Regulation (EU) 2023/203
(a) The competent authority shall verify:
(1) compliance with the requirements applicable to organisations or persons prior to the issue of an organisation certificate, approval, FSTD qualification certificate or personnel licence, certificate, rating, or attestation, as applicable;
(2) continued compliance with the requirements applicable to the persons holding licences, ratings and certificates, the organisations it has certified, the holders of a FSTD qualification and the organisations from which it received a declaration;
(3) implementation of appropriate safety measures mandated by the competent authority as defined in ARA.GEN.135(c) and (d).
(b) This verification shall:
(1) be supported by documentation specifically intended to provide personnel responsible for safety oversight with guidance to perform their functions;
(2) provide the persons and organisations concerned with the results of safety oversight activity;
(3) be based on audits and inspections, including ramp and unannounced inspections; and
(4) provide the competent authority with the evidence needed in case further action is required, including the measures foreseen by ARA.GEN.350 and ARA.GEN.355.
(c) The scope of oversight defined in (a) and (b) shall take into account the results of past oversight activities and the safety priorities.
(d) Without prejudice to the competences of the Member States and to their obligations as set out in ARO.RAMP, the scope of the oversight of activities performed in the territory of a Member State by persons or organisations established or residing in another Member State shall be determined on the basis of the safety priorities, as well as of past oversight activities.
(e) Where the activity of a person or organisation involves more than one Member State or the Agency, the competent authority responsible for the oversight under (a) may agree to have oversight tasks performed by the competent authority(ies) of the Member State(s) where the activity takes place or by the Agency. Any person or organisation subject to such agreement shall be informed of its existence and of its scope.
(f) The competent authority shall collect and process any information deemed useful for oversight, including for ramp and unannounced inspections.
(g) With regard to the certification and oversight of the organisation’s compliance with point ORA.GEN.200A, in addition to complying with points (a) to (f), the competent authority shall review any approval granted under point IS.I.OR.200(e) of this Regulation or point IS.D.OR.200(e) of Delegated Regulation (EU) 2022/1645 following the applicable oversight audit cycle and whenever changes are implemented in the scope of work of the organisation.
[applicable from 22 February 2026 — Implementing Regulation (EU) 2023/203]
AMC1 ARA.GEN.300(a);(b);(c) Oversight
ED Decision 2020/018/R
EVALUATION OF APPROVED TRAINING ORGANISATIONS’ OPERATIONAL SAFETY RISK ASSESSMENT
As part of the initial certification or the continuing oversight of an ATO, the competent authority should normally evaluate its safety risk assessment processes related to hazards identified by the ATO as having an interface with its operations. These safety risk assessments should be identifiable processes of the ATO’s management system. As part of its continuing oversight, the competent authority should also remain satisfied as to the effectiveness of these safety risk assessments.
(a) General methodology for operational hazards
(1) The competent authority should establish a methodology for evaluating the safety risk assessment processes of the ATO’s management system.
(2) When related to operational hazards, the competent authority’s evaluation under its normal oversight process should be considered satisfactory if the ATO demonstrates its competence and capability to:
(i) understand the hazards identified and their consequences on its operations;
(ii) be clear on where these hazards may exceed acceptable safety risk limits;
(iii) identify and implement mitigations including suspension of operations where mitigation cannot reduce the risk to within safety risk limits;
(iv) develop and execute effectively, robust procedures for the preparation and the safe operation of the flights subject to the hazards identified;
(v) assess the competence and currency of its staff in relation to the duties for the intended operations and implement any necessary training; and
(vi) ensure sufficient numbers of qualified and competent staff for such duties.
(3) The competent authority should take into account:
(i) the ATO’s recorded mitigations for each unacceptable risk identified are in place;
(ii) the operational procedures specified by the ATO with the most significance to safety appear to be robust; and
(iii) that the staff on which the ATO depends in respect of those duties necessary for the intended operations are trained and assessed as competent in the relevant procedures.
EVALUATION OF APPROVED TRAINING ORGANISATIONS’ VOLCANIC ASH SAFETY RISK ASSESSMENT
(b) In addition to the general methodology for operational hazards, the competent authority’s evaluation under its normal oversight process should also assess the ATO’s competence and capability to:
(1) choose the correct information sources to use to interpret the information related to volcanic ash contamination forecast and to resolve correctly any conflicts among such sources; and
(2) take account of all information from its type certificate holders (TCHs) concerning volcanic ash-related airworthiness aspects of the aircraft it operates, and the related preflight, in-flight and post flight precautions to be observed.
GM1 ARA.GEN.300(a);(b);(c) Oversight
ED Decision 2013/006/R
VOLCANIC ASH SAFETY RISK ASSESSMENT - ADDITIONAL GUIDANCE
Further guidance on the assessment of an ATO volcanic ash safety risk assessment is given in ICAO Doc. 9974 (Flight safety and volcanic ash – Risk management of flight operations with known or forecast volcanic ash contamination).
