copy the linklink copied!3. Fostering trust through a risk-based approach to public procurement

This chapter describes the extent to which Adherents are working to integrate risk management strategies for mapping, detection and mitigation through the public procurement cycle. The analysis focuses on the uptake of the development of risk assessment tools to both identify and assess threats to the proper functioning of public procurement systems. This chapter also includes a description of the different risks that can occur throughout the procurement lifecycles, and how Adherents have addressed such risks.


The statistical data for Israel are supplied by and under the responsibility of the relevant Israeli authorities. The use of such data by the OECD is without prejudice to the status of the Golan Heights, East Jerusalem and Israeli settlements in the West Bank under the terms of international law.

The Recommendation calls on Adherents to “integrate risk management strategies for mapping, detection and mitigation throughout the public procurement cycle” (Principle on risk, paragraph XI). The Recommendation contains guiding principles to assist Adherents in developing risk assessment tools to identify and address threats to the proper functioning of the public procurement system and publicise risk management strategies such as red flags and whistleblower programmes.

In addition to integrity breaches, public procurement is subject to other risks that could significantly affect the outcome and impact of public procurement processes, including:

  • risks of waste or inefficiency in all aspects of the procurement process, due to a lack of awareness on the part of the stakeholders involved or due to difficulty in achieving an objective in the case of complex projects

  • financial risks, particularly during periods of severe economic and financial uncertainty

  • risks of fraud, misuse of public funds or corruption, in case of misappropriation.

  • Reputational risks/potential damage to the image of the contracting authority as well (OECD, n.d.[1]).

These risks can be actively managed, particularly in cases of large events and infrastructure projects. In these cases the associated risks are often more complex and their subsequent consequences have higher costs. An example of the risks that can be present in procurement procedures is set out in Table ‎3.1, which contains examples of corruption risks.

copy the linklink copied!
Table ‎3.1. Corruption risks associated with different stages of the procurement cycle

Procurement stage

Risks to sound governance

Pre-tendering phase

Needs assessment and market analysis

• Lack of adequate needs assessment

• Influence of external actors on officials’ decisions

• Informal agreement on contract

Planning and budgeting

• Poor procurement planning

• Procurement not aligned with overall investment decision-making process

• Failure to budget realistically or deficiency in the budget

Development of specifications/ requirements

• Technical specifications are tailored to a specific company

• Selection criteria are not objectively defined and not established in advance

• Requesting unnecessary samples of goods and services

• Buying information on the project specifications

Choice of procurement procedure

• Lack of proper justification for the use of non-competitive procedures

• Abuse of non-competitive procedures on the basis of legal exceptions: contract splitting, abuse of extreme urgency, non-supported modifications

Tendering phase

Request for proposal/bid

• Absence of public notice of the invitation to bid

• Evaluation and award criteria are not announced

• Procurement information is not disclosed or made public

Bid submission

• Lack of competition or cases of collusive bidding:

– cover bidding

– bid suppression

– bid rotation

– market allocation

Bid evaluation

• Conflict of interest and corruption in the evaluation process, through:

– Familiarity with bidders over time

– Personal interests such as gifts or future/additional employment

– No effective implementation of the “”four eyes principle”

Contract award

• Vendors fail to disclose accurate cost or pricing data in their price proposals, resulting in an increased contract price (i.e. invoice mark-ups, channel stuffing)

• Conflict of interest and corruption in the approval process (i.e. no effective separation of financial, contractual and project authorities)

• Lack of access to records of the procedure

Contract management/ performance

• Abuses of the supplier in performing the contract, in particular in relation to its quality, price and timing:

– Substantial change in contract conditions to allow more time and/or higher prices for the bidder

– Product substitution, substandard work or service not meeting contract specifications

– Theft of new assets before delivery to end-user or before being recorded

– Deficient supervision from public officials and/or collusion between contractors and supervising officials

– Subcontractors and partners chosen in a non-transparent way or not kept accountable

Post-award phase

Order and payment

• Deficient separation of financial duties and/or lack of supervision of public officials leading to:

– False accounting and cost misallocation or cost migration between contracts

– Late payments of invoices

• False or duplicate invoicing for goods and services not supplied and for entitlement to interim payment in advance

Source: (OECD, 2016[2]).

The OECD Foreign Bribery Report found that a high number of cases in which bribes were paid were in the context of public procurement. Additionally it was noted that the fact that only 2 out of 427 cases resulted in debarment demonstrates that countries need to do more to ensure that those who are sanctioned for having bribed foreign public officials are suspended from participation in national public procurement contracting (OECD, 2014[3]).

