Implementation of Effective Measures against Fraud and Illegal Activities in Cohesion Policies

An Analysis of Current Structures, a Discussion of Reform Ideas and a Look Towards Changes by the European Public Prosecutor’s Office


The article analyses the state of implementation and the effectiveness of measures applied by competent administrative programme authorities under shared management in the EU cohesion policy for the prevention, detection, correction and prosecution of fraud. It discusses the concrete initiatives taken to increase the preparedness of the management and control systems against fraud and presents the various components needed for a consistent administrative response in reaction to fraudulent irregularities. It also discusses possible reform ideas and looks at what will change with the European Public Prosecutor’s Office.

I. Introduction

EU funding in shared management with the Member States so far constitutes the largest part of the EU budget, with a proposed volume of more than € 373 billion over the multi-annual financial framework period 2021–2027 for cohesion policy alone.1 It provides important financial support to innovation, economic development and employment and is designed to diminish regional disparities, achieve territorial cohesion throughout the EU and support the economy. The programmes drawn up in accordance with specific EU-thematic priorities2 are implemented through projects at the national, regional and local level. The Commission’s responsibility to execute the cohesion budget includes approval, monitoring and supervision of the operational programmes as well as their implementation. National and regional management authorities, as well as certifying authorities provide and validate expenditure to the beneficiaries.

A strengthened shared management assurance framework3 protects the legality and regularity of the expenditure. It includes management verifications and audit controls of the compliance of EU cohesion expenditure in accordance with the legality and regularity requirements. Financed contracts are typically implemented through procurement procedures by applying horizontal and sectorial EU legal requirements to respect transparency of public spending, non-discrimination and equal treatment of beneficiaries,4 as complemented by national law. The existence of effective anti-fraud safeguards is part of these management and system requirements as well as of sound financial management. Serious irregularities, fraud and the misuse of funds affecting the interests of the EU tax payer need to be detected and addressed already at the management level instead of concentrating on criminal law measures exclusively. Specific regulatory reform steps have therefore been taken by the EU legislator for the 2014–2020 programmes so as to strengthen the assurance model, notably by introducing annual accounts and clarifying sound financial management requirements of national authorities5 to achieve upfront protection against risks which may cause reputational and financial harm. While compliance and preventive anti-fraud measures need to be effective, they must take into account the objective of simplification at the same time, thus avoiding unnecessary administrative workloads and burdens for the beneficiaries. A risk-proportionate approach must address the particular system deficiencies through administrative capacity-building, including financial governance and transparency.

Zero tolerance applies to fraud. This objective requires preventive initiatives to preserve EU credibility and impartiality in programme spending already in presence of risks of conflict of interests. The objective can also be reached, for instance, through the systematic occurrence of red flags like “single bidding” in procurement procedures even if they do not establish evidence of criminal and corrupt conduct. Both, the European Parliament and the European Council, emphasise the need for data collection and transparent beneficial owner control of all final Fund recipients,6 in particular to monitor whether they are unjustly drained off into the pockets of a few big beneficiaries and oligarch structures.7 More generally, effective anti-fraud procedures are seen as a component of the discussion on EU values in public administration. Under the next multi-annual financial framework, rule of law conditionalities might even apply to Member States when receiving credits if generalised deficiencies in the administrative and judicial systems are found. Protection of financial interests as well as an effective, independent administration and judiciary are related objectives.

Protecting EU interests requires implementing and further developing structured multi-disciplinary preparedness measures. Their extent must take into account a diversity of administrative risk records of the respective EU programmes under shared management, but also the commitment for further increased financial solidarity in the follow-up of the COVID-19 crisis, going along with the COVID-19 recovery and resilience facility under the next-generation EU plan8 far beyond the existing EU funds. Necessary action includes fraud prevention, risk analysis, control and detection (chapter II) as well as a consistent response in cases of irregularities, including consistent financial corrections. Effective measures would further include exclusion from funding of unreliable beneficiaries as well as judicial prosecution in cooperation with the European Public Prosecutor’s Office (EPPO) in cases of criminal offences perpetrated against the EU’s financial interests (chapter III).

II. Increased Preparedness against Fraud and Illegal Activities

Programme management and control systems must ensure compliance with legality and regularity requirements. This includes fraud prevention based on risk analysis and assessment (section 1), but also verifications and controls to detect irregularities and fraud, transmitting relevant information and taking action to allow for investigations (section 2).

1. Fraud risk assessment

Fraud prevention comprises consistent risk analysis by the managing authorities (a), the consistent exploitation of audit and investigation results (b) as well as capacity-building through technical assistance, the systematic use of dedicated tools and cooperation with other competent bodies (c).

a) Reinforced management responsibilities

Since 2015, the managing authorities have been provided by the Commission with structured guidance on how to conduct a fraud risk assessment.9 It comprises a tool for self-assessment, quantifying the likelihood and impact of fraud, and the control of effectiveness in the conduct of risk-orientated administrative verifications. The Commission has subsequently monitored its implementation and has checked whether (based on concrete risk assessment) effective measures have been put in place. In addition to a performance audit of the effectiveness of anti-fraud measures in seven Member States, a stocktaking study was carried out for 50 operational programmes covering all EU Member States. It grasped the impact of the regulatory anti-fraud requirements, identified to what extent managing authorities comply with the legal provisions on the effectiveness of anti-fraud measures put in place and researched in particular whether an effective risk analysis was conducted and what still had to be improved.10 It concluded that proportionate measures had been taken in general, but it also found that some risks like double-financing, non-compliance with public procurement rules and the occurrence of conflicts of interests had not yet been addressed in every case with sufficient measures that were fully effective and proportionate to the risks.

Against the background of implementation practices developed so far, the shared management services of the Commission, the Directorates-General for Regional and Urban Policy (DG REGIO), Employment and Social Affairs (EMPL), and Maritime Affairs and Fisheries (MARE), have therefore recently revised their multi-annual Joint Anti-Fraud Strategy (JAFS) for European Structural and Investment Funds (ESIF). Based on experiences with the implementation of the new regulatory framework, the Commission services have identified concrete actions to further improve fraud prevention and assistance, providing a tool box for training with an e-learning platform, raising awareness and other supporting initiatives, and tools to remedy continuous weaknesses in the management and control systems, as well as addressing new fraud-risk tendencies identified in ESIFs.11 A joint typology of irregularities and identified fraud is used for an analysis of irregularities by management authorities, together with audit authorities and the European Anti-Fraud Office (OLAF). It enables coordinated feedback to managing authorities so as to better target their verifications. Implemented for the 2014–2020 programmes, this joint typology helps improve their risk assessment, identify the most important sources of errors as well as fraudulent irregularities (both in terms of frequency and amounts) and learn in which types of programmes they occur.12

b) Practical role of audits and OLAF investigations in the analysis of fraud risks

Beyond the results of their own verifications,13 managing authorities use the results of audit controls (1) and OLAF investigations (2) to assess risks for the relevant types of programmes and expenditure.