ED Decision 2018/009/R
ACTIVITIES WITHIN THE TERRITORY OF THE MEMBER STATE
(a) Activities performed in the territory of the Member State by persons or organisations established or residing in another Member State include:
(1) activities of organisations certified by the competent authority of any other Member State or the Agency as well as activities of organisations having declared their activities to the competent authority of any other Member State;
(2) activities of persons holding a licence, certificate, rating, or attestation issued by the competent authority of any other Member State; and
(3) activities of persons making declarations to the competent authority of any other Member State.
(b) Audits and inspections of such activities, including ramp and unannounced inspections, should be prioritised towards those areas of greater safety concern, as identified through the analysis of data on safety hazards and their consequences in operations.
ARA.GEN.330A Changes to the information security management system
Regulation (EU) 2023/203
(a) With regard to changes managed and notified to the competent authority in accordance with the procedure set out in point IS.I.OR.255(a) of Annex II (Part-IS.I.OR) to Implementing Regulation (EU) 2023/203, the competent authority shall include the review of such changes in its continuing oversight in accordance with the principles laid down in point ARA.GEN.300. If any non-compliance is found, the competent authority shall notify the organisation thereof, request further changes and act in accordance with point ARA.GEN.350.
(b) With regard to other changes requiring an application for approval in accordance with point IS.I.OR.255(b) of Annex II (Part-IS.I.OR) to Implementing Regulation (EU) 2023/203:
(1) upon receiving the application for the change, the competent authority shall check the organisation’s compliance with the applicable requirements before issuing the approval;
(2) the competent authority shall establish the conditions under which the organisation may operate during the implementation of the change;
(3) if it is satisfied that the organisation complies with the applicable requirements, the competent authority shall approve the change.
[applicable from 22 February 2026 — Implementing Regulation (EU) 2023/203]
ARA.GEN.305 Oversight programme
Regulation (EU) 2018/1119
(a) The competent authority shall establish and maintain an oversight programme covering the oversight activities required by ARA.GEN.300 and by ARO.RAMP.
(b) For organisations certified by the competent authority and FSTD qualification certificate holders, the oversight programme shall be developedtaking into account the specific nature of the organisation, the complexity of its activities, the results of past certification and/or oversight activities and shall be based on the assessment of associated risks. It shall include within each oversight planning cycle:
(1) audits and inspections, including ramp and unannounced inspections as appropriate; and
(2) meetings convened between the accountable manager and the competent authority to ensure both remain informed of significant issues.
(c) For organisations certified by the competent authority and FSTD qualification certificate holders an oversight planning cycle not exceeding 24 months shall be applied.
The oversight planning cycle may be reduced if there is evidence that the safety performance of the organisation or the FTSD qualification certificate holder has decreased.
The oversight planning cycle may be extended to a maximum of 36 months if the competent authority has established that, during the previous 24 months:
(1) the organisation has demonstrated an effective identification of aviation safety hazards and management of associated risks;
(2) the organisation has continuously demonstrated under ORA.GEN.130 that it has full control over all changes;
(3) no level 1 findings have been issued; and
(4) all corrective actions have been implemented within the time period accepted or extended by the competent authority as defined in ARA.GEN.350(d)(2).
The oversight planning cycle may be further extended to a maximum of 48 months if, in addition to the above, the organisation has established, and the competent authority has approved, an effective continuous reporting system to the competent authority on the safety performance and regulatory compliance of the organisation itself.
(ca) Notwithstanding (c), for organisations only providing training towards the LAPL, PPL, SPL or BPL and associated ratings and certificates, an oversight planning cycle not exceeding 48 months shall be applied. The oversight planning cycle shall be reduced if there is evidence that the safety performance of the organisation holder has decreased.
The oversight planning cycle may be extended to a maximum of 72 months, if the competent authority has established that, during the previous 48 months:
(1) the organisation has demonstrated an effective identification of aviation safety hazards and management of associated risks, as demonstrated by the results of the annual review in accordance with ORA.GEN.200(c);
(2) the organisation has continuously maintained control over all changes in accordance with ORA.GEN.130 as demonstrated by the results of the annual review in accordance with ORA.GEN.200(c);
(3) no level 1 findings have been issued; and
(4) all corrective actions have been implemented within the time period accepted or extended by the competent authority as defined in ARA.GEN.350(d)(2).
(d) For persons holding a licence, certificate, rating, or attestation issued by the competent authority the oversight programme shall include inspections, including unannounced inspections, as appropriate.
(e) The oversight programme shall include records of the dates when audits, inspections and meetings are due and when such audits, inspections and meetings have been carried out.
(f) Notwithstanding points (b), (c), and (ca), the oversight programme of DTOs shall be developed taking into account the specific nature of the organisation, the complexity of its activities and the results of past oversight activities and shall be based on the assessment of risks associated with the type of training provided. The oversight activities shall include inspections, including unannounced inspections, and may, as deemed necessary by the competent authority, include audits.
