The sheer size of public procurement, representing approximately 12% of gross domestic product (GDP) in OECD countries, 14% in European Union economies and 6% in Malta (Government of Malta, 2021[1]), makes it a key economic activity and a crucial pillar of service delivery. Due to the volume of purchases, the complexity of the processes and the number of stakeholders involved, public procurement is a very high-risk area. Therefore, risks related to public procurement, regardless of their nature and origin, need to be identified and managed to minimise losses to the government and citizens (OECD-HAICOP, 2019[2]) (OECD, 2022[3]). In this context, risk management approaches refer to the identification and the systematic and positive assessment of threats and opportunities for the best use of resources. In addition, the COVID-19 pandemic highlighted the necessity to improve the identification and management of existing risks in public procurement systems and processes (OECD, 2021[4]). More countries have therefore been forced to rethink their procurement risk management strategies and put emergency measures in place (OECD, 2021[4]).

Risks affecting public procurement processes are multiple and can have concrete consequences on the quality and quantity of services provided by governments (OECD, 2022[3]). Public procurement is a cross sectoral and multi-disciplinary area, therefore subject to distinct categories of risks that are highlighted in the literature and exemplified in the MAPS methodology. Beyond risks of fraud and corruption, various dimensions of risks should be considered such as fiduciary, development and reputational risks (MAPS initiative, 2018[5]), a non-exhaustive list is provided in Figure 3.1. For standardisation purposes, these risks can be bundled into four categories:

As in any other open economy, these risks can also impact the public procurement system and activities in Malta. As public procurement is a key economic activity, some of these risks have been identified as the most problematic factors for doing business in Malta such as government bureaucracy, inadequate supply of infrastructure, access to financing, lack of capacity, poor work ethics and corruption, etc. (see Figure 3.2)

Regarding the lack of capacity, in the recent years, Malta faced many challenges such as labour shortages in the private sector (Malta Employers' Association, 2021[7]), but also in the public sector, regarding the public procurement field. Aware of this risk, the government launched several reforms in the public procurement area to address capability gaps in the public procurement workforce in Malta including initiatives on professionalisation, role clarity, training courses on the public procurement regulation, on the electronic procurement system, and on Green Public Procurement (OECD, 2019[8]).

Malta is also facing high risks of systemic corruption, including in the public procurement field. The country however developed regulations and policies to enhance accountability and transparency over the years and recently introduced a National Anti-Fraud and Corruption Strategy (Office of the Prime Minister Malta, 2021[9]). The National Audit Office has also become increasingly proactive. A number of high-level officials have been prosecuted for corruption offences, showing a willingness by the state to bring to account corrupt actors (Gehrke, 2020[10]). Nevertheless, challenges remain as Malta is ranked 52/180 in the corruption perception Index in 2020 (Transparency International, 2020[11]) with 28% of people who think corruption increased in the previous 12 months (Transparency International, 2021[12]). Among the business community, corruption is identified as the 7^th most problematic factors for doing business in Malta (see Figure 3.2.). With the large volumes at stake and the interaction between the private and public sector, public procurement is likely to be particularly at risk in Malta.

The growing awareness on environmental issues and economic wellbeing have increased the popular environment health concerns in Malta, including regarding ambient air quality, water quality, and sanitation (Ministry for the Environment, Climate Change and Planning, 2020[13]). The country has the second-worst air pollution in Europe and construction of building work is the leading contributor for poor air quality in the country (EARTH5R, 2020[14]) (European Environment Agency, 2015[15]). The environmental risks are likely to impact the way public procurement is conducted. In response to environmental risks, many initiatives have been developed such as the National Air Pollution Control Programme.

For a long time, the OECD recognises adequate risk management as a relevant feature of a well-functioning public procurement system and encourages countries to integrate risk management strategies into them (OECD, 2015[16]) (see Box 3.1).

Given the relevance of risk management in public procurement, some countries have developed a dedicated strategy for assessing, preventing and mitigating public procurement risks, although the uptake is still below expectations. In 2018, only 52% of OECD countries, developed a strategy for assessment prevention and mitigation of public procurement risks (see Figure 3.3. ).

Malta has not yet developed a risk management strategy in public procurement, neither at a national scale nor through a sectoral approach. However, the DoC is highly committed to advancing the development of a risk management approach and strategy in public procurement. To this purpose, Malta should adopt a more comprehensive approach towards risk by developing a national public procurement risk management strategy covering all public entities. The development of such strategy requires taking into account the different parameters described in Figure 3.4.

