Artificial Intelligence and the fight against corruption

In the digital age, the fight against corruption has found a powerful ally in artificial intelligence (AI). This technology, with its ability to analyze large volumes of data and detect hidden patterns, offers unprecedented tools to identify and prevent fraudulent acts. However, its practical implementation is still very limited and not without its challenges. In this article, we explore how AI can transform the fight against corruption and reflect on the governance, organizational, human, and ethical dilemmas that this technological revolution entails. In what areas or areas of the fight against corruption could we apply artificial intelligence? Here are some of the applications that artificial intelligence could have: Public procurement: Control of public tenders by monitoring tenders to detect anomalous patterns, such as tailor-made tenders or tenders always won by the same company. Review of public contracts for unusual clauses or potentially corrupt conditions. Public Audits: Budget audits to analyse expenditures by municipalities and other public administrations, identifying irregular allocations or unjustified expenditures. Control of subsidies and public aid to detect duplication or beneficiaries that do not correspond. Pattern Detection: Detection of anomalous patterns through machine learning, as large volumes of data can be analyzed for anomalous patterns that could indicate fraudulent activity. For example, in financial transactions, tenders, contracts or grants. Text analysis when reviewing documents and emails for suspicious terms or patterns, such as in the case of false reports. Human resources: Human resources management to detect irregularities in selection processes, internal promotions, swaps, etc. Control of conflicts of interest by identifying possible relationships between public administration staff and private companies. Utilities: Detection of irregularities in the management of public services by identifying possible cost overruns, deficiencies or bad practices. Validation of official documents, verifying the authenticity and consistency of documents submitted in administrative procedures, avoiding forgeries. Data Analysis: Database integration: by connecting public databases (local, national or international), information can be cross-referenced and possible fraud can be detected more efficiently. Data Protection: Protection of sensitive data by alerting about unauthorized access or manipulation of government databases. Optimization of investigations since, when detecting a possible case of fraud, the AI could recommend a series of steps or actions based on previous cases, thus optimizing resources and investigation times.  Information Systems Whistleblowing systems: AI-powered anonymous whistleblowing platforms to ensure whistleblower protection and the validity of information received. Predictive systems: AI could help predict areas or sectors with a higher risk of fraud in the future based on historical data and current trends. Training in ethics and public integrity for public administration staff and citizens, adapting the content to the real needs of each person detected by the AI itself. Legislation and transparency Transparency in decision-making: AI tools that explain how certain government or corporate decisions are made, reducing the possibility of undue favoritism. Review of legislation and regulations: AI can analyze and compare legislation from different regions or countries to propose modifications that reduce legal loopholes that allow corruption. Below, we are going to look at examples of AI-based tools and applications that are already working in the field of anti-fraud and corruption-based fraud. We have grouped them according to the objective they pursue. Tools for detecting corruption in public procurement Let’s start with the case  of VigIA, an artificial intelligence tool conceived by the Tic Tank of the Universidad del Rosario (Argentina) and supported by CAF (Development Bank of Latin America and the Caribbean), for the District Oversight Office of Bogotá. The objective of VigIA is to identify contracts of the Mayor’s Office of Bogotá with high risk of corruption and inefficiencies, taking advantage of the data provided by the Electronic System for Public Procurement. In the field of private initiative, we have found the case  of Percephtor, designed by a Mexican company to help citizens supervise public works, evaluate the performance of political positions and fight corruption. This tool performs object recognition using images and videos. In 2022, it was identified that the Government of Mexico spent an average of 2.7 million pesos per minute on public works, a fact revealed by “Mexicans Against Corruption and Impunity” that refers to undeclared expenses on CompraNet, the portal aimed at showcasing public contracts. The  European Union’s Digiwhist  project is a big data tool created to detect fraud at European level in public procurement. The project processes indicators and public data and maintains a close collaboration with organizations focused on whistleblowing corruption such as Xnet[i] We point out that Xnet has a strong link with the Valencian Anti-Fraud Agency since the Agency’s complaint box is based on the Globaleaks platform, which was adapted to the technology and legislation in force by Xnet. This Digiwhist project is a collaboration of six European organisations, led by the University of Cambridge. For its creation, they have studied public procurement data from 35 jurisdictions with which to create a public database. With the information collected, Digiwhist has designed tools to promote more transparent and fair public procurement. These tools are freely accessible to the public and offer valuable resources for NGOs, journalists, administrations and businesses. The main tools include: www.opentender.eu: Platform to search for public tenders in 35 jurisdictions. European Public Accountability Mechanisms (EuroPAM) which allows the comparison of legal and regulatory standards in different jurisdictions. European Tenders Monitoring (MET): software for assessing risks in public procurement procedures. Artificial Intelligence Tools Applied to Fraud and Corruption Investigation An example of a tool that has already been developed and has proven its effectiveness is Ravn,  a software with artificial intelligence that can filter, index and summarize documents quickly and without errors, surpassing humans in efficiency. He gained notoriety for the role he played in uncovering a corruption case at Rolls-Royce in 2008 as he helped the UK’s Serious Fraud Office (SFO) analyse 30 million documents, processing 600,000 documents daily. These programs, known as ‘Lawtech’, use intelligent algorithms to learn from their experience, optimizing time and resources. They can perform tasks such as indexing multinational repositories or extracting passport numbers from images automatically. Despite their…

Law 2/2023 regulating the protection of persons who report on regulatory and anti-corruption infringements under review: is it really at the forefront in Europe?