AMC1 ARA.GEN.305(b) Oversight programme
ED Decision 2012/006/R
SPECIFIC NATURE AND COMPLEXITY OF THE ORGANISATION, RESULTS OF PAST OVERSIGHT
(a) When determining the oversight programme for an organisation the competent authority should consider in particular the following elements, as applicable:
(1) the implementation by the organisation of industry standards, directly relevant to the organisation’s activity subject to this Regulation;
(2) the procedure applied for and scope of changes not requiring prior approval;
(3) specific approvals held by the organisation;
(4) specific procedures implemented by the organisation related to any alternative means of compliance used.
(b) For the purpose of assessing the complexity of an organisation’s management system, AMC1 ORA.GEN.200(b) should be used.
(c) Regarding results of past oversight, the competent authority should also take into account relevant results of ramp inspections of organisations it has certified that were performed in other Member States in accordance with ARO.RAMP.
AMC1 ARA.GEN.305(b)(1) Oversight programme
ED Decision 2012/006/R
AUDIT
(a) The oversight programme should indicate which aspects of the approval will be covered with each audit.
(b) Part of an audit should concentrate on the organisation’s compliance monitoring reports produced by the compliance monitoring personnel to determine if the organisation is identifying and correcting its problems.
(c) At the conclusion of the audit, an audit report should be completed by the auditing inspector, including all findings raised.
AMC2 ARA.GEN.305(b)(1) Oversight programme
ED Decision 2012/006/R
RAMP INSPECTIONS
When conducting a ramp inspection of aircraft used by organisations under its regulatory oversight the competent authority should, in as far as possible, comply with the requirements defined in ARO.RAMP.
AMC1 ARA.GEN.305(b);(c) Oversight programme
ED Decision 2012/006/R
INDUSTRY STANDARDS
(a) For organisations having demonstrated compliance with industry standards, the competent authority may adapt its oversight programme, in order to avoid duplication of specific audit items.
(b) Demonstrated compliance with industry standards should not be considered in isolation from the other elements to be considered for the competent authority’s risk-based oversight.
(c) In order to be able to credit any audits performed as part of certification in accordance with industry standards, the following should be considered:
(1) the demonstration of compliance is based on certification auditing schemes providing for independent and systematic verification;
(2) the existence of an accreditation scheme and accreditation body for certification in accordance with the industry standards has been verified;
(3) certification audits are relevant to the requirements defined in Annex VII (Part-ORA) and other Annexes to this Regulation as applicable;
(4) the scope of such certification audits can easily be mapped against the scope of oversight in accordance with Part-ORA;
(5) audit results are accessible to the competent authority and open to exchange of information in accordance with Article 15(1) of Regulation (EC) No 216/2008; and
(6) the audit planning intervals of certification audits i.a.w. industry standards are compatible with the oversight planning cycle.
AMC1 ARA.GEN.305(c) Oversight programme
ED Decision 2012/006/R
OVERSIGHT PLANNING CYCLE
(a) When determining the oversight planning cycle and defining the oversight programme, the competent authority should assess the risks related to the activity of each organisation and adapt the oversight to the level of risk identified and to the organisation’s ability to effectively manage safety risks.
(b) The competent authority should establish a schedule of audits and inspections appropriate to each organisation. The planning of audits and inspections should take into account the results of the hazard identification and risk assessment conducted and maintained by the organisation as part of the organisation’s management system. Inspectors should work in accordance with the schedule provided to them.
(c) When the competent authority, having regard to an organisation's safety performance, varies the frequency of an audit or inspection it should ensure that all aspects of the organisation’s activity are audited and inspected within the applicable oversight planning cycle.
(d) The section(s) of the oversight programme dealing with ramp inspections should be developed based on geographical locations, taking into account aerodrome activity, and focusing on key issues that can be inspected in the time available without unnecessarily delaying the operations.
AMC2 ARA.GEN.305(c) Oversight programme
ED Decision 2012/006/R
OVERSIGHT PLANNING CYCLE
(a) For each organisation certified by the competent authority and each FSTD qualification certificate holder all processes should be completely audited at periods not exceeding the applicable oversight planning cycle. The beginning of the first oversight planning cycle is normally determined by the date of issue of the first certificate. If the competent authority wishes to align the oversight planning cycle with the calendar year, it should shorten the first oversight planning cycle accordingly.
(b) The interval between two audits for a particular process should not exceed the interval of the applicable oversight planning cycle.
(c) Audits should include at least one on-site audit within each oversight planning cycle. For organisations exercising their regular activity at more than one site, the determination of the sites to be audited should consider the results of past oversight, the volume of activity at each site, as well as main risk areas identified.
(d) For organisations holding more than one certificate, the competent authority may define an integrated oversight schedule to include all applicable audit items. In order to avoid duplication of audits, credit may be granted for specific audit items already completed during the current oversight planning cycle, subject to four conditions:
(1) the specific audit item should be the same for all certificates under consideration;
(2) there should be satisfactory evidence on record that such specific audit items were carried out and that all corrective actions have been implemented to the satisfaction of the competent authority;
(3) the competent authority should be satisfied that there is no reason to believe standards have deteriorated in respect of those specific audit items being granted a credit;
(4) the interval between two audits for the specific item being granted a credit should not exceed the applicable oversight planning cycle.
