Nr

Action

Lead

Due date

1

Further develop, promote and increase the use of the current Arachne system in the Commission and in Member States notably by increasing user-friendliness and exploring possibilities for interoperability and synergies with other corporate IT tools as well as national databases.

DAC, EMPL: lead

Shared management DGs, JRC: support

2023 and continuous

State-of-play May 2025

While developing the future single integrated IT system (corporate Arachne), the current version of Arachne is being further improved to strengthen its capacity as an anti-fraud tool in shared management and RRF-like instruments. Throughout 2024, the Commission has continued promoting Arachne with Member States.

In July-September 2024, DG AGRI organised a survey on the use and interoperability of the tool. The results of the survey and the future use of the tool for CAP were discussed in an expert group meeting organised in September 2024 and the discussions further continued in the framework of the certification of accounts expert group meeting in December 2024.

The work of the risk indicator specifications continued in the Learning Network of the CAP Paying Agencies meeting organised by the Member States with the Commission participation in January and April 2025. The Commission aims to finalise the IACS requirement specification work by mid 2025. The Commission also provided training on the use of Arachne, with 28 trainings sessions organised for Member States where the trainings also covered AGRI Funds. Five of the sessions were dedicated just to CAP expenditure.

In 2025, 35 online training sessions were addressed to authorities of the Member States concerning funds managed by EMPL, REGIO, AGRI, ECFIN, and MARE. One of the training sessions covered all Member States as regards CAP.

As regards RRF funds, 17 Member States 2 are actively using ARACHNE by uploading data to the tool, while six Member States 3  are unlikely to use ARACHNE, as they intend to use alternative national systems. The Commission is in discussions with three Member States 4 regarding potential use of ARACHNE, while one Member State 5 has an audit and control milestone that requires the use of ARACHNE which still needs to be assessed.

Nr

Action

Lead

Due date

2

Continue developing the envisaged single integrated IT system (corporate Arachne) for data mining and risk scoring, in line with the Interinstitutional Agreement and the RRF Regulation 6 , with a view to extend its use to all Member States and to all management modes.

BUDG, DAC, EMPL: lead

Spending DGs, OLAF, DIGIT, JRC: support

2023 and continuous

State-of-play May 2025

Following the political agreement of 7 December 2023 on the Financial Regulation recast, the integrated IT system (corporate Arachne) will apply to all management modes and its feeding with relevant information will become mandatory as of the post-2027 MFF programmes. Its mandatory use as proposed by the Commission but rejected by the Council, will be rediscussed at a later date pending an assessment by the Commission on the readiness of the tool by the end of 2027. In the meantime, the use of the tool will remain voluntary.

The transition to the new tool is progressing according to plan. The intermediate steps established have been met reflecting the real status quo of the development of the tool. The Steering Committee formally adopted the name "Arachne+" in March 2025 to reflect the tool’s wider external use.

In January 2025, the first meeting of the Group of Experts (tasked with designing Arachne+) , established by Commission Decision C (2024) 7889, was held. The aim is to foster cooperation between the Commission and Member States in developing the tool and preparing for its readiness assessment by the end of 2027. It will continue to meet quarterly in 2025 and 2026 to contribute to the readiness assessment, focusing on risk indicators, interoperability, artificial intelligence, and data protection. A Best Practices Workshop on handling big data tools took place on 14 May 2025, with contributions from DG HOME, the EIB and the Belgian Financial Intelligence Unit.

Nr

Action

Lead

Due date

3

Further develop and increase use of EDES in the Commission and in Member States based on user feedback, in view of its possible extension to shared management, notably by:

a.increasing the user-friendliness of the database;

b.exploring possibilities for interoperability and synergies with other corporate IT tools as well as national databases;

c.enhancing dialogue on EDES among Commission departments and Executive agencies, other EU institutions, Member States and implementing partners.

BUDG

2023 and continuous

State-of-play May 2025

The Commission has continuously stressed the importance and benefits of the Early Detection and Exclusion System (EDES) in protecting the Union budget, notably for the prevention and detection effects on fraud and unreliable behaviours, and for ensuring effective sanctions.

Since its entry into force in September 2024, the new Financial Regulation makes it possible to exclude natural persons, unreliable guarantors, affiliated entities and/or beneficiaries of an excluded primary entity from obtaining EU funds. The Financial Regulation extended the scope of EDES to funds disbursed under shared management and direct management with Member States for programmes adopted or financed as from 1 January 2028.

a. The Commission has carried out improvements to EDES Database user friendliness such as an upgrade on the unlocking of users and a full user manual.

b. The EDES Database had been linked to SUMMA, the Commission's new corporate financial system in February 2025. A new external webservice was developed that will allow national databases to query the EDES database.

c. The Commission has enhanced the dialogue and increased the level of guidance on EDES. Within the Commission, the dialogue took place notably in the EDES experts platform, which had two sessions in July and October 2024, and in the annual EDES workshop, organised in May in 2025. Ad hoc training sessions on EDES with several departments took place between June and February 2025. A revised guidelines on the use of OLAF Reports for the purpose of EDES for the use of Commission departments, Executive agencies and other EU institutions, has been published in December 2024. Further guidelines including an EDES Vademecum are in preparation.

Nr

Action

Lead

Due date

4

Explore the possibility to strengthen the anti-fraud functionalities in SUMMA, notably by:

a.considering the creation of a dashboard on unusual patterns in transactions to detect potential irregularities and provide analysis to DGs;

b.considering, after the SUMMA go-live, a screening of other databases such as Arachne and commercial databases via the SUMMA Business Partner Integrity Screening, similar to the envisaged screening of EDES and the Financial Sanctions Database, and exploring if and how these anti-fraud functionalities could be used in the Commission and beyond;

c.considering additional controls of business partners (legal entities).

