| Dokumendiregister | Majandus- ja Kommunikatsiooniministeerium |
| Viit | 1-7/22-752 |
| Registreeritud | 29.12.2022 |
| Sünkroonitud | 27.06.2025 |
| Liik | Leping |
| Funktsioon | 1 Ministeeriumi ja tema valitsemisala töö korraldamine |
| Sari | 1-7 Riigisisese ja rahvusvahelise koostöö kokkulepped |
| Toimik | 1-7 |
| Juurdepääsupiirang | Avalik |
| Juurdepääsupiirang | |
| Adressaat | |
| Saabumis/saatmisviis | |
| Vastutaja | Kaido Tee |
| Originaal | Ava uues aknas |
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
EUROPEAN COMMISSION Directorate-General for Communications Networks, Content and Technology
CNECT.C – Digital Excellence and Science Infrastructure C.4 – Emerging & Disruptive Technologies
GRANT AGREEMENT
Project 101113143 — EstQCI
PREAMBLE
This Agreement (‘the Agreement’) is between the following parties:
on the one part,
the European Union (‘EU’), represented by the European Commission (‘European Commission’ or ‘granting authority’),
and
on the other part,
1. ‘the coordinator’:
MAJANDUS JA KOMMUNIKATSIOONIMINISTEERIUM (MKM), PIC 963638450, established in SUUR-AMEERIKA 1, TALLINN 10122, Estonia,
and the following other beneficiaries, if they sign their ‘accession form’ (see Annex 3 and Article 40):
2. AKTSIASELTS METROSERT (Metrosert), PIC 994104016, established in TEADUSPARGI 8, TALLINN 12618, Estonia,
3. STATE INFOCOMMUNICATION FOUNDATION (RIKS), PIC 911424126, established in ADALA 29, TALLIN 10614, Estonia,
4. Kaitseministeerium (EE MoD), PIC 905124655, established in Sakala 1, Tallinn 15094, Estonia,
Unless otherwise specified, references to ‘beneficiary’ or ‘beneficiaries’ include the coordinator and affiliated entities (if any).
If only one beneficiary signs the grant agreement (‘mono-beneficiary grant’), all provisions referring to the ‘coordinator’ or the ‘beneficiaries’ will be considered — mutatis mutandis — as referring to the beneficiary.
The parties referred to above have agreed to enter into the Agreement.
By signing the Agreement and the accession forms, the beneficiaries accept the grant and agree to implement the action under their own responsibility and in accordance with the Agreement, with all the obligations and terms and conditions it sets out.
1
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
The Agreement is composed of:
Preamble
Terms and Conditions (including Data Sheet)
Annex 1 Description of the action1
Annex 2 Estimated budget for the action
Annex 2a Additional information on unit costs and contributions (if applicable)
Annex 3 Accession forms (if applicable)2
Annex 3a Declaration on joint and several liability of affiliated entities (if applicable)3
Annex 4 Model for the financial statements
Annex 5 Specific rules (if applicable)
1 Template published on Portal Reference Documents. 2 Template published on Portal Reference Documents. 3 Template published on Portal Reference Documents.
2
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
TERMS AND CONDITIONS
TABLE OF CONTENTS
GRANT AGREEMENT.................................................................................................................................................... 1
PREAMBLE........................................................................................................................................................................1
TERMS AND CONDITIONS...........................................................................................................................................3
DATASHEET...................................................................................................................................................................... 8
CHAPTER 1 GENERAL..............................................................................................................................................13
ARTICLE 1 — SUBJECT OF THE AGREEMENT ..................................................................................... 13
ARTICLE 2 — DEFINITIONS........................................................................................................................13
CHAPTER 2 ACTION................................................................................................................................................. 14
ARTICLE 3 — ACTION................................................................................................................................. 14
ARTICLE 4 — DURATION AND STARTING DATE...................................................................................14
CHAPTER 3 GRANT...................................................................................................................................................14
ARTICLE 5 — GRANT...................................................................................................................................14
5.1 Form of grant......................................................................................................................................14
5.2 Maximum grant amount..................................................................................................................... 15
5.3 Funding rate........................................................................................................................................15
5.4 Estimated budget, budget categories and forms of funding.............................................................. 15
5.5 Budget flexibility................................................................................................................................15
ARTICLE 6 — ELIGIBLE AND INELIGIBLE COSTS AND CONTRIBUTIONS......................................16
6.1 General eligibility conditions............................................................................................................. 16
6.2 Specific eligibility conditions for each budget category................................................................... 17
6.3 Ineligible costs and contributions...................................................................................................... 22
6.4 Consequences of non-compliance...................................................................................................... 23
CHAPTER 4 GRANT IMPLEMENTATION............................................................................................................ 23
SECTION 1 CONSORTIUM: BENEFICIARIES, AFFILIATED ENTITIES AND OTHER PARTICIPANTS........................................................................................................................................ 23
ARTICLE 7 — BENEFICIARIES................................................................................................................... 23
ARTICLE 8 — AFFILIATED ENTITIES....................................................................................................... 25
ARTICLE 9 — OTHER PARTICIPANTS INVOLVED IN THE ACTION................................................... 25
9.1 Associated partners.............................................................................................................................25
9.2 Third parties giving in-kind contributions to the action.................................................................... 25
9.3 Subcontractors.....................................................................................................................................25
3
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
9.4 Recipients of financial support to third parties..................................................................................26
ARTICLE 10 — PARTICIPANTS WITH SPECIAL STATUS....................................................................... 26
10.1 Non-EU participants......................................................................................................................... 26
10.2 Participants which are international organisations...........................................................................26
10.3 Pillar-assessed participants............................................................................................................... 27
SECTION 2 RULES FOR CARRYING OUT THE ACTION...........................................................................29
ARTICLE 11 — PROPER IMPLEMENTATION OF THE ACTION............................................................ 29
11.1 Obligation to properly implement the action................................................................................... 29
11.2 Consequences of non-compliance.................................................................................................... 29
ARTICLE 12 — CONFLICT OF INTERESTS.............................................................................................. 29
12.1 Conflict of interests.......................................................................................................................... 30
12.2 Consequences of non-compliance.................................................................................................... 30
ARTICLE 13 — CONFIDENTIALITY AND SECURITY............................................................................ 30
13.1 Sensitive information........................................................................................................................30
13.2 Classified information...................................................................................................................... 31
13.3 Consequences of non-compliance.................................................................................................... 31
ARTICLE 14 — ETHICS AND VALUES...................................................................................................... 31
14.1 Ethics.................................................................................................................................................31
14.2 Values................................................................................................................................................31
14.3 Consequences of non-compliance.................................................................................................... 31
ARTICLE 15 — DATA PROTECTION.......................................................................................................... 32
15.1 Data processing by the granting authority....................................................................................... 32
15.2 Data processing by the beneficiaries............................................................................................... 32
15.3 Consequences of non-compliance.................................................................................................... 33
ARTICLE 16 — INTELLECTUAL PROPERTY RIGHTS (IPR) — BACKGROUND AND RESULTS — ACCESS RIGHTS AND RIGHTS OF USE................................................................................ 33
16.1 Background and access rights to background..................................................................................33
16.2 Ownership of results.........................................................................................................................33
16.3 Rights of use of the granting authority on materials, documents and information received for policy, information, communication, dissemination and publicity purposes...................................33
16.4 Specific rules on IPR, results and background................................................................................34
16.5 Consequences of non-compliance.................................................................................................... 34
ARTICLE 17 — COMMUNICATION, DISSEMINATION AND VISIBILITY............................................ 34
17.1 Communication — Dissemination — Promoting the action........................................................... 34
17.2 Visibility — European flag and funding statement......................................................................... 35
17.3 Quality of information — Disclaimer..............................................................................................35
4
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
17.4 Specific communication, dissemination and visibility rules............................................................36
17.5 Consequences of non-compliance.................................................................................................... 36
ARTICLE 18 — SPECIFIC RULES FOR CARRYING OUT THE ACTION............................................... 36
18.1 Specific rules for carrying out the action........................................................................................ 36
18.2 Consequences of non-compliance.................................................................................................... 36
SECTION 3 GRANT ADMINISTRATION......................................................................................................... 36
ARTICLE 19 — GENERAL INFORMATION OBLIGATIONS....................................................................36
19.1 Information requests......................................................................................................................... 36
19.2 Participant Register data updates..................................................................................................... 36
19.3 Information about events and circumstances which impact the action............................................36
19.4 Consequences of non-compliance.................................................................................................... 37
ARTICLE 20 — RECORD-KEEPING............................................................................................................ 37
20.1 Keeping records and supporting documents.................................................................................... 37
20.2 Consequences of non-compliance.................................................................................................... 38
ARTICLE 21 — REPORTING........................................................................................................................ 38
21.1 Continuous reporting........................................................................................................................ 38
21.2 Periodic reporting: Technical reports and financial statements....................................................... 39
21.3 Currency for financial statements and conversion into euros..........................................................40
21.4 Reporting language...........................................................................................................................40
21.5 Consequences of non-compliance.................................................................................................... 40
ARTICLE 22 — PAYMENTS AND RECOVERIES — CALCULATION OF AMOUNTS DUE................. 40
22.1 Payments and payment arrangements.............................................................................................. 40
22.2 Recoveries.........................................................................................................................................41
22.3 Amounts due.....................................................................................................................................41
22.4 Enforced recovery.............................................................................................................................46
22.5 Consequences of non-compliance.................................................................................................... 46
ARTICLE 23 — GUARANTEES....................................................................................................................47
23.1 Prefinancing guarantee..................................................................................................................... 47
23.2 Consequences of non-compliance.................................................................................................... 47
ARTICLE 24 — CERTIFICATES................................................................................................................... 48
24.1 Operational verification report (OVR).............................................................................................48
24.2 Certificate on the financial statements (CFS).................................................................................. 48
24.3 Certificate on the compliance of usual cost accounting practices (CoMUC).................................. 48
24.4 Systems and process audit (SPA).....................................................................................................49
24.5 Consequences of non-compliance.................................................................................................... 49
5
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
ARTICLE 25 — CHECKS, REVIEWS, AUDITS AND INVESTIGATIONS — EXTENSION OF FINDINGS..................................................................................................................................... 49
25.1 Granting authority checks, reviews and audits................................................................................ 49
25.2 European Commission checks, reviews and audits in grants of other granting authorities..............51
25.3 Access to records for assessing simplified forms of funding.......................................................... 51
25.4 OLAF, EPPO and ECA audits and investigations........................................................................... 51
25.5 Consequences of checks, reviews, audits and investigations — Extension of results of reviews, audits or investigations.................................................................................................................... 51
25.6 Consequences of non-compliance.................................................................................................... 52
ARTICLE 26 — IMPACT EVALUATIONS................................................................................................... 53
26.1 Impact evaluation............................................................................................................................. 53
26.2 Consequences of non-compliance.................................................................................................... 53
CHAPTER 5 CONSEQUENCES OF NON-COMPLIANCE.................................................................................. 53
SECTION 1 REJECTIONS AND GRANT REDUCTION.................................................................................53
ARTICLE 27 — REJECTION OF COSTS AND CONTRIBUTIONS...........................................................53
27.1 Conditions......................................................................................................................................... 53
27.2 Procedure.......................................................................................................................................... 53
27.3 Effects............................................................................................................................................... 54
ARTICLE 28 — GRANT REDUCTION........................................................................................................ 54
28.1 Conditions......................................................................................................................................... 54
28.2 Procedure.......................................................................................................................................... 54
28.3 Effects............................................................................................................................................... 54
SECTION 2 SUSPENSION AND TERMINATION............................................................................................54
ARTICLE 29 — PAYMENT DEADLINE SUSPENSION............................................................................. 55
29.1 Conditions......................................................................................................................................... 55
29.2 Procedure.......................................................................................................................................... 55
ARTICLE 30 — PAYMENT SUSPENSION...................................................................................................55
30.1 Conditions......................................................................................................................................... 55
30.2 Procedure.......................................................................................................................................... 56
ARTICLE 31 — GRANT AGREEMENT SUSPENSION..............................................................................56
31.1 Consortium-requested GA suspension............................................................................................. 56
31.2 EU-initiated GA suspension.............................................................................................................57
ARTICLE 32 — GRANT AGREEMENT OR BENEFICIARY TERMINATION......................................... 58
32.1 Consortium-requested GA termination............................................................................................ 58
32.2 Consortium-requested beneficiary termination................................................................................ 59
32.3 EU-initiated GA or beneficiary termination.................................................................................... 60
6
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
SECTION 3 OTHER CONSEQUENCES: DAMAGES AND ADMINISTRATIVE SANCTIONS............... 63
ARTICLE 33 — DAMAGES...........................................................................................................................63
33.1 Liability of the granting authority....................................................................................................63
33.2 Liability of the beneficiaries............................................................................................................ 64
ARTICLE 34 — ADMINISTRATIVE SANCTIONS AND OTHER MEASURES....................................... 64
SECTION 4 FORCE MAJEURE.......................................................................................................................... 64
ARTICLE 35 — FORCE MAJEURE..............................................................................................................64
CHAPTER 6 FINAL PROVISIONS...........................................................................................................................64
ARTICLE 36 — COMMUNICATION BETWEEN THE PARTIES...............................................................65
36.1 Forms and means of communication — Electronic management................................................... 65
36.2 Date of communication.................................................................................................................... 65
36.3 Addresses for communication.......................................................................................................... 65
ARTICLE 37 — INTERPRETATION OF THE AGREEMENT.....................................................................65
ARTICLE 38 — CALCULATION OF PERIODS AND DEADLINES..........................................................66
ARTICLE 39 — AMENDMENTS.................................................................................................................. 66
39.1 Conditions......................................................................................................................................... 66
39.2 Procedure.......................................................................................................................................... 66
ARTICLE 40 — ACCESSION AND ADDITION OF NEW BENEFICIARIES........................................... 67
40.1 Accession of the beneficiaries mentioned in the Preamble............................................................. 67
40.2 Addition of new beneficiaries.......................................................................................................... 67
ARTICLE 41 — TRANSFER OF THE AGREEMENT................................................................................. 67
ARTICLE 42 — ASSIGNMENTS OF CLAIMS FOR PAYMENT AGAINST THE GRANTING AUTHORITY.................................................................................................................................68
ARTICLE 43 — APPLICABLE LAW AND SETTLEMENT OF DISPUTES.............................................. 68
43.1 Applicable law..................................................................................................................................68
43.2 Dispute settlement............................................................................................................................ 68
ARTICLE 44 — ENTRY INTO FORCE.........................................................................................................68
7
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
DATA SHEET
1. General data
Project summary:
Project summary
The purpose of the EstQCI project is to deploy the first experimental QKD network in Estonia in order to be prepared for the full deployment of the EuroQCI. EstQCI should provide the basis for the fast uptake and deployment of quantum security technology by building up the competence of relevant ministries, companies and other entities. In addition, the project would serve as a deployment model for the future deployment of QKD network in Estonia. The project aims to build up a metropolitan QKD network and test long- distance links to be ready for connections with neighbouring countries. In these networks, devices from EU-27 developers will be used, when possible. The main goals of the project are as follows: a) Building up the know-how and competence of relevant entities for future deployment of QKD networks and services b) Testing the readiness of devices from EU-27 producers to gain information about their suitability for the Estonian conditions and needs c) First demonstrations of the use of the network between metropolitan areas as well as for long-distance network in laboratory conditions d) Collaborating with neighbouring countries and preparation for cross-border links with Finland, Latvia and Sweden e) Sharing knowledge with relevant stakeholders, raise the awareness of companies and other relevant entities about the possibilities of the network to prepare for future secure connectivity/ cyber security applications. One of the important elements of the EstQCI project is coordination with Finland, Latvia, Lithuania, Poland and Sweden to create a foundation for the future cooperation within the margins of EuroQCI project and to prepare for terrestrial cross-border connections between Member States. As a result of the project we will open our network for interested parties (for example cyber security industry, academia etc) and facilitate the exploration of further use cases of the network. We will build up a wide-scale competence among the relevant stakeholder
Keywords:
– Quantum Technologies (e.g. computing and communication)
Project number: 101113143
Project name: Estonian Quantum Communication Infrastructure
Project acronym: EstQCI
Call: DIGITAL-2022-QCI-02
Topic: DIGITAL-2022-QCI-02-DEPLOY-NATIONAL
Type of action: DIGITAL Simple Grants
Granting authority: European Commission-EU
Grant managed through EU Funding & Tenders Portal: Yes (eGrants)
Project starting date: fixed date: 1 January 2023
Project end date: 30 June 2025
Project duration: 30 months
Consortium agreement: Yes
2. Participants
List of participants:
N° Role Short name Legal name Ctry PIC Total
eligible costs (BEN and AE)
Max grant amount
1 COO MKM MAJANDUS JA KOMMUNIKATSIOONIMINISTEERIUM EE 963638450 681 483.00 340 741.50
2 BEN Metrosert AKTSIASELTS METROSERT EE 994104016 831 390.00 415 695.00
3 BEN RIKS STATE INFOCOMMUNICATION FOUNDATION EE 911424126 2 332 600.00 1 166 300.00
4 BEN EE MoD Kaitseministeerium EE 905124655 154 080.00 77 040.00
8
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
N° Role Short name Legal name Ctry PIC Total
eligible costs (BEN and AE)
Max grant amount
Total 3 999 553.00 1 999 776.50
Coordinator:
– MAJANDUS JA KOMMUNIKATSIOONIMINISTEERIUM (MKM)
3. Grant
Maximum grant amount, total estimated eligible costs and contributions and funding rate:
Total eligible costs (BEN and AE)
Funding rate (%)
Maximum grant amount (Annex 2)
Maximum grant amount (award decision)
3 999 553.00 50 1 999 776.50 1 999 776.50
Grant form: Budget-based
Grant mode: Action grant
Budget categories/activity types:
- A. Personnel costs - A.1 Employees, A.2 Natural persons under direct contract, A.3 Seconded persons - A.4 SME owners and natural person beneficiaries
- B. Subcontracting costs
- C. Purchase costs - C.1 Travel and subsistence - C.2 Equipment - C.3 Other goods, works and services
- D. Other cost categories - D.1 Financial support to third parties - D.2 Internally invoiced goods and services
- E. Indirect costs
Cost eligibility options:
- Standard supplementary payments
- Average personnel costs (unit cost according to usual cost accounting practices)
- Limitation for subcontracting
- Travel and subsistence: - Travel: Actual costs - Accommodation: Actual costs - Subsistence: Actual costs
- Equipment: depreciation and full costs for listed equipment
- Costs for providing financial support to third parties (actual cost; max amount for each recipient: EUR 0.00)
9
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
- Indirect cost flat-rate: 7% of the eligible direct costs (categories A-D, except volunteers costs and exempted specific cost categories, if any)
- VAT: Yes
- Country restrictions for eligible costs
- Other ineligible costs
Budget flexibility: Yes (no flexibility cap)
4. Reporting, payments and recoveries
4.1 Continuous reporting (art 21)
Deliverables: see Funding & Tenders Portal Continuous Reporting tool
4.2 Periodic reporting and payments
Reporting and payment schedule (art 21, 22):
Reporting Payments
Reporting periods Type Deadline Type Deadline (time to pay)
RP No Month from Month to
Initial prefinancing
30 days from entry into force/10 days
before starting date/ financial guarantee
(if required) – whichever is the latest
1 1 12 Periodic report 60 days after end of reporting period
Interim payment 90 days from receiving
periodic report
2 13 30 Periodic report 60 days after end of reporting period
Final payment 90 days from receiving
periodic report
Prefinancing payments and guarantees:
Prefinancing payment Prefinancing guarantee
Type Amount Guarantee amount Division per participant
Prefinancing 1 (initial) 1 299 854.73 n/a 1 - MKM n/a
2 - Metrosert n/a
3 - RIKS n/a
4 - EE MoD n/a
Reporting and payment modalities (art 21, 22):
Mutual Insurance Mechanism (MIM): No
Restrictions on distribution of initial prefinancing: The prefinancing may be distributed only if the minimum number of beneficiaries set out in the call condititions (if any) have acceded to the Agreement and only to beneficiaries that have acceded.
Interim payment ceiling (if any): 90% of the maximum grant amount
10
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
No-profit rule: Yes
Late payment interest: ECB + 3.5%
Bank account for payments:
EE891010220034796011
Conversion into euros: Double conversion
Reporting language: Language of the Agreement
4.3 Certificates (art 24):
Certificates on the financial statements (CFS):
Conditions:
Schedule: only at final payment, if threshold is reached
Standard threshold (beneficiary-level):
- financial statement: requested EU contribution to costs ≥ EUR 325 000.00
4.4 Recoveries (art 22)
First-line liability for recoveries:
Beneficiary termination: Beneficiary concerned
Final payment: Coordinator
After final payment: Beneficiary concerned
Joint and several liability for enforced recoveries (in case of non-payment):
Limited joint and several liability of other beneficiaries — up to the maximum grant amount of the beneficiary
Joint and several liability of affiliated entities — n/a
5. Consequences of non-compliance, applicable law & dispute settlement forum
Applicable law (art 43):
Standard applicable law regime: EU law + law of Belgium
Dispute settlement forum (art 43):
Standard dispute settlement forum:
EU beneficiaries: EU General Court + EU Court of Justice (on appeal)
Non-EU beneficiaries: Courts of Brussels, Belgium (unless an international agreement provides for the enforceability of EU court judgements)
6. Other
Specific rules (Annex 5): Yes
Standard time-limits after project end:
11
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Confidentiality (for X years after final payment): 5
Record-keeping (for X years after final payment): 5 (or 3 for grants of not more than EUR 60 000)
Reviews (up to X years after final payment): 5 (or 3 for grants of not more than EUR 60 000)
Audits (up to X years after final payment): 5 (or 3 for grants of not more than EUR 60 000)
Extension of findings from other grants to this grant (no later than X years after final payment): 5 (or 3 for grants of not more than EUR 60 000)
Impact evaluation (up to X years after final payment): 5 (or 3 for grants of not more than EUR 60 000)
12
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
CHAPTER 1 GENERAL
ARTICLE 1 — SUBJECT OF THE AGREEMENT
This Agreement sets out the rights and obligations and terms and conditions applicable to the grant awarded for the implementation of the action set out in Chapter 2.
ARTICLE 2 — DEFINITIONS
For the purpose of this Agreement, the following definitions apply:
Actions — The project which is being funded in the context of this Agreement.
Grant — The grant awarded in the context of this Agreement.
EU grants — Grants awarded by EU institutions, bodies, offices or agencies (including EU executive agencies, EU regulatory agencies, EDA, joint undertakings, etc.).
Participants — Entities participating in the action as beneficiaries, affiliated entities, associated partners, third parties giving in-kind contributions, subcontractors or recipients of financial support to third parties.
Beneficiaries (BEN) — The signatories of this Agreement (either directly or through an accession form).
Affiliated entities (AE) — Entities affiliated to a beneficiary within the meaning of Article 187 of EU Financial Regulation 2018/10464 which participate in the action with similar rights and obligations as the beneficiaries (obligation to implement action tasks and right to charge costs and claim contributions).
Associated partners (AP) — Entities which participate in the action, but without the right to charge costs or claim contributions.
Purchases — Contracts for goods, works or services needed to carry out the action (e.g. equipment, consumables and supplies) but which are not part of the action tasks (see Annex 1).
Subcontracting — Contracts for goods, works or services that are part of the action tasks (see Annex 1).
In-kind contributions — In-kind contributions within the meaning of Article 2(36) of EU Financial
4 For the definition, see Article 187 Regulation (EU, Euratom) 2018/1046 of the European Parliament and of the Council of 18 July 2018 on the financial rules applicable to the general budget of the Union, amending Regulations (EU) No 1296/2013, (EU) No 1301/2013, (EU) No 1303/2013, (EU) No 1304/2013, (EU) No 1309/2013, (EU) No 1316/2013, (EU) No 223/2014, (EU) No 283/2014, and Decision No 541/2014/EU and repealing Regulation (EU, Euratom) No 966/2012 (‘EU Financial Regulation’) (OJ L 193, 30.7.2018, p. 1): “affiliated entities [are]: (a) entities that form a sole beneficiary [(i.e. where an entity is formed of several entities that satisfy the criteria for
being awarded a grant, including where the entity is specifically established for the purpose of implementing an action to be financed by a grant)];
(b) entities that satisfy the eligibility criteria and that do not fall within one of the situations referred to in Article 136(1) and 141(1) and that have a link with the beneficiary, in particular a legal or capital link, which is neither limited to the action nor established for the sole purpose of its implementation”.
13
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Regulation 2018/1046, i.e. non-financial resources made available free of charge by third parties.
Fraud — Fraud within the meaning of Article 3 of EU Directive 2017/13715 and Article 1 of the Convention on the protection of the European Communities’ financial interests, drawn up by the Council Act of 26 July 19956, as well as any other wrongful or criminal deception intended to result in financial or personal gain.
Irregularities — Any type of breach (regulatory or contractual) which could impact the EU financial interests, including irregularities within the meaning of Article 1(2) of EU Regulation 2988/957.
Grave professional misconduct — Any type of unacceptable or improper behaviour in exercising one’s profession, especially by employees, including grave professional misconduct within the meaning of Article 136(1)(c) of EU Financial Regulation 2018/1046.
Applicable EU, international and national law — Any legal acts or other (binding or non-binding) rules and guidance in the area concerned.
Portal — EU Funding & Tenders Portal; electronic portal and exchange system managed by the European Commission and used by itself and other EU institutions, bodies, offices or agencies for the management of their funding programmes (grants, procurements, prizes, etc.).
CHAPTER 2 ACTION
ARTICLE 3 — ACTION
The grant is awarded for the action 101113143 — EstQCI (‘action’), as described in Annex 1.
ARTICLE 4 — DURATION AND STARTING DATE
The duration and the starting date of the action are set out in the Data Sheet (see Point 1).
CHAPTER 3 GRANT
ARTICLE 5 — GRANT
5.1 Form of grant
The grant is an action grant8 which takes the form of a budget-based mixed actual cost grant (i.e. a
5 Directive (EU) 2017/1371 of the European Parliament and of the Council of 5 July 2017 on the fight against fraud to the Union’s financial interests by means of criminal law (OJ L 198, 28.7.2017, p. 29).
6 OJ C 316, 27.11.1995, p. 48. 7 Council Regulation (EC, Euratom) No 2988/95 of 18 December 1995 on the protection of the European Communities
financial interests (OJ L 312, 23.12.1995, p. 1). 8 For the definition, see Article 180(2)(a) EU Financial Regulation 2018/1046: ‘action grant’ means an EU grant to
finance “an action intended to help achieve a Union policy objective”.
14
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
grant based on actual costs incurred, but which may also include other forms of funding, such as unit costs or contributions, flat-rate costs or contributions, lump sum costs or contributions or financing not linked to costs).
5.2 Maximum grant amount
The maximum grant amount is set out in the Data Sheet (see Point 3) and in the estimated budget (Annex 2).
5.3 Funding rate
The funding rate for costs is 50% of the action’s eligible costs.
Contributions are not subject to any funding rate.
5.4 Estimated budget, budget categories and forms of funding
The estimated budget for the action is set out in Annex 2.
It contains the estimated eligible costs and contributions for the action, broken down by participant and budget category.
Annex 2 also shows the types of costs and contributions (forms of funding)9 to be used for each budget category.
If unit costs or contributions are used, the details on the calculation will be explained in Annex 2a.
5.5 Budget flexibility
The budget breakdown may be adjusted — without an amendment (see Article 39) — by transfers (between participants and budget categories), as long as this does not imply any substantive or important change to the description of the action in Annex 1.
However:
- changes to the budget category for volunteers (if used) always require an amendment
- changes to budget categories with lump sums costs or contributions (if used; including financing not linked to costs) always require an amendment
- changes to budget categories with higher funding rates or budget ceilings (if used) always require an amendment
- addition of amounts for subcontracts not provided for in Annex 1 either require an amendment or simplified approval in accordance with Article 6.2
- other changes require an amendment or simplified approval, if specifically provided for in Article 6.2
- flexibility caps: not applicable.
9 See Article 125 EU Financial Regulation 2018/1046.
15
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
ARTICLE 6 — ELIGIBLE AND INELIGIBLE COSTS AND CONTRIBUTIONS
In order to be eligible, costs and contributions must meet the eligibility conditions set out in this Article.
6.1 General eligibility conditions
The general eligibility conditions are the following:
(a) for actual costs:
(i) they must be actually incurred by the beneficiary
(ii) they must be incurred in the period set out in Article 4 (with the exception of costs relating to the submission of the final periodic report, which may be incurred afterwards; see Article 21)
(iii) they must be declared under one of the budget categories set out in Article 6.2 and Annex 2
(iv) they must be incurred in connection with the action as described in Annex 1 and necessary for its implementation
(v) they must be identifiable and verifiable, in particular recorded in the beneficiary’s accounts in accordance with the accounting standards applicable in the country where the beneficiary is established and with the beneficiary’s usual cost accounting practices
(vi) they must comply with the applicable national law on taxes, labour and social security and
(vii) they must be reasonable, justified and must comply with the principle of sound financial management, in particular regarding economy and efficiency
(b) for unit costs or contributions (if any):
(i) they must be declared under one of the budget categories set out in Article 6.2 and Annex 2
(ii) the units must:
- be actually used or produced by the beneficiary in the period set out in Article 4 (with the exception of units relating to the submission of the final periodic report, which may be used or produced afterwards; see Article 21)
- be necessary for the implementation of the action and
(iii) the number of units must be identifiable and verifiable, in particular supported by records and documentation (see Article 20)
(c) for flat-rate costs or contributions (if any):
(i) they must be declared under one of the budget categories set out in Article 6.2 and Annex 2
16
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
(ii) the costs or contributions to which the flat-rate is applied must:
- be eligible
- relate to the period set out in Article 4 (with the exception of costs or contributions relating to the submission of the final periodic report, which may be incurred afterwards; see Article 21)
(d) for lump sum costs or contributions (if any):
(i) they must be declared under one of the budget categories set out in Article 6.2 and Annex 2
(ii) the work must be properly implemented by the beneficiary in accordance with Annex 1
(iii) the deliverables/outputs must be achieved in the period set out in Article 4 (with the exception of deliverables/outputs relating to the submission of the final periodic report, which may be achieved afterwards; see Article 21)
(e) for unit, flat-rate or lump sum costs or contributions according to usual cost accounting practices (if any):
(i) they must fulfil the general eligibility conditions for the type of cost concerned
(ii) the cost accounting practices must be applied in a consistent manner, based on objective criteria, regardless of the source of funding
(f) for financing not linked to costs (if any): the results must be achieved or the conditions must be fulfilled as described in Annex 1.
In addition, for direct cost categories (e.g. personnel, travel & subsistence, subcontracting and other direct costs) only costs that are directly linked to the action implementation and can therefore be attributed to it directly are eligible. They must not include any indirect costs (i.e. costs that are only indirectly linked to the action, e.g. via cost drivers).
6.2 Specific eligibility conditions for each budget category
For each budget category, the specific eligibility conditions are as follows:
Direct costs
A. Personnel costs
A.1 Costs for employees (or equivalent) are eligible as personnel costs if they fulfil the general eligibility conditions and are related to personnel working for the beneficiary under an employment contract (or equivalent appointing act) and assigned to the action.
They must be limited to salaries, social security contributions, taxes and other costs linked to the remuneration, if they arise from national law or the employment contract (or equivalent appointing act) and be calculated on the basis of the costs actually incurred, in accordance with the following method:
17
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
{daily rate for the person
multiplied by
number of day-equivalents worked on the action (rounded up or down to the nearest half-day)}.
The daily rate must be calculated as:
{annual personnel costs for the person
divided by
215}.
The number of day-equivalents declared for a person must be identifiable and verifiable (see Article 20).
The total number of day-equivalents declared in EU grants, for a person for a year, cannot be higher than 215.
The personnel costs may also include supplementary payments for personnel assigned to the action (including payments on the basis of supplementary contracts regardless of their nature), if:
- it is part of the beneficiary’s usual remuneration practices and is paid in a consistent manner whenever the same kind of work or expertise is required
- the criteria used to calculate the supplementary payments are objective and generally applied by the beneficiary, regardless of the source of funding used.