AMC1 ARA.GEN.305(d) Oversight programme
ED Decision 2012/006/R
PERSONS HOLDING A LICENCE, CERTIFICATE, RATING OR ATTESTATION
The oversight of persons holding a licence, certificate, rating or attestation should normally be ensured as part of the oversight of organisations. Additionally, the competent authority should verify compliance with applicable requirements when endorsing or renewing ratings.
To properly discharge its oversight responsibilities, the competent authority should perform a certain number of unannounced verifications.
AMC1 ARA.GEN.305(f) Oversight programme
ED Decision 2018/009/R
(a) When determining the oversight programme for organisations that have declared their activities, the competent authority should make a selection of the DTOs to be inspected based on the elements specified in point ARA.GEN.305(f).
(b) For each selected DTO, an inspection is a sample inspection of the predefined inspection criteria on the basis of key risk elements and the applicable requirements.
(c) The results of past oversight activities should include information from the DTO’s annual internal review and the DTO’s annual activity reports as well as information from the verification of the DTO’s training programme for Part-FCL compliance and occurrence reports linked to the activity of the DTO, if applicable.
(d) The oversight programme should follow a risk-based approach and should be developed on a yearly basis. At least one inspection should be performed for each DTO not later than 72 months starting from the date on which the declaration was received or, subsequently, the last inspection, as applicable.
(e) Additional inspections or unannounced inspections to specific DTOs may be included in the oversight programme on the basis of the elements specified in point ARA.GEN.305(f).
AMC2 ARA.GEN.305(f) Oversight programme
ED Decision 2018/009/R
An inspection of a DTO should at least focus on:
(a) the existence of a safety policy statement and its adequacy regarding the DTO activities;
(b) the existence of appropriate measures aiming to achieve the objectives of the safety policy including risk mitigation measures, results of annual reviews and respective corrective actions, if applicable;
(c) flight training in accordance with the DTO training programme, its conduct and standards as well as training records;
(d) training aircraft in use, including their registration, associated documents and maintenance records;
(e) use of FSTDs;
(f) operating sites and associated facilities as appropriate; and
(g) information on flight instructors and on the validity of their licences, certificates, ratings and logbooks.
ARA.GEN.310 Initial certification procedure – organisations
Regulation (EU) No 1178/2011
(a) Upon receiving an application for the initial issue of a certificate for an organisation, the competent authority shall verify the organisation’s compliance with the applicable requirements.
(b) When satisfied that the organisationis in compliance with the applicable requirements, the competent authority shall issue the certificate(s), as established in Appendixes III and V to this Part. The certificate(s) shall be issued for an unlimited duration. The privileges and scope of the activities that the organisation is approved to conduct shall be specified in the terms of approval attached to the certificate(s).
(c) To enable an organisation to implement changes without prior competent authority approval in accordance with ORA.GEN.130, the competent authority shall approve the procedure submitted by the organisation defining the scope of such changes and describing how such changes will be managed and notified.
AMC1 ARA.GEN.310(a) Initial certification procedure − organisations
ED Decision 2012/006/R
VERIFICATION OF COMPLIANCE
(a) In order to verify the organisation’s compliance with the applicable requirements, the competent authority should conduct an audit of the organisation, including interviews of personnel and inspections carried out at the organisation’s facilities.
(b) The competent authority should only conduct such audit after being satisfied that the application shows compliance with the applicable requirements.
(c) The audit should focus on the following areas:
(1) detailed management structure, including names and qualifications of personnel required by ORA.GEN.210 and adequacy of the organisation and management structure;
(2) personnel:
(i) adequacy of number and qualifications with regard to the intended terms of approval and associated privileges;
(ii) validity of licences, ratings, certificates or attestations as applicable;
(3) processes for safety risk management and compliance monitoring;
(4) facilities – adequacy with regard to the organisation’s scope of work;
(5) documentation based on which the certificate should be granted (organisation documentation as required by Part-ORA, including technical manuals, such as operations manual or training manual).
(d) In case of non-compliance, the applicant should be informed in writing of the corrections that are required.
(e) In cases where an application for an organisation certificate is refused, the applicant should be informed of the right of appeal as exists under national law.
ARA.GEN.315 Procedure for issue, revalidation, renewal or change of licences, ratings, certificates or attestations – persons
Regulation (EU) No 1178/2011
(a) Upon receiving an application for the issue, revalidation, renewal or change of a personal licence, rating, certificate or attestation and any supporting documentation, the competent authority shall verify whether the applicant meets the applicable requirements.
(b) When satisfied that the applicant meets the applicable requirements, the competent authority shall issue, revalidate, renew or change the licence, certificate, rating, or attestation.
AMC1 ARA.GEN.315(a) Procedure for issue, revalidation, renewal or change of licences, ratings or certificates − persons
ED Decision 2021/002/R
VERIFICATION OF COMPLIANCE
(a) In order to verify that the applicant meets the requirements, the competent authority should review the application and any supporting documents submitted, for completeness and compliance with applicable requirements.