Introduction On 20 February 2023, Law 2/2023 on the protection of persons reporting on regulatory and anti-corruption infringements was adopted, transposing Directive 2019/1937 on the protection of persons reporting breaches of Union law. Its purpose is to fill certain gaps in the legal framework for the security and protection of whistleblowers within the organizations where they provide their services and, as a consequence, to detect irregularities or illegalities in order to inform the authorities. Undoubtedly, the aforementioned law aims to facilitate transparency and combat corruption and the commission of other crimes within public entities or private corporations. In order to achieve these objectives, Law 2/2023 takes advantage of the successful proactive measures of clear European influence that have been applied for the management of European funds in contexts such as the detection of fraud, corruption, conflicts of interest and double financing that have been developed so far (for example,  State Order HFP/1030/2021, which configures the management system of the Recovery, Transformation and Resilience Plan). This is a novelty in Spain whose regulatory anchoring occurred with some delay although it currently represents the culmination of the process of transposition of Directive 2019/1937 into the Spanish legal system. Thus, as is evident in the preamble of the Law, it is added to the previous and more advanced experiences of some autonomies such as the Valencian Community that, by virtue of Law 11/2016, of November 28, created the Agency for the Prevention and Fight against Fraud and Corruption (Valencian Anti-Fraud Agency) which has been at the forefront in Spain in terms of the empowerment of the “information culture”. To this end, the new state law is based on the premise that citizen collaboration is an essential factor for the effectiveness of the Law and that it is manifested not only with the subjection of all public powers and citizens to the Spanish Constitution and the rest of the legal system (article 9.1 of the Spanish Constitution),  but also with the collective commitment to the proper functioning of public and private institutions. This, without prejudice to the fact that it is projected on the duty of workers – and that could be extended, even, to elected public officials – to inform or alert about certain categories of irregularities of which they have knowledge in the context of their employment or professional relationship in order to prevent  and detect fraudulent and corrupt practices that,  Indeed, they threaten the public interest. Generic obligations of Law 2/2023 As for Title II of this law (arts. 4 et seq.), it establishes the obligation for both companies and the public sector to have a complete internal information system composed of both the usual communication channel – commonly known as an ethical or complaints channel – and the process of management and monitoring of the information received. Precisely, it is more than evident that this system should be used preferentially to channel information although the informant can choose the internal or external channel, depending on the circumstances and risks of retaliation that he can consider. Likewise, the entities must designate a person responsible for the internal information system (articles 5 and 8) who may be a person or a collegiate body and whose appointment, dismissal or dismissal will depend on the administrative or governing body of the entity. The management of the system may be internal or external to the entity (art. 12). In the event that management is outsourced, the guarantees provided for by law must be respected and the responsibility, in any case, will also fall on the person responsible for the system that has been appointed in the entity (articles 6 and 8). The communication channel that is part of the system must allow communications to be made in writing or verbally, or both, by electronic means or even in person (arts. 5 and 7). Communications through the channel will be confidential (art. 5.2º b) and must also allow anonymous communications to be presented or processed subsequently (art. 7.3º). Likewise, the information management procedure will respond to the minimum content and principles provided for in article 9 of this law. In relation to Title III (arts. 16 et seq.), the external information channel is regulated, so that the informant may choose to inform the Independent Authority for the Protection of the Informant (hereinafter, AIPI) or the competent authorities or autonomous bodies, either directly or prior communication through the corresponding internal channel. Moreover, as a last resort, the reporting person may make a public disclosure of the infringement of which he has become aware, after having made the communication first through internal and external channels, or directly, through external channels – provided that appropriate measures have not been taken in this regard within the prescribed period and understands that there is a situation of imminent danger to the public interest,  among others–. For its part, Law 2/2023 also establishes a precise sanctioning regime, which contemplates high amounts of fines both for the infringing entity, public or private, and for the responsible internal bodies. Thus, according to the provisions of article 65, they start from 1,001 to 300,000 euros in the case of natural persons and between 100,000 and one million euros if those who commit an infringement are legal persons, intervals that vary depending on their severity. In any case, in the case of very serious cases, provision is also made for (a) public reprimand; (b) a ban on obtaining subsidies or other tax benefits for a maximum period of four years and; (c) a ban on contracting with the public sector for a maximum period of three years. In short, although the sanctioning regime will encourage companies to adapt as soon as possible to the novelties provided for in this law, it leaves them in a complicated situation, since they must comply with their legal obligations in record time under penalty of high penalties that may compromise their viability. However, under Article 61 of that Law, the national sanctioning body is vested in AIPI, which has…