Principle 10 of the OECD Recommendation of the Council on Public Integrity [OECD/LEGAL/0435] outlines the central tenets of an internal control system for safeguarding public integrity, which includes the risk management function. Following this approach, countries should take a risk-based approach to ensuring integrity, including a strategic approach to risk management that involves assessments, addressing control weaknesses and quality assurance mechanisms. In Colombia, the Department for Public Employment (Departamento Administrativo de la Función Pública) has developed such a risk-based approach to tackle corruption (Box ‎3.1).

copy the linklink copied!
Box ‎3.1. Corruption risk management: The example of Colombia

The Secretariat of Transparency, together with the Department for Public Employment (Departmento Adiministrativo de la Función Pública, DAFP), has developed a corruption risk map, described in a comprehensive manual that was updated in October 2018.

The methodological approach is rooted in the Colombian Internal Control Standard Model (Modelo Estandar de Contro Interno, MECI), that is itself part of the Colombian Integrated Planning and Management Model (Modelo Integrado de Planeación y Gestión, MIPG). This model provides a general methodological guide for risk identification. Indeed, corruption risk maps are one of the three risk management instruments within the MIPIG, along with digital security risk maps and institutional performance risk maps. Corruption risk maps can identify problems that may lead to corruption as well as concrete actions that can prevent it.

Since 2018 the DAFP has issued a new guideline under the framework of MIPG that suggests integrating the following risks in a single map: management, security and privacy of information, and corruption. Corruption risks are monitored quarterly.

There are positives and negatives to having separate risk management exercises based on the same methodological model. On the one hand, it may be seen as burdensome because it duplicates efforts. On the other hand, it can be argued that it raises awareness among senior management and staff of the importance of having a sound anti-corruption policy with mainstream managerial risk activities distinct from financial control risk activities.

copy the linklink copied!
Figure ‎3.1. The Colombian methodology for corruption risk management
Figure ‎3.1. The Colombian methodology for corruption risk management

Source: (Manuel et al., 2015[4]); (Departamento Administrativo de la Función Pública, 2019[5]).

Risk management encompasses several steps in assessing risks (including assessment of the nature, causes and potential consequences of risks) and mitigating them. While only 52% of the respondents to the 2018 Survey indicated that they have developed a strategy for the assessment, prevention and mitigation of public procurement risks, there may also be government-wide risk and control policies that apply (Figure ‎3.2 and Box ‎3.2).

copy the linklink copied!
Figure ‎3.2. Development of a strategy to assess, prevent and mitigate public procurement risks
Figure ‎3.2. Development of a strategy to assess, prevent and mitigate public procurement risks

Note: Based on data from 31 respondents (29 OECD countries plus Peru and Costa Rica).

Source: (OECD, 2018[6]).

In large infrastructure projects, designating a dedicated entity to lead, oversee and co-ordinate risk management activities with multiple stakeholders is a critical early step. An OECD study of procurement processes for the construction of infrastructure in ten sporting events found that risks are multi-faceted and evolve along with construction developments. Proactively managing those risks requires a co-ordinated governance structure, and sometimes necessitates implementing innovative management strategies. The UK National Audit Office (NAO) identified procurement risk as one of the six risk areas for the London Olympics. The Olympic Delivery Authority addressed this risk by tapping into the procurement expertise of other government agencies (OECD, 2019[7]).

In Canada the identification of risks is enabling analysis and formal documentation to be prepared earlier (Box ‎3.2) Mitigation can be put in place as there is now more time available to do so.

copy the linklink copied!
Box ‎3.2. The complexity and risk process in Canada

In 2014 Canada updated its complexity and risk assessment process, a project that involved extensive stakeholder engagement. The project scope covered three areas:

  • revising the structure for classifying procurement complexity

  • aligning delegations of authority for complex procurement

  • implementing the requirement for procurements within the Acquisitions Programme (AP) to undergo risk assessment regardless of the complexity level.

Following completion of the project, authorities’ procurement approvals are based on the risks associated with a requirement, not just the value. Furthermore, risks are identified earlier in the procurement life cycle, analysed, and formally documented for all complexity levels, including those requiring Treasury Board approval.

The revised process has resulted in greater guidance support earlier in the process. Procurement Officers are better equipped to work with the client to mitigate medium to high risks before they become an issue. Increased delegated authority for contract entry and associated amendments provides the opportunity to improve throughput times and service level standards.

Source: (OECD, 2018[6]).

