Fighting fraud in EU spending: action needed
About the report Protecting the EU’s financial interests against fraud is a key responsibility of the European Commission. The Commission ‘s own Directorates-General, Executive agencies and Anti-Fraud Office (OLAF) work with a large number of other organisations, including authorities in the Member States and the future European Public Prosecutor’s Office (EPPO).
In this audit we assessed whether the Commission is properly managing the risk of fraudulent activities to the detriment of the EU budget. We found that the Commission lacks comprehensive and comparable data on the detected fraud level in EU spending. Moreover, it has so far not carried out any assessment of undetected fraud, nor detailed analysis of what causes economic actors to engage in fraudulent activities. This reduces the practical value and effectiveness of the Commission’s strategic plans for protecting the EU’s financial interests against fraud.
The current system, whereby OLAF’s administrative investigation of suspected fraud is followed by a criminal investigation at national level, takes up much time in a considerable number of cases and thus it decreases the chances to achieve prosecution. In addition, OLAF’s final reports often do not provide sufficient information to initiate the recovery of unduly disbursed funds. Fewer than half of OLAF investigations have led to prosecution of suspected fraudsters and resulted in recovery of less than a third of unduly paid EU money.
About this auditI
Fraud refers to any intentional act or omission designed to deceive others, resulting in the victim suffering a loss and the perpetrator achieving a gain. Fraud involving public funds is often linked with corruption, which is generally understood as any act or omission that abuses official authority, or seeks to bring about the abuse of official authority, in order to obtain undue benefit.II
The Commission and the Member States have a shared responsibility to protect the EU’s financial interests against fraud and corruption. The European anti-fraud office (OLAF) is currently the EU’s key anti-fraud body. It contributes to the design and implementation of the Commission’s anti-fraud policy and conducts administrative investigation into fraud against the EU budget. In 2020, a European Public Prosecutor Office (EPPO) will start operating, with powers to prosecute crimes against the EU’s financial interests in 22 Member States.III
As fraud prevention and detection are important for the EU’s financial management, we decided to undertake a performance audit on the Commission’s management of fraud risk in EU spending. In particular, we examined:
- the Commission’s anti-fraud strategy, its fraud prevention tools and whether it has access to appropriate data on the scale, nature and causes of fraud in EU spending;
- whether OLAF’s administrative investigations have led to prosecution and recovery.
We also considered the arrangements for establishing the EPPO and analysed whether the new body has the potential to address the current weaknesses.
What we foundV
Over the last ten years, the Commission has taken steps to fight fraud against the EU budget. In particular, it adopted the ‘Commission Anti-fraud Strategy’ (CAFS) in 2011, and each Directorate-General (DGs) or group of DGs implements its own operational anti-fraud strategy. The Commission has also established an ‘Early Detection and Exclusion System’ (EDES), and an inter-institutional panel which advises on whether to exclude economic operators from EU financing on the grounds of fraud or corruption, among other possible reasons. Each year, the Commission presents to the European Parliament and the Council a report on the ‘Protection of the Financial Interests of the Union’ (the ‘PIF report’).VI
However, we found that the Commission lacks comprehensive information on the scale, nature and causes of fraud. Its official statistics on detected fraud are not complete and it has so far not carried out any assessment of undetected fraud. Some information is available on fraud patterns and schemes used in different sectors. There is no detailed analysis to identify what causes some recipients of EU money to behave fraudulently. This lack of information reduces the practical value of the Commission’s strategic plans, such as the CAFS, which has not been updated since 2011.VII
The current approach, whereby OLAF launches administrative investigations after receiving information from other sources and whereby OLAF’s investigation of suspected fraud is often followed by a criminal investigation at national level, takes up much time in a considerable number of cases and thus it decreases the chances to achieve prosecution. As a result, OLAF investigations result in the prosecution of suspected fraudsters in about 45 % of cases. As for the recovery of unduly paid EU money, in a number of cases, the DGs find that OLAF’s Final Reports do not provide sufficient information to serve as a basis for initiating the recovery of unduly disbursed funds. In such cases, the DGs take (or outsource) further action in order to decide whether it is possible to recover the amount recommended by OLAF or they rely on evidence gathered through their own audits.VIII
We consider establishing the EPPO (in which 22 Member States will participate) to be a step in the right direction, but the current regulation poses several risks. Probably the most serious of these concerns the detection and investigation, which will be carried out primarily by the Member States’ investigators under the authority of the EPPO. The regulation does not put in place any mechanism enabling the EPPO (or any other EU body) to urge Member State authorities to allocate resources to the pro-active work necessary for the investigation of fraud in EU spending, or to the cases handled by the delegated prosecutors. Another risk is that the extensive internal consultation and translation needed for the EPPO chambers’ work may end up taking too long for criminal procedures, where time is very often the most limited resource.
What we recommendIX
Based on these observations, we consider that more drive and leadership is needed in the EU to take real action against fraud in EU spending. We therefore consider there is a clear need for the Commission, in cooperation with the Member States, to step up its fight against fraud in EU spending.X
The Commission should:
Recommendation 1: put in place a robust fraud reporting system, providing information on the scale, nature and root causes of fraud.
Recommendation 2: to achieve better coordination in tackling fraud, within the context of collegial responsibility for fraud prevention and detection, ensure that strategic fraud risk management and fraud prevention would be clearly referred to in the portfolio of one Commissioner; and adopt a new comprehensive anti-fraud strategy based on a comprehensive analysis of fraud risks.
Recommendation 3: intensify its fraud prevention activities. In particular, the Commission should:
- ensure that DGs use the early detection and exclusion system in direct and indirect management and call on the Member States to identify and flag fraudulent economic operators and the private individuals linked to them;
- urge all Member States to make active use of the ARACHNE database to prevent fraudulent and irregular use of EU funds.
Recommendation 4: reconsider OLAF’s role and responsibilities in combatting fraud in EU spending in light of the establishment of the EPPO. In particular, the Commission should propose to the European Parliament and the Council measures to give OLAF a strategic and oversight role in EU anti-fraud action.
Definition of fraud01
Fraud1 generally refers to any intentional act or omission designed to deceive others, resulting in the victim suffering a loss and the perpetrator achieving a gain. For example, if a grant beneficiary tries to intentionally mislead the funding provider in order to claim unjustifiably high expenditure, then that is fraud.02
Fraud involving public funds is sometimes linked with corruption23 , which is traditionally understood as any act or omission that abuses official authority, or seeks to bring about the abuse of official authority, in order to obtain undue benefit. For example, if a grant beneficiary bribes an official to accept unduly high expenditure, then both fraud and corruption have been committed.03
Irregularity4 is a broader concept than fraud. It is defined as any infringement of the law, which has, or would have, the effect of prejudicing the EU budget. If such breach of law has been committed intentionally, then it is fraud. Hence, what differentiates fraud from other irregularities is malicious intent on the part of the perpetrator.
Protecting the EU’s financial interests against fraud04
Article 325 of the Treaty on the Functioning of the European Union (TFEU) provides a legal basis for protecting the EU's financial interests against fraud, corruption and other illegal activities (Annex I).05
The European Commission must take the necessary measures to provide reasonable assurance that irregularities (including fraud) in the use of the EU budget are prevented, detected and corrected5. It shares this responsibility with Member States in the domain of shared management, e.g. in the Cohesion and Agriculture spending areas.06
The ‘Directive on the fight against fraud to the Union's financial interests by means of criminal law’ (the ‘PIF Directive’)6 provides for harmonised definition of offences affecting the EU’s financial interests as well as penalties and statute of limitations for such cases. This Directive was adopted on 5 July 2017. Member States have to implement it into national law by July 20197.07
There are a large number of players involved in managing the risk of fraud against the EU budget, both at EU and Member State level (Annex II). The main ones are:
- The European Anti-Fraud Office (known by the abbreviation of its name in French OLAF - ‘Office européen de lutte antifraude’) is currently the EU’s key anti-fraud body. It contributes to the design and implementation of the Commission’s anti-fraud policy. It is the only body with independent investigative powers at EU level8.
- The Commission's Directorates-General (DGs) and Executive Agencies are responsible for setting up effective fraud risk management systems in the different areas of the EU budget.
- In shared management, Member State programme authorities are required to implement an adequate anti-fraud framework. Criminal investigation and prosecution are likewise entirely under the responsibility of the national judicial authorities.
- In October 2017, twenty Member States9 decided to establish the European Public Prosecutor's Office ("the EPPO").There are 22 Member States currently participating in the EPPO. This will be an EU body with powers to investigate and prosecute crimes against the EU’s financial interests. Under Article 120(2) of the EPPO Regulation10, the body will not start operating earlier than three years after the date on which the Regulation enters into force, i.e. not before the end of 2020.
The European Court of Auditors (ECA) is the EU’s independent auditor. We examine whether all revenue has been received and all expenditure incurred in a lawful and regular manner and whether the financial management has been sound. If, during our work, we identify cases of suspected fraud, we report these cases to OLAF for preliminary analysis and possible investigation11.09
Finally, under Article 325(4) of the TFEU, the ECA must be consulted on any measures to be adopted by the legislator in the fields of the prevention of and fight against fraud affecting the EU’s financial interests. In recent years, the Commission has published several legislative proposals linked to the subject of this audit (Annex III). We have issued or our opinion on some of these proposals12.
Audit scope and approach10
Our audit assessed whether the Commission is properly managing the risk of fraud in EU spending. In particular, we examined:
- whether the Commission properly assesses the scale, nature and causes of fraud in EU spending;
- whether the Commission has an effective strategic framework for managing the risk of fraud;
- whether the Commission focuses sufficiently on preventing fraud;
- whether OLAF’s administrative investigations lead to prosecution and recovery..
We also considered whether the EPPO is likely to address the weaknesses we identified in the current set up of combating fraud in EU spending.12
Our audit focused purely on fraud in EU spending. We covered all major EU spending areas (Agriculture, Cohesion, Research and External Actions). We focused mainly on the Commission’s actions to prevent and respond to detected fraud. We did not examine OLAF’s investigations into EU revenue. Regarding OLAF’s external investigations, we focused on financial and judicial recommendations, because these are its main outputs13. Nor did we examine internal investigations against officials or other EU employees, members of institutions or bodies, or heads of offices or agencies.13
We based our observations on the following sources of evidence:
- analysis of relevant documentation (Commission and OLAF documents, ECA reports, relevant studies and research) and databases (i.e. IMS and Arachne);
- interviews with OLAF officials and officials from seven spending DGs (DG AGRI, DG EMPL, DG REGIO, DG RTD, DG DEVCO, DG CNECT and DG HOME), as well as DGs and other internal services playing an important role in the Commission’s oversight of fraud risk management (OLAF supervisory committee, SEC GEN, DG BUDG, and IAS);
- interviews with bodies external to the Commission, such as Europol and Eurojust;
- visits to Anti-Fraud Coordination Services (AFCOSs), public prosecutors’ offices and relevant ministries in four Member States (Bulgaria, Berlin and Brandenburg in Germany, Rome and Perugia in Italy and Poland);
- a survey sent to 28 Member States’ Supreme Audit Institutions (SAIs), 23 of which replied; a survey sent by Europol in the framework of this audit to their 28 national contact points, 13 of which replied;
- contributions from 15 experts (criminologists, legal and social scientists, prosecutors) who provided input and advice throughout the audit and commented on our preliminary findings.
