Management of the external borders

The EU’s border management policy has needed to adapt to significant developments, such as the unprecedented arrival of refugees and irregular migrants, and since mid-2015 a series of shortcomings in EU policies on external borders and migration have come to light. The challenges linked to the increase in mixed migration flows into the EU and heightened security concerns have triggered a new period of activity in the EU external border protection, which also has an impact on its internal borders.

Legal basis

Article 3.2 of the Treaty on European Union (TEU).

Articles 67 and 77 of the Treaty on the Functioning of the European Union (TFEU).


A single area without internal border checks — the Schengen Area — also requires a common policy on external border management. Article 3.2 TEU calls for ‘appropriate measures with respect to external border controls’. The EU therefore aims to establish common standards for controls at its external borders, and to gradually put in place an integrated system for managing them.


The first step towards a common external border management policy was taken on 14 June 1985 when five of the then ten Member States of the European Economic Community signed an international treaty, the so-called Schengen Agreement, near the Luxembourgish border town of Schengen, which was supplemented five years later by the Convention implementing the Schengen Agreement[1]. The Schengen Area, the borderless zone created by the Schengen acquis (as the agreements and rules are collectively known), currently comprises 26 European countries[2].

A. The Schengen external borders acquis

Today’s Schengen external borders acquis builds on the original acquis incorporated into the EU legal order by the Treaty of Amsterdam (1.1.3). Its rules can be found across a broad range of measures, which can be roughly divided into five topics:

1. The Schengen Borders Code[3] is the central pillar of external border management. It lays down rules on external border crossings and conditions governing the temporary reintroduction of internal border checks. It obliges member states to carry out systematic checks against relevant databases on all persons, including those with the right to free movement under EU law (i.e. EU citizens and members of their families who are not EU citizens) when they cross the external borders. The databases used for checks include the Schengen Information System (SIS) and Interpol’s database on stolen and lost travel documents (SLTD). These obligations apply at all external borders (air, sea and land), both for entry and exit.

2. The Schengen Information System (SIS)

SIS is an information sharing system and database that helps to ensure international security in the Schengen area, where there are no internal border checks. It is the EU’s most widely used and efficient IT system in the area of freedom, security and justice (AFSJ) (4.2.1). Authorities across the EU use SIS to input or consult alerts for wanted or missing people and objects. It contains over 80 million alerts, and authorities consulted it over 5 billion times in 2017, with more than 240 000 hits for foreign alerts (alerts issued by another country). SIS has recently been reinforced by updated rules that will address potential gaps in the system, and introduce several essential changes to the types of alert entered.

After the most recent reform in 2018, the scope of the SIS is now defined in three legal instruments, which take the form of three separate regulations (replacing SIS II):

  • Police and judicial cooperation in criminal matters[4];
  • Border checks[5];
  • The return of illegally staying third-country nationals[6].

These three regulations create additional categories of alert in the system, such as alerts on unknown suspects or wanted persons, preventive alerts for children at risk of parental abduction, alerts for the purpose of return, an alert in relation to return decisions issued to illegally staying third-country nationals, in addition to palm prints, fingerprints, facial images and missing persons’ DNA to allow their identity to be confirmed.

3. Internal Security Fund: Borders and Visa (ISF)

Not all Member States have external borders, and not all are equally affected by border traffic flows. The EU therefore allocates funds to attempt to offset some of the costs for the Member States whose own borders are also the EU’s external borders. This burden-sharing mechanism was set up with funding totalling EUR 3.8 billion for the 2014-2020 seven-year financial programming period. The ISF’s main objective is to contribute to ensuring a high level of security in the Union while facilitating legitimate travel. Beneficiaries of the programmes implemented under this fund can be state and federal authorities, local public bodies, non-governmental organisations, humanitarian organisations, private and public law companies, and education and research organisations.

4. The Entry/Exit System (EES)

The Entry/Exit System (EES)[7] is an information system that speeds up and reinforces border checks for non-EU nationals travelling to the EU. The EES replaces the manual stamping of passports at the border with electronic registration in the database.

The main objectives of EES are:

  • Reducing border check times and improving the quality of border checks by automatically calculating the authorised stay for each traveller;
  • Ensuring systematic and reliable identification of over-stayers;
  • Strengthening internal security and assisting the fight against terrorism by allowing law enforcement authorities access to travel history records.

Access to the EES is granted to national law-enforcement authorities and Europol, but not to asylum authorities. The possibility of transferring data for law enforcement or return purposes to third countries and EU Member States not participating in the EES is provided for, but under certain conditions. The EES will record travellers’ data (name, type of travel document, fingerprints, visual image, and the date and place of entry and exit) when crossing Schengen external borders. It will be used for all non-EU nationals, both those who require a visa and those who are exempt. It will also be used by consular and border authorities.