36 questions and answers about Law 2/2023

BASIC QUESTIONS ABOUT THE LAW  What is the objective of Law 2/2023, of February 20, regulating the protection of people who report on regulatory violations and the fight against corruption?  Its objective is to protect people who report or denounce violations in their workplace from retaliation they may suffer. The Law transposes Directive 2019/1937 of the European Parliament on the protection of persons who report violations of Union Law. Law 11/2016 creating the Agency for the Prevention and Fight against Fraud and Corruption of the Valencian Community, anticipated the Directive, creating an external complaints mailbox open to all citizens and a statute of protection of people who denounce, whether natural or legal persons. Who can report or denounce an irregularity in their workplace? Any person linked by a labor or professional relationship may report to the Independent Informant Protection Authority (AIPI), which has not yet been created, or to the corresponding authorities or autonomous bodies. In the case of the Valencian Community, the competent authority is the Valencian Anti-Fraud Agency.  What type of information or complaints are included within the scope of application of the Law and give the right to protection? Actions or omissions that may constitute a serious or very serious criminal or administrative offense. For example: passing the questions on an exam, manipulating a contract, building where you can’t, accessing a grant without having the requirements… In the case of the Valencian Anti-Fraud Agency, these are those facts or conduct that may constitute corruption, fraud, administrative irregularities, conduct constituting an administrative or disciplinary offence, and conduct or activities that are reprehensible for being contrary to integrity and public ethics. Does the Valencian Antifraud Agency have powers in the private sector? It could only have said competence if Law 11/2016 creating the Agency is modified, expanding its scope of action. Therefore, for the private sector, the competent body is the Independent Informant Protection Authority (AIPI), which has not yet been created.  What are the ways and means to report or denounce an infringement in accordance with Law 2/2023? Through the internal channel that each entity must have, or through the external channel, which in the case of the Valencian Community is that of the Valencian Antifraud Agency. The Law allows the whistleblower to choose between the internal or external channel, depending on the circumstances and the risks of reprisals that he considers. The complaint may be anonymous or identified, and may be made by any means: written, verbal, by email, postal mail, voice mail, etc. Who can be reporting persons according to Law 2/2023? Law 2/2023 uses the term “informant” as a synonym for whistleblower to refer to people in the public or private sector who communicate or reveal information about irregularities of which they are aware in their professional or work environment. Are included: People who work in public administrations regardless of their employment relationship (career officials, interim, labor, temporary…) People who work in the private sphere. People who are doing internships, interns, in training or who are participating in a selection process. People who work for companies related to the administration, whether they are contractors, subcontractors, suppliers, etc. In any case, these people who report violations must report in accordance with the requirements of the Law and have reasonable grounds to believe that the information they are providing is true.  Can I go to the external reporting channel or should I first report through the internal channel?  The internal channel should be used preferentially, since a diligent and effective action within the organization itself could paralyze the harmful consequences. However, the Law allows the whistleblower to choose the internal or external channel, depending on the circumstances and the risks of reprisals that he considers. In any case, the AVAF is the external channel that may be used in accordance with the provisions of Law 2/2023 and in its regulatory regional regulations. What are the support measures established by Law 2/2023 for the person who denounces or informs?  Free information and advice on the procedures and resources available, protection against retaliation and the rights of the affected person. Effective assistance by the competent authorities before any authority involved in their protection against retaliation, including the certification that they can avail themselves of protection under this law. Legal assistance in criminal proceedings and cross-border civil proceedings in accordance with community regulations. Financial and psychological support, exceptionally, after assessing the circumstances. All this, regardless of the assistance that may correspond according to Law 1/1996 on free legal assistance, for the representation and defense in judicial proceedings derived from the presentation of the communication or public disclosure. Who can access the protection measures included in the Law? In addition to the informants or denouncers, those related to them who may be harmed or retaliated against, such as family members or co-workers, will be able to access. What about retaliation?  Acts of retaliation, including threats and attempted retaliation, are expressly prohibited. Retaliation is understood as any act or omission prohibited by Law, or that directly or indirectly involves unfavorable treatment that places the people who suffer it at a disadvantage with respect to another in the labor or professional context, solely because of their status as informants. What are the most common reprisals?  Opening of disciplinary files and dismissal. Demotion or denial of promotions and substantial modifications of working conditions. Damages, including those of a reputational nature, or economic losses, coercion, intimidation, harassment or ostracism. Denial or cancellation of licences, permits or training. Discrimination, or unfavorable or unfair treatment. What are the protection measures against retaliation?  The best protection is anonymity. The Law requires the creation and implementation of secure channels that guarantee confidentiality, admitting both anonymous and identifying complaints. The people who communicate this information are not liable, provided that access to the information does not constitute a crime and except for legal liabilities that may arise. However, the protection does not exempt the complainant from the responsibilities that may have been incurred for events other than the complaint.…