Managing Public Procurement Risks in Greece

The volume of purchases, the complexity of the processes, the number of stakeholders and the close interaction between the public and private sectors make public procurement a high-risk activity, as highlighted in the Greek National Public Procurement Strategy 2016 –2020 (HSPPA, 2016[1]) and the National Anti-Corruption Action Plan for 2018-2021 (OECD, 2019[2]). While public procurement represented 12% of GDP in 2021, 73% of the total procurement expenditure took place at the central level (OECD, 2023[3]).

Public procurement plays a key role in public service delivery as the delivery of any public service requires the procurement of goods, services or public works.

In terms of the sectoral split of public procurement expenditure, the health sector plays a prominent role accounting for 38% of total government procurement (see Figure 1.2). Economic affairs and general public services also account for large shares of public procurement, both amounting to 15%. Other significant areas of public procurement are defence (8.7%), and education (7%) (OECD, 2023[3])). Given that public procurement is a key pillar of public service delivery in Greece; risks affecting public procurement can have significant consequences on the quality and quantity of public services governments can provide.

Risks affecting public procurement can be of different nature. Initially focusing on integrity threats, in recent years countries have paid increasing attention to other risks to public procurement outcomes, including information technology (IT), financial, reputational, social, and environmental risks. Many of these risks impact the fundamental purpose of procurement, ensuring that goods, services and/or works are delivered to the right place at the right time. Section 2.3.1 presents the different risk categories foreseen in this framework. Risks do not occur only during the tendering process, but over the life of the contract or the life of the procured asset.

To address many of these risks Greece undertook significant reforms in both the public procurement area and the risk management area.

Regarding the public procurement area, Greece’s public procurement regulatory framework is primarily governed by the Public Procurement Law (PPL) (Government of the Hellenic Republic, 2016[4]) that consolidated national regulations and incorporated EU Directives 2014/24/EU and 2014/25/EU. This legal framework covers a broad spectrum of procurement activities in the utility sector and the classical sector, including the acquisition of goods, works, and services, all funded by public resources. The aim of the PPL is to establish a transparent, efficient, and standardized public procurement process that aligns with European standards. A MAPS assessment was conducted by the OECD in Greece from 2019 until 2022 to take stock of a decade of procurement reforms initiated in Greece since the 2010s, and to further enhance the performance of the overall procurement system. The assessment was initiated by HSPPA and identified areas for improvement including streamlining the governance of procurement by reducing the fragmentation of responsibilities, upgrading the e-procurement and information system, making data open, accessible, usable and increasing transparency, increasing professionalisation and enhancing integrity through a comprehensive risk management approach and increased day-to-day support to practitioners. (OECD, 2022[5]) In March 2021, Greece introduced significant amendments, introducing key reforms to enhance the efficiency and effectiveness of public procurement (Government of the Hellenic Republic, 2021[6]). These changes reflect a commitment to digitalization, simplification, and acceleration of procurement procedures. Notable modifications include an increase in the maximum amount for direct awards (increasing the maximum amount from EUR 20 000 to EUR 30 000), mandatory use of ESIDIS (the national e-procurement platform) for procedures valued at more than EUR 30 000, and the expansion of exclusion grounds to ensure greater integrity in procurement processes (OECD, 2022[5]).

In 2021, Greece also adopted the National Strategy for Public Procurement 2021-2025, accompanied by an Action Plan, through a joint decision by several ministries. This strategic framework focuses on four key pillars: (a) the regulatory framework of the public procurement sector, (b) the digital transformation, aiming at the complete transition to digital public procurement, (c) the achievement of broader strategic objectives and the implementation of related policies through public procurement, such as green, social and innovative public procurement, and, lastly, (d) good governance in the public procurement sector.

Despite all these efforts, the public procurement system still faces several issues and challenges some being structural and others that could be addressed through the implementation of a sound risk management framework, including:

• Lack of efficiency, including competition: Greece continues to underperform in public procurement compared to EU countries. Overall, Greece scored unsatisfactory on 7 out of 12 indicators on the European Commission’s Single Market Scoreboard. In 2022, 85% of public procurement procedures were awarded based on the cheapest available offer and Greece had the longest award decision-making period in the EU. Also, the number of single-bid procedures remains high and increased in recent years (48% of contracts awarded in 2022, vs 40% in 2021) (European Commission, 2023[7]).