The Commission’s insight into the scale, nature and causes of fraud is insufficient14
Fraud measurement is the first step in a properly designed and implemented approach to countering fraud. Without good core data on fraud, it is more difficult to plan and monitor anti-fraud actions.15
Fraud against corporately managed funds, such as EU money, is a hidden crime, meaning that it cannot be discovered without ex-ante or ex-post checks undertaken specifically for this purpose. Since such checks cannot be comprehensive and are not always productive, some cases remain undetected. This is compounded by the lack of any individual victims of fraud against corporately managed funds who would report such crimes and bring them to the attention of the relevant authorities. Figure 2 represents undetected fraud and the stages between the detection of a case of suspected fraud and the establishment of fraud by a court.
Because of its hidden nature, the phenomenon of fraud cannot be estimated purely on the basis of official statistics on reported and investigated cases. Sociological research methods could provide additional useful insights into the scale and nature of the problem.17
In relation to EU spending, information on the detected fraud level is recorded within three different databases (Figure 3).
OLAF – as the EU’s key anti-fraud body – is responsible for collecting and compiling statistics and information on fraud in EU spending on behalf of the Commission. Member States and candidate countries are legally14 obliged to report to OLAF, as part of the Commission, all major cases of irregularities that they have detected in EU revenue (Traditional Own Resources) and expenditure (Cohesion, Agriculture and Pre-accession funds). They are also obliged to report whether these irregularities give rise to administrative or judicial proceedings initiated at national level to establish whether behaviour was intentional (suspected fraud) or whether fraud has been established by a definitive court decision (established fraud). Thus, Member States and candidate countries must first register an irregularity and then indicate whether that irregularity was fraudulent (suspected or established fraud) or non-fraudulent. This reporting in respect of expenditure is done through an IT system called the ‘Irregularity Management System’ (IMS). OLAF is in charge of this system. Reporting in respect of revenue is done via the OWNRES system, which is managed by DG BUDG.19
OLAF has its own case management system, which provides information on closed and ongoing investigations into fraud, corruption and serious irregularities involving EU money. Member State authorities may also have their own databases for recording suspected fraud cases affecting either the financial interests of the EU or their national budgets.20
In this section, we examine the quality of information used by the Commission on detected and undetected fraud levels and the type of analysis the Commission carries out in order to identify the most typical fraud patterns and schemes, causes of fraud, and the profile of EU fraudsters. We also assess how the Commission incorporates this information into its fraud risk assessments.
Data on the detected fraud level is incomplete21
The Commission publishes the value of detected fraud, together with underlying analyses, every year in a report called the ‘PIF report’15. According to this report, detected fraud in EU spending in 2017 amounted to €390.7 million, or 0.29 % of total payments from the EU budget (Figure 4).
EU spending: detected fraud by spending area (2017)
|EU spending area||From Commission data, Member States’ and candidate countries’ reporting
(amount in million euro)
|As % of payments|
|Cohesion and fisheries*||320*||0.94 %*|
|Natural resources||60||0.11 %|
|Direct expenditure||7||0.04 %|
*For the cohesion and fisheries spending areas, which are entirely based on multi-annual programmes, the Commission suggests referring to data covering whole programming periods rather than to year-to-year changes. For the whole programming cycle 2007-13, detected fraud represents 0.44% of the payments.
Source: ECA based on PIF Report 2017 (pp. 14, 22, 24 and 25) and the Commission Staff Working Document SWD(2018) 386 final "Statistical evaluation of irregularities reported for 2017" (pp. 47, 66, 102, 103 and 106).
To calculate these figures on detected fraud, the Commission uses its own data in cases where it manages the expenditure directly and, in cases concerning expenditure under shared management, it uses data forwarded to OLAF by Member States and candidate countries via the IMS.23
Based on our audit results, outlined in the following paragraphs, we have concluded that these figures do not provide a complete picture of the detected fraud level in EU spending. This is the case for both shared management and other management modes.24
Within shared management, the Commission’s view is that the main problem of non-reporting concerns cases under investigation by prosecution services of which authorities in charge of implementing the programme in question are not aware16. Nevertheless, we have identified the following additional reasons why the scale of fraud is underreported:
- Member State authorities do not report all cases investigated by OLAF. Of the 20 OLAF cases we checked, we identified only three cases that Member State authorities had recorded in the IMS system.
- Fraudulent cases may also arise from the activities of intermediate public bodies involved in implementing an operational programme through project selection or public tendering:
- EU law17 does not require Member States authorities to report fraudulent or non-fraudulent cases where public bodies exercised the powers of a public authority and did not act as an economic operator. We found problems of underreporting in cases where public bodies act as economic operators.
- When fraudulent or non-fraudulent irregularities occur in project selection before a given project is awarded any funding, it is not always possible to identify the irregular or fraudulent project concerned in order to enter the necessary data into the IMS. We came across such cases in two Member States.
- To reduce their administrative burden, EU law obliges Member State authorities only to report fraudulent or non-fraudulent irregularities involving more than €10 000 in EU money18. For Agriculture and the European Social Fund, there are a large number of payments below the €10 000 threshold and, as a consequence, potentially fraudulent payments below the reporting threshold, which are not reported. During our audit, we identified one Member State where irregularities reported within IMS for the European Agricultural Guarantee Fund and European Agricultural Fund for Rural Development accounted for only a small share (7 %) of all irregularities detected by the Member State for these two Funds. On the other hand, from the 7 % of reported irregularities, the Member State qualified a high share (60 %) as suspected fraud.
The Commission has issued several guidelines19 on reporting irregularities and flagging them as suspected fraud. However, reporting still varies among Member States. This is mainly due to differing interpretations of ‘suspected fraud’ and ‘primary administrative or judicial finding’20. These definitions are important for determining precisely when an irregularity must be flagged as fraudulent (suspected fraud). The table in Annex IV shows that some Member States only qualify irregularities as suspected fraud after a final court decision, while others much earlier in the proceeding.26
In order to place greater emphasis on detecting and reporting fraud, in 2015 OLAF introduced two new indicators: the ‘fraud detection rate’ (FDR), which is the value of suspected or established fraud detected in a Member State as a percentage of the total payments made in that country for a given period and the fraud frequency level (FFL), which is the number of suspected or established fraud cases in a Member State as a percentage of the total number of irregularities detected in that country for a given period. A similar indicator was created for non-fraudulent irregularities (the ‘irregularity detection rate’ or IDR and the ‘irregularity frequency level’ or IFL). Figure 5 includes information on each Member State’s FDR and IDR for the Cohesion area for the period 2007-2013.27
These indicators highlight that there are significant disparities in the level (value and number of cases) of irregularities and fraud detected and reported by Member States. For example, ten Member States reported less than ten suspected fraud cases throughout the whole 2007-2013 programme period, and twelve Member States had fraud detection rates of less than 0.1 %. Eight Member States categorised more than 10 % of all reported irregularities as suspected fraud, while for 14 other Member States, it was less than 5 %.28
The Commission considers that the significant differences between Member States in terms of reporting on fraud and irregularity may be linked to the national system set-up to counter fraud rather than just to non-harmonised reporting. A more detailed analysis on the underlying reasons for these differences was not available from the Commission.29
A further indication of problems with reporting or detection is that the correlation between official statistics on reported fraud detection rates and the results of corruption risk indicators is weak (Figure 5): some countries scoring low on Transparency International’s Corruption Perception Index (CPI) or the Index of Public Integrity (IPI), and hence considered less transparent, report very few or even zero fraud cases.
The Commission does not carry out comprehensive checks on the quality of data reported in the IMS; nor does it ask Member State authorities to provide assurance as to the reliability of the data reported. Partial checks on compliance with reporting obligations are performed within the framework of system audits.31
Neither OLAF nor any other body within the Commission gathers information on criminal cases linked to EU financial interests investigated by national authorities. Member States have their own systems for recording cases under investigation, and nearly half of them do not differentiate between financial crimes affecting national interests and those affecting EU interests. As a result, neither the Commission nor such Member States have data on fraud in EU spending as a separate category.32
In the area of expenditure, directly managed by the Commission, the value of suspected fraudulent spending is based on amounts flagged as fraudulent and recorded in the Commission’s accounting system. We found that some data is not included in the value of suspected fraudulent spending. In some cases, the Commission claims back fraudulent money by offsetting this amount against future claims without establishing a formal recovery order. These cases are not always flagged as fraudulent, even though the Commission’s guidelines require this. In addition, some suspected fraudulent cases do not require an OLAF investigation, but are followed-up by DGs through audits. These cases are not always included in the reported value of fraudulent spending. The Commission has not yet established clear guidelines on how to compile this data.
The Commission lacks insight into the level of undetected fraud33
The Commission does not estimate undetected fraud. Nor has it ever carried out a crime victimisation or encounter survey focusing on fraud in EU spending. The Commission told us that it did not consider victimisation, encounter or perception surveys to be suitable tools for providing better insight into the overall scale of EU subsidy fraud, because an EU budget fraud victim survey would entail considereable costs and it is not clear to whom such sociological questions should be addressed.34
However, perception and experience-based studies have been used for measuring corruption, which is also a hidden crime. Widely accepted indicators of corruption include Transparency International’s corruption perception index and the World Bank’s control of corruption indicator (WB-CCI). These indexes use the results of perception-based studies. Such surveys are not carried out to replace official statistics, but rather to complement them.35
On top of perception-based surveys, there have also been some recent studies estimating the level of corruption risk or control of corruption using objective administrative data21.36
Within the area of Cohesion, DG REGIO has initiated a study assessing the quality of government at regional level, using public procurement data. One of the performance indicators measured was the control of corruption risks (Box 1). Having a view of regional or sectoral variation in this connection is crucial for understanding corruption risks and managing them effectively.
Study on the quality of government at regional level, using public procurement data
In 2017, DG REGIO initiated a region-by-region study on public procurement performance in EU Member States, using an innovative corruption risk indicator developed by the DIGIWHIST research project at the University of Cambridge. This method uses big data from large-scale public procurement databases (Tender Electronic Daily), company registry data and financial and ownership data22.
This corruption measurement method indicates that the variation between regions or sectors is greater than that between different countries, as comparing differences between countries masks a wide range of differences within those countries themselves.
These examples illustrate that it is in fact possible to gain insight into the scale of undetected fraud or corruption.
The Commission’s analysis of fraud patterns and fraud risks is insufficient38
Knowledge of fraud patterns contributes to accurate and up-to-date fraud risk assessments and helps in identifying and applying the relevant controls to prevent and detect fraud.39
The Commission analyses the different types of fraud in order to comply with:
- its annual obligation to present to the European Parliament and the Council a report on the measures taken by the Commission and the Member States in the fight against fraud and the result of these actions (in the PIF report) and its obligations under sectoral legislation;
- the Commission’s internal control framework, which requires a fraud risk assessment.