BUDG: lead

OLAF, spending DGs: support

BUDG: lead

DAC, EMPL: support

BUDG

2025

2025

2025

State-of-play May 2025

SUMMA is the Commission's new corporate financial system, which went live in January 2025.

a.As SUMMA started being used as of January 2025, a working group BUDG-OLAF will be set up to consider the creation of a dashboard.

b. The integration of Arachne and external databases (such as Orbis) is in the exploratory phase. The future of this integration largely depends on the revamping of Arachne for the next MFF, which aims to expand the use of Arachne and external databases to all management modes. For direct management, integration with corporate systems like E-grants, E-procurement, and/or SUMMA will be crucial. However, this corporate vision is still in its early stages and is currently being defined.

c. BUDG has been monitoring corporate initiatives across the European Commission such as Natural Identity Management and Optical Character Recognition (OCR) initiatives to identify opportunities and quick wins for improving business partner identity verification and data encoding accuracy. These projects are still in their early stages. DG BUDG will continue to monitor possible options to further develop Business Partners information.

Nr

Action

Lead

Due date

5

Increase the user-friendliness of the Irregularity Management System (IMS) for Member States authorities and relevant Commission staff, the use of the system and therefore the completeness and accuracy of the data in the system, notably by:

a.upgrading the system technically;

b.exploring the possibilities for interoperability with other Commission and national systems dedicated to protecting the EU’s financial interests.

OLAF

2023 and continuous

State-of-play May 2025

IMS is the system through which Member States report on irregularities and fraud affecting the EU budget to the Commission, allowing the Commission to analyse for example trends and modus operandi. It has potential for greater interoperability with other corporate tools of the Commission, such as Arachne and EDES, and with digital tools in Member States. OLAF, which runs the IMS on behalf of the Commission, is continuosuly working on improving its user friendliness.

a.In 2024, IMS underwent two major releases, the first updating to the latest standards the underlying IT architecture and software, including some “look and feel” changes to the users’ interface; and the second, improving the search-function possibilities (distinguishing between simple and advanced search), and increasing the attachments size.

b.BUDG and OLAF have initiated a review of the functioning of the interface beween EDES and IMS. In view of collecting feedback from the users of such interface, a survey will be addressed to its users (to be launched in June 2025) to collect their feedback and understand any potential gap that would beed to be addressed. Once analysed the results, BUDG and OLAF will identify if corrective measures or new developments are needed. Initial contacts were also established to identify how Arachne could profit from data reported via IMS.

Nr

Action

Lead

Due date

6

Explore options to improve the efficiency and accuracy of financial and administrative monitoring of follow-up of OLAF cases, notably by increasing data interaction possibilities between OLAF and Commission departments and where appropriate monitoring of the follow-up of EPPO cases based on information received from the EPPO.

OLAF, SG, BUDG

2024

State-of-play May 2025

OLAF is continuously working with other Commission departments to improve the monitoring of the follow-up of OLAF recommendations.

In the second half of 2024, the technical solution to improve the efficiency and accuracy of financial and administrative monitoring of follow-up of OLAF cases was made available to users. The new SharePoint based tool for tracking OLAF recommendations, the OLAF Monitoring Site, allows for centralised, efficient communication exclusively within the Commission and its executive agencies. It enables continuous updates on OLAF recommendations, allowing users to add information as soon as updates are available. The action has been completed.

As regards EPPO notifications, following the revision of the Annexes I and III of the EPPO-Commission Agreement, new templates have been agreed between EPPO and Commission on the EPPO communications to the Commission (see also action 30a.) 

Nr

Action

Lead

Due date

7

Explore options to improve internal communication on cases of fraud and irregularities by:

a.exploring the possibilities of developing IT solutions for communication between OLAF, Commission departments and Executive agencies along the full life cycle of a case - from communicating suspicions of fraud to OLAF, through selection and investigation, to follow-up and monitoring (including on information received from the EPPO, where appropriate) - to make such communication more regular and efficient, while respecting the confidentiality of investigations;

b.updating Commission departments and Executive agencies bilaterally, as well as the Secretariat-General where appropriate, on the status of OLAF cases every six months in the meantime

OLAF: lead

SG: support

OLAF

2025

2024

State-of-play May 2025

Communication with other Commission departments and Executive agencies on OLAF investigations will be facilitated by an increased use of digital tools.

a.An OLAF internal study on cases-related exchanges between OLAF and other stakeholders was finalised in May 2024. Any further study and related development of IT solutions will depend on the outcome of ongoing discussions related to the EU anti-fraud architecture.

b.OLAF investigative units update bilaterally Commission departments and Executive agencies on the status of OLAF cases every six months. This sub-action has been completed.

Nr

Action

Lead

Due date

8

Set up a working group to explore available and possible future options for strengthening digital control against plagiarism, also for 'external' plagiarism comparing not only documents prepared for the Commission but also other documents.

OLAF: lead

All DGs: support

2024

State-of-play May 2025

The increased availability of documents and text on the Internet and the use of Artificial Intelligence (AI) lead to increased risks of plagiarism. Plagiarism can breach intellectual property rights, lead to double funding and pose reputational threats to the Commission. Digital solutions are thought to have the potential to mitigate some of the risks.

To address it, a working group composed of 15 Commission departments and Executive agencies was established end of 2023 and met a few times times in 2024, both in plenary and bilateral format. Beginning of 2025, the working group produced a report on plagiarism tools at the Commission, which still needs to be formally adopted.

The action has been completed.

Nr

Action

Lead

Due date

9

Develop a matrix of risk indicators in GETI (Get Intelligence system) to contribute to fraud prevention and to pro-actively identify high risk projects and entities, targeting aspects such as unusual behaviour, financial information and contractual patterns.

OLAF

2026

State-of-play May 2025

GETI is an OLAF data analytical tool used for simultaneously searching in multiple data stacks of structured and unstructured data in multiple different languages. GETI finds information quicker and more efficiently, by bringing together data from different sources.

Following the collection of data needed, in the last quarter of 2024, a new subset of risk indicators was created. The new indicators are linked to other datasets in the GETI stacks. All the risk indicators developed so far are being currently tested on an initiative to identify irregularities on projects.

Nr

Action

Lead

Due date

10

Set up a working group to explore available and possible future options for strengthening digital control of external service providers and experts, notably checking that they do not claim reimbursement for the same hours from several sources.