(1) Different layers of system and operations audits by the authorities, further reviewed on a risk basis through audit controls by the Commission, are in place to provide robust assurance for payments. Complementary to Member States’ audit activities, the Commission has shared management audit services in DG REGIO, EMPL and MARE to conduct their own fraud risk assessment. Their audits are not suspicion-run but risk-based, targeting tendencies and weaknesses identified in the checked management and control systems that reveal risks of misuse and illegal spending. The single audit strategy aims at ensuring that reliable audit opinions and error rates are reported to the Commission by audit authorities as a result of their approximately 500 national system audits per year for the European Regional Development Fund (ERDF) and Cohesion Fund (CF). Based on whether effective controls are in place and function reliably, the Commission services regularly update their bi-annual audit plan. Audit resources are targeted at high risk areas. About 100 risk-based audits are carried out each year for the Regional Development as well as for cohesion and social funds. Commission auditors perform controls under complementary shared management compliance, taking into account past legality compliance of each operational programme or thematic controls of specific types of expenditure, e.g. financial instruments, specific risk patterns (like conflicts of interests) and error-prone types of grants (such as public procurement procedures).14

Even if auditors are not primarily responsible for investigating fraud, they may identify and assess systemic fraud risks in the performance of these audits. They take into account the particularities of the funds under shared management in their common single audit strategy.15 For the 2014–2020 programmes, audit findings from DG REGIO and EMPL are recorded in the specific IT tool “MAPAR” for audit procedures. Findings that are specific to fraud and irregularities primarily identify shortcomings in the fraud-specific system requirements. Key Requirement (KR) No7 concerns the anti-fraud environment as well as effective and proportionate anti-fraud measures. A specific checklist is applied by auditors. Individual fraud findings are registered and give rise to systematic transmission in the OLAF – even if they are not very frequent.16

(2) A periodic analysis of OLAF findings is carried out in DG REGIO. It currently covers the complete case data affecting ERDF/CF projects in the 2007–2013 programmes, for which the final OLAF report was accompanied by a financial recommendation. The recent assessment is based on the analysis of about 140 such cases. The OLAF itself identifies in its investigations recurrent risk scenarios and a modus operandi in cohesion policy fraud.17 Examples include false or falsified supporting documents, various types of public procurement fraud, intentionally claimed ineligible expenditure and undisclosed conflicts of interests in the implementation of the funds. The OLAF cases and financial recommendations have been analysed by domain and type of irregularity, as well as for the public procurement findings by concerned procedures and tendering phases. Financial recommendations may sometimes also be based on findings of administrative irregularities without evidence of a fraudulent intention. These results are fed back into the risk approach for management verifications and audits. Based on OLAF investigations concluded in cases affecting cohesion-funded projects within the responsibility of DG REGIO, the highest fraud risk concerns the domain of EU financial support to infrastructure (43 %), followed by research and development projects as well as funding of investment into information technology.18 Half of the cases concern irregularities affecting public procurement procedures.

c) Increased administrative capacity-building and perspectives for EPPO cooperation

Capacity-building measures address integrity weaknesses in compliance and financial good governance. Risks can be mitigated by increasing transparency, professionalism in public procurement and anti-fraud commitment through sufficiently qualified, professional and skilled personnel on the part of the programme authorities. Specific Commission guidance to support administrative capacities is offered, in particular by a periodically updated19 public procurement action plan or, for instance, by a compendium of anti-fraud practices20 and a dedicated e-learning module.

The managing authorities are trained to look more consciously at specific red flags in their decision-making on funding. With a view to analysing the possible implications of “single bidding” for cohesion funding, DG REGIO, for instance, commissioned a targeted study21 on the reasons for recurrence in ten selected Member States. Widespread single bidding and non-competitive tendering may be a multi-faceted phenomenon with a variety of possible explanations, including state of the market, availability of contractors, proportion of EU funds in public spending etc. But they also constitute an indication of possible anti-competitive practices and arrangements which may distort the bidding environment and might be designed or at least be of a nature to harm the Union’s financial interests, in particular if identified frequently in a specific region or state. Single bidding raises doubts about the effective organisation of the procurement process and calls upon improving the administrative capacity of procurement entities in order to address the risk of corruption and bid-rigging. This risk may actually affect many EU regions.22

Capacity-building is supported by the Commission via technical assistance to develop cooperation with other stakeholders and actors, including civil society organisations, in particular by using “integrity pacts” as well as “peer-to-peer” cooperation and exchange. Effective and proportionate risk prevention efforts need to be tailored to the specific features of each programme and project. Used in certain high-volume procurement procedures, “integrity pacts” are agreements between a contracting authority and the companies bidding for public contracts; they provide for a commitment to abide by standards of integrity, transparency and efficiency as well as by abstaining from corrupt practices in the procurement process.23 For purposes of accountability, the parties accept the monitoring by a civil society organisation, thereby ensuring credibility and legitimacy in contracting and the execution phases of the projects. So far, the launch of 18 “integrity pacts” has been overall successful and has already shown some important results, like identifying risk scenarios (thereby avoiding potential irregularities), helping contract authorities in handling public contracts in accordance with the regulatory framework and, last but not least, identifying and signalling concrete and tangible risks of harmful and illegal practices before the procurement is concluded.

In the future, multidisciplinary capacity-building efforts may also be further supported by cooperation with the EPPO. Once the EPPO has taken up its activities, it may be an important contribution to prevention based on its knowledge about fraud cases and action across Member States as well as its EU-wide professional criminal case expertise. Its case management system documents information from all participating Member States and allows for collecting a record and register of experiences. The EPPO Regulation foresees the development of a cooperation relationship between the EPPO and the Commission.24 In particular, this should include concrete terms on increased capacity-building and for “taking precautionary measures, in particular to prevent any continuous wrongdoing or to protect the Union from reputational damage”.25

2. Detection and control

An effective detection of instances of fraud and serious irregularities is the basis for any successful investigative and prosecutorial action. Detection and reporting are a management responsibility (a), which can be exercised more effectively with the support of improved technical IT tools, data enrichment, comparability and inter-operability (b). Cooperation on detected cases includes the OLAF and, in the future, the EPPO (c).

a) Management controls: irregularities detection and reporting

In the first place, managing authorities are responsible to detect fraud. The frequency and volume of reported fraud, however, is statistically low (1).26 Detection responsibilities extend to instances of conflict of interests. This includes the stage of the project selection, the evaluation of the tenders, the choice of the beneficiaries and the stage of project implementation, even if it is not part of their function to investigate concrete suspicions (2).

(1) The detection effort is mainly reflected by reporting via the Irregularities Management System (IMS) to the Commission. The IMS is a specific electronic monitoring instrument for periodic reporting of both non-fraudulent and fraudulent irregularities by competent Member States authorities. Detected cases must be declared and entered into the IMS by competent authorities from the first stage of the primary administrative finding.27 At least as much as they may indicate an objective fraud risk affecting the respective programmes and spending priorities, the reporting statistics therefore also reflect the efficiency in detecting fraud at the managing level. Fraud reporting in the IMS translates increased detection capacities by managing authorities responsible for cohesion. But huge discrepancies between different authorities remain, which explains the assumption of underreporting.28

Based on their verifications, the reporting practice by Member States demonstrates the presence of continued risks, such as double invoicing or costs overstatement, and of situations with a conflict of interests. The Commission report on the protection of the EU’s financial interests analyses the domains in which most fraudulent irregularities are detected and reported (by amounts for 2007–2013).29 There are significant increases in the number of cases related to incorrect, missing or false documents and the infringement of public procurement rules. The most-concerned spending priorities are research and technological development (RTD), increasing the adaptability of workers and firms, enterprises and entrepreneurs as well as improving access to employment and sustainability30 – domains into which continued efforts will need to be invested. This investment is also crucial for the future with respect to the proposed COVID-19 crisis REACT measures,31 as well as the specific recovery effort under Next Generation EU: the size of EU expenditure combined in a package with the future multiannual financial framework increases and the current state of emergency requires fast action, which exposes the Union to more risks.