A number of respondents have instituted systematic and detailed processes in order to assess and quantify risk levels. In Mexico the risk management methodology and related activities were published in 2016. Federal public entities have to apply concrete methodological steps in order to produce:

  1. 1. the annual risk management matrix (Matriz de Administración de Riesgos), which gives a detailed picture of each of the risks (see Figure ‎3.3 for details)

  2. 2. the risk map, which is the graphic illustration of the risk matrix

  3. 3. the Working Programme of Risk Management (Programa de Trabajo de Administración de Riesgos, or PTAR), which is the implementation action plan.

copy the linklink copied!
Figure ‎3.3. Phasing in the risk management model (ARI) of the Secretariat for Civil Service (SFP)
Figure ‎3.3. Phasing in the risk management model (ARI) of the Secretariat for Civil Service (SFP)

Source: (OECD, 2017[8]); (OECD, 2018[6]).

copy the linklink copied!3.1. Supporting accountability through oversight and control mechanisms

The Recommendation calls upon “Adherents to apply oversight and control mechanisms to support accountability throughout the public procurement cycle” (Principle on accountability, paragraph XII). Adherents should also “establish clear oversight of the public procurement cycle to ensure the chains of responsibility are clear, that oversight mechanisms are in place” (Principle on accountability, paragraph XII).

Oversight and control of the procurement cycle are essential in supporting accountability and promoting integrity in the public procurement process, and they constitute one key principle highlighted in the Recommendation. In particular, the Recommendation stresses the need to establish clear lines for oversight of the public procurement cycle.

Oversight of the public procurement cycle is organised internally as well as externally, before and after the procurement process, in order not only to verify conformity with the regulatory frameworks but also to ensure that the public resources are spent in an efficient and effective way.

As outlined in the 2018 Survey, Canada has an extensive public procurement control framework that clearly sets out which bodies are responsible for review and audit of procurement procedures (Box ‎3.3).

copy the linklink copied!
Box ‎3.3. Canada’s public procurement control framework

In Canada all procurements in excess of CAD 2 million must be reviewed for potential regional and industrial benefits. Departmental short-range acquisition plans cover all goods and service contracts over CAD 2 million. The review process involves a Procurement Strategy Committee (PSC) and related review committees. The Peer Review Committee (PRC) will review departmental plans, identify individual or aggregated procurements requiring review, and provide general guidelines to the review committees. The review committees will review and recommend procurement strategies for individual procurements or groups of procurements, normally only for those exceeding CAD 20 million, in accordance with the general direction from the PSC.

In the Acquisitions Programme the Post Contract Award Review Programme takes a sample of closed (completed) procurements and examines the files for professional and legal compliance. The review is frequent and operational as opposed to the large-scale Programme Evaluation performed by the PSPC Office of Audit and Evaluation.

The Office of the Auditor General (OAG) in Canada performs performance audits and reviews of the government (i.e. legislative auditing). The performance audits are in addition to assurance engagements (conventional financial audit) such as those related to public accounts that include the audited consolidated financial statements for the Government of Canada. The work of the OAG entails the independence to review and investigate actions of the government (including procurement activities) and report back to the legislature and the public. Beyond investigation and reporting, the OAG has no other powers and cannot compel any actions on the part of government or anyone else. The OAG is acknowledged to be very influential in producing government action to address problems.

Source: (OECD, 2018[6]).

While audit and inspection bodies play an essential oversight role, they are not part of the first or second line of defence as set out in the Auditor’s Three Lines of Defence Model (The Institute of Internal Auditors, 2018[9]). The model distinguishes between three groups (or lines) involved in effective risk management.

  • functions that own and manage risks

  • functions that oversee risks

  • functions that provide independent assurance.

Operational management (the first line) is responsible for maintaining effective internal controls and for executing risk and control procedures on a day-to-day basis. Operational management identifies, assesses, controls and mitigates risks, guiding the development and implementation of internal policies and procedures and ensuring activities are consistent with goals and objectives.

Operational management is supported and overseen by risk managers and compliance specialists, among others, that provide the second line of defence. The third line of defence – internal auditors – provides independent assurance to management regarding the effectiveness of the first two lines and how effectively risks are managed. Table ‎3.2 shows the roles and responsibilities of internal auditors in risk management.

copy the linklink copied!
Table ‎3.2. The role of internal audit in risk management

Core internal audit roles with regard to risk management

Giving assurance on the risk management process

Giving assurance that risks are correctly evaluated

Evaluating risk management processes

Evaluating the reporting of key risks

Reviewing the management of key risks

Legitimate internal audit roles with safeguards

Facilitating identification and evaluation of risks

Coaching management in responding to risks

Co-ordinating ERM activities

Consolidating reporting on risks

Maintaining and developing the ERM framework

Championing the establishment of ERM

Roles internal audit should not undertake

Setting the risk appetite

Imposing risk management processes

Management assurance on risks

Taking decisions on risk responses

Implementing risk responses on management's behalf

Accountability for risk management

Source: Adapted from (The Institute of Internal Auditors, 2009[10]) (OECD, 2019[7]).