The 2016 PIF report includes a section on types of irregularities reported as fraudulent for both Funds in the area of Agriculture, and for the “Research and technological development” (R&TD) priority area for the period 2007-2013 in the case of the Structural Funds. The report’s analysis of modus operandi includes different types of irregularities reported as fraudulent23.41
In addition to the PIF report, OLAF has also prepared several analyses, called ‘case compendiums’, covering the main fraud patterns, vulnerabilities and red flags. These case compendiums provide a list of anonymised cases based on OLAF’s investigative work, together with data from Member States.42
These are good examples of how OLAF’s investigative knowledge and other intelligence can be used to provide timely information on the key fraud threats to the EU budget. However, these compendiums are one-off documents that are not updated on a continuous basis. OLAF has produced four such case compendiums related to fraud24, published in 2010, 2011, 2012 and 2013 respectively, but has not since published any update. For example, the most recent case compendium for Structural Funds, published in 2011, concerns the 1994-1999 and 2000-2006 programme periods.43
Currently, fraud risks are assessed at DG level. No central fraud risk assessment is carried out for the Commission as a whole and there is no corporate fraud risk register. Such information should feed the Commission’s Anti-Fraud Strategy (CAFS). The CAFS, adopted in 2011, does not include any information on whether any underlying fraud risk analysis exists or on the results of such analysis.44
We reviewed the fraud risk assessments performed by seven Commission DGs. These fraud risk assessments were based solely on an analysis of detected fraud, combining information from different internal sources (e.g. the IMS, OLAF, DGs’ audit results and ECA findings). They do not use other information coming from external sources, such as national crime statistics or official government reports, or analyses and reports by NGOs, corruption risk indicators or surveys, to complement their fraud risk analyses. Therefore, the conclusion drawn by five of the seven spending DGs that the risk of fraud is low is not based on an exhaustive analysis covering all necessary elements25.45
The information in the global fraud register created by the Chartered Institute of Public Finance and Accountancy, together with the accountancy firm Moore Stephens, suggests that the risk of fraud could be high in grant spending (which accounts for a big share of EU spending). This register is based on a global survey of over 150 accountancy and fraud risk professionals across 37 countries, in order to gauge the most serious risk areas across the globe. Respondents considered 18 different types of fraud and bribery risk, scoring them from 1 (lowest risk) to 5 (highest risk). Almost half (48 %) of all respondents surveyed said that grant fraud posed a high or very high risk, putting it at number one on the register26.46
Some of the experts we consulted are of the view that it is important to use several different methods, tailored to the type of spending, to gain a better insight into the risk, scale and nature of fraud in EU spending. For example, for the Common Agricultural Policy, where funding is mainly granted through entitlements and there is less discretion in how EU money is allocated, one potential way to measure the scale of fraudulent spending might be by measuring fraud loss. For investment projects, it might be possible to establish the risk of fraud and corruption by analysing administrative datasets (big data) such as public tendering and contracts databases, as well as grant applications and decisions. Surveying EU beneficiaries or bodies managing EU funds could also provide complementary information.
The Commission has not analysed the causes of fraud47
Neither OLAF nor the Commission DGs have carried out a detailed analysis of the main causes of fraud, or of the characteristics of the people who commit it. The Commission does not consider that identifying the motivation of fraudsters would add significant value to its fight against fraud.48
The most frequent type of suspected fraud we identify in our audits is beneficiaries artificially creating conditions to obtain access to EU funds. This modus operandi shows that fraudsters are not always organised criminals, but individuals (beneficiaries of EU funds) who intentionally break the rules in order to receive EU funds to which they believe they are legitimately entitled. Some of the experts highlighted the possibility of a causal link between the complexity of rules and fraud. Box 2 provides an example we reported in our 2014 annual report27.
Artificially creating conditions to obtain rural development aid
A number of groups of people (who were part of the same family or part of the same economic group) set up several entities for the purpose of obtaining aid which exceeds the ceiling allowed under the conditions of the investment measure. The beneficiaries declared that these entities were operating independently, but this was not the case in practice, as they were designed to function together. They were effectively part of the same economic group, with the same place of business, staff, clients, suppliers and financing sources.
A study on corruption risks in EU Member States suggests that the opportunity for discretionary spending without adequate controls increases the risk of corrupt spending28. Some of the experts highlighted similar kind of risks. It would therefore be appropriate for OLAF or the Commission DGs to analyse how the discretion in EU co-financed programmes affects the risk of fraud within a given spending area. This is particularly true in the area of shared management (e.g. the European Structural and Investment Funds), where Member State bodies distributing these funds have discretion in setting eligibility criteria and conditions.
There are weaknesses in the Commission’s strategic approach to managing the risk of fraud50
Fraud is a cross-cutting issue. Successfully reducing it, therefore, requires efforts and a wide range of actions from many parties. At the same time, however, fighting fraud is not normally the core business of any particular operational unit within an organisation. Therefore, it is good practice to designate an entity or one top manager to lead and oversee the organisation’s anti-fraud activities29. Clearly defining the roles and responsibilities of the operational units involved is also crucial, as this is the only way to avoid duplicating roles and evaluate the actual impact of each player.51
We examined whether the Commission has clear leadership and roles and responsibilities, along with appropriate oversight of fraud risk management. We also assessed whether the Commission has a well-designed anti-fraud strategy capable of guiding its day-to-day anti-fraud actions, and whether it properly measures the outputs of these actions.
Under the Commission’s governance model, responsibilities are split; however, corporate oversight of fraud risk management is insufficient52
We analysed the various bodies’ typical (most frequent) roles and responsibilities for the key fraud-related outcomes at each of the phases in combating fraud: planning, implementation and reporting (Annex V).53
Under the Commission’s governance model, the roles and responsibilities of the Commission departments involved in anti-fraud actions are split. However, corporate oversight is insufficient. Most bodies have a consultative role. The key players responsible for anti-fraud actions are the College of Commissioners, the DGs and Member State authorities.54
The President of the Commission sets out each Commissioner’s responsibilities in individual mission letters. He requires all Commissioners to ensure the sound financial management of the programmes under their responsibility, including protecting the EU budget from fraud. The mission letter of the Commissioner for Budget and Human Resources, who is responsible for OLAF, requires him to focus on “strengthening investigation of fraud against the EU budget, corruption and serious misconduct within the European institutions, by supporting the work of OLAF, whose investigative independence must be preserved”. Strategic fraud risk management and fraud prevention are not specifically referred to in the portfolio of this or any other Commissioner.55
OLAF is the EU’s key anti-fraud body and is required by Regulation (EU, Euratom) No 883/2013 (the ‘OLAF Regulation’) to contribute to developing the Commission’s anti-fraud policy. However, neither OLAF nor any other Commission service plays a major role in overseeing the planning and implementation of the Commission’s anti-fraud actions and the reporting on outputs. Given the Commission’s governance model, OLAF itself is not responsible for any decision affecting the authorised officers by delegation (AODs) or Member States. It provides guidance and recommendations to those responsible for the various anti-fraud actions (Annex V).56
The Commission shares responsibility for protecting the EU’s financial interests against fraud with Member States in the spending areas of Cohesion and Agriculture. The Commission currently lacks any regular procedures for finding out how well Member States are following-up suspected fraud cases. Nor does it have any effective mechanism for prompting Member States to take action against fraud, or for monitoring or influencing such action.57
Several other international organisations have realised the need for such monitoring mechanisms. For example, the OECD Working Group on Bribery (WGB), whose members are drawn from Member State law enforcement and judicial authorities, drives and oversees the implementation and enforcement of the OECD Anti-Bribery Convention30. The WGB has developed several procedures and practices by which it and the OECD member states can exert mutual influence to strengthen their respective capacities to implement the Convention (Box 3).
Monitoring mechanisms of the OECD Working Group on Bribery
The WGB’s main tool is a peer-review examination, where external experts assess each OECD member state’s legislation and efforts to implement it. These country monitoring reports also contain recommendations which are later carefully followed up. The WGB also monitors on a rolling basis the criminal investigations opened by member states, produces studies and soft law measures aimed at strengthening integrity in the public sector and enhancing Member States’ capacities to detect and investigate transnational corruption. This system of mutual learning and supervision has encouraged and helped the OECD member states to improve their performance in implementing the Convention.
There are weaknesses in anti-fraud strategies and reporting on their effectiveness58
The strategic framework for the Commission’s anti-fraud actions comprises both the strategy for the institution as a whole (the CAFS), adopted in 2011, and DG-level and/or sectoral anti-fraud strategies (AFS) developed by individual DGs or groups of DGs facing similar fraud risks, e.g. in Cohesion policy or research programmes. The Commission’s justification for having individual and sectoral AFSs is that a ‘one-size-fits-all’ solution would not be the most efficient way to manage the risk of fraud, and that the different players’ responsibilities vary depending on management mode and policy area.59
Although the CAFS was meant to have been completed by the end of 2014, some actions are still ongoing. As the Commission has not updated the CAFS since adopting it in 2011, we question whether it is fit to guide the Commission’s anti-fraud activities in practical terms. The Commission informed us that an update of the CAFS is being prepared and will soon be adopted.60
We examined the AFSs of seven spending DGs, covering all major spending areas: DG AGRI, DG CNECT, DG DEVCO, DG EMPL, DG HOME, DG REGIO and DG RTD. These AFSs included a number of output indicators or individual outputs supporting the set objectives. However, these objectives are only general and, in most cases, are not measurable. Of the 29 objectives we analysed, 18 involve “reinforcing”, “raising”, “fostering”, “enhancing” and “improving” some anti-fraud activities, without showing the starting point (baseline) and target value.61
The three key reports that include information on the Commission’s anti-fraud actions are the PIF report, the annual management and performance report (AMPR) and the DGs’ annual activity reports. The College of Commissioners is responsible for the former two and the individual DGs for the latter (Figure 6).
The annual PIF report presents the outputs of the Commission’s and Member States’ anti-fraud actions (e.g. revised regulations, strategies, directives or fraud awareness training), but it only assesses their effectiveness in terms of actual prevention, detection, recovery or deterrence to a limited extent. The PIF Report fulfils the obligation set out in Article 325(5) of the TFEU, which specifies that the Commission, in cooperation with Member States, must each year submit to the European Parliament and to the Council a report on the measures taken for the implementation of this Article.63
Nor does the AMPR – one of the main accountability tools of the Commission – include information on the actual results of the institution’s anti-fraud actions.64
In their annual activity reports, DGs are required to report on the results of their anti-fraud actions, based on indicators defined within annual management plans (AMPs). The DGs we analysed did not report on the effectiveness of the anti-fraud actions arising from their AFSs. Only DG EMPL and DG REGIO provided information in their 2016 AARs on outputs resulting from their use of the ARACHNE31 risk scoring tool and on their monitoring of Member States’ implementation of risk-based anti-fraud measures.
Fraud prevention has not received enough attention65
Preventing fraud before it occurs is a key element of an effective anti-fraud framework. We examined the Commission’s key actions to prevent fraud, in particular, how the Commission assesses the risk of fraud before adopting spending rules and designs and implements appropriate fraud controls. We also analysed how the Commission uses data for fraud prevention purposes.
The Commission recently included fraud controls in top-level spending rules66
The Commission’s fraud-proofing activities date back to 2000, when the Commission decided to make its fraud-proofing of legislation more effective32. A specific fraud-proofing unit was set up within OLAF, which was in particular tasked with making sure that spending schemes had specific legal provisions against fraud, providing for proper fraud controls.67
In 2007, the Commission communicated that it had achieved the objectives of its fraud-proofing procedures33 and that standard anti-fraud provisions had been included in spending rules. In 2011, the Commission made fraud-proofing the first priority action of the CAFS. By 2011, however, the key spending rules for the 2007-2013 period had been adopted. It is only since the start of the 2014-2020 period that spending rules in the areas of Cohesion, Agriculture and Research include a requirement to implement effective and proportionate fraud controls before spending occurs (Figure 7). Previously, some anti-fraud controls were included at sub-legislative levels within the area of Research, e.g. in model contracts and agreements.68
In Cohesion, DG REGIO has decided to use an external private company to assess how Member States meet the requirement to implement effective and proportionate anti-fraud measures for the 2014-2020 programme period. In December 2016, the Commission signed a contract with a consultancy company to examine the measures taken by Member States to prevent and detect fraud and corruption for the European Structural and Investment Funds. The results should have been ready by the end of 2017, but there have been delays. No such assessment is planned for Agriculture.
