The last bigger legislative reform and update dedicated entirely to countering terrorism in the EU is already some years ago and came in the form of Directive (EU) 2017/541 of March 2017 combatting terrorism.Footnote 1 It was a direct response to the many terrorist attacks that happened on European soil in the preceding years, especially in Paris in November 2015, in Brussels in March 2016 and in Nice in July 2016 and the lessons learnt from them, as well as the at the time still growing threat from ISIS. It set out to more comprehensively counteract conducts related to terrorism. The Directive reinforced the EU legal framework and also ensured that all EU Member States had to criminalise conduct such as training and travelling for terrorism, as well as terrorist financing. These harmonised definitions of terrorist offences serve as a benchmark for cooperation and information exchange between national authorities.

With the fall of ISIS, the splintering off of various other smaller terrorist groups from it with the demise of their so-called state, and the disappearing of their heinous acts from headline news, some would have been forgiven for thinking that the biggest threat to security in the EU had been vanquished for good. As we all know all too well, the Hydra has more than one head and is also able to adapt to changing circumstances. Organised attacks on a larger and more complex scale gave way to more lone wolf attacks, as well as those by perpetrators who were inspired by but not directly affiliated to certain bigger terrorist groups, who didn’t require anything more than a knife, some form of automatic weapon or a vehicle to inflict severe damage and death. The risks posed by online radicalistion and recruitment remain high, as well as in prisons, combined with the still unresolved issue of foreign fighters and their families sitting in prisons and detainment camps in the Middle East. Combined with an ever-shifting way of funneling terrorist funds and the financing of their acts throughout the world, this makes for a cocktail of threats that still need to be firmly counteracted. On top of all of this, with the recent rise of terrorist act committed by rightwing extremists (the attacks in Halle in 2019 and in Hanau in 2020, both in Germany, just to name two) and the threat they also pose to society at large, it is clear that the challenge of countering such violence and heinous acts requires a multi-pronged effort that counteracts various extremist ideologies and adapts to the changing threats landscape.

1 EU Security Union Strategy

On 24 July 2020 the European Commission set out the EU Security Union Strategy, in order to protect everyone in the EU and promote our European way of life.Footnote 2 The strategy covers the period from 2020 to 2025 and focuses on priority areas where the EU can help Member States in fostering security for all those living in Europe, while respecting European values and principles. The strategy lays out the tools and measures to be developed over the next five years to ensure security in both physical and digital environments. It is composed of four strategic priorities for action at EU level that draw heavily on the work of various EU agencies, especially those working in the JHA field. The priorities are a future-proof security environment, tackling evolving threats, protecting European from terrorism and organised crime and a strong European ecosystem. Taking a closer look at the priority on countering terrorism, the Strategy stipulates that the EU and its Member States must continue to deny terrorists the means to act, by limiting access to firearms, explosives, chemical, biological, radiological and nuclear material, as well as financing. It lays out that special attention should be paid to institutions, which can be the target of hybrid threats by state and non-state actors, through a mix of physical attacks, cyberattacks and disinformation campaigns attempting to radicalise the political narrative, as well as physical and digital infrastructure, which delivers a wide variety of services necessary for daily life (e.g. energy, transport, healthcare, finance, etc.) is interconnected. It must be protected and made resilient against both physical and cyber-attacks, which have the potential to cause cascading effects multiplying the initial impact. The Strategy also sets out the need for an EU counter-terrorism agenda as one of its deliverables.

2 EU Counter-Terrorism Agenda

The Counter-Terrorism Agenda for the EU was adopted by the European Commission on 9 December 2020.Footnote 3 It builds on the measures already adopted to deny terrorists the means to carry out attacks and to strengthen resilience against the terrorist threat, including EU rules on combating terrorism, on addressing terrorist financing and access to firearms. It is the first comprehensive coordinating document that has been published by the Commission in a while that focuses on the entire chain and various aspects of counter-terrorism and aims to boost the EU’s resilience to terrorist threats. The Agenda is based on four main pillars that aim to support Member States in better anticipating, preventing, protecting and responding to the terrorist threat.