• Corruption: According to the 2022 Special Eurobarometer, 98% of respondents think that the problem of corruption is widespread in Greece (EU average: 68%), and 63% of the respondents think that the giving or taking of bribes and the abuse of power for personal gain are widespread among officials awarding public tenders (EU average: 45%) (European Union, 2022[8]).According to Transparency International’s Corruption Perception Index 2022, Greece ranked 51^st out of 180 countries, scoring 52/100 (Transparency International, 2022[9]).

• Lack of proper procurement planning and budgeting: One key challenge impacting public procurement is related to the lack of adequate planning which can have significant financial impacts (European Commission, 2018[10]). This challenge is due on the one hand to capacity issues as contracting authorities often fail to assess future needs in a timely manner. On the other hand, the budgeting process does not always support proper planning. Indeed, a contracting authority requires having the funds committed before launching a public procurement procedure otherwise the whole procedure is considered to be void1. However, delays in securing the necessary funds can hinder the timely execution of competitive procedures in accordance with public procurement law deadlines.

• Lack of market analysis and knowledge of the market: The Greek legal framework allows contracting authorities to consult with the market, to prepare the procurement procedure and to inform economic operators about their plans and requirements concerning public procurements, however, in practice, some contracting authorities often do not conduct such types of consultations (OECD, 2022[5]). In some instances, contracting authorities lack a full understanding of the benefits of market engagement. Often, however, the barrier to conducting market engagement lies in contracting authorities’ lack of practical knowledge about how to conduct such market engagement, as well as knowledge of alternative modalities. In particular, contracting authorities fear legal repercussions for interacting with market providers (OECD, 2022[11]). Consequently, contracting authorities prefer to rely on existing information about their tenders and the market, rather than engage in extensive consultations (OECD, 2022[5]). Therefore, contracting authorities in Greece struggle with implementing efficient and compliant procurement procedures already at the planning stage, with limited use of market analysis and clear definition of procurement outcomes, i.e. through tight product/service specifications or functional requirements (OECD, 2022[5]).

• Lack of professionalisation and trainings: To address the current deficiencies in the professionalisation of the public procurement, which encompass the absence of a comprehensive framework for professionalization and a strategic approach to planning and delivering necessary training programmes, including the creation of an action plan and the implementation of a professionalization policy for the public procurement sector (Greek Government, 2021[12]). It is worth noting that qualifications of auditors in the field of public procurement, and procedures for their selection are not defined in detail. There are no guidelines for selection procedures and core competencies, including necessary knowledge, skills and experience requirements of auditors working on public procurement audits (OECD, 2022[5]).

• Excessive use of non-competitive procedures: There is an excessive use of non-competitive procedure including negotiated procedure without prior publication in Greece, as shown in the table below.

Furthermore, the Hellenic Court of Audit conducted an audit in 2022 involving 64 public bodies and 5,073 contracts to address concerns about ensuring the integrity of the public procurement procedure when using negotiated procedures without prior consultation and direct awards. The findings highlight several issues including the fact that the scope of contracts is unclear in many cases, and estimated expenditure calculation methods lack clarity, with insufficient evidence of prior market research. Moreover, transparency in contractor selection and price determination is lacking, with no predetermined and verifiable selection criteria and a lack of price negotiation (Hellenic Court of Audit, 2023[13]). There is also evidence documenting the lack of compliance in co-financed projects in the infrastructure sector by artificially splitting contracts in order to allow for direct award, as reported in a study by the European Parliament (OECD, 2022[5]). While these findings are limited to a specific area of procurement, this represents a significant gap, as it could be a signal for corrupt practices.

Risk management efforts were envisioned by the National Strategy for Public Procurement 2015-2020 but could not be implemented due to a) the COVID-19 pandemic and b) the non-time extension of the implementation of all actions, including action 76: Preparation and publication of risk management strategies (HSPPA, 2021[14]).