If the beneficiary uses average personnel costs (unit cost according to usual cost accounting practices), the personnel costs must fulfil the general eligibility conditions for such unit costs and the daily rate must be calculated:
- using the actual personnel costs recorded in the beneficiary’s accounts and excluding any costs which are ineligible or already included in other budget categories; the actual personnel costs may be adjusted on the basis of budgeted or estimated elements, if they are relevant for calculating the personnel costs, reasonable and correspond to objective and verifiable information
and
- according to usual cost accounting practices which are applied in a consistent manner, based on objective criteria, regardless of the source of funding.
A.2 and A.3 Costs for natural persons working under a direct contract other than an employment contract and costs for seconded persons by a third party against payment are also eligible as personnel costs, if they are assigned to the action, fulfil the general eligibility conditions and:
(a) work under conditions similar to those of an employee (in particular regarding the way the work is organised, the tasks that are performed and the premises where they are performed) and
(b) the result of the work belongs to the beneficiary (unless agreed otherwise).
They must be calculated on the basis of a rate which corresponds to the costs actually incurred for
18
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
the direct contract or secondment and must not be significantly different from those for personnel performing similar tasks under an employment contract with the beneficiary.
A.4 The work of SME owners for the action (i.e. owners of beneficiaries that are small and medium- sized enterprises10 not receiving a salary) or natural person beneficiaries (i.e. beneficiaries that are natural persons not receiving a salary) may be declared as personnel costs, if they fulfil the general eligibility conditions and are calculated as unit costs in accordance with the method set out in Annex 2a.
B. Subcontracting costs
Subcontracting costs for the action (including related duties, taxes and charges, such as non- deductible or non-refundable value added tax (VAT)) are eligible, if they are calculated on the basis of the costs actually incurred, fulfil the general eligibility conditions and are awarded using the beneficiary’s usual purchasing practices — provided these ensure subcontracts with best value for money (or if appropriate the lowest price) and that there is no conflict of interests (see Article 12).
Beneficiaries that are ‘contracting authorities/entities’ within the meaning of the EU Directives on public procurement must also comply with the applicable national law on public procurement.
The beneficiaries must ensure that the subcontracted work is performed in the eligible countries or target countries set out in the call conditions — unless otherwise approved by the granting authority.
Subcontracting may cover only a limited part of the action.
The tasks to be subcontracted and the estimated cost for each subcontract must be set out in Annex 1 and the total estimated costs of subcontracting per beneficiary must be set out in Annex 2 (or may be approved ex post in the periodic report, if the use of subcontracting does not entail changes to the Agreement which would call into question the decision awarding the grant or breach the principle of equal treatment of applicants; ‘simplified approval procedure’).
C. Purchase costs
Purchase costs for the action (including related duties, taxes and charges, such as non-deductible or non-refundable value added tax (VAT)) are eligible if they fulfil the general eligibility conditions and are bought using the beneficiary’s usual purchasing practices — provided these ensure purchases with best value for money (or if appropriate the lowest price) and that there is no conflict of interests (see Article 12).
Beneficiaries that are ‘contracting authorities/entities’ within the meaning of the EU Directives on public procurement must also comply with the applicable national law on public procurement.
10 For the definition, see Commission Recommendation 2003/361/EC: micro, small or medium-sized enterprise (SME) are enterprises
- engaged in an economic activity, irrespective of their legal form (including, in particular, self- employed persons and family businesses engaged in craft or other activities, and partnerships or associations regularly engaged in an economic activity) and
- employing fewer than 250 persons (expressed in ‘annual working units’ as defined in Article 5 of the Recommendation) and which have an annual turnover not exceeding EUR 50 million, and/or an annual balance sheet total not exceeding EUR 43 million.
19
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
C.1 Travel and subsistence
Purchases for travel, accommodation and subsistence must be calculated as follows:
- travel: on the basis of the costs actually incurred and in line with the beneficiary’s usual practices on travel
- accommodation: on the basis of the costs actually incurred and in line with the beneficiary’s usual practices on travel
- subsistence: on the basis of the costs actually incurred and in line with the beneficiary’s usual practices on travel .
C.2 Equipment
Purchases of equipment, infrastructure or other assets used for the action must be declared as depreciation costs, calculated on the basis of the costs actually incurred and written off in accordance with international accounting standards and the beneficiary’s usual accounting practices.
Only the portion of the costs that corresponds to the rate of actual use for the action during the action duration can be taken into account.
Costs for renting or leasing equipment, infrastructure or other assets are also eligible, if they do not exceed the depreciation costs of similar equipment, infrastructure or assets and do not include any financing fees.
Moreover, for the following equipment, infrastructure or other assets purchased specifically for the action (or developed as part of the action tasks): See the list in a separate table “Equipment with full- cost option” in Annex I, Part B of the Grant Agreement
costs may exceptionally be declared as full capitalised costs, if they fulfil the cost eligibility conditions applicable to their respective cost categories.
‘Capitalised costs’ means:
- costs incurred in the purchase or for the development of the equipment, infrastructure or other assets and
- which are recorded under a fixed asset account of the beneficiary in compliance with international accounting standards and the beneficiary’s usual cost accounting practices.
If such equipment, infrastructure or other assets are rented or leased, full costs for renting or leasing are eligible, if they do not exceed the depreciation costs of similar equipment, infrastructure or assets and do not include any financing fees.
C.3 Other goods, works and services
Purchases of other goods, works and services must be calculated on the basis of the costs actually incurred.
Such goods, works and services include, for instance, consumables and supplies, promotion, dissemination, protection of results, translations, publications, certificates and financial guarantees, if required under the Agreement.
20
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
D. Other cost categories
D.1 Financial support to third parties
Costs for providing financial support to third parties (in the form of grants, prizes or similar forms of support; if any) are eligible, if and as declared eligible in the call conditions, if they fulfil the general eligibility conditions, are calculated on the basis of the costs actually incurred and the support is implemented in accordance with the conditions set out in Annex 1.
These conditions must ensure objective and transparent selection procedures and include at least the following:
(a) for grants (or similar):
(i) the maximum amount of financial support for each third party (‘recipient’); this amount may not exceed the amount set out in the Data Sheet (see Point 3) or otherwise agreed with the granting authority
(ii) the criteria for calculating the exact amount of the financial support
(iii) the different types of activity that qualify for financial support, on the basis of a closed list
(iv) the persons or categories of persons that will be supported and
(v) the criteria and procedures for giving financial support
(b) for prizes (or similar):
(i) the eligibility and award criteria
(ii) the amount of the prize and
(iii) the payment arrangements.
D.2 Internally invoiced goods and services
Costs for internally invoiced goods and services directly used for the action may be declared as unit cost according to usual cost accounting practices, if and as declared eligible in the call conditions, if they fulfil the general eligibility conditions for such unit costs and the amount per unit is calculated:
- using the actual costs for the good or service recorded in the beneficiary’s accounts, attributed either by direct measurement or on the basis of cost drivers, and excluding any cost which are ineligible or already included in other budget categories; the actual costs may be adjusted on the basis of budgeted or estimated elements, if they are relevant for calculating the costs, reasonable and correspond to objective and verifiable information
and
- according to usual cost accounting practices which are applied in a consistent manner, based on objective criteria, regardless of the source of funding.
‘Internally invoiced goods and services’ means goods or services which are provided within the
21
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
beneficiary’s organisation directly for the action and which the beneficiary values on the basis of its usual cost accounting practices.
Indirect costs
E. Indirect costs
Indirect costs will be reimbursed at the flat-rate of 7% of the eligible direct costs (categories A-D, except volunteers costs and exempted specific cost categories, if any).
Contributions
Not applicable
6.3 Ineligible costs and contributions
The following costs or contributions are ineligible:
(a) costs or contributions that do not comply with the conditions set out above (Article 6.1 and 6.2), in particular:
(i) costs related to return on capital and dividends paid by a beneficiary
(ii) debt and debt service charges
(iii) provisions for future losses or debts
(iv) interest owed
(v) currency exchange losses
(vi) bank costs charged by the beneficiary’s bank for transfers from the granting authority
(vii) excessive or reckless expenditure
(viii) deductible or refundable VAT (including VAT paid by public bodies acting as public authority)
(ix) costs incurred or contributions for activities implemented during grant agreement suspension (see Article 31)
(x) in-kind contributions by third parties
(b) costs or contributions declared under other EU grants (or grants awarded by an EU Member State, non-EU country or other body implementing the EU budget), except for the following cases:
(i) Synergy actions: not applicable
(ii) if the action grant is combined with an operating grant11 running during the same period
11 For the definition, see Article 180(2)(b) of EU Financial Regulation 2018/1046: ‘operating grant’ means an EU grant to finance “the functioning of a body which has an objective forming part of and supporting an EU policy”.
22
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
and the beneficiary can demonstrate that the operating grant does not cover any (direct or indirect) costs of the action grant
(c) costs or contributions for staff of a national (or regional/local) administration, for activities that are part of the administration’s normal activities (i.e. not undertaken only because of the grant)
(d) costs or contributions (especially travel and subsistence) for staff or representatives of EU institutions, bodies or agencies
(e) other :
(i) costs or contributions for activities that do not take place in one of the eligible countries or target countries set out in the call conditions — unless approved by the granting authority
(ii) costs or contributions declared specifically ineligible in the call conditions.
6.4 Consequences of non-compliance
If a beneficiary declares costs or contributions that are ineligible, they will be rejected (see Article 27).
This may also lead to other measures described in Chapter 5.
CHAPTER 4 GRANT IMPLEMENTATION
SECTION 1 CONSORTIUM: BENEFICIARIES, AFFILIATED ENTITIES AND OTHER PARTICIPANTS
ARTICLE 7 — BENEFICIARIES
The beneficiaries, as signatories of the Agreement, are fully responsible towards the granting authority for implementing it and for complying with all its obligations.
They must implement the Agreement to their best abilities, in good faith and in accordance with all the obligations and terms and conditions it sets out.
They must have the appropriate resources to implement the action and implement the action under their own responsibility and in accordance with Article 11. If they rely on affiliated entities or other participants (see Articles 8 and 9), they retain sole responsibility towards the granting authority and the other beneficiaries.
They are jointly responsible for the technical implementation of the action. If one of the beneficiaries fails to implement their part of the action, the other beneficiaries must ensure that this part is implemented by someone else (without being entitled to an increase of the maximum grant amount and subject to an amendment; see Article 39). The financial responsibility of each beneficiary in case of recoveries is governed by Article 22.
The beneficiaries (and their action) must remain eligible under the EU programme funding the grant for the entire duration of the action. Costs and contributions will be eligible only as long as the beneficiary and the action are eligible.
23
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
The internal roles and responsibilities of the beneficiaries are divided as follows:
(a) Each beneficiary must:
(i) keep information stored in the Portal Participant Register up to date (see Article 19)
(ii) inform the granting authority (and the other beneficiaries) immediately of any events or circumstances likely to affect significantly or delay the implementation of the action (see Article 19)
(iii) submit to the coordinator in good time:
- the prefinancing guarantees (if required; see Article 23)
- the financial statements and certificates on the financial statements (CFS) (if required; see Articles 21 and 24.2 and Data Sheet, Point 4.3)
- the contribution to the deliverables and technical reports (see Article 21)
- any other documents or information required by the granting authority under the Agreement
(iv) submit via the Portal data and information related to the participation of their affiliated entities.
(b) The coordinator must:
(i) monitor that the action is implemented properly (see Article 11)
(ii) act as the intermediary for all communications between the consortium and the granting authority, unless the Agreement or granting authority specifies otherwise, and in particular:
- submit the prefinancing guarantees to the granting authority (if any)
- request and review any documents or information required and verify their quality and completeness before passing them on to the granting authority
- submit the deliverables and reports to the granting authority
- inform the granting authority about the payments made to the other beneficiaries (report on the distribution of payments; if required, see Articles 22 and 32)
(iii) distribute the payments received from the granting authority to the other beneficiaries without unjustified delay (see Article 22).
The coordinator may not delegate or subcontract the above-mentioned tasks to any other beneficiary or third party (including affiliated entities).
However, coordinators which are public bodies may delegate the tasks set out in Point (b)(ii) last indent and (iii) above to entities with ‘authorisation to administer’ which they have created or which are controlled by or affiliated to them. In this case, the coordinator retains sole responsibility for the payments and for compliance with the obligations under the Agreement.
24
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Moreover, coordinators which are ‘sole beneficiaries’12 (or similar, such as European research infrastructure consortia (ERICs)) may delegate the tasks set out in Point (b)(i) to (iii) above to one of their members. The coordinator retains sole responsibility for compliance with the obligations under the Agreement.
The beneficiaries must have internal arrangements regarding their operation and co-ordination, to ensure that the action is implemented properly.
If required by the granting authority (see Data Sheet, Point 1), these arrangements must be set out in a written consortium agreement between the beneficiaries, covering for instance:
- the internal organisation of the consortium
- the management of access to the Portal
- different distribution keys for the payments and financial responsibilities in case of recoveries (if any)
- additional rules on rights and obligations related to background and results (see Article 16)
- settlement of internal disputes
- liability, indemnification and confidentiality arrangements between the beneficiaries.
The internal arrangements must not contain any provision contrary to this Agreement.
ARTICLE 8 — AFFILIATED ENTITIES
Not applicable
ARTICLE 9 — OTHER PARTICIPANTS INVOLVED IN THE ACTION
9.1 Associated partners
Not applicable
9.2 Third parties giving in-kind contributions to the action
Other third parties may give in-kind contributions to the action (i.e. personnel, equipment, other goods, works and services, etc. which are free-of-charge), if necessary for the implementation.
Third parties giving in-kind contributions do not implement any action tasks. They may not charge costs or contributions to the action and the costs for the in-kind contributions are not eligible.
The third parties and their in-kind contributions should be set out in Annex 1.
9.3 Subcontractors
12 For the definition, see Article 187(2) EU Financial Regulation 2018/1046: “Where several entities satisfy the criteria for being awarded a grant and together form one entity, that entity may be treated as the sole beneficiary, including where it is specifically established for the purpose of implementing the action financed by the grant.”
25
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Subcontractors may participate in the action, if necessary for the implementation.
Subcontractors must implement their action tasks in accordance with Article 11. The costs for the subcontracted tasks (invoiced price from the subcontractor) are eligible and may be charged by the beneficiaries, under the conditions set out in Article 6. The costs will be included in Annex 2 as part of the beneficiaries’ costs.
The beneficiaries must ensure that their contractual obligations under Articles 11 (proper implementation), 12 (conflict of interest), 13 (confidentiality and security), 14 (ethics), 17.2 (visibility), 18 (specific rules for carrying out action), 19 (information) and 20 (record-keeping) also apply to the subcontractors.
The beneficiaries must ensure that the bodies mentioned in Article 25 (e.g. granting authority, OLAF, Court of Auditors (ECA), etc.) can exercise their rights also towards the subcontractors.
9.4 Recipients of financial support to third parties
If the action includes providing financial support to third parties (e.g. grants, prizes or similar forms of support), the beneficiaries must ensure that their contractual obligations under Articles 12 (conflict of interest), 13 (confidentiality and security), 14 (ethics), 17.2 (visibility), 18 (specific rules for carrying out action), 19 (information) and 20 (record-keeping)also apply to the third parties receiving the support (recipients).
The beneficiaries must also ensure that the bodies mentioned in Article 25 (e.g. granting authority, OLAF, Court of Auditors (ECA), etc.) can exercise their rights also towards the recipients.
ARTICLE 10 — PARTICIPANTS WITH SPECIAL STATUS
10.1 Non-EU participants
Participants which are established in a non-EU country (if any) undertake to comply with their obligations under the Agreement and:
- to respect general principles (including fundamental rights, values and ethical principles, environmental and labour standards, rules on classified information, intellectual property rights, visibility of funding and protection of personal data)
- for the submission of certificates under Article 24: to use qualified external auditors which are independent and comply with comparable standards as those set out in EU Directive 2006/43/EC13
- for the controls under Article 25: to allow for checks, reviews, audits and investigations (including on-the-spot checks, visits and inspections) by the bodies mentioned in that Article (e.g. granting authority, OLAF, Court of Auditors (ECA), etc.).
Special rules on dispute settlement apply (see Data Sheet, Point 5).
10.2 Participants which are international organisations
13 Directive 2006/43/EC of the European Parliament and of the Council of 17 May 2006 on statutory audits of annual accounts and consolidated accounts or similar national regulations (OJ L 157, 9.6.2006, p. 87).
26
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Participants which are international organisations (IOs; if any) undertake to comply with their obligations under the Agreement and:
- to respect general principles (including fundamental rights, values and ethical principles, environmental and labour standards, rules on classified information, intellectual property rights, visibility of funding and protection of personal data)
- for the submission of certificates under Article 24: to use either independent public officers or external auditors which comply with comparable standards as those set out in EU Directive 2006/43/EC
- for the controls under Article 25: to allow for the checks, reviews, audits and investigations by the bodies mentioned in that Article, taking into account the specific agreements concluded by them and the EU (if any).
For such participants, nothing in the Agreement will be interpreted as a waiver of their privileges or immunities, as accorded by their constituent documents or international law.
Special rules on applicable law and dispute settlement apply (see Article 43 and Data Sheet, Point 5).
10.3 Pillar-assessed participants
Pillar-assessed participants (if any) may rely on their own systems, rules and procedures, in so far as they have been positively assessed and do not call into question the decision awarding the grant or breach the principle of equal treatment of applicants or beneficiaries.
‘Pillar-assessment’ means a review by the European Commission on the systems, rules and procedures which participants use for managing EU grants (in particular internal control system, accounting system, external audits, financing of third parties, rules on recovery and exclusion, information on recipients and protection of personal data; see Article 154 EU Financial Regulation 2018/1046).
Participants with a positive pillar assessment may rely on their own systems, rules and procedures, in particular for:
- record-keeping (Article 20): may be done in accordance with internal standards, rules and procedures
- currency conversion for financial statements (Article 21): may be done in accordance with usual accounting practices
- guarantees (Article 23): for public law bodies, prefinancing guarantees are not needed
- certificates (Article 24):
- certificates on the financial statements (CFS): may be provided by their regular internal or external auditors and in accordance with their internal financial regulations and procedures
- certificates on usual accounting practices (CoMUC): are not needed if those practices are covered by an ex-ante assessment
and use the following specific rules, for:
27
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
- recoveries (Article 22): in case of financial support to third parties, there will be no recovery if the participant has done everything possible to retrieve the undue amounts from the third party receiving the support (including legal proceedings) and non-recovery is not due to an error or negligence on its part
- checks, reviews, audits and investigations by the EU (Article 25): will be conducted taking into account the rules and procedures specifically agreed between them and the framework agreement (if any)
- impact evaluation (Article 26): will be conducted in accordance with the participant’s internal rules and procedures and the framework agreement (if any)
- grant agreement suspension (Article 31): certain costs incurred during grant suspension are eligible (notably, minimum costs necessary for a possible resumption of the action and costs relating to contracts which were entered into before the pre-information letter was received and which could not reasonably be suspended, reallocated or terminated on legal grounds)
- grant agreement termination (Article 32): the final grant amount and final payment will be calculated taking into account also costs relating to contracts due for execution only after termination takes effect, if the contract was entered into before the pre-information letter was received and could not reasonably be terminated on legal grounds
- liability for damages (Article 33.2): the granting authority must be compensated for damage it sustains as a result of the implementation of the action or because the action was not implemented in full compliance with the Agreement only if the damage is due to an infringement of the participant’s internal rules and procedures or due to a violation of third parties’ rights by the participant or one of its employees or individual for whom the employees are responsible.
Participants whose pillar assessment covers procurement and granting procedures may also do purchases, subcontracting and financial support to third parties (Article 6.2) in accordance with their internal rules and procedures for purchases, subcontracting and financial support.
Participants whose pillar assessment covers data protection rules may rely on their internal standards, rules and procedures for data protection (Article 15).
The participants may however not rely on provisions which would breach the principle of equal treatment of applicants or beneficiaries or call into question the decision awarding the grant, such as in particular:
- eligibility (Article 6)
- consortium roles and set-up (Articles 7-9)
- security and ethics (Articles 13, 14)
- IPR (including background and results, access rights and rights of use), communication, dissemination and visibility (Articles 16 and 17)
- information obligation (Article 19)
- payment, reporting and amendments (Articles 21, 22 and 39)
28
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
- rejections, reductions, suspensions and terminations (Articles 27, 28, 29-32)
If the pillar assessment was subject to remedial measures, reliance on the internal systems, rules and procedures is subject to compliance with those remedial measures.
Participants whose assessment has not yet been updated to cover (the new rules on) data protection may rely on their internal systems, rules and procedures, provided that they ensure that personal data is:
- processed lawfully, fairly and in a transparent manner in relation to the data subject
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
- accurate and, where necessary, kept up to date
- kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed and
- processed in a manner that ensures appropriate security of the personal data.
Participants must inform the coordinator without delay of any changes to the systems, rules and procedures that were part of the pillar assessment. The coordinator must immediately inform the granting authority.
Pillar-assessed participants that have also concluded a framework agreement with the EU, may moreover — under the same conditions as those above (i.e. not call into question the decision awarding the grant or breach the principle of equal treatment of applicants or beneficiaries) — rely on the provisions set out in that framework agreement.
SECTION 2 RULES FOR CARRYING OUT THE ACTION
ARTICLE 11 — PROPER IMPLEMENTATION OF THE ACTION
11.1 Obligation to properly implement the action
The beneficiaries must implement the action as described in Annex 1 and in compliance with the provisions of the Agreement, the call conditions and all legal obligations under applicable EU, international and national law.
11.2 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, the grant may be reduced (see Article 28).
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 12 — CONFLICT OF INTERESTS
29
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
12.1 Conflict of interests
The beneficiaries must take all measures to prevent any situation where the impartial and objective implementation of the Agreement could be compromised for reasons involving family, emotional life, political or national affinity, economic interest or any other direct or indirect interest (‘conflict of interests’).
They must formally notify the granting authority without delay of any situation constituting or likely to lead to a conflict of interests and immediately take all the necessary steps to rectify this situation.
The granting authority may verify that the measures taken are appropriate and may require additional measures to be taken by a specified deadline.
12.2 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, the grant may be reduced (see Article 28) and the grant or the beneficiary may be terminated (see Article 32).
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 13 — CONFIDENTIALITY AND SECURITY
13.1 Sensitive information
The parties must keep confidential any data, documents or other material (in any form) that is identified as sensitive in writing (‘sensitive information’) — during the implementation of the action and for at least until the time-limit set out in the Data Sheet (see Point 6).
If a beneficiary requests, the granting authority may agree to keep such information confidential for a longer period.
Unless otherwise agreed between the parties, they may use sensitive information only to implement the Agreement.
The beneficiaries may disclose sensitive information to their personnel or other participants involved in the action only if they:
(a) need to know it in order to implement the Agreement and
(b) are bound by an obligation of confidentiality.
The granting authority may disclose sensitive information to its staff and to other EU institutions and bodies.
It may moreover disclose sensitive information to third parties, if:
(a) this is necessary to implement the Agreement or safeguard the EU financial interests and
(b) the recipients of the information are bound by an obligation of confidentiality.
The confidentiality obligations no longer apply if:
(a) the disclosing party agrees to release the other party
30
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
(b) the information becomes publicly available, without breaching any confidentiality obligation
(c) the disclosure of the sensitive information is required by EU, international or national law.
Specific confidentiality rules (if any) are set out in Annex 5.
13.2 Classified information
The parties must handle classified information in accordance with the applicable EU, international or national law on classified information (in particular, Decision 2015/44414 and its implementing rules).
Deliverables which contain classified information must be submitted according to special procedures agreed with the granting authority.
Action tasks involving classified information may be subcontracted only after explicit approval (in writing) from the granting authority.
Classified information may not be disclosed to any third party (including participants involved in the action implementation) without prior explicit written approval from the granting authority.
Specific security rules (if any) are set out in Annex 5.
13.3 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, the grant may be reduced (see Article 28).
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 14 — ETHICS AND VALUES
14.1 Ethics
The action must be carried out in line with the highest ethical standards and the applicable EU, international and national law on ethical principles.
Specific ethics rules (if any) are set out in Annex 5.
14.2 Values
The beneficiaries must commit to and ensure the respect of basic EU values (such as respect for human dignity, freedom, democracy, equality, the rule of law and human rights, including the rights of minorities).
Specific rules on values (if any) are set out in Annex 5.
14.3 Consequences of non-compliance
14 Commission Decision 2015/444/EC, Euratom of 13 March 2015 on the security rules for protecting EU classified information (OJ L 72, 17.3.2015, p. 53).
31
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
If a beneficiary breaches any of its obligations under this Article, the grant may be reduced (see Article 28).
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 15 — DATA PROTECTION
15.1 Data processing by the granting authority
Any personal data under the Agreement will be processed under the responsibility of the data controller of the granting authority in accordance with and for the purposes set out in the Portal Privacy Statement.
For grants where the granting authority is the European Commission, an EU regulatory or executive agency, joint undertaking or other EU body, the processing will be subject to Regulation 2018/172515.
15.2 Data processing by the beneficiaries
The beneficiaries must process personal data under the Agreement in compliance with the applicable EU, international and national law on data protection (in particular, Regulation 2016/67916).
They must ensure that personal data is:
- processed lawfully, fairly and in a transparent manner in relation to the data subjects
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
- accurate and, where necessary, kept up to date
- kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed and
- processed in a manner that ensures appropriate security of the data.
The beneficiaries may grant their personnel access to personal data only if it is strictly necessary for implementing, managing and monitoring the Agreement. The beneficiaries must ensure that the personnel is under a confidentiality obligation.
The beneficiaries must inform the persons whose data are transferred to the granting authority and provide them with the Portal Privacy Statement.
15 Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).
16 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (‘GDPR’) (OJ L 119, 4.5.2016, p. 1).
32
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
15.3 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, the grant may be reduced (see Article 28).
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 16 — INTELLECTUAL PROPERTY RIGHTS (IPR) — BACKGROUND AND RESULTS —ACCESS RIGHTS AND RIGHTS OF USE
16.1 Background and access rights to background
The beneficiaries must give each other and the other participants access to the background identified as needed for implementing the action, subject to any specific rules in Annex 5.
‘Background’ means any data, know-how or information — whatever its form or nature (tangible or intangible), including any rights such as intellectual property rights — that is:
(a) held by the beneficiaries before they acceded to the Agreement and
(b) needed to implement the action or exploit the results.
If background is subject to rights of a third party, the beneficiary concerned must ensure that it is able to comply with its obligations under the Agreement.
16.2 Ownership of results
The granting authority does not obtain ownership of the results produced under the action.
‘Results’ means any tangible or intangible effect of the action, such as data, know-how or information, whatever its form or nature, whether or not it can be protected, as well as any rights attached to it, including intellectual property rights.
16.3 Rights of use of the granting authority on materials, documents and information received for policy, information, communication, dissemination and publicity purposes
The granting authority has the right to use non-sensitive information relating to the action and materials and documents received from the beneficiaries (notably summaries for publication, deliverables, as well as any other material, such as pictures or audio-visual material, in paper or electronic form) for policy, information, communication, dissemination and publicity purposes — during the action or afterwards.
The right to use the beneficiaries’ materials, documents and information is granted in the form of a royalty-free, non-exclusive and irrevocable licence, which includes the following rights:
(a) use for its own purposes (in particular, making them available to persons working for the granting authority or any other EU service (including institutions, bodies, offices, agencies, etc.) or EU Member State institution or body; copying or reproducing them in whole or in part, in unlimited numbers; and communication through press information services)
(b) distribution to the public (in particular, publication as hard copies and in electronic or digital format, publication on the internet, as a downloadable or non-downloadable file, broadcasting
33
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
by any channel, public display or presentation, communicating through press information services, or inclusion in widely accessible databases or indexes)
(c) editing or redrafting (including shortening, summarising, inserting other elements (e.g. meta-data, legends, other graphic, visual, audio or text elements), extracting parts (e.g. audio or video files), dividing into parts, use in a compilation)
(d) translation
(e) storage in paper, electronic or other form
(f) archiving, in line with applicable document-management rules
(g) the right to authorise third parties to act on its behalf or sub-license to third parties the modes of use set out in Points (b), (c), (d) and (f), if needed for the information, communication and publicity activity of the granting authority
(h) processing, analysing, aggregating the materials, documents and information received and producing derivative works.
The rights of use are granted for the whole duration of the industrial or intellectual property rights concerned.
If materials or documents are subject to moral rights or third party rights (including intellectual property rights or rights of natural persons on their image and voice), the beneficiaries must ensure that they comply with their obligations under this Agreement (in particular, by obtaining the necessary licences and authorisations from the rights holders concerned).
Where applicable, the granting authority will insert the following information:
“© – [year] – [name of the copyright owner]. All rights reserved. Licensed to the [name of granting authority] under conditions.”
16.4 Specific rules on IPR, results and background
Specific rules regarding intellectual property rights, results and background (if any) are set out in Annex 5.
16.5 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, the grant may be reduced (see Article 28).
Such a breach may also lead to other measures described in Chapter 5.
ARTICLE 17 — COMMUNICATION, DISSEMINATION AND VISIBILITY
17.1 Communication — Dissemination — Promoting the action
Unless otherwise agreed with the granting authority, the beneficiaries must promote the action and its results by providing targeted information to multiple audiences (including the media and the public), in accordance with Annex 1 and in a strategic, coherent and effective manner.
34
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Before engaging in a communication or dissemination activity expected to have a major media impact, the beneficiaries must inform the granting authority.
17.2 Visibility — European flag and funding statement
Unless otherwise agreed with the granting authority, communication activities of the beneficiaries related to the action (including media relations, conferences, seminars, information material, such as brochures, leaflets, posters, presentations, etc., in electronic form, via traditional or social media, etc.), dissemination activities and any infrastructure, equipment, vehicles, supplies or major result funded by the grant must acknowledge EU support and display the European flag (emblem) and funding statement (translated into local languages, where appropriate):
The emblem must remain distinct and separate and cannot be modified by adding other visual marks, brands or text.
Apart from the emblem, no other visual identity or logo may be used to highlight the EU support.
When displayed in association with other logos (e.g. of beneficiaries or sponsors), the emblem must be displayed at least as prominently and visibly as the other logos.
For the purposes of their obligations under this Article, the beneficiaries may use the emblem without first obtaining approval from the granting authority. This does not, however, give them the right to exclusive use. Moreover, they may not appropriate the emblem or any similar trademark or logo, either by registration or by any other means.
17.3 Quality of information — Disclaimer
Any communication or dissemination activity related to the action must use factually accurate information.
35
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Moreover, it must indicate the following disclaimer (translated into local languages where appropriate):
“Funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or [name of the granting authority]. Neither the European Union nor the granting authority can be held responsible for them.”
17.4 Specific communication, dissemination and visibility rules
Specific communication, dissemination and visibility rules (if any) are set out in Annex 5.
17.5 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, the grant may be reduced (see Article 28).
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 18 — SPECIFIC RULES FOR CARRYING OUT THE ACTION
18.1 Specific rules for carrying out the action
Specific rules for implementing the action (if any) are set out in Annex 5.
18.2 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, the grant may be reduced (see Article 28).
Such a breach may also lead to other measures described in Chapter 5.
SECTION 3 GRANT ADMINISTRATION
ARTICLE 19 — GENERAL INFORMATION OBLIGATIONS
19.1 Information requests
The beneficiaries must provide — during the action or afterwards and in accordance with Article 7 — any information requested in order to verify eligibility of the costs or contributions declared, proper implementation of the action and compliance with the other obligations under the Agreement.
The information provided must be accurate, precise and complete and in the format requested, including electronic format.
19.2 Participant Register data updates
The beneficiaries must keep — at all times, during the action or afterwards — their information stored in the Portal Participant Register up to date, in particular, their name, address, legal representatives, legal form and organisation type.
19.3 Information about events and circumstances which impact the action
36
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
The beneficiaries must immediately inform the granting authority (and the other beneficiaries) of any of the following:
(a) events which are likely to affect or delay the implementation of the action or affect the EU’s financial interests, in particular:
(i) changes in their legal, financial, technical, organisational or ownership situation (including changes linked to one of the exclusion grounds listed in the declaration of honour signed before grant signature)
(ii) linked action information: not applicable
(b) circumstances affecting:
(i) the decision to award the grant or
(ii) compliance with requirements under the Agreement.