Whereas the tendency of the Member States to focus on fraudulent rather than non-fraudulent irregularities is higher for the programming period 2014–2020, the detected irregular financial amounts seem to have decreased. This may be due to the implementation of a more performant assurance framework that is reinforced by the obligation to present annual accounts about expenditure that are declared to the Commission for accpetance every year. However, Member States showed different reporting patterns in their tendency to detect fraudulent irregularities with high financial amounts involved. For the ERDF, Italy, Portugal and Slovakia showed a more consistent practice to detect and report fraudulent cases with large financial amounts. Italy allows its authorities to systematically draw information from the IMS for detection purposes, interlinking it directly with national data systems.

(2) Specific and extended detection responsibilities result from the now very explicit provisions for national authorities managing EU funds, so as to avoid or identify conflicts of interests. These situations arise if a public officer cannot sufficiently clearly separate the exercise of his/her functions in the management of the funds from his/her personal interests. The need to detect and make transparent a possible conflict of interests applies whenever objective indications generate this perception.32 Effective disclosure and detection are instrumental to avoid putting at jeopardy trust in the impartial decision-making by public authorities. In order to assist the Member States authorities in further strengthening procedures to detect situations of conflicts of interests, the Commission has committed to submit guidance on implementing Art. 61 of the Financial Regulation.33 It also conducted a survey of legal and administrative measures already implemented in the Member States with the aim to undertake an updated risk assessment based on a comprehensive mapping. According to the objective to protect public trust in the impartiality of fund management, Member States authorities, when executing the EU budget, must respect these obligations at all stages of budget implementation, including preparatory acts, and at all levels of authority, including the political office level.

Situations of a conflict of interests cannot be assimilated to fraud and criminal conduct themselves. But their consequent detection and disclosure are paramount to identifying possible risks of misuse, bias, fraud and corruption in fund management, as well as to preventing reputational harm. For the European Union as a community of law, effective procedures to detect conflicts of interests at all governance levels, are also part of the broader challenge to enforce the rule of law. Transparency at all levels is crucial to conclude on appropriate Member States’ administrative capacities and financial governance.

In the recent implementation practice of the programmes under shared management, the Commission services have therefore attributed specific attention to the systems in place in order to prevent and detect conflicts of interests by Member States authorities. A high-level precedent in the Czech Republic has led to targeted compliance audits so as to control the implementation of measures to avoid conflicts of interests in its national control systems under shared management.34 The recent Commission audit practice overall confirms that self-declarations of the absence of conflicts of interests during either the selection of operations or public procurement procedures are not a sufficient single means of protection and detection. Only if effectively checked by Member States authorities, they can lead to effective detection. Criminal sanctions in place for false self-declarations are not a guarantee that no further audit evidence of their validity is needed.

b) Improved detection tools, data enrichment and inter-operability

Under shared European Structure and Investment (ESI) funds management, detection is supported by the obligation to monitor and publish data on the beneficiaries.35 These transparency duties for managing authorities play a central role in risk mitigation and the detection of irregularities. Private-source information may help further enrich and process this information. In the context of decentralized Member States’ administrative responsibilities for the implementation of cohesion policies, the Commission services offer support for the effective detection of illegal practices. They stimulate and encourage a more systematic enrichment of stored and recorded technical data by using data-mining and risk-scoring tools (1), as well as supporting data access through the enhanced inter-operability of Member States’ data bases (2).

(1) Managing authorities gain from making more systematic use of artificial intelligence tools during project selection and implementation.36 For this purpose, they can use a specific data-mining tool called Arachne, which allows for further enrichment of information provided by the Member States authorities in accordance with Commission Delegated Regulation 480/2014.37 Member State data are combined with external information from private data service providers; the system also collects company, fiscal and accounting data of more than 200 million entities worldwide. Risks affecting operations and beneficiaries can be checked along specific categories of information, e.g. “public procurement”, “conflict of interests” or “fraud”, in order to verify the presence of specific indicators, e.g. the level of compliance with fiscal, accounting and insolvency laws. This may lead to identifying red flags on the basis of which the system provides a “risk-scoring”. The managing authority entirely preserves its discretion in decision-making but benefits from the warnings provided to detect areas at risk and target verifications on the spot.

The analytical device Arachne (developed by the Commission) is currently a voluntary preventive detection tool. Based on a private service contract, it is provided free of charge to managing authorities38 and can identify a project exposure to risks of fraud, conflicts of interests, double financing, corruption or other irregularities. As not all Member States currently use artificial intelligence tools, the question is whether and on which terms the EU legislator should provide a requirement to make compulsory use of the data-mining system. This could help with a more effective uptake of Arachne for all programmes and Member States, lead to more complete information being inserted and thereby further increase its quality. A reference in an EU legal instrument would overcome the opposition of some Member States which do not yet use it.39

(2) Relevant information on the state of implementation of financed operations and on payments to beneficiaries is already included and publicly accessible in the cohesion open-data platform.40 However, this information is currently not fully interoperable and entered in accordance with different data quality standards. Not all Member States authorities insert their information using comparable categories and parameters of information, such as an official identifier code for beneficiaries. This still makes it difficult to trace and detect contractors, beneficial owners and final recipients of the beneficiary company or trust. In order to further increase data interoperability and transparency for fund management, the Commission has therefore tested smart processing of open data by using an advanced knowledge tool for a limited number of Member States in a pilot project. It will insert content from relevant Member States’ data bases on an interoperable platform, processing the data with linguistic, data-mining and search functions. If successful, this pilot could ultimately become a smart processing tool for all Member States and might technically be used for risk analysis and detection.

Improved data interoperability could help track and detect more effectively beneficial owner control in shared management and cohesion policies. This is currently required for EU funds participation in financial instruments and budgetary guarantees under an indirect spending mode by European banks.41 But the use of the data needs to respect the purpose of the legal basis under which it is collected. As a concrete example, for cohesion and agriculture policies, the European Parliament requests to obtain from the Commission the lists per Member State and, within the EU, of the 50 largest individual recipients (natural persons or beneficial owners of a company).42 The purpose and the need to know for protecting the EU’s financial interests is presented in broad terms. The data protection challenges will need to be addressed in compliance with the GDPR43 and the other EU data protection regulations44. The proposal for a regulation on common provisions for cohesion programmes in 2021–2027 provides, for monitoring purposes, a more harmonised input, but does not include the systematic disclosure of beneficial owner data and on contractors in procurement. The regulatory templates would need to be completed with updates, but without disproportionately increasing the administrative burden for managing authorities. According to its recent anti-money-laundering action plan, the Commission also intends to submit, within the next year, a rule book on whether the Anti-Money Laundering Directive needs to be further harmonised.45

c) Cooperation on detected cases with the OLAF – and with the EPPO in the future

Detected cases with a suspicion of fraud are systematically communicated to the OLAF by Commission services. This is done based on information received from all sources: from the managing and audit authorities at the national level and in the regions and, in particular, based on Commission audits. In practice, Commission services report the majority of public-sources information to the OLAF. Even though the transmitted information does not always lead to the opening of investigations, about one third of cases are accepted for investigation by the OLAF. Transmission of information by Member States authorities to the OLAF for investigation is comparatively less frequent. The managing authorities currently transmit detected cases to national investigation services, or in case of criminal suspicion directly to judicial authorities for purposes of investigation and prosecution.46

The future relationship between the EPPO and the Commission will explore ways for operational cooperation and assistance on detection. In the future, a structured and periodical exchange of information and experiences could lead to cross-reference information, which would allow for extracting data for operational analysis47 and for detecting fraud. The interest of the Commission services will notably include the development of available knowledge for precautionary measures in case of a detection of potential irregularities and fraud. Information collected by the EPPO – as a specialised investigation and prosecution body – with a European decentralised structure and a case management system covering cohesion fraud cases could support detection results. Considering the respective prerogatives and priorities, however, this assistance to detection is not evident, at least not in pending investigation cases, where it needs to be reconciled with judicial secrecy. The transmission of sufficient information by the EPPO to Commission services is “without prejudice to the proper conduct and confidentiality of its investigations”.48 But it should not be excluded in principle. It could contribute to effective protection.