5. The European Border and Coast Guard Agency (Frontex)

The European Border and Coast Guard (EBCG) is the European Border and Coast Guard Agency (EBCGA/Frontex) and the national authorities combined[8].

EBCG became operational in October 2016. This decentralised agency is in charge of monitoring the EU’s external borders and, together with Member States, identifying and addressing any potential security threats to the EU’s external borders. For some years before 2015, Parliament had called for the role of Frontex to be enhanced in order to increase its capacity to respond more effectively to changing migration flows. For instance. in its resolution of 2 April 2014 on the mid-term review of the Stockholm Programme[9], Parliament called for European border guards to guard Schengen borders. In its conclusions of October 2015, the European Council also expressed its support for the ‘gradual establishment of an integrated management system for external borders’. Parliament insisted that the agency’s new powers to intervene would be activated by a decision of the Member States in the Council, and not by a Commission decision, as originally proposed. The regulation extends the scope of the activities of EBCGA/Frontex to include enhanced support for Member States in the field of migration management, the fight against cross-border crime, and search and rescue operations. It provides for a greater role for Frontex in returning migrants to their countries of origin, acting in accordance with decisions taken by national authorities. On the basis of a Commission proposal, the Council may ask the agency to intervene and assist Member States in exceptional circumstances. This is the case when:

  • A Member State does not comply (within a set time limit) with a binding decision of the agency’s management board to address vulnerabilities in its border management; and
  • There is specific and disproportionate pressure on the external border that is putting the functioning of the Schengen area at risk. If a Member State opposes a Council decision to provide assistance, the other EU countries may temporarily reintroduce internal border checks.

In September 2018, the Commission presented a new proposal to strengthen the European Border and Coast Guard Agency, which was adopted in November 2019[10]. The Agency acquired a new mandate and its own means and powers to protect external borders, carry out returns more effectively and cooperate with non-EU countries.

The centrepiece of this reinforced Agency will be a standing corps of 10 000 border guards with executive powers to support Member States at any time. The Agency will also have a stronger mandate on returns and will cooperate more closely with non-EU countries, including those beyond the EU’s immediate neighbourhood. The new standing corps of European Border and Coast Guard will be available for deployment once it becomes fully operational in 2021, and will reach its full capacity of 10 000 border guards by 2024.

B. Developments in the EU’s management of its external borders

1. The pace of change has increased with the large-scale loss of life in the Mediterranean over recent years, together with the huge influx of refugees and migrants since September 2015.

Prior to the refugee crisis, only three countries had resorted to erecting fences at external borders to prevent migrants and refugees from reaching their territories: Spain (building work completed in 2005, extended in 2009), Greece (completed in 2012) and Bulgaria (in response to Greece, completed in 2014). Contrary to Article 14(2) of the Schengen Borders Code, which stipulates that ‘entry may only be refused by a substantiated decision stating the precise reasons for the refusal’, an increasing number of Member States have gradually started building border walls or fences with the aim of indiscriminately preventing migrants and asylum seekers from accessing their national territories. Moreover, without explicit EU rules on the erection of fences at external Schengen borders, Member States have also put up barriers with third countries (notably Morocco and Russia), including pre-accession candidates (the Republic of North Macedonia, Serbia and Turkey) and one EU Schengen candidate country, Croatia. Fences have also been built within the Schengen area, such as the fence between Austria and Slovenia, while Spanish practices in Melilla have come under scrutiny from the European Court of Human Rights in Strasbourg.

2. In September 2018, the European Travel Information and Authorisation System (ETIAS) was established.

The purpose of this new centralised information system is to collect information on non-EU nationals who do not require a visa to enter the Schengen area, and to identify any potential security or irregular migration risks. The database will conduct advance checks on visa-exempt travellers, and deny them travel authorisation if they are considered a risk. The database will be similar to existing systems already in place, for example in the USA (ESTA), Canada and Australia, among others.

The advantages of ETIAS include reduced delays at borders, improved internal security, better prevention of illegal immigration, and reduced public health risks Although the system will conduct prior checks, the final decision on whether to grant or refuse entry, even in cases where the person has a valid travel authorisation, will be taken by the national border guards conducting the border controls, acting according to the rules of the Schengen Borders Code. ETIAS has three main functions:

  • Verifying the information submitted online by visa-exempt third-country nationals ahead of their travel to the EU;
  • Processing applications by checking them against other EU information systems (such as SIS, VIS, Europol’s database, Interpol’s database, the EES and Eurodac, the European Asylum Dactyloscopy Database that allows fingerprint datasets to be compared);
  • Issuing travel authorisations in cases where no hits or elements requiring further analysis are identified.