The 2018 Survey confirms that 56% of respondents have follow-up mechanisms to track and monitor the implementation of audit recommendations and observations (Figure ‎3.4). Organisations can be exposed to risk if internal audit findings are not implemented. A truly risk-focused follow-up plan is targeted at the higher priority risks irrespective of the organisational context or internal audit review within which the recommendation was based (The Chartered Institute of Internal Auditors, 2018[11]), (OECD, 2019[7]).

copy the linklink copied!
Figure ‎3.4. Follow-up mechanisms to track and monitor the implementation of audit recommendations
Are there follow–up mechanisms to track and monitor the implementation of the audit recommendations?
Figure ‎3.4. Follow-up mechanisms to track and monitor the implementation of audit recommendations

Note: Based on data from 34 respondents (31 OECD countries plus Morocco, Peru and Costa Rica).

Source: (OECD, 2018[6]).

copy the linklink copied!3.2. Transparency, a mechanism to ensure sound governance in a public procurement system

The Recommendation calls on “Adherents to ensure an adequate degree of transparency of the public procurement system in all stages of the procurement cycle” (Principle on transparency, paragraph II). The Recommendation contains guiding principles for countries to promote fair and equitable treatment for potential suppliers by providing an adequate and timely degree of transparency in each phase of the public procurement cycle. The principles take into account the legitimate needs for protection of trade secrets and proprietary information and other privacy concerns, as well as the need to avoid information that can be used by interested suppliers to distort competition in the procurement process.

Transparency is central to promoting good governance in the public sector. It fosters accountability, ensures access to information and enables participation of diverse stakeholders (Johnston, 2002[12]). Transparency in public procurement serves a particularly important role in levelling the playing field for businesses, especially for smaller firms. Online publication of laws, policies and guidelines is common practice; these are often found on the website of the ministry or body in charge of designing them and co-ordinating their implementation.

The Open Contracting Partnership (OCP) developed the Open Contracting Data Standard (OCDS), which has been successfully applied in several countries including the United Kingdom and Mexico. The standard is designed to open up public contracting through disclosure, data and engagement so that the huge sums of money involved are spent honestly, fairly and effectively. Once the transition to the OCDS is made, tender submissions and contract details become much more traceable and auditable within systems. In Chile, the electronic procurement system facilitated implementation of the OCDS.

The Recommendation calls on Adherents to “allow free access through an online portal for all stakeholders including potential domestic and foreign suppliers, civil society and the general public, to public procurement information notably related to the public procurement system” (Principle on transparency, paragraph II). Respondents have long been publishing public procurement information, especially tender notices. The 2018 Survey data show that announcing tenders is the most widely adopted functionality of e-procurement systems, with nearly 100% of respondents using them to announce tenders and contract awards (Figure ‎3.5).

copy the linklink copied!
Figure ‎3.5. Functionalities of e-procurement systems, 2018
Figure ‎3.5. Functionalities of e-procurement systems, 2018

Note: Based on data from 34 respondents (31 OECD countries plus Morocco, Peru and Costa Rica).

Source: (OECD, 2018[6]).

Respondents have obligations prescribed by laws to publish procurement information. The laws usually define the timelines as a minimum number of days or deadlines for certain stages of public procurement, depending on the type of procedures chosen.

At the same time, some respondents have embedded additional mechanisms to ensure timely and accurate information. For example, in Italy each contracting authority has to comply with the provisions of its three-year anti-corruption and transparency plan that prescribes mechanisms, timing and actors involved in the publication of procurement information. In Korea, the linkage of external database systems with KONEPS ensures the accuracy of public procurement information (Box ‎3.4).

copy the linklink copied!
Box ‎3.4. Greater efficiency through data connection in KONEPS

KONEPS (Korea ON-line E-procurement System) is interconnected with over 160 diverse electronic systems, both within and outside the government’s reach. The result has been increased efficiency, reduced duplication and cost savings.