(b) As part of the verification that the applicant meets the requirements, the competent authority should check that he/she:
(1) was not holding any personnel licence, certificate, rating, authorisation or attestation with the same scope and in the same category issued in another Member State;
(2) has not applied for any personnel licence, certificate, rating, authorisation or attestation with the same scope and in the same category in another Member State; and
(3) has never held any personnel licence, certificate, rating, authorisation or attestation with the same scope and in the same category issued in another Member State which was revoked or suspended in any other Member State.
(c) The competent authority should request the applicant to make a declaration covering items (b)(1) to (b)(3). Such declaration should include a statement that any incorrect information could disqualify the applicant from being granted a personnel licence, certificate, rating, authorisation or attestation. In case of doubts, the competent authority should contact the competent authority of the Member State where the applicant may have previously held any personnel licence, certificate, rating, authorisation or attestation.
(d) In addition to the requirements in points (a), (b) and (c) above, in order to verify that the applicant meets the requirements for revalidation or renewal under the EBT programme, the competent authority should request the applicant to provide the application and report form of Appendix 10, including the declaration of the operator as per point (b) of AMC1 to Appendix 10 — ‘Revalidation and renewal of type ratings, and revalidation and renewal of IRs when combined with the revalidation or renewal of type ratings – EBT practical assessment’.
ARA.GEN.330 Changes – organisations
Regulation (EU) 2018/1119
(a) Upon receiving an application for a change that requires prior approval, the competent authority shall verify the organisation’s compliance with the applicable requirements before issuing the approval.
The competent authority shall prescribe the conditions under which the organisation may operate during the change, unless the competent authority determines that the organisation’s certificate needs to be suspended.
When satisfied that the organisation is in compliance with the applicable requirements, the competent authority shall approve the change.
(b) Without prejudice to any additional enforcement measures, when the organisation implements changes requiring prior approval without having received competent authority approval as defined in (a), the competent authority shall suspend, limit or revoke the organisation’s certificate.
(c) For changes not requiring prior approval, the competent authority shall assess the information provided in the notification sent by the organisation in accordance with ORA.GEN.130 to verify compliance with the applicable requirements. In case of any non-compliance, the competent authority shall:
(1) notify the organisation about the non-compliance and request further changes; and
(2) in case of level 1 or level 2 findings, act in accordance with ARA.GEN.350.
(d) Notwithstanding points (a), (b) and (c), in the case of changes to the information contained in the declarations received from a DTO or to the training programme used by the DTO, notified to it in accordance with point DTO.GEN.116 of Annex VIII (Part-DTO), the competent authority shall act in accordance with the requirements of points ARA.DTO.105 and ARA.DTO.110, as applicable.
AMC1 ARA.GEN.330 Changes – organisations
ED Decision 2012/006/R
GENERAL
(a) Changes in nominated persons:
The competent authority should be informed of any changes to personnel specified in Part-ORA that may affect the certificate or terms of approval/approval schedule attached to it. When an organisation submits the name of a new nominee for any of the persons nominated as per ORA.GEN.210(b), the competent authority should require the organisation to produce a written résumé of the proposed person's qualifications. The competent authority should reserve the right to interview the nominee or call for additional evidence of his/her suitability before deciding upon his/her acceptability.
(b) A simple management system documentation status sheet should be maintained, which contains information on when an amendment was received by the competent authority and when it was approved.
(c) The organisation should provide each management system documentation amendment to the competent authority, including for the amendments that do not require prior approval by the competent authority. Where the amendment requires competent authority approval, the competent authority, when satisfied, should indicate its approval in writing. Where the amendment does not require prior approval, the competent authority should acknowledge receipt in writing within 10 working days.
(d) For changes requiring prior approval, in order to verify the organisation's compliance with the applicable requirements, the competent authority should conduct an audit of the organisation, limited to the extent of the changes. If required for verification, the audit should include interviews and inspections carried out at the organisation’s facilities.
GM1 ARA.GEN.330 Changes − organisations
ED Decision 2012/006/R
CHANGE OF NAME OF THE ORGANISATION
(a) On receipt of the application and the relevant parts of the organisation’s documentation as required by Part-ORA, the competent authority should re-issue the certificate.
(b) A name change alone does not require the competent authority to audit the organisation, unless there is evidence that other aspects of the organisation have changed.
ARA.GEN.350 Findings and corrective actions – organisations
Regulation (EU) 2020/359
(a) The competent authority for oversight in accordance with ARA.GEN.300(a) shall have a system to analyse findings for their safety significance.
(b) A level 1 finding shall be issued by the competent authority when any significant non-compliance is detected with the applicable requirements of Regulation (EC) No 216/2008 and its Implementing Rules, with the organisation’s procedures and manuals or with the terms of an approval or certificate which lowers safety or seriously hazards flight safety.