III. A Consistent Response in Reaction to Fraudulent Irregularities

Compliance of the management and control systems predominantly depends on the protective capacities of financial correction and recovery, which should be exercised effectively without undue delay under the responsibility of the Member States authorities (1). In addition to paying back unlawfully obtained monies, administrative sanction procedures for the exclusion and blacklisting of unreliable beneficiaries under the European Detection and Exclusion System (EDES) could complement future judicial prosecution of criminal offences by the EPPO (2).

1. Financial correction and recovery

Irregular expenditure is corrected and recovered (a), but procedures must become swifter (b).

a) Administrative financial correction and recovery procedures in cases of irregularities and fraud

If irregularities or fraud are detected and established, Member States authorities are responsible for applying financial corrections and recovering expenditure from the beneficiaries. If related serious system deficiencies are not corrected, the Commission itself interrupts interim payments, suspends programme implementation and applies financial corrections against the respective Member State (1). The amount is determined by flatrate corrections if the financial prejudice cannot be clearly quantified (2). Corrections may in particular need to be adopted as a consequence of OLAF financial recommendations (3).

(1) Under shared management, financial corrections and recovery are implemented in different layers. With respect to EU cohesion expenditure, financial corrections by Member States authorities49 are implemented either by cancelling all or part of the EU contributions to an operation, through de-certifications of declared amounts from the annual accounts or through withdrawals in case of “pending recoveries”. Under Art. 325 TFEU, it is the Member States’ responsibility to issue a recovery order and to ensure that beneficiaries pay back the obtained monies to the managing authorities if irregularities due to fraud and illegal activities are established. This duty applies in accordance with the rules under the applicable legal, administrative and contractual framework, independent from a criminal conviction. The Commission imposes financial corrections on the Member State50 if – based on audit results reported by the Member States or on own audits – material risks remain in the functioning of the management and control systems. The Commission is required to launch financial correction procedures each time once the national control cycle (including corrections) is completed if it concludes that the residual total error rate for a programme is still above 2%. As precautionary measures, this comprises the swift interruption of interim payments. If an application for interim payments comprises irregular and, in particular, fraudulent expenditure, the payment scheme may be suspended by the Commission.51

The progamme authorities can reuse the monies in a subsequent accounting year for another operation within the same programme.52 However, the Commission shall apply net financial corrections should serious deficiencies be identified by its audit directorates (or the European Court of Auditors), provided that they were not identified, reported and corrected by the Member State authorities when submitting the corresponding accounts.53 In this case, the amounts subject to financial correction are deducted as net corrections from its Member State credits. In practice, this possibility is rarely used, but it has a disciplinary effect and ensures Member States’ compliance when submitting the accounts. This can be illustrated by the high amount of deductions in the declared expenditure of the annual accounts from final annual interim payment requests.54 However, once financial corrections are made by the programme authorities, the Commission itself has, under shared management responsibilities, no further means to insist that the illegally received monies are paid back to the authorities by the beneficiary. Of course, this is without prejudice to Member State obligations under Art. 325 TFEU to take effective measures so as to recover fraudulently obtained amounts.

(2) Financial corrections correspond with the value of the wrongly charged expenditure. But if a prejudice cannot be specifically and precisely quantified for individual irregularities, flatrate corrections are applied.55 These may need to be imposed on beneficiaries by programme authorities, particularly for cases of fraud, conflict of interests and bid-rigging in public procurement. The specific rates depend on the seriousness of the breach and the systemic nature of the identified irregularities, which may range from 5% to 100% of the affected expenditure.56 If fraud is uncovered, the complete failure of compliance may justify a maximum flatrate correction of 100% of the affected expenditure.57 Standard correction rates are, in particular, foreseen in the recently revised Commission guidelines on financial corrections in public procurement.58 These are addressed to Commission services and not directly legally binding for the Member States, but for reasons of equal treatment, they are relevant for the exercise of their discretion. The guidelines thereby clarify the obligations of programme authorities to correct any prejudice to the EU’s financial interests, in particular in cases of fraud affecting public procurement expenditure. The rates set a generally applicable proportionate standard rate of correction, but the specific decision must take into account all circumstances of the individual irregularity. The flatrate depends on the nature and gravity of the irregularities, which may be opposed to the Member States authorities and the resulting financial implications for the funds.59 The gravity may need to be clarified in cases of bid-rigging, cartel and anti-competitive agreements between tenderers, in particular if the administration itself is a victim. The full flatrate of 100 % financial correction is, however, foreseen in cases of involvement of public administration officials.60

(3) Recovery of illegally obtained monies may in particular be a consequence of OLAF investigations with fraud findings. The Commission’s shared management services systematically follow up on financial recommendations accompanying OLAF final case reports. It is the Commission with its competent fund managing Directorates General (REGIO or EMPL) which is the direct addressee of relevant financial recommendations accompanying the findings in a final OLAF case report. But the financial recommendations need to be transmitted for implementation by the Commission services to the national managing authorities. As the OLAF recommendations themselves are not a binding decision for the national authorities, a contradictory process is organised. If the managing authorities do not agree to applying financial corrections without a valid reason – or not for the recommended full amount –, the Commission may need to launch administrative procedures for financial corrections. The implementation of all transmitted OLAF recommendations is comprehensively monitored by DG REGIO, which closely checks progress. The average ratio of implementation of OLAF financial recommendations by DG REGIO reached about 86 % of the volume of recommendations made by the OLAF in 2019.61 This result is due to upfront informal coordination between the different Commission services about anticipated findings, their legal presentation in the OLAF final report and the amount of recommended financial recovery – without prejudice, but to the OLAF’s investigative independence. Nonetheless, the follow-up process is currently still quite long, requiring a period of about 18 months on average. This is due to the need in many cases to await the outcome of pending lengthy national administrative and criminal proceedings.

b) Perspectives for accelerated recovery with the assistance of the EPPO?

The question is whether further progress on recovery can in the future be expected from cooperation with the EPPO. The Regulation is rather silent on recovery cooperation between the EPPO and the Commission. In addition, the EPPO Regulation regrettably does not draw up concrete procedural approaches on how to reconcile the exercise of concrete managing tasks in order to safeguard the precautionary financial measures with actions by the specialised prosecution service. This includes, for instance, the provision of a reinsurance that interference between criminal and administrative procedures will be avoided more effectively. If fraud is identified, the performance of contracts may need to be interrupted and programmes suspended quickly, payments have to be refused and unduly paid amounts recovered. The need to accelerate recovery procedures is reflected insufficiently in the EPPO Regulation, which argues that “to the extent that recovery procedures are deferred as a result of decisions taken by the EPPO in connection with investigations or prosecutions under the EPPO Regulation, Member States should not be considered at fault or negligent for the purposes of recovery procedures”.62 This is the wrong signal: the EPPO has been established to become a factor of acceleration and not of delay in the response to fraud. It should contribute to safeguarding a quick recovery of monies.