19.4 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, the grant may be reduced (see Article 28).
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 20 — RECORD-KEEPING
20.1 Keeping records and supporting documents
The beneficiaries must — at least until the time-limit set out in the Data Sheet (see Point 6) — keep records and other supporting documents to prove the proper implementation of the action in line with the accepted standards in the respective field (if any).
In addition, the beneficiaries must — for the same period — keep the following to justify the amounts declared:
(a) for actual costs: adequate records and supporting documents to prove the costs declared (such as contracts, subcontracts, invoices and accounting records); in addition, the beneficiaries’ usual accounting and internal control procedures must enable direct reconciliation between the amounts declared, the amounts recorded in their accounts and the amounts stated in the supporting documents
(b) for flat-rate costs and contributions (if any): adequate records and supporting documents to prove the eligibility of the costs or contributions to which the flat-rate is applied
(c) for the following simplified costs and contributions: the beneficiaries do not need to keep specific records on the actual costs incurred, but must keep:
(i) for unit costs and contributions (if any): adequate records and supporting documents to prove the number of units declared
37
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
(ii) for lump sum costs and contributions (if any): adequate records and supporting documents to prove proper implementation of the work as described in Annex 1
(iii) for financing not linked to costs (if any): adequate records and supporting documents to prove the achievement of the results or the fulfilment of the conditions as described in Annex 1
(d) for unit, flat-rate and lump sum costs and contributions according to usual cost accounting practices (if any): the beneficiaries must keep any adequate records and supporting documents to prove that their cost accounting practices have been applied in a consistent manner, based on objective criteria, regardless of the source of funding, and that they comply with the eligibility conditions set out in Articles 6.1 and 6.2.
Moreover, the following is needed for specific budget categories:
(e) for personnel costs: time worked for the beneficiary under the action must be supported by declarations signed monthly by the person and their supervisor, unless another reliable time-record system is in place; the granting authority may accept alternative evidence supporting the time worked for the action declared, if it considers that it offers an adequate level of assurance
(f) additional record-keeping rules: not applicable
The records and supporting documents must be made available upon request (see Article 19) or in the context of checks, reviews, audits or investigations (see Article 25).
If there are on-going checks, reviews, audits, investigations, litigation or other pursuits of claims under the Agreement (including the extension of findings; see Article 25), the beneficiaries must keep these records and other supporting documentation until the end of these procedures.
The beneficiaries must keep the original documents. Digital and digitalised documents are considered originals if they are authorised by the applicable national law. The granting authority may accept non-original documents if they offer a comparable level of assurance.
20.2 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, costs or contributions insufficiently substantiated will be ineligible (see Article 6) and will be rejected (see Article 27), and the grant may be reduced (see Article 28).
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 21 — REPORTING
21.1 Continuous reporting
The beneficiaries must continuously report on the progress of the action (e.g. deliverables, milestones, outputs/outcomes, critical risks, indicators, etc; if any), in the Portal Continuous Reporting tool and in accordance with the timing and conditions it sets out (as agreed with the granting authority).
38
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Standardised deliverables (e.g. progress reports not linked to payments, reports on cumulative expenditure, special reports, etc; if any) must be submitted using the templates published on the Portal.
21.2 Periodic reporting: Technical reports and financial statements
In addition, the beneficiaries must provide reports to request payments, in accordance with the schedule and modalities set out in the Data Sheet (see Point 4.2):
- for additional prefinancings (if any): an additional prefinancing report
- for interim payments (if any) and the final payment: a periodic report.
The prefinancing and periodic reports include a technical and financial part.
The technical part includes an overview of the action implementation. It must be prepared using the template available in the Portal Periodic Reporting tool.
The financial part of the additional prefinancing report includes a statement on the use of the previous prefinancing payment.
The financial part of the periodic report includes:
- the financial statements (individual and consolidated; for all beneficiaries/affiliated entities)
- the explanation on the use of resources (or detailed cost reporting table, if required)
- the certificates on the financial statements (CFS) (if required; see Article 24.2 and Data Sheet, Point 4.3).
The financial statements must detail the eligible costs and contributions for each budget category and, for the final payment, also the revenues for the action (see Articles 6 and 22).
All eligible costs and contributions incurred should be declared, even if they exceed the amounts indicated in the estimated budget (see Annex 2). Amounts that are not declared in the individual financial statements will not be taken into account by the granting authority.
By signing the financial statements (directly in the Portal Periodic Reporting tool), the beneficiaries confirm that:
- the information provided is complete, reliable and true
- the costs and contributions declared are eligible (see Article 6)
- the costs and contributions can be substantiated by adequate records and supporting documents (see Article 20) that will be produced upon request (see Article 19) or in the context of checks, reviews, audits and investigations (see Article 25)
- for the final periodic report: all the revenues have been declared (if required; see Article 22).
Beneficiaries will have to submit also the financial statements of their affiliated entities (if any). In case of recoveries (see Article 22), beneficiaries will be held responsible also for the financial statements of their affiliated entities.
39
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
21.3 Currency for financial statements and conversion into euros
The financial statements must be drafted in euro.
Beneficiaries with general accounts established in a currency other than the euro must convert the costs recorded in their accounts into euro, at the average of the daily exchange rates published in the C series of the Official Journal of the European Union (ECB website), calculated over the corresponding reporting period.
If no daily euro exchange rate is published in the Official Journal for the currency in question, they must be converted at the average of the monthly accounting exchange rates published on the European Commission website (InforEuro), calculated over the corresponding reporting period.
Beneficiaries with general accounts in euro must convert costs incurred in another currency into euro according to their usual accounting practices.
21.4 Reporting language
The reporting must be in the language of the Agreement, unless otherwise agreed with the granting authority (see Data Sheet, Point 4.2).
21.5 Consequences of non-compliance
If a report submitted does not comply with this Article, the granting authority may suspend the payment deadline (see Article 29) and apply other measures described in Chapter 5.
If the coordinator breaches its reporting obligations, the granting authority may terminate the grant or the coordinator’s participation (see Article 32) or apply other measures described in Chapter 5.
ARTICLE 22 — PAYMENTS AND RECOVERIES — CALCULATION OF AMOUNTS DUE
22.1 Payments and payment arrangements
Payments will be made in accordance with the schedule and modalities set out in the Data Sheet (see Point 4.2).
They will be made in euro to the bank account indicated by the coordinator (see Data Sheet, Point 4.2) and must be distributed without unjustified delay (restrictions may apply to distribution of the initial prefinancing payment; see Data Sheet, Point 4.2).
Payments to this bank account will discharge the granting authority from its payment obligation.
The cost of payment transfers will be borne as follows:
- the granting authority bears the cost of transfers charged by its bank
- the beneficiary bears the cost of transfers charged by its bank
- the party causing a repetition of a transfer bears all costs of the repeated transfer.
40
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Payments by the granting authority will be considered to have been carried out on the date when they are debited to its account.
22.2 Recoveries
Recoveries will be made, if — at beneficiary termination, final payment or afterwards — it turns out that the granting authority has paid too much and needs to recover the amounts undue.
The general liability regime for recoveries (first-line liability) is as follows: At final payment, the coordinator will be fully liable for recoveries, even if it has not been the final recipient of the undue amounts. At beneficiary termination or after final payment, recoveries will be made directly against the beneficiaries concerned.
Beneficiaries will be fully liable for repaying the debts of their affiliated entities.
In case of enforced recoveries (see Article 22.4):
- the beneficiaries will be jointly and severally liable for repaying debts of another beneficiary under the Agreement (including late-payment interest), if required by the granting authority (see Data Sheet, Point 4.4)
- affiliated entities will be held liable for repaying debts of their beneficiaries under the Agreement (including late-payment interest), if required by the granting authority (see Data Sheet, Point 4.4).
22.3 Amounts due
22.3.1 Prefinancing payments
The aim of the prefinancing is to provide the beneficiaries with a float.
It remains the property of the EU until the final payment.
For initial prefinancings (if any), the amount due, schedule and modalities are set out in the Data Sheet (see Point 4.2).
For additional prefinancings (if any), the amount due, schedule and modalities are also set out in the Data Sheet (see Point 4.2). However, if the statement on the use of the previous prefinancing payment shows that less than 70% was used, the amount set out in the Data Sheet will be reduced by the difference between the 70% threshold and the amount used.
Prefinancing payments (or parts of them) may be offset (without the beneficiaries’ consent) against amounts owed by a beneficiary to the granting authority — up to the amount due to that beneficiary.
For grants where the granting authority is the European Commission or an EU executive agency, offsetting may also be done against amounts owed to other Commission services or executive agencies.
Payments will not be made if the payment deadline or payments are suspended (see Articles 29 and 30).
22.3.2 Amount due at beneficiary termination — Recovery
41
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
In case of beneficiary termination, the granting authority will determine the provisional amount due for the beneficiary concerned. Payments (if any) will be made with the next interim or final payment.
The amount due will be calculated in the following step:
Step 1 — Calculation of the total accepted EU contribution
Step 1 — Calculation of the total accepted EU contribution
The granting authority will first calculate the ‘accepted EU contribution’ for the beneficiary for all reporting periods, by calculating the ‘maximum EU contribution to costs’ (applying the funding rate to the accepted costs of the beneficiary), taking into account requests for a lower contribution to costs and CFS threshold cappings (if any; see Article 24.5) and adding the contributions (accepted unit, flat-rate or lump sum contributions and financing not linked to costs, if any).
After that, the granting authority will take into account grant reductions (if any). The resulting amount is the ‘total accepted EU contribution’ for the beneficiary.
The balance is then calculated by deducting the payments received (if any; see report on the distribution of payments in Article 32), from the total accepted EU contribution:
{total accepted EU contribution for the beneficiary
minus
{prefinancing and interim payments received (if any)}}.
If the balance is positive, the amount will be included in the next interim or final payment to the consortium.
If the balance is negative, it will be recovered in accordance with the following procedure:
The granting authority will send a pre-information letter to the beneficiary concerned:
- formally notifying the intention to recover, the amount due, the amount to be recovered and the reasons why and
- requesting observations within 30 days of receiving notification.
If no observations are submitted (or the granting authority decides to pursue recovery despite the observations it has received), it will confirm the amount to be recovered and ask this amount to be paid to the coordinator (confirmation letter).
The amounts will later on also be taken into account for the next interim or final payment.
22.3.3 Interim payments
Interim payments reimburse the eligible costs and contributions claimed for the implementation of the action during the reporting periods (if any).
Interim payments (if any) will be made in accordance with the schedule and modalities set out the Data Sheet (see Point 4.2).
42
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Payment is subject to the approval of the periodic report. Its approval does not imply recognition of compliance, authenticity, completeness or correctness of its content.
The interim payment will be calculated by the granting authority in the following steps:
Step 1 — Calculation of the total accepted EU contribution
Step 2 — Limit to the interim payment ceiling
Step 1 — Calculation of the total accepted EU contribution
The granting authority will calculate the ‘accepted EU contribution’ for the action for the reporting period, by first calculating the ‘maximum EU contribution to costs’ (applying the funding rate to the accepted costs of each beneficiary), taking into account requests for a lower contribution to costs, and CFS threshold cappings (if any; see Article 24.5) and adding the contributions (accepted unit, flat-rate or lump sum contributions and financing not linked to costs, if any).
After that, the granting authority will take into account grant reductions from beneficiary termination (if any). The resulting amount is the ‘total accepted EU contribution’.
Step 2 — Limit to the interim payment ceiling
The resulting amount is then capped to ensure that the total amount of prefinancing and interim payments (if any) does not exceed the interim payment ceiling set out in the Data Sheet (see Point 4.2).
Interim payments (or parts of them) may be offset (without the beneficiaries’ consent) against amounts owed by a beneficiary to the granting authority — up to the amount due to that beneficiary.
For grants where the granting authority is the European Commission or an EU executive agency, offsetting may also be done against amounts owed to other Commission services or executive agencies.
Payments will not be made if the payment deadline or payments are suspended (see Articles 29 and 30).
22.3.4 Final payment — Final grant amount — Revenues and Profit — Recovery
The final payment (payment of the balance) reimburses the remaining part of the eligible costs and contributions claimed for the implementation of the action (if any).
The final payment will be made in accordance with the schedule and modalities set out in the Data Sheet (see Point 4.2).
Payment is subject to the approval of the final periodic report. Its approval does not imply recognition of compliance, authenticity, completeness or correctness of its content.
The final grant amount for the action will be calculated in the following steps:
Step 1 — Calculation of the total accepted EU contribution
Step 2 — Limit to the maximum grant amount
Step 3 — Reduction due to the no-profit rule
43
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Step 1 — Calculation of the total accepted EU contribution
The granting authority will first calculate the ‘accepted EU contribution’ for the action for all reporting periods, by calculating the ‘maximum EU contribution to costs’ (applying the funding rate to the total accepted costs of each beneficiary), taking into account requests for a lower contribution to costs, CFS threshold cappings (if any; see Article 24.5) and adding the contributions (accepted unit, flat-rate or lump sum contributions and financing not linked to costs, if any).
After that, the granting authority will take into account grant reductions (if any). The resulting amount is the ‘total accepted EU contribution’.
Step 2 — Limit to the maximum grant amount
If the resulting amount is higher than the maximum grant amount set out in Article 5.2, it will be limited to the latter.
Step 3 — Reduction due to the no-profit rule
If the no-profit rule is provided for in the Data Sheet (see Point 4.2), the grant must not produce a profit (i.e. surplus of the amount obtained following Step 2 plus the action’s revenues, over the eligible costs and contributions approved by the granting authority).
‘Revenue’ is all income generated by the action, during its duration (see Article 4), for beneficiaries that are profit legal entities.
If there is a profit, it will be deducted in proportion to the final rate of reimbursement of the eligible costs approved by the granting authority (as compared to the amount calculated following Steps 1 and 2 minus the contributions).
The balance (final payment) is then calculated by deducting the total amount of prefinancing and interim payments already made (if any), from the final grant amount:
{final grant amount
minus
{prefinancing and interim payments made (if any)}}.
If the balance is positive, it will be paid to the coordinator.
The final payment (or part of it) may be offset (without the beneficiaries’ consent) against amounts owed by a beneficiary to the granting authority — up to the amount due to that beneficiary.
For grants where the granting authority is the European Commission or an EU executive agency, offsetting may also be done against amounts owed to other Commission services or executive agencies.
Payments will not be made if the payment deadline or payments are suspended (see Articles 29 and 30).
If the balance is negative, it will be recovered in accordance with the following procedure:
The granting authority will send a pre-information letter to the coordinator:
44
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
- formally notifying the intention to recover, the final grant amount, the amount to be recovered and the reasons why
- requesting observations within 30 days of receiving notification.
If no observations are submitted (or the granting authority decides to pursue recovery despite the observations it has received), it will confirm the amount to be recovered (confirmation letter), together with a debit note with the terms and date for payment.
If payment is not made by the date specified in the debit note, the granting authority will enforce recovery in accordance with Article 22.4.
22.3.5 Audit implementation after final payment — Revised final grant amount — Recovery
If — after the final payment (in particular, after checks, reviews, audits or investigations; see Article 25) — the granting authority rejects costs or contributions (see Article 27) or reduces the grant (see Article 28), it will calculate the revised final grant amount for the beneficiary concerned.
The beneficiary revised final grant amount will be calculated in the following step:
Step 1 — Calculation of the revised total accepted EU contribution
Step 1 — Calculation of the revised total accepted EU contribution
The granting authority will first calculate the ‘revised accepted EU contribution’ for the beneficiary, by calculating the ‘revised accepted costs’ and ‘revised accepted contributions’.
After that, it will take into account grant reductions (if any). The resulting ‘revised total accepted EU contribution’ is the beneficiary revised final grant amount.
If the revised final grant amount is lower than the beneficiary’s final grant amount (i.e. its share in the final grant amount for the action), it will be recovered in accordance with the following procedure:
The beneficiary final grant amount (i.e. share in the final grant amount for the action) is calculated as follows:
{{total accepted EU contribution for the beneficiary
divided by
total accepted EU contribution for the action}
multiplied by
final grant amount for the action}.
The granting authority will send a pre-information letter to the beneficiary concerned:
- formally notifying the intention to recover, the amount to be recovered and the reasons why and
- requesting observations within 30 days of receiving notification.
If no observations are submitted (or the granting authority decides to pursue recovery despite the observations it has received), it will confirm the amount to be recovered (confirmation letter), together with a debit note with the terms and the date for payment.
45
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Recoveries against affiliated entities (if any) will be handled through their beneficiaries.
If payment is not made by the date specified in the debit note, the granting authority will enforce recovery in accordance with Article 22.4.
22.4 Enforced recovery
If payment is not made by the date specified in the debit note, the amount due will be recovered:
(a) by offsetting the amount — without the coordinator or beneficiary’s consent — against any amounts owed to the coordinator or beneficiary by the granting authority.
In exceptional circumstances, to safeguard the EU financial interests, the amount may be offset before the payment date specified in the debit note.
For grants where the granting authority is the European Commission or an EU executive agency, debts may also be offset against amounts owed by other Commission services or executive agencies.
(b) by drawing on the financial guarantee(s) (if any)
(c) by holding other beneficiaries jointly and severally liable (if any; see Data Sheet, Point 4.4)
(d) by holding affiliated entities jointly and severally liable (if any, see Data Sheet, Point 4.4)
(e) by taking legal action (see Article 43) or, provided that the granting authority is the European Commission or an EU executive agency, by adopting an enforceable decision under Article 299 of the Treaty on the Functioning of the EU (TFEU) and Article 100(2) of EU Financial Regulation 2018/1046.
The amount to be recovered will be increased by late-payment interest at the rate set out in Article 22.5, from the day following the payment date in the debit note, up to and including the date the full payment is received.
Partial payments will be first credited against expenses, charges and late-payment interest and then against the principal.
Bank charges incurred in the recovery process will be borne by the beneficiary, unless Directive 2015/236617 applies.
For grants where the granting authority is an EU executive agency, enforced recovery by offsetting or enforceable decision will be done by the services of the European Commission (see also Article 43).
22.5 Consequences of non-compliance
22.5.1 If the granting authority does not pay within the payment deadlines (see above), the beneficiaries are entitled to late-payment interest at the rate applied by the European Central Bank (ECB) for its main refinancing operations in euros (‘reference rate’), plus the rate specified in the
17 Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, p. 35).
46
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Data Sheet (Point 4.2). The reference rate is the rate in force on the first day of the month in which the payment deadline expires, as published in the C series of the Official Journal of the European Union.
If the late-payment interest is lower than or equal to EUR 200, it will be paid to the coordinator only on request submitted within two months of receiving the late payment.
Late-payment interest is not due if all beneficiaries are EU Member States (including regional and local government authorities or other public bodies acting on behalf of a Member State for the purpose of this Agreement).
If payments or the payment deadline are suspended (see Articles 29 and 30), payment will not be considered as late.
Late-payment interest covers the period running from the day following the due date for payment (see above), up to and including the date of payment.
Late-payment interest is not considered for the purposes of calculating the final grant amount.
22.5.2 If the coordinator breaches any of its obligations under this Article, the grant may be reduced (see Article 29) and the grant or the coordinator may be terminated (see Article 32).
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 23 — GUARANTEES
23.1 Prefinancing guarantee
If required by the granting authority (see Data Sheet, Point 4.2), the beneficiaries must provide (one or more) prefinancing guarantee(s) in accordance with the timing and the amounts set out in the Data Sheet.
The coordinator must submit them to the granting authority in due time before the prefinancing they are linked to.
The guarantees must be drawn up using the template published on the Portal and fulfil the following conditions:
(a) be provided by a bank or approved financial institution established in the EU or — if requested by the coordinator and accepted by the granting authority — by a third party or a bank or financial institution established outside the EU offering equivalent security
(b) the guarantor stands as first-call guarantor and does not require the granting authority to first have recourse against the principal debtor (i.e. the beneficiary concerned) and
(c) remain explicitly in force until the final payment and, if the final payment takes the form of a recovery, until five months after the debit note is notified to a beneficiary.
They will be released within the following month.
23.2 Consequences of non-compliance
47
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
If the beneficiaries breach their obligation to provide the prefinancing guarantee, the prefinancing will not be paid.
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 24 — CERTIFICATES
24.1 Operational verification report (OVR)
Not applicable
24.2 Certificate on the financial statements (CFS)
If required by the granting authority (see Data Sheet, Point 4.3), the beneficiaries must provide certificates on their financial statements (CFS), in accordance with the schedule, threshold and conditions set out in the Data Sheet.
The coordinator must submit them as part of the periodic report (see Article 21).
The certificates must be drawn up using the template published on the Portal, cover the costs declared on the basis of actual costs and costs according to usual cost accounting practices (if any), and fulfil the following conditions:
(a) be provided by a qualified approved external auditor which is independent and complies with Directive 2006/43/EC18 (or for public bodies: by a competent independent public officer)
(b) the verification must be carried out according to the highest professional standards to ensure that the financial statements comply with the provisions under the Agreement and that the costs declared are eligible.
The certificates will not affect the granting authority's right to carry out its own checks, reviews or audits, nor preclude the European Court of Auditors (ECA), the European Public Prosecutor’s Office (EPPO) or the European Anti-Fraud Office (OLAF) from using their prerogatives for audits and investigations under the Agreement (see Article 25).
If the costs (or a part of them) were already audited by the granting authority, these costs do not need to be covered by the certificate and will not be counted for calculating the threshold (if any).
24.3 Certificate on the compliance of usual cost accounting practices (CoMUC)
Beneficiaries which use unit, flat rate or lump sum costs or contributions according to usual costs accounting practices (if any) may submit to the granting authority, for approval, a certificate on the methodology stating that their usual cost accounting practices comply with the eligibility conditions under the Agreement.
The certificate must be drawn up using the template published on the Portal and fulfil the following conditions:
18 Directive 2006/43/EC of the European Parliament and of the Council of 17 May 2006 on statutory audits of annual accounts and consolidated accounts or similar national regulations (OJ L 157, 9.6.2006, p. 87).
48
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
(a) be provided by a qualified approved external auditor which is independent and complies with Directive 2006/43/EC19 (or for public bodies: by a competent independent public officer)
(b) the verification must be carried out according to the highest professional standards to ensure that the methodology for declaring costs according to usual accounting practices complies with the provisions under the Agreement.
If the certificate is approved, amounts declared in line with this methodology will not be challenged subsequently, unless the beneficiary concealed information for the purpose of the approval.
24.4 Systems and process audit (SPA)
Not applicable
24.5 Consequences of non-compliance
If a beneficiary does not submit a certificate on the financial statements (CFS) or the certificate is rejected, the accepted EU contribution to costs will be capped to reflect the CFS threshold.
If a beneficiary breaches any of its other obligations under this Article, the granting authority may apply the measures described in Chapter 5.
ARTICLE 25 — CHECKS, REVIEWS, AUDITS AND INVESTIGATIONS — EXTENSION OF FINDINGS
25.1 Granting authority checks, reviews and audits
25.1.1 Internal checks
The granting authority may — during the action or afterwards — check the proper implementation of the action and compliance with the obligations under the Agreement, including assessing costs and contributions, deliverables and reports.
25.1.2 Project reviews
The granting authority may carry out reviews on the proper implementation of the action and compliance with the obligations under the Agreement (general project reviews or specific issues reviews).
Such project reviews may be started during the implementation of the action and until the time-limit set out in the Data Sheet (see Point 6). They will be formally notified to the coordinator or beneficiary concerned and will be considered to start on the date of the notification.
If needed, the granting authority may be assisted by independent, outside experts. If it uses outside experts, the coordinator or beneficiary concerned will be informed and have the right to object on grounds of commercial confidentiality or conflict of interest.
The coordinator or beneficiary concerned must cooperate diligently and provide — within the deadline requested — any information and data in addition to deliverables and reports already submitted
19 Directive 2006/43/EC of the European Parliament and of the Council of 17 May 2006 on statutory audits of annual accounts and consolidated accounts or similar national regulations (OJ L 157, 9.6.2006, p. 87).
49
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
(including information on the use of resources). The granting authority may request beneficiaries to provide such information to it directly. Sensitive information and documents will be treated in accordance with Article 13.
The coordinator or beneficiary concerned may be requested to participate in meetings, including with the outside experts.
For on-the-spot visits, the beneficiary concerned must allow access to sites and premises (including to the outside experts) and must ensure that information requested is readily available.
Information provided must be accurate, precise and complete and in the format requested, including electronic format.
On the basis of the review findings, a project review report will be drawn up.
The granting authority will formally notify the project review report to the coordinator or beneficiary concerned, which has 30 days from receiving notification to make observations.
Project reviews (including project review reports) will be in the language of the Agreement.
25.1.3 Audits
The granting authority may carry out audits on the proper implementation of the action and compliance with the obligations under the Agreement.
Such audits may be started during the implementation of the action and until the time-limit set out in the Data Sheet (see Point 6). They will be formally notified to the beneficiary concerned and will be considered to start on the date of the notification.
The granting authority may use its own audit service, delegate audits to a centralised service or use external audit firms. If it uses an external firm, the beneficiary concerned will be informed and have the right to object on grounds of commercial confidentiality or conflict of interest.
The beneficiary concerned must cooperate diligently and provide — within the deadline requested — any information (including complete accounts, individual salary statements or other personal data) to verify compliance with the Agreement. Sensitive information and documents will be treated in accordance with Article 13.
For on-the-spot visits, the beneficiary concerned must allow access to sites and premises (including for the external audit firm) and must ensure that information requested is readily available.
Information provided must be accurate, precise and complete and in the format requested, including electronic format.
On the basis of the audit findings, a draft audit report will be drawn up.
The auditors will formally notify the draft audit report to the beneficiary concerned, which has 30 days from receiving notification to make observations (contradictory audit procedure).
The final audit report will take into account observations by the beneficiary concerned and will be formally notified to them.
Audits (including audit reports) will be in the language of the Agreement.
50
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
25.2 European Commission checks, reviews and audits in grants of other granting authorities
Where the granting authority is not the European Commission, the latter has the same rights of checks, reviews and audits as the granting authority.
25.3 Access to records for assessing simplified forms of funding
The beneficiaries must give the European Commission access to their statutory records for the periodic assessment of simplified forms of funding which are used in EU programmes.
25.4 OLAF, EPPO and ECA audits and investigations
The following bodies may also carry out checks, reviews, audits and investigations — during the action or afterwards:
- the European Anti-Fraud Office (OLAF) under Regulations No 883/201320 and No 2185/9621
- the European Public Prosecutor’s Office (EPPO) under Regulation 2017/1939
- the European Court of Auditors (ECA) under Article 287 of the Treaty on the Functioning of the EU (TFEU) and Article 257 of EU Financial Regulation 2018/1046.
If requested by these bodies, the beneficiary concerned must provide full, accurate and complete information in the format requested (including complete accounts, individual salary statements or other personal data, including in electronic format) and allow access to sites and premises for on-the-spot visits or inspections — as provided for under these Regulations.
To this end, the beneficiary concerned must keep all relevant information relating to the action, at least until the time-limit set out in the Data Sheet (Point 6) and, in any case, until any ongoing checks, reviews, audits, investigations, litigation or other pursuits of claims have been concluded.
25.5 Consequences of checks, reviews, audits and investigations — Extension of results of reviews, audits or investigations
25.5.1 Consequences of checks, reviews, audits and investigations in this grant
Findings in checks, reviews, audits or investigations carried out in the context of this grant may lead to rejections (see Article 27), grant reduction (see Article 28) or other measures described in Chapter 5.
Rejections or grant reductions after the final payment will lead to a revised final grant amount (see Article 22).
Findings in checks, reviews, audits or investigations during the action implementation may lead to a request for amendment (see Article 39), to change the description of the action set out in Annex 1.
20 Regulation (EU, Euratom) No 883/2013 of the European Parliament and of the Council of 11 September 2013 concerning investigations conducted by the European Anti-Fraud Office (OLAF) and repealing Regulation (EC) No 1073/1999 of the European Parliament and of the Council and Council Regulation (Euratom) No 1074/1999 (OJ L 248, 18/09/2013, p. 1).
21 Council Regulation (Euratom, EC) No 2185/1996 of 11 November 1996 concerning on-the-spot checks and inspections carried out by the Commission in order to protect the European Communities' financial interests against fraud and other irregularities (OJ L 292, 15/11/1996, p. 2).
51
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Checks, reviews, audits or investigations that find systemic or recurrent errors, irregularities, fraud or breach of obligations in any EU grant may also lead to consequences in other EU grants awarded under similar conditions (‘extension to other grants’).
Moreover, findings arising from an OLAF or EPPO investigation may lead to criminal prosecution under national law.
25.5.2 Extension from other grants
Results of checks, reviews, audits or investigations in other grants may be extended to this grant, if:
(a) the beneficiary concerned is found, in other EU grants awarded under similar conditions, to have committed systemic or recurrent errors, irregularities, fraud or breach of obligations that have a material impact on this grant and
(b) those findings are formally notified to the beneficiary concerned — together with the list of grants affected by the findings — within the time-limit for audits set out in the Data Sheet (see Point 6).
The granting authority will formally notify the beneficiary concerned of the intention to extend the findings and the list of grants affected.
If the extension concerns rejections of costs or contributions: the notification will include:
(a) an invitation to submit observations on the list of grants affected by the findings
(b) the request to submit revised financial statements for all grants affected
(c) the correction rate for extrapolation, established on the basis of the systemic or recurrent errors, to calculate the amounts to be rejected, if the beneficiary concerned:
(i) considers that the submission of revised financial statements is not possible or practicable or
(ii) does not submit revised financial statements.
If the extension concerns grant reductions: the notification will include:
(a) an invitation to submit observations on the list of grants affected by the findings and
(b) the correction rate for extrapolation, established on the basis of the systemic or recurrent errors and the principle of proportionality.
The beneficiary concerned has 60 days from receiving notification to submit observations, revised financial statements or to propose a duly substantiated alternative correction method/rate.
On the basis of this, the granting authority will analyse the impact and decide on the implementation (i.e. start rejection or grant reduction procedures, either on the basis of the revised financial statements or the announced/alternative method/rate or a mix of those; see Articles 27 and 28).
25.6 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, costs or contributions insufficiently
52
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
substantiated will be ineligible (see Article 6) and will be rejected (see Article 27), and the grant may be reduced (see Article 28).
Such breaches may also lead to other measures described in Chapter 5.
ARTICLE 26 — IMPACT EVALUATIONS
26.1 Impact evaluation
The granting authority may carry out impact evaluations of the action, measured against the objectives and indicators of the EU programme funding the grant.
Such evaluations may be started during implementation of the action and until the time-limit set out in the Data Sheet (see Point 6). They will be formally notified to the coordinator or beneficiaries and will be considered to start on the date of the notification.
If needed, the granting authority may be assisted by independent outside experts.
The coordinator or beneficiaries must provide any information relevant to evaluate the impact of the action, including information in electronic format.
26.2 Consequences of non-compliance
If a beneficiary breaches any of its obligations under this Article, the granting authority may apply the measures described in Chapter 5.
CHAPTER 5 CONSEQUENCES OF NON-COMPLIANCE
SECTION 1 REJECTIONS AND GRANT REDUCTION
ARTICLE 27 — REJECTION OF COSTS AND CONTRIBUTIONS
27.1 Conditions
The granting authority will — at beneficiary termination, interim payment, final payment or afterwards — reject any costs or contributions which are ineligible (see Article 6), in particular following checks, reviews, audits or investigations (see Article 25).
The rejection may also be based on the extension of findings from other grants to this grant (see Article 25).
Ineligible costs or contributions will be rejected.
27.2 Procedure
If the rejection does not lead to a recovery, the granting authority will formally notify the coordinator or beneficiary concerned of the rejection, the amounts and the reasons why. The coordinator or beneficiary concerned may — within 30 days of receiving notification — submit observations if it disagrees with the rejection (payment review procedure).
53
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
If the rejection leads to a recovery, the granting authority will follow the contradictory procedure with pre-information letter set out in Article 22.
27.3 Effects
If the granting authority rejects costs or contributions, it will deduct them from the costs or contributions declared and then calculate the amount due (and, if needed, make a recovery; see Article 22).
