“Ending corruption would help reduce public debt”, said the director of the Agency in the Investigation Commission of the Corts Valencianes

Valencia, September 06, 2022.- The director of the Valencian Anti-Fraud Agency, Joan Llinares, appeared this morning before the Public Debt Investigation Commission of the Valencian Community in the Corts Valencianes.
In his speech, the director began by pointing out that the “central question is whether the public debt contracted is balanced with the financial capacity that each public administration has to deal with it and whether the investments made have a purpose and social return or are I could have dispensed with them as unnecessary.”
And to achieve this objective there is a fundamental tool such as “the evaluation of public policies linked to the principles of good governance, responsible management of public resources and solid control systems,” added Llinares.
He then presented the members of the Commission with different data and studies on the cost of corruption in the increase in public debt. Among these reports, the “Stopping corruption” report prepared by the International Monetary Fund (IMF) stands out, in which it is pointed out that corruption costs Spain about 60,000 million annually, which is equivalent to a negative impact on the GDP close to the 4.5 points.
Also the National Markets and Competition Commission (CNMV) in a 2015 report states that “it is estimated that, in the absence of competitive pressure in public contracting, average upward deviations of up to 25% of the contracting budgets can be caused. ”. And at this point, the director of the Agency pointed out that “the CNMV has just imposed a penalty of 300 million euros on the main Spanish construction companies for dividing up and agreeing on prices for 25 years”
“Ending corruption, or at least reducing it, would certainly not end all public debt, but it would reduce borrowing needs and improve the financial capacity of public coffers, helping to build trust in politics and its representatives. and thus strengthening the democratic system”, concluded Llinares.
You can access the entire intervention on the Corts Valencianes YouTube channel here:

Complaint boxes: What, Who, When, Where and Why

1. Anti-fraud complaint mailboxes: basic concepts

We are facing a new legal obligation. Directive 1937/2019 of the European Parliament and of the Council, of October 23, 2019, regarding the protection of people who report violations of Union Law, establishes the need to promote internal and external reporting channels: “ Member States shall promote communication through internal complaint channels before communication through external complaint channels.” (article 7.2). The rule establishes a preference for internal reporting channels over external ones, “Member States shall promote communication through internal reporting channels (…), provided that the infraction can be dealt with effectively internally and provided that the complainant consider that there is no risk of retaliation.” (article 7.2). This need to promote the implementation of internal complaint channels is complemented by the need to articulate the appropriate complaint and follow-up procedures, after consulting the social partners and in accordance with them when established by national law.

However, the complainant may go directly to the external channel if, after the internal complaint, the appropriate measures are not taken; if it is presumed that the complaint to his superiors will not produce effects; or when there is imminent or manifest danger to the public interest.
For its part, the Draft Law transposing Directive 2019/1937 (hereinafter, APL), refers to internal information systems, opting for this less forceful terminology, almost a euphemism, and providing that these internal information systems information are the preferential channel to report on the actions or omissions provided for in article 2, in short, on infringements of Union Law provided for in the Directive (article 4 APL). The administration or government body of each entity or body will be responsible for the implementation of the internal information system, after consultation with the legal representation of the workers (art. 5 APL). The management of internal information systems may be carried out within the entity itself or by going to an external third party. (art. 6 APL). In addition, all internal information channels will be integrated into the internal information system.

The Preliminary Draft also refers to the anonymization or confidentiality of the informant (understood as “complainant”). Thus, it establishes that the internal information channels must allow the presentation and subsequent processing of anonymous communications (art. 7.3 APL). For its part, the procedure for managing internal communications (understood as “complaints”) is the one established in art. 8 APL, to which we refer. In any case, it will be necessary to follow the evolution of the text already in the phases of the Bill, reports and processing in parliament.

What does seem clear is that the vast majority of public and private entities must have them: “Member States shall ensure that legal entities in the private and public sectors establish channels and procedures for internal reporting and follow-up (…)” (art. 8.1 Directive). According to the Directive itself, the establishment of a complaints channel or mailbox is mandatory for legal entities in the private sector with more than 50 workers. Member States may require it from entities with less than 50 workers, but this decision is left to national regulatory development. At the moment, the aforementioned draft law generally regulates the obligation only for private legal entities with 50 or more workers. The same does not happen in the public sector, where reporting channels will be mandatory. In this case, the Directive once again establishes the possibility for Member States to exempt municipalities with fewer than 10,000 inhabitants or with fewer than 50 workers, as well as other legal entities in the public sector with fewer than 50 workers. But here the preliminary bill does not exempt any public sector entity from the obligation, and given that the difficulties of small municipalities can be solved with the sharing of resources and, above all, with the action of support and assistance of Provincial Councils, Cabildos and Councils, it is more than likely that the obligation will remain.

