Directive 2002/21/EC

Directive 2002/21/EC on a common regulatory framework for electronic communications networks and services (Framework Directive)

Published under Risk Management

Title:	Directive 2002/21/EC of the European Parliament and of the Council of 7 March 2002 on a common regulatory framework for electronic communications networks and services (Framework Directive)
Source reference:	http://europa.eu.int/eur-lex/
Topic:	General framework for the regulation of electronic communications services, electronic communications networks, associated facilities and associated services.
Direct / indirect relevance	Indirect. The text contains certain transparency and governance requirements which imply an obligation to implement appropriate RM/RA measures with regard to network/information security.
Scope:	Directly applicable to all EU Member States
Legal force:	EU Directive, requires transposition into national law
Affected sectors:	Providers of electronic communications services, electronic communications networks, associated facilities and associated services in the Community
Relevant provision(s):	Article 5 - Provision of information 1. Member States shall ensure that undertakings providing electronic communications networks and services provide all the information, including financial information, necessary for national regulatory authorities to ensure conformity with the provisions of, or decisions made in accordance with, this Directive and the Specific Directives. These undertakings shall provide such information promptly on request and to the timescales and level of detail required by the national regulatory authority. The information requested by the national regulatory authority shall be proportionate to the performance of that task. The national regulatory authority shall give the reasons justifying its request for information. […] Article 13 - Accounting separation and financial reports 1. Member States shall require undertakings providing public communications networks or publicly available electronic communications services which have special or exclusive rights for the provision of services in other sectors in the same or another Member State to: (a) keep separate accounts for the activities associated with the provision of electronic communications networks or services, to the extent that would be required if these activities were carried out by legally independent companies, so as to identify all elements of cost and revenue, with the basis of their calculation and the detailed attribution methods used, related to their activities associated with the provision of electronic communications networks or services including an itemised breakdown of fixed asset and structural costs, or (b) have structural separation for the activities associated with the provision of electronic communications networks or services. Member States may choose not to apply the requirements referred to in the first subparagraph to undertakings the annual turnover of which in activities associated with electronic communications networks or services in the Member States is less than EUR 50 million. 2. Where undertakings providing public communications networks or publicly available electronic communications services are not subject to the requirements of company law and do not satisfy the small and medium-sized enterprise criteria of Community law accounting rules, their financial reports shall be drawn up and submitted to independent audit and published. The audit shall be carried out in accordance with the relevant Community and national rules. This requirement shall also apply to the separate accounts required under paragraph 1(a).
Relevance to RM/RA:	The cited articles impose certain information management obligations on the providers of public communications networks or publicly available electronic communications services. Specifically, they should: • Ensure that they collect and retain the required information to demonstrate their compliance with applicable regulations, including financial information. Given that this information must be provided within a reasonable timeframe and to the extent required by the request, this implies the implementation of suitable RM/RA practices to ensure that such data can be reliably managed and made available within a (relatively) short timeframe. • Ensure that their accounting practices conform to the standards of good corporate governance, including by separating their accounting activities according to the distinct activities undertaken by the service provider, so that their financial information can be evaluated as if a distinct service provider were providing the relevant service.

Browse the Topics