ARTICLE 28 — GRANT REDUCTION
28.1 Conditions
The granting authority may — at beneficiary termination, final payment or afterwards — reduce the grant for a beneficiary, if:
(a) the beneficiary (or a person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) has committed:
(i) substantial errors, irregularities or fraud or
(ii) serious breach of obligations under this Agreement or during its award (including improper implementation of the action, non-compliance with the call conditions, submission of false information, failure to provide required information, breach of ethics or security rules (if applicable), etc.), or
(b) the beneficiary (or a person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) has committed — in other EU grants awarded to it under similar conditions — systemic or recurrent errors, irregularities, fraud or serious breach of obligations that have a material impact on this grant (see Article 25).
The amount of the reduction will be calculated for each beneficiary concerned and proportionate to the seriousness and the duration of the errors, irregularities or fraud or breach of obligations, by applying an individual reduction rate to their accepted EU contribution.
28.2 Procedure
If the grant reduction does not lead to a recovery, the granting authority will formally notify the coordinator or beneficiary concerned of the reduction, the amount to be reduced and the reasons why. The coordinator or beneficiary concerned may — within 30 days of receiving notification — submit observations if it disagrees with the reduction (payment review procedure).
If the grant reduction leads to a recovery, the granting authority will follow the contradictory procedure with pre-information letter set out in Article 22.
28.3 Effects
If the granting authority reduces the grant, it will deduct the reduction and then calculate the amount due (and, if needed, make a recovery; see Article 22).
SECTION 2 SUSPENSION AND TERMINATION
54
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
ARTICLE 29 — PAYMENT DEADLINE SUSPENSION
29.1 Conditions
The granting authority may — at any moment — suspend the payment deadline if a payment cannot be processed because:
(a) the required report (see Article 21) has not been submitted or is not complete or additional information is needed
(b) there are doubts about the amount to be paid (e.g. ongoing audit extension procedure, queries about eligibility, need for a grant reduction, etc.) and additional checks, reviews, audits or investigations are necessary, or
(c) there are other issues affecting the EU financial interests.
29.2 Procedure
The granting authority will formally notify the coordinator of the suspension and the reasons why.
The suspension will take effect the day the notification is sent.
If the conditions for suspending the payment deadline are no longer met, the suspension will be lifted — and the remaining time to pay (see Data Sheet, Point 4.2) will resume.
If the suspension exceeds two months, the coordinator may request the granting authority to confirm if the suspension will continue.
If the payment deadline has been suspended due to the non-compliance of the report and the revised report is not submitted (or was submitted but is also rejected), the granting authority may also terminate the grant or the participation of the coordinator (see Article 32).
ARTICLE 30 — PAYMENT SUSPENSION
30.1 Conditions
The granting authority may — at any moment — suspend payments, in whole or in part for one or more beneficiaries, if:
(a) a beneficiary (or a person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) has committed or is suspected of having committed:
(i) substantial errors, irregularities or fraud or
(ii) serious breach of obligations under this Agreement or during its award (including improper implementation of the action, non-compliance with the call conditions, submission of false information, failure to provide required information, breach of ethics or security rules (if applicable), etc.), or
(b) a beneficiary (or a person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) has committed — in other EU grants
55
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
awarded to it under similar conditions — systemic or recurrent errors, irregularities, fraud or serious breach of obligations that have a material impact on this grant.
If payments are suspended for one or more beneficiaries, the granting authority will make partial payment(s) for the part(s) not suspended. If suspension concerns the final payment, the payment (or recovery) of the remaining amount after suspension is lifted will be considered to be the payment that closes the action.
30.2 Procedure
Before suspending payments, the granting authority will send a pre-information letter to the beneficiary concerned:
- formally notifying the intention to suspend payments and the reasons why and
- requesting observations within 30 days of receiving notification.
If the granting authority does not receive observations or decides to pursue the procedure despite the observations it has received, it will confirm the suspension (confirmation letter). Otherwise, it will formally notify that the procedure is discontinued.
At the end of the suspension procedure, the granting authority will also inform the coordinator.
The suspension will take effect the day after the confirmation notification is sent.
If the conditions for resuming payments are met, the suspension will be lifted. The granting authority will formally notify the beneficiary concerned (and the coordinator) and set the suspension end date.
During the suspension, no prefinancing will be paid to the beneficiaries concerned. For interim payments, the periodic reports for all reporting periods except the last one (see Article 21) must not contain any financial statements from the beneficiary concerned (or its affiliated entities). The coordinator must include them in the next periodic report after the suspension is lifted or — if suspension is not lifted before the end of the action — in the last periodic report.
ARTICLE 31 — GRANT AGREEMENT SUSPENSION
31.1 Consortium-requested GA suspension
31.1.1 Conditions and procedure
The beneficiaries may request the suspension of the grant or any part of it, if exceptional circumstances — in particular force majeure (see Article 35) — make implementation impossible or excessively difficult.
The coordinator must submit a request for amendment (see Article 39), with:
- the reasons why
- the date the suspension takes effect; this date may be before the date of the submission of the amendment request and
- the expected date of resumption.
56
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
The suspension will take effect on the day specified in the amendment.
Once circumstances allow for implementation to resume, the coordinator must immediately request another amendment of the Agreement to set the suspension end date, the resumption date (one day after suspension end date), extend the duration and make other changes necessary to adapt the action to the new situation (see Article 39) — unless the grant has been terminated (see Article 32). The suspension will be lifted with effect from the suspension end date set out in the amendment. This date may be before the date of the submission of the amendment request.
During the suspension, no prefinancing will be paid. Costs incurred or contributions for activities implemented during grant suspension are not eligible (see Article 6.3).
31.2 EU-initiated GA suspension
31.2.1 Conditions
The granting authority may suspend the grant or any part of it, if:
(a) a beneficiary (or a person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) has committed or is suspected of having committed:
(i) substantial errors, irregularities or fraud or
(ii) serious breach of obligations under this Agreement or during its award (including improper implementation of the action, non-compliance with the call conditions, submission of false information, failure to provide required information, breach of ethics or security rules (if applicable), etc.), or
(b) a beneficiary (or a person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) has committed — in other EU grants awarded to it under similar conditions — systemic or recurrent errors, irregularities, fraud or serious breach of obligations that have a material impact on this grant
(c) other:
(i) linked action issues: not applicable
(ii) additional GA suspension grounds: not applicable.
31.2.2 Procedure
Before suspending the grant, the granting authority will send a pre-information letter to the coordinator:
- formally notifying the intention to suspend the grant and the reasons why and
- requesting observations within 30 days of receiving notification.
If the granting authority does not receive observations or decides to pursue the procedure despite the observations it has received, it will confirm the suspension (confirmation letter). Otherwise, it will formally notify that the procedure is discontinued.
57
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
The suspension will take effect the day after the confirmation notification is sent (or on a later date specified in the notification).
Once the conditions for resuming implementation of the action are met, the granting authority will formally notify the coordinator a lifting of suspension letter, in which it will set the suspension end date and invite the coordinator to request an amendment of the Agreement to set the resumption date (one day after suspension end date), extend the duration and make other changes necessary to adapt the action to the new situation (see Article 39) — unless the grant has been terminated (see Article 32). The suspension will be lifted with effect from the suspension end date set out in the lifting of suspension letter. This date may be before the date on which the letter is sent.
During the suspension, no prefinancing will be paid. Costs incurred or contributions for activities implemented during suspension are not eligible (see Article 6.3).
The beneficiaries may not claim damages due to suspension by the granting authority (see Article 33).
Grant suspension does not affect the granting authority’s right to terminate the grant or a beneficiary (see Article 32) or reduce the grant (see Article 28).
ARTICLE 32 — GRANT AGREEMENT OR BENEFICIARY TERMINATION
32.1 Consortium-requested GA termination
32.1.1 Conditions and procedure
The beneficiaries may request the termination of the grant.
The coordinator must submit a request for amendment (see Article 39), with:
- the reasons why
- the date the consortium ends work on the action (‘end of work date’) and
- the date the termination takes effect (‘termination date’); this date must be after the date of the submission of the amendment request.
The termination will take effect on the termination date specified in the amendment.
If no reasons are given or if the granting authority considers the reasons do not justify termination, it may consider the grant terminated improperly.
32.1.2 Effects
The coordinator must — within 60 days from when termination takes effect — submit a periodic report (for the open reporting period until termination).
The granting authority will calculate the final grant amount and final payment on the basis of the report submitted and taking into account the costs incurred and contributions for activities implemented before the end of work date (see Article 22). Costs relating to contracts due for execution only after the end of work are not eligible.
If the granting authority does not receive the report within the deadline, only costs and contributions
58
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
which are included in an approved periodic report will be taken into account (no costs/contributions if no periodic report was ever approved).
Improper termination may lead to a grant reduction (see Article 28).
After termination, the beneficiaries’ obligations (in particular Articles 13 (confidentiality and security), 16 (IPR), 17 (communication, dissemination and visibility), 21 (reporting), 25 (checks, reviews, audits and investigations), 26 (impact evaluation), 27 (rejections), 28 (grant reduction) and 42 (assignment of claims)) continue to apply.
32.2 Consortium-requested beneficiary termination
32.2.1 Conditions and procedure
The coordinator may request the termination of the participation of one or more beneficiaries, on request of the beneficiary concerned or on behalf of the other beneficiaries.
The coordinator must submit a request for amendment (see Article 39), with:
- the reasons why
- the opinion of the beneficiary concerned (or proof that this opinion has been requested in writing)
- the date the beneficiary ends work on the action (‘end of work date’)
- the date the termination takes effect (‘termination date’); this date must be after the date of the submission of the amendment request.
If the termination concerns the coordinator and is done without its agreement, the amendment request must be submitted by another beneficiary (acting on behalf of the consortium).
The termination will take effect on the termination date specified in the amendment.
If no information is given or if the granting authority considers that the reasons do not justify termination, it may consider the beneficiary to have been terminated improperly.
32.2.2 Effects
The coordinator must — within 60 days from when termination takes effect — submit:
(i) a report on the distribution of payments to the beneficiary concerned
(ii) a termination report from the beneficiary concerned, for the open reporting period until termination, containing an overview of the progress of the work, the financial statement, the explanation on the use of resources, and, if applicable, the certificate on the financial statement (CFS; see Articles 21 and 24.2 and Data Sheet, Point 4.3)
(iii) a second request for amendment (see Article 39) with other amendments needed (e.g. reallocation of the tasks and the estimated budget of the terminated beneficiary; addition of a new beneficiary to replace the terminated beneficiary; change of coordinator, etc.).
The granting authority will calculate the amount due to the beneficiary on the basis of the report
59
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
submitted and taking into account the costs incurred and contributions for activities implemented before the end of work date (see Article 22). Costs relating to contracts due for execution only after the end of work are not eligible.
The information in the termination report must also be included in the periodic report for the next reporting period (see Article 21).
If the granting authority does not receive the termination report within the deadline, only costs and contributions which are included in an approved periodic report will be taken into account (no costs/ contributions if no periodic report was ever approved).
If the granting authority does not receive the report on the distribution of payments within the deadline, it will consider that:
- the coordinator did not distribute any payment to the beneficiary concerned and that
- the beneficiary concerned must not repay any amount to the coordinator.
If the second request for amendment is accepted by the granting authority, the Agreement is amended to introduce the necessary changes (see Article 39).
If the second request for amendment is rejected by the granting authority (because it calls into question the decision awarding the grant or breaches the principle of equal treatment of applicants), the grant may be terminated (see Article 32).
Improper termination may lead to a reduction of the grant (see Article 31) or grant termination (see Article 32).
After termination, the concerned beneficiary’s obligations (in particular Articles 13 (confidentiality and security), 16 (IPR), 17 (communication, dissemination and visibility), 21 (reporting), 25 (checks, reviews, audits and investigations), 26 (impact evaluation), 27 (rejections), 28 (grant reduction) and 42 (assignment of claims)) continue to apply.
32.3 EU-initiated GA or beneficiary termination
32.3.1 Conditions
The granting authority may terminate the grant or the participation of one or more beneficiaries, if:
(a) one or more beneficiaries do not accede to the Agreement (see Article 40)
(b) a change to the action or the legal, financial, technical, organisational or ownership situation of a beneficiary is likely to substantially affect the implementation of the action or calls into question the decision to award the grant (including changes linked to one of the exclusion grounds listed in the declaration of honour)
(c) following termination of one or more beneficiaries, the necessary changes to the Agreement (and their impact on the action) would call into question the decision awarding the grant or breach the principle of equal treatment of applicants
(d) implementation of the action has become impossible or the changes necessary for its
60
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
continuation would call into question the decision awarding the grant or breach the principle of equal treatment of applicants
(e) a beneficiary (or person with unlimited liability for its debts) is subject to bankruptcy proceedings or similar (including insolvency, winding-up, administration by a liquidator or court, arrangement with creditors, suspension of business activities, etc.)
(f) a beneficiary (or person with unlimited liability for its debts) is in breach of social security or tax obligations
(g) a beneficiary (or person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) has been found guilty of grave professional misconduct
(h) a beneficiary (or person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) has committed fraud, corruption, or is involved in a criminal organisation, money laundering, terrorism-related crimes (including terrorism financing), child labour or human trafficking
(i) a beneficiary (or person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) was created under a different jurisdiction with the intent to circumvent fiscal, social or other legal obligations in the country of origin (or created another entity with this purpose)
(j) a beneficiary (or person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) has committed:
(i) substantial errors, irregularities or fraud or
(ii) serious breach of obligations under this Agreement or during its award (including improper implementation of the action, non-compliance with the call conditions, submission of false information, failure to provide required information, breach of ethics or security rules (if applicable), etc.)
(k) a beneficiary (or person having powers of representation, decision-making or control, or person essential for the award/implementation of the grant) has committed — in other EU grants awarded to it under similar conditions — systemic or recurrent errors, irregularities, fraud or serious breach of obligations that have a material impact on this grant (extension of findings from other grants to this grant; see Article 25)
(l) despite a specific request by the granting authority, a beneficiary does not request — through the coordinator — an amendment to the Agreement to end the participation of one of its affiliated entities or associated partners that is in one of the situations under points (d), (f), (e), (g), (h), (i) or (j) and to reallocate its tasks, or
(m) other:
(i) linked action issues: not applicable
(ii) additional GA termination grounds: not applicable.
32.3.2 Procedure
61
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Before terminating the grant or participation of one or more beneficiaries, the granting authority will send a pre-information letter to the coordinator or beneficiary concerned:
- formally notifying the intention to terminate and the reasons why and
- requesting observations within 30 days of receiving notification.
If the granting authority does not receive observations or decides to pursue the procedure despite the observations it has received, it will confirm the termination and the date it will take effect (confirmation letter). Otherwise, it will formally notify that the procedure is discontinued.
For beneficiary terminations, the granting authority will — at the end of the procedure — also inform the coordinator.
The termination will take effect the day after the confirmation notification is sent (or on a later date specified in the notification; ‘termination date’).
32.3.3 Effects
(a) for GA termination:
The coordinator must — within 60 days from when termination takes effect — submit a periodic report (for the last open reporting period until termination).
The granting authority will calculate the final grant amount and final payment on the basis of the report submitted and taking into account the costs incurred and contributions for activities implemented before termination takes effect (see Article 22). Costs relating to contracts due for execution only after termination are not eligible.
If the grant is terminated for breach of the obligation to submit reports, the coordinator may not submit any report after termination.
If the granting authority does not receive the report within the deadline, only costs and contributions which are included in an approved periodic report will be taken into account (no costs/contributions if no periodic report was ever approved).
Termination does not affect the granting authority’s right to reduce the grant (see Article 28) or to impose administrative sanctions (see Article 34).
The beneficiaries may not claim damages due to termination by the granting authority (see Article 33).
After termination, the beneficiaries’ obligations (in particular Articles 13 (confidentiality and security), 16 (IPR), 17 (communication, dissemination and visibility), 21 (reporting), 25 (checks, reviews, audits and investigations), 26 (impact evaluation), 27 (rejections), 28 (grant reduction) and 42 (assignment of claims)) continue to apply.
(b) for beneficiary termination:
The coordinator must — within 60 days from when termination takes effect — submit:
(i) a report on the distribution of payments to the beneficiary concerned
62
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
(ii) a termination report from the beneficiary concerned, for the open reporting period until termination, containing an overview of the progress of the work, the financial statement, the explanation on the use of resources, and, if applicable, the certificate on the financial statement (CFS; see Articles 21 and 24.2 and Data Sheet, Point 4.3)
(iii) a request for amendment (see Article 39) with any amendments needed (e.g. reallocation of the tasks and the estimated budget of the terminated beneficiary; addition of a new beneficiary to replace the terminated beneficiary; change of coordinator, etc.).
The granting authority will calculate the amount due to the beneficiary on the basis of the report submitted and taking into account the costs incurred and contributions for activities implemented before termination takes effect (see Article 22). Costs relating to contracts due for execution only after termination are not eligible.
The information in the termination report must also be included in the periodic report for the next reporting period (see Article 21).
If the granting authority does not receive the termination report within the deadline, only costs and contributions included in an approved periodic report will be taken into account (no costs/ contributions if no periodic report was ever approved).
If the granting authority does not receive the report on the distribution of payments within the deadline, it will consider that:
- the coordinator did not distribute any payment to the beneficiary concerned and that
- the beneficiary concerned must not repay any amount to the coordinator.
If the request for amendment is accepted by the granting authority, the Agreement is amended to introduce the necessary changes (see Article 39).
If the request for amendment is rejected by the granting authority (because it calls into question the decision awarding the grant or breaches the principle of equal treatment of applicants), the grant may be terminated (see Article 32).
After termination, the concerned beneficiary’s obligations (in particular Articles 13 (confidentiality and security), 16 (IPR), 17 (communication, dissemination and visibility), 21 (reporting), 25 (checks, reviews, audits and investigations), 26 (impact evaluation), 27 (rejections), 28 (grant reduction) and 42 (assignment of claims)) continue to apply.
SECTION 3 OTHER CONSEQUENCES: DAMAGES AND ADMINISTRATIVE SANCTIONS
ARTICLE 33 — DAMAGES
33.1 Liability of the granting authority
The granting authority cannot be held liable for any damage caused to the beneficiaries or to third parties as a consequence of the implementation of the Agreement, including for gross negligence.
63
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
The granting authority cannot be held liable for any damage caused by any of the beneficiaries or other participants involved in the action, as a consequence of the implementation of the Agreement.
33.2 Liability of the beneficiaries
The beneficiaries must compensate the granting authority for any damage it sustains as a result of the implementation of the action or because the action was not implemented in full compliance with the Agreement, provided that it was caused by gross negligence or wilful act.
The liability does not extend to indirect or consequential losses or similar damage (such as loss of profit, loss of revenue or loss of contracts), provided such damage was not caused by wilful act or by a breach of confidentiality.
ARTICLE 34 — ADMINISTRATIVE SANCTIONS AND OTHER MEASURES
Nothing in this Agreement may be construed as preventing the adoption of administrative sanctions (i.e. exclusion from EU award procedures and/or financial penalties) or other public law measures, in addition or as an alternative to the contractual measures provided under this Agreement (see, for instance, Articles 135 to 145 EU Financial Regulation 2018/1046 and Articles 4 and 7 of Regulation 2988/9522).
SECTION 4 FORCE MAJEURE
ARTICLE 35 — FORCE MAJEURE
A party prevented by force majeure from fulfilling its obligations under the Agreement cannot be considered in breach of them.
‘Force majeure’ means any situation or event that:
- prevents either party from fulfilling their obligations under the Agreement,
- was unforeseeable, exceptional situation and beyond the parties’ control,
- was not due to error or negligence on their part (or on the part of other participants involved in the action), and
- proves to be inevitable in spite of exercising all due diligence.
Any situation constituting force majeure must be formally notified to the other party without delay, stating the nature, likely duration and foreseeable effects.
The parties must immediately take all the necessary steps to limit any damage due to force majeure and do their best to resume implementation of the action as soon as possible.
CHAPTER 6 FINAL PROVISIONS
22 Council Regulation (EC, Euratom) No 2988/95 of 18 December 1995 on the protection of the European Communities financial interests (OJ L 312, 23.12.1995, p. 1).
64
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
ARTICLE 36 — COMMUNICATION BETWEEN THE PARTIES
36.1 Forms and means of communication — Electronic management
EU grants are managed fully electronically through the EU Funding & Tenders Portal (‘Portal’).
All communications must be made electronically through the Portal, in accordance with the Portal Terms and Conditions and using the forms and templates provided there (except if explicitly instructed otherwise by the granting authority).
Communications must be made in writing and clearly identify the grant agreement (project number and acronym).
Communications must be made by persons authorised according to the Portal Terms and Conditions. For naming the authorised persons, each beneficiary must have designated — before the signature of this Agreement — a ‘legal entity appointed representative (LEAR)’. The role and tasks of the LEAR are stipulated in their appointment letter (see Portal Terms and Conditions).
If the electronic exchange system is temporarily unavailable, instructions will be given on the Portal.
36.2 Date of communication
The sending date for communications made through the Portal will be the date and time of sending, as indicated by the time logs.
The receiving date for communications made through the Portal will be the date and time the communication is accessed, as indicated by the time logs. Formal notifications that have not been accessed within 10 days after sending, will be considered to have been accessed (see Portal Terms and Conditions).
If a communication is exceptionally made on paper (by e-mail or postal service), general principles apply (i.e. date of sending/receipt). Formal notifications by registered post with proof of delivery will be considered to have been received either on the delivery date registered by the postal service or the deadline for collection at the post office.
If the electronic exchange system is temporarily unavailable, the sending party cannot be considered in breach of its obligation to send a communication within a specified deadline.
36.3 Addresses for communication
The Portal can be accessed via the Europa website.
The address for paper communications to the granting authority (if exceptionally allowed) is the official mailing address indicated on its website.
For beneficiaries, it is the legal address specified in the Portal Participant Register.
ARTICLE 37 — INTERPRETATION OF THE AGREEMENT
The provisions in the Data Sheet take precedence over the rest of the Terms and Conditions of the Agreement.
65
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
Annex 5 takes precedence over the Terms and Conditions; the Terms and Conditions take precedence over the Annexes other than Annex 5.
Annex 2 takes precedence over Annex 1.
ARTICLE 38 — CALCULATION OF PERIODS AND DEADLINES
In accordance with Regulation No 1182/7123, periods expressed in days, months or years are calculated from the moment the triggering event occurs.
The day during which that event occurs is not considered as falling within the period.
‘Days’ means calendar days, not working days.
ARTICLE 39 — AMENDMENTS
39.1 Conditions
The Agreement may be amended, unless the amendment entails changes to the Agreement which would call into question the decision awarding the grant or breach the principle of equal treatment of applicants.
Amendments may be requested by any of the parties.
39.2 Procedure
The party requesting an amendment must submit a request for amendment signed directly in the Portal Amendment tool.
The coordinator submits and receives requests for amendment on behalf of the beneficiaries (see Annex 3). If a change of coordinator is requested without its agreement, the submission must be done by another beneficiary (acting on behalf of the other beneficiaries).
The request for amendment must include:
- the reasons why
- the appropriate supporting documents and
- for a change of coordinator without its agreement: the opinion of the coordinator (or proof that this opinion has been requested in writing).
The granting authority may request additional information.
If the party receiving the request agrees, it must sign the amendment in the tool within 45 days of receiving notification (or any additional information the granting authority has requested). If it does not agree, it must formally notify its disagreement within the same deadline. The deadline may be extended, if necessary for the assessment of the request. If no notification is received within the deadline, the request is considered to have been rejected.
23 Regulation (EEC, Euratom) No 1182/71 of the Council of 3 June 1971 determining the rules applicable to periods, dates and time-limits (OJ L 124, 8/6/1971, p. 1).
66
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
An amendment enters into force on the day of the signature of the receiving party.
An amendment takes effect on the date of entry into force or other date specified in the amendment.
ARTICLE 40 — ACCESSION AND ADDITION OF NEW BENEFICIARIES
40.1 Accession of the beneficiaries mentioned in the Preamble
The beneficiaries which are not coordinator must accede to the grant by signing the accession form (see Annex 3) directly in the Portal Grant Preparation tool, within 30 days after the entry into force of the Agreement (see Article 44).
They will assume the rights and obligations under the Agreement with effect from the date of its entry into force (see Article 44).
If a beneficiary does not accede to the grant within the above deadline, the coordinator must — within 30 days — request an amendment (see Article 39) to terminate the beneficiary and make any changes necessary to ensure proper implementation of the action. This does not affect the granting authority’s right to terminate the grant (see Article 32).
40.2 Addition of new beneficiaries
In justified cases, the beneficiaries may request the addition of a new beneficiary.
For this purpose, the coordinator must submit a request for amendment in accordance with Article 39. It must include an accession form (see Annex 3) signed by the new beneficiary directly in the Portal Amendment tool.
New beneficiaries will assume the rights and obligations under the Agreement with effect from the date of their accession specified in the accession form (see Annex 3).
Additions are also possible in mono-beneficiary grants.
ARTICLE 41 — TRANSFER OF THE AGREEMENT
In justified cases, the beneficiary of a mono-beneficiary grant may request the transfer of the grant to a new beneficiary, provided that this would not call into question the decision awarding the grant or breach the principle of equal treatment of applicants.
The beneficiary must submit a request for amendment (see Article 39), with
- the reasons why
- the accession form (see Annex 3) signed by the new beneficiary directly in the Portal Amendment tool and
- additional supporting documents (if required by the granting authority).
The new beneficiary will assume the rights and obligations under the Agreement with effect from the date of accession specified in the accession form (see Annex 3).
67
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
ARTICLE 42 — ASSIGNMENTS OF CLAIMS FOR PAYMENT AGAINST THE GRANTING AUTHORITY
The beneficiaries may not assign any of their claims for payment against the granting authority to any third party, except if expressly approved in writing by the granting authority on the basis of a reasoned, written request by the coordinator (on behalf of the beneficiary concerned).
If the granting authority has not accepted the assignment or if the terms of it are not observed, the assignment will have no effect on it.
In no circumstances will an assignment release the beneficiaries from their obligations towards the granting authority.
ARTICLE 43 — APPLICABLE LAW AND SETTLEMENT OF DISPUTES
43.1 Applicable law
The Agreement is governed by the applicable EU law, supplemented if necessary by the law of Belgium.
Special rules may apply for beneficiaries which are international organisations (if any; see Data Sheet, Point 5).
43.2 Dispute settlement
If a dispute concerns the interpretation, application or validity of the Agreement, the parties must bring action before the EU General Court — or, on appeal, the EU Court of Justice — under Article 272 of the Treaty on the Functioning of the EU (TFEU).
For non-EU beneficiaries (if any), such disputes must be brought before the courts of Brussels, Belgium — unless an international agreement provides for the enforceability of EU court judgements.
For beneficiaries with arbitration as special dispute settlement forum (if any; see Data Sheet, Point 5), the dispute will — in the absence of an amicable settlement — be settled in accordance with the Rules for Arbitration published on the Portal.
If a dispute concerns administrative sanctions, offsetting or an enforceable decision under Article 299 TFEU (see Articles 22 and 34), the beneficiaries must bring action before the General Court — or, on appeal, the Court of Justice — under Article 263 TFEU.
For grants where the granting authority is an EU executive agency (see Preamble), actions against offsetting and enforceable decisions must be brought against the European Commission (not against the granting authority; see also Article 22).
ARTICLE 44 — ENTRY INTO FORCE
The Agreement will enter into force on the day of signature by the granting authority or the coordinator, depending on which is later.
68
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
SIGNATURES
For the coordinator For the granting authority
[--TGSMark#signature-963638450_75_210--] [--TGSMark#signature-service_75_210--]
69
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
ANNEX 1
Digital Europe Programme (DIGITAL)
Description of the action (DoA)
Part A
Part B
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DESCRIPTION OF THE ACTION (PART A)
COVER PAGE
Part A of the Description of the Action (DoA) must be completed directly on the Portal Grant Preparation screens.
PROJECT
Grant Preparation (General Information screen) — Enter the info.
Project number: 101113143
Project name: Estonian Quantum Communication Infrastructure
Project acronym: EstQCI
Call: DIGITAL-2022-QCI-02
Topic: DIGITAL-2022-QCI-02-DEPLOY-NATIONAL
Type of action: DIGITAL-SIMPLE
Service: CNECT/C/04
Project starting date: fixed date: 1 January 2023
Project duration: 30 months
TABLE OF CONTENTS
Project summary ......................................................................................................................................................3
List of participants .................................................................................................................................................. 3
List of work packages .............................................................................................................................................4
Staff effort ............................................................................................................................................................... 9
List of deliverables ................................................................................................................................................10
List of milestones (outputs/outcomes) .................................................................................................................. 17
List of critical risks ............................................................................................................................................... 18
2
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
PROJECT SUMMARY
Project summary
Grant Preparation (General Information screen) — Provide an overall description of your project (including context and overall objectives, planned activities and main achievements, and expected results and impacts (on target groups, change procedures, capacities, innovation etc)). This summary should give readers a clear idea of what your project is about.
Use the project summary from your proposal.
The purpose of the EstQCI project is to deploy the first experimental QKD network in Estonia in order to be prepared for the full deployment of the EuroQCI. EstQCI should provide the basis for the fast uptake and deployment of quantum security technology by building up the competence of relevant ministries, companies and other entities. In addition, the project would serve as a deployment model for the future deployment of QKD network in Estonia. The project aims to build up a metropolitan QKD network and test long-distance links to be ready for connections with neighbouring countries. In these networks, devices from EU-27 developers will be used, when possible. The main goals of the project are as follows: a) Building up the know-how and competence of relevant entities for future deployment of QKD networks and services b) Testing the readiness of devices from EU-27 producers to gain information about their suitability for the Estonian conditions and needs c) First demonstrations of the use of the network between metropolitan areas as well as for long-distance network in laboratory conditions d) Collaborating with neighbouring countries and preparation for cross-border links with Finland, Latvia and Sweden e) Sharing knowledge with relevant stakeholders, raise the awareness of companies and other relevant entities about the possibilities of the network to prepare for future secure connectivity/ cyber security applications. One of the important elements of the EstQCI project is coordination with Finland, Latvia, Lithuania, Poland and Sweden to create a foundation for the future cooperation within the margins of EuroQCI project and to prepare for terrestrial cross-border connections between Member States. As a result of the project we will open our network for interested parties (for example cyber security industry, academia etc) and facilitate the exploration of further use cases of the network. We will build up a wide-scale competence among the relevant stakeholder
LIST OF PARTICIPANTS
PARTICIPANTS
Grant Preparation (Beneficiaries screen) — Enter the info.
Number Role Short name Legal name Country PIC
1 COO MKM MAJANDUS JA KOMMUNIKATSIOONIMINISTEERIUM
EE 963638450
2 BEN Metrosert AKTSIASELTS METROSERT EE 994104016
3 BEN RIKS STATE INFOCOMMUNICATION FOUNDATION EE 911424126
4 BEN EE MoD Kaitseministeerium EE 905124655
3
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
LIST OF WORK PACKAGES
Work packages
Grant Preparation (Work Packages screen) — Enter the info.
Work Package No
Work Package name Lead Beneficiary Effort (Person- Months)
Start Month
End Month
Deliverables
WP1 Project management and procurement coordination
1 - MKM 27.00 1 30 D1.1 – Technical documents for the 1st review meeting D1.2 – Technical documents for the 2nd review meeting D1.3 – Gap analysis and roadmap for alignment with the security baseline D1.4 – Procurement overview
WP2 Development of trustworthy quantum communication network topology in metropolitan area
3 - RIKS 58.00 6 30 D2.1 – Evaluation report for the equipment D2.2 – Network deployment report D2.3 – Deployment plan
WP3 Testing of deployed QCI in metropolitan area 1 - MKM 24.00 13 30 D3.1 – Description of first use cases D3.2 – Evaluation report of the metropolitan network
WP4 Demonstration of long-distance quantum communication network
2 - Metrosert 57.00 6 30 D4.1 – Long-distance network test report
WP5 Regional coordination and EuroQCI integration 1 - MKM 30.00 1 30 D5.1 – Plan for the cross-border connections in the region D5.2 – Report on participation to the EuroQCI initiative and on the collaboration with other DIGITAL projects, part 1 D5.3 – Report on participation to the EuroQCI initiative and on the collaboration with other DIGITAL projects, part 2
WP6 Creating impact and dissemination 1 - MKM 28.00 1 30 D6.1 – Communication report, 1st period D6.2 – Communications report
4
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
Work packages
Grant Preparation (Work Packages screen) — Enter the info.
