016/1624 of the European Parliament and of the CouncilCOM(2018) 0631.
[9]Regulation (EU) 2018/1240 of 12 September 2018 establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226, OJ L 236, 19.9.2018, p. 1, as well as Regulation (EU) 2018/1241 of 12 September 2018 — Europol tasks, OJ L 236, 19.9.2018, p. 72.
[11]Regulation (EU) 2018/1240 of 12 September 2018 establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226, OJ L 236, 19.9.2018, p. 1: and Regulation (EU) 2018/1241 of 12 September 2018 amending Regulation (EU) 2016/794 for the purpose of establishing a European Travel Information and Authorisation System (ETIAS) — Europol tasks, OJ L 236, 19.9.2018, p. 72.
[12]Regulation (EU) 2018/1726 of 14 November 2018 on the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), and amending Regulation (EC) No 1987/2006 and Council Decision 2007/533/JHA and repealing Regulation (EU) No 1077/2011, OJ L 295, 21.11.2018, p. 99–137.
[13]EP Study on “Interoperability of Justice and Home Affairs Information Systems”:
[15]Proposal for a regulation of the European Parliament and of the Councilof 4 May 2016 establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person.
[16]European Parliament resolution of 30 May 2018 on the annual report on the functioning of the Schengen area (Texts adopted, P8_TA(2018)0228).
[17]European Parliament Resolution of 12 April 2016 on the situation in the Mediterranean and the need for a holistic EU approach to migration (2015/2095(INI)):

Udo Bux