Law 5013/2023 on “Multi-level governance, public sector risk management and other provisions” was promulgated on 19.01.2023, establishing the “National System of Multilevel Governance’’' in two levels of governance (Government of the Hellenic Republic, 2023[15]) and introduces a risk management framework within the Internal Audit System of entities mentioned in Law 4795/2021 (Government of the Hellenic Republic, 2021[16]), including a Risk Register and a Central Corruption Risk Repository. The Risk Register records the identified risks of the entity, their level of assessment, the existing control measures, additional control measures to address the risks, and the persons responsible for their management (Government of the Hellenic Republic, 2021[16]). The Central Repository of Corruption Risks, which is maintained by the General Directorate of Integrity and Accountability of the NTA, collects data on the corruption risks faced by the entities, the causes of these risks, the existing control measures and the additional control mechanisms to address them. Based on this repository, NTA prepares an annual report on the significant corruption risks in the public administration, a summary of which is made available to the public as well as special reports, for the formulation of public anti-corruption policies in policy sectors, which are communicated to the heads of the bodies concerned. (Government of the Hellenic Republic, 2021[16]).

The law also mandates entities to establish dedicated risk management bodies, develop policies and frameworks, and maintain registers to address identified risks. These changes aim to bolster transparency, accountability, and integrity in public administration. The establishment and definition of the risk management bodies is mandatory since the entry into force of the law (19.04.2023) only for the central administration. The rest of the public entities have three (3) months from the expiration of the (2) years from the entry into force of the law to set up risk management bodies.

The standard Risk Management Policy and Framework has been developed by NTA together with the template for the risk register as specified in the Law (article 22 B par 5 of L. 4795/2021). This document is key to operationalise risk management in public entities and constitutes the building block of a risk management culture in the Greek public administration. It must be applied by all public entities, adapting it to their characteristics and needs.

While developing a standard Risk Management Policy and Framework (through Law 5013/2023) is a key step in creating a culture of risk management, it is key to tailor it to high-risk areas like public procurement to support its practical implementation.

The management of risks in the context of public procurement should consider different elements, including:

• the public procurement regulatory framework,

• procurement processes,

• relevant stakeholders.

Applying the general framework and policy to public procurement will therefore enable the different stakeholders involved in the procurement process and in particular risk owners to be better guided in the implementation of the standard framework and policy.

The OECD’s Checklist for Supporting the Implementation of the OECD Recommendation of the Council on Public Procurement recommends developing risk management guidelines, tools, and templates for public procurement entities, specifying the roles of the different stakeholders responsible for supervising public procurement processes, ensuring effective coordination, and monitoring implementation of risk management processes and tools (OECD, 2016[17]).

While NTA has the leading role in the development and implementation of the general risk management framework, it is crucial to:

The NTA is the entity leading the development and implementation of the risk management framework. The NTA was set up in 2019 (Government of the Hellenic Republic, 2019[18]) as the result of a major reform aiming at simplifying the control system by merging several bodies under a newly created entity, i.e. the NTA. This reform streamlined a previously highly complex institutional framework comprised of dedicated inspectorates for specific areas (e.g. public administration, public infrastructure projects, transport).

The Authority is composed of the Office of the Governor, the Central Agency, and the Regional Services. Within the premises of the Central Office the following departments have been established: (a) the Inspections and Audits Unit, (b) the Directorate-General for Financial and Administrative Services and for e-Government, (c) the Directorate-General for Integrity and Accountability, (d) the Directorate General for Awareness Raising and Actions with Society,(e) the Directorate for Internal Audit and Investigations, (f) the Directorate for Strategic Planning and Behavioural Analysis, (g) the Office for Press and Public Relation and (h) the Data Protection Office.

The NTA is responsible for planning and taking concrete actions to better coordinate, remove duplication of responsibilities and exploit synergies between public bodies and agencies involved in the fight against fraud and corruption. It is also responsible for strengthening the internal audit function. NTA’s mandate includes prevent, avoid, detect, and address fraud and corruption in public and private entities and organisations through the implementation of various horizontal and sectorial audit, inspection, or investigation activities. The Authority enjoys operational independence, administrative and financial autonomy and is not subject to control or supervision by governmental bodies, state actors or other Administrative Authorities.