OLAF: lead

All DGs: support

2024

State-of-play May 2025

The Commission is well aware of the risks associated with the use of external service providers and experts, notably of double funding and conflict of interest. Digital solutions are thought to have the potential to mitigate some of the risks.

A working group composed of 18 Commission services and executive agencies was established end of 2023. Several meetings took place throughout 2024. A draft report on the main issues encountered by the Commission services, available tools and potential solutions is under preparation.

Once finalised, the document will be shared within relevant fora within the Commission.

The action has been completed.

Nr

Action

Lead

Due date

11

Further strengthen the Commission's IT and information security to respond quickly and effectively to evolving cyber-security threats, including the threat of cyber-fraud, and minimise potential impacts, notably by:

a.regularly revising the IT security strategy and, as applicable, the IT security plans based on comprehensive risk assessments that take the possibility of cyber-fraud into account;

b.ensuring close cooperation on information security between EU institutions and bodies, notably on investigations of leaks of information, on common rules and tools to securely exchange information.

DIGIT: lead strategy
All DGs: lead plans

OLAF: support

HR: lead

OLAF: support

2023 and continuous

2023 and continuous

State-of-play May 2025

Cyber-security threats are constantly evolving. The Commission is committed to ensuring the safety and security of its digital assets and reputation, as well as maintaining the continuity of its operations.

a.DG DIGIT regularly monitors and reports on the cybersecurity posture of the Commission via the IT Security and Risk Report (ITSRR). The latest release for the 2024 ITSRR took place in March 2025. The report provides a snapshot on the Commission’s IT security risk posture, including updates and key developments in relation to the threat landscape, proactive and reactive cybersecurity and capability development. The actions of the IT Security Strategy 2023-2024 have been completed, and the 2025-2026 European Commission Corporate Cybersecurity Strategy has been developed, and adopted by the ITCB in January 2025. The strategy is in line with the priorities of the Commission, the evolution of the threat landscape, the IT technical developments and the evolution of the compliance and incident management processes. The 2025-2026 Corporate Cybersecurity Strategy incorporates the provisions of the Cybersecurity Regulation (2023/2841) entered into force in January 2024.

b.HR.DS continues to equip the Commission with the necessary tools that allow to respond effectively to the dramatic development of the threat landscape and to secure the institution assets. HR.DS has continued to defend its proposal for an InfoSec regulation in the Council Security Committee, aiming to creating a common standard of security for the information handled by all Union entities. Similarly, HR.DS has supported the decentralised agencies in enhancing the protection of their information by providing the appropriate IT tools (Zeus certificates, RUE-X, RTOP, SUE).

Nr

Action

Lead

Due date

12

Encourage Member States, notably through available funding programmes, to digitalise as appropriate fraud prevention, detection and investigation by supporting the development and use of IT tools for data collection and analysis using advanced data mining, machine learning technologies and forensics, as well as the exploration of emerging technologies such as artificial intelligence, block chain technology and biometrics.

All DGs providing such funding

2023 and continuous

State-of-play May 2025

In its 2023 PIF Report of July 2024, the Commission recommended Member States to accelerate the digitalisation of the fight against fraud. To support Member States in the digitalisation of their anti-fraud efforts, the Commission undertook several actions.

The Union Anti-Fraud programme (UAFP) calls for proposals for 2024 have been evaluated, and five projects (out of 21 awarded) received financing for data analytics technologies and tools. OLAF included in the 2025 Work programme for the funding opportunities for Member States authorities for the development and use of IT tools for data collection and analysis using advanced technologies. The UAFP Calls for proposals for 2025 were published in February 2025. OLAF intends to reinforce the digitalisation aspects in the future UAFP, in the framework of the new MFF (2028-2034).

SG REFORM supports digitalisation-related projects under its Technical Support Instrument (TSI). In its TSI 2026 programming (January 2025-October 2025) SG REFORM encourages reform projects requests on how IT tools and technologies like Large Language Models can enhance Anti-corruption and Anti-fraud bodies capacity to use predictive analytics to detect anomalies and potential fraud when relevant to the TSI 2026 flagship on “Technical support for the implementation of country-specific recommendations”.

Nr

Action

Lead

Due date

13

Further improve the prevention and detection of fraud to the RRF, notably by:

a.developing risk indicators on fraud, corruption, conflict of interest and double funding, for the purposes of auditing and identifying potential cases to be transmitted to OLAF for possible investigation or transmission to the EPPO;

b.carrying out system audits on the protection of the EU's financial interests focusing on high-risk areas identified in risk assessments;

c.continuing anti-fraud awareness raising and training;

d.encouraging Member States to make use of IMS to report irregularities related to the RRF in line with an ECA recommendation.

ECFIN: lead

OLAF: support

2023 and continuous

State-of-play May 2025

With the large amounts involved in the RRF, the Commission is closely monitoring and taking action to address risks and instances of fraud, corruption, double funding and conflict of interest.

a.Discussions between OLAF and DG ECFIN on risk indicators took place in the second half of 2023 and in 2024. OLAF completed an evaluation of RRF data for anti-fraud purposes and shared it with DG ECFIN in April 2024.

b.DG ECFIN has carried out audits on the protection of EU’s financial interests in all Member States. Targeted audits on the protection of EU’s financial interests are conducted where particular needs have been identified, such as for specific topics, measures, regions or authorities. In order to ensure that risks are adequately monitored and addressed throughout the life of RRF, ECFIN undertakes further audit work based on the risk assesment updated in February 2025.

c.The Technical Working Meeting with National Audit Bodies on the Recovery and Resilience Facility (RRF) was held in Brussels on 21-22 November 2024, and presented and discussed in the plenary session the topic of "Protecting the EU budget: prevention and detection of irregularities and fraud in the context of public procurement”, and during the focus groups sessions the topics of “Prevention and detection of conflict of interest: best practices and use of data mining tools”, and “Auditing fraud: audit techniques and approach”.

d.Specifically concerning the use of IMS (which is not mandatory under the RRF Regulation), the Member States’ audit authorities for RRF have been made aware of the advantages of using IMS for reporting irregularities during the 2024 bilateral meetings organised by DG ECFIN.