In relation to anticipating terrorist activity, the Agenda sets out to assist in identifying vulnerabilities and building capacity to anticipate threats. Information sharing and a culture of cooperation that is multi-disciplinary and multi-level remain key for a solid threat assessment that can form the basis of a future-proof counter-terrorism policy. To better anticipate threats as well as potential blind spots, Member States should make sure that the Intelligence and Situation Centre (EU INTCEN) can rely on high quality input to increase situational awareness. The Commission will set up advisory missions to support Member States in carrying out risk assessments, building on the experience of a pool of EU Protective Security Advisors, as part of its upcoming proposal on the resilience of critical infrastructure. Security research will help enhance early detection of new threats, whilst investing in new technologies will help Europe’s counter-terrorism predictive capabilities.

Preventing attacks by addressing radicalisation is another one of the pillars of the Agenda. It sets out ways of supporting local actors and building more resilient communities as a matter of priority, in close coordination with Member States, taking into account that some attacks have also been carried out by Europeans, raised within our societies, who were radicalised without ever having visited a conflict zone. In order to counter the spread of extremist ideologies online, the European Parliament and the Council are to adopt the rules on removing terrorist content online as a matter of urgency.Footnote 4 The Commission will then in turn support their application. The EU Internet Forum will develop guidance on moderation for publicly available content for extremist material online. Promoting inclusion and providing opportunities through education, culture, youth and sports can contribute to making societies more cohesive and be a supporting factor in preventing radicalisation. An action plan on integration and inclusion is to help build such community resilience. The Agenda also focuses on strengthening preventive action in prisons, paying specific attention to the rehabilitation and reintegration of radical inmates, including after their release. To disseminate knowledge and expertise on the prevention of radicalisation, the Commission will propose setting up an EU Knowledge Hub gathering policy makers, practitioners and researchers. Recognising the specific challenges faced by foreign terrorist fighters and their family members, the Commission will support training and knowledge sharing to help Member States manage their return.

Promoting security by design and reducing vulnerabilities to protect cities and people is the third pillar of the Agenda. Many of the recent attacks that took place in the EU targeted densely crowded or highly symbolic spaces. To effectively protect Europeans, vulnerabilities need to be continually reduced, be it in public spaces or for the critical infrastructures that are essential for the functioning of our societies and economy. It is essential to modernise the management of the EU’s external borders through new and upgraded large-scale EU information systems, with reinforced support by Frontex and eu-LISA, and ensure systematic checks at the EU’s external borders. This is necessary to close what would otherwise be a security gap when it comes to returning foreign terrorist fighters. The EU will step up efforts to ensure physical protection of public spaces including places of worship through security by design. The Commission will propose to gather cities around an EU Pledge on Urban Security and Resilience and will make funding available to support them in reducing the vulnerabilities of public spaces. The Commission will also propose measures to make critical infrastructure - such as transport hubs, power stations or hospitals - more resilient. To step up aviation security, the Commission will explore options for a European legal framework to deploy security officers on flights. All those entering the EU, citizens or not, must be checked against the relevant databases. The Commission will support Member States in ensuring such systematic checks at borders. The Commission will also propose a system ensuring that a person who has been denied a firearm on security grounds in one Member State cannot lodge a similar request in another Member State, closing an existing loophole.

The fourth pillar rests on being able to effectively respond to terrorist activities and attacks. The most needs to be made of the operational support EU Agencies, such as Europol and Eurojust, can provide, as well as ensure that the EU has the right legal framework to bring perpetrators to justice and to guarantee that victims get the support and protection they need. Therefore, operational support, prosecution and victims’ rights all need to be stepped up to better respond to attacks. Police cooperation and information exchange across the EU are key to respond effectively in case of attacks and bring perpetrators to justice. The Commission will propose an EU police cooperation code in 2021 to enhance cooperation between law enforcement authorities, including in the fight against terrorism.

