The Valencian Anti-Fraud Agency joins the Network of Corruption Prevention Authorities (NCPA) of the Council of Europe

Valencia, September 13, 2022.- The Valencian Anti-Fraud Agency has joined as an observer entity the international organization NCPA (Network of Corruption Prevention Authorities), a network that is within the framework of the Council of Europe in the Division of Economic Crime and Cooperation.
The NCPA network currently has 31 members, an observer entity (the Office for the Prevention and Fight against Corruption in the Balearic Islands) and five partners. Members of the network include representatives from France, Bulgaria, Estonia, Italy, Denmark, Egypt, Tunisia, Brazil, Canada, Ecuador, Jordan and Azerbaijan.
It is the circumstance that to be part of the NCPA only the national authorities of each country can be members and in the case of Spain, not having a national authority to fight fraud and corruption, only the autonomous agencies can participate as an observer entity, a role that will be exercised by the Valencian Anti-Fraud Agency together with the Office of Prevention and Fight against Corruption of the Balearic Islands.
The current presidency of the NCPA is held by the Hellenic National Transparency Authority (NTA) of Greece.
The NCPA was launched in October 2018 with the aim of addressing the need for cooperation between anti-corruption authorities to improve the collection, management and exchange of information as well as the sharing of their respective experiences and good practices.
Likewise, the network helps the different members and observer entities to implement policies that favor the development of more effective anti-corrosion strategiesthat include both the public and private sectors.
One of the most important works developed by the NCPA is the publication of a map of the existing anti-corruption authorities in the world in which the AVAF (Network of Corruption Prevention Authorities ( is included.
Once the incorporation of the Agency was accepted last week, he participated in a meeting of the NCPA informing the rest of the members of the network of the work carried out by the Valencian Anti-Fraud Agency.
Presence in other international bodies
The NCPA is not the only international organisation in which the Agency participates and thus also forms part as a full member:
Since 2018, the Valencian Anti-Fraud Agency has been part of the European Network of Anti-Fraud and Corruption Agencies (EAPC), which includes 30 anti-corruption organizations on the European continent.
Likewise , the AVAF is part of the EACN (European contact-point network), a supranational organization made up of more than 60 anti-corruption authorities and police oversight bodies of the Council of Europe.
In 2019 the European Union adopted the Directive on the protection of whistleblowers of breaches of Union law (Directive 2019/1937 on the protection of persons reporting breaches of Union law) directly related to the fight against corruption.
The Network of European Integrity Authorities and Whistleblowers (NEIWA), which currently represents 23 member states, was established in May of the same year to provide a platform for cooperation and exchange of knowledge and experience in the field of integrity and whistleblowing.
The Valencian Anti-Fraud Agency has been a member of NEIWA since 2019.

“Ending corruption would help reduce public debt”, said the director of the Agency in the Investigation Commission of the Corts Valencianes

Valencia, September 06, 2022.- The director of the Valencian Anti-Fraud Agency, Joan Llinares, appeared this morning before the Public Debt Investigation Commission of the Valencian Community in the Corts Valencianes.
In his speech, the director began by pointing out that the “central question is whether the public debt contracted is balanced with the financial capacity that each public administration has to deal with it and whether the investments made have a purpose and social return or are I could have dispensed with them as unnecessary.”
And to achieve this objective there is a fundamental tool such as “the evaluation of public policies linked to the principles of good governance, responsible management of public resources and solid control systems,” added Llinares.
He then presented the members of the Commission with different data and studies on the cost of corruption in the increase in public debt. Among these reports, the “Stopping corruption” report prepared by the International Monetary Fund (IMF) stands out, in which it is pointed out that corruption costs Spain about 60,000 million annually, which is equivalent to a negative impact on the GDP close to the 4.5 points.
Also the National Markets and Competition Commission (CNMV) in a 2015 report states that “it is estimated that, in the absence of competitive pressure in public contracting, average upward deviations of up to 25% of the contracting budgets can be caused. ”. And at this point, the director of the Agency pointed out that “the CNMV has just imposed a penalty of 300 million euros on the main Spanish construction companies for dividing up and agreeing on prices for 25 years”
“Ending corruption, or at least reducing it, would certainly not end all public debt, but it would reduce borrowing needs and improve the financial capacity of public coffers, helping to build trust in politics and its representatives. and thus strengthening the democratic system”, concluded Llinares.
You can access the entire intervention on the Corts Valencianes YouTube channel here:

Complaint boxes: What, Who, When, Where and Why

1. Anti-fraud complaint mailboxes: basic concepts

We are facing a new legal obligation. Directive 1937/2019 of the European Parliament and of the Council, of October 23, 2019, regarding the protection of people who report violations of Union Law, establishes the need to promote internal and external reporting channels: “ Member States shall promote communication through internal complaint channels before communication through external complaint channels.” (article 7.2). The rule establishes a preference for internal reporting channels over external ones, “Member States shall promote communication through internal reporting channels (…), provided that the infraction can be dealt with effectively internally and provided that the complainant consider that there is no risk of retaliation.” (article 7.2). This need to promote the implementation of internal complaint channels is complemented by the need to articulate the appropriate complaint and follow-up procedures, after consulting the social partners and in accordance with them when established by national law.