Nr

Action

Lead

Due date

14

Encourage Member States to put in place effective and proportionate anti-fraud measures, such as strategies at national, plan, programme or authority level and, as applicable, provide guidance and support in this respect.

ECFIN, shared management DGs and OLAF

2023 and continuous

State-of-play May 2025

The Member States are responsible for putting in place effective and proportionate anti-fraud measures to protect the financial interests of the Union. An appropriate framework for developing such measures are national anti-fraud strategies (NAFS), and the Commission, European Parliament and European Court of Auditors have therefore actively encouraged Member States to adopt such strategies.

DG REGIO, with the cooperation of the European Institute of Public Administration, delivered a presentation to national authorities on the importance of having National Anti-Fraud Strategies (NAFS) in place. The presentation was part of the training sessions on Cohesion Policy for EU Member State Experts “Identifying and preventing fraud and corruption in Structural and Cohesion Funds 2021-2027”. Each training session (June 2024, October 2024 and March 2025) was attended by approximately 30 participants.

DG MARE encouraged Member State authorities to consider putting in place NAFS whenever Key Requirement 7 7 was within the scope of audit missions. Between July 2024 and May 2025, four such audits have been carried out, which brought the total Member States covered to 17. A related question in the checklist for Key Requirement 7 audit assignments under the European Maritime, Fisheries and Aquaculture Fund will be included by the end of 2025.

DG ECFIN encourages the adoption of NAFS in the context of its RRF audits on the protection of EU’s financial interests, notably by adding the adoption of such strategies as a milestone where appropriate.

Nr

Action

Lead

Due date

15

Provide, as relevant, regular training, awareness raising and exchanges of best practice examples with Member State authorities, either dedicated to or including as an important element anti-fraud matters, such as prevention, detection and handling of irregularities, as well as reporting in the IMS.

ECFIN, shared management DGs and OLAF

2023 and continuous

State-of-play May 2025

The Commission provided the Member States authorities with anti-fraud training, awareness raising and exchanges of best practices in several fora in 2024.

The Shared Management DGs (REGIO, EMPL, MARE and AGRI) continued to provide training and raise awareness of anti-fraud matters, as well as exchanging best practice, in various instances and fora. These included meetings with Audit Authorities, anti-fraud seminars and conferences for Paying Agency representatives, and dedicated training sessions for programme authorities. Notably, 28 Annual Coordination meetings with the Audit Authorities (ACMs) included an OLAF presentation on the detected and reported fraud irregularities by cohesion policy investment area.

DG REGIO, with the cooperation of the European Institute of Public Administration, delivered regular training sessions on Cohesion Policy for EU Member State Experts titled “Identifying and preventing fraud and corruption in Structural and Cohesion Funds 2021-2027”. Modules and workshops on prevention, detection and handling of irregularities were included (for example “Introduction to identifying and preventing fraud; fraud indicators”, “Workshop on innovative methods to combat fraud”, “Models for assessing risk of fraud”, Specific challenges in preventing fraud”, etc.). Each training session (June 2024, October 2024 and March 2025) was attended by approximately 30 participants. A presentation on Conflict of Interest was delivered to audit authorities in December 2024. OLAF delivered a presentation on “Protecting the EU budget: challenges and developments” at the homologues meeting with all Member States audit authorities, in October 2024.

DG AGRI delivered three seminars on anti-fraud topics in 2024, while antifraud issues were included in both Presidency conferences organised in 2024 (Belgium and Hungary).

For the RRF, DG ECFIN raised such topics in the annual technical meeting with national audit authorities in November 2024, bilateral meetings with national authorities, as well as in the COCOLAF meeting in December 2024.

Nr

Action

Lead

Due date

16

Promote sharing of best practice and provide guidance for Member States on preventing, detecting, handling and reporting conflict of interest situations.

BUDG: lead

ECFIN, shared management DGs: support

2024 and continuous

State-of-play May 2025

Member States have the obligation, when implementing the EU budget in shared management, to take the necessary measures to avoid conflicts of interest. The Commission has stepped up its efforts to provide guidance and allow the Member States to share their experiences with each other.

DG BUDG has set up a Commission internal working group with shared management DGs to identify best practices and prepare a guidance for Member States on preventing, detecting, handling and reporting conflict of interest situations. A consolidated document on best practices has been drafted and it was disseminated to relevant Member States authorities in May 2025. The best practices guidance was presented to the Advisory Committee for the Coordination of Fraud Prevention (COCOLAF) on 15 May 2025 and was published on BUDGPedia.

DG ECFIN invites Member States to share best practices on conflict of interest situations in annual Technical Working Meeting for national audit bodies. In 2024, a dedicated focus group on conflict of interest prevention and detection was organised during the annual Technical Working Meeting with audit authorities.

Nr

Action

Lead

Due date

17

Promote and support the use of IMS by Commission auditors for fraud risk assessment purposes, notably by providing training.

OLAF

2023 and continuous

State-of-play May 2025

OLAF continuously strives to make IMS accessible to relevant Commission staff. IMS can for example support auditors with their risk analysis in the planning of an audit.

In April 2024, OLAF collected the training needs on IMS for 2024 and consulted Commission departments on possible specific needs. Services indicated that enough auditors have been trained at this time and that they will indicate when further training is required. In 2024, all IMS resources were allocated to the refactoring of IMS (see action 5).

OLAF will continue supporting the use of IMS by Commission auditors notably by providing training in line with the needs expressed by the Commission departments.

Nr

Action

Lead

Due date

18

Verify, as relevant, that the work done by audit authorities and certification bodies includes checking on the existence of adequate procedures for timely and accurate reporting of detected irregularities, their handling, follow-up and transmission of information to the competent investigative bodies. This might include cases where the irregular expenditure is withdrawn from EU funding or, in the case of the RRF, corrected and recovered from the final recipients.

ECFIN, shared management DGs

2023 and continuous

State-of-play May 2025

To ensure that the EU’s financial interests are protected, it is important that Member States have procedures in place for following up on detected fraud and irregularities. Audit authorities and certification bodies play an important role in verifying that this is the case.