Thus, the Commission included comprehensive anti-fraud provisions in all top-level spending rules in 2014. In the 2007-2013 programme period, this was not always the case.70
Based on its investigations, OLAF also makes administrative recommendations to DGs highlighting weaknesses in their fraud prevention and detection controls. Between 2014 and 2016, OLAF made 113 such recommendations to various Commission services. It is not possible to evaluate the impact of these recommendations, as neither OLAF nor the DGs follow up on whether these recommendations have been implemented.
A fraud risk assessment before adopting spending rules will be required as from 202171
The Commission performs impact assessments to collect evidence in order to assess whether future legislative or non-legislative EU action is justified and how such action can best be designed to achieve desired policy objectives. Based on the COSO framework34, we would expect the Commission to assess the risk of fraud when performing these assessments.72
Guidelines on how to perform impact assessments for spending rules (the Better Regulation Guidelines) were updated in 2015. This update did not, however, include any requirement to assess fraud risk as part of impact assessments35. A specific fraud prevention tool was not added to these guidelines until in July 2017 (Figure 7).73
As a result, this new requirement will only apply to the next generation of financial programmes (2021 onwards). Other than this requirement, there are no explicit requirements to assess the risk of fraud before establishing detailed implementing rules for multi-annual financial programmes (such as partnership agreements and operational programmes in Cohesion or rural development programmes in Agriculture).74
We also analysed the information we received from OLAF on its role in inter-service consultations of different Commission services before adopting proposed rules. OLAF is required to provide an opinion on whether proposed laws properly take account of the risk of fraud. During 2014-2016, OLAF received 2 160 inter-service consultation requests from different Commission services. OLAF provided a positive opinion in 1716 cases (79 %) and a positive opinion with comments in 304 cases (14 %). In these cases, OLAF was satisfied with the proposed rules or proposed improvements. OLAF issued a negative opinion in two cases (0.1 %) and was late to issue an opinion in the remaining cases (6.9 %). Box 4 provides an example when OLAF’s input led to a change of rules.
Example of OLAF’s input leading to changed rules
When the partnership agreements (PA) for the 2014-2020 programme period were being drawn up these agreements did not contain any reference to the requirement for Member State authorities to implement proper fraud controls. As a result of OLAF’s input a separate article was added to each agreement requiring Member States to put in place risk-based, effective and proportionate fraud prevention measures pursuant to Article125(4)(c) of Regulation (EU) No 1303/2013 (the Common Provisions Regulation).
Other than the above outputs, we did not find any specific evaluation by the Commission listing which EU laws had been fraud-proofed or containing appropriate fraud risk analysis or anti-fraud provisions. Nor has there been any analysis of the Commission’s new approach to fraud-proofing, as envisaged in the Commission’s 2007 communication.
Better use of data for fraud prevention is needed76
Data on operators at risk of committing fraud can be used to prevent the allocation of EU money to potential future fraudsters:
- For direct and indirect management, the Commission regards the Early Detection and Exclusion System (EDES) – a debarment and blacklisting system – as its main tool for preventing the allocation of EU funding to insolvent, irregular, unreliable or fraudulent economic operators.
- ARACHNE is an integrated IT tool for data mining and data enrichment, developed by the European Commission. Within Cohesion, DG REGIO and EMPL consider the ARACHNE risk scoring tool to be a key fraud prevention tool. According to these DGs, ARACHNE could help Member State authorities in identifying the riskiest projects and beneficiaries during ex-ante and ex-post checks.
We analysed the data included in these two tools.
Due to legal constraints, the Commission could not exclude economic operators for fraud or corruption committed before 201678
Debarment has acquired considerable importance in the European Union. This is because under the EU Public Procurement Directives, public contracts must not be awarded to economic operators who have been involved in criminal misconduct or found guilty of, among other things, corruption and fraud affecting the EU’s financial interests.79
The EU’s debarment system dates back to 2008. With effect from 1 January 2016, the Commission replaced the previous exclusion and early warning system with the EDES. While Directors-General may still request an early detection warning, for exclusion, the key new feature introduced with this system is a central panel, which assesses exclusion requests from the Director-General of the relevant DG and provides recommendations on exclusion and potential financial penalties. It is the Director-General who ultimately decides whether or not to exclude an economic operator.80
All EU institutions and bodies may make an exclusion request based on information transmitted by administrative or criminal proceedings, reports by OLAF, the European Court of Auditors or the Commission’s internal auditors, decisions by the European Central Bank, the European Investment Bank and Fund or other international organisations, or on cases of fraud or irregularity decided by national authorities under shared or by delegated entities under indirect management. Audits by authorising officers or private-sector auditors are also a valuable source of information. Member State authorities have been granted access to exclusion decisions but are not obliged to take them into account in any shared management financing decision involving EU money.81
Excluding an economic operator is a lengthy procedure. By 30 June 2018, i.e. two-and-a-half years after the EDES was introduced, the Commission as a whole had excluded 19 economic operators and published sanctions against eight. Even though within the area of shared management, Member State authorities reported 820 suspected fraud cases within IMS and OLAF concluded around 60 investigations with recommendations in 2016 alone36, the Financial Regulation does not give the Commission any power to act if Member State authorities have not themselves initiated the exclusion of an unreliable economic operator. Therefore, no requests for exclusion of national economic operators co-financed by ESI funds were made by any of the three main DGs managing this spending (REGIO, EMPL and AGRI).82
As regards exclusions for facts dating from before 2016, the main reasons for these were serious breaches of contractual provisions and grave professional misconduct. This is because the legislation at the time did not permit exclusion for fraud in the absence of a final judgment. To date, only two economic operators have been excluded for fraud or corruption, which limits the deterrent impact of this system.83
The EDES system provides the possibility of recording the details of individuals who have control, or representative or decision-making powers, over fraudulent companies. However, only for facts dating from 2016 onwards does the legislation permit the exclusion of an economic operator where a person serving on its administrative, management or supervisory board, or with powers of representation, decision or control over it, is himself or herself also currently under exclusion. Previously, only economic operators that had a contractual relationship with the contracting authority/authorising officer could actually be excluded. In the past, there have been cases where, by the time the possibility has arisen of excluding the economic operator concerned, the private individuals behind the fraudulent companies have already dissolved the company involved in the contractual relationship with the Commission and created a new one.84
The World Bank and other international financial institutions have recently stepped up efforts to ensure that fraudulent economic operators are stopped and do not merely re-surface under different names (Box 5).
The World Bank’s suspension and debarment system
The World Bank uses a suspension and debarment system to fight corruption and fraud. The World Bank can suspend and debar both companies and private individuals, thereby rendering them ineligible for new contracts for World Bank-financed projects. All sanctions are published. In 2017, the World Bank temporarily suspended 22 firms and individuals and sanctioned 6037. As of January 2018, the debarment list contained 414 debarred companies and individuals38. The World Bank system has been in operation for more than ten years and, compared to the EDES, has fewer legal constraints. For example, there is no external judicial review of World Bank decisions, and publication conditions are less strict.
Member States do not fully exploit the potential of Arachne in preventing fraud85
ARACHNE could help Member State authorities identify risky economic operators when performing checks before or after payment occurs. The usefulness of this tool depends on how much data Member States’ managing authorities record in it and on whether it is used systematically. The use of this tool by Member State authorities is free of charge, but currently not obligatory.86
In our 2015 special report on how the Commission and Member States address problems with public procurement in EU cohesion expenditure39, we found that only 17 out of 28 Member States were either using the tool or had expressed their intention to do so. Therefore, in our 2015 report we recommended the Commission and Member States to further promote the use of such data-mining tools. Three years after our recommendation ARACHNE is still used for around 170 out of the total number of 429 operational programmes in 21 Member States (Figure 8).87
This system does not currently offer any way of identifying whether an economic operator has been excluded within the Commission’s system. Beyond Cohesion, fund managers in other EU spending areas do not have similar fraud risk scoring tools at their disposal.
Our analysis found the impact of the Commission’s exclusion and sanctioning system to be limited. Moreover, exclusion applies only to spending managed directly and indirectly by the Commission, which means that excluded companies may, for example, continue receiving Cohesion funds. Although ARACHNE has the potential to be an effective fraud prevention tool, the system still contains only a limited amount of data 5 years after being launched.
OLAF’s administrative investigations have led to prosecution in fewer than half of cases, and resulted in recovery of less than a third of the funds89
Under the current EU legal framework, the main responsibility for enforcing anti-fraud legislation lies with the Member States, as only national authorities can conduct a criminal investigation and charge a person with a crime. Responsibility for recovering fraudulently obtained EU money depends on the EU spending area.90
OLAF is currently the only body with independent investigative powers at EU level. In line with its mandate, OLAF investigates fraud, corruption or other illegal activities affecting the EU’s financial interests40. Based on its administrative investigations, OLAF may issue judicial, financial, administrative or disciplinary recommendations41. OLAF can also recommend precautionary measures to help prevent any increase in irregularities.91
Judicial recommendations are addressed to competent national judicial authorities and mainly contain a proposal to open a criminal investigation against the person suspected (by OLAF) of having committed fraud or to continue the criminal investigation in the light of OLAF's findings and recommendations. OLAF’s investigations are intended to make it easier for Member State authorities to bring an indictment in a particular case.92
Financial recommendations are addressed to the responsible DGs and consist of a proposal to recover a certain amount of money or to prevent money from being spent unduly. Because such recommendations are not binding upon the DGs, here OLAF facilitates the DGs’ work in preparing recovery orders and in requesting the exclusion of unreliable economic operators from further EU funding through EDES42.93
In EU spending areas under direct or indirect management, the DG which previously made the decision to make the payment concerned decides for itself whether to recover money from a fraudulent beneficiary. For EU spending areas under shared management, the responsible DG recovers the money from the Member State concerned through financial corrections. The national authorities are then responsible for recovering the EU money from the actual beneficiary. In this section, we examine what impact OLAF’s administrative investigations have on the prosecution of fraudsters and on the administrative procedure to recover fraudulently spent EU money.
The current fraud investigation system has inherent weaknesses94
Between 2009 and 2016, OLAF issued a total of 541 judicial recommendations. To date, Member State authorities have taken decisions on 308 of these recommendations, bringing indictments in 137 cases (44.5 %) and dismissing 171 cases (55.5 %). No information is available on the number of convictions. To date, Member State judicial authorities have made approximately 17 indictments per year as a result of cases initiated by OLAF (Figure 9).
Given the unavailability of reliable data on the total number of EU fraud cases prosecuted in the Member States, we cannot provide any precise indication of the overall share of indictments initiated by national prosecutors as a result of OLAF’s judicial recommendations. Publicly available information and information provided to us by the national authorities we visited shows that OLAF judicial recommendations which have led to indictment account for a small proportion of the total number of indictments by national public prosecutors in relation to fraud in EU spending cases (Box 6).
Prosecution of fraud involving EU money in five Member States
In Poland, 446 indictments and 50 conditional dismissals were issued in the period 2013-2016 (i.e. 124 indictments per year).
In Bulgaria in 2016, 72 persons were charged with fraud involving EU money, from 67 cases.
In Estonia in 2016, 50 individuals and 22 legal persons were charged with fraud in EU spending, from 15 cases.
In Hungary, according to the Ministry of Interior’s crime statistics, 18 indictments were initiated in 2013, 16 in 2014, 6 in 2015, 7 in 2016 and 1 in 2017 (a total of 48 between 2013-2017)43.