The NTA is also in charge of the implementation of the National Anti-Corruption Action Plan for 2022-2025 (NACAP) and for the monitoring and evaluation of its implementation in close cooperation with all relevant bodies. NACAP 2022 – 2025, structured in 3 Parts (pillars), Investigation/Control, Prevention, Raising Awareness, is a dynamic four-year policy tool for the design, implementation, monitoring, and evaluation of horizontal and sectoral actions and an effective mechanism for coordinating the action of public policy actors in which synergies are developed with both the private sector and civil society. Each year (in April) the Council of Ministers invites NTA to present the progress of the NACAP on an annual basis.

Furthermore, by law 5013/2023 the NTA has been mandated to develop a general risk management framework in public sector and to set up a Central Corruption Risk Repository (Government of the Hellenic Republic, 2023[15]) based on input regarding corruption risks received from all public sector entities. Public entities are also required to create their own risk register, based on the template developed by the NTA.

When necessary, NTA will provide specific guidance and/or supporting materials, based on its general guidelines and standards for risk management, in collaboration with HSPPA and GSC, for the personnel of public entities involved in public procurement.

The Hellenic Single Public Procurement Authority (HSPPA) is an Independent Administrative Authority, established in 2011 and restructured in 2022, with the mandate – among others – to develop and promote the national strategy and policy in the field of public procurement (Government of the Hellenic Republic, 2022[19]). Indeed, in 2022, HSPPA and the review body, the Authority for the Examination of Preliminary Appeals (AEPP) were merged to create a single administrative body (called HSPPA) with responsibility over public procurement, including the preliminary appeals. As such, HSPPA (former AEPP) reviews preliminary appeals for any public procurement above the relevant thresholds for direct awards (EUR 30 000 for supplies and services, EUR 60 000 for works, social and other specific services, as well as for technical assistance). HSPPA aims at ensuring transparency, efficiency, and coherence, taking measures for the continuous improvement of the public procurement legal framework and its observance by contracting authorities.

HSPPA is responsible for monitoring the performance of the public procurement system meaning it has a mandate to conduct sample audits, and request information about on-going procurement procedures and detecting infringements related to public procurement. This ensures that these bodies carry out their duties in compliance with both national and European legislative frameworks, as well as the guidelines set by HSPPA. According to the law, auditing bodies conducting public procurement audits must adhere to HSPPA's instructions (for both EU co financed and non-EU financed projects) and a presidential decree shall be issued to outline the bodies and supervision processes for these audit bodies3. HSPPA may also order the competent audit authorities to collect data and submit conclusions in the field of public procurement. Finally, HSPPA is mandated to assist the Hellenic Court of Audit during its pre-contractual audits (amicus curiae).

HSPPA issues and posts on its website regulations on specific technical or detailed issues related to public procurement and provides guidelines to all competent contracting authorities with the above content, recommending to the competent Ministers the issuance of relevant circulars.

Playing a leading role in public procurement policy making, HSPPA may play a key role to the development of specific policies and tools to mitigate recurrent risks identified. In addition, as an entity leading public procurement audits, it can also use strategically the risk management framework.

GSC, as the National Central Procurement Authority, is responsible – among others – for the planning and implementation of public contracts at a central level, the planning of the state’s procurements of goods and services, the continuous modernization of public procurement techniques, including e-procurement and the increase of the effectiveness of the relevant regulatory framework with the aim of achieving the best cost-quality ratio, integrity, transparency, reducing the environmental footprint and facilitating the participation of businesses in public procurement (Government of the Hellenic Republic, 2022[20]).

Within GSC, the General Directorate of Public Procurements has the mission of ensuring that public procurement is used as a key tool for implementing national economic development policies, achieving savings through centralised procurement, and promoting the use of electronic public procurement tools (e-procurement) in order to ensure transparency and integrity when using public funds, while increasing the efficiency of public procurement procedures and improving the quality-price ratio of the goods and services procured. The Directorate also supports the legislative initiative of GSC regarding the regulatory framework of public procurement.

This directorate is also responsible for professionalising the public procurement workforce and implementing of the Recommendation of the European Commission on the professionalisation. The professionalisation takes different forms: training programmes, certification programme but also providing support to contracting authorities through informative activities and educational programmes in cooperation with the National Centre for Public Administration and Local-Government (EKDDA) in matters of technical specifications, green public contracts and other related matters.