For the RRF, DG ECFIN reviewed management declarations and audit reports received with payment requests, and issued recommendations following audits on the protection of EU’s financial interests. The work done on audits on the protection of EU’s financial interests and the follow-up of reported irregularities were discussed during annual bilateral meetings with Member States’ audit bodies.

In the area of Cohesion Policy, the Joint Audit Directorate of DG REGIO and DG EMPL has reinforced its audit work to obtain reasonable assurance that the Management and Control Systems (MCS) established and implemented by Member States function effectively to prevent, detect, correct and report errors and irregularities. In this respect, actions taken include sharing thematic anti-fraud checklists for 2021-2027 with Audit Authorities, reviewing approaches for compliance audits and carrying out early verifications of the completeness and adequacy of the methodological tools, checklists, and procedures used by the Audit Authorities.

DG MARE has updated Key Requirement 7 checklist to include the aspect of adequate reporting procedures not only for fraud, but also for non-fraudulent irregularities and the reporting in IMS in cases where the financial impact on the EU budget exceeds €10.000. The updated checklist was used throughout the audits whenever Key Requirement 7 (anti-fraud measures at Member State level) was in the scope of the audit mission. By May 2025, 17 such audit missions took place.

Nr

Action

Lead

Due date

19

Support Member State authorities to improve the quantity and quality of irregularity reporting to the Commission via the IMS, notably by:

a.developing and updating guidance on reporting, for example, the IMS handbook, including on issues related to conflicts of interest;

b.reminding Member State authorities in the communication on the outcome of a Commission audit or an investigation on the obligation to report in IMS irregularities above the threshold, also when identified during a Commission audit or an investigation, and to confirm explicitly their reporting of those irregularities to allow for their exact identification.

OLAF: lead

Shared management DGs: support

Shared management DGs: lead

OLAF: support

2024

2023 and continuous

State-of-play May 2025

For the EU to have a complete and correct picture of the irregularities and fraud against EU funding, the Member States need to report them in IMS. To support the Member States, OLAF issues guidance on reporting.

a.The working group comprising Member State experts, which was set up by OLAF in spring 2024 to revise the 2017 Handbook on the reporting of irregularities, continued its work, meeting at regular intervals to discuss the issues at stake. The final draft of the revised Handbook was sent to all Member States in mid-May 2025, and its formal adoption is expected to follow. The revised Handbook includes guidance on the reporting of irregularities relating to conflicts of interest. This sub-action will be completed with the adoption of the revised Handook, expected by Q3 2025.

b.The Shared Management DGs continue to remind Member State authorities in the communication on the outcome of their audits of the obligation to report irregularities in IMS.

Nr

Action

Lead

Due date

20

Develop a joint ethics and anti-fraud training plan with the EEAS, to ensure that specialised training is delivered consistently for targeted groups of staff notably in the Representations, Delegations and Missions.

External action DGs: lead

OLAF, HR: support

2024

State-of-play May 2025

Staff working in the EU Representations, Delegations and Missions need appropriate ethics and anti-fraud training to develop sound knowledge of the Commission’s ethics and anti-fraud frameworks.

Following a mapping of existing training on ethics and anti-fraud topics (cf. action 40 of the action plan), the Commission established a draft proposal for a joint ethics and anti-fraud training plan in March 2024. A dedicated working group was set-up by DG INTPA and the first meeting took place in April 2024 to discuss and agree upon a joint ethics and anti-fraud training plan (learning path) to guide staff in EU Delegations (both Commission and EEAS) and at Headquarters on their choices in terms of ethics and anti-fraud training courses.

The end goal was to offer a training package rather than standalone training offers by designing a joint anti-fraud and ethics learning path consisting of three interconnected modules. The learning path has been prepared and is available in the EU Learn. A joint note from DG INTPA and OLAF was sent out on 20 May 2025 to raise the awereness of colleagues and encourage them to participate in the training sessions.

In addition, OLAF is invited to and takes part in joint training sessions organised by DG INTPA and delivered with support from DG FPI, DG MENA and DG ENEST (four times a year).

The action has been completed.

Nr

Action

Lead

Due date

21

Raise awareness of pillar-assessed partners in the field of external action on their obligation to notify the Commission of cases of detected irregularities, fraud and exclusion situations, notably by:

a.providing the partners with guidance on the information to be shared with the Commission when notifying cases;

b.inviting OLAF to participate in relevant meetings with major recipients of EU funding.

INTPA: lead

External action DGs, OLAF, BUDG: support

External action DGs: lead

OLAF: support

2024

2023 and continuous

State-of-play May 2025

The Commission may delegate the implementation of EU-funded projects to partner organisations in indirect management. To ensure that the partner organisation’s internal rules and procedures guarantee a high level of protection of EU funds, the organisation must pass a pillar assessment. Pillar-assessed partners have an obligation to notify the Commission of cases of detected irregularities, fraud and exclusion situations.

a.DG INTPA and OLAF continued to engage in discussions with pillar-assessed entities to raise awareness on their obligation to notify the Commission of cases of irregularities, fraud and exclusion. Specifically, they have highlighted the obligation enshrined in Article 158(7) of the new Financial Regulation (Recast) which requires implementing entities to notify the Commission without delay of cases of established fraud and irregularities and their follow-up, as well as any information relating to suspected cases of fraud, corruption or any other illegal activity affecting the financial interests of the Union. DG INTPA is working on including necessary clarifications and explantions in the existing guidance for the pillar-assessed entities. The work should be finalised by the end of 2025.

b.OLAF is being invited to the meetings with pillar-assessed entities to clarify reporting obligations. OLAF was invited to the 19th EU-UN FAFA Working Group on 13-14 June 2024 and to the meeting with the OECD on 17 March 2025 regarding the obligation for implementing partners to notify “suspected fraud” as per Article 158(7) of the Financial Regulation (recast).

Nr

Action

Lead

Due date

22

Develop common lines of action with the EEAS to reduce the risks associated with local agents who remain in the same post for a long period of time in the Delegations.

