Cyprus has received two reasoned opinions, the last stage before being referred to the Court of Justice of the EU, over the transposition of a directive on the application of ETS rules to the aviation sector, as well as for not transposing to its national law rules on cybersecurity in critical sectors.

The Commission also opened an infringement procedure against Cyprus and other countries for not transmitting complete customs data.

The infringements are part of the Commission’s May package of infringement decisions, concerning the violation of EU legislations by member states or incorrect or incomplete transposition into national law. The package also included a referral of Cyprus to the CoJ over waste rules, and a referral over the application of the Digital Services Act.

The Commission sent reasoned opinions to Cyprus (INFR(2024)0021), as well as Belgium, Bulgaria, Estonia, Spain, Latvia, Hungary, Poland, Romania, Slovenia and Finland for not transposing or only partly transposing into national law the Directive 2023/958 regarding the revised EU ETS rules applying to the aviation sector, which had a transposition deadline of 31 December 2023. The amendments raise the ambition in the aviation sector and implement the Carbon Offsetting and Reduction Scheme for International Aviation.

The Commission also sent reasoned opinions to Cyprus and another 18 member states (Bulgaria, Czechia, Denmark, Germany, Estonia, Ireland, Spain, France, Latvia, Luxembourg, Hungary, the Netherlands, Austria, Poland, Portugal, Slovenia, Finland and Sweden) for failing to notify full transposition of the NIS2 Directive (Directive (EU) 2022/2555).

Member States had to transpose the NIS2 Directive into national law by 17 October 2024. The NIS2 Directive aims to ensure a high level of cybersecurity across the EU. It covers entities operating in critical sectors such as public electronic communications services, ICT service management, digital services, wastewater and waste management, space, health, energy, transport, manufacturing of critical products, postal and courier services, and public administration.

Finally, the Commission opened infringement procedures by sending letters of formal notice to Cyprus (INFR(2025)2010), Denmark, France, Austria, Portugal and Romania for failing to transmit complete customs data to the Commission.

These Member States were to transmit specific customs data to the Commission through SURV3, an EU-operated digital system accessible to national customs authorities, by 1 January 2024 according to the Union Customs Code [Regulation (Eu) No. 952/2013] and its Implementing Regulation [UCC-IA, Regulation No. 2015/2447].

The SURV3 IT system ensures the collection and monitoring of customs data across the European Union, facilitating the uniform application of customs controls, effective risk management, and compliance with EU border measures.