The EU's public procurement inception error

Thresholds. I have written a couple of times (here and here) about how the EU financial thresholds make no sense in this day and age.  Long story short, they were created in the 70s and 80s and have largely remained unchanged once EEC/European Union joined the GPA. There is no specific reason why they their value is what it is. They just are. They just exist. 

Actually, that is not true. There is an obvious reason why they exist and why the values are so high: protectionism (and politics). This is why the original works threshold 1,000,000 units of account (then ECU, then euro) threshold was transformed into 5,000,000 just before works were added to the EEC's commitments to the GPA in 1980s. 

Public procurement in the EU suffers from this incepion error to this date and in consequence we end up paying the price of a dual system that simply makes no sense. Above thresholds, we 'assume' (but never question) they are of interest for the internal market and apply the EU Directives with all the trimings. Below them, we use instead Schrodinger's 'certain cross-border' interest cat that was concocted by multiple decisions from the CJEU from Telaustria to Commune di Ancona. Depending on who turns up to a procedure (or should have) then the procedure is either subject to EU principles or not. Does it make sense to define the rules applicable to the procedure ex post facto? I think not, but then Mercury is sometimes in retrograde as well.

Over the years I have described this madness with an analogy with free movement of workers. Let's assume that when free movement is included in the Treaty, it is presumed only jobs with a €40,000/year salary are relevant for the internal market and subject to EU rules. For those lower salaries, only those with 'certain cross-border interest' would trigger the application of EU principles (and no pesky secondary legislation). What would have happened to freedom of movement? How would it have developed? Would the EU27 be united behind it in the Brexit negotiations for example?

Juncker's state of the union speech yesterday provided me with another, more modern, analogy. The Commission is considering (correctly) that non-personal data should flow freely between Member States and should not be used as a trade barrier between them. Now, if financial thresholds are such a great idea and if it is indeed necessary to make a judgment call today of what will be or not be of relevance for the internal market in a burgeoining area should we not use them? So, why are we not deploying them in the digital sectors?

Because they make no sense. Just as they do not in procurement. But at least this time around there is no inception error in the definition of internal market to regret later on.

Buying local does not work

For once, it is not me saying it but  Dixon, Rimmer and Waschik in their "Evaluating the effects of local content measures in a CGE model: Eliminating the US Buy America(n) programs" paper:

 "Like many countries, the U.S. implements local content policies. Through these policies, the U.S. government attempts to stimulate employment, especially in the manufacturing sector, by favoring U.S. contractors for public sector projects (Buy American regulations) and by insisting that these contractors themselves favor domestic suppliers of inputs such as steel (Buy America regulations). We refer to these policies collectively as Buy America(n). Enforcement of the policies is via complex legalistic processes and often contractors to the U.S. government adopt a cautious approach by favoring U.S. suppliers even when this may not be strictly legally required. In these circumstances, it is not possible to provide a definitive model-based quantification of the effects of Buy America(n). Nevertheless, as demonstrated in this paper, a detailed CGE analysis can give valuable guidance concerning the efficacy of these policies. In an illustrative simulation we find that scrapping Buy-America(n) would reduce U.S. employment in manufacturing but boost employment in the rest of the economy with a net gain of about 300 thousand jobs. Even in the manufacturing sector, there would be many winning industries including those producing machinery and other high-tech products. Employment would increase in 50 out of 51 states and 430 out of 436 congressional districts." 


I particularly like the final sentence. 

Commission publishes Art. 50 position paper on public procurement

The European Commission has just published its position paper regarding public procurement within the context of the Brexit negotiations. Here are the main take aways:

1. Current rules are to be followed until Brexit happens and procedures/framework agreements being conducted at that moment subject to the same rules as before.

2. Review of procedures and legal remedies should continue to apply after Brexit but only for those procedures initiated before it.

The Commission has defined what it considers to be a 'ongoing public procurement procedure' and clarified that one is "launched" if the call for competition has been transmitted to the Publications Office of the European Union.