In Malta, very limited initiatives have been taken to promote risk management in public procurement. Effective risk management frameworks and activities are nonetheless a crucial part of the response against the numerous risks threatening the well-functioning of public procurement processes.

The good management of public procurement risks needs to be grounded into a sound institutional framework with strong control mechanisms. Furthermore, appropriate external oversight and control mechanisms, opportunities for challenges and complaints from citizens and businesses can also help gaining and maintaining public trust in institutions and ensuring a good management of public funds (OECD, 2019[18]). Controls are usually either internal or external and can support risk identification and the implementation of mitigation measures (OCDE, 2019[19]).

An internal control system refers to the policies and processes that enable an organisation to identify and adequately respond to internal or external risks and ensure an efficient and proper use of public resources (OECD, 2019[20]). Internal control measures ensure the efficient fulfilment of a public procurement cycle while safeguarding integrity (OECD, 2016[21]). In Malta, depending on the categories of public entities (Schedule 2, 3 and 16), several entities or bodies are part of the internal control measures system and contribute to identify and mitigate public procurement risks. Among them: the three DoC directorates (Procurement Policy and Quality Assurance Directorate – PPQAD, Operations Directorate – OD, and the Sectoral Procurement Directorate – SPD), and different committees, namely the Tender Evaluation Committee (TEC), the Departmental Contracts Committee (DCC), the General Contracts Committee (GCC), and the green public procurement – GPP focal points (see Table 3.1. ). In addition, some specific measures have been implemented namely to reduce risks related to the capabilities of the procurement workforce such as developing standard templates and promoting dedicated capacity building activities (see Chapter 5). As mentioned in section 2.2, some control measures such as the vetting of procurement document and BPQR are considered cumbersome by the interviewed contracting authorities. Malta should evaluate the efficiency of the different control measures in place and provide additional measures when necessary based on the identification of risks impacting the public procurement system.

In addition to internal control, external controls are essential to ensure an efficient and effective management of public resources. In Malta, different bodies oversee external audit such as the National Audit Office (NAO) and the Internal Audit and Investigation Division (IAID) and can play a key role in risk identification. For instance, in its 2020 report, the NAO identifies several public procurement risks including those related to the lack of planning, non-compliance with the PPR, excessive use of direct orders, lack of market research, procurements carried out without approval from the DoC (NAO, 2020[22]). In addition, for the use of European funds, other stakeholders are performing control on public finance management and public procurement activities: the Planning and Priorities Coordination Division (PPCD) and the Funds and Programme Division (FPD) (Government of Malta, n.d.[23]) (Government of Malta, n.d.[24]). In addition, the Compliance & Monitoring Unit (DoC) investigated alleged irregularities in public procurement procedures and collects information, analyses findings and disseminates submitted feedback.

As described in section 1.1.3, the coordination between the DoC and other key stakeholders in public procurement is relatively limited which can hamper the efficiency of the control system and does not favour the development of a risk management framework. All stakeholders involved in the control and oversight of public procurement activities should contribute to the development of a risk management framework and tools, and to the development of adequate mitigation measures.

While the development of risk strategies could foresee the development of risk management tools, it is possible to develop risk management tools independently from a related strategy. Although most OECD countries adopted a risk management strategy in public procurement, only a few have developed tools to assess public procurement risks. As illustrated in Figure 3.5. , out of 29 countries surveyed in 2018, only 9 had developed risk databases, 7 had a risk assessment methodology, 5 had a risk register and 4 had risk assessment results (OECD, 2021[4]).