External action DGs: lead

OLAF, HR: support

2024

State-of-play May 2025

This action aims at tackling risks associated with local agents who remain in the same post for a long period of time in the EU Delegations.

A Commission working group was set up by DG INTPA (lead service) to prepare common lines of action including preventive and corrective actions. By the end of 2024, the discussions in the working group led to the development of a set of common lines of action, also with the EEAS, in the form of an action plan. The common note from DG INTPA and OLAF encouraging DGs to implement the action plan was sent out to respective Comission services and EEAS on 20 May 2025.

The Action Plan comprises five activities: (i) ethics training, (ii) promotion of the available trainings on ethics and fraud prevention via anti-fraud networks on a regular basis and for all staff members, (iii) integration of risk assessment of staff mobility during supervision missions (Commission) and inspection missions (EEAS), (iv) examination of possibility to enlarge the number of fixed-term contracts in Delegations for Local Agents, in the framework of the upcoming review of the decision covering Local Agents working arrangements and (v) ethics guidance for all staff in Delegations to avoid overlaps, contradictions and bureaucracy with the aim to consolidate existing training offer for staff members.

The action has been completed.

Nr

Action

Lead

Due date

23

Improve the use of IMS in candidate countries, notably by:

a.developing guidance on irregularity reporting in IMS;

b.providing training to relevant national authorities;

c.raising awareness among relevant authorities on the need to report irregularities in IMS in a complete and correct manner.

OLAF: lead

NEAR: support

OLAF: lead

NEAR: support

NEAR, OLAF

2024

2023 and continuous

2024 and continuous

State-of-play May 2025

Under indirect management, the countries benefitting from pre-accession assistance (IPA) must report irregularities and fraud to the Commission, and keep the Commission informed about the progress of administrative and legal proceedings in relation to such irregularities. Such reporting is to be done through IMS. To ensure correct reporting, the Commission provides guidance and training to the candidate countries.

a.DG NEAR cosigned a joint letter with OLAF and DG AGRI and contributed to the “Guidance on the reporting of irregularities by beneficiary countries of pre-accession assistance in indirect management” published in November 2024. The note and Guidance were disseminated through OLAF contact points in each IPA EU delegations. The sub-action has been completed.

b.DG NEAR participated actively to the 2024 AFCOS Conference on 15-16 October organised by OLAF for candidate and potential candidate countries. OLAF provided a Workshop on irregularities reporting in IMS to a Serbian delegation.

c.DG ENEST 8 assigned Irregularity Officers in the EU Delegations in order to liaise with the national authorities and follow up on the irregularities reporting. National authoritities continue to report quarterly on follow-up of irregularities to DG ENEST as requested.

Nr

Action

Lead

Due date

24

Develop guidance and exchange of best practice on addressing the risks to spending in emergency situations (follow-up to 2019 CAFS action 29), focusing on conflict of interest.

ECHO, FPI, HOME: lead

OLAF, BUDG: support

2024

State-of-play May 2025

The previous CAFS action plan of 2019 identified emergency spending as particularly vulnerable to fraud. Implementing the previous CAFS action related to emergency spending, a risk analysis was conducted. It identified conflict of interest as one of the main risks in this type of spending.

The Commission therefore set up a working group on the risks to spending in emergency situations with focus on conflict of interest. The guidance and best practice document was finalised by the working group and adopted in April 2025, covering broader scope of conflict of interest situations.

The action has been completed.

Nr

Action

Lead

Due date

25

Cooperate with Ukraine authorities, international donors and their anti-fraud services to protect EU funding from fraud and corruption, notably by:

a.strengthening national anti-fraud structures through capacity building, in particular by:

I.providing targeted anti-fraud support to national authorities, e.g. through training and exchange of expertise;

II.supporting accession to the Union Anti-Fraud Programme;

b.collaborating on possible cases affecting the EU’s financial interests, including through exchange of information.

OLAF

2023 and continuous

State-of-play May 2025

The EU is spending large sums of money to support Ukraine in meeting present and future challenges. All players involved must do their utmost to ensure that the funds reach their intended recipients.

Throughout 2024, OLAF continued its engagement to protect the EU’s financial interest with regard to funding to support Ukraine, in particular:

a. To strengthen national anti-fraud structures through capacity building:

i. OLAF delivered a dedicated anti-fraud training to relevant Ukrainian authorities in February 2024. In addition, individual Ukrainian authorities participated in OLAF conferences and training events to exchange expertise and good practices, such as the joint conference of the national Anti-Fraud Coordination Services (AFCOS) from the EU Member States and their counterparts in candidate countries and potential candidate in October 2024 in Brussels.

ii. The negotiation and adoption process for Ukraine’s association to the Union Anti-Fraud Programme was successfully finalised in 2024. The association agreement was formally signed in March 2024 by both parties and it is now in force.

b. OLAF investigative units continued their cooperation with Ukrainian authorities for cases of fraud or irregularity allegations. OLAF also increased the dialogue with relevant counterparts, such as Ukrainian civil society organisations and the EU Delegation in Kyiv, to raise awareness about reporting fraud allegations to OLAF. Discussions have been launched in relation to the setting up of workflow for the reporting of irregularities via IMS.

Nr

Action

Lead

Due date

26

Strengthen the Commission’s and Member States’ analytical capacities in the customs anti-fraud area by developing data analysis tools and increasing exchange of and access to relevant data for anti-fraud purposes, to improve the prevention and detection of customs fraud.

OLAF, JRC, TAXUD, BUDG: lead

2023 and continuous

State-of-play May 2025

Analytical tools and data sharing play an important role in boosting the EU's capacity to effectively tackle customs fraud.

The Anti-Fraud Information System (AFIS) analytical platform (FraudAP) is fully operational. Between June 2024-May 2025, various applications and intelligence reports were produced using the FraudAP. On 10 April 2025, online training was provided to Member States customs authorities. The release of the bulk import upload mechanism of the Customs Information System (CIS) took place on 30 April 2025. The development of the B2B interface between the CIS and Member State national systems is on-going.