The level 1 findings shall include:
(1) failure to give the competent authority access to the organisation’s facilities as defined in ORA.GEN.140 during normal operating hours and after two written requests;
(2) obtaining or maintaining the validity of the organisation certificate by falsification of submitted documentary evidence;
(3) evidence of malpractice or fraudulent use of the organisation certificate; and
(4) the lack of an accountable manager.
(c) A level 2 finding shall be issued by the competent authority when any non-compliance is detected with the applicable requirements of Regulation (EC) No 216/2008 and its Implementing Rules, with the organisation’s procedures and manuals or with the terms of an approval or certificate which could lower safety or hazard flight safety.
(d) When a finding is detected during oversight or by any other means, the competent authority shall, without prejudice to any additional action required by Regulation (EC) No 216/2008 and its Implementing Rules, communicate the finding to the organisation in writing and request corrective action to address the non-compliance(s) identified. Where relevant, the competent authority shall inform the State in which the aircraft is registered.
(1) In the case of level 1 findings the competent authority shall take immediate and appropriate action to prohibit or limit activities and, if appropriate, it shall take action to revoke the certificate or specific approval or to limit or suspend it in whole or in part, depending upon the extent of the level 1 finding, until successful corrective action has been taken by the organisation.
(2) In the case of level 2 findings, the competent authority shall:
(i) grant the organisation a corrective action implementation period appropriate to the nature of the finding that in any case initially shall not be more than 3 months. At the end of this period, and subject to the nature of the finding, the competent authority may extend the 3-month period subject to a satisfactory corrective action plan agreed by the competent authority; and
(ii) assess the corrective action and implementation plan proposed by the organisation and, if the assessment concludes that they are sufficient to address the non-compliance(s), accept these.
(3) Where an organisation fails to submit an acceptable corrective action plan, or to perform the corrective action within the time period accepted or extended by the competent authority, the finding shall be raised to a level 1 finding and action taken as laid down in (d)(1).
(4) The competent authority shall record all findings it has raised or that have been communicated to it and, where applicable, the enforcement measures it has applied, as well as all corrective actions and date of action closure for findings.
(da) By way of derogation from paragraphs (a) to (d), in the case of DTOs, if during oversight or by any other means the competent authority finds evidence that indicates DTO non-compliance with the essential requirements set out in Annex IV to Regulation (EU) 2018/1139, with the requirements of Annex I (Part-FCL) and Annex VIII (Part-DTO) to this Regulation, or with the requirements of Annex III (Part-BFCL) to Commission Regulation (EU) 2018/395 and of Annex III (Part-SFCL) to Commission Implementing Regulation (EU) 2018/1976, the competent authority shall:
(1) raise a finding, record it, communicate it in writing to the representative of the DTO and determine a reasonable period of time within which the DTO is to take the steps specified in point DTO.GEN.150 of Annex VIII (Part-DTO);
(2) take immediate and appropriate action to limit or prohibit the training activities affected by the non-compliance until the DTO has taken the corrective action referred to in point (1), where any of the following situations occurs:
(i) a safety problem has been identified;
(ii) the DTO fails to take corrective action in accordance with point DTO.GEN.150;
(3) in respect of the training programmes referred to in point DTO.GEN.230(c) of Annex VIII (Part-DTO), limit, suspend or revoke the approval of the training programme;
(4) take any further enforcement measures necessary in order to ensure the termination of the non-compliance and, where relevant, remedy the consequences thereof.
(e) Without prejudice to any additional enforcement measures, if the authority of a Member State that acts in accordance with point ARA.GEN.300(d) identifies any non-compliance with the essential requirements set out in Annex IV to Regulation (EU) 2018/1139, with the requirements of Annex I (Part-FCL), Annex VII (Part-ORA) and Annex VIII (Part-DTO) to this Regulation, or with the requirements of Annex III (Part-BFCL) to Commission Regulation (EU) 2018/395 and of Annex III (Part-SFCL) to Commission Implementing Regulation (EU) 2018/1976 by an organisation certified by, or having made a declaration to, the competent authority of another Member State or the Agency, it shall inform that competent authority of that non‑compliance.
GM1 ARA.GEN.350 Findings and corrective actions − organisations
ED Decision 2012/006/R
TRAINING
For a level 1 finding it may be necessary for the competent authority to ensure that further training by the organisation is carried out and audited by the competent authority before the activity is resumed, dependent upon the nature of the finding.
GM1 ARA.GEN.350(e) Findings and corrective actions − organisations
ED Decision 2018/009/R
LEVELS OF FINDINGS ISSUED TO A DTO
Part-ARA requirements do not require competent authorities to categorise findings issued to a DTO. As a consequence, point ARA.GEN.350(e) does not require competent authorities to provide other competent authorities with an indication of the level of the findings issued to a DTO. However, point ARA.GEN.350(e) must not be understood as a prohibition for competent authorities to inform other competent authorities about the level of a finding in such a case, if such finding levels are used by that competent authority on a voluntary basis.