Connection with 19 surety companies allows automated verification of 4 types of sureties, including bid bonds and performance bonds. Interfaces with 12 private sector associations and 9 credit rating companies allows for the automatic collection of credit and past performance data, which is used to verify qualifications and evaluate bids. Fifteen commercial banks are connected for e-payment through electronic funds transfer and also for processing loans that are payment certificates transmitted through appropriate data exchange interfaces. In addition to collecting information from external sources, information from KONEPS is shared with 28 public entities and 34 private sector information systems.

Because of this integration, 477 document forms used in public procurement – including bid forms, contract forms, inspection requests and payment requests – have all been digitised. In addition to the increased efficiency of processing all these transactions and procurement steps electronically, bidders are no longer required to visit public authorities to collect or submit the documentation necessary for participation in public procurement to each public buying entity separately. This results in both increased transparency – as the information is available on line through KONEPS – and greater access for new entrants and small and medium enterprises, as the burden to participate in public procurement is much smaller.

Source: (OECD, 2016[13]).

Some of the areas mentioned by respondents, such as online catalogues, are actively being pursued in different countries as ways of opening up opportunities for both the public sector and suppliers to build in efficiencies stemming from greater transparency and competition. There is an increasing shift towards new commissioning approaches “…where the public sector is required to embrace more agile techniques, involving providers and stakeholders earlier in the commissioning process and iteratively throughout delivery, in order to better understand user needs and context, and potential benefits and barriers, and to adjust constantly to in order to develop more agile solutions to realise benefits” (OECD, 2018[14]).

Publishing information benefits both the public and the private sector. For the public sector, it enables diverse stakeholders to scrutinise public procurement spending. It also helps to hold government officials accountable for their decisions. While taking into consideration concerns for sensitive information related to trade secrets and privacy, respondents have embraced this trend, making more public procurement information available to the public. In Australia for example, the Dynamic Sourcing for Panels (DS4P) system was launched in late 2016. It is a new functionality in AusTender (the country’s e-procurement system) that provides government buyers with a standard and streamlined approach to sourcing their goods and services from panels. DS4P allows buyers to identify panels that match their requirements; search for and shortlist relevant suppliers; access panel documents and templates; and run requests for quote.

E-procurement tools have the potential to dramatically increase efficiency by eliminating wasteful and duplicative paper-based processes. There are some processes that e-procurement systems enable that are simply impossible to replicate without advanced digital technologies.

As demonstrated by Figure ‎3.6, post-contract information is published less often, with the exception of the contract notice. Governments need to strike a balance between ensuring accountability and competition on the one hand, and on the other protecting trade secrets and respecting the confidentiality of information that can be used by interested suppliers to distort competition, in current or future procurement processes. Information on bidders and bids during the procurement procedure is more sensitive than information published some time after the contract has been concluded. Namely, information on bids released at early stages of the tender procedure may facilitate bid rigging by enabling transparency among competitors, the monitoring of collusive agreements, and ultimately the adoption of retaliation measures to punish bidders that deviate from the terms of the bid-rigging agreement (OECD, 2012[15]; 2018[16]).

copy the linklink copied!
Figure ‎3.6. Availability of public procurement documents to the general public
Figure ‎3.6. Availability of public procurement documents to the general public

Note: Based on data from 30 respondents (29 OECD countries and Costa Rica) that answered both the 2018 and the 2016 Surveys on Public procurement.

Source: (OECD, 2018[6]; 2016[17]).

For respondents there may be no legal obligation to provide evaluation reports, either as part of a debriefing or in the interests of transparency. In a study of corruption cases released by the OECD in 2016 it was suggested that debriefs on how award decisions were made had been held. The study covered 131 concluded and ongoing corruption cases across a number of OECD countries. The report mapped out the corruption schemes themselves as well as the vehicles of corruption utilised in the execution of the schemes (OECD, 2014[3]).

The ability to provide information to the general public opens up possibilities for wider participation in public procurement processes, and can also support greater competition. Publication of public procurement information supports a level playing field by ensuring that all potential suppliers have access to the same information about government procurement opportunities at the same time. Respondents have increasingly focused on this latter function of information publication – for instance, more respondents have embedded obligations to publish procurement plans in their systems since adoption of the Recommendation. The data show that there has been a trend towards greater availability of public procurement documents between 2016 and 2018.

copy the linklink copied!3.3. Integrity, a cornerstone of good governance in public procurement

The Recommendation calls upon “Adherents to preserve the integrity of the public procurement system through general standards and procurement – specific safeguards” (Principle on integrity, paragraph III). It contains guiding principles for countries to require high standards of integrity for all stakeholders in the procurement cycle and to implement general public sector integrity tools.