In Romania, prosecutors issued 30 indictments in 2016, arising from 39 cases previously investigated by DLAF44. As a result, 115 individuals and 47 legal entities were sent to trial and, in four cases, a total of six agreements of guilt recognition were concluded.
Figure 9 shows that more than half of the cases where the decision was taken by the Member State were dismissed. According to OLAF’s own analysis of the information collected by Member States on judicial recommendations, the main reasons for dismissal were (Figure 10):
- evidence initially collected by OLAF or later by the national investigative authority considered insufficient for prosecution (56 %);
- action investigated by OLAF not considered a criminal offence under national law (22 %);
- statute of limitation (i.e. time limit for initiating criminal proceedings) under national law passed (14 %)45.
As indicated above, in 36 % of cases, either Member State authorities did not regard the crime identified by OLAF as a criminal offence under national law, or the time limit for criminal proceedings under national law had elapsed. We note that it is not always possible to prevent a case from becoming time-barred; national prosecutors may also reach a different conclusion as to whether an offence has been committed. This is why close cooperation between OLAF and national authorities is of paramount importance46.98
During our interviews in four Member States, national prosecutors indicated that, in most cases, they have no contact with OLAF before receiving the Final Report. They also indicated that they would prefer to be informed of any suspected criminal offence much earlier than at the end of the OLAF investigation, and that if they were, they would assist OLAF and, where appropriate, start their own criminal investigation in order to avoid cases becoming time-barred.99
Therefore, the fact that many cases are dismissed by national prosecutors because no crime has been committed or because cases have become time-barred indicates that, to date, there are weaknesses in the cooperation between OLAF and national authorities.100
Figure 10 shows that 56 % of dismissed cases have been dismissed due to lack of evidence. This means that in every second dismissed case, evidence collected by OLAF, along with evidence collected later by national authorities during criminal investigation, has not led prosecutors to initiate indictment.101
Our interviews with representatives from national authorities, independent academics and EU institutions (including OLAF) indicate that the main reason for dismissal is not lack of evidence, but rather that cases are too old. It is not necessarily that the time limit for a given case has already expired or is about to expire, but rather that it is already years since the alleged offence was committed.102
This is not to say that OLAF’s investigations take too long. In most cases, OLAF conducts administrative investigations after the act in question has been detected and reported. It is therefore dependent on the timeliness of the information it receives in particular from IBOAs and Member States. Furthermore, OLAF’s administrative investigation then needs to be followed by a further criminal investigation in the Member State concerned. A person cannot be prosecuted without the case having been investigated in accordance with national law. The extent of the investigation varies from country to country, but some action is required in every Member State. Therefore, OLAF’s investigations, no matter how well conducted, often have a high risk of passing their ’sell-by date’.103
Figure 11 indicates the timeframe for cases investigated by OLAF. Data provided by OLAF shows that, in 2017, it took OLAF an average of two months to select cases and around 22 months to investigate them47. Assuming that OLAF receives information on suspected fraud cases around one year after they have been committed and submits its Final Report to judicial authorities without delay, national authorities only receive information on an alleged offence on average three years after it has been committed. For complex cases, it may take even longer.
In our view, the current system, whereby OLAF’s administrative investigation of suspected fraud is followed by a criminal investigation at national level, takes up much time in a considerable number of cases and thus it decreases the chances to achieve its final goal – prosecution.
Administrative recovery of funds is hindered by insufficient evidence105
If OLAF finds any irregularity (whether suspected fraud or otherwise) and is able to estimate the amount to be recovered, it issues a financial recommendation.106
Figure 12 presents the amounts OLAF recommended for recovery between 2002 and 2016. Based on the available data, we estimate the total value of OLAF financial recommendations during this period at around €8.8 billion (for 2008 and 2009, we use the average for all other years). By the end of 2016, a total amount of €2.6 billion (30 %) had been recovered. The figures indicate that although the total annual value of OLAF recommendations varies greatly, in most years (with the notable exception of 2011), the amount recovered has been in the region of €200 million (the average over the last 15 years is €173 million).107
According to the statistics we received from seven spending DGs (REGIO, EMPL, AGRI, RTD, CNECT, HOME and DEVCO), between 2012 and 2016, OLAF recommended a total of €1.9 billion in recoveries, from 358 cases. By the time of our audit, the DGs’ recoveries and financial corrections amounted to €243 million (13 % of the total recommended) from 153 cases (i.e. 43 % of cases). We acknowledge that the recovery process may still be ongoing for a significant number of the remaining OLAF financial recommendations.Recovering unduly disbursed EU money is a lengthy procedure: based on our sample of cases where recovery was successful, we estimate that the average time taken to complete recoveries is around 36 months. This being the case, we would expect a much higher recovery rate for recommendations issued between 2012 and 2014 than the 15 % (of the total amount recommended by OLAF) that the DGs have recovered to date.
The figures indicate that, in a significant proportion of the cases OLAF closes with a recommendation to recover unduly paid EU money, either no such recovery takes place or the amount recovered is significantly lower than that recommended.109
This has been confirmed by our audit: written evidence shows that, in a number of cases, DGs did not consider that OLAF’s reports provided sufficient information to serve as a basis for initiating the recovery of unduly disbursed funds48. The DGs either took (or outsourced) further action in order to decide whether recovery would be possible, or relied on evidence provided by their own audits.110
When OLAF issues a judicial recommendation and/or sends a report to Member State judicial authorities, the financial recovery procedure is in some cases suspended. We found a number of cases where the recovery procedure had been suspended and the DGs had been asked by OLAF not to disclose any information to the national authorities or the beneficiary. We acknowledge, however, that there can be a trade-off between criminal investigations and speedy financial recoveries.111
Nevertheless, using administrative procedures to recover unduly paid EU money is still more efficient and less costly than recovering these funds through criminal proceedings by means of asset freezing and confiscation. A recent Europol survey on criminal asset recovery within the European Union has revealed that the amount of money currently being recovered in the EU is only a small proportion of estimated criminal proceeds49.
In shared management, DGs do not recover money directly from beneficiaries but instead apply different financial procedures to protect the EU budget. In most cases, DGs REGIO and EMPL apply financial corrections whenever OLAF issues a financial recommendation. It is left up to the Member State concerned to decide what corrective action to take against beneficiaries once the DG has applied a financial correction. Under the principle of shared management, DGs REGIO and EMPL have no obligation to check the amounts recovered from beneficiaries.113
DG AGRI rules do not clearly stipulate the main steps for following up OLAF’s financial recommendations. For example, there are no deadlines for Member States to contest the recovery amount recommended in the OLAF report. DG AGRI sees its role as that of overseeing the recovery exercise, which is entirely the responsibility of the Member State concerned.114
Figure 13 shows the total value of financial recommendations OLAF sent to DGs REGIO, EMPL and AGRI between 2012 and 2016, together with the amounts recovered by the time of our audit. The three DGs received 268 OLAF financial recommendations in the period 2012-2016. Money has been recovered in 125 of these cases (47 %). The recovery rate does not increase significantly if we only consider those OLAF financial recommendations the three DGs received between 2012 and 2014. From these cases, the three DGs managed to recover 15 % of the combined total amount recommended by OLAF (DG REGIO – 10 %; DG EMPL – 19 %; DG AGRI – 33 %). We note that in October 2016 OLAF issued new instructions on drafting and calculating financial recommendations. As the new instructions are relatively recent, their full impact has yet to been seen in the system.
According to DGs REGIO and EMPL, one of the main reasons for not recovering recommended amounts is that OLAF’s Final Report does not directly substantiate the amount recommended. For example, in one case, the DG asked an external company to perform a further legal analysis of OLAF’s finding. In another related case, the DG, after consulting DG MARKT and the Commission’s Legal Service, decided not to recover the amount recommended by OLAF due to the high litigation risk. Another reason why the full amount recommended was not recovered in some cases was that, in the past, OLAF had recommended higher corrections for non-compliance with public procurement rules than those actually applied, by the DGs concerned, on the basis of the Commission’s guidelines50.
Direct management (DGs CNECT and RTD)116
Figure 14 shows the total value of OLAF financial recommendation sent to DGs CNECT and RTD between the years 2012-2016, together with the amount recovered up until the time of our audit. The two DGs received 36 OLAF financial recommendations between 2012 and 2016. Nine cases (25 % of cases) have been fully recovered. In one exceptional case, DG RTD recovered eight times the amount recommended by OLAF because the total amount recovered from the beneficiary also included extrapolated amounts based on the DGs’ own audits. In this case, we consider the amount recommended by OLAF to have been fully recovered. The recovery rate increases slightly if we only consider those OLAF financial recommendations the two DGs received between 2012 and 2014. From these cases, the two DGs overall managed to recover 34 % of the total amount recommended by OLAF
We checked 20 OLAF financial recommendations (10 for DG CNECT and 10 for DG RTD) out of 37 cases covering 86 % of the combined total amount recommended by OLAF to these two DGs. Based on this, we found that the main reasons for delays in recovering funds and for non-recovery after OLAF investigation are:
- ongoing criminal investigations or proceedings;
- insufficient evidence having been provided in OLAF reports; and
- companies having already been liquidated by the time OLAF closes the case.
The time taken for a spending DG to report a case to OLAF and the speed of OLAF's investigation may be important factors in determining the success of a recovery procedure, as time is very important in cases where DGs recover funds directly from beneficiaries. For cases where the recovery is still ongoing, the average time taken since the start of OLAF’s investigation is five years. Where fraudsters liquidate or dissolve companies, often immediately following the announcement of an audit or OLAF investigation, the chances of a recovery are rather limited.119
DGs can react more quickly and avoid the cost of recovering funding from a beneficiary if they can prove through their own audits that contractual obligations have been breached. In these cases, the responsible DG bases its preparatory work for the recovery order on its own audit results rather than on the OLAF report. We found that, in cases where the DG had not carried out an audit and the only source of evidence was the OLAF investigation file, it was more difficult for the DG to issue the recovery order for the amount recommended by OLAF as the DG considered the available documentation insufficient.120
In addition, debtors sometimes bring cases before the European Court of Justice to recover part of the rejected costs and/or damages from the Commission. When this happens, the amount recovered cannot be considered final until the ECJ case is closed.
Indirect management (DG DEVCO)121
Under indirect management, DG DEVCO entrusts budget implementation tasks to beneficiary countries, international organisations and development agencies in non-EU countries.122
Figure 15 shows the total value of OLAF financial recommendations sent to DEVCO between 2012 and 2016, together with the amount recovered up until the time of our audit. DG DEVCO received 53 OLAF financial recommendations in the period 2012-2016. There have been recoveries in 20 cases (38 % of cases)51. The recovery rate does not increase significantly if we only consider those OLAF financial recommendations the DG received between 2012 and 2014. From these cases, DG DEVCO managed to recover 6 % of the total amount recommended by OLAF.
In cases representing 58 % of the total value of OLAF financial recommendations, DG DEVCO did not recover the EU money concerned, either because it considered there was no legal basis for doing so or because it decided against issuing a recovery order52. Based on the 10 OLAF financial recommendations we examined, the main reason why DG DEVCO did not recover the amounts recommended by OLAF was that DG DEVCO considered there was insufficient evidence.124
In three out of 10 cases, representing a significant value of OLAF financial recommendations, DG DEVCO decided not to recover. Given that it operates in a high-risk environment, and given the potential risks to the implementation of its policy, DG DEVCO may in some circumstances decide not to recover EU money from beneficiaries. In countries with unstable political and judicial systems, the chances of recovery through a criminal or civil (administrative judicial) procedure are quite clearly low and an OLAF investigation may often be the only way to investigate a fraud allegation. OLAF does not analyse in sufficient detail which cases have yielded successful recoveries and what are the reasons for DGs not to proceed with recoveries or only recover a much lower amount than recommended by OLAF. This would help OLAF to better target its investigations.