However, the complainant may go directly to the external channel if, after the internal complaint, the appropriate measures are not taken; if it is presumed that the complaint to his superiors will not produce effects; or when there is imminent or manifest danger to the public interest.
For its part, the Draft Law transposing Directive 2019/1937 (hereinafter, APL), refers to internal information systems, opting for this less forceful terminology, almost a euphemism, and providing that these internal information systems information are the preferential channel to report on the actions or omissions provided for in article 2, in short, on infringements of Union Law provided for in the Directive (article 4 APL). The administration or government body of each entity or body will be responsible for the implementation of the internal information system, after consultation with the legal representation of the workers (art. 5 APL). The management of internal information systems may be carried out within the entity itself or by going to an external third party. (art. 6 APL). In addition, all internal information channels will be integrated into the internal information system.

The Preliminary Draft also refers to the anonymization or confidentiality of the informant (understood as “complainant”). Thus, it establishes that the internal information channels must allow the presentation and subsequent processing of anonymous communications (art. 7.3 APL). For its part, the procedure for managing internal communications (understood as “complaints”) is the one established in art. 8 APL, to which we refer. In any case, it will be necessary to follow the evolution of the text already in the phases of the Bill, reports and processing in parliament.

What does seem clear is that the vast majority of public and private entities must have them: “Member States shall ensure that legal entities in the private and public sectors establish channels and procedures for internal reporting and follow-up (…)” (art. 8.1 Directive). According to the Directive itself, the establishment of a complaints channel or mailbox is mandatory for legal entities in the private sector with more than 50 workers. Member States may require it from entities with less than 50 workers, but this decision is left to national regulatory development. At the moment, the aforementioned draft law generally regulates the obligation only for private legal entities with 50 or more workers. The same does not happen in the public sector, where reporting channels will be mandatory. In this case, the Directive once again establishes the possibility for Member States to exempt municipalities with fewer than 10,000 inhabitants or with fewer than 50 workers, as well as other legal entities in the public sector with fewer than 50 workers. But here the preliminary bill does not exempt any public sector entity from the obligation, and given that the difficulties of small municipalities can be solved with the sharing of resources and, above all, with the action of support and assistance of Provincial Councils, Cabildos and Councils, it is more than likely that the obligation will remain.


2. The complaints mailbox of the Valencian Anti-Fraud Agency: a model to reproduce

How to articulate the aforementioned obligation to create and maintain a mailbox for complaints in our public sector entities? Our particular proposal is the model of the Valencian Antifraud Agency. Our complaints mailbox, in this case internal and, as an anti-fraud office, also external in the sense explained above, has been in operation since 2018. It is based on the Globaleaks platform and was originally adapted to the current technology and legislation by Xnet, this form could be used and replicated in different institutions and organizations in Spain quickly, agilely and without cost.

The tool can be downloaded from the website of its creator where you can access its main features and which we would like to group into four groups:

1.At the user level: simple management from a web interface, translated into more than 60 languages, fully configurable and customizable with the corporate colors and logos of the different administrations. It also allows its adaptation to the casuistry of each project, allowing anonymous reporting, creation of advanced questionnaires, private conversations and exchange of information and statistical reports.

2.On a technical level: long-term maintenance guaranteed by the developer (LTS), fully autonomous application (no need for web servers or other applications), built using light navigation technologies, integrated backup system, configuration automated access through the TOR private network and prepared to be integrated with other web pages and intranets.

3.At a legal level: it complies with the standards of ISO 37002:2021 (Management systems for reporting irregularities) as well as with Community Directive 2019/1937 on the protection of whistleblowers of corruption. It complies with the European GDPR data protection regulation allowing data retention policies to be configured, in the same way it guarantees the custody of the complainant’s identity (if provided) by protecting access to complaints as well as by the absence of registration of the IP addresses of those who make these communications.

4.At the security level: it guarantees access through HTTPS protocols and the TOR network. It is continuously exposed to different pentesting tests to guarantee and improve its security. It allows access through double authentication factor, all the content provided is encrypted and only accessible to authorized recipients. It leaves no trace in the browser cache, has anti-spam mechanisms and offers support for the exchange of messages through PGP (Encryption and Signing of messages).

Lastly, at the level of specific support and maintenance, there are several public forums for the tool where it is possible to consult and propose new doubts that are usually resolved by the developers themselves. If more personalized support and direct attention is necessary, although it is not necessary, it is possible to contract a more specific maintenance with the developer, although with the information available and the existing user community, most doubts are resolved quickly. In the same way, product updates are constant and its distribution and application are free, which guarantees the integrity of the platform and its continuous improvement and adaptation to current technology and regulations.

In summary, we are faced with the solution that, in terms of functional and economic efficiency, will offer the best response to the obligations imposed by articles 7 and 10 of Directive 2019/1937 in terms of the obligation to have internal complaint channels and external. The tool is adaptable to both needs and complies with the technical and security measures that guarantee the protection of the complainant’s identity and access to the reported information only to those users who are authorized to do so.

Victor Almonacid Lamelas. Director of Prevention, Training and Documentation of the AVAF
Javier Alama Izquierdo. Head of the AVAF Information Systems Service