1 / 35

Rafael López Sánchez, Deputy Head of Unit C.1 DG Regional and Urban Policy

FRAUD RISK ASSESSMENT AND MANAGEMENT Article 125.4 c) CPR ESIF 2014-2020. Rafael López Sánchez, Deputy Head of Unit C.1 DG Regional and Urban Policy. Unduly paid amounts must always be corrected. Irregularities, fraud suspicions and fraud.

jmonahan
Download Presentation

Rafael López Sánchez, Deputy Head of Unit C.1 DG Regional and Urban Policy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FRAUD RISK ASSESSMENT AND MANAGEMENT Article 125.4 c) CPR ESIF 2014-2020 Rafael López Sánchez, Deputy Head of Unit C.1 DG Regional and Urban Policy

  2. Unduly paid amounts must always be corrected

  3. Irregularities, fraud suspicions and fraud - an irregularity is non-intentional whereas fraud is committed intentionally - only a competent judicial authority can qualify suspected fraud as a case of fraud - fraud is often backed up by a meticulously premeditated scheme and may involve collusion with (corrupt) insiders - fraud and corrupt payments to facilitate the fraud may also be linked to organised crime

  4. Member States' IMS reporting to OLAF on fraudulent irregularities in Cohesion Policy under 2007-2013 Regulations

  5. Estimated financial impact of fraud (source: Member States' regulatory reporting in the IMS database)

  6. How can the COM and MS work together to reduce fraud risks? • - common effort to be shared between COM and Member States: COM guidance, exchange of tools, methods and best practices • - the aim should be cost-effective measures to seek to mitigate economic and reputational risk of fraud

  7. Why zero tolerance to fraud in ESIF?

  8. Recent COM proposals

  9. Anti-fraud requirements in Article 125.4 c) of Regulation 1303/2013 "As regards the financial management and control of the operational programme, the managing authority shall put in place effective and proportionate anti-fraud measures taking into account the risks identified"

  10. Underlying objectives of Article 125.4 c) • - seek to reduce potential economic cost of fraud to bothEU and national budgets • - seek to reduce potential reputational cost of fraud to both EU institutions and national administrations • - contribute to the objective that ESI funds are used for their intended purposes

  11. Which authorities are involved? Managingauthorities 1) Put in place a minimum set of effective and proportionateanti-fraudmeasures 2) Carry out a fraudriskassessment (self-assessment) Audit authorities 3) Verifywhether the MA'sfraudriskassessmentiscredible and provides a true and fairassessment of the risks and verifythatadequateanti-fraudmeasures are in place to mitigateagainst the risks

  12. Main tools suggested by the COM • 1) Guidance on effective and proportionate anti-fraud measures containing a basic fraud risk assessment tool (Excel-based) • 2) The specific risk scoring tool Arachne which the COM considers helpful to identify potentially risky operations

  13. Recommendations for implementation of Article 125.4 c) CPR

  14. MA's fraud risk assessment: COM recommendations • Who: Self-assessment team (MA, …). Riskassessmentresults to beapproved by MA senior management. • When:- At designation • -During programming period, annually or every second year • How: - Assess the degree of fraud risk exposure in relation to 3 key processes: 1) selection of operations, 2) implementation and 3) certification and payments -When net risk (=residual risk) after controls is not assessed as tolerable, further risk mitigation is needed

  15. Checks on MAs' compliance with 125.4 c) by the AA (or independent body) • When:- Opinion of independent body at designation (Article 124.2 CPR) • -During programming period, in connection with system audits or specialised anti-fraud audits • How: - Checklist in Guidance for Member States on Designation Procedure (EGESIF_14-0013-final 18/12/2014) -Template checklist for audit authorities in EGESIF_14-0021-00 of 16/6/2014 (Annex4)

  16. Structure of the guidance note on fraud risk assessment 1) Main guidance note 2) Fraud risk assessment tool (Annex 1) 3) Detailed manual for the tool (Annex 1) 4) List of recommended mitigating controls (Annex 2) 5) Template for anti-fraud policy statement (Annex 3) 6) Template for checklist for audit authorities (Annex 4)

  17. Interpretation of 'effective anti-fraud measures' applied in the guidance • 1) the management and control system is effective when it complies with all EU and national rules and provides a sufficient degree of protection against fraud • 2) the MA assesses the potential impact and likelihood of any known specific fraud risks and seeks to mitigate such risks • 3) the audit authority reviews the effectiveness of the management and control system, the fraud risk assessment of the MA and the anti-fraud measures the MA has put in place