Putting EPPO into operation will require coordinated effort125
In October 2017, twenty Member States adopted a regulation to enhance cooperation on establishing the European Public Prosecutor's Office (‘the EPPO’)53. This will be the EU body with powers to investigate and prosecute crimes against the EU’s financial interests.126
The EPPO is designed to operate at two levels: one centralised and the other decentralised. The centralised level consists of an European Chief Prosecutor (ECP), and one European Prosecutor (EP) per Member State (two of which will be Deputy Chief Prosecutors) located at the EPPO’s Central Office in Luxembourg, while the decentralised level consists of European Delegated Prosecutors (EDPs) working in the Member States. The European prosecutors, divided into chambers, will be responsible for supervising the EDPs and, in exceptional cases, will conduct investigations themselves. The EDPs will be in charge of investigations carried out in the Member States concerned (Figure 16).
We have analysed the regulation setting up the EPPO in light of our observations on the current set-up for investigating and prosecuting fraud in EU spending. We assessed whether the EPPO will address the following key issues:
- the current system, whereby OLAF’s administrative investigation of suspected fraud is followed by a criminal investigation at national level, takes up much time in a considerable number of cases; and
- weaknesses in cooperation between OLAF and national authorities.
In general terms, we consider establishing the EPPO to be a step in the right direction. However, we would like to highlight several risks that indicate that the EPPO may not address the above-mentioned problems:
- The regulation provides that the EPPO chambers will become supervisors of the operational work of the delegated prosecutors. In order to challenge the opinion of a delegated prosecutor, or even to discuss it with him or her, the chamber will need adequate expertise in national criminal law and procedure in specific cases, not to mention the need for translation. This means that, in order to fulfil its supervisory function, the EPPO’s Central Office needs sufficient staff and resources, including national legal experts54. An extensive internal consultation and translation may end up taking too long for criminal procedures, where time is very often the most limited resource.
- Under the EPPO Regulation, investigation will be carried out primarily by Member State investigators under the authority of the EPPO. The regulation does not put in place any mechanism enabling the EPPO (or any other EU body) to urge Member State authorities to allocate resources to the pro-active work necessary for the investigation of fraud in EU spending, or to the cases handled by the delegated prosecutors. Since a delegated prosecutor will need the support of its relevant national authority to conduct the investigation necessary for bringing the case to court, their effectiveness will remain heavily dependent on national authorities.
- The EPPO Regulation55 allows EU institutions, bodies, offices and agencies (IBOAs) to have OLAF carry out a pre-evaluation of cases to be forwarded to EPPO. Because time is critical to the success of a criminal investigation, excessive use of this option may adversely affect the timeliness of any subsequent action. The future arrangements for cooperation between OLAF and EPPO should make it possible to decide quickly whether to initiate a criminal procedure, or forward the case for investigation by the Member State concerned or by a responsible EU institution by means of an administrative procedure.
Conclusions and recommendations129
Our audit assessed whether the Commission is properly managing the risk of fraud in EU spending. We examined in particular the measures taken by the Commission to prevent and deter potential fraudsters and to recover funds where fraud has been committed.130
Based on our observations, we consider that more drive is needed in the EU to implement an effective strategic framework for managing the risk of fraud based on sound assessments. We consider there is a clear need for the Commission to step up its fight against fraud in EU spending by clarifying and reinforcing the responsibilities of the various parties involved in managing the fight against fraud.
The Commission’s insight into the scale, nature and causes of fraud is insufficient131
The Commission does not have comprehensive and comparable information on the detected fraud level in EU spending. The Commission’s own reporting of detected fraud in areas managed directly by it is not complete. Within shared management, the methodologies Member States use to prepare their official statistics on detected fraud differ, and the information reported in the Commission’s Irregularity Management System (IMS) is incomplete. The Commission does not carry out comprehensive checks to ensure the quality of data reported in the IMS; nor does it ask Member State authorities to provide assurance as to the reliability of the data reported. The spending DGs perform partial checks on irregularity reporting systems at national level within the framework of system audits (paragraphs 21-32).132
The Commission has not yet established a way of gaining insight into undetected fraud in order to complement the official statistics, even though there are several accepted ways to obtain insight into the scale of fraud (paragraphs 33-37).133
We also consider the available qualitative information on the nature and causes of fraud to be insufficient. Some information is available on fraud patterns and schemes used in different sectors, but the information available is not systematically updated. Moreover, we did not find detailed analyses or any study by the Commission to identify what causes some recipients of EU money to commit fraud.134
Studies using objective corruption proxies have also revealed that the risk of corruption may be increased by discretion in spending and excessive bureaucratic controls, which act as a barrier to market entry for other suppliers, thereby making corrupt deals easier to sustain (paragraphs 38-49).
Recommendation 1 – Gain better insight into the scale, nature and causes of fraud in EU spending
With a view to a properly designed approach to countering fraud against the EU’s financial interests, the Commission should put in place a robust fraud reporting system, providing information to assess the scale, nature and root causes of fraud. In particular, it should:
- enhance the Irregularity Management System (IMS) so that information on criminal investigations related to fraud affecting the EU's financial interests are reported in a timely manner by all competent authorities.
- build its capacity to collect information from different sources on the risk of fraud and corruption against the EU budget; measure this risk on a recurring basis using different methods (encounter surveys and indexes based on administrative data); and consider establishing risk indicators by spending area, country and sector.
Timeframe: end of 2022
There are weaknesses in the Commission’s strategic approach to managing the risk of fraud135
There are weaknesses in anti-fraud strategies of the Commission and reporting on their effectiveness. While it does have a formal anti-fraud strategy – the Commission Anti-fraud Strategy (CAFS) – the Commission has not updated it since 2011. We therefore question whether it is fit to guide the Commission’s anti-fraud activities in practical terms. We note the Commission’s intention to update the CAFS (paragraphs 58-64).136
Under the Commission’s governance model, roles and responsibilities for anti-fraud actions are split. The various Commission DGs and services each have their own anti-fraud strategies. There is no central body in charge of ensuring appropriate corporate oversight of anti-fraud activities. This could potentially be a role for OLAF (Recommendation 4). Strategic fraud risk management and fraud prevention are not specifically mentioned in the portfolios of any single Commissioner (paragraphs 52-57).
Recommendation 2 – Ensure leadership of the Commission’s anti-fraud actions
2.1. To achieve better coordination in tackling fraud, within the context of collegial responsibility for fraud prevention and detection, the Commission should ensure that strategic fraud risk management and fraud prevention would be clearly referred to in the portfolio of one Commissioner.
2.2. The Commission should ensure that, its new anti-fraud strategy:
- is preceded by a comprehensive analysis of fraud risks, using a wide range of data from different sources to establish the scale, nature and causes of fraud in EU spending;
- contains meaningful objectives and measurable indicators; and
- includes reporting based on the achievement of objectives.
Timeframe: end of 2022
Fraud prevention has not received enough attention137
Although the Commission’s fraud-proofing activities date back to the year 2000, comprehensive anti-fraud provisions were only included for the first time in all top-level regulations for the 2014-2020 period (paragraphs 66-70).138
Assessing the risk of fraud before adopting spending schemes and putting in place anti-fraud controls is potentially an effective way to reduce fraud losses. For the 2014-2020 spending programmes, however, the Commission required such an assessment of the draft rules only late in the process. Thus, these will only be implemented for the next generation of financial programmes after 2021. In shared management, the Commission did not ask Member States to assess the risk of fraud in their 2014-2020 programmes before adopting them. It is, however, in this area that around 70 % of the EU budget is spent (paragraphs 71-75).139
Using data for fraud prevention and deterrence can be an effective way either to identify risky economic operators before allocation of funds or to improve future compliance by debarring economic operators and individuals who have been detected committing fraud. Within the Commission, there have been DG-level initiatives to establish such databases, but the use of these tools has been rather limited and not sufficiently coordinated. In particular, the preventive and deterrent impact of the Commission’s exclusion and sanctioning system is limited, as the DGs in charge of Cohesion policy and Agriculture do not have the power to initiate an exclusion request for fraudulent economic operators supported through these funds. In addition, Member State authorities are not obliged to take exclusion decisions into account in any financing decision involving EU money.140
Since 2013, DGs EMPL and REGIO have had their own internally developed fraud prevention tool, ARACHNE. Such a tool has the potential to be effective, but currently it still does not contain sufficient data. It is the responsibility of Member States to provide such information on fraudulent economic operators and the private individuals linked to them (paragraphs 76-88).
Recommendation 3 – Increase the use of fraud-prevention tools
3.1. In relation to the rules for implementing the spending programmes in the post-2020 period, the Commission should perform a fraud risk assessment and ask Member States to carry out a detailed fraud risk assessment before adopting programmes.
Target implementation date: 2020
3.2. Regarding the Commission’s exclusion system, the Commission should
- ensure that DGs use the early detection and exclusion system in direct and indirect management;
- call on Member States to identify and flag fraudulent economic operators and the private individuals linked to them.
3.3. The Commission should urge all Member States to actively participate in the ARACHNE database by submitting timely data and to exploit the opportunities big data offers to prevent fraudulent and irregular use of EU funds39.
Timeframe: end of 2019
OLAF’s administrative investigations have led to prosecution in fewer than half of cases, and resulted in recovery of less than a third of the funds141
OLAF judicial recommendations result in the prosecution of fraudsters in around 45 % of the cases. The current system, whereby OLAF launches investigations after receiving information from other sources and whereby OLAF’s administrative investigation of suspected fraud is often followed by a criminal investigation at national level, takes up much time in a considerable number of cases and thus it decreases the chances to achieve its ultimate goal – prosecution (paragraphs 94-104).142
In a number of cases (concerning fraud or irregularities), DGs do not consider that OLAF’s reports provide sufficient information to serve as a basis for initiating the recovery of unduly disbursed funds. In such cases, the DGs take (or outsource) further action in order to decide whether recovery is possible or they rely on evidence provided by their own audits (paragraphs 105-124).
Recommendation 4 – Reconsider OLAF’s role and responsibilities in combatting fraud in EU spending in light of the establishment of the EPPO
The Commission should reconsider OLAF’s role and responsibilities in combatting fraud in EU spending in light of the establishment of the EPPO.
In particular, the Commission should propose to the European Parliament and the Council measures to give OLAF a strategic and oversight role in EU anti-fraud action.
This could include OLAF acting as an oversight body responsible for:
- leading the design, and monitoring and supervising the implementation, of the Commission’s anti-fraud policy, with a specific focus on providing real time detailed analysis of fraud patterns (modus operandi) and the causes of fraud;
- co-ordinating and monitoring anti-fraud activities in Member States.
Timeframe: end 2022
This Report was adopted by Chamber V, headed by Mr Lazaros S. Lazarou, Member of the Court of Auditors, in Luxembourg at its meeting of 14 November 2018.