Work Package No
Work Package name Lead Beneficiary Effort (Person- Months)
Start Month
End Month
Deliverables
D6.3 – Report on dissemination and exploitation
5
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
Work package WP1 – Project management and procurement coordination
Work Package Number WP1 Lead Beneficiary 1. MKM
Work Package Name Project management and procurement coordination
Start Month 1 End Month 30
Objectives
Progress monitoring and reporting Technical specifications for procurements Procurement coordination and execution Aglinment with security baseline
Description
Regular project management, including monitoring of progress of all WPs. Necessary updates to project plan and risk analysis. Setting up dedicated channels for information sharing between the consortium and planning of regular meetings. Management of finances and regular reports. Preparation of technical specifications for all devices and other supplies, based on consultation with regional partners and considering the future EuroQCI integration as well as the requirements from the European Commission. Based on the technical specifications, public procurements will be set up and carried out according to Estonian law. Alignment with the security baseline.
Work package WP2 – Development of trustworthy quantum communication network topology in metropolitan area
Work Package Number WP2 Lead Beneficiary 3. RIKS
Work Package Name Development of trustworthy quantum communication network topology in metropolitan area
Start Month 6 End Month 30
Objectives
Investigation of available channels including the connection between fibre properties Testing of QCI-equipment procured Incorporation of tens of kilometres of fibre optic link realising a standard platform for validation, quantification and comparison of the diverse physical components of a QCI system in a real environment.
Description
Mapping the existing fibre-based network and to assessing accessibility for secure QCI in between two locations in metropolitan area. Procurement of the devices in collaboration with WP1. Testing the devices for the metropolitan network in laboratory conditions. Metrological testing of the devices. The systems tested in the laboratory conditions will be used to build up a metropolitan network.
Work package WP3 – Testing of deployed QCI in metropolitan area
Work Package Number WP3 Lead Beneficiary 1. MKM
Work Package Name Testing of deployed QCI in metropolitan area
Start Month 13 End Month 30
6
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
Objectives
Evaluation of the QCI network implemented for performance First use cases in the network Dissemination of knowledge
Description
Evaluation of the network performance based on knowledge from the laboratory conditions. Workshops with stakeholders (cyber security industry, possible service providers and government agencies) to identify and to select relevant use cases. Opening of the testbed and demonstration of first use cases in the network. Information sharing about the possibilities of the testbed, trainings for potential staff for EuroQCI.
Work package WP4 – Demonstration of long-distance quantum communication network
Work Package Number WP4 Lead Beneficiary 2. Metrosert
Work Package Name Demonstration of long-distance quantum communication network
Start Month 6 End Month 30
Objectives
Evaluation of additional parameters or components that must be used in order to ensure the functioning of real fibre- based QCI system operating in the long distance (i.e. around 70 km-150 km). Test planning and execution of the network in laboratory conditions. Demonstration of long-distance quantum communication. Dissemination of knowledge.
Description
Evaluation of different long-distance QCI technologies. Procurement of the devices in collaboration with WP1. Planning the tests and execution of the long-distance network in laboratory conditions.. Demonstration of long- distance QCI Depending on the regional discussions (WP5) the long-distance network in the field is planned (taking into account the future cross-border connections for EuroQCI). Different possible routes are analysed, taking into account possible end users and the quality of the fibre).
Work package WP5 – Regional coordination and EuroQCI integration
Work Package Number WP5 Lead Beneficiary 1. MKM
Work Package Name Regional coordination and EuroQCI integration
Start Month 1 End Month 30
Objectives
Planning of next phases of EuroQCI Regional cooperation Coordination with the European Commission and Member States Participation in the EuroQCI initiative and collaboration with the DIGITAL topic 3 project (co-ordination and support action CSA) and with other EuroQCI projects.
Description
Cooperation with Latvia, Lithuania, Poland, Sweden and Finland to identify the best routes for terrestrial connections
7
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
with Central-Europe, including the planning of the end points, and facilities for a long-haul network. Discussions between Member States on future network setup, standardisation and lessons learned. Based on discussions with the neighbouring countries, tests are planned between the countries (for example, between Finland and Estonia). Discussions will be based on knowledge acquired in the WPs 2 to 4. The possibility for regional satellite interconnection is explored. Regional workshops will be organised to gain a broader understanding of possible use cases and prepare for the future services. Synergies are ensured between the projects to reach the full impact of the common goals of the EuroQCI initiative.
Work package WP6 – Creating impact and dissemination
Work Package Number WP6 Lead Beneficiary 1. MKM
Work Package Name Creating impact and dissemination
Start Month 1 End Month 30
Objectives
Implementation of the communication and dissemination plan Workshops and events for academia and industry to define future use cases Planning of future support measures for QCI services development for the industry Informing the general public
Description
The communication plan is drafted and implemented, target groups and communication messages are defined, events are held and media coverage is ensured. To ensure future engagement of academia and industry, events are organised to bring together possible developers, service providers and end users from public and private sector. Discussions are held with the regulators and policy makers to secure the legal and regulatory basis for quantum communication in Estonia. Planning of future support measures for academia and industry. The possibility to include R&D in the field of quantum communication in the existing support measures is analysed and explored. When necessary, new support measures are designed.
8
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
STAFF EFFORT
Staff effort per participant
Grant Preparation (Work packages - Effort screen) — Enter the info.
Participant WP1 WP2 WP3 WP4 WP5 WP6 Total Person-Months
1 - MKM 15.00 6.00 6.00 18.00 20.00 65.00
2 - Metrosert 4.00 29.00 6.00 31.00 2.00 72.00
3 - RIKS 4.00 29.00 6.00 20.00 6.00 2.00 67.00
4 - EE MoD 4.00 6.00 4.00 6.00 20.00
Total Person-Months 27.00 58.00 24.00 57.00 30.00 28.00 224.00
9
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
LIST OF DELIVERABLES
Deliverables
Grant Preparation (Deliverables screen) — Enter the info.
The labels used mean:
Public — fully open ( automatically posted online) Sensitive — limited under the conditions of the Grant Agreement EU classified —RESTREINT-UE/EU-RESTRICTED, CONFIDENTIEL-UE/EU-CONFIDENTIAL, SECRET-UE/EU-SECRET under Decision 2015/444
Deliverable No
Deliverable Name Work Package No
Lead Beneficiary Type Dissemination Level Due Date (month)
D1.1 Technical documents for the 1st review meeting
WP1 1 - MKM R — Document, report SEN - Sensitive 12
D1.2 Technical documents for the 2nd review meeting
WP1 1 - MKM R — Document, report SEN - Sensitive 30
D1.3 Gap analysis and roadmap for alignment with the security baseline
WP1 1 - MKM R — Document, report R-UE/EU-R - EU Classified 30
D1.4 Procurement overview WP1 1 - MKM R — Document, report SEN - Sensitive 12
D2.1 Evaluation report for the equipment WP2 2 - Metrosert R — Document, report SEN - Sensitive 24
D2.2 Network deployment report WP2 3 - RIKS R — Document, report SEN - Sensitive 30
D2.3 Deployment plan WP2 3 - RIKS R — Document, report SEN - Sensitive 12
D3.1 Description of first use cases WP3 1 - MKM R — Document, report PU - Public 24
D3.2 Evaluation report of the metropolitan network
WP3 2 - Metrosert R — Document, report SEN - Sensitive 30
D4.1 Long-distance network test report WP4 2 - Metrosert R — Document, report SEN - Sensitive 30
D5.1 Plan for the cross-border connections in the region
WP5 1 - MKM R — Document, report SEN - Sensitive 30
D5.2 Report on participation to the EuroQCI WP5 1 - MKM R — Document, report PU - Public 12
10
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
Deliverables
Grant Preparation (Deliverables screen) — Enter the info.
The labels used mean:
Public — fully open ( automatically posted online) Sensitive — limited under the conditions of the Grant Agreement EU classified —RESTREINT-UE/EU-RESTRICTED, CONFIDENTIEL-UE/EU-CONFIDENTIAL, SECRET-UE/EU-SECRET under Decision 2015/444
Deliverable No
Deliverable Name Work Package No
Lead Beneficiary Type Dissemination Level Due Date (month)
initiative and on the collaboration with other DIGITAL projects, part 1
D5.3 Report on participation to the EuroQCI initiative and on the collaboration with other DIGITAL projects, part 2
WP5 1 - MKM R — Document, report PU - Public 30
D6.1 Communication report, 1st period WP6 1 - MKM R — Document, report PU - Public 12
D6.2 Communications report WP6 1 - MKM R — Document, report PU - Public 30
D6.3 Report on dissemination and exploitation WP6 1 - MKM R — Document, report PU - Public 6
11
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
Deliverable D1.1 – Technical documents for the 1st review meeting
Deliverable Number D1.1 Lead Beneficiary 1. MKM
Deliverable Name Technical documents for the 1st review meeting
Type R — Document, report Dissemination Level SEN - Sensitive
Due Date (month) 12 Work Package No WP1
Description
Documents and presentations for the review meeting are prepared according to the requirements of the grant agreement.
Deliverable D1.2 – Technical documents for the 2nd review meeting
Deliverable Number D1.2 Lead Beneficiary 1. MKM
Deliverable Name Technical documents for the 2nd review meeting
Type R — Document, report Dissemination Level SEN - Sensitive
Due Date (month) 30 Work Package No WP1
Description
Documents and presentaions for the review meeting are prepared according to the grant agreement
Deliverable D1.3 – Gap analysis and roadmap for alignment with the security baseline
Deliverable Number D1.3 Lead Beneficiary 1. MKM
Deliverable Name Gap analysis and roadmap for alignment with the security baseline
Type R — Document, report Dissemination Level R-UE/EU-R - EU Classified
Due Date (month) 30 Work Package No WP1
Description
Gap analysis and roadmap (including costs and timeline) arr prepared to achieve full alignment with the security baseline. Document, English.
Deliverable D1.4 – Procurement overview
Deliverable Number D1.4 Lead Beneficiary 1. MKM
Deliverable Name Procurement overview
Type R — Document, report Dissemination Level SEN - Sensitive
Due Date (month) 12 Work Package No WP1
Description
Overview ot the state of play of procurement procedures. Document, English
12
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
Deliverable D2.1 – Evaluation report for the equipment
Deliverable Number D2.1 Lead Beneficiary 2. Metrosert
Deliverable Name Evaluation report for the equipment
Type R — Document, report Dissemination Level SEN - Sensitive
Due Date (month) 24 Work Package No WP2
Description
Testing of the devices for the metropolitan network in laboratory conditions and Metrological testing of the devices is carried out.Report of testing and evaluation of the in laboratory conditions is prepared.
Deliverable D2.2 – Network deployment report
Deliverable Number D2.2 Lead Beneficiary 3. RIKS
Deliverable Name Network deployment report
Type R — Document, report Dissemination Level SEN - Sensitive
Due Date (month) 30 Work Package No WP2
Description
Report of the deployed metropolitan network is prepared.
Deliverable D2.3 – Deployment plan
Deliverable Number D2.3 Lead Beneficiary 3. RIKS
Deliverable Name Deployment plan
Type R — Document, report Dissemination Level SEN - Sensitive
Due Date (month) 12 Work Package No WP2
Description
Deployment plan of the metropolitan network. Document, English
Deliverable D3.1 – Description of first use cases
Deliverable Number D3.1 Lead Beneficiary 1. MKM
Deliverable Name Description of first use cases
Type R — Document, report Dissemination Level PU - Public
Due Date (month) 24 Work Package No WP3
Description
Based on workshops with stakeholders (cyber security industry, possible service providers and government agencies) relevant use cases are identified and a report is prepared. Document, in English and Estonian.
13
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
Deliverable D3.2 – Evaluation report of the metropolitan network
Deliverable Number D3.2 Lead Beneficiary 2. Metrosert
Deliverable Name Evaluation report of the metropolitan network
Type R — Document, report Dissemination Level SEN - Sensitive
Due Date (month) 30 Work Package No WP3
Description
Evaluation of the network performance based on knowledge from the laboratory conditions is carried out and a report is prepared (document, English, Estonian).
Deliverable D4.1 – Long-distance network test report
Deliverable Number D4.1 Lead Beneficiary 2. Metrosert
Deliverable Name Long-distance network test report
Type R — Document, report Dissemination Level SEN - Sensitive
Due Date (month) 30 Work Package No WP4
Description
Planning the tests and execution of the long-distance network in laboratory conditions has been carried out and an evaluation report is prepared (document, English, Estonian).
Deliverable D5.1 – Plan for the cross-border connections in the region
Deliverable Number D5.1 Lead Beneficiary 1. MKM
Deliverable Name Plan for the cross-border connections in the region
Type R — Document, report Dissemination Level SEN - Sensitive
Due Date (month) 30 Work Package No WP5
Description
Cooperation with Latvia, Lithuania, Poland, Sweden and Finland to identify the best routes for terrestrial connections with Central-Europe, including the planning of the end points, and facilities for a long-haul network. Plan of the future connections is prepared. Document, English.
Deliverable D5.2 – Report on participation to the EuroQCI initiative and on the collaboration with other DIGITAL projects, part 1
Deliverable Number D5.2 Lead Beneficiary 1. MKM
Deliverable Name Report on participation to the EuroQCI initiative and on the collaboration with other DIGITAL projects, part 1
Type R — Document, report Dissemination Level PU - Public
Due Date (month) 12 Work Package No WP5
14
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
Description
Document, english. Report on the project contributions to the broader EuroQCI initiative, and on the collaboration with other EuroQCI projects in the first half of the project.
Deliverable D5.3 – Report on participation to the EuroQCI initiative and on the collaboration with other DIGITAL projects, part 2
Deliverable Number D5.3 Lead Beneficiary 1. MKM
Deliverable Name Report on participation to the EuroQCI initiative and on the collaboration with other DIGITAL projects, part 2
Type R — Document, report Dissemination Level PU - Public
Due Date (month) 30 Work Package No WP5
Description
Document, english. Report on the project contributions to the broader EuroQCI initiative, and on the collaboration with other EuroQCI projects in the second half of the project.
Deliverable D6.1 – Communication report, 1st period
Deliverable Number D6.1 Lead Beneficiary 1. MKM
Deliverable Name Communication report, 1st period
Type R — Document, report Dissemination Level PU - Public
Due Date (month) 12 Work Package No WP6
Description
Document, English. Communication and dissemination activities are described for the first period of the project.
Deliverable D6.2 – Communications report
Deliverable Number D6.2 Lead Beneficiary 1. MKM
Deliverable Name Communications report
Type R — Document, report Dissemination Level PU - Public
Due Date (month) 30 Work Package No WP6
Description
Document, English. Communication and dissemination activities are described for the entire period of the project.
Deliverable D6.3 – Report on dissemination and exploitation
Deliverable Number D6.3 Lead Beneficiary 1. MKM
Deliverable Name Report on dissemination and exploitation
Type R — Document, report Dissemination Level PU - Public
15
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
Due Date (month) 6 Work Package No WP6
Description
Document, English. Description of planned dissemination and exploitation activities.
16
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
LIST OF MILESTONES
Milestones
Grant Preparation (Milestones screen) — Enter the info.
Milestone No
Milestone Name Work Package No Lead Beneficiary Means of Verification Due Date (month)
1 Management setup WP1 1-MKM Feedback from partners 3
2 Technical specifications WP1 1-MKM All specification tables filled 6
3 Procurements WP1 1-MKM All tenders available in the public procurement portal
9
4 Deployment plan for metropolitan network WP2 3-RIKS Document is available 12
5 Equipment tested WP2 2-Metrosert Test report and data available 18
6 Metropolitan network deployed WP2 3-RIKS Network is available for use cases and testing 30
7 Evaluation report of the metropolitan network WP3 2-Metrosert Evaluation report available for all participants 30
8 First use cases of the metropolitan network WP3 1-MKM At least two use cases in the network, description of use cases available.
30
9 Long-distance network technologies evaluated
WP4 2-Metrosert Evaluation report 18
10 First demonstration of the long-distance network
WP4 2-Metrosert Test report, data 30
11 Plan for a long-distance network WP4 3-RIKS The deployment plan is available 30
12 Identification of cross border partners WP5 1-MKM At least two cooperation agreements with neighbouring countries.
24
13 Design of the cross-border network WP5 1-MKM Document is available as a part of cooperation agreements
24
14 Feasibility analysis for the satellite link WP5 3-RIKS Study report 30
15 International stakeholder cooperation WP5 1-MKM At least two international events held. 30
17
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: 101113143 — EstQCI — DIGITAL-2022-QCI-02
Milestones
Grant Preparation (Milestones screen) — Enter the info.
Milestone No
Milestone Name Work Package No Lead Beneficiary Means of Verification Due Date (month)
16 Communication plan WP6 1-MKM All relevant target groups reached (industry, academia, regulatory, general public)
30
17 Stakeholder involvement WP6 1-MKM Event reports indicate involvement of at least 25 different stakeholders
30
18 Interim review WP1 1-MKM Interim review report 14
LIST OF CRITICAL RISKS
Critical risks & risk management strategy
Grant Preparation (Critical Risks screen) — Enter the info.
Risk number
Description Work Package No(s)
Proposed Mitigation Measures
1 Costs of QQI systems rise due to high demand from EU countries
WP2, WP3, WP4 Procurements based on price. Eventual changes in the project plan to use less devices.
2 Equipment is not working as foreseen WP2, WP3, WP4 Close collaboration with partners to exchange experiences and best practices. Availability of non-EU devices which might be more advanced.
3 Low interest of stakeholders to develop new products and services
WP3 Proactive engagement to bring together international stakeholders to exchange ideas and find potential services and customers.
4 Too few experts in Estonia to fulfil the tasks of the project.
WP2, WP3, WP4 Collaboration with other Member States to train experts.
5 Neighbouring countries (Latvia, Lithuania) are not interested in developing networks and cross-border connections.
WP5, WP4 Proactive close collaboration with other Baltic countries. Alternatively prepare EuroQCI connections through Finland, who is well advanced in the project.
18
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Digital Europe Programme (DIGITAL)
Application Form
Technical Description (Part B)
(Digital Europe Standard)
Version 1.0 01 November 2021
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
2
IMPORTANT NOTICE
What is the Application Form?
The Application Form is the template for EU grants applications; it must be submitted via the EU Funding & Tenders Portal before the call deadline.
The Form consists of 2 parts:
• Part A contains structured administrative information
• Part B is a narrative technical description of the project.
Part A is generated by the IT system. It is based on the information that you enter into the Portal Submission System screens.
Part B needs to be uploaded as PDF (+ annexes) in the Submission System. The templates to use are available there.
How to prepare and submit it?
The Application Form must be prepared by the consortium and submitted by a representative. Once submitted, you will receive a confirmation.
Character and page limits:
• page limit normally 70 pages (unless otherwise provided in the Call document)
• supporting documents can be provided as an annex and do not count towards the page limit
• minimum font size — Arial 10 points
• page size: A4
• margins (top, bottom, left and right): at least 15 mm (not including headers & footers).
Please abide by the formatting rules. They are NOT a target! Keep your text as concise as possible. Do not use hyperlinks to show information that is an essential part of your application.
If you attempt to upload an application that exceeds the specified limit, you will receive an automatic warning asking you to shorten and re-upload your application. For applications that are not shortened, the excess pages will be made invisible and thus disregarded by the evaluators.
Please do NOT delete any instructions in the document. The overall page limit has been raised to ensure equal treatment of all applicants.
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
3
TECHNICAL DESCRIPTION (PART B)
COVER PAGE
Part B of the Application Form must be downloaded from the Portal Submission System, completed and then assembled
and re-uploaded as PDF in the system.
Note: Please read carefully the conditions set out in the Call document (for open calls: published on the Portal). Pay
particular attention to the award criteria; they explain how the application will be evaluated.
PROJECT
Project name: Estonian Quantum Communication Infrastructure
Project acronym: EstQCI
Coordinator contact: Kaido Tee, Ministry of Economy and Communications
TABLE OF CONTENTS
TECHNICAL DESCRIPTION (PART B) ....................................................................................................................... 3 COVER PAGE ............................................................................................................................................................. 3 PROJECT SUMMARY ................................................................................................................................................. 4 1. RELEVANCE ........................................................................................................................................................... 4
1.1 Objectives and activities ...................................................................................................................................... 4 1.2 Contribution to long-term policy objectives, policies and strategies — Synergies ................................................ 5 1.3 Digital technology supply chain ........................................................................................................................... 6 1.4 Financial obstacles ............................................................................................................................................. 6
2. IMPLEMENTATION ................................................................................................................................................. 6 2.1 Maturity ............................................................................................................................................................... 6 2.2 Implementation plan and efficient use of resources ............................................................................................. 7 2.3 Capacity to carry out the proposed work ........................................................................................................... 10
3. IMPACT ................................................................................................................................................................. 12 3.1 Expected outcomes and deliverables — Dissemination and communication ..................................................... 12 3.2 Competitiveness and benefits for society .......................................................................................................... 13
4. WORK PLAN, WORK PACKAGES, TIMING AND SUBCONTRACTING .............................................................. 14 4.1 Work plan ......................................................................................................................................................... 14 4.3 Timetable .......................................................................................................................................................... 14 4.4 Subcontracting .................................................................................................................................................. 16
5. OTHER .................................................................................................................................................................. 17 5.1 Ethics ................................................................................................................................................................ 17 5.2 Security ............................................................................................................................................................. 17
1. SUMMARY OF THE PROJECT SECURITY ISSUES ...................................................................................... 17 2. SENSITIVE INFORMATION WITH SECURITY RECOMMENDATION ...................................................................... 17 3. CLASSIFIED INFORMATION ................................................................................................................................... 18
3.1 Security aspects letter (SAL) ............................................................................................................................. 18 CONDITIONS UNDER WHICH THE BENEFICIARY MAY SUBCONTRACT ................................................................ 20 SECURITY CLASSIFICATION GUIDE ......................................................................................................................... 20
3.2 The security classification guide (SCG) (appendix B of the SAL) ................................................................... 20 3.3 Request for visit (appendix C of the SAL) ......................................................................................................... 21 3.4 Facility Security Clearance Information Sheet (FSCIS) (appendix D of the SAL) ........................................... 21 3.5 Minimum requirements for protection of EUCI in electronic form at RESTREINT UE/EU RESTRICTED level handled in the beneficiary's CIS (appendix E of the SAL) ..................................................................................... 21
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
4
4. SECURITY STAFF .................................................................................................................................................... 24 4.1 Project security officer (PSO) ............................................................................................................................ 24 4.2 Security advisory board (SAB) .......................................................................................................................... 24
APPENDIX C ................................................................................................................................................................ 26 APPENDIX D ................................................................................................................................................................ 33
6. DECLARATIONS ................................................................................................................................................... 37 ANNEXES ..................................................................................................................................................................... 38
Purchases and equipment ....................................................................................................................................... 38 PURCHASES AND EQUIPMENT ................................................................................................................................. 38
PROJECT SUMMARY
Project summary
See Abstract (Application Form Part A).
1. RELEVANCE
1.1 Objectives and activities
Objectives and activities
Describe how the project is aligned with the objectives and activities as described in the Call document.
How does the project address the general objectives and themes and priorities of the call? What is the project’s contribution to the overall Digital Europe Programme objectives?
The events since February 2022 have forced us to put even more emphasis on security in this geopolitically interesting corner of Europe. 99% of Estonian governmental services are offered online. Thus, the functioning of our state is highly dependent on state-of-the-art cyber security solutions. Considering the rapid deterioration of the security situation in Europe during the recent year, the need for securing the vital e-Government services and ensuring a secure communication between different EU (and eventually NATO) Member States becomes even more evident. In addition, it has been recently demonstrated that conventional ways of securing information might not be robust enough as post- quantum cryptographic approaches have proven to be vulnerable1.
In 2020, Estonia joined the EU cooperation framework for quantum communication, taking the commitment to participate in the preparation of the EuroQCI network. In 2022, the need for securing critical infrastructure and encryption systems against cyber threats, protecting smart energy grids, air traffic control, banks, healthcare facilities and more from hacking is more evident than ever. Estonia’s cyber security strategy for the years 2019 to 2022 highlights the role of cyber security as an integral part of the functioning of the state, the economy and of internal and external security. In Estonia, online governmental services are widely used. Thus, it is important to ensure that there are no major cyber incidents that would force citizens to abandon the online services that have been built up since early 2000’s and are an integral part of Estonian governance structure. There is a profound understanding in Estonia that creation and development of a successful digital state requires strategical coherence between developing information society and ensuring cyber security. Estonian cyber security strategy is to be the most secure digital state. With the advancement of quantum computing, this vision requires the understanding of possible uses of quantum technology for cyber security, building up the competence and supporting the relevant industry. Estonian QCI project (EstQCI) aims to lay the foundation for scaling up the respective competence in Estonia. The project also provides infrastructure for the industry to develop new cyber security solutions with the focus on secure e-Government services.
1 https://www.quantamagazine.org/post-quantum-cryptography-scheme-is-cracked-on-a-laptop-
20220824/?fbclid=IwAR0d2KItxINeV47MF_taj9NBj9LQe-MNKnlR3llhj6iKWSAuGtaspB_DiWA
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
5
The purpose of the EstQCI project is to deploy the first experimental QCI network in Estonia in order to be prepared for the full deployment of the EuroQCI. EstQCI should provide the basis for the fast uptake and deployment of quantum security technology by building up the competence of relevant ministries, companies and other entities. In addition, the project would serve as a deployment model for the future deployment of QCI network in Estonia. The project aims to build up a metropolitan QCI network and test long-distance links to be ready for connections with neighbouring countries. In these networks, devices from EU-27 developers will be used, when possible. The main goals of the project are as follows:
a) Building up the know-how and competence of relevant entities for future deployment of QCI networks and services
b) Testing the readiness of devices from EU-27 producers to gain information about their suitability for the Estonian conditions and needs
c) First demonstrations of the use of the network between metropolitan areas as well as for long- distance network in laboratory conditions
d) Collaborating with neighbouring countries and preparation for cross-border links with Finland and Latvia
e) Sharing knowledge with relevant stakeholders, raise the awareness of companies and other relevant entities about the possibilities of the network to prepare for future secure connectivity/ cyber security applications.
One of the important elements of the EstQCI project is coordination with Finland, Latvia, Lithuania, Poland and Sweden to create a foundation for the future cooperation within the margins of EuroQCI project and to prepare for terrestrial cross-border connections between Member States.
As a result of the project we will open our network for interested parties (for example cyber security industry, academia etc) and facilitate the exploration of further use cases of the network. We will build up a wide-scale competence among the relevant stakeholders in Estonia and facilitate international collaboration of relevant companies and academia. The purpose of this action is to prepare for the further development of quantum cyber security industry in Estonia and in Europe with the focus on secure e- services.
1.2 Contribution to long-term policy objectives, policies and strategies — Synergies
Contribution to long-term policy objectives, policies and strategies — Synergies
Describe how the project contributes to long-term policy objectives of the call’s domain/area and to the relevant policies and strategies, and how it is based on a sound needs analysis in line with the activities at European and national level.
What challenge does the project aim to address?
The objectives should be specific, measurable, achievable, relevant and time-bound within the duration of the project.
One of the main objectives of the Digital Europe programme is to build up essential capacities to secure EU’s digital economy, society and democracy through reinforcing EU’s cybersecurity industry and competitiveness. The EstQCI project will contribute to building up the necessary infrastructure in Estonia to ensure that the essential capacities are in place for further developments in the area of quantum communication. Additionally, the project will build up a strong base of knowledge among Estonian enterprises and academia to enforce competitiveness of Estonia’s cyber security industry.
The EstQCI project intends to use products from EU-27 companies, supporting the growth of an EU-27 value chain with feedback based on actual tests in the field. During the project we can identify specific ways how research institutions and companies in Estonia can contribute to EU-27 value chain in the domain of quantum communication. Estonia’s cyber industry is well advanced, and its added value is 20 years of knowledge of securing a digital state and governmental e-services.
Furthermore, Estonia has been building up competences in the field of quantum metrology, which allows us to contribute to the metrological testing and traceability of EU-27 devices and services for example in the field of low photon flux detectors. Metrological testing of devices and networks will add an additional layer of trust to the QCI network.
The expected outcome of the EuroQCI project is a QCI network covering all Member States of the EU. EstQCI project will lay the foundation for connections between Finland and Latvia (and possibly Sweden) to ensure that the countries in Northern Europe, where satellite links might not work as effectively because of weather conditions, will not remain in isolation.
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
6
1.3 Digital technology supply chain
Digital technology supply chain
Explain to what extent the project would reinforce and secure the digital technology supply chain in the EU.
This criterion might not be applicable to all topics — for details refer to the Call document.
The number of EU27 industrial providers of needed technology solutions and equipment is small. As technology is continuously developing, still most of the work is conducted within single laboratories and is country-specific. Therefore, it is essential to closely collaborate with EU-27 providers in the preparation phase of the network to find devices that are most suitable for the Estonian QCI.
Although a number of EU-27 producers have started to offer products for QCI systems, several of them will probably not be able to offer a product that is market-ready in time for the EstQCI project (for example KeeQuant, Q*Bird B.V. or LuxQuanta). Regardless, it is important to discuss and exchange information with these producers to ensure that their future applications are appropriate for the large- scale deployment of the EuroQCI network. Other producers such as ID Quantique Europe, QTI or ThinkQuantum are more advanced in their approaches and offer market-ready solutions that can be considered for the EstQCI project.
Cross-EU quantum communication infrastructure requires a standardised approach. This project will contribute to elaboration of standardised approach in establishing co-operation with neighbouring EU Member States and European Commission. Moreover, by implementing and testing equipment available from EU-industries, activities of the present project will facilitate enhanced performance, ease of use and availability of equipment for future cyber-security applications.
1.4 Financial obstacles
Financial obstacles
Describe to what extent the project can overcome financial obstacles such as the lack of market finance.
This criterion might not be applicable to all topics — for details refer to the Call document.
For the project execution, no major financial obstacles are foreseen. The project has been prepared within the relevant ministries that are responsible for securing governmental funds necessary to execute the project.
The further development of QCI network in Estonia depends on the future initiatives from the European Union as well as the development of the market for cyber security solutions involving QCI. Ideally, the services provided on the network will cover the cost of maintaining the network (for example the rent of fibre) after the project period. For this reason, the involvement of relevant stakeholders and providing the basis for future development of services is important.
2. IMPLEMENTATION
2.1 Maturity
Maturity
Explain the maturity of the project, i.e. the state of preparation and the readiness to start the implementation of the proposed activities.
Tasked by the Ministry of Economy and Communications, Metrosert and RIKS have been preparing the project since the end of 2021 in close cooperation with Finland. The change of regional security situation in the beginning of 2022 challenged the long-term planning of R&D and infrastructure projects due to increased uncertainty of the security in the region. However, as Estonia joined the Quantum Initiative already in 2020, it was clear that further development in this area must be prioritized. Estonian representatives have participated in EuroQCI Sherpa meetings, NSA/NCSA meetings and other relevant online events and meetings. We have also discussed further developments with representatives of neighbouring countries to prepare for the next phases of the EuroQCI project (cross-border connections).
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
7
In parallel, Metrosert has been participating in research projects in the field of quantum metrology in past 10 years to build up the competence for exact measurements in quantum optics. One of ongoing projects for example aims to develop bright entangled photon sources based on different application- oriented platforms and to exploit high-purity single-photon sources to demonstrate the quantum advantage achievable using these sources for specific measurements. For the purposes of these research projects, Metrosert has built up specific laboratory conditions as well as secured that in house scientific expertise is available for measurements and R&D in quantum optics. These laboratory conditions are ready to facilitate the development and testing of the QCI network for the purposes of this project.
2.2 Implementation plan and efficient use of resources
Implementation plan
Show that the implementation work plan is sound by explaining the rationale behind the proposed work packages and how they contribute to achieve the objectives of the project.
Explain the coherence between the objectives, activities, planned resources and project management processes.