Travel authorisations should be obtained in a matter of minutes. An application fee of EUR 7 will be charged. In June 2017, the Council had decided to split the proposal into two distinct legal acts[11], because the proposal’s (Schengen) legal basis could not cover amendments to the Europol Regulation. ETIAS will be developed by the eu-LISA agency, and will become operational in 2021.

3. eu-LISA

Established in 2011, eu-LISA is responsible for the operational management of three EU centralised information systems: SIS, VIS and Eurodac[12]. Its role is to implement the new IT architecture in the area of Justice and Home Affairs. In November 2019, the mandate of eu-LISA was revised[13] and the agency’s capacity to contribute to border management, law-enforcement cooperation and migration management in the EU was further developed.

4. Interoperability between EU information systems in the field of borders

The EU has been developing large-scale centralised IT systems (SIS, VIS, Eurodac, EES and ETIAS) for collecting, processing and sharing information that is vital for security cooperation, and for managing external borders and migration. In December 2017, the Commission proposed making these information systems interoperable at EU level, i.e. able to exchange and share data so that the authorities have all the information they need, whenever and wherever they need it. Interoperability means the ability of information technology systems to share information and knowledge, so as to avoid gaps in information caused by the complexity and fragmentation of these systems[14].

Two regulations adopted in May 2019 will allow these systems to complement each other, help facilitate the correct identification of persons, and contribute to fighting identity fraud. They do not modify the rights of access as set out in the legal basis for each European information system, but establish the following interoperability components:

  • A European search portal, which would allow competent authorities to search multiple information systems simultaneously, using both biographical and biometric data;
  • A shared biometric matching service, which would enable the search and comparison of biometric data (fingerprints and facial images) from several systems;
  • A common identity repository, which would contain the biographical and biometric data of third-country nationals currently stored in several different EU information systems;
  • a multiple identity detector, which checks whether the biographical identity data contained in the search exists in other systems, to enable the detection of multiple identities linked to the same set of biometric data.

Role of the European Parliament

Parliament has had mixed reactions to the development of external border management policy. It has broadly supported the upgraded organisational role of the EBCGA and the other relevant Union agencies, often calling for their role to be further enhanced as the EU grapples with the migration crisis in the Mediterranean. While Parliament’s view of the EBCGA’s development has been largely positive, its stance on smart borders has been more cautious. Its reaction to the 2013 Commission proposal was to express misgivings about the huge technological build-up and mass processing of personal data proposed for external borders. Moreover, the anticipated costs of Smart Borders technology, coupled with doubts surrounding its benefits, left Parliament with a number of concerns. In its resolution of 12 September 2013 on the second report on the implementation of the Internal Security Strategy, Parliament stated that ‘new IT systems in the area of migration and border management, such as the Smart Borders initiatives, should be carefully analysed, especially in the light of the principles of necessity and proportionality’. It followed this up with an oral question to the Commission and the Council in September 2015, asking for their stance on law enforcement access to the system, and their views on the relevance of the European Court of Justice ruling of April 2014 on the Data Retention Directive (see 4.2.8). If no swift progress is made on the proposed reform of the Dublin III regulation[15], Parliament could freeze ongoing negotiations on all files that are of interest to Justice and Home Affairs (JHA) ministries, such as the recent interoperability proposal, the revision of the Eurodac system and other relevant files. It already successfully adopted this approach in 2012 with the so-called ‘Schengen freeze’, when it decided to cease cooperation on the main JHA dossiers under negotiation in response to the Council’s decision to change the legal basis for the Schengen Governance Package. In its resolution on the annual report on the functioning of the Schengen area[16], Parliament sought to draw attention to the fact that although the EU had adopted so many measures to strengthen its external borders, including border controls, there had been no corresponding action to remove internal border controls.

Parliament has also insisted on the need for all action in this field to take due account of the EU’s borders and asylum acquis, as well as the EU Charter of Fundamental Rights. Thus for some time, Parliament has been calling for reliable and fair procedures and for a holistic approach to migration at EU level[17].