A substantial part of investigations against crime and terrorism involve encrypted information. The Commission will work with Member States to identify possible legal, operational, and technical solutions for lawful access and promote an approach which both maintains the effectiveness of encryption in protecting privacy and security of communications, while providing an effective response to crime and terrorism. To better support investigations and prosecution, the Commission will propose to create a network of counter-terrorism financial investigators involving Europol, to help follow the money trail and identify those involved. The Commission will also further support Member States to use battlefield information to identify, detect and prosecute returning Foreign Terrorists Fighters. Furthermore, the Commission will work to enhance the protection of victims of terrorist acts, including to improve access to compensation.

An important further pillar of the Agenda to anticipate, prevent, protect and respond to terrorism is the work with partner countries outside of the EU, both within its direct neighbourhood, but also beyond. As such, the Commission and the High Representative of the Union for Foreign Affairs and Security Policy/Vice-President, as appropriate, will step up cooperation with Western Balkan partners in the area of firearms, negotiate international agreements with Southern Neighbourhood countries to exchange personal data with Europol, and enhance strategic and operational cooperation with other regions such as the Sahel region, the Horn of Africa, other African countries and key regions in Asia. Cooperation with relevant international organisations will also be stepped up.

The Commission will appoint a Counter-Terrorism Coordinator, in charge of coordinating EU policy and funding in the area of counter-terrorism within the Commission, and in close cooperation with the Council’s EU Counter-Terrorism Coordinator, as well as the relevant EU Agencies, and the European Parliament and the Member States. The Commission already has such coordinators in other fields, such as in countering trafficking in human beings, and is a beneficial coordinating role that also gives a more unified face to the tasks and activities in countering terrorism.

3 Stronger mandate for Europol

The European Commission announced and published two legislative proposals on the same day as the EU Counter-Terrorism Agenda which set out to strengthen Europol’s mandate and enhance its capabilities in, amongst other things, counter terrorism and deliver better operational support to Member States’ investigations.

The first proposal is an amendment to Regulation (EU) 2016/794 in relation to Europol’s cooperation with private parties, the processing of personal data by Europol in support of criminal investigations, and Europol’s role on research and innovation.Footnote 5 Given that terrorists often abuse services offered by private companies to recruit followers, plan attacks, and disseminate propaganda inciting further attacks, the revised mandate will help Europol cooperate effectively with private parties, and transmit relevant evidence to Member States. For instance, Europol will be able to act as a focal point in case it is not clear which Member State has jurisdiction. The new mandate will also allow Europol to process large and complex datasets; to improve cooperation with the European Public Prosecutor’s Office as well as with non-EU partner countries. The Agency will also help develop new technologies that match law enforcement needs and strengthen Europol’s data protection framework and parliamentary oversight.

The second proposal is an amendment to Regulation (EU) 2018/1862 on the establishment, operation and use of the Schengen Information System (SIS).Footnote 6 Within the context of on-going efforts to detect foreign terrorist fighters, the Commission proposes to enable Europol the ability to enter information on terrorist suspects based on third-country sourced information in SIS, providing real-time information to police officers and border guards.

4 Regulation on addressing the dissemination of terrorist content online

After discussions and the finding of compromises that seemingly dragged on forever (the Commission tabled the proposal on 12 September 2018), agreement was finally reached on a regulation that addresses the dissemination of terrorist content online and it was published in the Official Journal on 17 May 2021.Footnote 7 The new regulation targets content such as texts, images, sound recordings or videos, including live transmissions, that incite, solicit or contribute to terrorist offences, provide instructions for such offences or solicit people to participate in a terrorist group. In line with the definitions of offences included in the Directive on combating terrorism, it also covers material that provides guidance on how to make and use explosives, firearms and other weapons for terrorist purposes. Hosting service providers have to remove or disable access to flagged terrorist content in all Member States within one hour of receiving a removal order from the competent authority. Member States will have to adopt rules on penalties, the degree of which will take into account the nature of the breach and the size of company responsible. Content uploaded for educational, journalistic, artistic or research purposes, or used for awareness-raising purposes, will not be considered terrorist content under these new rules. Internet platforms will not have a general obligation to monitor or filter content. Voluntary cooperation with the hosting service providers will continue, however, when competent national authorities have established that a hosting service provider is exposed to terrorist content, the company will have to take specific measures to prevent its propagation. It will then be up to the service provider to decide what specific measures to take to prevent this from happening, and there will be no obligation to use automated tools. Companies should publish annual transparency reports on what action they have taken to stop the dissemination of terrorist content. The legislation provides for a clear scope and a clear uniform definition of terrorist content in order to fully respect fundamental rights. It also includes effective remedies for both users whose content has been removed and for service providers to submit a complaint.