Show how the project integrates, builds on and follows up on any pre-existing work or EU funded projects. Provide details (including architecture and deliverables) about pre-existing technical solutions.
The implementation plan of the EstQCI consists of six work packages. The targeted objectives are introduced in Section 4. The cross-participation and collaboration of the consortium members in the EstQCI Work Packages ensure efficient usage of resources and knowledge sharing.
The first phase of the project is a thorough planning of different aspects of the project, including its management and coordination, procurement specifications and procurement coordination. Discussions will be held with EU-27 producers and other Member States to specify which kind of equipment is the most suitable solution for next phases of the project. The planning process, including the consultations, will ensure that two criteria are met: the devices used in the network fit EstQCI project needs and resources are effectively used.
After the planning phase, two testbeds will be implemented for QCI experimentation:
1. The QQI metropolitan testbed
The QCI Metropolitan Testbed is used to test commercial QCI systems at first in a laboratory network environment, to allow faster and cost-effective benchmarking of different devices in different network configurations and conditions, but also to efficiently learn how to use and interface the devices before starting their actual on-field deployment.
With the QCI Metropolitan Testbed it is planned to test commercially available QCI devices. From the discussions with the providers so far, the understanding is that QKD they support can include Point-to- Point links and Point-to-Multipoint links based on optical switching, but most commercial QKD systems operate best with Point-to-Point links. This will be taken into account when establishing QQI metropolitan testbed.
The testbed can be metrologically facilitated by using freshly obtained Time-Correlated-Single Photon Counting system which includes both, a transmitter and a receiver testing capability. The system includes two SPAD detectors in Hanbury-Twiss interferometer configuration allowing sources to be measured. In case of measurements of detectors, each SPAD can be used separately. For the purpose of the present project, the measurement system may need to be modified and enhanced in terms of wavelength range, as the QKD commercial devices use O- and C-bands.
The advantage of using existing system using openly available materials facilitates accumulating expertise in quantum communication technologies and experimenting different QKD aspects without depending on so-called black-box technologies. The possibility of familiarizing researchers with all aspects of QKD is an additional benefit of the system design and its further open use, e.g. for academia.
After testing in the lab, the Testbed will be deployed in the field between two institutions (approximately 10 kilometres apart). Its primary purpose is to gain a complete hands-on experience on all layers of the QCI (hardware and software aspects, security requirements and resilience against attacks.
2. The QCI long-distance testbed
This will be the first step toward the possible future backbone QCI network. A long-distance network is also needed for eventual cross-border connections. In this phase, different procucts of EU-27 produceres are considered to ensure minimal signal loss. Tests and execution of the long-distance network in laboratory conditions will follow. Additionally, the long-distance network in the field is planned
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
8
(also taking into account the future cross-border connections for EuroQCI). Different possible routes are analysed, depending on the discussions with neighbouring countries. Different considerations are taken into account, for example the existing fibre and network infrastructure, possible secure locations for the nodes and management conditions of these nodes.
In these two testbeds, a wide range of specifications must be tested. In addition to QCI devices also external detectors, encryptors and KMS. (Metrological) evaluation of the devices and the two testbeds is an integral part of the project to add an additional layer of trust to these systems. In addition, several aspects must be tested in both testbeds: QCI key performance indicators for metropolitan and long- distance networks; Network Line interfaces; physical environment and security requirements and network reliability. A control and management plan must be set up and general requirements for the network management need to be defined.
The key parameters to be tested and used for benchmarking purposes (both in the lab and on-field) of the QCI systems are:
• long-term stability
• key-rate at typical loss levels
• maximum tolerable loss
• KMS support and functionalities supported
At first, the QCI devices and their possible integration with the classical security infrastructure will be tested in the laboratory environment. The existing Metrosert facility described above is used for network testing in the laboratory conditions. After the needed performance and stability are reached in laboratory conditions, the works with long distance network can be started.
First of all, the backbone route across Estonia starting from Tallinn should be discussed and possibly decided. The QKD link between Estonia and Finland will be located in (or nearby) Tallinn, but the link with Latvia has not been finally decided. Efficient way to deploy long-distance QKDN is by using existing optical fibre infrastructure, which is currently located along railway. Future options accompanying with establishing railway connection Rail Baltic have to be cleared (see Figure below). Either direction of backbone can set some limits to the number of QKD nodes along the routes.
The present commercial QKD system are capable of covering up to 50 km (70 km-80 km upon special request) because of typical tolerable loss of about 20 dB being different for O- and C-band. For example, 70 km (distance from Tallinn to Tapa) long fibre loss is 26 dB at the wavelength of 1310 nm and 16 dB at the wavelength of 1550 nm. Promising MDI-QKD systems can reach 40 dB (and possibly beyond), not only allowing to avoid several trusted nodes, but it would lead to some advantages and more cost- effective solutions. Firstly, the same untrusted node can be used not only to connect just two users, but also to possibly build a star network connecting several users. In addition, by definition, the untrusted node does not require the same level of security of a trusted node. It must be secured to avoid denial-of service (DoS) attacks but there is no risk that critical information is leaked to an eavesdropper. furthermore, two MDI-QKD star networks can be connected via a shared node acting as a trusted node. Such configurations is very efficient, because a single trusted node can connect all the users of the two- star networks and may be useful for Estonian users in the future.
For key distribution, we might consider to develop QKD network (QKDN) components with basic core functionality including key-manager, QKDN controller, and management/orchestration components. The design and implementation will be based on exiting ETSI and ITU-T specifications, and high-level microservice oriented software frameworks. The main goals would be to support our testbed
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
9
implementation by providing the required key management functions, like access control and key relaying, for testing and demonstrations, and to provide a platform for enhancing national capabilities for evaluating QKDN solutions. Furthermore, integration with universities simulating and evaluating QKDN performance would be an option.
The physical fibre route implementation of the project separates the fibres needed for quantum channels all the way through the planned connections. Due to security reasons, and in order to get lower attenuation for the quantum channel, the fibres can be connected to each other by fibre splicing instead of using ODF panels (Optical Distribution Frames). The site infrastructure construction work, if needed, will cover the required implementation of footprint, electricity, and cooling inside a trusted site location with high-security surveillance.
Also, tests for environmental conditions of QKD devices should be carried out to ensure proper operation in-the-field. Installations, joints and connections of optical fibre may depend on ambient conditions.
An integral part of the project is the involvement of different stakeholders in all work packages. Governmental entities must be involved to ensure that possible future regulatory conditions are in place for actual network deployment and usage. In addition, different governmental entities will be responsible for later deployment of a backbone network. Thus, an active knowledge transfer through different workshops must be ensured to guarantee the trained personnel necessary for possible next steps. Additionally, industry, academia and future service providers must be involved to identify possible use cases. During the project, future support measures for product and service development for the industry are defined (financial support measures and various staff training possibilities).
The goal is to reach 75% of relevant representatives of academia (the target audience are two largest universities of Estonia: Tartu University and Tallinn University of Technology and other relevant technical research institutions). Because of the relatively low number of possible relevant representatives of academia in Estonia, it is likely to reach most of the target audience with the dissemination activities.
In terms of engaging service providers and industry, the approach will be based on relevant industry associations (for example: Estonian Electronics Industries Association, Estonian Defence and Aerospace Industry Association). Active involvement of 5 to 10 companies (based in Estonia) in workshops is realistic, taking into account the number of relevant industry representatives in Estonia.
Project management, quality assurance and monitoring and evaluation strategy
Describe the measures planned to ensure that the project implementation is of high quality and completed in time.
Describe the methods to ensure good quality of monitoring, planning and control activities.
Describe the evaluation methods and indicators (quantitative and qualitative) to monitor and verify the outreach and coverage of the activities and results. The indicators proposed to measure progress should be specific, measurable, achievable, relevant and time-bound.
The project management is described in Section 2.3 and its detailed description will follow in the consortium agreement (including quality assurance). For each Work Package, milestones are described in Section 4.2. These milestones allow one to monitor the progress of each Work Package towards the objectives of the project.
Cost effectiveness and financial management (n/a for prefixed Lump Sum Grants)
Describe the measures adopted to ensure that the proposed results and objectives will be achieved in the most cost- effective way.
Indicate the arrangements adopted for the financial management of the project and, in particular, how the financial resources will be allocated and managed within the consortium.
Do NOT compare and justify the costs of each work package, but summarize briefly why your budget is cost effective.
The procurements of the project will be carried out in accordance with the Estonian Public Procurement Law, one of the leading principles of which is to ensure resource-efficient use of public funds. Instead of purchasing the devices, the possibility of renting them is explored to ensure that during the project only those devices are purchased that can later be used for further development of the EuroQCI project. During the preparation of technical specifications for the procurements, discussions with regional
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
10
partners are held to exchange experiences and best practices and procure devices that are interoperable. The field demonstrations will be conducted using a fibre that has already been deployed to avoid additional cost in infrastructure.
All consortium members will report the financial aspects to the project manager/coordinator (MKM), who will be responsible for the cost-efficient use of all financial resources and report to the European Commission.
2.3 Capacity to carry out the proposed work
Consortium cooperation and division of roles (if applicable)
Describe the participants (Beneficiaries, Affiliated Entities and Associated Partners, if any) and explain how they will work together to implement the project. How will they bring together the necessary expertise? How will they complement each other?
In what way does each of the participants contribute to the project? Show that each has a valid role and adequate resources to fulfil that role.
Note: When building your consortium you should think of organisations that can help you reach objectives and solve problems.
The consortium includes two leading ministries (Ministry of Economic Affairs and Communications and Ministry of Defence), which indicates the importance of the project for the Estonian government. In addition, State Infocommunication Foundation brings in the expert knowledge in the field of infrastructures and infocommunication services. Metrosert’s role as a research and development institution is to provide expertise in the field of quantum communication and testing experimental solutions.
Ministry of Economic Affairs and Communications (MKM) - The objectives of the Ministry of Economic Affairs and Communications is to create overall conditions for the growth of the competitiveness of the Estonian economy and its balanced and vital development by drafting and implementing Estonian economic policy and evaluating its outcomes. The Ministry develops national development plans in the spheres within its area of government and will ensure their coordination with various transnational development plans, organises the funding, implementation and performance evaluation of such plans. Co-operation with the European Union and international organisation is organised within the Ministry's area of government. The Ministry of Economic Affairs and Communications elaborates and implements the state's economic policy and economic development plans, including in the field of information society. https://www.mkm.ee/en
Ministry of Defence - The Ministry of Defence is responsible for organising national defence, including the roles of National Security Authority and National Classified Communication and Information System Security Authorities with responsibilities in management and control of the procedures and measures for protecting classified information. One of the tasks of the MoD is to ensure that Estonia is capable for defending itself against cross-domain external threats. https://kaitseministeerium.ee/en
State Infocommunication Foundation (RIKS) - Created at the end of 2000, RIKS (State Infocommunication Foundation) is a non-commercial foundation administered by the Ministry of Economic Affairs and Communications. RIKS provides communication-related services for public institutions and other state-budgeted institutions and operative communication. RIKS provides operative, radio and maritime communications, and telephone services. The mission of RIKS is to provide public institutions, local municipalities and other state budgeted institutions with cohesive, high quality, secure and cost-effective communication-related services, including communications for specific purposes through its own infrastructures and infocommunication services delivered from the free market. https://riks.ee/
Metrosert AS – Metrosert is a state-owned company, an evaluated research and development institution and an accredited calibration laboratory. Pursuant to a long-term agreement with the Estonian Ministry of Economic Affairs and Communications, Metrosert fulfils the functions of the Central Office of Metrology in Estonia (equivalent to a National Metrology Institute). Metrosert has 20 years of international experience with research projects in the field of optical metrology. https://metrosert.ee/en/company/
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
11
Project teams and staff
Describe the project teams and how they will work together to implement the project.
List the staff included in the project budget (budget category A) by function/profile (e.g. project manager, senior expert/advisor/researcher, junior expert/advisor/researcher, trainers/teachers, technical personnel, administrative personnel etc. and describe briefly their tasks.
Name and function Organisatio n
Role/tasks/professional profile and expertise
To be recruited by 01.2023
MKM Project coordinator
Kaido Tee MKM General coordination (WP1, WP5, WP6)/ 5 years of cyber security management and cyber exercises experience
Erik Janson MKM General coordination (WP3)/ 20 years of experience in ICT, security, infrastructure and greentech areas both business and technology management role
Priit Kollo RIKS General coordination (WP2)/ WP 20 years of IT and network solutions management experience.
Raimo Kure RIKS WP 5/ 21 years of experience in satellite solutions.
Kristo Gumbälis RIKS WP 2, WP3; WP4/ 7 years of network administrator experience.
Cisco certified associate.
Raido Raidma RIKS WP2, WP3, WP4/ 7 years of network administration and implementation experience.
Andres Kuusk RIKS WP2; WP3; WP4/ 8 years of experience in system integrations.
Mari Aru Metrosert General coordination (WP1- WP4)/ Head of R&D at Metrosert
Aigar Vaigu Metrosert WP2, WP3, WP4, advisory role/ Research experience in quantum optics (low photon flux optics)
Toomas Kübarsepp Metrosert WP2; WP3; WP4/ Professor of Metrology, PhD in optics. Over 20 years of research experience
Meelis-Mait Sildoja Metrosert WP2, WP3, WP4/ PhD in measurement science (optics). 17 years of research experience.
Mihkel Rähn Metrosert WP2-WP4, Research scientist, PhD in physics (optics)
Miiko Peris MoD Head of Department of Innovation
Greta Elva-Jõemaa MoD Cyber Policy Advisor, Department of Innovation
Marek Lehtsalu MoD NSA, NCSA representative
Outside resources (subcontracting, seconded staff, etc)
If you do not have all skills/resources in-house, describe how you intend to get them (contributions of members, partner organisations, subcontracting, etc.) and for which role/tasks/professional profile/expertise
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
12
If there is subcontracting, please also complete the table in section 4.
For specific questions concerning devices and technology, scientists from the University of Tartu could be involved in advisory roles. Collaboration with network providers (rent of fiber) and providers of QCI systems and subsystems is necessary. Additionally, we will collaborate with neigbouring countries to exchange experiences and learn from each other. We will also work in close contact with the European Commission to ensure that our project is in synergy with other initiatives from the Digital Europe Programme.
Consortium management and decision-making risk(if applicable)
Explain the management structures and decision-making mechanisms within the consortium. Describe how decisions will be taken and how regular and effective communication will be ensured. Describe methods to ensure planning and control.
Note: The concept (including organisational structure and decision-making mechanisms) must be adapted to the complexity and scale of the project.
Consortium management will ensure the management of the project in terms of KPIs, financial plan and results in accordance with the Grant Agreement.
The project coordinator is responsible for the overall coordination and management of the project and for the communication between different members of the consortium. The project coordinator will also coordinate the communication with partners (other countries, European Commission). The project coordinator ensures that the project is in line with the Grant Agreement. Project coordinator deals with all administrative and financial issues. The project coordinator is the representative of the project.
The project coordinator will set up regular meetings within the consortium to ensure information exchange and progress. Work Package meetings are organised by Work Package leaders. In addition, the project coordinator will organise review meetings with the European Commission. All meetings will be held in a hybrid format.
A detailed description of the responsibilities of each partner will be included in the Consortium Agreement. This agreement will also define mechanisms for dealing with possible conflicts between the members of the consortium. Consortium agreement will determine the decision-making process between the members of the consortium. The consortium agreement will also describe a quality management plan to ensure the management of project related documentation; monitoring/quality control of the KPIs and management of potential risks.
The role of the project coordinator will also be to manage the allocation and distribution of financial contributions received from the European Commission. The project coordinator will be responsible for meeting the requirements and rules of the Digital Europe Program.
3. IMPACT
3.1 Expected outcomes and deliverables — Dissemination and communication
Expected outcomes and deliverables
Define and explain the extent to which the project will achieve the expected impacts listed in Call document.
During the project, advanced experimental quantum systems and networks are deployed in Estonia using pilot devices and systems produced by EU-27 companies where possible. This will contribute to further standardization and development of these systems towards maturity and help to define the needs of EuroQCI.
The EstQCI project will make the systems and networks available for testing to prepare relevant stakeholders for the large-scale uptake and use of such systems and technologies. The project aims to involve different national stakeholders to demonstrate the first use of QCI systems in different application scenarios. Quantum networks will be made available to industries contributing to developing national-based products and services. This will contribute to preparation for the future large-scale deployment of EuroQCI. An open-access testbed and trainings provide tools for training potential future users of the network. Hands-on experience with the network will help to formulate new business ideas and design services, which will create new opportunities for Estonian companies. These new services and products will contribute to a competitive European quantum communication industry.
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
13
Quantum systems will be made available for educational purposes providing a training environment for technical and research staff as well as national users from public authorities or other organisations. This will ensure that there are enough trained personnel to deploy a larger scale quantum communication network in Estonia in the future. It will also contribute to the success of further projects in the same field in cooperation with the European Commission and other Member States.
During the project, the first long-distance quantum communication network in Estonia will be demonstrated in laboratory conditions to prepare for the large-scale deployment of a QCI in the region. Cross-border deployment is prepared in cooperation with neighbouring countries. This will contribute to regional deployment of the EuroQCI network to ensure that no country in Northern-Europe stays isolated from a terrestrial connection to Central Europe.
Dissemination and communication of the project and its results
If relevant, describe the communication and dissemination activities, activities (target groups, main messages, tools, and channels ) which are planned in order to promote the activities/results and maximise the impact. The aim is to inform and reach out to society and show the activities performed, and the use and the benefits the project will have for citizens
Clarify how you will reach the target groups, relevant stakeholders, policymakers and the general public and explain the choice of the dissemination channels.
Describe how the visibility of EU funding will be ensured.
In case your proposal is selected for funding, you will have to provide a more detailed plan for these activities (dissemination and communication plan), within 6 months after grant signature. This plan will have to be periodically updated; in line with the project progress.
Dissemination and communication are key activities for the EstQCI project. The purpose of these activities is to explain the project to different stakeholders as well as to general public so that a broader understanding of the benefits of quantum communication is achieved. It is important to define the target groups for different communication activities. The most important target group consists of the key stakeholders – cybersecurity industry and R&D institutions. It is important that these institutions have an opportunity for exchange to identify potential new products and services. Communication message to this group is targeted to availability of a new network and the opportunity to use this network for testing purposes. Another important target group comprises the potential end users of new products and services. These can be different governmental institutions or companies that provide services for the end user (healthcare or financial institutions). The communication activities for this group will be aimed at creating awareness of potential new services and map the needs of the customers. Third target group consists of regulators and policy makers, as well as media representatives and general public. Communication messages to this group are aimed at raising general awareness and justifying the public investment to the project.
The channels to reach the three above mentioned target groups are different. We will involve different industrial associations and organise events to bring together potential service providers and customers. Whenever possible, these events will be organised for an international audience because of the limited size of Estonian industry. In this way we can broaden the circle of potential collaborations between stakeholders. We will also organise several project workshops to promote the access to the network as a testbed and bring together academia and industry. The broader public will be informed through media coverage and social media channels of the members of the consortium. During the project we will define KPIs for dissemination and communication activities.
3.2 Competitiveness and benefits for society
Competitiveness and benefits for the society
Describe the extent to which the project will strengthen competitiveness and bring important benefits for society
EstQCI project will strengthen the competitiveness of Estonia’s cyber security industry by offering an opportunity to develop and test new products in the field of quantum communication. This will result in creation of new jobs and additional tax income. In addition, the project will contribute to the enhancement of national competences in preparation for the full EuroQCI deployment. These competences can be used to create new services for EU’s market.
Most importantly, if the common infrastructure of quantum communication has been built up in Europe, our society can benefit from standardized and secure information exchange, may it be information
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
14
exchanged between security institutions, protection of personal data or flawless functioning of a digital state.
4. WORK PLAN, WORK PACKAGES, TIMING AND SUBCONTRACTING
4.1 Work plan
Work plan
Provide a brief description of the overall structure of the work plan (list of work packages or graphical presentation (Pert chart or similar)).
WP1 Project management and procurement coordination
WP2 Development of trustworthy quantum communication network topology in metropolitan area.
WP3 Testing of deployed QCI in metropolitan area
WP4 Demonstration of long-distance quantum communication network
WP5 Regional coordination and EuroQCI integration
WP6 Creating impact and dissemination
4.3 Timetable
Timetable (projects of more than 2 years)
Fill in cells in beige to show the duration of activities. Repeat lines/columns as necessary.
Note: Use actual, calendar years and quarters. In the timeline you should indicate the timing of each activity per WP. You may add additional columns if your project is longer than 6 years.
ACTIVITY
YEAR 1 YEAR 2 YEAR 3 YEAR 4 YEAR 5 YEAR 6
Q 1
Q 2
Q 3
Q 4
Q 1
Q 2
Q 3
Q 4
Q 1
Q
2
Q
3
Q
4
Q
1
Q
2
Q
3
Q
4
Q
1
Q
2
Q
3
Q
4
Q
1
Q
2
Q
3
Q 4
Task 1.1 - Project management
Task 1.2 - Procurement coordination
Task 1.3 - Alignment with the security baseline
Task 2.1 – Preparation for the network
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
15
Task 2.2 – Testing of the devices
Task 2.3 – Deployment of the metropolitan network
Task 3.1 – Evaluation of the metropolitan network
T3.2 – Identification of use cases
T3.3 – First use cases in the network
T3.4 – Knowledge dissemination
T4.1 – Evaluation of technologies
T4.2 – Test planning and execution of long-distance network
T4.3 – Demonstration of the network
T4.4 – Planning of the long- distance network in the field
T5.1 – Planning of cross-border connections
T5.2 – Planning of international testing
T5.3 – Discussions on possible
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Project: [101113143] — [EstQCI] — [DIGITAL-2022-QCI-02]
EU Grants: Application form (DEP): V1.0 – 01.11.2021
16
satellite interconnectio n
T5.4 – International stakeholder events
T5.5 - Participation in the EuroQCI initiative and collaboration with the DIGITAL topic 3 project (co- ordination and support action CSA) and with other EuroQCI projects.
T6.1 – Implementatio n of the communicatio n plan
T6.2 – Stakeholder events
T6.3 – Planning of support measures for the industry
4.4 Subcontracting
No subcontracting
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
17
5. OTHER
5.1 Ethics
Ethics
If the Call document contains a section on ethics, the ethics issues and measures you intend to take to solve/avoid them must be described in the annexed Ethics issues table .
See annex
5.2 Security
INFORMATION ON SECURITY ISSUES (SECURITY SECTION)
Table of content:
1. Summary of the project security issues 2. Sensitive information with security recommendation 3. Classified information
3.1 Security aspects letter (SAL) 3.2 The security classification guide (SCG) (appendix B of the SAL) NB: There is no appendix A. 3.3 Request for visit (appendix C of the SAL) 3.4 Facility Security Clearance Information Sheet (FSCIS) (appendix D of the SAL) 3.5 Minimum requirements for protection of EUCI in electronic form at RESTREINT UE/EU RESTRICTED level handled in the beneficiary's CIS (appendix E of the SAL)
4. Security staff 4.1 Project security officer (PSO) 4.2 Security advisory board (SAB) 5. Other project-specific security measures
Appendix C Appendix D
1. SUMMARY OF THE PROJECT SECURITY ISSUES
Possible security issues in the project concern potential future uses of the new quantum communication network. If the network will be used for exchanging classified information, the planning of the future network and its operational details could be considered classified as well. In addition, the Commission plans to define a security baseline for EUQCI projects by 2024, As a result, a gap analysis and roadmap on how to reach this baseline has to be created as a part of the EstQCI project. The dissemination level of these documents will be RESISTENT UE/EU RESTRICTED.
2. SENSITIVE INFORMATION WITH SECURITY RECOMMENDATION
Sensitive information with security recommendation
Number and name of the deliverable
Name of lead participant Date of production Name of entity authorised for access
1.3 Gap analysis and roadmap for alignment with the security baseline
MKM M30 MKM
MoD
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
18
3. CLASSIFIED INFORMATION
3.1 SECURITY ASPECTS LETTER (SAL)
SECURITY ASPECTS LETTER (SAL) — SECURITY REQUIREMENTS
GENERAL CONDITIONS
1. This security aspects letter (SAL) is an integral part of the classified grant agreement [or subcontract] and describes grant agreement-specific security requirements. Failure to meet these requirements may constitute sufficient grounds to terminate the grant agreement.
2. Grant beneficiaries are subject to all obligations set out in Decision 2015/4442 and its implementing rules (Decision 2021/2593). If the grant beneficiary faces a problem of application of the applicable legal framework in a Member State, it must refer to the Commission security authority and the national security authority (NSA) or designated security authority (DSA).
3. Classified information generated when performing the grant agreement must be marked as EU classified information (EUCI) at security classification level, as determined in the security classification guide (SCG) in Appendix B to this letter. Deviation from the security classification level stipulated by the SCG is permissible only with the written authorisation of the granting authority.
4. The rights of the originator of any EUCI created and handled for the performance of the classified grant agreement are exercised by the European Commission, as the granting authority.
5. Without the written consent of the granting authority, the beneficiary or subcontractor must not make use of any information or material furnished by the granting authority or produced on behalf of that authority for any purpose other than that of the grant agreement.
6. Where a facility security clearance (FSC) is required for the performance of a grant agreement, the beneficiary must ask the granting authority to proceed with the FSC request.
For the performance of this grant agreement, at least the below beneficiaries must obtain the FSC:
− Ministry of Economic Affairs and Communications
− Ministry of Defence
− State Infocommunication Foundation
7. The beneficiary must investigate all security breaches related to EUCI and report them to the granting authority as soon as is practicable. The beneficiary or subcontractor must immediately report to its NSA or DSA, and, where national laws and regulations so permit, to the Commission security authority, all cases in which it is known or there is reason to suspect that EUCI provided or generated pursuant to the grant agreement has been lost or disclosed to unauthorised persons.
8. After the end of the grant agreement, the beneficiary or subcontractor must return any EUCI it holds to the granting authority as soon as possible. Where practicable, the beneficiary or subcontractor may destroy EUCI instead of returning it. This must be done in accordance with the national laws and regulations of the country where the beneficiary is based, with the prior agreement of the Commission security authority, and under the latter’s instruction. EUCI must be destroyed in such a way that it cannot be reconstructed, either wholly or in part.
9. Where the beneficiary or subcontractor is authorised to retain EUCI after termination or conclusion of the grant agreement, the EUCI must continue to be protected in accordance with Decision 2015/444 and with Decision 2021/259.
2 Commission Decision (EU, Euratom) 2015/444 of 13 March 2015 on the security rules for protecting EU classified information
(OJ L 72, 17.3.2015, p. 53). 3 Commission Decision (EU, Euratom) 2021/259 of 10 February 2021 laying down implementing rules on industrial security with
regard to classified grants (OJ L 58, 19.2.2021, p. 55).
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
19
10. Any electronic handling, processing and transmission of EUCI must abide by the provisions laid down in Chapters 5 and 6 of Decision2015/444. These include, inter alia, the requirement that communication and information systems owned by the beneficiary and used to handle EUCI for the purpose of the grant agreement (hereinafter ‘beneficiary CIS’) must be subject to accreditation4; that any electronic transmission of EUCI must be protected by cryptographic products approved in accordance with Article 36(4) of Decision 2015/444, and that TEMPEST security measures must be implemented in accordance with Article 36(6) of Decision 2015/444.
11. The beneficiary or subcontractor must have business contingency plans (BCPs) to protect any EUCI handled in the performance of the classified grant agreement in emergency situations and must put in place preventive and recovery measures to minimise the impact of incidents associated with the handling and storage of EUCI. The beneficiary or subcontractor must inform the granting authority of its BCP.
GRANT AGREEMENTS REQUIRING ACCESS TO INFORMATION CLASSIFIED RESTREINT UE/EU RESTRICTED
12. In principle, personnel security clearance (PSC) is not required for compliance with the grant agreement5. However, information or material classified RESTREINT UE/EU RESTRICTED must be accessible only to beneficiary personnel who require such information to perform the grant agreement (need-to-know principle), who have been briefed by the beneficiary’s security officer on their responsibilities and on the consequences of any compromise or breach of security of such information, and who have acknowledged in writing the consequences of a failure to protect EUCI.
13. Except where the granting authority has given its written consent, the beneficiary or subcontractor must not provide access to information or material classified RESTREINT UE/EU RESTRICTED to any entity or person other than those of its personnel who have a need-to-know.
14. The beneficiary or subcontractor must maintain the security classification markings of classified information generated by or provided during the performance of a grant agreement and must not declassify information without written consent from the granting authority.
15. Information or material classified RESTREINT UE/EU RESTRICTED must be stored in locked office furniture when not in use. When in transit, documents must be carried inside an opaque envelope. The documents must not leave the possession of the bearer and they must not be opened en route.
16. The beneficiary or subcontractor may transmit documents classified RESTREINT UE/EU RESTRICTED to the granting authority using commercial courier companies, postal services, hand carriage or electronic means. To this end, the beneficiary or subcontractor must follow the programme (or project) security instruction (PSI) issued by the Commission and/or Decision 2021/259.
17. When no longer required, documents classified RESTREINT UE/EU RESTRICTED must be destroyed in such a way that they cannot be reconstructed, either wholly or in part.
18. The security accreditation of beneficiary CIS handling EUCI at RESTREINT UE/EU RESTRICTED level and any interconnection thereof may be delegated to the beneficiary’s security officer if national laws and regulations so permit. Where accreditation is thus delegated, the NSAs, DSAs or security accreditation authorities (SAAs) retain responsibility for protecting any RESTREINT UE/EU RESTRICTED information that is handled by the beneficiary and the right to inspect the security measures taken by the beneficiary. In addition, the beneficiary must provide the granting authority and, where required by national laws and regulations, the competent national SAA with a statement of compliance certifying that the beneficiary CIS and the related interconnections have been accredited for handling EUCI at RESTREINT UE/EU RESTRICTED level.
HANDLING OF INFORMATION CLASSIFIED RESTREINT UE/EU RESTRICTED IN COMMUNICATION AND INFORMATION SYSTEMS (CIS)
19. Minimum requirements for CIS handling information classified RESTREINT UE/EU RESTRICTED are laid down in Appendix E to this SAL.
4 The party undertaking the accreditation will have to provide the granting authority with a statement of compliance, through the
Commission security authority, and in co-ordination with the relevant national security accreditation authority (SAA). 5 Where beneficiaries are from Member States requiring PSCs and/or FSCs for grants classified RESTREINT UE/EU
RESTRICTED, the granting authority lists in the SAL these PSC and FSC requirements for the beneficiaries in question.
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
20
CONDITIONS UNDER WHICH THE BENEFICIARY MAY SUBCONTRACT
20. The beneficiary must obtain permission from the granting authority before subcontracting any part of a classified grant agreement.
21. No subcontract may be awarded to an entity registered in a non-EU country or to an entity belonging to an international organisation, if that non-EU country or international organisation has not concluded a security of information agreement with the EU or an administrative arrangement with the Commission.
22. Where the beneficiary has let a subcontract, the security provisions of the grant agreement apply mutatis mutandis to the subcontractor(s) and its (their) personnel. In such a case, it is the beneficiary’s responsibility to ensure that all subcontractors apply these principles to their own subcontracting arrangements. To ensure appropriate security oversight, the beneficiary's and subcontractor's NSAs and/or DSAs will be notified by the Commission security authority of the letting of all related classified subcontracts at the levels of CONFIDENTIEL UE/EU CONFIDENTIAL and SECRET UE/EU SECRET. Where appropriate, the beneficiary's and subcontractor's NSAs and/or DSAs will be provided with a copy of the subcontract-specific security provisions. NSAs and DSAs requiring notification about the security provisions of classified grant agreements at RESTREINT UE/EU RESTRICTED level are listed in the annex to Decision 2021/259.
23. The beneficiary may not release any EUCI to a subcontractor without the prior written approval of the granting authority. If EUCI to subcontractors is to be sent frequently or as a matter of routine, then the granting authority may give its approval for a specified length of time (e.g. 12 months) or for the duration of the subcontract.
VISITS
24. Visits involving access or potential access to information classified RESTREINT UE/EU RESTRICTED will be arranged directly between the sending and receiving establishments without the need to follow the procedure described in paragraphs 25 to 27 below.