[1]The Schengen acquis: Convention of 19 June 1990 implementing the Schengen Agreement of 14 June 1985 between the Governments of the States of the Benelux Economic Union, the Federal Republic of Germany and the French Republic on the gradual abolition of checks at their common borders, OJ L 239, 22.9.2000, p. 19.
[2]The countries do not include the UK, Ireland, Croatia, Bulgaria and Romania. It does, however, include three non-EU Member States: Switzerland, Norway and Liechtenstein.
[3]Regulation (EU) 2016/399 of the European Parliament and of the Council of 9 March 2016 on a Union Code on the rules governing the movement of persons across borders (Schengen Borders Code), OJ L 77, 23.3.2016, p. 1, amended by Regulation (EU) 2017/458 of the European Parliament and of the Council of 15 March 2017 amending Regulation (EU) 2016/399 as regards the reinforcement of checks against relevant databases at external borders, OJ L 74, 18.3.2017, p. 1.
[4]Regulation (EU) 2018/1862 of the European Parliament and of the Council of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of police cooperation and judicial cooperation in criminal matters, amending and repealing Council Decision 2007/533/JHA, and repealing Regulation (EC) No 1986/2006 of the European Parliament and of the Council and Commission Decision 2010/261/EU, OJ L 312, 7.12.2018, p. 56.
[5]Regulation (EU) 2018/1861 of the European Parliament and of the Council of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of border checks, and amending the Convention implementing the Schengen Agreement, and amending and repealing Regulation (EC) No 1987/2006, OJ L 312, 7.12.2018, p. 14.
[6]Regulation (EU) 2018/1860 of the European Parliament and of the Council of 28 November 2018 on the use of the Schengen Information System for the return of illegally staying third-country nationals, OJ L 312, 7.12.2018, p. 1.
[7]Regulation (EU)2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry/Exit System to register entry and exit data and refusal of entry data of third-country nationals crossing the external borders of the Member States and determining the conditions for access to the EES for law enforcement purposes, and amending the Convention implementing the Schengen Agreement and Regulations (EC) No 767/2008 and (EU) No 1077/2011, OJ L 327, 9.12.2017, p. 20.
[8] Regulation (EU)2016/1624 of the European Parliament and of the Council of 14 September 2016 on the European Border and Coast Guard and amending Regulation (EU) 2016/399 of the European Parliament and of the Council and repealing Regulation (EC) No 863/2007 of the European Parliament and of the Council, Council Regulation (EC) No 2007/2004 and Council Decision 2005/267/EC, OJ L 251, 16.9.2016), p. 1.
[10]Regulation (EU) 2019/1896 of the European Parliament and of the Council of 13 November 2019 on the European Border and Coast Guard and repealing Regulations (EU) No 1052/2013 and (EU) 2016/1624, OJ L 295, 14.11.2019, p. 1.
[11]Regulation (EU) 2018/1240of the European Parliament and of the Council of 12 September 2018 establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226, OJ L 236, 19.9.2018, p. 1, and Regulation (EU) 2018/1241 of 12 September 2018 amending Regulation (EU) 2016/794 for the purpose of establishing a European Travel Information and Authorisation System (ETIAS) — Europol tasks, OJ L 236, 19.9.2018, p. 72.
[12]Regulation (EU) 2018/1726 of the European Parliament and of the Council of 14 November 2018 on the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), and amending Regulation (EC) No 1987/2006 and Council Decision 2007/533/JHA and repealing Regulation (EU) No 1077/2011, OJ L 295, 21.11.2018, p. 99.
[13]Regulation (EU) 2018/1726 of the European Parliament and of the Council of 14 November 2018 on the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), and amending Regulation (EC) No 1987/2006 and Council Decision 2007/533/JHA and repealing Regulation (EU) No 1077/2011, OJ L 295, 21.11.2018, p. 99.
[14]Regulation (EU) 2019/817 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of borders and visa and amending Regulations (EC) No 767/2008, (EU) 2016/399, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1726 and (EU) 2018/1861 of the European Parliament and of the Council and Council Decisions 2004/512/EC and 2008/663/JHA, OJ L 135, 22.5.2019, p. 27, and Regulation (EU) 2019/818 of the European Parliament and of the Council of 20 May 2019 establishing a framework for interoperability between EU information systems in the field of police and judicial cooperation, asylum and migration and amending Regulations (EU) 2018/1726, (EU) 2018/1862 and (EU) 2019/816, OJ L 135, 22.5.2019, p. 85.
[15]Proposal for a regulation of the European Parliament and of the Councilof 4 May 2016 establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person (COM(2016) 0270).
[16]European Parliament resolution of 30 May 2018 on the annual report on the functioning of the Schengen area (Texts adopted, P8_TA(2018)0228).
[17]European Parliament Resolution of 12 April 2016 on the situation in the Mediterranean and the need for a holistic EU approach to migration, OJ C 58, 15.2.2018, p. 9.

Udo Bux