Several NGOs continue to see the new Regulation as a significant threat to freedom of expression. In particular, the broad understanding of “terrorist content” poses the risk that orders for political purposes will be abusively issued under the guise of combating terrorism. In addition, critics are predicting that giving hosting service providers such a short deadline for removing contents may encourage some to use algorithms for their moderation, which is problematic. It will remain to be seen whether the new Regulation will remain in its current form and can withstand a possible judicial review.

5 Latest EU legislative package on anti-money laundering countering the financing of terrorism

With some delay, the European Commission presented its latest package of legislative proposals to strengthen the EU’s anti-money laundering and countering the financing of terrorism (AML/CFT) rules on 20 July 2021. Its aim is to improve the detection of suspicious transactions and activities and close loopholes used by criminals to launder illicit proceeds or finance terrorist activities through the financial system. The proposals greatly enhance the existing EU framework by taking into account new and emerging challenges linked to technological innovation. These include virtual currencies, more integrated financial flows in the Single Market and the global nature of terrorist organisations.

At the heart of the legislative package is the creation of a new EU Authority via a regulation which will transform AML/CFT supervision in the EU and enhance cooperation among Financial Intelligence Units (FIUs).Footnote 8 The new EU-level Anti-Money Laundering Authority (AMLA) will be the central authority coordinating national authorities to ensure the private sector correctly and consistently applies EU rules. AMLA will also support FIUs to improve their analytical capacity around illicit flows and make financial intelligence a key source for law enforcement agencies. In particular, AMLA will establish a single integrated system of AML/CFT supervision across the EU, based on common supervisory methods and convergence of high supervisory standards; directly supervise some of the riskiest financial institutions that operate in a large number of Member States or require immediate action to address imminent risks; monitor and coordinate national supervisors responsible for other financial entities, as well as coordinate supervisors of non-financial entities; support cooperation among national FIUs and facilitate coordination and joint analyses between them, to better detect illicit financial flows of a cross-border nature.

The Single EU Rulebook for AML/CFT will harmonise AML/CFT rules across the EU, including, for example, more detailed rules on Customer Due Diligence, Beneficial Ownership and the powers and task of supervisors and FIUs, which are all important in countering terrorist financingFootnote 9 Existing national registers of bank accounts will be connected, providing faster access for FIUs to information on bank accounts and safe deposit boxes. The Commission will also provide law enforcement authorities with access to this system, speeding up financial investigations and the recovery of criminal assets in cross-border cases. Access to financial information will be subject to robust safeguards established by Directive (EU) 2019/1153 on exchange of financial information.Footnote 10 Moreover, a sixth Directive on AML/CFT (AMLD 6) will replace the existing Directive 2015/849/EU (AMLD 4), containing provisions that will be transposed into national law, such as rules on national supervisors and FIUs in Member States.Footnote 11

The fourth proposal that was presented focuses on ensuring the full application of the EU AML/CFT rules to the crypto sector. At present, only certain categories of crypto-asset service providers are included in the scope of EU AML/CFT rules. The proposed reform will extend these rules to the entire crypto sector, obliging all service providers to conduct due diligence on their customers. This is to be achieved via a revision of Regulation 2015/847/EU.Footnote 12 This recast will ensure full traceability of crypto-asset transfers, such as Bitcoin, and will allow for prevention and detection of their possible use for money laundering or terrorism financing. In addition, anonymous crypto asset wallets will be prohibited, fully applying EU AML/CFT rules to the crypto sector.