One final note about e-Certis: contracting authorities in the UK will maintain access to e-Certis after withdrawal but only for the procurement procedures "live" at the moment of withdrawal. No word about future integration/access to ESPD though.

Maybe a transitional agreement would be of help?!

Portugal (finally) publishes its transposition of the Procurement Directives

Portugal has just transposed the Procurement Directives (well, new law is not in force yet). The full blown 476 article law (Decree-Law 111-B/2017) revising the Public Contracts Code is available here in Portuguese only.

Needless to say it goes well beyond the requirements for transposition, maintaining instead the model of a single codex unifying all substantive legislation related to public procurement.

A short summary in English is available here

I'm putting the finishing touches on a paper about part of the Code which will be uploaded to the usual place as soon as possible. 



Three days on, I'm still unable to say much about what happened in Barcelona. But I can talk about our enduring special relationship. The city where I got married remains my mistress. The city where I lived a challenging year a decade ago, but to which I return to frequently. Even more so than to Lisbon. The city where I spent most of my parental leave but treated me as a 'guiri' for the first time - having made me feel a foreigner a few times before. The city whose company I missed early last week and said we should visit again soon. Maybe after Christmas.     


Sweden leaks secret intranet and databases to Russia

This is about a week old, but a pretty big deal. What a monumental screw up:

The Swedish administration is leaking its secret intranet and databases to Russia, via its Transport Agency, via the IBM cloud, via IBM’s subcontractor NCR (formerly AT&T) in Serbia, which is a close Russian military ally. Giving staff in Serbia administrative access to these networks practically guarantees that Russia also has access to the network. The European Union’s secure STESTA network is also connected to the leaked intranet. But this is not about geopolitics and who’s allied with whom, but about how an administration tries to quiet down and gloss over an apocalyptically stupid and monstrously damaging data leak.

That the procurement procedure did not take into account how to handle classified data (let alone the bog standard data protection rules) is beyond comprehension. Well, not really: it is another piece of evidence that even supposedly capable procurement bodies do not understand technology or the implications arising from their choices. Let alone how to deal with the risks arising from the contract.

European Commission fines Google €2.4B but that is just the start of the story

The European Commission has just fined Google for abuse of dominant position for giving an illegal advantage to its own comparison shopping service on search results. The fine is big €2.4B but it is simply the beginning of a long story instead of the closure of another.

The decision also requires Google to cease its infringing practice within 90 days, leaving squarely on the company's shoulders the explanations of how it intends to comply with the order. As the Commission did not mandate any specific remedies, this is due to become particularly problematic. 

It is likely Google will appeal the fine and drag its feet on changing the way it operates for two reasons. First, there is no incentive to do so otherwise - paying the fine and changing practice would be an admission of wrongdoing and no manager wants to have a €2.4B hole on its finances to explain. So we can expect Google to drag this through the courts. Second, the process takes so long that the real final decision (assuming it maintains the current one) may well be 10+ years away from now. What will be the purpose of changing search results then? And inflation will eat into that €2.4B fine. Plus, from the perspective of Google's executives a protracted court battle means that it is likely that when closure happens they will all be long gone.

As I argued last year in this blog, current abuse of dominant position rules are not the correct deterrent to solve this issue as they are too slow to be useful. In a world where technology waves become shorter and shorter, speed is of the essence also for competition enforcement. I called at the time for abuse of dominant position enforcement to either be sped up or in alternative dropped all together. I maintain most of that view and would suggest looking into merger control rules as an alternative.

In any event, today's decision is simply the start of a long drawn out process.

Information security needs to be taken seriously in public procurement

Good article on the Local Government Lawyer about information security:

Information security encompasses the strategies for managing the processes, tools and policies to prevent, identify, document, and counter threats to both digital and non-digital information. Procurement practitioners must be aware of the potential risks of information breaches in their day-to-day business. The nature of public procurement demands that measures to protect information security are an integral part of the process throughout the cycle of the procurement, including at the point of service delivery. The handling of sensitive information and the sharing of information with suppliers makes the topic a key concern for procurement officials. Information at risk includes:

bid information;
financial information;
organisation information, such as intellectual property; and
service user information.