The EPPO may need to protect the EU’s financial interests through fast precautionary and conservative measures in its investigation procedures, in particular to stop payments and avoid putting at risk EU monies.

On the one hand, the EPPO Regulation does not comprise many specific provisions describing how the EPPO will advise on administrative measures. Precautionary measures by programme authorities to protect financial interests could comprise suspensions and interruptions of payments, as specified for ongoing OLAF investigations.63 The EPPO Regulation indicates in general terms that the EPPO may “recommend specific measures”.64 But in concrete terms, the EPPO Regulation only covers cooperation with the Commission on the correction of illegal expenditure for two scenarios – which occur at the very end of investigative procedures – and specifies the EPPO’s mandate to help recover the defrauded sums. First, in case of prosecution, the EPPO will notify the Commission of the decision “where necessary for the purposes of recovery”.65 This information flow is indeed necessary both to protect the secrecy of criminal proceedings or investigative measures and to avoid further putting at risk the EU’s financial interests. Second, the EPPO Regulation mentions the referral of the file in case of dismissal, for the recovery and administrative follow-up to the OLAF or other competent authorities.66

On the other hand, the EPPO Regulation does not in itself provide a legal basis for specific judicial powers to take conservative or other precautionary judicial measures. This matter continues to be subject to national criminal procedural law. According to the Regulation, national law may specify the relevant investigative and precautionary powers of freezing instrumentalities, proceeds and assets,67 depending on concrete conditions, so as to avoid “that the owner, possessor or controller of those instrumentalities or proceeds will seek to frustrate the judgement ordering confiscation”. But the Regulation does not clarify, for instance, the cooperation with offices responsible for freezing and confiscating proceeds of fraud.68

2. Future use of administrative sanctions and prosecution

EU anti-fraud legal instruments emphasise the objective of a deterrent fight against fraud, in particular the directive on criminal law protection, which provides harmonised criminal offences, including fraud and corruption,69 as well as the EPPO Regulation, whose criminal investigation and prosecution powers will extend to fraud affecting cohesion funds. But the exclusion of unreliable beneficiaries from EU projects and blacklisting by managing authorities could also be a relevant type of sanction, which would be necessary for the protection systems in cohesion (a) and complementary to anti-fraud deterrence through effective prosecution by the EPPO (b).

Companies and persons who have committed serious illegal activities and fraud should possibly be blacklisted70 and banned from participation in EU-financed tenders. Beyond corrections, the EU Financial Regulation provides for the application of financial penalties as well as the exclusion and blacklisting of unreliable beneficiaries in cases of serious irregularities (1). These administrative sanctions might also be introduced in cohesion policies to swiftly apply, without prejudice to criminal law responsibility and the assessment of guilt by the competent judiciary (2).

(1) European administrative sanctions are, however, currently not yet applicable in cohesion policies against beneficiaries who have committed serious irregularities, as the implementation mechanism – which the EU Financial Regulation provides under the EDES – and the registration of beneficiaries in the EDES have not yet been extended to areas of shared management.71 So far, it only applies to direct (by Commission) and indirect (by EU-agencies, e.g. EU-public banks) spending. Two types of registration need to be distinguished:

First, the EDES provides to apply measures of reinforced control so as to protect the Union’s financial interests against risks through unreliable beneficiaries and entities. In order to warn authorising officers, registration in the system ensures the early detection of beneficiary entities and persons of interest representing risks that threaten the Union’s financial interests.72 This is not a decision on sanctions. The registration does not in itself constitute a final measure that brings about a binding effect and a change in the legal position of the entities concerned. But in the future, the EPPO may request the deferral of an EDES detection and early warning notification,73 as long as there are compelling legitimate grounds to preserve confidentiality in its investigations.74

Second, administrative sanctions, such as the exclusion of persons and entities from receiving Union funds, are foreseen in cases of findings of serious misconduct.75 The regulatory sanctions include the imposition of a financial penalty on an economic operator76 and, in the most severe cases, the publication of the exclusion on the Commission’s internet site, in order to reinforce the deterrent effect.77 The Commission and the other EU authorising officers feed information of serious irregularities about unreliable beneficiaries into the EDES. The procedure strives for swift decision-making while respecting defence rights and the contradictory procedure .78 The information that triggers exclusion may be based on both a final or non-final judgement or administrative decision, but could also (and in particular) rely on facts and findings by the OLAF, audits or any other check, as well as audits or controls performed under the responsibility of the competent authorising officer. In the future, the exclusion can also be based on information transmitted after investigations by the EPPO. In the absence of a final judgement, the responsible authorising officers make their decisions on the basis of a preliminary classification in criminal law, with due regard to the recommendations of the high-level EDES panel.79

(2) Cases of fraud under shared management could equally be inserted in the future, if provided by sectorial regulations. This could complement the current Irregularities Management System (IMS), in which shared management authorities periodically report irregularities and fraud in accordance with regulatory monitoring duties – but it is simply a reporting and monitoring tool for risk analysis and statistics.80 The full extension of the EDES to compulsory use by shared management beneficiaries, bodies implementing financial instruments and final recipients, however, would require a significant legislative and administrative effort. Currently, Member States are only encouraged to use the EDES when selecting beneficiaries of their programmes on a voluntary basis. Access to EDES information on exclusions from expenditure under direct and indirect management needs to be granted ad hoc to national authorities by the Commission if this information is necessary for assessing a fraud risk and the possible ineligibility of a registered beneficiary. So far, only Malta and Slovenia have requested access. Legislative changes with respect to the exclusion from all EU funds across different spending modes of beneficiaries who are also registered under shared management would additionally entail the need to provide that Member States can directly access the Commission-owned system and insert information about beneficiaries under their own responsibility. Hence, the EDES structure would need to be changed as well.

b) The relevance of future cooperation with the EPPO

The EPPO might take up its activities at the end of 2020.81 Effective EU-wide, equivalent and more expedient procedures for prosecution and criminal sanctions in cases of fraud in cohesion funds are expected outcomes of this important reform.82 Investigations currently often take too much time and need to be enforced by applying different criminal procedural standards. On the one hand, the different modalities for cooperation between the Commission – including the OLAF – and the EPPO in individual investigations still need to be clarified, even if they have to build on practices that are already in place (1). On the other hand, in accordance with existing anti-fraud policies, management authorities themselves need to systematically submit fraud suspicions for dissuasive action of the prosecution. Cooperation with the EPPO by Member States must therefore necessarily be taken into account when assessing the proper functioning of the management and control systems for purposes of audit arrangements – and possibly also in the future when assessing the enabling conditions, which may lead to the suspension of funds in accordance with rule-of-law criteria (b).