While a formal risk management strategy has not been developed yet in Malta, a few tools have been developed by different entities to reduce public procurement risks. For instance, the SPD provided a checklist for contracting authorities to be used before submitting a procurement procedure for vetting as a mitigation measure for internal and external checks. One of the SPD units (former MPU) developed a risk register covering the whole public procurement cycle which is considered as a good practice. For each public procurement stage, the register highlights the risks likely to occur, the potential consequences and the mitigation actions to implement. Table 3.2 provides an example of procurement risks at the needs identification and planning phase. Many risks identified in this register are consistent with the risks encountered by the majority of surveyed contracting authorities (see section 3.2.2). However, according to the OECD survey, this good practice has not been replicated in other SPD units, in other directorates in DoC or in other contracting authorities. Despite the limited number of initiatives related to risk management in public procurement in Malta, the willingness of DoC to embark on a risk-based approach and the few existing tools tackling risks (such as the risk management register) are very promising and encouraging signals for the elaboration of a formal risk management strategy and tools. In this context, the DoC should lead the development of risk management tools to be used by all public entities. When contracting authorities use risk management tools developed by DoC and report their results (risk identification, risk registers etc.), it will enable the DoC to centralise the information on potential risks and lead to an update of a general risk register to be spread and used across all contracting authorities. In addition, to formalising a risk management approach, it will contribute to reinforce the capacity of contracting authorities on risk management which should result in better management of public funds.

At a contracting authority level, and as described in Figure 3.6, risk management in public procurement activities has not been deeply rooted yet in Malta. Most surveyed contracting authorities (57%) do not undertake any risk management activities. Some contracting authorities are familiar with risk management in other areas than public procurement (e.g. IT system, fire engineering, financial services). Among all surveyed contracting authorities, only 7% undertake risk management activities in their public procurement processes. For instance, the Ministry of Gozo- MGOZ is using the risk register developed by the former SPU unit (MPU of MGOZ). The Malta Information Technology Agency (MITA), which is the central purchasing body of Malta for procurement related to Information and Communications Technology (ICT), is also maintaining a risk register. This tool is key for MITA as the agency that not only manages its own procurements and the related risks, but also centralises other contracting authorities’ procurements needs in the ICT field. In practice, the scarcity of risk management activities and tools supports the need for DoC to develop risk management tools.

In addition, in some cases (21%), risk management actions in public procurement are set up by contracting authorities without being formalised, communicated or documented, which hampers informed and adequate decision-making. Formalisation of risk management activities is essential to anchor the practice of risk management in contracting authorities’ culture. The tools that will be developed by the DoC could support these entities in formalising the risk management approach to enhance the management of public funds.

An efficient risk management framework in public procurement relies on a thorough risk identification and involves various relevant stakeholders including the public procurement authority, contracting authorities, oversight bodies (see section 3.1.3), and the private sector. The risks that could affect the proper functioning of the public procurement system are present throughout the procurement cycle. Responses collected from a sample of contracting authorities in Malta provided some useful insights on the main risks impacting different procurement stages (see Figure 3.7. ). For instance, the main risks affecting the public procurement processes in the pre-tendering phase are related to inadequate specifications and lack of planning. At the tendering phase, respondents highlighted the length of processes as the main risk. The contract management stage is strongly exposed to the workforce lack of capacity (according to 58% of respondents). The DoC could strongly benefit form involving contracting authorities in risk identification when developing risk management tools.

Many risks identified by contracting authorities in the OECD survey are consistent with challenges and risks faced and highlighted by the private sector in Malta. For instance, the development of narrow, biased, or inadequate tender specifications has been identified as the main risk threatening public procurement processes by 75% of responding contracting authorities. This result is consistent with the Malta Chamber of Commerce report and survey on challenges faced by economic operators in public procurement. Indeed, 55% of economic operators surveyed by the Malta Chamber of Commerce responded that tender specifications were drafted in such a way that competition was artificially narrowed (The Malta Chamber, 2021[25]). Risks related to the development of specifications may have different causes including the poor needs and market analysis (see section 2.1.2). Other risks, associated with distinct stages of the procurement cycle, such as the inappropriate estimation of the contract value or the length of the evaluation process, have also been identified by the Malta Chamber of Commerce (The Malta Chamber, 2021[25]). Given their experience in i) responding to public procurement opportunities initiated by contracting authorities and ii) performing public contracts, Malta should therefore consider involving suppliers and business associations in the discussion, exchange and sharing of experiences related to establishing and improving the management of public procurement risks in the country.

[14] EARTH5R (2020), “Malta Sustainability Problems and Circular Economy Solutions”, https://earth5r.org/malta-circular-economy/.

[15] European Environment Agency (2015), “Main themes and sectors addressed in the national State of Environment report”, https://www.eea.europa.eu/soer/2015/countries/malta.

[1] Government of Malta (2021), Second Green Public Procurement Action Plan 2022-2027, https://environment.gov.mt/en/decc/Pages/environment/gpp/secondNap.aspx.