For the Court of Auditors
Extract of relevant legal texts
Article 3 of the PIF Directive
“Fraud affecting the Union's financial interests
2. For the purposes of this Directive, the following shall be regarded as fraud affecting the Union's financial interests:
- in respect of non-procurement-related expenditure, any act or omission relating to:
- the use or presentation of false, incorrect or incomplete statements or documents, which has as its effect the misappropriation or wrongful retention of funds or assets from the Union budget or budgets managed by the Union, or on its behalf;
- non-disclosure of information in violation of a specific obligation, with the same effect; or
- the misapplication of such funds or assets for purposes other than those for which they were originally granted;
- in respect of procurement-related expenditure, at least when committed in order to make an unlawful gain for the perpetrator or another by causing a loss to the Union's financial interests, any act or omission relating to:
- the use or presentation of false, incorrect or incomplete statements or documents, which has as its effect the misappropriation or wrongful retention of funds or assets from the Union budget or budgets managed by the Union, or on its behalf;
- non-disclosure of information in violation of a specific obligation, with the same effect; or
- the misapplication of such funds or assets for purposes other than those for which they were originally granted, which damages the Union's financial interests”.
Article 325 of TFEU
“The Union and the Member States shall counter fraud and any other illegal activities affecting the financial interests of the Union through measures to be taken in accordance with this Article, which shall act as a deterrent and be such as to afford effective protection in the Member States, and in all the Union's institutions, bodies, offices and agencies.”
List of buildings mentioned in the report
|Bodies||Prevention (anti-fraud governance and leadership, fraud risk assessment, anti-fraud strategies, preventive controls, intelligence)||Detection (detective fraud control, fraud complaint mechanisms)||Investigation (administrative and criminal)||Response (Sanctions, recoveries, prosecution, performance measurement and reporting)|
|National administrative authorities||✔||✔||✔||✔|
|National judicial and law enforcement authorities||✔||✔||✔|
Recent legislative initiatives in the EU’s area of the fight against fraud
- The Directive on the fight against fraud to the Union's financial interests by means of criminal law (PIF Directive) was adopted by the co-legislators on 5 July 2017. Member States have two years (until 6 July 2019) to transpose it into their national legislation. It harmonises the definition of four criminal offences (fraud, corruption, money laundering and misappropriation) as well as sanctions and limitation periods.
- Regulation 2017/1939 setting up the EPPO has been adopted in October 2017. The EPPO is expected to start operating from late 2020 or early 2021 onwards in 22 Member States and will be competent to investigate crimes against the EU budget including serious cross-border VAT fraud over €10 million.
- The proposal to amend the OLAF's Regulation 883/2013 (COM(2018) 338) concerning investigations conducted by the OLAF as regards cooperation with the EPPO and the effectiveness of OLAF investigations adopted in May 2018.
- The new Financial Regulation entered into force in July 2018.
Events triggering Member States to report cases of fraud under criminal investigation to the Commission
|After initial sentence||✔||✔||✔||✔||✔||✔||✔|
|After definitive sentence- final court decision||✔||✔||✔||✔||✔||✔||✔||✔||✔||✔||✔||✔||✔||✔||✔|
Roles and responsibilities within the Commission for the outcomes of anti-fraud actions in EU spending
We divided the key players involved in combating fraud into the following four categories:
- Responsible: the person or body actually completing a given task and/or is being ultimately answerable to public for the implementation of an activity or decision;
- Consulted: the person or body providing an opinion on a particular action or decision before it is taken, including preparation/ review or presentation of the draft documents to those responsible for decision;
- Informed: the person or body to be informed after a decision or an action is taken. They may be required to take action as a result of the outcome;
- Not involved.
List of references
Alina Mungiu-Pippidi (2013), The Good, the Bad and the Ugly: Controlling corruption in the European Union, Berlin.
Fabio Giuffrida, ‘The European Public Prosecutor’s Office: King without kingdom?’(2017), CEPS Research Report No 3/2017, p. 14, https://www.ceps.eu/publications/european-public-prosecutor %E2 %80 %99s-office-king-without-kingdom.
Golden, Miriam and Picci, Lucio (2005), Proposal for a New Measure of Corruption, and Tests using Italian Data, Economics and Politics. Vol. 17, 2005, pp. 37-75.
Mark Button and Jim Gee (2015), The financial cost of fraud 2015 - What the latest data from around the world shows, PKF Littlejohn LLP and PKF; See also Brooks, G., Button, M. and Gee, J. (2012), The scale of healthcare fraud: a global evaluation, Security Journal, Vol. 25 No. 2, pp. 76-87.
Mark Button, Chris Lewis, David Shepherd, Graham Brooks and Alison Wakefield (2012), Fraud and Punishment: Enhancing Deterrence Through More Effective Sanctions, Centre for Counter Fraud Studies, University of Portsmouth.
Mihaly Fazekas and Peter Lawrence King (2018), Perils of development funding? The tale of EU Funds and grand corruption in Central and Eastern Europe. Regulation & Governance 2018, pp. 14-15.
Mihaly Fazekas and Gábor Kocsis (2017), Uncovering High-Level Corruption: Cross-National Corruption Proxies Using Public Procurement Data. British Journal of Political Science, av. online.
Mihaly Fazekas, István János Tóth and Peter Lawrence King (2016), An Objective Corruption Risk Index Using Public Procurement Data. European Journal of Criminal Policy and Research, 22(3), pp. 369–397.
Mihaly Fazekas and István János Tóth (2017), Corruption in EU Funds? Europe-wide evidence on the corruption effect of EU-funded public contracting. In J. Bachtler et al (Eds.), EU Cohesion Policy. Reassessing performance and direction. Ch. 13. Routledge, London, p. 186-205.
Paulo Mauro (1996), The Effects of Corruption on Growth, Investment and Government Expenditure, International Monetary Fund, WP/96/98.
Paulo Mauro (1998), Corruption and the composition of government expenditure, International Monetary Fund, Journal of Public Economics 69.
Jajkowicz, O. and Drobiszova, A. (2015), The Effect of Corruption on Government Expenditure Allocation in OECD Countries, Acta Universitatis Agriculturae et Silviculturae Mendelianae Brunensis, Volume 63.
Acronyms and abbreviations
AAR: Annual activity report
AFCOS: Anti-fraud coordination services
AFS: Anti-fraud strategy
AMPR: Annual management and performance report
AOD: Authorising officer by delegation
CAFS: Commission anti-fraud strategy
ECJ: European Court of Justice
EDES: Early detection and exclusion system
EPPO: European Public Prosecutor’s Office
IBOAs: EU institutions, bodies, offices and agencies
IMS: Irregularity management system
MFF: Multi annual financial framework
OLAF: European Anti-fraud Office
PACA: Primary administrative or judicial finding
PIF: Protection of the European Union’s financial interests
Better regulation: The design of policies and laws so that they achieve their objectives at minimum cost. Better regulation is about making sure that the EU actually delivers on the ambitious policy goals it has set itself. It is about ensuring that the policy solution chosen is the best and least burdensome way to reach those objectives. It is a way of working to ensure that political decisions are prepared in an open, transparent manner, informed by the best available evidence and backed by the comprehensive involvement of stakeholders. (Source: Better regulation toolbox).
Conviction: A court’s judgement by which the defendant is found to be guilty of having committed a crime. A person can be considered convicted only when the judgement is final.
Corruption: Corruption is the abuse of power for private gain. It comprises of any act or omission that misuses official authority, or seeks to influence the misuse of official authority, in order to obtain an undue benefit.
Detected fraud: Detected fraud includes suspected and established fraud.
Early detection and exclusion system (EDES): The EDES is the new debarment system established by the Commission as of 1 January 2016 to protect the EU's financial interests against unreliable economic operators. Its purpose is to facilitate the early detection of such operators, their exclusion from receiving EU funds, the imposition of financial penalties and, in the most severe cases, the publication of information related to such exclusions or penalties.
Error: An irregularity arising from non-compliance with legal and contractual requirements.
Established fraud: Established fraud describes a case that has been judged to constitute 'fraud' by a definitive criminal court decision.
Financial corrections: can be implemented by a Member State by deducting irregular expenditure from the Member State’s payment claim, by paying a recovery order issued by the Commission, or by decommitment. The deduction can take two forms: withdrawal or recovery from beneficiaries.
Fraud: Fraud is an intentional act of deception intended for personal gain or to cause a loss to another party (Annex I).
Fraud risk: In line with the 2016 fraud risk management guide of the Committee of Sponsoring Organizations of the Treadway Commission (COSO), organisations should perform comprehensive fraud risk assessments to identify specific fraud schemes and risks, assess their likelihood and significance, evaluate existing fraud control activities and implement actions to mitigate residual fraud risks.
Impact assessment: Impact assessments contribute to EU decision-making processes by systematically collecting and analysing information on planned interventions and estimating their likely impact. Impact assessments must be carried out for all major policy initiatives (i.e. those presented in the annual policy strategy (APS) or, later, as part of the Commission’s legislative work programme (CLWP)), with some clearly defined exceptions. In addition, other significant initiatives can be covered on a case-by-case basis.
Indictment: An official notification given to a natural or legal person by the prosecutor of an allegation that he or she or it has committed a criminal offence and by which the prosecutor brings the prosecution to court.
Irregularity: An irregularity is an act which does not comply with EU rules and which has a potentially negative impact on EU financial interests, but which may be the result of genuine errors committed both by beneficiaries claiming funds and by the authorities responsible for making payments. If an irregularity is committed deliberately, it constitutes fraud.
Irregularity Management System (IMS): The Irregularity Management System is a secure electronic tool for reporting, management and analysis of irregularities. IMS is part of the Anti-fraud Information System (AFIS), developed and maintained by OLAF, which facilitates the exchange of information between OLAF and relevant administrations.
Primary administrative or judicial finding (PACA): A ‘primary administrative or judicial finding’ is a first written assessment by a competent authority, either administrative or judicial, concluding on the basis of specific facts that an irregularity has been committed. It may subsequently be revised or withdrawn as a result of developments in the course of the administrative or judicial procedure.
Prosecution: A prosecutor’s decision to charge the defendant with a crime.
Protection of the European Union’s financial interests (PIF): Protection of the EU’s financial interests is a key element of the EU policy agenda to strengthen and increase the confidence of citizens and ensure that their money is used properly. It concerns not only the management of budget appropriations, but extends to all measures which negatively affect its assets and those of the Member States, to the extent that those measures are relevant to EU policies.
Suspected fraud: An irregularity that gives rise to the initiation of administrative or judicial proceedings being brought at national level to establish whether behaviour was intentional is categorised by the Commission and Member States as ‘suspected fraud’.
1 See the legal definition in Article 3 of Directive (EU) 2017/1371 of the European Parliament and of the Council of 5 July 2017 on the fight against fraud to the Union's financial interests by means of criminal law (the PIF Directive).
2 See recital (8) of the PIF Directive.
3 See the legal definition in Article 4 of the EU Directive 2017/1371 (PIF Directive).
4 Article 1(2) of Council Regulation (EC, Euratom) No 2988/95.
5 See Article 32 of Regulation (EU, Euratom) No 966/2012 of the European Parliament and of the Council of 25 October 2012 on the financial rules applicable to the general budget of the Union (the Financial Regulation).
6 See Article 3 of the PIF Directive.
7 See Article 17 of the PIF Directive.
8 Article 1(2) of Regulation (EU, Euratom) No 883/2013 of the European Parliament and of the Council of 11 September 2013 concerning investigations conducted by the European Anti-Fraud Office (OLAF) and repealing Regulation (EC) No 1073/1999 of the European Parliament and of the Council and Council Regulation (Euratom) No 1074/1999.