(1) Spontaneous fraud reporting by Commission services will be the main source of information for the EPPO. For practical reasons and with a view to reporting fraud suspicions without undue delay,83 DG REGIO may follow existing reporting mechanisms within the Commission and make use of its OLAF arrangements.84 In practice, this may be advisable so as to assess whether there are sufficient suspicions as well as to find the appropriate moment and extent of information exchange to start criminal investigations with the EPPO. This may be preferable with a view to checking whether the facts are within the material scope of competence of the EPPO for criminal conduct.85 In practice, the criminal dimension is an aspect with which the programme authorities and DG REGIO have little experience, notwithstanding a possible preliminary evaluation of the allegations to be reported and their first classification in criminal law.86 With a view to properly assessing who is competent to prosecute, it also seems important to determine whether the level of maximum sanctions is equal or less severe in the presence of non-harmonised offences.87 Finally, the OLAF may be better placed than DG REGIO for assessing the question whether the threshold of sanction and damage criteria are met in de minimis cases, so as to confirm the EPPO’s competence.88

Information exchange will also become necessary on request by the EPPO in pending fraud investigations. The EPPO may in particular request “further relevant information” available to the Commission.89 It may also want to obtain any relevant information stored in data bases and registers of the Commission.90 In this context, the question arises of the modalities and the extent of such access, in particular whether the EPPO should be given direct access to certain Commission data bases, or whether information shall be extracted by Commission services from the data bases. DG REGIO will need to collect further information on a request by the EPPO within the limits of the obligation for loyal cooperation. But the role of the Commission auditors differs from the one of fraud investigators, and does not equal that of an auxiliary of justice. For these reasons, it would make sense that a possible liaison with the EPPO in ongoing investigations should be established via or in close consultation with the OLAF.

(2) As mentioned above, the EPPO should contribute to more expedient, effective and equivalent criminal law action in cases of fraud. However, not all EU Member States participate in the EPPO scheme. In line with the anti-fraud criminal law policies for national authorities, the cohesion common provisions proposal for 2021–202791 therefore links the use of certain simplifications in national assurance systems (such as the use of single audit procedures and the application of enhanced proportionate audit arrangements) to the participation of the concerned Member State in prosecution cooperation with the EPPO.92 This link is formulated in flexible terms but illustrates the understandable expectation that this cooperation with the EPPO will be key to strengthening and enforcing sound financial management. Member States are invited to avail themselves of the EPPO investigation and prosecution functions with regard to achieving effective protection of the EU budget before enjoying simplified assurance conditions. However, it will be important to confirm the actual relevance of participation by Member States in the enhanced cooperation with the EPPO on the basis of practical results. It must also be confirmed whether the new system achieves effective operational protection of the EU’s financial interests through dissuasive criminal law measures against fraud. This test will only prove successful if the EPPO can confirm – in concrete cases – its efficiency in simplifying and accelerating prosecution, which can lead to dissuasive sanction procedures.

Some Member States, including Poland and Hungary, which both finance an important part of their public investment budgets through cohesion funding, do not intend to participate in the enhanced cooperation. Should this ultimately lead to an operationally less effective prosecution function by these non-participating States, this would be a deficiency in their management and control systems. In the future – and under conditions which still need to be clarified –, this could – even justify a requirement for EU cohesion funding under the rule-of-law principle if the lack of participation with the EPPO indicates a generalised deficiency of the judicial system.

IV. Conclusions

Anti-fraud measures in cohesion policies are more structured today than in the past, but the need for tailor-made and proportionate, risk-based approaches remains topical. In the years to come, following the COVID-19 crisis, the need for a robust overall protection of EU finances will even increase. Even for the 2014–2020 period, the COVID-19 pandemic regulatory initiatives already provide increased funding that is available under flexible conditions and offers the possibility of 100 % EU financing. In many Member States, this is combined with high time pressure on implementing the funding measures foreseen and proposed in May 2020,93 which complete the earlier measures of the immediate response to the impact of the pandemic.94 For the new multi-annual financial framework, the important volume of EU support foreseen under the EU recovery package put forward in May 2020 in the Commission proposal for the 2021–2027 period even more evidently illustrates the need to further strengthen measures to address risks of fraud.95 The challenges ahead require full synergies between all actors involved, updated risk assessments for the programmes, an attentive detection of any possible irregularities as well as investigations into and the prosecution of suspicions of fraud.

The existence of functioning management and control systems as well as the availability of effective prosecution and independent criminal law protection in cases of criminal activities affecting EU cohesion expenditure are intertwined. In this context, the EPPO, which will work together with the other competent authorities and stakeholders and resist temptations of empire building, will become an indispensable key player for an effective operational system of anti-fraud measures under the next multi-annual financial framework. It will provide a criminal law safeguard, which is necessary for and complementary to the administrative assurance systems, as well as being relevant for achieving the objectives of EU policies on cohesion and values. As can be seen from most recent European Council conclusions96, in the negotiations on the multi-annual financial framework, however, Member States might remain divided on rule-of-law conditionalities. Whereas the European Parliament has endorsed the main thrust of the Commission proposal97 about respect for the rule of law for the 2021–2027 programmes,98 the European Council has not yet been able to fully endorse the “rule-of-law conditionality” as an integral part of the future multi-annual financial framework funding schemes.

  1. See Communication from the Commission, “The EU budget powering the recovery plan of Europe”, COM(2020) 442, 27.5.2020, p. 18. See also European Council, conclusions 17–21 July 2020, Annex MFF commitment appropriations, p.67.

  2. Most prominently research and innovation, competitiveness of small and medium-sized enterprises (SMEs), low carbon and the creation of jobs.

  3. Based on a designation process for the authorities, ex-ante conditionalities, a 10 % payment retention until accounts acceptance and an annual submission of accounts.

  4. ECJ, 6.12.2017, case C-408/16, Compania Naţională de Administrare a Infrastructurii Rutiere SA, para. 57, which confirms “that the role of the European Union is to finance through its funds only actions conducted in complete conformity with EU law, including the rules applicable to public procurement”; see also ECJ, 14.7.2016, case C‑406/14, Wrocław – Miasto na prawach powiatu, para. 43. See in particular Directive on Public Procurement 2014/24, O.J. L 94, 28.3.2014, 65.

  5. Common Provisions Regulation EU No. 1303/2013, laying down common rules for cohesion programmes, O.J. L 347, 20.12. 2013, 320. See in particular Art. 125(4)(c): “… the managing authority shall … put in place effective and proportionate anti-fraud measures taking into account the risks identified”.

  6. European Parliament resolution of 14.5.2020 on discharge in respect of the implementation of the general budget of the European Union for the financial year 2018, Section III – Commission and executive agencies (2019/2055(DEC)) P9TA-PROV (2020)0114, para. 26, in which the European Parliament requests “the Member States … to maintain a publicly available list of final beneficiaries (and) calls on Member States to publish such data in a uniform manner and ensure the interoperability of the information.” European Council conclusions, 17 – 21 July 2020, para.24; See also Report from the Commission on the follow-up to the discharge for the 2018 financial year, COM(2020) 311 final.

  7. See discharge resolution for 2018, op. cit. (n. 6), para. 24: “… strongly disapproves of the creation and establishment of oligarch structures in some Member States; is deeply concerned that members of these oligarch structures draw on Union funds particularly in the area of agriculture and cohesion to strengthen their position of power…”; and para. 25: “… is deeply worried by recent reports about agricultural funds allegedly benefiting oligarchic structures; reiterates that this represents a severe injustice towards Union taxpayers and particularly towards small farmers and rural communities…”.

  8. See Communication from the Commission, “The budget powering the recovery plan of Europe”, COM(2020) 442, 27.5.2020, p. 18, which provides a budget sealing of nearly € 985 billion.

  9. Guidance for Member States on Fraud Risk Assessment and Effective and Proportionate Anti-Fraud Measures, European Structural and Investment Funds, EGESIF 14-0021-00, 6.6.2015.