[24] Government of Malta (n.d.), Funds and Programmes Division, https://eufunds.gov.mt/en/EU%20Funds%20Programmes/Funds%20and%20Programmes%20Division/Pages/Funds-and-Programme-Division.aspx.

[23] Government of Malta (n.d.), Managing Authority The Planning and Priorities Co-ordination Division, https://eufunds.gov.mt/en/Operational%20Programmes/Managing%20Authority/Pages/Managing-Authority.aspx.

[7] Malta Employers’ Association (2021), Addressing a Chronic Shortage of Employees, https://www.maltaemployers.com/wp-content/uploads/Position-Paper-Shortage-of-employees-Aug-2021.pdf.

[5] MAPS initiative (2018), MAPS Methodology, https://www.mapsinitiative.org/methodology/MAPS-Methodology-ENG.pdf (accessed on 21 September 2021).

[13] Ministry for the Environment, Climate Change and Planning (2020), Recognizing Malta’s Envrionmental Challenges, https://era.org.mt/wp-content/uploads/2020/07/Recognising-Maltas-Env-Challenges.pdf.

[22] NAO (2020), Annual Audit Report by the Auditor General Public Accounts, https://nao.gov.mt/en/recent-publications.

[19] OCDE (2019), Revue du système de passation des marchés publics en Algérie: Vers un système efficient, ouvert et inclusif, Examens de l’OCDE sur la gouvernance publique, Éditions OCDE, Paris, https://doi.org/10.1787/49802cd0-fr.

[3] OECD (2022), “Public procurement in Lebanon: Towards a risk management approach”, OECD Public Governance Policy Papers, No. 16, OECD Publishing, Paris, https://doi.org/10.1787/b4285df1-en.

[4] OECD (2021), Government at a Glance 2021, OECD Publishing, Paris, https://doi.org/10.1787/1c258f55-en.

[18] OECD (2019), Enhancing the Use of Competitive Tendering in Costa Rica’s Public Procurement System, https://www.oecd.org/costarica/costa-rica-public-procurement-system.pdf.

[17] OECD (2019), Government at a Glance 2019, OECD Publishing, Paris, https://doi.org/10.1787/8ccf5c38-en.

[8] OECD (2019), Public procurement in Malta Re-engineering the Department of contracts, https://www.oecd.org/governance/public-procurement/publications/public-procurement-in-malta.pdf.

[20] OECD (2019), Reforming ISSSTESON’s Public Procurement for Sustainability, OECD Public Governance Reviews, OECD Publishing, Paris, https://doi.org/10.1787/a6ee30a8-en.

[21] OECD (2016), Preventing Corruption in Public Procurement, https://www.oecd.org/gov/ethics/Corruption-Public-Procurement-Brochure.pdf.

[16] OECD (2015), OECD Recommendation of the Council on Public Procurement, https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0411.

[2] OECD-HAICOP (2019), Stratégie de Management des Risques dans les Marchés Publics en Tunisie, https://www.oecd.org/gov/public-procurement/publications/strat%C3%A9gie-management-des-risques-march%C3%A9s-publics-tunisie.pdf (accessed on 11 June 2019).

[9] Office of the Prime Minister Malta (2021), National Anti-Fraud and Corruption Strategy, https://parlament.mt/media/112436/national-anti-fraud-and-corruption-strategy_en.pdf.

[10] Politico (ed.) (2020), Ex-chief of staff to former Maltese PM arrested in corruption probe, https://www.politico.eu/article/malta-keith-schembri-arrested-panama-papers-scandal-daphne-caruana-galizia-murder/.

[25] The Malta Chamber (2021), Report on Public Procurement Reform, https://www.maltachamber.org.mt/loadfile/c51f072e-897a-485f-9a7f-0248fbb887d5.

[12] Transparency International (2021), Global Corruption Barometer citizens’ views and experiences of corruption, https://images.transparencycdn.org/images/TI_GCB_EU_2021_web_2021-06-14-151758.pdf.

[11] Transparency International (2020), Corruption Perceptions Index, https://www.transparency.org/en/cpi/2020/index/mlt.

[6] World Economic Forum (2017-2018), Global Competitiveness Index 2017-2018, http://reports.weforum.org/global-competitiveness-index-2017-2018/countryeconomy-profiles/#economy=MLT.