Practice category: Red flags
Contact: Danish Business Authority
Email: erst@ erst.dk
Fraud risk(s) countered:
- Double funding
- Conflict in interest
- Manipulation of project costs
Context and objective(s)
The Danish Business Authority, the Managing Authority (MA) responsible for the European Regional Development Fund (ERDF) and the European Social Fund (ESF) OPs during the 2014-2020 programming period integrates red flags into their management verification checklists.
The Danish Business Authority developed the Project Reporting Tool (PRV) for project beneficiaries for reporting purposes. The PRV tool allows beneficiaries to report back to the Danish Business Authority on the status of the project, submit expense claims, timesheets and project deliverables. The data collected by the PRV represents a detailed database with the information on the beneficiaries, detailed description of all the works and services and related submitted invoices. In 2017 the Danish Business Authority started to use the information from the PRV database to track the invoices of beneficiaries and put in place a system of red flags. The goal of such a system was to improve the efficiency of verification of the invoices and other submitted documents by the beneficiaries, and to identify irregularities and potentially fraudulent activities before the payment is done.
Description of the practice
The red flags are set up to verify the invoices and expenditures that the beneficiaries submit to the PRV system. From the PRV system the data can be exported by the employees of the Danish Business Authority to the separate excel file. Currently, the Danish Business Authority categorise all beneficiary’s information into four excel databases:
For each of the databases, the information is extracted directly from the PRV. This information includes, among others:
Based on the standard information regularly collected by the beneficiaries (at least twice per year), the Danish Business Authority has developed a set of red flags to verify and analyse the invoice claims. Identification of risky areas is based not only on the knowledge and experience of MA staff, but also on previously detected irregularities and fraudulent activities. It is also reinforced by the knowledge exchange with other MAs through the Danish AFCOS network of national bodies.
The indicators for the red flags (e.g. company ownership relationships, number of beneficiaries, share of the wages in the total invoice) are analysed afterwards and the threshold for raising a red flag is defined. Based on the defined thresholds, the red flags are programmed into the excel spreadsheets for an automatic check.
To verify the company relationship between the beneficiaries and /or subcontractors, the Danish Business Authority runs the company claims against the national company register. If the results of the check trigger a red flag, it is highlighted in the relevant excel spreadsheet.
When red flags are found as the result of the check, the following actions are taken:
The experience with the implementation of the red flags by the Danish Business Authority identified some unique features of this system:
- Compared to the previous system, the current system better analyses the claim of the beneficiaries in a consistent and coherent way. The PRV system foresees the collection of information in the same format and same level of detail across projects. Therefore, the data extracted from the PRV for the red flags analysis comes in a standardised form that eases the assessment.
- Automatic extraction and analysis of data ensured that no risky area is overseen and that all beneficiaries and projects are assessed with the same level of scrutiny.
- The red flags system is dynamic and flexible, and the Authority changes and modified red flags in line with the identified risks, irregularities and fraudulent activities.
Outcomes and results
The Danish Business Authority believes that the red flag system fosters a strong ethical culture and a zero
tolerance approach to fraud. The system allows authorities to regularly exchange information on suspicion of fraud, identified potential fraud patterns and good practices in fighting fraud and corruption. In addition, the flexible nature of the system creates the need for periodic fora and workshops where authorities discuss the developments and behavioural changes of selected companies, thus reinforcing the cooperation and capacity building opportunities among authorities.
After three years of using reg flag checks the Authority has detected many irregularities, however most of them were related to technical errors and had no fraudulent nature. Nevertheless, a few cases of fraudulent activities were identified and transferred to the investigation services.
Key success factors
One of the key success factors for implementation of this initiative was the availability of a digital system for the project reporting (PRV). Having such a system in place allows Authority to systematically collect data I the uniform and comparable format for all the projects that improves the efficiency and reliability of the red flag check.
Second key success factor is that the beneficiaries used the Project Reporting System in the correct way . Generally, Denmark has a good business-compliance culture, that allowed the Danish Business Authority to be able to create a new system for data collection and to obtain this data from the companies in the agreed form.
Challenges encountered & lessons learned
Several lessons learnt can be drawn from the experience:
- The PRV system is a necessary element for the efficiency of the red flag system (see above). However, setting up of such a system is a lengthy and costly process. For the Danish Business Authority, the development of the PRV system took about five years.
- The red flag indicators should be periodically revised and updated, reflecting new trends, exchange with other authorities and identified irregularities and fraudulent activities
- Once the PRV system is in place, the Authority should develop detailed guidelines and manuals for the beneficiaries on how to use it. A case in point: the Danish Business Authority produced a series of downloadable PDF guidelines as well as several YouTube videos to lead beneficiaries through the system. This is crucial to ensure a high quality of input data and a low amount of false red flags.
Potential for the transferability
The red flag system used by the Danish Business Authority gathers all data reported by beneficiaries and analyses it on the basis of different risk assessments. The Danish Business Authority currently has different red flags, but they are flexible and adjustable to new experiences and challenges.
For example, the MA in Denmark has experienced some problems, where the rules for procurement haven’t been followed and affiliated parties have bought services from each other. In response, the Danish Business Authority created a red flag based on buyer CVR (entity number/VAT number) and seller CVR number. The Authority runs all the reported expenses against the CVR database. If there are any affiliated parties that have purchased from each other, the expense gets flagged and the case worker must investigate.
Overall, in order to ensure the successful transfer of this practice, it is crucial to have an automated platform in place to collect beneficiaries’ information and to have a strong compliance discipline among the beneficiaries on the format and frequency of reporting.