  10. L. Bonnemains, M. Campagno, B. Kessler, O. Mala and G. Razavi, pwc, Preventing fraud and corruption in European Structural and Investment Funds – taking stock of practices in the EU Member States, October 2018, available for download at: <> accessed 20 July 2020.

  11. Joint Anti-Fraud Strategy for Shared & Indirect Management 2020–2025, REGIO EMPL MARE, Ares(2019)7845154 of 20 December 2019, also available at: <>. The actions take into account the recommendations and the action plan of the updated Commission Anti-Fraud Strategy, COM(2019) 196 (29.4.2019) and SWD(2019) 170. For the new Commission’s Anti-Fraud Strategy, see C.A. Makri and O. Marin, (2019) eucrim, 218.

  12. For the accounting year 2017–2018, see REGIO AAR 2019, Annex 10D; the most important categories are public procurement, ineligible expenditure, missing documentation and state aid.

  13. See section 2 below (Detection and control).

  14. The most frequent sources of errors are unjustified direct awards, artificial splitting of contracts, discriminatory selection criteria, unequal treatment at the evaluation stage and contract modifications disregarding publication requirements.

  15. See point 3.2.5, Single audit Strategy update 2020, including risks, e.g. due to the limited period of keeping supporting documents.

  16. From 2016 to 2018, 15 carried out REGIO audit missions revealed 22 findings in No KR 7, 17 out of which were evaluated as ‘important’, four as ‘very important’ and one as ‘critical’.

  17. See Information note on fraud indicators for ERDF, ESF and CF, COCOF 09/0003/00-EN of 18 February/2009.

  18. 15 % and 12 % respectively.

  19. Fourth update 2020: Public Procurement Action Plan in the context of Cohesion Policy 2020–2027.

  20. DG REGIO, Preventing Fraud and Corruption in European Structural and Investment Funds, Compendium of Anti-Fraud Practices, 5 October 2018.

  21. Study by M. Fazekas, Single Bidding and Non-competitive Tendering Procedures in EU-Co-funded Projects. Scope and Explanations, May 2019: <> accessed 20 July 2020.

  22. Commission, Seventh Report on Economic, Social and Territorial Cohesion, 2017, chapter 4 para. 3.6. See also summary data in Annex 1 REGIO lit. d).

  23. European Commission,, EU regional and urban development, regional policy, integrity pacts.

  24. See Art. 103 of Regulation (EU) No 2017/1939 on the implementation of enhanced cooperation on the establishment of the European Public Prosecutor’s Office (EPPO), O.J. L 283, 31.10.2017, 1.

  25. See Recital 107 of the EPPO Regulation.

  26. For the 2007–2013 period, the level of reported fraud in cohesion was 0.47%, while it currently is 0.87% for 2014–2020.

  27. Art. 2 of Commission Delegated Regulation 2015/1970 with specific provisions of the reporting of irregularities, O.J. L 293, 10.11. 2015, 1.

  28. European Court of Auditors, Special Report 06/2019, 27.3.2019, “Tackling Fraud in Cohesion spending”, in particular paras 48–57 and 89. For the report, also see T. Wahl, “ECA: Fighting Fraud in the Cohesion Sector is Unsatisfactory”, (2019) eucrim, 93.

  29. Protection of the Financial Interests, Commission Report 2018, see para. and table Annex 1, lit a).

  30. Frequency of 8.6%, 9.7% and 9.5% respectively of the irregularities reported as fraudulent in comparison with all reported irregularities.

  31. See in this context the Commission proposal COM(2020) 451, 28.5.2020 to top up the 2014–2020 spending by € 55 billion under Cohesion funds to address the COVID crisis.

  32. Art. 61 of Financial Regulation (EU, Euratom) No. 2018/1046, applicable to the general budget of the Union, O.J. 193, 30.7.2018, 1: “1. Financial actors within the meaning of Chapter 4 of this Title and other persons, including national authorities at any level, involved in budget implementation under direct, indirect and shared management, including acts preparatory thereto, audit or control, shall not take any action which may bring their own interests into conflict with those of the Union. They shall also take appropriate measures to prevent a conflict of interests from arising in the functions under their responsibility and to address situations which may objectively be perceived as a conflict of interests.”

  33. Commission “Guidance on avoidance of conflicts of interest under the Financial Regulation”.

  34. European Parliament resolution of 14 May 2020 with observations forming an integral part of the decisions on discharge in respect of the implementation of the general budget of the European Union for the financial year 2018, Section III – Commission and executive agencies (2019/2055(DEC)), see in particular para. 218: “Also deplores initial indications that the Commission auditors detected very serious cases of conflict of interests related to the Czech government; understands, however, that the Czech national law on conflicts of interests did not before February 2017 penalise the granting of public funds to public officials.”

  35. The specific rules are defined in Art. 115(2) of Regulation No. 1303/2013 for the ERDF, the CF and the European Social Fund (ESF), as well as in Arts. 111–114 and 117 of Regulation No. 1306/2013 for expenditure under the Common Agricultural Policy. See also Art. 44(3) and (4) as well as Art. 63 of the Commission proposal for a Common Provisions Regulation for the period 2021–2027, COM(2018) 375, 29.5.2018.

  36. European Parliament, 2018 discharge resolution, op. cit. (n. 6), para. 230.

  37. Regulation (EU) 480/2014, O.J. L 138, 13.5.2014, 5, see Annex III including 55 data fields.

  38. By September 2019, 20 Member States used Arachne, 16 of which had integrated it into their management and verification processes for at least one operational programme. The most active users were Slovakia and the Czech Republic and Bulgaria, but also France, Italy, Latvia and Romania. However, some Member States currently abstain from using Arachne (Austria, Germany, Sweden, Finland, Denmark) or are undecided (Poland, Cyprus). Among the reasons may be stricter national rules on data confidentiality (DE) or plans to develop alternative national systems (PL).

  39. See request by the European Parliament in the discharge for 2018, para. 230 (op. cit. (n. 6)).

  40. Art. 115 of Regulation) 1303/2013.

  41. See in particular Art. 155(3) 2 of the Financial Regulation. When implementing financial instruments and budgetary guarantees, persons and entities acting under indirect management shall make funding contingent under this Regulation upon the disclosure of beneficial ownership information in accordance with Directive (EU) 2015/849 and publish country-by-country reporting data within the meaning of Art. 89(1) of Directive 2013/36/EU.

  42. See EP, 2018 discharge Resolution, op. cit. (n. 6), para. 28.

  43. In particular Arts. 5 and 6 of Regulation (EU) 2016/679on the protection of natural persons with regard to the processing of personal data, O.J. L 119, 4.5.2016, 1.

  44. For Commission processing: Arts. 4 and 5 of Regulation (EU) 2018/1725, O.J. L 295, 21.11.2018, 39.

  45. See Directive (EU) 2015/849, as amended by (Fifth) Directive (EU) 2018/843, O.J. L 156, 19.6.2018, 43, laying down rules to facilitate the use of financial and other information for the prevention, detection, investigation and prosecution of certain criminal offences, as well as designating authorities empowered to have access to the centralised bank account registries; for beneficial ownership information, see in particular Arts. 3(6), 30, 31 and 31a. See the recent Commission action plan C(2020) 2800, 7.5.2020.

  46. See Art. 14 of Directive 2017/1371 on the fight against fraud to the Union’s financial interests by means of criminal law, O.J. L 198, 28.7.2017, 29. For the Directive, see A. Juszczak and E. Sason, (2017) eucrim, 80.