Integrity plays a critical role in strengthening governance and building resilience in public procurement systems. Governments are emphasising public integrity as a strategic and sustainable response to corruption (OECD, 2017[18]).

The key principles that govern public procurement systems – such as equal treatment, non-discrimination, transparency, proportionality, and effective competition – act as barriers to the risks of corruption or integrity breaches. These are reflected in the legal frameworks used by respondents to foster integrity in public procurement. For instance, it was noted in the 2018 Survey that the Public Procurement Act of Norway, which came into force in November 2017, states that the purpose of public procurement rules includes ensuring the integrity of public entities as well as public confidence and trust. Another example from the 2018 Survey is found in the Peruvian Public Procurement Law (Law No. 30225), which came into force on 9 January 2016. Its article 2 states that “the conduct of the participants at any stage of the procurement process is guided by honesty and truthfulness, avoiding any improper practice. Improprieties shall be communicated to the competent authorities in a direct and timely manner” (OECD, 2018[6]).

copy the linklink copied!
Figure ‎3.7. Measures to promote integrity among suppliers
Figure ‎3.7. Measures to promote integrity among suppliers

Note: Based on data from 31 OECD countries plus Morocco, Peru and Costa Rica. “Other initiatives and/or measures” include issuing a public procurement ethical code for suppliers and possible debarment and suspension measures for suppliers responsible for integrity breaches.

Source: (OECD, 2018[6]).

The 2018 Survey responses show that, consistent with the overarching guidance provided in the key principles, there are initiatives being pursued to promote integrity among suppliers (Figure ‎3.7). In Australia, the Commonwealth Procurement Rules allow entities to exclude tenderers on the grounds of bankruptcy, insolvency, false declaration or significant deficiencies in the performance of any substantive requirement or obligation under prior contract (Australian Government, 2018[19]). In Latvia the contracting authority can exclude a candidate or tenderer (or their subcontractor where a value threshold of 10% of the total value of the contract is met) from participation in a procurement procedure in certain circumstances including tax debts, as outlined in the legislation (OECD, 2018[6]).

3.3.1. Promoting common values for a culture of integrity

Promoting common values by drawing up concrete standards of conduct to be applied by public employees in their work, as providing guidance for identifying and managing conflict-of-interest situations and resolving ethical dilemmas are at the core of developing a culture of integrity in the public sector resilient to corruption risks. Administrative functions where the risks of corruption are higher than in other functions might need specific guidance, taking into consideration the specific risks for these positions. The OECD has suggested a number of methods for fostering high standards of integrity and professionalism from public procurement officials (OECD, 2016[20]). Respondents have developed codes of conduct and codes of ethics that clearly articulate the core values underlying public service, and have established guidelines for their use in daily work. For instance, the CPB in Chile developed its own code of ethics in 2017 (Box ‎3.5). Codes of conduct and ethics make clear the kind of behaviour that is expected of public officials and where the boundaries of behaving with integrity are.

copy the linklink copied!
Box ‎3.5. ChileCompra’s Code of Ethics in Public Processes

ChileCompra, the central purchasing body of Chile, approved the Code of Ethics in Public Procurement Processes in May 2017. The purpose of this document is to ensure integrity in public procurement and the proper use of public resources by public officials. It includes recommendations to be followed by officials during the various stages of procurement processes. The code establishes the reporting obligation of officials participating in public procurement, stating that "any public official who participates in a procurement process, in any of its stages, has the duty to report to its superior or to the Office of the Comptroller General of the Republic or before the Public Prosecutor's Office, as appropriate, with due promptness, the irregular facts that may contravene the integrity principle and those that may be constitutive of crimes".

Source: (OECD, 2018[6]).

In Canada there is a Code of Conduct for Procurement, which consolidates the federal government's existing legal, regulatory and policy requirements (including measures on conflict of interest, post-employment and anti-corruption) into a concise and transparent statement of the expectations the government has of its employees and suppliers. The Code is incorporated by reference in solicitation and contractual documents under a dedicated clause, where both the contractor and the government of Canada agree to comply with the Code and are bound by its terms for the period of the contract.

Managing conflicts of interest is also a core part of the wider ethics framework, and in all OECD member countries conflict-of-interest policies and rules are stated in their legal framework (OECD, 2017[21]). Underlying the conflict-of-interest policies is the understanding and recognition that everyone has private interests that may be in conflict with official responsibilities and obligations. However, these interests cannot be prohibited; rather, they must be properly managed and potential conflicts of interest resolved.