That is all true, but the problem of information security/management is not valid for the duration of the procurement procedure only. It is valid for contract performance as well, something that as we saw a few weeks ago with the NHS ransomware attack is not really taken into account today.

Not all contracts are showing up on ContractsFinder

Last week Ian Makgill from OpenOpps and SpendNetwork published this stat:

Having compared all of the opportunities that we’ve gathered over the past two years, with all of the opportunities on Contracts Finder, we found nearly 100,000 tenders that never made it to Contracts Finder, that’s 73% of all the tenders published in England.1 This is despite the recommendations in Lord Young’s 2015 report that all opportunities above certain thresholds should be published to Contracts Finder.

It's a big number, but one we should not be surprised to see. First, according Regulation 109 PCR2015 below the EU financial thresholds the obligation covers Central Government (from £10,000 upwards), NHS and sub-central contracting authorities (from £25,000 upwards) but not those from authorities based in Scotland, Wales or Northern Ireland.

Nonetheless this is another example of poor legislative drafting, one that does not take into account neither incentives nor the usual way contracting authorities operate. Assuming the legislative change was introduced because not enough contracts were being advertised, the status quo ante is contracting authorities do not see an advantage in advertising. As such, specific incentives need to be provided to get contracting authorities to change their practice.

Those incentives tend to be of the "stick" kind, ie negative consequences for non-compliance. But in a country with limited use of judicial review mechanisms and where secrecy of contracts awarded is the norm and not the exception the risks of being found out are quite limited. I am not arguing for the courts to be stuck with low value procurement challenges (ahem, I'm looking at you Portugal) but without clear consequences and enforcement mechanisms practice will not change.

This is, after all, the country where it is apparently acceptable for a contracting authority in large scale projects to take shortcuts with its record keeping, so who cares with what is happening in low value contracts?

Some further thoughts on the European Single Procurement Document

A couple of days ago, Timo Rantanen posted on Facebook the following comments about the ESPD (reprinted with his permission). I will provide my own responses inline, and expand a little bit on some of the ideas included in my recent paper about the ESPD.

"- not all countries and CAs have required the attestations from EOs when submitting the tender when 2004 Direcrive was in power. At least in Nordic countries it was already common to require self-declarations from EO at the time of submitting the tender. Most of these were not standardised like ESPD is - so the EO had to fill in different styles of self-declarations for each procedure and CA. However, these were MUCH easier and shorter for EOs to reply."

Agreed, that was the case as well in Portugal (and in the small number of pilots I ran here in the UK). However, the problem with that approach from a systems perspective is that "national islands" are created ending up making life more difficult for economic operators wanting to bid for cross-border contracts. The ESPD trades flexibility (to be shorter and easier) for a standardised approach in all Member States. The same way the container traded flexibility for standardisation of cargo.

"ESPD on lots: planned new 2.0.0 version includes 'improved handling of lots (See: However, to me this is far too complicated for EOs and I hope it would vanish from the final version. If the CA uses lots it can do separate XML files for each lot if and when the selection criteria vary (the exclusion criteria are in most cases always the same). Hence, EO would only need to read in and fill in XML files for those lots that it bids for. Personally, I think this importing and exporting of XML files is a crappy solution. We can no much better (and at least we have in 🇫🇮) by doing our own national solution inside our eTendering platform that still complies with the Commission Data Model."

I don't know enough about the technology implications (hey, I could not code an "Hello World!" if my life depended on it!) but if I read correctly, there is still room for improvement both on the standard and even on national implementations if the standard does not offer the granularity required.