9 Austria, Belgium, Bulgaria, Croatia, the Czech Republic, Cyprus, Estonia, Finland, France, Germany, Greece, Italy, Latvia, Lithuania, Luxembourg, Portugal, Romania, Slovakia, Slovenia, and Spain. The Netherlands and Malta have joined the EPPO in the course of 2018.
10 Council Regulation (EU) 2017/1939 of 12 October 2017 implementing enhanced cooperation on the establishment of the European Public Prosecutor’s Office (‘the EPPO’).
11 See paragraphs 1.35 and 1.36 of our 2016 Annual Report.
12 See ECA Opinion No 1/2018 concerning the proposal of 2 May 2018 for a regulation of the European Parliament and of the Council on the protection of the Union's budget in case of generalised deficiencies as regards the rule of law in the Member States; ECA opinion No 9/2018 concerning the proposal for a regulation of the European Parliament and of the Council establishing the EU Anti-Fraud Programme; ECA opinion No 8/2018 concerning the proposal of 23 May 2018 on amending OLAF Regulation 883/2013 as regards cooperation with the European Public Prosecutor’s Office and the effectiveness of OLAF investigations.
13 Under the Commission’s fraud preventive actions, we also covered OLAF’s administrative recommendations.
14 The relevant provisions are Article 122(2) of Regulation (EU) No 1303/2013; Article 50(1) of Regulation (EU) No 1306/2013; Article 30(2) of Regulation (EU) No 223/2014; Article 5(5) of Regulation (EU) No 514/2014; Article 21(1)(d) of Regulation (EU) No 1309/13.
15 Protection of the European Union’s financial interests – fight against fraud 2017 Annual Report, COM(2018) 553 final.
16 Paragraph 2.4 of Commission Staff Working Document (2016)237 final explains the methodological assumptions behind the analysis of the reported irregularities.
17 See Articles 1(2) and 7 of Council Regulation (EC, EURATOM) No 2988/95 of 18 December 1995 on the protection of the European Communities financial interests; Article 2(37) of Regulation (EU) No 1303/2013; with Article 2(17) of Regulation (EU) No 223/2014; recital (3) of Commission Delegated Regulation (EU) 2015/1971; recital (3) of Commission Delegated Regulation (EU) 2015/1973.
18 Article 3(1)(a) of the Delegated Regulations 2015/1970, 2015/1971, 2015/1972, 2015/1973.
19 Handbook on requirement to report irregularities, COCOLAF/23-05-17/8.2/EN; Article 2(b) of Commission Delegated Regulation (EU) 2015/1970, 2015/1971 and 2015/1973.
20 Article 2(b) of Commission Delegated Regulation (EU) 2015/1970, 2015/1971, 2015/1972 and 2015/1973 contains a definition of "primary administrative or judicial finding". These delegated regulations are adopted based on the powers conferred by the relevant basic acts, one of which is the Common Provisions Regulation (Article 122).
21 Fazekas, M., and Kocsis, G., (2017); Fazekas, M., Tóth, I. J., and King, P. L., (2016); Golden, M. and Picci, L. (2005). The Centre for Counter Fraud Studies at the University of Portsmouth has also developed a fraud loss measurement (FLM) method. See Button, M. and Gee, J. (2015).
22 Fazekas, M.and Kocsis, G. (2017); Fazekas, M., Tóth, I. J., and King, P. L.(2016); pp. 369-397.
23 See for example the Commission working document SWD(2017) 266 final, part 2/2, table CP16, p. 64 accompanying the 2016 PIF report.
24 In 2017, OLAF published a fifth case compendium related to internal investigations.
25 DGs EMPL, REGIO, AGRI, RTD and HOME.
27 European Court of Auditors, 2014 Annual Report, p. 229.
28 Mungiu-Pippidi, A., (2013), pp. 10-11.
29 A Framework for Managing Fraud Risks in Federal Programmes, GAO, July 2015, GAO-15-593SP, p. 10.
30 OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions.
32 COM(2000) 200 final/2 – Reforming the Commission – A White Paper – Part II – Action plan, action 94.
33 Prevention of fraud by building on operational results: a dynamic approach to fraud-proofing, SEC(2007) 1676.
34 Principle 8 of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) 2013 Internal Control – Integrated Framework, requires organisations to consider the potential for fraud in assessing risks to the achievement of objectives.
35 Better regulation for better results – An EU agenda, COM(2015) 215 final.
36 2016 PIF Report, COM(2017) 383 final.
37 World Bank Annual Update, Integrity Vice-Presidency, p. 28, http://pubdocs.worldbank.org/en/703921507910218164/2017-INT-Annual-Update-FINAL-spreads.pdf.
39 See European Court of Auditor’s special report 10/2015 – Efforts to address problems with public procurement in EU cohesion expenditure should be intensified.
40 Article 1(1) of Regulation (EU, Euratom) No 883/2013 of the European Parliament and of the Council of 11 September 2013 concerning investigations conducted by the European Anti-Fraud Office (OLAF) and repealing Regulation (EC) No 1073/1999 of the European Parliament and of the Council and Council Regulation (Euratom) No 074/1999.
41 Between 2012 and 2016, in around 21 % of the investigations it closed with a financial recommendation, OLAF simultaneously issued a judicial recommendation.
42 In addition to the external investigations, OLAF is also entitled to conduct internal investigations within EU institutions. We did not evaluate this particular OLAF task in the course of this audit. For administrative recommendations, see paragraph 70.
44 The Fight Against Fraud Department (DLAF) is a Romanian national authority with investigative powers, responsible for protecting the EU’s financial interests in that country. See statistics from DLAF’s 2016 annual report, p. 11.
45 Analysis of Member States’ follow-up of OLAF’s judicial recommendations issued between January 2008 and December 2015; p. 1.
46 Article 12 of Regulation (EU) No 883/2013 states that OLAF ‘…. may transmit to the competent authorities of the Member States concerned information obtained in the course of external investigations in due time to enable them to take appropriate action in accordance with their national law’.
47 See 2017 OLAF report, p. 53.
48 For 59 cases out of 150 cases with recovery resulting from OLAF financial recommendations the amount recovered is 70 % or lower than what OLAF recommended.
49 Does crime still pay? Criminal asset recovery within the EU; Survey of statistical information 2010-2014; Europol, 2016.
50 Commission decision of 19.12.2013 on the setting out and approval of the guidelines for determining financial corrections to be made by the Commission to expenditure financed by the Union under shared management, for non-compliance with the rules on public procurement, C(2013) 9527 final.
51 DG DEVCO also has grant and procurement contracts and budget support operations under direct management. However, our audit focused on spending under indirect management.
52 If we only consider OLAF financial recommendations issued between 2012 and 2014, then this rate increases to 82 %.
53 The Netherlands and Malta have joined the EPPO in the course of 2018.
54 The Commission estimates the cost of the EPPO, with 115 employees, at €21 million per year.
55 See recital (51) of Council Regulation (EU) 2017/1939 of 12 October 2017 implementing enhanced cooperation on the establishment of the European Public Prosecutor’s Office (‘the EPPO’).
56 See Council Regulation (EU) 2017/1939 on the creation of the European Public Prosecutor’s Office (EPPO) of 12 October 2017.
57 In 2005, the reporting threshold was increased from EUR 4 000 to EUR 10 000. At the time, an estimation was made of the amount of information lost in the process: the increased threshold would have implied a reduction of about 45% of the reported number of irregularities, but a loss of only 5% of the related financial amounts. Translated in terms on the fraud detection rate in 2017, this would imply a figure 0.22% instead of 0.21%.
59 See OLAF Report 2016, pp. 15-18, for the importance of procurement fraud.
60 SEC (2007) 1676.
61 Commission Regulation (EC) No 2035/2005 of 12 December 2005, OJ L 328, 15.12.2005, p. 8.
63 Cf. Article 325 TFEU.
64 For the latest version, see Report from the Commission to the European Parliament and the Council, 'Protection of the European Union's financial interests – Fight against fraud 2017 Annual Report', Brussels, 03.09.2018, COM(2018) 553 final. A similar tendency is reflected by other systems relying on complementarity of investigations at EU and national level (e.g. enforcement of EU competition rules, see http://ec.europa.eu/competition/ecn/statistics.html).
65 See 2017 OLAF Report.
66 COM (2011) 376 final, p. 8, paragraph 'Fraud prevention'.
|Adoption of Audit Planning Memorandum (APM) / Start of audit||4.4.2017|
|Official sending of draft report to Commission (or other auditee)||26.6.2018|
|Adoption of the final report after the adversarial procedure||14.11.2018|
|Commission’s (or other auditee’s) official replies received in all languages||EN: 8.1.2019|
The ECA’s special reports set out the results of its audits of EU policies and programmes, or of management-related topics from specific budgetary areas. The ECA selects and designs these audit tasks to be of maximum impact by considering the risks to performance or compliance, the level of income or spending involved, forthcoming developments and political and public interest.
This performance audit was carried out by Audit Chamber V Financing and administration of the EU, headed by ECA Member Lazaros S. Lazarou. The audit was led by ECA Member Juhan Parts, supported by Ken-Marti Vaher, Head of Private Office and Margus Kurm, Private Office Attaché; Judit Oroszki, Principal Manager and Head of Task; Tomasz Plebanowicz, Deputy Head of Task; Rogelio Abarquero Grossi, Daria Bochnar, Jana Janeckova and Anzela Poliulianaite, Auditors. Michael Pyper provided linguistic support and Valérie Tempez-Erasmi provided secretarial assistance.
From left to right: Ken-Marti Vaher, Judit Oroszki, Tomasz Plebanowicz, Juhan Parts, Michael Pyper, Daria Bochnar, Anzela Poliulianaite, Jana Janeckova, Rogelio Abarquero Grossi, Valérie Tempez-Erasmi, Margus Kurm.
EUROPEAN COURT OF AUDITORS
12, rue Alcide De Gasperi
More information on the European Union is available on the internet (http://europa.eu).
Luxembourg: Publications Office of the European Union, 2018
|ISBN 978-92-847-1460-5||ISSN 1977-5679||doi:10.2865/951680||QJ-AB-18-030-EN-N|
|HTML||ISBN ISBN 978-92-847-1466-7||ISSN 1977-5679||doi:10.2865/057159||QJ-AB-18-030-EN-Q|
© European Union, 2018.
For any use or reproduction of photos or other material that is not under the European Union copyright, permission must be sought directly from the copyright holders.
GETTING IN TOUCH WITH THE EU
All over the European Union there are hundreds of Europe Direct Information Centres. You can find the address of the centre nearest you at: https://europa.eu/european-union/contact_en
On the phone or by e-mail
Europe Direct is a service that answers your questions about the European Union. You can contact this service
- by freephone: 00 800 6 7 8 9 10 11 (certain operators may charge for these calls),
- at the following standard number: +32 22999696 or
- by electronic mail via: https://europa.eu/european-union/contact_en
FINDING INFORMATION ABOUT THE EU
Information about the European Union in all the official languages of the EU is available on the Europa website at: https://europa.eu/european-union/index_en
You can download or order free and priced EU publications from EU Bookshop at: https://publications.europa.eu/en/web/general-publications/publications. Multiple copies of free publications may be obtained by contacting Europe Direct or your local information centre (see https://europa.eu/european-union/contact_en)
EU law and related documents
For access to legal information from the EU, including all EU law since 1951 in all the official language versions, go to EUR-Lex at: http://eur-lex.europa.eu/homepage.html?locale=en
Open data from the EU
The EU Open Data Portal (http://data.europa.eu/euodp/en/data) provides access to datasets from the EU. Data can be downloaded and reused for free, both for commercial and non-commercial purposes.