25. Visits involving access or potential access to information classified CONFIDENTIEL UE/EU
CONFIDENTIAL or SECRET UE/EU SECRET will be arranged directly between the sending and
receiving establishments (an example of the form that may be used for this purpose is provided in
Appendix C).
26. Visitors must prove their identity on arrival at the host facility by presenting a valid ID card or passport.
27. The facility hosting the visit must ensure that records are kept of all visitors. These must include their
names, the organisation they represent, the date of expiry of the PSC (if applicable), the date of the
visit and the name(s) of the person(s) visited. Without prejudice to European data protection rules,
such records are to be retained for a period of no less than five years or in accordance with national
rules and regulations, as appropriate.
ASSESSMENT VISITS
28. The Commission security authority may, in cooperation with the relevant NSAs or DSAs, conduct visits to beneficiaries’ or subcontractors’ facilities to check that the security requirements for handling EUCI are being complied with.
SECURITY CLASSIFICATION GUIDE
29. A list of all the elements in the grant agreement which are classified or to be classified in the course of the performance of the grant agreement, the rules for so doing and the specification of the applicable security classification levels are contained in the security classification guide (SCG). The SCG is an integral part of this grant agreement and can be found in Appendix B to this Annex.
3.2 THE SECURITY CLASSIFICATION GUIDE (SCG) (APPENDIX B OF THE SAL)
Security classification guide (SCG)
Use of classified background information
Reference and name of Classification Originator Reference number of originator authorisation
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
21
document level (EU institution, EU Member State, non-EU
country or IO under whose authority the
information was created and classified)
for use
Security baseline R-UE/EU-R European Commission To be communicated later
Security classification guide (SCG)
Production of EU classified foreground information
Number and name of deliverable
Classification level
(R-UE/EU-R, C- UE/EU-C, S- UE/EU-S)
Beneficiaries involved in production / entities authorised for access
Name Responsibility (security
manager/main contributor,
contributor, blind contributor, reader only)
Date of production
Comments
(need-to-know, purpose of access and
planned use for ‘Reader only’
role)
Gap analysis R-UE/EU-R MKM Security manager/ main contributor
M30
MoD Main contributor M30
3.3 REQUEST FOR VISIT (APPENDIX C OF THE SAL)
The rules and templates for requests for visits can be found at the end of this section.
3.4 FACILITY SECURITY CLEARANCE INFORMATION SHEET (FSCIS) (APPENDIX D OF THE SAL)
The rules and templates for the facility security clearance information sheet can be found at the end of this section.
3.5 MINIMUM REQUIREMENTS FOR PROTECTION OF EUCI IN ELECTRONIC FORM AT RESTREINT UE/EU RESTRICTED LEVEL HANDLED IN THE BENEFICIARY'S CIS (APPENDIX E OF THE SAL)
MINIMUM REQUIREMENTS FOR CIS
General
1. The beneficiary must be responsible for ensuring that the protection of RESTREINT UE/EU RESTRICTED information complies with the minimum security requirements as laid down in this
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
22
security clause and with any other additional requirements advised by the granting authority or, if applicable, by the national security authority (NSA) or designated security authority (DSA).
2. It is the beneficiary’s responsibility to implement the security requirements identified in this document.
3. For the purpose of this document, a communication and information system (CIS) covers all equipment used to handle, store and transmit EUCI, including workstations, printers, copiers, fax machines, servers, network management systems, network controllers and communications controllers, laptops, notebooks, tablet PCs, smart phones and removable storage devices such as USB-sticks, CDs, SD-cards, etc.
4. Special equipment, such as cryptographic products, must be protected in accordance with its dedicated security operating procedures (SecOps).
5. Beneficiary must establish a structure responsible for the security management of the CIS handling information classified RESTREINT UE/EU RESTRICTED and appoint a security officer responsible for the facility concerned.
6. The use of IT solutions (hardware, software or services) privately owned by beneficiary staff for storing or processing RESTREINT UE/EU RESTRICTED information is not permitted.
7. Accreditation of the beneficiary’s CIS handling information classified RESTREINT UE/EU RESTRICTED must be approved by the security accreditation authority (SAA) of the Member State concerned or delegated to the beneficiary’s security officer as permitted by national laws and regulations.
8. Only information classified RESTREINT UE/EU RESTRICTED that is encrypted using approved cryptographic products may be handled, stored or transmitted (by wired or wireless means) as any other unclassified information under the grant agreement. Such cryptographic products must be approved by the EU or a Member State.
9. External facilities involved in maintenance/repair work must be contractually obliged to comply with the applicable provisions for handling of information classified RESTREINT UE/EU RESTRICTED, as set out in this document.
10. At the request of the granting authority or relevant NSA, DSA, or SAA, the beneficiary must provide evidence of compliance with the security clause of the grant agreement. If an audit and inspection of the beneficiary’s processes and facilities are also requested, to ensure compliance with these requirements, beneficiaries must permit representatives of the granting authority, the NSA, DSA and/or SAA, or the relevant EU security authority to conduct such an audit and inspection.
Physical security
11. Areas in which CIS are used to display, store, process or transmit RESTREINT UE/EU RESTRICTED information or areas housing servers, network management systems, network controllers and communications controllers for such CIS should be established as separate and controlled areas with an appropriate access control system. Access to these separate and controlled areas should be restricted to individuals with specific authorisation. Without prejudice to paragraph 8, equipment as described in paragraph 3 must be stored in such separate and controlled areas.
12. Security mechanisms and/or procedures must be implemented to regulate the introduction or connection of removable computer storage media (such as USBs, mass storage devices or CD- RWs) to components on the CIS.
Access to CIS
13. Access to a beneficiary’s CIS handling EUCI is allowed on a basis of strict need-to-know and authorisation of personnel.
14. All CIS must have up-to-date lists of authorised users. All users must be authenticated at the start of each processing session.
15. Passwords, which are part of most identification and authentication security measures, must be at least nine characters long and must include numeric and ’special’ characters (if permitted by the system) as well as alphabetic characters. Passwords must be changed at least every 180 days. They must be changed as soon as possible if they have been compromised or disclosed to an unauthorised person, or if such compromise or disclosure is suspected.
16. All CIS must have internal access controls to prevent unauthorised users from accessing or modifying information classified RESTREINT UE/EU RESTRICTED and from modifying system and security controls. Users are to be automatically logged off the CIS if their terminals have been inactive for some predetermined period of time, or the CIS must activate a password-
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
23
protected screen saver after 15 minutes of inactivity.
17. Each user of the CIS is allocated a unique user account and ID. User accounts must be automatically locked once at least five successive incorrect login attempts have been made.
18. All users of the CIS must be made aware of their responsibilities and the procedures to be followed to protect information classified RESTREINT UE/EU RESTRICTED on the CIS. The responsibilities and procedures to be followed must be documented and acknowledged by users in writing.
19. SecOPs must be available for the users and administrators and must include descriptions of security roles and associated list of tasks, instructions and plans.
Accounting, audit and incident response
20. Any access to the CIS must be logged.
21. The following events must be recorded:
a) all attempts to log on, whether successful or failed;
b) logging off (including being timed out, where applicable);
c) creation, deletion or alteration of access rights and privileges;
d) creation, deletion or alteration of passwords.
22. For all of the events listed above, the following information must be communicated as a minimum:
a) type of event;
b) user ID;
c) date and time;
d) device ID.
23. The accounting records should provide help to a security officer to examine the potential security incidents. They can also be used to support any legal investigations in the event of a security incident. All security records should be regularly checked to identify potential security incidents. The accounting records must be protected from unauthorised deletion or modification.
24. The beneficiary must have an established response strategy to deal with security incidents. Users and administrators must be instructed on how to respond to incidents, how to report them and what to do in the event of emergency.
25. The compromise or suspected compromise of information classified RESTREINT UE/EU RESTRICTED must be reported to the granting authority. The report must contain a description of the information involved and a description of the circumstances of the compromise or suspected compromise. All users of the CIS must be made aware of how to report any actual or suspected security incident to the security officer.
Networking and interconnection
26. When a beneficiary CIS that handles information classified RESTREINT UE/EU RESTRICTED is interconnected to a CIS that is not accredited, this significantly increases the threat to both the security of the CIS and the RESTREINT UE/EU RESTRICTED information that is handled by that CIS. This includes the internet and other public or private CIS, such as other CIS owned by the beneficiary or subcontractor. In this case, the beneficiary must perform a risk assessment to identify the additional security requirements that need to be implemented as part of the security accreditation process. The beneficiary must provide to the granting authority, and where required by national laws and regulations, the competent SAA, a statement of compliance certifying that the beneficiary CIS and the related interconnections have been accredited for handling EUCI at RESTREINT UE/EU RESTRICTED level.
27. Remote access from other systems to LAN services (e.g. remote access to email and remote SYSTEM support) is prohibited unless special security measures are implemented and agreed by the granting authority, and where required by national laws and regulations, approved by the competent SAA.
Configuration management
28. A detailed hardware and software configuration, as reflected in the accreditation/approval documentation (including system and network diagrams), must be available and regularly maintained.
29. The beneficiary’s security officer must conduct configuration checks on hardware and software to
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
24
ensure that no unauthorised hardware or software has been introduced.
30. Changes to the beneficiary CIS configuration must be assessed for their security implications and must be approved by the security officer, and where required by national laws and regulations, the SAA.
31. The system must be scanned for any security vulnerabilities at least once a quarter. Software to detect malware must be installed and kept up-to-date. If possible, such software should have a national or recognised international approval, otherwise it should be a widely accepted industry standard.
32. The beneficiary must develop a business continuity plan. Back-up procedures must be established to address the following:
a) frequency of back-ups;
b) storage requirements on-site (fireproof containers) or off-site;
c) control of authorised access to back-up copies.
Sanitisation and destruction
33. For CIS or data storage media that have at any time held RESTREINT UE/EU RESTRICTED information the following sanitisation must be performed to the entire system or to storage media before its disposal:
a) flash memory (e.g. USB sticks, SD cards, solid state drives, hybrid hard drives) must be overwritten at least three times and then verified to ensure that the original content cannot be recovered, or be deleted using approved deletion software;
b) magnetic media (e.g. hard disks) must be overwritten or degaussed;
c) optical media (e.g. CDs and DVDs) must be shredded or disintegrated;
d) for any other storage media, the granting authority or, if appropriate, the NSA, DSA or SAA should be consulted on the security requirements to be met.
34. Information classified RESTREINT UE/EU RESTRICTED must be sanitised on any data storage media before it is given to any entity that is not authorised to access information classified RESTREINT UE/EU RESTRICTED (e.g. for maintenance work).
4. SECURITY STAFF
4.1 PROJECT SECURITY OFFICER (PSO)
Project security officer (PSO)
Name Nationality Profession
Marve Kaljumäe Estonian Advisor, Ministry of Economic Affairs and Communications
4.2 SECURITY ADVISORY BOARD (SAB)
Security advisory board (SAB)
Member’s name Nationality Profession Areas of competence
Marve Kaljumäe Estonian Advisor, Ministry of Economic Affairs and Communications
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
25
Kersti Piilma Estonian Estonian Foreign Intelligence Service
Marek Lehtsalu Estonian Estonian Foreign Intelligence Service
5. Other project-specific security measures
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
26
APPENDIX C
REQUEST FOR VISIT
(MODEL)
DETAILED INSTRUCTIONS FOR COMPLETION OF REQUEST FOR VISIT
(The application must be submitted in English only)
HEADING Check boxes for visit type, information type, and indicate how many sites are to be visited and the number of visitors.
4. ADMINISTRATIVE DATA To be completed by requesting NSA/DSA.
5. REQUESTING ORGANISATION OR INDUSTRIAL FACILITY
Give full name and postal address.
Include city, state and post code as applicable.
6. ORGANISATION OR INDUSTRIAL FACILITY TO BE VISITED
Give full name and postal address. Include city, state, post code, telex or fax number (if applicable), telephone number and e-mail. Give the name and telephone/fax numbers and e-mail of your main point of contact or the person with whom you have made the appointment for the visit.
Remarks:
1) Giving the correct post code (zip code) is important
because a company may have various different facilities.
2) When applying manually, Annex 1 can be used when two or more facilities have to be visited in connection with the same subject. When an Annex is used, item 3 should state: "SEE ANNEX 1, NUMBER OF FAC.:.." (state number of facilities).
7. DATES OF VISIT Give the actual date or period (date-to-date) of the visit in the format 'day - month - year'. Where applicable, give an alternate date or period in brackets.
8. TYPE OF INITIATIVE Specify whether the visit has been initiated by the requesting organisation or facility or by invitation of the
facility to be visited.
9. THE VISIT RELATES TO:
Specify the full name of the project, contract or call for
tender using commonly used abbreviations only.
10. SUBJECT TO BE DISCUSSED/
JUSTIFICATION
Give a brief description of the reason(s) for the visit. Do not use unexplained abbreviations.
Remarks:
In the case of recurring visits this item should state 'Recurring visits' as the first words in the data element
(e.g. Recurring visits to discuss_____).
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
27
11. ANTICIPATED LEVEL OF CLASSIFIED INFORMATION TO BE INVOLVED
State SECRET UE/EU SECRET (S-UE/EU-S)
or
CONFIDENTIEL UE/EU CONFIDENTIAL (C-UE/EU-C), as appropriate.
12. PARTICULARS OF VISITOR Remark: when more than two visitors are involved in the visit, Annex 2 should be used.
13. THE SECURITY OFFICER OF THE REQUESTING ENTITY
This item requires the name, telephone number, fax number and e-mail of the requesting facility's Security Officer.
14. CERTIFICATION OF SECURITY CLEARANCE
This field is to be completed by the certifying authority.
Notes for the certifying authority:
a. Give name, address, telephone number, fax number
and e-mail (can be pre-printed).
b. This item should be signed and stamped (if applicable).
15. REQUESTING SECURITY AUTHORITY This field is to be completed by the NSA/DSA.
Note for the NSA/DSA:
a. Give name, address, telephone number, fax number and e-mail (can be pre-printed).
b. This item should be signed and stamped (if applicable).
REQUEST FOR VISIT
(MODEL)
TO: _______________________________________
1. TYPE OF VISIT REQUEST 2. TYPE OF INFORMATION 3. SUMMARY
Single
Recurring
Emergency
Amendment
Dates
Visitors
Facility
For an amendment, insert the NSA/DSA original RFV Reference No_____________
C-UE/EU-C
S-UE/EU-S
No of sites: _______
No of visitors: _____
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
28
4. ADMINISTRATIVE DATA:
Requester:
To:
NSA/DSA RFV Reference No________________
Date (dd/mm/yyyy): _____/_____/_____
5. REQUESTING ORGANISATION OR INDUSTRIAL FACILITY:
NAME:
POSTAL ADDRESS:
E-MAIL ADDRESS:
FAX NO: TELEPHONE NO:
6. ORGANISATION(S) OR INDUSTRIAL FACILITY(IES) TO BE VISITED (Annex 1 to be completed)
7. DATE OF VISIT (dd/mm/yyyy): FROM _____/_____/_____ TO _____/_____/_____
8. TYPE OF INITIATIVE:
Initiated by requesting organisation or facility
By invitation of the facility to be visited
9. THE VISIT RELATES TO CONTRACT:
10. SUBJECT TO BE DISCUSSED/REASONS/PURPOSE (Include details of host entity and any other relevant information. Abbreviations should be avoided):
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
29
11. ANTICIPATED HIGHEST CLASSIFICATION LEVEL OF INFORMATION/MATERIAL OR SITE ACCESS TO BE INVOLVED:
12. PARTICULARS OF VISITOR(S) (Annex 2 to be completed)
13. THE SECURITY OFFICER OF THE REQUESTING ORGANISATION OR INDUSTRIAL FACILITY:
NAME:
TELEPHONE NO:
E-MAIL ADDRESS:
SIGNATURE:
14. CERTIFICATION OF SECURITY CLEARANCE LEVEL:
NAME:
ADDRESS:
TELEPHONE NO:
E-MAIL ADDRESS:
SIGNATURE: DATE (dd/mm/yyyy): _____/_____/_____
15. REQUESTING NATIONAL SECURITY AUTHORITY/DESIGNATED SECURITY AUTHORITY:
NAME:
ADDRESS:
TELEPHONE NO:
E-MAIL ADDRESS:
SIGNATURE: DATE (dd/mm/yyyy): _____/_____/_____
STAMP
STAMP
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
30
16. REMARKS (Mandatory justification required in the case of an emergency visit):
<Placeholder for reference to applicable personal data legislation and link to mandatory information for the data subject, e.g. how Article 13 of the General Data Protection Regulation6 is implemented.>
6 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons
with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
31
ANNEX 1 to RFV FORM
ORGANISATION(S) OR INDUSTRIAL FACILITY(IES) TO BE VISITED
1.
NAME:
ADDRESS:
TELEPHONE NO:
FAX NO:
NAME OF POINT OF CONTACT:
E-MAIL:
TELEPHONE NO:
NAME OF SECURITY OFFICER OR
SECONDARY POINT OF CONTACT:
E-MAIL:
TELEPHONE NO:
2.
NAME:
ADDRESS:
TELEPHONE NO:
FAX NO:
NAME OF POINT OF CONTACT:
E-MAIL:
TELEPHONE NO:
NAME OF SECURITY OFFICER OR
SECONDARY POINT OF CONTACT:
E-MAIL:
TELEPHONE NO:
(Continue as required)
<Placeholder for reference to applicable personal data legislation and link to mandatory information for the data
subject, e.g. how Article 13 of the General Data Protection Regulation7 is implemented.>
7 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the
processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
32
ANNEX 2 to RFV FORM
PARTICULARS OF VISITOR(S)
1.
SURNAME:
FIRST NAMES (as per passport):
DATE OF BIRTH (dd/mm/yyyy):____/____/____
PLACE OF BIRTH:
NATIONALITY:
SECURITY CLEARANCE LEVEL:
PP/ID NUMBER:
POSITION:
COMPANY/ORGANISATION:
2.
SURNAME:
FIRST NAMES (as per passport):
DATE OF BIRTH (dd/mm/yyyy):____/____/____
PLACE OF BIRTH:
NATIONALITY:
SECURITY CLEARANCE LEVEL:
PP/ID NUMBER:
POSITION:
COMPANY/ORGANISATION:
(Continue as required)
<Placeholder for reference to applicable personal data legislation and link to mandatory information for the data subject, e.g. how Article 13 of the General Data Protection Regulation8 is implemented.>
8 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with
regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
33
APPENDIX D
FACILITY SECURITY CLEARANCE INFORMATION SHEET (FSCIS)
(MODEL)
INTRODUCTION
1.1 Attached is a sample Facility Security Clearance Information Sheet (FSCIS) for the rapid exchange of information between the National Security Authority (NSA) or Designated Security Authority (DSA), other competent national security authorities and the Commission Security Authority (acting on behalf of granting authorities) with regard to the Facility Security Clearance (FSC) of a facility involved in application for, and implementation of, classified grants or subcontracts.
1.2 The FSCIS is valid only if stamped by the relevant NSA, DSA or other competent authority.
1.3 The FSCIS is divided into a request and reply section and can be used for the purposes identified above or for any other purposes for which the FSC status of a particular facility is required. The reason for the enquiry must be identified by the requesting NSA or DSA in field 7 of the request section.
1.4 The details contained in the FSCIS are not normally classified; accordingly, when an FSCIS is to be sent between the respective NSAs/DSAs/Commission this should preferably be done by electronic means.
1.5 NSAs/DSAs should make every effort to respond to an FSCIS request within ten working days.
1.6 Should any classified information be transferred or a grant or subcontract awarded in relation to this assurance, the issuing NSA or DSA must be informed.
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
34
Procedures and Instructions for the
use of the Facility Security Clearance Information Sheet (FSCIS)
These detailed instructions are for the NSA or DSA, or the granting authority and the Commission Security Authority that complete the FSCIS. The request should preferably be typed in capital letters.
HEADER
The requester inserts full NSA/DSA and country name.
1. REQUEST TYPE The requesting granting authority selects the appropriate checkbox for the type of FSCIS request. Include the level of security clearance requested. The following abbreviations should be used:
SECRET UE/EU SECRET = S-UE/EU-S
CONFIDENTIEL UE/EU CONFIDENTIAL = C-UE/EU-C
CIS = Communication and information systems for processing classified information.
2. SUBJECT DETAILS Fields 1 to 6 are self-evident.
In field 4 the standard two-letter country code should be used. Field 5 is optional.
3. REASON FOR REQUEST Give the specific reason for the request, provide project indicators, number of the call or grant. Please specify the need for storage capability, CIS classification level, etc.
Any deadline/expiry/award dates which may have a bearing on the completion of an FSC should be included.
4. REQUESTING NSA/DSA State the name of the actual requester (on behalf of the NSA/DSA) and the date of the request in number format (dd/mm/yyyy).
5. REPLY SECTION Fields 1-5: select appropriate fields.
Field 2: if an FSC is in progress, it is recommended to give the requester an indication of the required processing time (if known).
Field 6:
a) Although validation differs by country or even by facility, it is recommended that the
expiry date of the FSC be given.
b) In cases where the expiry date of the FSC assurance is indefinite, this field may be
crossed out.
c) In compliance with respective national rules and regulations, the requester or either the beneficiary or subcontractor is responsible for applying for a renewal of the FSC.
6. REMARKS May be used for additional information with regard to the FSC, the facility or the foregoing items.
7. ISSUING NSA/DSA State the name of the providing authority (on behalf of the NSA/DSA) and the date of the reply in number format (dd/mm/yyyy).
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
35
FACILITY SECURITY CLEARANCE INFORMATION SHEET (FSCIS)
(MODEL)
All fields must be completed and the form communicated via Government-to-Government or Government-to-international organisation channels.
REQUEST FOR A FACILITY SECURITY CLEARANCE ASSURANCE
TO: ____________________________________
(NSA/DSA Country name)
Please complete the reply boxes, where applicable:
[ ] Provide an FSC assurance at the level of: [ ] S-UE/EU-S [ ] C-UE/EU-C
for the facility listed below
[ ] Including safeguarding of classified material/information
[ ] Including Communication and Information Systems (CIS) for processing classified information
[ ] Initiate, directly or upon a corresponding request of a beneficiary or subcontractor, the process of obtaining an FSC up to and including the level of ..................… with …………….level of safeguarding and ……………level of CIS, if the facility does not currently hold these levels of capabilities.
Confirm accuracy of the details of the facility listed below and provide corrections/additions as required.
1. Full facility name: Corrections/Additions:
……………………………………………….. ………..……………………………………….
2. Full facility address:
……………………………………………….. ………………………………………………….
3. Postal address (if different from 2)
……………………………………………….. ………………………………………………….
4. Zip/post code/city/country
………………………………………………... ……………………….………………………….
5. Name of the Security Officer
…………………………………………………....... ...……….………………………………………..….
6. Telephone/Fax/E-mail of the Security Officer
……………………………………………….. …………….……………………………….
7. This request is made for the following reason(s): (provide details of the pre-contractual (proposal selection) stage, grant or subcontract, programme/project, etc.) ……………………………………………………………………………….......................................…………
Requesting NSA/DSA/granting authority: Name: ………… Date: (dd/mm/yyyy)………….
REPLY (within ten working days)
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
36
This is to certify that:
1. [ ] the abovementioned facility holds an FSC up to and including the level of [ ] S-UE/EU-S
[ ] C-UE/EU-C.
2. The abovementioned facility has the capability to safeguard classified information/material:
[ ] yes, level: ……………………………. [ ] no.
3. the abovementioned facility has accredited/authorised CIS:
[ ] yes, level: ……………………………. [ ] no.
4. [ ] in relation to the abovementioned request, the FSC process has been initiated. You will be informed when the FSC has been established or refused.
5. [ ] the abovementioned facility does not hold an FSC.
6. This FSC assurance expires on: ………………. (dd/mm/yyyy), or as advised otherwise by the NSA/DSA. In the case of earlier
invalidation or any changes to the information listed above, you will be informed.
7. Remarks: ...........……………………………………………………………...................................……………………………
Issuing NSA/DSA Name: ………………………………… Date:(dd/mm/yyyy)……………………
<Placeholder for reference to applicable personal data legislation and link to mandatory
information for the data subject, e.g. how Article 13 of the General Data Protection Regul
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
37
6. DECLARATIONS
Double funding
Information concerning other EU grants for this project
Please note that there is a strict prohibition of double funding from the EU budget (except under EU Synergies actions).
YES/NO
We confirm that to our best knowledge neither the project as a whole nor any parts of it have benefitted from any other EU grant (including EU funding managed by authorities in EU Member States or other funding bodies, e.g. Erasmus, EU Regional Funds, EU Agricultural Funds, European Investment Bank, etc). If NO, explain and provide details.
YES
We confirm that to our best knowledge neither the project as a whole nor any parts of it are (nor will be) submitted for any other EU grant (including EU funding managed by authorities in EU Member States or other funding bodies, e.g. Erasmus, EU Regional Funds, EU Agricultural Funds, European Investment Bank, etc). If NO, explain and provide details.
YES
Financial support to third parties (if applicable)
If in your project the maximum amount per third party will be more than the threshold amount set in the Call document, justify and explain why the higher amount is necessary in order to fulfil your project’s objectives.
-
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
38
ANNEXES
LIST OF PREVIOUS PROJECTS
List of previous projects
Please provide a list of your previous projects for the last 4 years.
Participant Project Reference No and Title, Funding
programme
Period (start and end date)
Role (COO,
BEN, AE, OTHER)
Amount (EUR)
Website (if any)
Metrosert 17FUN06 Single‐photon sources as new quantum standards, European Metrology Programme for Research and Innovation, Horizon2020
Start: 01/06/2018 End: 31/05/2021
BEN https://www.siqust .eu/
Metrosert 19NRM06 Metrology for Testing the Implementation Security of Quantum Key Distribution Hardware, European Metrology Programme for Research and Innovation, Horizon2020
Start: 01/09/2020 End: 28/02/2024
BEN http://empir.npl.co. uk/metisq/
Metrosert 20FUN05 ingle- and entangled photon sources for quantum metrology, European Metrology Programme for Research and Innovation, Horizon2020
Start: 01/06/2021 End: 31/05/2024
BEN https://sequme.cm i.cz/
PURCHASES AND EQUIPMENT
Purchases and equipment
Purchase costs (travel and subsistence, equipment and other goods works and services) Details for major cost items (needed if costs declared under ‘purchase costs’ are higher than 15% of the claimed personnel costs). Start with the most expensive cost items, down to the 15% threshold.
Participant 1: MKM
Cost item name Category WP(s) Explanations Costs (EUR)
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
39
[insert name]
[Travel and Subsistence] [Equipment] [Other goods and services]
[insert WP numbers] [insert comment] [insert amount]
Workshop costs Other goods and services
WP3
MKM will organise two (international) workshops for stakeholders to identify potential use cases. Organisational costs of events such as technical support, room rent, catering.
20 000
PR costs Other goods and services
WP3
Costs for PR-services to inform stakeholders about the events (social media coverage, media coverage). MKM
5000
Event costs Other goods and services
WP5
Two international stakeholder events, 31 100 EUR each, MKM. Costs include rent, technical support, catering.
62200
Media and PR costs
Other goods and services
WP6
Communication services for execution of the communication plan, such as media and social media coverage, creation of a visual identity of the project, promotion of events. Costs covered by MKM
89800
Travel costs Travel and Subsistence
WP1, WP3
6 trips: 2x2 people Brussels, 2 to 3 trips to other countries (1 conference/workshop on the topic, 2 trips to neighboring countries)
12 000
Travel costs Travel and Subsistence
WP5
regional coordination, participation in events, participation in EuroQCI. Around 13 trips, 4x2 people Brussels, 5 trips to the neighbors (FI, SE, LT, LV, PL)
20 000
Travel costs Travel and Subsistence
WP4, WP6
Participation in stakeholder events, Central-Europe, 3x2 persons.
11 000
Purchase costs (travel and subsistence, equipment and other goods works and services) Details for major cost items (needed if costs declared under ‘purchase costs’ are higher than 15% of the claimed personnel costs). Start with the most expensive cost items, down to the 15% threshold.
Participant 2: Metrosert
Cost item name Category WP(s) Explanations Costs (EUR)
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
40
[insert name]
[Travel and Subsistence] [Equipment] [Other goods and services]
[insert WP numbers] [insert comment] [insert amount]
Training costs Other goods and services
WP3
Metrosert will organise 2 training sessions each for potential users of the network. Organisational costs of events.
10 000
Construction services costs
Other goods and services
WP4
Construction services to set up the long-distance network test lab at Metrosert
30900
SPAD Equipment WP2, WP3, WP4
For evaluation of the networks and components, specially for this project, Metrosert
20 000
Optical delay lines
Equipment WP2, WP3, WP4
For evaluation of the networks and components, specially for this project, Metrosert
12 000
Two White Rabbit low-jitter switches
Equipment WP2, WP3, WP4
For evaluation of the networks and components, specially for this project, Metrosert
14 000
Entangled photon pair source at telecom wavelenghts
Equipment WP2, WP3, WP4
For evaluation of the networks and components, specially for this project, Metrosert
60 000
Pulsed laser Equipment WP2, WP3, WP4
For evaluation of the networks and components, specially for this project, Metrosert
12 000
Fast optical modulators
Equipment WP2, WP3, WP4
For evaluation of the networks and components, specially for this project, Metrosert
30 000
Optical fibre Equipment WP4
100 km of optical fibre for laboratory testing, WP4, Metrosert
15 000
Two Optical Time Domain Reflectometers
Equipment WP3, WP4
For evaluation of the networks and components, specially for this project, WP3. WP4
12 000
Optical Wavelength Meter
Equipment WP3, WP4
For evaluation of the networks and components, specially for this project. WP3, WP4
35 000
Purchase costs (travel and subsistence, equipment and other goods works and services) Details for major cost items (needed if costs declared under ‘purchase costs’ are higher than 15% of the claimed personnel costs). Start with the most expensive cost items, down to the 15% threshold.
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
41
Participant 3: RIKS
Cost item name Category WP(s) Explanations Costs (EUR)
[insert name]
[Travel and Subsistence] [Equipment] [Other goods and services]
[insert WP numbers] [insert comment] [insert amount]
Training costs Other goods and services
WP3
RIKS will organise 2 training sessions for potential users of the network. Organisational costs of events.
10 000
QKD Systems Equipment WP2, WP4
For metro network and testing of the long-distance network, specially for this project, RIKS
1 120 000
External Key Management system for QKD key exchange
Equipment WP2, WP4
For metro network and testing of the long-distance network, specially for this project, RIKS
160 000
Required management systems for all equipment
Equipment WP2, WP4
For metro network and testing of the long-distance network, specially for this project, RIKS
220 000
Multichannel SNSPD detection unit
Equipment WP2, WP3, WP4
For evaluation of the networks and components, specially for this project, RIKS
200 000
Purchase costs (travel and subsistence, equipment and other goods works and services) Details for major cost items (needed if costs declared under ‘purchase costs’ are higher than 15% of the claimed personnel costs). Start with the most expensive cost items, down to the 15% threshold.
Participant 4: Ministry of Defence
Cost item name Category WP(s) Explanations Costs (EUR)
[insert name]
[Travel and Subsistence] [Equipment] [Other goods and services]
[insert WP numbers] [insert comment] [insert amount]
Travel costs Travel and Subsistence
WP1
Alignment with security baseline will probably require a trip to Brussels
2 000
Travel costs Travel and Subsistence
WP3
Participation in stakeholder events for the security sector. 2 events
4 000
Travel costs Travel and Subsistence
WP5
Cooperation with relevant bodies of neighboring countries (FI, SE, LT, LV, PL), 5000
5 000
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
42
EUR, 3 to 4 trips.
Travel costs Travel and Subsistence
WP6
Participation in stakeholder events, 1 event, 1 person.
2000
Equipment with full-cost option For calls where full-capitalised costs are exceptionally eligible for listed equipment (see Call document), indicate below the equipment items for which you request the full cost option, and justify your request. Ensure consistency with the budget details provided in the previous table
Equipment Name
Description (including WP, task number and BEN/AE to which it is linked)
Estimated Costs (EUR)
Justification (why is reimbursement at full-cost needed?)