Safeguarding the public interest is the fundamental mission of governments and public institutions. It is their obligation to ensure that public officials do not allow their private interests and affiliations to compromise their official duties. Different countries have different approaches to managing conflicts of interest that often reflect their legal and public service traditions. Table ‎3.3 focuses on conflicts of interest in the public sector in general – that is to say, it is not specific to public procurement.

copy the linklink copied!
Table ‎3.3. Evaluating conflicts of interest in the public sector

Existence and compliance

with conflict of interest policies

Existence and quality of codes of conduct

Existence and compliance with asset declaration policies

Extent of awareness of integrity policies by public officials











Czech Republic



No central evaluation of public integrity system

















No central evaluation of public integrity system


No central evaluation of public integrity system



New Zealand












No central evaluation of public integrity system

Slovak Republic













No central evaluation of public integrity system

United Kingdom

United States





Total among 32 OECD Member Respondents

● Always





♦ Often





▲ Sometimes





○ Never





- Unknown/ varies widely





No central evaluation of public integrity system





Costa Rica

No central evaluation of public integrity system


Note: This table is based on data from the 2016 OECD Survey on Public Integrity and focuses on public sector integrity systems in general.

Source: (OECD, 2017[22]).

In Sweden for example, because of the decentralised nature of procurement, there are differing approaches to declaring when there is no conflict of interest and these are recorded in a number of different guidelines at contracting authority level. In Peru and Costa Rica, certain public officials and political appointees are by law prohibited from participating in public procurement procedures, bidding, or contracting with government regardless of the public procurement regime applicable to them. In Costa Rica the prohibition extends to spouses, partners or relatives within the third degree of consanguinity (OECD, 2018[6]).

The OECD Recommendation on Guidelines for Managing Conflict of Interest in the Public Service [OECD/LEGAL/0316] provides policy makers with a set of concrete policy options for managing conflict of interest based on promoting individual responsibility, supporting scrutiny and creating an appropriate organisational culture (OECD, 2003[23]).

An OECD survey on managing conflict of interest in the executive branch and whistleblower protection shows that among member countries a number of different activities are applied to raise awareness among stakeholders. Training is provided in 23 out of 32 countries, and 22 out of 33 publish the conflict-of-interest policy on line or on the intranet of the government organisation. A lower number (19 out of 32) provide proactive updates regarding changes in the conflict-of-interest policies and 17 out of 32 provide an advice line or help desk where officials receive guidance on filing requirements and identifying and managing conflicts of interest (OECD, 2014[24]).

Legal frameworks that support declarations of conflict of interest and private interests are common among OECD countries. OECD data shows that 85% of respondents have a specific definition of conflicts of interest for public procurement officials in their regulatory framework (OECD, 2018[6]). However, the 2018 Survey results show that in 79.5% of the respondent countries, public procurement officials have to declare either “no conflict of interest” or notify the competent authority in case of potential conflict of interest during a public procurement procedure (Figure ‎3.8).

copy the linklink copied!
Figure ‎3.8. Policies and mechanisms to manage conflicts of interest in public procurement
Do public procurement officials have to declare “no conflict of interest” or notify the competent authority in case of potential conflict of interest?
Figure ‎3.8. Policies and mechanisms to manage conflicts of interest in public procurement

Note: Based on data from 34 countries (31 OECD countries plus Morocco, Peru and Costa Rica).

Source: (OECD, 2018[6]).

Asset declarations for public officials are commonly used in OECD countries to monitor potential conflicts of interest. Variations continue to exist across countries in the scope and breadth of asset declaration requirements and reviewing mechanisms. Within countries, there are also important differences across government branches, with public officials operating in “at-risk areas” such as public procurement (along with tax and customs officials) having more stringent asset declaration requirements (OECD, 2015[25]; OECD, 2017[22]). In order to prevent conflicts of interest, some respondent countries also require suppliers to disclose their beneficial ownership to contracting authorities, either every time they participate in a public procurement process, or when they participate for the first time, or when there is automated exchange of information (Figure ‎3.9).

copy the linklink copied!
Figure ‎3.9. Disclosure of information on beneficial ownership of companies
Figure ‎3.9. Disclosure of information on beneficial ownership of companies

Note: Data gathered among 33 respondents (30 OECD countries plus Morocco, Costa Rica and Peru).

Source: (OECD, 2018[6]).