  47. See Art. 44(2)(c) of the EPPO Regulation.

  48. Art. 103(2) of the EPPO Regulation.

  49. Art. 143 of Regulation 1303/2013: “1.  The Member States shall in the first instance be responsible for … making the financial corrections required and pursuing recoveries. … 2.  Member States shall make the financial corrections required in connection with individual or systemic irregularities detected in operations or operational programmes. Financial corrections shall consist of cancelling all or part of the public contribution to an operation or operational programme. The Member States shall take into account the nature and gravity of the irregularities and the financial loss to the Funds.”

  50. Art. 85 of Regulation 1303/2013: “1.  The Commission shall make financial corrections by cancelling all or part of the Union contribution to a programme and effecting recovery from the Member State, in order to exclude from Union financing expenditure which is in breach of applicable law.” See also Art. 144(1).

  51. Art. 142(1)(b) of Regulation 1303/2013.

  52. Art. 143(3) of Regulation 1303/2013. In order to avoid financial corrections, in the case of ongoing national procedures and proceedings, pending recoveries may also be taken out of expenditure declared in the accounts and reinserted in future accounts if the suspicion is not confirmed, see Art. 137(2) of Regulation 1303/2013.

  53. In 2019, DG REGIO did not have to initiate procedures to reduce programme allocations (net financial correction).

  54. For structural funds, € 3.1 billion in 2018–2019; see Annual Activities Report REGIO 2019, ARES (2020) 3011513, 10.6. 2020, p. 32, and Annex 10C, p. 62.

  55. See Art. 144(1) 3 of Regulation 1303/2013.

  56. Art. 31(2) of Commission-Delegated Regulation (EU) 480/2014, O.J. L 138, 13.5.2014, 5.

  57. A financial correction of 100 % is applied to the expenditure affected by irregularities stemming from a breach of public procurement rules with an impact on the EU budget and relating to fraud, affecting the Union’s financial interests or any other offence defined in Arts. 3–5 of Directive (EU) 2017/1371, as established by a competent judicial body, or identified by a competent EU or national authority.

  58. See point 1.1 of the Commission Guidelines on financial corrections in cases of public procurement irregularities in the Annex to the Commission Decision of 14.5.2019, laying down the guidelines for determining financial corrections to be made to expenditure financed by the Union for non-compliance with the applicable rules on public procurement, C(2019) 3452.

  59. Settled case law, ECJ, C-406/14, op. cit. (n. 4), para. 47, and ECJ, C-408/16, op. cit. (n. 4), para. 65. See also point 1.4. of the above-mentioned Guidelines.

  60. See Guidelines, op cit. n. (58) irregularity type 22.

  61. See overview in the DG REGIO Annual Activity Report for the year 2019, Annex 10 K.

  62. Particularly relevant under cohesion policies, see Recital 106 of the EPPO Regulation, with reference to Art. 122 of Regulation 1303/2013.

  63. Art. 7(6) 2 of Regulation (EU) 883/2013, concerning investigations conducted by the OLAF, O.J. L 248, 18.9.2013, 1.

  64. Art. 103 of the EPPO Regulation.

  65. Art. 36(6) of the EPPO Regulation.

  66. Art. 39(4) of the EPPO Regulation.

  67. Art. 30(1)(d) of the EPPO Regulation.

  68. See Art. 10 of Directive (EU) 2014/42 on the freezing and confiscation of instrumentalities and proceeds of crime in the European Union, O.J. L 127, 29.4. 2014, 39.

  69. Directive 2017/1371, op. cit. (n. 46).

  70. EP discharge resolution for the financial year 2018, 14 May 2020, para. 230, see note 6 above.

  71. See list of those concerned in Art. 135(2) of the Financial Regulation (op. cit. (n. 32)). Art. 142(2)(d) foresees the transmission of information to the EDES by entities implementing the budget in accordance with shared management in cases of detected fraud only where such transmission of information is required by sector-specific rules. This is currently not yet provided in the Common Provisions Regulation (CPR) 1303/2013. The CPR proposal for 2021–2027 (COM(2018) 375) does not provide a reference to the EDES either.

  72. This is a preparatory measure, see General Court, 24.10.2018, case T-477/16, Epsilon International SA, paras. 160 and 161.

  73. See below B.2.a.

  74. Art. 142(1) of the Financial Regulation.

  75. Art. 136(1) of the Financial Regulation. In particular, the grounds for exclusion concern the non-payment of taxes or social security contributions, grave professional misconduct and fraud, corruption, participation in a criminal organisation, money-laundering or terrorist financing and offences etc.

  76. Art. 138 of the Financial Regulation.

  77. Art. 140 of the Financial Regulation.

  78. General Court, 22.4.2015, case T-320/09, Planet AE Anonymi Etaireia Parochis Symvouleftikon Ypiresion v European Commission, paras. 76, 83.

  79. Art. 136(2) of the Financial Regulation.

  80. See supra II.2.a)(1).

  81. Subject to a Commission decision to be taken on a proposal by the European Chief Prosecutor in accordance with Art. 120(2) of the EPPO Regulation.

  82. See comparative analysis of actions taken by national judicial authorities 2012–2018, the OLAF Report 2018, Judicial monitoring, point 5.2, p. 41.

  83. Art. 24 of the EPPO Regulation.

  84. See also Recital 51 of the EPPO Regulation.

  85. Under Art. 22 of the EPPO Regulation.

  86. See Art. 136(1) of the Financial Regulation for Exclusion.

  87. Art. 25(3) of the EPPO Regulation.

  88. Arts. 24(5) and 25(2) of the EPPO Regulation.

  89. Art. 24(9) of the EPPO Regulation.

  90. Art. 43(2) of the EPPO Regulation.

  91. Common Provisions Regulation proposal, COM(2018) 375, 29.5.2018.

  92. See proposed Arts. 74(2) and 78(1) COM(2018) 375.

  93. See in particular the proposal of the Commission regarding exceptional additional resources and implementing arrangements under the investment for growth and jobs goal to provide assistance for fostering crisis repair in the context of the COVID-19 pandemic and preparing a green, digital and resilient recovery of the economy (REACT-EU), COM(2020) 451, 27 May 2020.

  94. Coronavirus Response Investment Initiative Regulations (EU) 2020/460, O.J. L 99, 31.03.2020, and 2020/558, O.J. L 130, 24.4.2020, 1 (CRII and CRII+).

  95. See Communication from the Commission, “The EU budget powering the recovery plan for Europe”, COM(2020) 442.

  96. European Council conclusions, 17–21 July 2020, paras. 22 and 23.

  97. Proposal for a Regulation on the protection of the Union’s budget in case of generalised deficiency as regards the rule of law in the Member States, COM(2018) 324, 3.5.2018; see also more recently Communication from the Commission, “Strengthening the rule of law within the Union – a blueprint for action”, COM(2019) 343. For reflections on the 2018 proposal, see L. Bachmaier, “Compliance with the Rule of Law in the EU and the Protection of the Union’s Budget”, (2019) eucrim, 120.

  98. European Parliament Resolution of 4 April 2019 (first reading), T8-0349/2019, in particular, see Arts. 2A and 3. Inter alia, the EP has added a definition of what may constitute a generalised deficiency affecting the rule of law and explicitly mentioned the proper functioning of investigation and public prosecution services against EU fraud as well as authorities carrying out financial control amongst the risks for EU financial interests.


Dr. Lothar Kuhl

Former head of unit and senior expert, Directorate for Audit in Cohesion, European Commission

Opinions expressed in this article are purely personal and do not commit the European Commission.