On 21 November 2018, the new legal basis, i.e. Regulation (EU) 2018/1726, for eu-LISA was published in the Official Journal of the EU (O.J. L 295, pp. 99-137).

The European Agency eu-LISA was established in 2011 and mandated with the operational management of the large-scale IT systems existing at the time in the area of freedom, security and justice, i.e. the second generation of the Schengen Information System (SIS II), the Visa Information System (VIS), and Eurodac.

The new legal framework aims at extending the mandate and making the agency fit for current and future challenges in the area of freedom, security and justice (AFSJ). It was deemed necessary after an external evaluation and following recent developments as regards migration and security.

Reinforcement of eu-LISA was one of the top political priorities of the Juncker Commission for 2018-2019.

The tasks of eu-LISA will include:

• Continued ensuring of the operational management of SIS II, VIS, and Eurodac;
• Carrying out the tasks deriving from newly adopted large-scale EU IT systems, e.g. ETIAS, EES, and DubliNet;
• Preparation, development, and operational management of additional large-scale IT systems adopted on the basis of Art. 67-89 TFEU, e.g. ECRIS-TCN or e-CODEX;
• Implementing technical solutions if systems are to function 24/7;
• Developing necessary actions to enable interoperability of large-scale IT systems in the AFSJ;
• Trainings on the technical use of SIS II, VIS, Eurodac, and other systems;
• Compiling and publishing statistics;
• Taking over a pro-active role in research related to the technical development of systems;
• Carrying out pilot projects of an experimental nature designed to test the feasibility and usefulness of an action and implementing other testing activities;
• Providing advice to Member States, including ad hoc support when dealing with migratory challenges, and assistance when creating common solutions for the implementation of Member States’ obligations stemming from EU legislation on decentralized systems in the AFSJ.

The efficient functioning of the agency will be monitored by a Management Board. The Management Board is, inter alia, entrusted with adopting the annual work programme, carrying out functions relating to eu-LISA’s budget, adopting the financial rules applicable to the Agency, and establishing procedures for taking decisions relating to the operational tasks of the Agency by the Executive Director. The Management Board will also appoint the Executive Director of eu-LISA.

Several Advisory Groups are to provide expertise to the Management Board relating to large-scale IT systems. Advisory Groups act especially in the context of the preparation of the annual work programme and the annual activity report.

Depending on the large-scale IT system concerned, Europol, Eurojust, and Frontex will have observer status at the Management Board meetings.

eu-LISA will also closely cooperate with other Union institutions, bodies, offices, and agencies, particularly those established within the AFSJ. As part of the framework of their respective competences, the institutions, bodies etc. can conclude working arrangements if an issues governs the development, establishment, use, or operation of the above-mentioned large-scale IT systems. eu-LISA is also able to cooperate with international organisations or “other relevant entities or bodies, which are set up by, or on the basis of, an agreement between two or more countries.”

Since the new Regulation on eu-LISA relates to IT systems relevant for the Schengen cooperation, it belongs – at least partly – to the Schengen acquis. This triggers (rather complicated) rules on the association of Schengen and non-Schengen countries to the new legal framework. The rules concern Denmark, the UK, Ireland, Iceland, Norway, Switzerland, and Liechtenstein.

The official seat of eu-LISA will still be in Tallinn/Estonia. Since some operations for SIS II and VIS, for example, are also carried out in Strasbourg/France and Sankt Johann im Pongau/Austria, these two sites are still locations in accordance with the relevant Union legal acts.

Most provisions of the Regulation apply from 11 December 2018. It replaces the former legal basis of eu-LISA, i.e. Regulation (EU) No 1077/2011.