JRC is actively contributing to strengthening the Commission's and Member States' analytical capacities in the customs anti-fraud area through its involvement in the Customs Anti-Fraud Enabling Technologies 2024-2027 (CAFET-2) project, funded by OLAF. Currently, JRC is working on the development of alternative market indexes to support customs anti-fraud activities, leveraging alternative and disaggregated data sources. This effort aims to enhance the prevention and detection of customs fraud by providing more accurate and reliable data analysis tools.

Nr

Action

Lead

Due date

27

Ensure effective complementarity between customs risk management and anti-fraud activities, notably by:

a.strengthening data sharing in the Customs Risk Management System;

b.developing and better defining risk indicators related to anti-dumping and undervaluation in the new Financial Risk Criteria Decision;

c.developing new common risk criteria for intellectual property rights at import.

TAXUD: lead
OLAF, BUDG: support

2024

State-of-play May 2025

Data analysis is an increasingly important component of both customs risk management and customs anti-fraud activities. Access to the right data for risk management and anti-fraud purposes is essential. DG TAXUD is working on a number of initiatives to improve the access to relevant data for these purposes.

a.On 26 March 2025, the Customs Risk Management System was further improved by the deployment of new features for lists of data and system-to-system. This sub-action has been completed.

b.On 4 April 2024, the Commission adopted an implementing decision Decision C(2024)1998 for the revision of the financial risk framework to better protect the financial interests of the Member states and the Commission. This sub-action has been completed.

c.Common risk criteria and standards will be proposed to Member States by the end of 2025. The implementation date has been postponed to 31 December 2025. The Commission established a Subgroup of the Customs Expert Group on Customs Controls and Risk Management to develop, with volunteering MS, Common Risk Criteria (CRC) for IPR. The Subgroup prepared a draft legal text (Commission Implementing Decision and the relevant Annexes) and envisaged CRC are now being tested, to assess their efficiency and effectiveness, by means of pilot actions (a first pilot was performed in 2024, the second is running at the moment).

Nr

Action

Lead

Due date

28

Define an anti-fraud strategy for new own resources and identify and implement mitigating measures on fraud risks concerning the Carbon Border Adjustment Mechanism, the EU Emissions Trading System and other new own resources.

OLAF, BUDG, TAXUD, CLIMA

Within two years of adoption

State-of-play May 2025

The Commission presented in June 2023 an adjusted proposal for a next generation of own resources that covered the Carbon Border Adjustment Mechanism (CBAM) and an extension of the Emission Trading System (ETS).

During 2024, pending a decision over the future status of CBAM as Own Resource, progress was made toward the rollout of a CBAM Risk Management Framework and the preparation of the Anti-Circumvention Strategy. A Risk Management Network was established, engaging both national competent authorities and national customs authorities to facilitate joint efforts. Additionally, the foundation was laid for CBAM risk management data analytics capabilities, including the design and specification of IT tools needed to enable risk profiling and circumvention detection. These initiatives form part of a structured, forward-looking approach to reinforce the integrity and operational effectiveness of CBAM.

Furthermore, analytical efforts started on the broader review of CBAM, together with the drafting of a related legislative proposal expected in the last quarter of 2025.

For ETS, see action 29.

Nr

Action

Lead

Due date

29

Minimise the potential fraud risks associated with the EU Emissions Trading System (ETS), notably by:

a.implementing and enhancing security measures;

b.exploring alternative operating models for the ETS Union Registry, and conducting an in-depth feasibility assessment and cost–benefit analysis to inform the decision on a potentially new operating model.

CLIMA

CLIMA: lead

SG, BUDG, DIGIT, TAXUD: support

2023 and continuous

2024

State-of-play May 2025

The EU Emissions Trading System (ETS) is the world's first major carbon market and remains the biggest one. With a market value of around EUR 770 billion and a revenue of more than EUR 7 billion generated for the EU in 2023, it is vulnerable to cyberfraud. The Commission is therefore enhancing its security measures.

a.The Commission stepped up the implementation of the ETS IT security plan. 75% 9 % of the security measures in Union Registry and 80% of the additional security measures following the 2022 risk assessment were implemented at the end of 2024.

b.During 2024, the interservice group led by DG CLIMA, comprising SG, DG BUDG, DIGIT, DG FISMA and DG TAXUD presented the results of an in-depth cost and risk reduction analysis to the Corporate Management Board. The analysis recommended an external operating model. During the remainder of 2024, DG CLIMA explored different options for financing such a model with various stakeholders inside the Commission but also with external stakeholders such as the Climate Change Expert Group and the European Climate Policy Group. This sub-action has been completed. Now the effort shifted towards finding the financing model of a new operating model.

Nr

Action

Lead

Due date

30

Ensure effective cooperation between the Commission and the European Public Prosecutor’s Office (EPPO), notably by:

a.providing guidance to Commission departments and Executive agencies;

b.establishing Commission wide cooperation on EDES and on the application of the Conditionality Regulation;

c.assessing potential compliance issues with the Member States’ transposition and implementation of the PIF Directive.

Central services as appropriate

BUDG

JUST: lead

OLAF: support

2024 and continuous

2023 and continuous

2023 and continuous

State-of-play May 2025

The Commission and the EPPO have a shared interest in fostering an effective and cooperative relationship for the purpose of protecting EU’s financial interests.

There are regular contacts between the EPPO, the central services of the Commission and different Commission departments.

a.Following the revision of the Annexes of the Commission-EPPO Agreement (November 2024), the register of EPPO contact persons and functional mailboxes within the DG’s of the Commission was updated. The revised internal workflows table has been communicated to the DGs along with guidelines regarding the Ares registration process for each type of notification received. EPPO informed OLAF that they will soon be ready to start the deployment of the EPPO Box 10 in the DGs. OLAF will continue providing guidance to Commission departments and Executive agencies.

b.DG BUDG’s participation in the Commission-EPPO Working Group regarding early notification of issues that might be relevant for the application of the Early Detection and Exclusion System was concluded with the adoption of the amendment of the annexes of the Commission – EPPO Agreement. The analysis of information provided by EPPO to the Commission in the context of the preparation of the 2025 Rule of Law Report is ongoing, considering its potential relevance for the conditionality mechanism.

c.The Commission sent Letters of Formal Notice to 19 Member States for non-compliance of national legislation with the PIF Directive. Nine cases have been closed and further closures are expected in the next cycles. Seven cases remain open.