  18. Interpretation of 'proportionate anti-fraud measures' applied in the guidance • 1) the anti-fraud measures the MA puts in place should be proportionate to the fraud risks identified by the managing authority during its self-assessment • 2) the overall benefit of any additional anti-fraud measures should exceed their overall costs • 3) proportionate also means that any additional administrative burden stemming from Article 125(4) c should be reduced to a minimum

  19. User-friendly fraud risk assessment tool • 1) Excel-based tool with automatic risk scoring • 2) Step-by-step manual in Annex 1 • 3) Classic risk assessment logic is used: assessment of impact and likelihood of specific fraud risks occurring • 4) To help in the identification of risks, the tool has been pre-filled with 18 specific fraud risks (based on COM and MS experience of fraudsters’ modus operandi in Cohesion Policy and commonly recognised and recurring fraud schemes)

  20. User-friendly fraud risk assessment tool • 5) Simplification: when the MA concludes that it is not exposed to a particular fraud risk, there is no need to assess that risk, only indicate why a given risk is not relevant • 6) Simplification: subsequent risk assessment in e g 2017, 2019 etc can be done as updates of the first risk assessment made e g in 2015 • 7) The Commission provides further training and advice on request on the use of the tool

  21. Anti-fraud cycle EFFECTIVE PREVENTION ADDITIONAL DETECTIVE EFFORTS CORRECTION OF IRREGULAR AMOUNTS PROSECUTE AS RELEVANT

  22. Fraud prevention - a robust control system is key - raise awareness internally and externally about preventative and detective controls - state the anti-fraudpolicyvisibly: DETER FRAUDSTERS - template for anti-fraudpolicyin the guidance (Annex 3)

  23. Fraud detection - preventative techniques cannot provide absolute protection against fraud - recommendation to complement the risk assessment with data mining tools (the ARACHNE risk scoring tool is offered by the Commission) - embed fraud indicators in checklists (red flags)

  24. Investigation, correction and prosecution - refer cases for investigation in accordance with internal and EU requirements (report to national competent body and OLAF) - recoveraffectedamountsafterknownfinancial impact and reimburse to the EU budget - criminalprosecutionunder national criminallaw

  25. Fraud reporting mechanisms - mechanisms should facilitate the reporting of both suspicions of fraud and control weaknesses that may increase the MA'ssusceptibility to fraud - sufficient coordination on anti-fraud matters with the audit authority and competent investigative authorities in the Member State, including anti-corruption authorities

  26. Communication and training about reporting mechanisms must ensure that staff - understand where they should report suspicions of fraudulent behaviour or control weaknesses - are confident that they can report in confidence and that the organisation does not tolerate retaliation against any staff member who reports suspicions (whistle-blower protection)

  27. Why did the fraud case occur? Learn the lessons! Objective and self-critical examination which should result in clear conclusions about perceived weaknesses and lessons learned, with clear remedial actions as necessary, responsible individuals and deadlines

  28. The tool focuses on fraud risks in relation to three key processes 1) Selection of applicants 2) Implementation and verification of the operations (including public procurement-related fraud risks) 3) Certification and payments

  29. Assess and mitigate against e g the following specific fraud risks - Undisclosed conflict of interest, bribes and kickbacks at project selection stage - Deliberate avoidance of competitive procedures in public procurement (e g unjustified single source award) - Manipulation of public procurement procedures (e g rigged specifications) - Collusive bidding - False or inflated invoices

  30. Basic steps in the fraud risk assessment 1) assess the ‘gross’ risk (= impact x likelihood) of specific pre-identified risks occurring under each of the three key processes (and any other identified risks) 2) identify and assess the effectiveness of controls already in place to mitigate against the identified specific fraud risks 3) assess the net risk 4) as necessary, put in place any further mitigating controls in order to reach a tolerable risk level

  31. Audit authorities' verification of the fraud risk assessment during 2014-2020 - in connection with audits on the functioning of the management and control systems, the audit authority should carry out verifications of the effective implementation of the anti-fraud measures by the MA as early as possible in the programming period. - depending on the results of such audits and on the identified fraud risk environment, follow-up audits may be carried out as often as necessary

  32. Controls by Commission auditors • When:- At designation • -During programming period • (+ audits on thistopic by the European Court of Auditors?)

  33. QUESTIONS AND ANSWERS

More Related