"A philosophical thought: in eTendering and when making the invitation to tender as structured data (I wish everyone would get rid of those darn PDFs) it is very easy to make each lot a separate call for tender. Why do we need this lot thing anymore? I think the main reason for using lots was the CAs laziness in paper world to provide separate piles of paper for each call for tender. But in electronic form is just copy-paste and changing information in the few places where it varies between lots. Or actually this can and should be done even without copy-paste as one call for tender can act as master to all others."

That's a very good point and drives home the message that lots are in reality no more than smaller contracts which could be disaggregated if it wasn't for the current "bundle up everything up as much as possible" mantra. What you have highlighted here is a permanence of the previous paradigm irrespective of the technological change that was introduced. We used PDFs and not structured data because doing it in plain text is what we have been doing so far in paper. Even the PDF is a representation of the paper we used before!

Remember when in the 90s the internet was referred to "cyberspace" (still is in the criminal area...) and we would "surf" the internet as one surfs the waves? Those metaphors are quite useful of describing the new world for a transition period from technology A to technology B. It can be quick or slow. For example, we still refer to car power in "horsepower," but at least that metric is not present in electric cars!

"- ESPD and other entities: (relied or not relied on): when discussing the version 2.0.0 it was decided to use term 'entity' in meaning of both relied on other companies and those that are not relied on. So the version 2.0.0 no longer uses term subcontractor but talks about entities relied on and entities not relied on. Tricky!"

Well, if that is the case then we are bound for some confusion down the line. Any idea on the rationale to use the same term to describe two very clearly distinct underlying concepts?

"- Commission ESPD Service: I would like to see the Commission ESPD Service to be shut down soonest possible. It contains too many errors, particularly translation errors, that using it may causes also legal problems if a country has not transposed the Directives 'as is' but has done some 'gold plating'. The Commission should maintain the ESPD data model and require the Member States to comply with it in their national solutions (build inside eTendering solutions). Further, the ESPD Service is written in 'the Commission English' or 'the Commission Portuguese" that is very alien to sales reps in companies - especially SMEs. Can you imagine them understanding what 'entity relied upon' means! Also, the Commission has indicated that it would like to shut down the ESPD Service in 2019 by which time all countries and suppliers of eTendering solutions should have implemented their own ESPDs. At the moment I do not see this happening and the big MS have done little to implement national ESPDs that would comply with the commission data model."

Whether we like it or not, the Commission ESPD service is fundamental at this time since the Commission guessed (correctly) that Member States would not do their home work in time for the transposition of the Directives even if they made use of the extension for electronic procurement until 2018. Upon reflection, I think you are right however that by making the service available for longer than needed will reduce the incentive for Member States to actually implement the ESPD on their national systems. After all, why spending money if the canonical version is available for free?

An alternative would be instead to keep it going for the foreseeable future, keeping it sync with updates to the underlying data model and working out its kinks. You correctly highlighted one: language. The more inaccessible language is, the more SMEs will be turned off from participating in public procurement. This is an area of interest to me and one I hope to work in the future. Had not considered to do so within the context of an ESPD, but perhaps that would be an interesting angle.

"- Costs related to ESPD: while it is true and I do agree and support reducing transactions costs related to bidding, everything that is 'won' by introducing ESPD is lost with the need for awarded supplier to present the except of criminal records. This is an arising issue at last in the Nordic countries. Let me give a real life example: the Directive requires the self-declaration to be replaced by official documents - in this case excerpt of criminal records. With the 2004 Directive we only requested these documents If we had a hunch that something fishy is taking place (as professional buyers we are pretty good 😊 in detecting this kind of foul play. Often we can smell it when opening the bids). Now we need to get this damned criminal records excerpt from numerous persons and we have no idea who should present us their records. We had a case that included awarded suppliers for Finland, Denmark and the UK. We searched far and wide (eCertis was of little help) what we should request from the supplier and its relied on partners. Finland was easy for us, somehow also Denmark but the UK proved difficult as we found out that there was no criminal records database and self- declaration (that we already had in ESPD) would be the only thing we'd get from the 🇬🇧. Now, this puts suppliers in unequal ground: Finnish supplier needed to present us some 20 excerpts of criminal records each costing 12 € + the company criminal record costing 22€. I do not know what the Danish costs were but the UK relied on company only needed to provide us one piece of paper stating the all persons (see the exact wording for the Directive) involved do not have entries in criminal records. In an other case we had a FA where we needed to see some 200+ persons criminal records. It took nearly two months to get these as some people were away and could not request their except online. In many countries there are serious data protection and privacy issues with the criminal records."