Contracting authorities in Greece, according to the PPL refer to governmental bodies at the national, regional, or local levels, as well as entities governed by public law or associations formed by such authorities. These entities are responsible for carrying out public procurement activities in accordance with the relevant legal framework. Additionally, contracting entities include public undertakings or other organizations engaged in specific activities, whether operating as contracting authorities or not, and may operate under special or exclusive rights granted by Greek authorities.

Contracting authorities (CAs) will be at the frontline of the implementation of the risk management framework as the legal framework mandates them to do so; and they will need to consider carefully public procurement risks when conducting public procurement procedures.

Economic operators (EOs) participating or wishing to participate in a public procurement procedure may come across situations that can be identified as a risk and usually are also impacted by the risks when they materialise and if they are not addressed promptly and adequately. EOs have a deeper and better knowledge of the market than the contracting authority and thus they can bring to their attention specific risks that could not be easily identified otherwise. This could be done for instance during the market engagement, but also through the organization of debriefing sessions post-award stage to discuss and receive feedback on the procurement process. It could also be done with the awarded supplier during the contract management phase. In addition, the interaction of EOs with contracting authorities can represent a risk if not done properly in line with integrity and ethical rules.

According to the Greek Constitution (Article 98) the Hellenic Court of Audit has the mandate to carry out audits on the expenditure and accounts of the State, local authorities and other legal entities as provided for by law (ex-post audit). Furthermore, the Court has the responsibility to audit the legality of the whole procurement procedure before the signing of the contract (pre-contractual audit), provided that the contract exceeds the threshold of EUR 300 000. For contracts co-financed by Union funds, including contracts awarded under the Recovery and Resilience Fund, as well as those co-financed by European Economic Area funds, a mandatory legality check shall be carried out before their conclusion by the chambers of the Court of Audit, if the estimated expenditure, excluding value added tax, exceeds the amount of EUR 5 000 0004. Any contract over the audit threshold signed without having been audit is considered void according to the law.

Furthermore, the Hellenic Court of Audit has the responsibility to audit on the effectiveness of the internal control systems of the public entities, as regards their ability to address fiscal risks.

In Greece, various control and oversight bodies from ministries and other public entities play crucial roles in managing public procurement risks by ensuring compliance, transparency, and efficiency. A number of these bodies are discussed below.

The General Directorate for Financial Audit under the General Secretariate of Fiscal Policy of the Ministry of Economy and Finance has the responsibility of ensuring the proper financial management of the State Budget and the budget of the public bodies as determined by law and providing sufficient assurance or expressing reservations for all or part of the State's financial management and control system to the Minister of Economy and Finance (Government of the Hellenic Republic, 2017[21]).

The Directorate includes Financial Supervision and Control Services, having the mandate to carry out audits on bodies of the General Government in order to establish compliance with the applicable legislation and the proper management of the resources at their disposal; secure adequacy of the operation of their management and control systems; and detect any phenomena of maladministration, mismanagement, abuse, waste, fraud or corruption.

The Directorate-General for Audit of Co-financed Programmes of the Ministry of Economy and Finance has as the strategic goal to provide sufficient assurance to ensure sound financial management of national and EU funds through effective audits of co-financed programmes. It supports the Financial Audit Committee (EDEL) in its work as the Audit Authority for those co-financed programmes entrusted to it by law.

Within each Ministry there is an Internal Audit Unit with the following missions:

In addition, the Internal Audit Unit has the responsibility to draft and to revise the Internal Controls Manual, to draw up an Annual or Multi-Year Work Programme, taking into account the organization’s strategic and operational priorities, as well as the evaluation of the organization’s risks and opportunities, to plan and to conduct audits, checks and to provide assurance on the adequacy of the Internal Control System and to recommend relevant improvements. The Unit is also in charge of ensuring the correct application of the procedures for executing the budget, drawing up and sending to the Ministry of Finance the fiscal and other reports, as well as the execution of the expenses and management of the property of the relevant institution to identify any signs of maladministration, mismanagement, abuse, waste or fraud, as well as whether the organization has developed appropriate safeguards.