Some countries have a list of suppliers that is centrally managed in co-ordination with other authorities. For example, in the Slovak Republic, since 1 February 2017 new legislation for the registry of partners of the public sector came into force. The registry covers all contracts financed from public sources. It is no longer managed by the Public Procurement Office, but rather by the Ministry of Justice. Under the new legislation, identification and verification of the beneficial owner is carried out by an authorised person, such as a lawyer, a notary, a bank, an auditor or a tax advisor, and no longer through self-declaration (OECD, 2018[6]).

Integrity is fostered when the rules are clearly outlined, underpinned by awareness of values and public sector ethics to enable public officials to apply integrity in their day-to-day tasks. Providing clear laws, guidelines and processes will provide officials with the tools to manage integrity risks appropriately.

To conclude, as noted above, having clear lines of oversight will mean the ability to verify conformity to regulatory frameworks and to ensure that public resources are spent in an efficient and effective way. These can include defining the level of authority for approvals, levels of responsibility for certain activities, and delegating decision-making authority to the lowest competent level consistent with the risks associated and monetary sums involved. Incorporating a functioning control system as part of the oversight of the public procurement cycle will help to avoid many of the risks inherent in procurement procedures. Also having legal frameworks, internal control/audit mechanisms and independent external audits as part of the oversight can provide assurance across the various levels of activity undertaken.


[19] Australian Government (2018), Commonwealth Procurement Rules,

[5] Departamento Administrativo de la Función Pública (2019), MIPG (Modelo Integrado de Planeación y Gestión),

[12] Johnston, M. (2002), Good governance: rule of law, transparency, and accountability, (accessed on 14 November 2018).

[4] Manuel, J. et al. (2015), Guía para la Gestión del Riesgo de Corrupción 2015 Liberta y Orden, Presidencia de la República,

[7] OECD (2019), “IPACS Task Force 1 Draft Report: Mapping of procurement standards and risk management activities in the construction of infrastructure for sporting events”.

[6] OECD (2018), Data from the 2018 OECD Survey on the Implementation of the 2015 OECD Recommendation on Public Procurement.

[16] OECD (2018), Fighting Bid Rigging in IMSS Procurement: Impact of OECD Recommendations,

[14] OECD (2018), Public Procurement Week: Investing in strategic public procurement to maximise benefits for all.

[22] OECD (2017), Government at a Glance 2017, OECD Publishing, Paris,

[8] OECD (2017), OECD Integrity Review of Mexico: Taking a Stronger Stance Against Corruption, OECD Public Governance Reviews, OECD Publishing, Paris,

[21] OECD (2017), OECD Integrity Review of Peru: Enhancing Public Sector Integrity for Inclusive Growth, OECD Public Governance Reviews, OECD Publishing, Paris,

[18] OECD (2017), OECD Recommendation of the Council on Public Integrity,

[20] OECD (2016), Checklist for Supporting the Implementation of the OECD Recommendation of the Council on Public Procurement, (accessed on  2019).

[17] OECD (2016), Data from the 2016 OECD Survey on public procurement (partially published),

[2] OECD (2016), Preventing Corruption in Public Procurement, (accessed on 20 July 2017).

[13] OECD (2016), The Korean Public Procurement Service: Innovating for Effectiveness, OECD Public Governance Reviews, OECD Publishing, Paris,

[25] OECD (2015), Government at a Glance 2015, OECD Publishing, Paris,

[3] OECD (2014), OECD Foreign Bribery Report: An Analysis of the Crime of Bribery of Foreign Public Officials, OECD Publishing, Paris,

[24] OECD (2014), “OECD Survey on Managing Conflict of Interest in the Executive Branch and Whistleblower Protection”.

[15] OECD (2012), OECD Recommendation on Fighting Bid Rigging in Public Procurement - OECD,

[23] OECD (2003), Recommendation of the Council on Guidelines for Managing Conflict of Interest in the Public Service,

[1] OECD (n.d.), OECD Public Procurement Toolbox, (accessed on 30 August 2017).

[11] The Chartered Institute of Internal Auditors (2018), Following up recommendations/management actions,

[9] The Institute of Internal Auditors (2018), IIA Launches Global Review of ‘Three Lines of Defense,

[10] The Institute of Internal Auditors (2009), The Role of Internal Auditing in Enterprise-Wide Risk Management,

Metadata, Legal and Rights

This document, as well as any data and map included herein, are without prejudice to the status of or sovereignty over any territory, to the delimitation of international frontiers and boundaries and to the name of any territory, city or area. Extracts from publications may be subject to additional disclaimers, which are set out in the complete version of the publication, available at the link provided.

© OECD 2019

The use of this work, whether digital or print, is governed by the Terms and Conditions to be found at

3. Fostering trust through a risk-based approach to public procurement