Let's unpack this: self-declaration is different from providing documentary evidence afterwards. By internalising the cost in the contracting authority it forces the contracting authority to consider which information to request and also from which economic operators. If you use the open procedure, there is no obligation for you to check the information of all economic operators and you can simply check the information of the winner. Therefore you will be simply incurring in the transaction cost for one economic operator instead of all of them. Why do you need to check that information from everyone? What is the added value?

The inequality you mention was already present in some Member States that required criminal records. Portugal and Spain would traditionally ask for those certificates in each tender although Portugal switched to self-declaration with information checking of the winner only in 2009. By asking for evidence only from the winner you are negating that unequal treatment: costs of certificates are different in all Member States the same way corporate tax rates or minimum wages are (and we don't consider those as being a source of unequal treatment).

It is true that the final bit of Article 57(1) is too broad by demanding checking the information from administrative(?), management, supervisory bodies or those individuals with powers of representation, decision or control. It would be preferable to have restricted that to management and those with powers of representation, decision or control relevant for that contract. That is not the case and so, another reason to simply ask those certificates from the winners. Having said that, I would argue that on a de minimis principle,  there is reason to interpret the requirement as for those involved in the tender at least for those with powers of representation, decision or control.

As for who is going to be more affected by this measure: clearly bigger economic operators with complex governance structures will face higher costs. They will also adapt more quickly to those requirements. SMEs will have more difficulty if those requirements were not already common in the country and yet again that is a reason to interpret the requirements in the lightest way possible.

One final word for eCertis: yes it is not useful today because there is no information in there - a classical chicken and egg situation. eCertis is subject to Metcalfe's law, as its usefulness grows proportionally to the square of the nodes (data sources in this case) present. It can be useful in the future if everyone pulls their weight instead of waiting for the others to do their bit.

Fully funded PhD opportunity in public procurement

My good friend Martin Trybus from the University of Birmingham is looking for a Ph.D candidate for his EU-funded Horizon 2020 Marie Skłodowska-Curie Actions Innovative Training Network (ITN) on transatlantic trade and investment. Here's the low down:

"The ESR will work within Birmingham Law School and enrol for a 3-year PhD programme under the supervision of Professor Martin Trybus. The research project has the provisional title “Towards a Transatlantic Public Procurement Market” (details to be agreed between ESR and supervisor).

The objective of the ITN is to foster interdisciplinary research into transatlantic trade and investment. The network will have 15 ESRs at 11 different partners across Europe. The ESR will benefit from a wide-ranging training programme consisting of Advanced Training Courses and topical conferences organised by ITN partners across Europe. The ESR will contribute to ambitious and carefully planned research, outreach, impact and dissemination activities benefiting from the expertise of world-leading senior academics. Planned secondments (to be confirmed) include the University of Turin (work with co-supervisor Professor Roberto Caranta), George Washington University in Washington DC, the International Training Centre of the International Labour Organisation in Turin, Baker McKenzie in Berlin, and CEPS in Brussels."

This is a great opportunity for those of you wanting to do a Ph.D in procurement. Martin is great to work with and so is Roberto Caranta, both of which I can vouch for having known and worked with them over the last 6 years on the European Procurement Law Group.

How to go about and do real world experimentation in procurement

Albert put the ball rolling (or kicked the hornets' nest, depending on the perspective) yesterday by calling for more experimentation in public procurement. He is putting a finger on a particular wound - innovation in public procurement - and my comments (for now) can be found on this twitter thread:

There is a lot more to be said about the topic, but that is my hot take for now.