Finally, the Internal Audit Unit audits and evaluates the procedures, checks the organization’s compliance with applicable legislation, regulations and policies governing its operation, checks the information systems in terms of their effectiveness in achieving the organization’s objectives, monitors, evaluates and confirms the corrective or improvement actions carried out in compliance with its own proposals, until their final implementation, prepares an Annual Report with an Opinion, notifies the competent authorities of any indications of fraud or lack of integrity or disciplinary liability of employees and takes up measures for the education and training of the internal auditors.

Civil society organisations (CSOs) may also play an important role in the implementation of the risk management framework. By monitoring both public procurement procedures and the contract execution, they can identify and bring to the Contracting Authorities’ or relevant bodies attention to specific risks. Moreover, as watchdogs, CSOs can also apply pressure on the CAs to ensure that risk management framework policies are well implemented.

In 1983 the National Centre of Public Administration and Local Government (EKDDA) was established with the objective to professionally educate and train the personnel of public entities. Since its establishment EKDDA remains the only public body offering certified training for public employees. EKDDA in collaboration with NTA launched a training / certification programme for risk managers in 2024. The programme is aimed at civil servants and employees of the wider public sector who seek to acquire the knowledge, skills and abilities needed to work in a Risk Management Unit / Team or to be designated as risk managers.

Private training institutions may also be relevant, however they are hardly used by public employees since they are not for free. Their training programmes are usually designed to address the needs of the private sector.

[7] European Commission (2023), 2023 Country Report - Greece, https://economy-finance.ec.europa.eu/system/files/2023-05/RO_SWD_2023_623_en.pdf.

[10] European Commission (2018), Public Procurement Guidance for Practitionners.

[8] European Union (2022), Eurobarometer - Greece.

[15] Government of the Hellenic Republic (2023), Law 5013/2023 on “Multi-level governance, risk management in the public sector and other provisions”.

[19] Government of the Hellenic Republic (2022), Law 4912/2022 ‘’Single Procurement Authority and other provisions of the Ministry of Justice’’.

[20] Government of the Hellenic Republic (2022), Presidential Decree 5/2022.

[6] Government of the Hellenic Republic (2021), Law 4782/2021 “Modernization, simplification and reform of the regulatory framework of public contracts, special procurement arrangements in the defense and security sectors and other provisions for development, infrastructure and health”.

[16] Government of the Hellenic Republic (2021), Law 4795/2021 “Internal Audit System and Internal Audit Units in Public Administration”.

[18] Government of the Hellenic Republic (2019), Law 4622/2019 on the Organization, Operation and Transparency of the Government as an independent authority tasked with enhancing transparency, integrity and accountability in the action of government bodies, authorities, government agencies, and public b.

[21] Government of the Hellenic Republic (2017), Presidential Decree 142/2017 ‘’Organization of the Ministry of Finance’’.

[4] Government of the Hellenic Republic (2016), Law 4412/2016 “Public Works, Procurement and Services (adaptation to Directives 2014/24 / EU and 2014/25 / EU)’’.

[12] Greek Government (2021), National Stategy for Public Procurement 2021-2025.

[13] Hellenic Court of Audit (2023), Direct awards: When do direct awards or shortened negotiation awards ensure the integrity of the process?.

[14] HSPPA (2021), Proposal for adoption - National public Procurement Strategy for the period 2021-2025.

[1] HSPPA (2016), National public procurement strategy 2016-2020, http://www.eaadhsy.gr/images/docs/20160330_PublicProcurementNationalStrategy_FINAL.pdf (accessed on 5 April 2024).

[3] OECD (2023), Government at a Glance 2023, OECD Publishing, Paris, https://doi.org/10.1787/3d5c5d31-en.

[11] OECD (2022), Digital Transformation Projects in Greece’s Public Sector: Governance, Procurement and Implementation.

[5] OECD (2022), MAPS Assessment of Greece Public Procurement System.

[2] OECD (2019), Assessment of Anti-Corruption Reforms in Public Procurement, Health, and Tax & Customs.

[17] OECD (2016), Checklist for Supporting the Implementation of OECD Recommendation of the Council on Public Procurement, https://www.oecd.org/governance/procurement/toolbox/search/checklist-implementation-oecd-recommendation.pdf.

[9] Transparency International (2022), Corruption Perceptions Index 2022, https://www.transparency.org/en/cpi/2022 (accessed on 27 September 2023).