 

2. The complaints mailbox of the Valencian Anti-Fraud Agency: a model to reproduce

How to articulate the aforementioned obligation to create and maintain a mailbox for complaints in our public sector entities? Our particular proposal is the model of the Valencian Antifraud Agency. Our complaints mailbox, in this case internal and, as an anti-fraud office, also external in the sense explained above, has been in operation since 2018. It is based on the Globaleaks platform and was originally adapted to the current technology and legislation by Xnet, this form could be used and replicated in different institutions and organizations in Spain quickly, agilely and without cost.

The tool can be downloaded from the website of its creator https://www.globaleaks.org/ where you can access its main features and which we would like to group into four groups:

1.At the user level: simple management from a web interface, translated into more than 60 languages, fully configurable and customizable with the corporate colors and logos of the different administrations. It also allows its adaptation to the casuistry of each project, allowing anonymous reporting, creation of advanced questionnaires, private conversations and exchange of information and statistical reports.

2.On a technical level: long-term maintenance guaranteed by the developer (LTS), fully autonomous application (no need for web servers or other applications), built using light navigation technologies, integrated backup system, configuration automated access through the TOR private network and prepared to be integrated with other web pages and intranets.

3.At a legal level: it complies with the standards of ISO 37002:2021 (Management systems for reporting irregularities) as well as with Community Directive 2019/1937 on the protection of whistleblowers of corruption. It complies with the European GDPR data protection regulation allowing data retention policies to be configured, in the same way it guarantees the custody of the complainant’s identity (if provided) by protecting access to complaints as well as by the absence of registration of the IP addresses of those who make these communications.

4.At the security level: it guarantees access through HTTPS protocols and the TOR network. It is continuously exposed to different pentesting tests to guarantee and improve its security. It allows access through double authentication factor, all the content provided is encrypted and only accessible to authorized recipients. It leaves no trace in the browser cache, has anti-spam mechanisms and offers support for the exchange of messages through PGP (Encryption and Signing of messages).

Lastly, at the level of specific support and maintenance, there are several public forums for the tool where it is possible to consult and propose new doubts that are usually resolved by the developers themselves. If more personalized support and direct attention is necessary, although it is not necessary, it is possible to contract a more specific maintenance with the developer, although with the information available and the existing user community, most doubts are resolved quickly. In the same way, product updates are constant and its distribution and application are free, which guarantees the integrity of the platform and its continuous improvement and adaptation to current technology and regulations.

In summary, we are faced with the solution that, in terms of functional and economic efficiency, will offer the best response to the obligations imposed by articles 7 and 10 of Directive 2019/1937 in terms of the obligation to have internal complaint channels and external. The tool is adaptable to both needs and complies with the technical and security measures that guarantee the protection of the complainant’s identity and access to the reported information only to those users who are authorized to do so.

Victor Almonacid Lamelas. Director of Prevention, Training and Documentation of the AVAF
Javier Alama Izquierdo. Head of the AVAF Information Systems Service

VAERSA ​​and the Valencian Anti-Fraud Agency sign a collaboration agreement to develop a framework of integrity and public ethics

Valencia, July 13, 2022.- The public company of the Generalitat Valenciana Valenciana D’Aprofitament Energètic de Residus, S.A. (VAERSA) and the Valencian Anti-Fraud Agency have signed a collaboration agreement for the implementation of fraud and corruption prevention activities and the promotion of ethics and public integrity.
The agreement is the first that the Agency signs with a public company and has been signed by the general director of VAERSA, Ferran Vicent García, and by the director of the Agency, Joan Llinares.
Among the actions contemplated by the agreement is that of complying with the requirements of the European Directive 2019/1937 regarding the protection of people who report violations of Union Law with the recognition by VAERSA ​​as an external channel of their complaints to the Agency’s Complaints Mailbox and adhere to it.

In order for the Agency’s Complaints Mailbox to act as an external channel for VAERSA ​​complaints, this entity undertakes to include in a visible place on its website, or any other support it deems appropriate, the link to the AVAF Complaints Mailbox along with clear and precise information about its function and purpose.