Best-Value-for- Money (how do you intend to ensure it?)
QKD Systems
QKD systems with DV-QKD, 4 pcs, 280 000 EUR each, WP2 and WP4, RIKS
1 120 000
For metro network and testing of the long-distance network, specially for this project
Public procurement procedure
External Key Management system for QKD key exchange
WP2 and WP4, RIKS
160 000
For metro network and testing of the long-distance network, specially for this project
Public procurement procedure
Required management systems for all equipment
WP2 and WP4, RIKS
220 000
For metro network and testing of the long-distance network, specially for this project
Public procurement procedure
Multichannel SNSPD detection unit
WP2, WP3 and WP4, RIKS
200 000
For evaluation of the networks and components, specially for this project
Public procurement procedure
SPAD WP2, WP3 and WP4, Metrosert
20 000
For evaluation of the networks and components, specially for this project
Comparison of at least three offers
Optical delay lines
WP2, WP3 and WP4, Metrosert
12 000
For evaluation of the networks and components, specially for this project
Comparison of at least three offers
Two White Rabbit low-jitter switches
WP2, WP3 and WP4, Metrosert
14 000
For evaluation of the networks and components, specially for this project
Comparison of at least three offers
Entangled photon pair source at telecom wavelenghts
WP2, WP3 and WP4, Metrosert
60 000
For evaluation of the networks and components, specially for this project
Public procurement procedure
Pulsed laser WP2, WP3 and WP4, Metrosert
12 000
For evaluation of the networks and components, specially for this project
Comparison of at least three offers
Fast optical WP2, WP3 and 30 000 For evaluation of the Public procurement
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
EU Grants: Security issues information (Security section) (DEP): V1.0 –01.07.2022
43
modulators WP4, Metrosert networks and components, specially for this project
procedure
Optical fiber
100 km of optical fiber for laboratory testing, WP4, Metrosert
15 000
For testing of the long-distance network, specially for this project
Comparison of at least three offers
Two Optical Time Domain Reflectometers
WP3, WP4, Metrosert
12 000
For evaluation of the networks and components, specially for this project
Comparison of at least three offers
Optical Wavelength Meter
WP3, WP4, Metrosert
35 000
For evaluation of the networks and components, specially for this project
Public procurement procedure
*Basis for calculation; One trip, 1 person, 2 nights + daily allowances is around 1500 EUR (Estonia is at the border of EU, flying is expensive). Project period is almost three years.
HISTORY OF CHANGES
VERSION PUBLICATION
DATE CHANGE
2.0 02.12.22 Implementation plan – changes made according to the Evaluation Summary Report – More detailed description of the planned action added.
2.0 2.12.22 Implementation plan – target numbers of dissemination activities added
2.0 2.12.22 Project team – recruitment time of project coordinator added. One research scientist added (Mihkel Rähn, Metrosert)
2.0 2.12.22 Detailed budget added for other goods and services
2.0 2.12.22 Detailed budget added for equipment
2.0 2.12.22 Changes in the budget for beneficiaries and coordinator – more pm added, less goods/services. Increases for pm for work packages.
2.0 5.12.22 5.2 Security information added
3.0 8.12.22 Two tables of costs updated – added explanation for PR-costs and removed 2 items from equipment list according to the list from the Commission
3.0 8.12.22 Appendixes for the security part added.
3.0 8.12.22 Section 4 added
3.0 8.12.22 MS18 added to WP 1
3.0 8.12.22 D12-D15 dissemination level changed from sensitive to public
3.0 8.12.22 Changes in the costs table – duplicated the equipment to purchase costs.
4.0 8.12.22 Travel costs explanation added.
5.0 9.12.22 Costs per participant tables added. 4.2 deleted.
6.0 12.12.22 Travel costs added for MoD and MKM
6.0 12.12.22 Equipment added for Metrosert
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Grant Agreement number: 101113143 — EstQCI — DIGITAL-2022-QCI-02
DIGITAL MGA — Multi & Mono: v1.0
ANNEX 2
ESTIMATED BUDGET FOR THE ACTION
Estimated eligible1 costs (per budget category) Estimated EU contribution2
Direct costs Indirect costs EU contribution to eligible costs
A. Personnel costs B.
Subcontracting costs
C. Purchase costs D. Other cost categories E. Indirect costs3 Total costs
Funding rate %4 Maximum EU contribution5
Requested EU contribution
Maximum grant amount6
A.1 Employees (or equivalent)
A.2 Natural persons under direct contract
A.3 Seconded persons
A.4 SME owners and natural person beneficiaries
B. Subcontracting C.1 Travel and subsistence
C.2 Equipment C.3 Other goods, works and services
D.1 Financial support to third parties
D.2 Internally invoiced goods and services
E. Indirect costs
Forms of funding Actual costs Unit costs (usual
accounting practices)
Unit costs7 Actual costs Actual costs Actual costs Actual costs Actual costs Unit costs (usual
accounting practices)
Flat-rate costs8
a1 a2 a3 b c1 c2 c3 d1 d2
e = flat-rate * (a1 + a2 + a3 +
b + c1 + c2 + c3 + d1 + d2)
f = a + b + c + d + e U g = f * U% h m
1 - MKM 409 500.00 0.00 0.00 0.00 43 000.00 0.00 184 400.00 0.00 0.00 44 583.00 681 483.00 50 340 741.50 340 741.50 340 741.50
2 - Metrosert 453 600.00 0.00 0.00 0.00 14 000.00 250 000.00 59 400.00 0.00 0.00 54 390.00 831 390.00 50 415 695.00 415 695.00 415 695.00
3 - RIKS 422 100.00 0.00 0.00 0.00 17 000.00 1 700 000.00 40 900.00 0.00 0.00 152 600.00 2 332 600.00 50 1 166 300.00 1 166 300.00 1 166 300.00
4 - EE MoD 126 000.00 0.00 0.00 0.00 13 000.00 0.00 5 000.00 0.00 0.00 10 080.00 154 080.00 50 77 040.00 77 040.00 77 040.00
Σ consortium 1 411 200.00 0.00 0.00 0.00 87 000.00 1 950 000.00 289 700.00 0.00 0.00 261 653.00 3 999 553.00 1 999 776.50 1 999 776.50 1 999 776.50
1 See Article 6 for the eligibility conditions. All amounts must be expressed in EUR (see Article 21 for the conversion rules). 2 The consortium remains free to decide on a different internal distribution of the EU funding (via the consortium agreement; see Article 7). 3 Indirect costs already covered by an operating grant (received under any EU funding programme) are ineligible (see Article 6.3). Therefore, a beneficiary/affiliated entity that receives an operating grant during the action duration cannot declare indirect costs for the year(s)/reporting period(s) covered by the operating grant, unless they can
demonstrate that the operating grant does not cover any costs of the action. This requires specific accounting tools. Please immediately contact us via the EU Funding & Tenders Portal for details. 4 See Data Sheet for the funding rate(s). 5 This is the theoretical amount of the EU contribution to costs, if the reimbursement rate is applied to all the budgeted costs. This theoretical amount is then capped by the 'maximum grant amount'. 6 The 'maximum grant amount' is the maximum grant amount decided by the EU. It normally corresponds to the requested grant, but may be lower. 7 See Annex 2a 'Additional information on the estimated budget' for the details (units, cost per unit). 8 See Data Sheet for the flat-rate.
Page 1 of 1
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
1
ANNEX 2a
ADDITIONAL INFORMATION ON UNIT COSTS AND CONTRIBUTIONS
SME owners/natural person beneficiaries without salary (Decision C(2020) 71151)
Type: unit costs
Units: days spent working on the action (rounded up or down to the nearest half-day)
Amount per unit (daily rate): calculated according to the following formula:
{EUR 5 080 / 18 days = 282,22}
multiplied by
{country-specific correction coefficient of the country where the beneficiary is established}
The country-specific correction coefficients used are those set out in the Horizon Europe Work Programme
(section Marie Skłodowska-Curie actions) in force at the time of the call (see Portal Reference Documents).
1 Commission Decision of 20 October 2020 authorising the use of unit costs for the personnel costs of the owners of small and medium-
sized enterprises and beneficiaries that are natural persons not receiving a salary for the work carried out by themselves under an action or work programme (C(2020)7715).
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Grant Agreement number: 101113143 — EstQCI — DIGITAL-2022-QCI-02
ANNEX 3
ACCESSION FORM FOR BENEFICIARIES
AKTSIASELTS METROSERT (Metrosert), PIC 994104016, established in TEADUSPARGI 8, TALLINN 12618, Estonia,
hereby agrees
to become beneficiary
in Agreement No 101113143 — EstQCI (‘the Agreement’)
between MAJANDUS JA KOMMUNIKATSIOONIMINISTEERIUM (MKM) and the European Union (‘EU’), represented by the European Commission (‘European Commission’ or ‘granting authority’),
and mandates
the coordinator to submit and sign in its name and on its behalf any amendments to the Agreement, in accordance with Article 39.
By signing this accession form, the beneficiary accepts the grant and agrees to implement it in accordance with the Agreement, with all the obligations and terms and conditions it sets out.
SIGNATURE
For the beneficiary [--TGSMark#signature-994104016_75_210--]
1
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Grant Agreement number: 101113143 — EstQCI — DIGITAL-2022-QCI-02
ANNEX 3
ACCESSION FORM FOR BENEFICIARIES
STATE INFOCOMMUNICATION FOUNDATION (RIKS), PIC 911424126, established in ADALA 29, TALLIN 10614, Estonia,
hereby agrees
to become beneficiary
in Agreement No 101113143 — EstQCI (‘the Agreement’)
between MAJANDUS JA KOMMUNIKATSIOONIMINISTEERIUM (MKM) and the European Union (‘EU’), represented by the European Commission (‘European Commission’ or ‘granting authority’),
and mandates
the coordinator to submit and sign in its name and on its behalf any amendments to the Agreement, in accordance with Article 39.
By signing this accession form, the beneficiary accepts the grant and agrees to implement it in accordance with the Agreement, with all the obligations and terms and conditions it sets out.
SIGNATURE
For the beneficiary [--TGSMark#signature-911424126_75_210--]
2
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Grant Agreement number: 101113143 — EstQCI — DIGITAL-2022-QCI-02
ANNEX 3
ACCESSION FORM FOR BENEFICIARIES
Kaitseministeerium (EE MoD), PIC 905124655, established in Sakala 1, Tallinn 15094, Estonia,
hereby agrees
to become beneficiary
in Agreement No 101113143 — EstQCI (‘the Agreement’)
between MAJANDUS JA KOMMUNIKATSIOONIMINISTEERIUM (MKM) and the European Union (‘EU’), represented by the European Commission (‘European Commission’ or ‘granting authority’),
and mandates
the coordinator to submit and sign in its name and on its behalf any amendments to the Agreement, in accordance with Article 39.
By signing this accession form, the beneficiary accepts the grant and agrees to implement it in accordance with the Agreement, with all the obligations and terms and conditions it sets out.
SIGNATURE
For the beneficiary [--TGSMark#signature-905124655_75_210--]
3
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Revenues
Indirect costs
B. Subcontracting costs E. Indirect costs 2
Funding rate % 3
Maximum EU contribution 4 Requested EU
contribution
A.4 SME owners and
natural person
beneficiaries
B. Subcontracting C.1 Travel and subsistence C.2 Equipment C.3 Other goods, works and
services
D.X Financial support to
third parties
D.2 Internally invoiced
goods and services E. Indirect costs
Forms of funding Actual costs Unit costs (usual
accounting practices) Unit costs 5 Actual costs Actual costs Actual costs Actual costs Actual costs
Unit costs (usual
accounting practices) [ Actual costs] Flat-rate costs
6
a1 a2 a3 b c1 c2 c3 d1a d2 [ d3]
e =
flat-rate * (a1 + a2 + a3 + b +
c1 + c2 + c3 + d1a + d2 [ + d3] )
f =
a+b+c+d+e U g = f*U% h m (i) n
XX – [short name beneficiary/affiliated entity]
3 See Data Sheet for the reimbursement rate(s).
4 This is the theoretical amount of EU contribution to costs that the system calculates automatically (by multiplying the reimbursement rates by the costs declared). The amount you request (in the column 'requested EU contribution') may be less.
5 See Annex 2a 'Additional information on the estimated budget' for the details (units, cost per unit).
1 See Article 6 for the eligibility conditions. All amounts must be expressed in EUR (see Article 21 for the conversion rules).
2 If you have also received an EU operating grant during this reporting period, you cannot claim indirect costs - unless you can demonstrate that the operating grant does not cover any costs of the action. This requires specific accounting tools. Please contact us immediately via the Funding
& Tenders Portal for details.
i Please declare all eligible costs and contributions, even if they exceed the amounts indicated in the estimated budget (see Annex 2). Only amounts that were declared in your individual financial statements can be taken into account lateron, in order to replace costs/contributions that
are found to be ineligible.
EU contribution to eligible costs
The beneficiary/affiliated entity hereby confirms that:
The information provided is complete, reliable and true.
The costs and contributions declared are eligible (see Article 6).
[OPTION for PAC
Grants for
Procurement: D.3
PAC procurement
costs]
ANNEX 4 DIGITAL EUROPE MGA — MULTI + MONO
FINANCIAL STATEMENT FOR [PARTICIPANT NAME] FOR REPORTING PERIOD [NUMBER]
A. Personnel costs
Direct costs
D. Other cost categories
Eligible 1 costs (per budget category) EU contribution
2
C. Purchase costs
Total requested EU
contribution Total costs
A.1 Employees (or equivalent)
A.2 Natural persons under direct contract
A.3 Seconded persons
6 See Data Sheet for the flat-rate.
Income generated by the
action
The costs and contributions can be substantiated by adequate records and supporting documentation that will be produced upon request or in the context of checks, reviews, audits and investigations (see Articles 19, 20 and 25).
For the last reporting period: that all the revenues have been declared (see Article 22).
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
1
ANNEX 5
SPECIFIC RULES
CONFIDENTIALITY AND SECURITY (— ARTICLE 13)
Sensitive information with security recommendation
Sensitive information with a security recommendation must comply with the additional
requirements imposed by the granting authority.
Before starting the action tasks concerned, the beneficiaries must have obtained all approvals
or other mandatory documents needed for implementing the task. The documents must be
kept on file and be submitted upon request by the coordinator to the granting authority. If they
are not in English, they must be submitted together with an English summary.
For requirements restricting disclosure or dissemination, the information must be handled in
accordance with the recommendation and may be disclosed or disseminated only after written
approval from the granting authority.
EU classified information
If EU classified information is used or generated by the action, it must be treated in
accordance with the security classification guide (SCG) and security aspect letter (SAL) set
out in Annex 1 and Decision 2015/4441 and its implementing rules — until it is declassified.
Deliverables which contain EU classified information must be submitted according to special
procedures agreed with the granting authority.
Action tasks involving EU classified information may be subcontracted only with prior
explicit written approval from the granting authority and only to entities established in an EU
Member State or in a non-EU country with a security of information agreement with the EU
(or an administrative arrangement with the Commission).
EU classified information may not be disclosed to any third party (including participants
involved in the action implementation) without prior explicit written approval from the
granting authority.
ETHICS (— ARTICLE 14)
Ethics
Actions involving activities raising ethics issues must be carried out in compliance with:
- ethical principles
1 Commission Decision 2015/444/EC, Euratom of 13 March 2015 on the security rules for protecting EU
classified information (OJ L 72, 17.3.2015, p. 53).
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
2
and
- applicable EU, international and national law, including the EU Charter of
Fundamental Rights and the European Convention for the Protection of Human Rights
and Fundamental Freedoms and its Supplementary Protocols.
The beneficiaries must pay particular attention to the principle of proportionality, the right to
privacy, the right to the protection of personal data, the right to the physical and mental
integrity of persons, the right to non-discrimination, the need to ensure protection of the
environment and high levels of human health protection.
Before the beginning of an action task raising an ethical issue, the beneficiaries must have
obtained all approvals or other mandatory documents needed for implementing the task,
notably from any (national or local) ethics committee or other bodies such as data protection
authorities.
The documents must be kept on file and be submitted upon request by the coordinator to the
granting authority. If they are not in English, they must be submitted together with an English
summary, which shows that the documents cover the action tasks in question and includes the
conclusions of the committee or authority concerned (if any).
INTELLECTUAL PROPERTY RIGHTS (IPR) — BACKGROUND AND RESULTS —
ACCESS RIGHTS AND RIGHTS OF USE (— ARTICLE 16)
Definitions
Access rights — Rights to use results or background.
Dissemination — The public disclosure of the results by appropriate means, other than
resulting from protecting or exploiting the results, including by scientific or
professional publications in any medium.
Exploit(ation) — The use of results in further innovation and deployment activities other than
those covered by the action concerned, including among other things,
commercial exploitation such as developing, creating, manufacturing and
marketing a product or process, creating and providing a service, or in
standardisation activities.
Fair and reasonable conditions — Appropriate conditions, including possible financial terms
or royalty-free conditions, taking into account the specific circumstances of
the request for access, for example the actual or potential value of the results
or background to which access is requested and/or the scope, duration or
other characteristics of the exploitation envisaged.
List of background — Background free from restrictions
The beneficiaries must, where industrial and intellectual property rights (including rights of
third parties) exist prior to the Agreement, establish a list of these pre-existing industrial and
intellectual property rights, specifying the rights owners.
The coordinator must — before starting the action — submit this list to the granting authority.
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
3
Where the call conditions restrict participation or control due to security or EU strategic
autonomy reasons, background that is subject to control or other restrictions by a country (or
entity from a country) which is not one of the eligible countries or target countries set out in
the call conditions and that impact the results (i.e. would make the results subject to control or
restrictions) must not be used and must be explicitly excluded in the list of background —
unless otherwise agreed with the granting authority.
Results free from restrictions
Where the call conditions restrict participation or control due to security or EU strategic
autonomy reasons, the beneficiaries must ensure that the results of the action are not subject
to control or other restrictions by a country (or entity from a country) which is not one of the
eligible countries or target countries set out in the call conditions — unless otherwise agreed
with the granting authority.
Ownership of results
Results are owned by the beneficiaries that generate them (unless the consortium agreement
specifies another ownership regime).
Protection of results
The beneficiaries must adequately protect their results — for an appropriate period and with
appropriate territorial coverage — if protection is possible and justified, taking into account
all relevant considerations, including the prospects for commercial exploitation, legitimate
interests of the other beneficiaries and any other legitimate interests.
Exploitation of results
Beneficiaries must — up to four years after the end of the action (see Data Sheet, Point 1) —
use their best efforts to exploit their results directly or to have them exploited indirectly by
another entity, in particular through transfer or licensing.
Where the call conditions restrict participation or control due to security or EU strategic
autonomy reasons (and unless otherwise agreed with the granting authority), the beneficiaries
must produce a significant amount of products, services or processes that incorporate results
of the action or that are produced through the use of results of the action in the eligible
countries or target countries set out in the call conditions.
Where the call conditions impose moreover a first exploitation obligation, the first
exploitation must also take place in the eligible countries or target countries set out in the call
conditions.
The beneficiaries must ensure that these obligations also apply to their affiliated entities,
associated partners, subcontractors and recipients of financial support to third parties.
Transfers and licensing of results
Where the call conditions restrict participation or control due to security or EU strategic
autonomy reasons, the beneficiaries may not transfer ownership of their results or grant
licences to third parties which are established in countries which are not eligible countries or
target countries set out in the call conditions (or are controlled by such countries or entities
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
4
from such countries) — unless they have requested and received prior approval by the
granting authority.
The request must:
- identify the specific results concerned
- describe in detail the new owner and the planned or potential exploitation of the
results and
- include a reasoned assessment of the likely impact of the transfer or license on the
security interests or EU strategic autonomy .
The granting authority may request additional information.
The beneficiaries must ensure that their obligations under the Agreement are passed on to the
new owner and that this new owner has the obligation to pass them on in any subsequent
transfer.
Access rights — Additional rights of use
Rights of use of the granting authority on results for information, communication, publicity
and dissemination purposes
The granting authority also has the right to exploit non-sensitive results of the action for
information, communication, dissemination and publicity purposes, using any of the
following modes:
- use for its own purposes (in particular, making them available to persons working for
the granting authority or any other EU service (including institutions, bodies, offices,
agencies, etc.) or EU Member State institution or body; copying or reproducing them
in whole or in part, in unlimited numbers; and communication through press
information services)
- distribution to the public in hard copies, in electronic or digital format, on the
internet including social networks, as a downloadable or non-downloadable file
- editing or redrafting (including shortening, summarising, changing, correcting,
cutting, inserting elements (e.g. meta-data, legends or other graphic, visual, audio or
text elements) extracting parts (e.g. audio or video files), dividing into parts or use in a
compilation
- translation(including inserting subtitles/dubbing)in all official languages of EU
- storage in paper, electronic or other form
- archiving in line with applicable document-management rules
- the right to authorise third parties to act on its behalf or sub-license to third parties,
including if there is licensed background, any of the rights or modes of exploitation set
out in this provision
- processing, analysing, aggregating the results and producing derivative works
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
5
- disseminating the results in widely accessible databases or indexes (such as through
‘open access’ or ‘open data’ portals or similar repositories, whether free of charge or
not.
The beneficiaries must ensure these rights of use for the whole duration they are protected by
industrial or intellectual property rights.
If results are subject to moral rights or third party rights (including intellectual property rights
or rights of natural persons on their image and voice), the beneficiaries must ensure that they
comply with their obligations under this Agreement (in particular, by obtaining the necessary
licences and authorisations from the rights holders concerned).
Access rights for the granting authority and EU institutions, bodies, offices or agencies to
results for policy purposes
The beneficiaries must grant access to their results — on a royalty-free basis — to the
granting authority, other EU institutions, bodies, offices or agencies, for developing,
implementing and monitoring EU policies or programmes.
Such access rights are limited to non-commercial and non-competitive use.
Access rights for the granting authority to results in case of a public emergency
If requested by the granting authority in case of a public emergency, the beneficiaries must
grant non-exclusive, world-wide licences to third parties — under fair and reasonable
conditions — to use the results to address the public emergency.
Access rights for third parties to ensure continuity and interoperability
Where the call conditions impose continuity or interoperability obligations, the beneficiaries
must make the results produced in the framework of the action available to the public (freely
accessible on the Internet under open source licences).
COMMUNICATION, DISSEMINATION AND VISIBILITY (— ARTICLE 17)
Communication and dissemination plan
The beneficiaries must provide a detailed communication and dissemination plan, setting out
the objectives, key messaging, target audiences, communication channels, social media plan,
planned budget and relevant indicators for monitoring and evaluation.
Dissemination of results
The beneficiaries must disseminate their results as soon as feasible, in a publicly available
format, subject to any restrictions due to the protection of intellectual property, security rules
or legitimate interests.
They must upload the public project results to the Digital Europe Project Results platform,
available through the Funding & Tenders Portal.
In addition, where the call conditions impose additional dissemination obligations, they must
also comply with those.
Additional communication activities
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
6
The beneficiaries must engage in the following additional communication activities:
- present the project (including project summary, coordinator contact details, list of
participants, European flag and funding statement and special logo and project results)
on the beneficiaries’ websites or social media accounts.
SPECIFIC RULES FOR CARRYING OUT THE ACTION (— ARTICLE 18)
Implementation in case of restrictions due to security or EU strategic autonomy
Where the call conditions restrict participation or control due to security or EU strategic
autonomy reasons, the beneficiaries must ensure that none of the entities that participate as
affiliated entities, associated partners, subcontractors or recipients of financial support to third
parties are established in countries which are not eligible countries or target countries set out
in the call conditions (or are controlled by such countries or entities from such countries) —
unless otherwise agreed with the granting authority.
The beneficiaries must moreover ensure that any cooperation with entities established in
countries which are not eligible countries or target countries set out in the call conditions (or
are controlled by such countries or entities from such countries) does not affect the security
interests or EU strategic autonomy and avoids potential negative effects over security of
supply of inputs critical to the action.
Specific rules for PAC Grants for Procurement
When implementing innovative procurements in PAC Grants for Procurement, the
beneficiaries must respect the following conditions:
- avoid any conflict of interest and comply with the principles of transparency, non-
discrimination, equal treatment, sound financial management, proportionality and
competition rules
- assign the ownership of the intellectual property rights under the contracts to the
contractors (unless there are exceptional overriding public interests which are duly
justified in Annex 1), with the right of the buyers to access results — on a royalty-free
basis — for their own use and to grant (or to require the contractors to grant) non-
exclusive licences to third parties to exploit the results for them — under fair and
reasonable conditions — without any right to sub-license
- allow for all communications to be made in English (and any additional languages
chosen by the beneficiaries)
- ensure that prior information notices, contract notices and contract award notices
contain information on the EU funding and a disclaimer that the EU is not
participating as contracting authority in the procurement
- allow for the award of multiple procurement contracts within the same procedure
(multiple sourcing)
- for procurements involving classified information: apply the security rules set out in
Annex 5 mutatis mutandis to the contractors and the background and results of the
contracts
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
7
- where the call conditions restrict participation or control due to security or EU
strategic autonomy reasons: apply the restrictions set out in Annex 5 mutatis mutandis
to the contractors and the results under the contracts
- where the call conditions impose a place of performance obligation: ensure that the
part of the activities that is subject to the place of performance obligation is performed
in the eligible countries or target countries set out in the call conditions
- to ensure reciprocal level of market access: where the WTO Government Procurement
Agreement (GPA) does not apply, ensure that the participation in tendering procedures
is open on equal terms to bidders from EU Member States and all countries with
which the EU has an agreement in the field of public procurement under the
conditions laid down in that agreement, including all Horizon Europe associated
countries. Where the WTO GPA applies, ensure that tendering procedures are also
open to bidders from states that have ratified this agreement, under the conditions laid
down therein.
Specific rules for Grants for Financial Support
When implementing financial support to third parties in Grants for Financial Support, the
beneficiaries must respect the following conditions:
- avoid any conflict of interest and comply with the principles of transparency, non-
discrimination and sound financial management
- for the selection procedure and criteria:
- publish open calls widely (including on the Funding & Tenders Portal and the
beneficiaries’ websites)
- keep open calls open for at least two months
- inform recipients of call updates (if any) and the outcome of the call (list of
selected projects, amounts and names of selected recipients)
Specific rules for JU actions
JU actions must contribute to the long-term implementation of the JU partnership, including
the JU Strategic Research and Innovation Agenda, the JU objectives and the exploitation of
research and innovation results.
Moreover, when implementing JU actions, the members and contributing partners of the Joint
Undertaking must fulfil their obligations regarding contributions to the Joint Undertaking:
- the description of the action in Annex 1 must include, for beneficiaries, affiliated
entities, associated partners or other participants or third parties which are members or
contributing partners, the estimated contributions to the action, i.e.:
- in-kind contributions to operational activities (‘IKOP’; if applicable)
- in-kind contributions to additional activities linked to the action (‘IKAA’; if
applicable)
- financial contributions (‘FC’; if applicable)
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
8
- the contributions must be reported during the implementation of the action in the
Portal Continuous Reporting tool
- at the end of the action, the members and contributing partners that have not received
funding under the grant must ensure that financial and in-kind contributions of EUR
430 000 or more (see Article 21) are supported by statements of contributions (CS)
and certificates on the statements of contributions (CCS) which fulfil the following
conditions:
- be provided by a qualified approved external auditor which is independent and
complies with Directive 2006/43/EC (or for public bodies: by a competent
independent public officer)
- the verification must be carried out according to the highest professional
standards to ensure that the statements of contributions comply with the
provisions under the Agreement and the applicable JU Regulation, that the
contributions cover activities that are part of the action and that they have not
been reimbursed by the grant
- contributions must comply with the following conditions:
- costs covered by financial contributions cannot be claimed for reimbursement
under the JU grant.
The beneficiaries must comply with the additional IPR, dissemination and exploitation
obligations set out in the call conditions (Article 16 and Annex 5), in particular:
- for all JU grants: the granting authority right to object to transfers or licensing also
applies to results generated by beneficiaries not having received funding under the
grant.
In addition to the obligations set out in Article 17, communication and dissemination
activities as well as infrastructure, equipment or major results funded under JU actions must
moreover display the Joint Undertaking’s special logo:
and the following text:
“The project is supported by the [insert JU name] and its members [OPTION for actions with national
contribution top-ups: (including top-up funding by [name of the national funding authority])].”
For EuroHPC JU grants, the beneficiaries must respect the following conditions when
implementing actions with national contribution top-ups from Participating States:
- the beneficiaries must ensure visibility of the national contributions (see below)
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
9
- the payment deadlines for prefinancing, interim or final payments are automatically
suspended if a national funding authority is late with its payments to the Joint
Undertaking for the national contribution top-up
- the European Anti-Fraud Office (OLAF), European Public Prosecutor’s Office
(EPPO), European Court of Auditors (ECA), the National Court of Auditors and other
national authorities can exercise their control rights on the project implementation and
costs declared, including for the national contribution top-up.
Specific rules for blending operations
When implementing blending operations, the beneficiaries acknowledge and accept that:
- the grant depends on the approved financing from the Implementing Partner and/or
public or private investors for the project
- they must inform the granting authority both about the approval for financing and the
financial close — within 15 days
- the payment deadline for the first prefinancing is automatically suspended until the
granting authority is informed about the approval for financing
- both actions will be managed and monitored in parallel and in close coordination with
the Implementing Partner, in particular:
- all information, data and documents (including the due diligence by the
Implementing Partner and the signed agreement) may be exchanged and may be
relied on for the management of the other action (if needed)
- issues in one action may impact the other (e.g. suspension or termination in one
action may lead to suspension also of the other action; termination of the grant
will normally suspend and exit from further financing and vice versa, etc.)
- the granting authority may disclose confidential information also to the Implementing
Partner.
Associated with document Ref. Ares(2022)8826230 - 19/12/2022
Commission européenne/Europese Commissie, 1049 Bruxelles/Brussel, BELGIQUE/BELGIË - Tel. +32 22991111
This electronic receipt is a digitally signed version of the document submitted by your
organisation. Both the content of the document and a set of metadata have been digitally
sealed.
This digital signature mechanism, using a public-private key pair mechanism, uniquely
binds this eReceipt to the modules of the Funding & Tenders Portal of the European
Commission, to the transaction for which it was generated and ensures its full integrity.
Therefore a complete digitally signed trail of the transaction is available both for your
organisation and for the issuer of the eReceipt.
Any attempt to modify the content will lead to a break of the integrity of the electronic
signature, which can be verified at any time by clicking on the eReceipt validation
symbol.
More info about eReceipts can be found in the FAQ page of the Funding & Tenders
Portal.
(https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/support/faq)
| Nimi | K.p. | Δ | Viit | Tüüp | Org | Osapooled |
|---|---|---|---|---|---|---|
| Kvantside projekti aruanne | 26.06.2025 | 1 | 1-17/2445-1 🔒 | Sissetulev kiri | mkm | Riigi Infokommunikatsiooni Sihtasutus |
| Leping | 05.07.2024 | 357 | 1-7/24-0186 | Leping | mkm | |
| Leping | 20.12.2023 | 555 | 1-7/23-0683 | Leping | mkm | |
| Käskkiri | 19.12.2023 | 556 | 1.8-5/2023/5134-1 | Sissetulev kiri | mkm | Rahandusministeerium |
| Leping | 18.12.2023 | 557 | 1-7/23-0675 | Leping | mkm | |
| Leping | 26.10.2023 | 610 | 1-7/23-0603 🔒 | Leping | mkm | |
| Leping | 25.10.2023 | 611 | 5-4/600 | Leping | mkm | |
| Leping | 23.09.2023 | 643 | 1-7/23-0560 | Leping | mkm | |
| Leping | 22.09.2023 | 644 | 1-7/23-0558 | Leping | mkm | |
| Leping | 20.09.2023 | 646 | 1-7/23-0553 🔒 | Leping | mkm | |
| Leping | 08.09.2023 | 658 | 1-7/23-543 | Leping | mkm | |
| Leping | 29.06.2023 | 729 | 1-7/23-417 | Leping | mkm | |
| Leping | 28.06.2023 | 730 | 1-7/23-0411 🔒 | Leping | mkm | |
| Volikiri | 20.12.2022 | 920 | 254 | Käskkiri | mkm |