Next to these data protection specific supervisory mechanisms, Europol is accountable to Member States via its Management Board and ultimately the Council through an existing, politically- and legally-agreed framework. Budgetary supervision is carried out by the budgetary authority consisting of both the Council and the European Parliament, in the same way as for other EU agencies. The European Court of Auditors also plays an important role in this regard.
Last but not least any individual who has suffered damage as a result of an unlawful data processing operation has the right to receive compensation for damage suffered, either from Europol in accordance with Article 340 TFEU, or from the Member State in which the event that gave rise to the damage occurred, in accordance with its national law. The individual shall bring an action against Europol before the Court of Justice of the European Union, or against the Member State before a competent national court of that Member State.
