1.The operator shall identify sources of risks of errors in the data flow from primary data to final data in the baseline data report and shall establish, document, implement and maintain an effective control system to ensure that the reports resulting from data flow activities do not contain misstatements and are in conformity with the monitoring methodology plan and in compliance with this Regulation.
The operator shall make the risk assessment pursuant to the first subparagraph available to the [F1regulator] upon request. The operator shall also make it available for the purposes of verification.
2.For the purpose of the first subparagraph of paragraph 1, the operator shall establish, document, implement and maintain written procedures for data flow activities as well as for control activities, and include references to those procedures in the monitoring methodology plan in accordance with Article 8(3).
3.Control activities referred to in paragraph 2 shall include, where applicable:
(a)quality assurance of the relevant measurement equipment;
(b)quality assurance of information technology systems ensuring that the relevant systems are designed, documented, tested, implemented, controlled and maintained in a way that ensures processing reliable, accurate and timely data in accordance with the risks identified in accordance with paragraph 1;
(c)segregation of duties in the data flow activities and control activities, as well as management of necessary competencies;
(d)internal reviews and validation of data;
(e)corrections and corrective action;
(f)control of out-sourced processes;
(g)keeping records and documentation including the management of document versions.
4.For the purposes of paragraph 3(a), the operator shall ensure that all relevant measuring equipment is calibrated, adjusted and checked at regular intervals including prior to use, and checked against measurement standards traceable to international measurement standards, where available, and proportionate to the risks identified.
Where components of the measuring systems cannot be calibrated, the operator shall identify those in the monitoring methodology plan and propose alternative control activities.
When the equipment is found not to comply with required performance, the operator shall promptly take necessary corrective action.
5.For the purposes of paragraph 3(d), the operator shall review and validate data resulting from the data flow activities referred to in paragraph 2.
Such review and validation of the data shall include:
(a)a check as to whether the data are complete;
(b)a comparison of the data that the operator has determined over the preceding baseline period and, in particular, consistency checks based on time series of greenhouse gas efficiency of each sub-installation;
(c)a comparison of data and values resulting from different operational data collection systems, in particular for production protocols, sales figures and stock figures of products to which product benchmarks relate;
(d)comparisons and completeness checks of data at installation and sub-installation level for ensuring that the requirements laid down in Article 10(5) are fulfilled.
6.For the purposes of paragraph 3(e), the operator shall ensure that, where data flow activities or control activities are found not to function effectively, or not to respect the rules set in the documentation of procedures for those activities, corrective action is taken and affected data is corrected without undue delay.
7.For the purposes of paragraph 3(f), where the operator outsources one or more data flow activities or control activities referred to in paragraph 1, the operator shall proceed to all of the following:
(a)check the quality of the outsourced data flow activities and control activities in accordance with this Regulation;
(b)define appropriate requirements for the outputs of the outsourced processes as well as the methods used in those processes;
(c)check the quality of the outputs and methods referred to in point (b) of this paragraph;
(d)ensure that outsourced activities are carried out such that those are responsive to the inherent risks and control risks identified in the risk assessment referred to in paragraph 1.
8.The operator shall monitor the effectiveness of the control system, including by carrying out internal reviews and taking into account the findings of the verifier during the verification of reports for the purposes of Article 4(2).
When the operator finds the control system ineffective or not commensurate with the risks identified, it shall seek to improve the control system and update the monitoring methodology plan or the underlying written procedures for data flow activities, risk assessments and control activities, as appropriate.
Textual Amendments
F1Words in Regulation substituted (31.12.2020) by The Greenhouse Gas Emissions Trading Scheme (Amendment) Order 2020 (S.I. 2020/1557), art. 2(2), Sch. 1 para. 2