ARA.GEN.355 Findings and enforcement measures – persons
Regulation (EU) No 290/2012
(a) If, during oversight or by any other means, evidence is found by the competent authority responsible for oversight in accordance with ARA.GEN.300(a) that shows a non-compliance with the applicable requirements by a person holding a licence, certificate, rating or attestation issued in accordance with Regulation (EC) No 216/2008 and its Implementing Rules, the competent authority shall raise a finding, record it and communicate it in writing to the licence, certificate, rating or attestation holder.
(b) When such finding is raised, the competent authority shall carry out an investigation. If the finding is confirmed, it shall:
(1) limit, suspend or revoke the licence, certificate, rating or attestation as applicable, when a safety issue has been identified; and
(2) take any further enforcement measures necessary to prevent the continuation of the non-compliance.
(c) Where applicable, the competent authority shall inform the person or organisation that issued the medical certificate or attestation.
(d) Without prejudice to any additional enforcement measures, when the authority of a Member State acting under the provisions of ARA.GEN.300(d) finds evidence showing a non-compliance with the applicable requirements by a person holding a licence, certificate, rating or attestation issued by the competent authority of any other Member State, it shall inform that competent authority.
(e) If, during oversight or by any other means, evidence is found showing a non-compliance with the applicable requirements by a person subject to the requirements laid down in Regulation (EC) No 216/2008 and its Implementing Rules and not holding a licence, certificate, rating or attestation issued in accordance with that Regulation and its Implementing Rules, the competent authority that identified the non-compliance shall take any enforcement measures necessary to prevent the continuation of that non-compliance.
GM1 ARA.GEN.355(b)(1) Limitation, suspension or revocation of licences, ratings, certificates or attestations
ED Decision 2018/009/R
ENFORCEMENT MEASURES IN CASE OF NON-COMPLIANCE WITH PART-FCL
If the holder of a licence, rating, certificate or attestation does not or no longer comply with the applicable requirements, the competent authority, when acting in accordance with point ARA.GEN.355(b), should take enforcement measures which should be commensurate with the nature of the non-compliance. For example, if the training required for the issuing of the pilot licence was not fully completed as required, the competent authority may decide, subject to the amount and nature of the missing training elements, to suspend the licence in accordance with point ARA.FCL.250 until the missing training elements and a new skill test have been completed rather than revoking the licence.
GM1 ARA.GEN.355(e) Findings and enforcement measures – persons
ED Decision 2018/009/R
This provision is necessary to ensure that enforcement measures will be taken also in cases where the competent authority may not act on the licence, certificate or attestation. The type of enforcement measure will depend on the applicable national law and may include for example the payment of a fine or the prohibition from exercising.
It covers two cases:
(a) persons subject to the requirements laid down in Regulation (EC) No 216/2008 and its Implementing Rules who are not required to hold a licence, certificate or attestation - for example general medical practitioners (GMPs); and
(b) persons who are required to hold a licence, rating, certificate or attestation, but who do not hold the appropriate licence, rating, certificate or attestation as required for the activity they perform.
ARA.GEN.360 Change of competent authority
Regulation (EU) 2020/359
(a) Upon receiving a licence holder’s request for a change of competent authority as specified in point FCL.015(e) of Annex I (Part-FCL), point BFCL.015(f) of Annex III (Part-BFCL) to Commission Regulation (EU) 2018/395 or point SFCL.015(f) of Annex III (Part-SFCL) to Commission Implementing Regulation (EU) 2018/1976, the receiving competent authority shall, without undue delay, request the competent authority of the licence holder to transfer, without undue delay, all of the following:
(1) a verification of the licence;
(2) copies of the licence holder’s medical records kept by that competent authority in accordance with points ARA.GEN.220 and ARA.MED.150. The medical records shall be transferred in accordance with point MED.A.015 of Annex IV (Part-MED) and shall include a summary of the relevant medical history of the applicant, verified and signed by the medical assessor.
(b) The transferring competent authority shall keep the licence holder’s original licensing and medical records in accordance with points ARA.GEN.220, ARA.FCL.120 and ARA.MED.150.
(c) The receiving competent authority shall, without undue delay, reissue the licence and medical certificate provided that it has received and processed all documents specified in point (a). Upon the reissuance of the licence and medical certificate, the receiving competent authority shall immediately request the licence holder to surrender to it the licence issued by the transferring competent authority and the associated medical certificate.
(d) The receiving competent authority shall immediately notify the transferring competent authority once it has reissued the licence and medical certificate to the licence holder and the licence holder has surrendered the licence and medical certificate pursuant to point (c). Until such a notification is received, the transferring competent authority remains responsible for the licence and the medical certificate originally issued to that licence holder.
AMC1 ARA.GEN.360(a) Change of competent authority
ED Decision 2020/005/R
When transferring the summary of the applicant’s relevant medical history and copies of medical records to the receiving competent authority in accordance with point ARA.GEN.360(a), the transferring competent authority should include at least all of the following:
(a) copies of:
(1) the most recent aeromedical report containing the detailed results of the aeromedical examinations and assessments that are required for the class of medical certificate;
(2) the application form, examination form, and medical certificate issued;
(3) the most recent electrocardiogram (ECG), ophthalmological and ear-nose-throat (ENT), including audiometry, examination reports, as applicable for the class of medical certification;
(4) the initial medical examination or the supporting documents for the last medical-file transfer between licensing authorities; where this is not available, a copy of the medical report from the last three aeromedical examinations should be transferred as an alternative;
(5) the mental health assessment, as applicable for the class of medical certificate; and
(6) any other relevant medical documentation; and
(b) the ‘Summary of medical history’ form of AMC1 ARA.GEN.360(a)(2), filled in and signed by the medical assessor.
AMC1 ARA.GEN.360(a)(1) Change of competent authority
ED Decision 2020/005/R
LICENCE VERIFICATION FORM
In this form, ‘issuing competent authority of the license’ means the ‘transferring competent authority’ of ARA.GEN.360.
AMC1 ARA.GEN.360(a)(2) Change of competent authority
ED Decision 2020/005/R
SUMMARY OF MEDICAL HISTORY — FORM FOR THE TRANSFER OF MEDICAL RECORDS
If there is insufficient space on this form for any information, please use additional pages.
CERTIFICATION |
||
I, Dr ____________________________, as medical assessor of the (NAA name) ________________________________________________________, certify that the details given above and on any additional pages included are true, complete, and correct. |
||
Date |
Signature |
Licensing authority and stamp/seal |
GM1 ARA.GEN.360 Change of competent authority
ED Decision 2020/005/R
APPLICATION FORM FOR CHANGE OF COMPETENT AUTHORITY
In this form, ‘current competent authority’ means the ‘transferring competent authority’ of ARA.GEN.360, and ‘future competent authority’ means the ‘receiving competent authority’ of ARA.GEN.360.
GM2 ARA.GEN.360 Change of competent authority
ED Decision 2020/005/R
LICENCE VERIFICATION
The licence verification includes the verification of all associated privileges, ratings, certificates, and endorsements that were obtained in accordance with the technical requirements of Regulations (EU) No 1178/2011, (EU) 2018/395, and (EU) 2018/1976. This means that for example, senior examiner privileges are not included.
AVAILABLE RECORDS
Available medical records are all medical records of the licence holder that are related to the history of the medical certificate.
RECORDS
Original licensing and medical records are the original records of the licence holder or electronic records kept by the competent authority.
VALIDITY PERIODS
When reissuing the licence(s) and medical certificate(s), the receiving competent authority should ensure that the validity periods and limitations (if any) are in accordance with the ones of the licence(s) and medical certificate(s) transferred.
PROCESSING
Processing all documents means that the receiving competent authority checks the completeness, and correctness of all the information provided by the transferring competent authority and asks the transferring competent authority for clarification, if needed. If by any means, the receiving competent authority becomes aware of non-compliance with the essential requirements of Annex IV to the Basic Regulation or with the requirements of Regulations (EU) No 1178/2011, (EU) 2018/395, and (EU) 2018/1976 during the processing of the documents, it should reject the application for change of competent authority and inform the transferring competent authority in accordance with its national administration rules.
GM3 ARA.GEN.360 Change of competent authority
ED Decision 2020/005/R
The competent authority can establish and implement its administrative procedures as it considers appropriate. The following practical guidance is considered best practice that may facilitate the work of, and coordination between, competent authorities.
CASES OF SUSPENSION, REVOCATION, OR CURRENT INVESTIGATION
In case of suspension of a licence or medical certificate, the competent authority responsible for the suspension is the only one entitled to remove the suspension. Therefore, a licence holder with a suspended licence or medical certificate cannot apply for change of competent authority until the suspension is revoked.
In case of revocation of a licence, the licence holder can apply for change of competent authority. The licence holder does not immediately receive a new licence after the change of competent authority, but is able to apply for a new licence to the new authority after all necessary requirements of Annex I (Part-FCL) to Regulation (EU) No 1178/2011 and/or Annex III (Part-BFCL) to Regulation (EU) 2018/395 and/or Annex III (Part-SFCL) to Regulation (EU) 2018/1976 are met. However, the licence holder may immediately receive a medical certificate from the receiving competent authority, if applicable.
In case of revocation of a medical certificate, the certificate holder can apply for change of competent authority. The certificate holder does not immediately receive a new licence after the change of competent authority, but is able to apply for a new certificate and licence to the new authority after all necessary requirements of Annexes I (Part-FCL) and IV (Part-MED) to Regulation (EU) No 1178/2011 and/or Annex III (Part-BFCL) to Regulation (EU) 2018/395 and/or Annex III (Part-SFCL) to Regulation (EU) 2018/1976 are met.
In case of an ongoing investigation that is based on evidence of non-compliance, the licence holder cannot immediately apply for change of competent authority. Sufficient time to investigate the case should be provided to reach a conclusion whether or not the licence or medical certificate must be suspended or revoked before the licence holder can apply for change of competent authority.