Nr

Action

Lead

Due date

31

Strengthen the support to Decentralised agencies and Joint Undertakings 11 in their effort to fight fraud, notably in establishing a coherent anti-fraud framework across agencies by:

a.providing training on ethics and anti-fraud matters;

b.providing methodology and advice on anti-fraud strategies;

c.sharing knowledge, allowing the agencies to publish relevant information on the inter-agency website;

d.regularly participating in relevant meetings of the EU Agencies Network to inform on anti-fraud matters.

OLAF: lead

HR: support

OLAF

OLAF

OLAF

2023 and continuous

2023 and continuous

2023 and continuous

2023 and continuous

State-of-play May 2025

The EU Decentralised agencies and Joint Undertakings are autonomous bodies with own legal personality, established by a founding regulation. They contribute to the implementation of various EU policies, sometimes with an important budget. While they have different governance structures, mandates and tasks, they are all bound to follow financial rules similar to those of the European institutions and to prevent fraud and irregularities.

a.Throughout 2024 and in the first quarter of 2025, upon request, OLAF delivered 11 tailored-made training courses and presentations on ethics and anti-fraud matters to the Decentralised agencies and Joint Undertakings and their cooperation networks dealing with anti-fraud matters. 

b.In May 2024, OLAF finalised a dedicated methodology and guidance for anti-fraud strategies in Decentralised agencies and Joint Undertakings. The methodology was sent to decentralised agencies and joint undertakings in June 2024 and was consistently used by agencies since then during the drafting or updating of their anti-fraud strategies.

c.OLAF continues providing advice on anti-fraud matters to the Decentralised agencies and Joint Undertakings, and to share relevant material to be published on the inter-agency website and/or on local websites of agencies.

d.OLAF presented in 2024 the methodology for anti-fraud strategies in Decentralised agencies and Joint Undertakings to the Inter-Agency Legal Officers Network (IALN) and to the Performance Development Network (PDN), as well as to the AuditNet group (IAS auditors and internal auditors of the agencies). OLAF regularly participates in relevant meetings of the EU Agencies Network working groups related to anti-fraud.

Nr

Action

Lead

Due date

32

Protect and empower investigative journalists as an important source of information on suspected fraud, notably by ensuring that appropriate EU legislation is in place including on SLAPP (strategic lawsuit against public participation) and on media freedom (European Media Freedom Act), and that Member States take appropriate measures to put in practice the Commission Recommendation on SLAPP and that on the safety of journalists, while funding projects in support of investigative journalism.

CNECT, JUST

2023 and continuous

State-of-play May 2025

The EU has adopted a comprehensive package to protect persons who engage in public participation against abusive court proceedings, also known as ‘Strategic Lawsuits against Public Participation’ (SLAPP). The initiative is a combination of legislation by way of Directive (EU) 2024/1069 on protecting persons who engage in public participation from manifestly unfounded claims or abusive court proceedings, and a non-legislative measure in the form of a Recommendation (C/2022/2428).

The Directive entered into force on 6 May 2024. Member States are expected to transpose it into their national law by 7 May 2026 and the Commission is closely monitoring and assisting them in the transposition process to guarantee effective implementation. The Recommendation, which has been applicable since its adoption on 27 April 2022, encourages Member States to ensure that national legal frameworks provide the necessary safeguards to address domestic cases of SLAPPs. The Recommendation also focusses on training, awareness raising, support and monitoring. Measures to follow-up on the implementation of the Recommendation started immediately after its adoption and the Commission is working with all Member States to this end.

Investigative journalists are an important source of information on suspected fraud. The European Parliament has repeatedly requested their protection.

The Commission has cooperated with Member States to make sure that they are ready to implement the European Media Freedom Act (EMFA). Further to a preparatory meeting in December 2024 to discuss the provisions of the Regulation where Member States have a role to play, a questionnaire was sent to all Member States in January 2025 and readiness checks run with each Member State between January and April 2025. An analysis of the state of Member States’ preparedness was planned by May 2025.

The Commission has continued its monitoring of the actions taken by Member States to put the Recommendation on the safety of journalists in practice. The Commission has also participated in the Council of Europe’s campaign on protection of journalists.

The financial support to media sectors of special relevance to democracy (including investigative journalism) under the cross-sectoral strand of Creative Europe since 2023 continues with €13.9 million awarded so far.

Nr

Action

Lead

Due date

33

Enhance the involvement of civil society in the Commission’s anti-fraud efforts, notably by exploring the possibility to work with civil society organisations to increase whistleblowing and reporting of suspicions of fraud.

OLAF, DGs as appropriate

2024

State-of-play May 2025

Civil society plays an important role in the fight against fraud and corruption in many Member States and at the EU level, emphasised notably by the European Parliament.

In November 2024, OLAF trained more than 30 attendants from several Ukrainian civil society organisations to raise their fraud awareness and facilitate reporting of suspected fraud and irregularities.

In January 2025, OLAF and JUST explored ways to strengthen the involvement of civil society in the Commission’s anti-fraud efforts. Notably, OLAF checked whether national strategies on anti-fraud contain actions on whistleblowing and shared the information with DG JUST. OLAF includes whistleblowing in internal Commission training sessions and will further reinforce this element in training to Member States authorities.

The action is completed. OLAF is considering additional streams of work to continue involving civil society.

Nr

Action

Lead

Due date

34

Maintain a high level of coordination and cooperation on anti-fraud matters between Commission departments and Executive agencies through the Fraud Prevention and Detection Network (FPDNet) and its subgroups.

OLAF

2023 and continuous

State-of-play May 2025

OLAF Correspondents and other anti-fraud professionals in Commission departments and Executive agencies meet in the Fraud Prevention and Detection Network (FPDNetwork) and its subgroups. These meetings are organised and chaired by OLAF, and a forum to share the latest developments on anti-fraud policy, develop such policy and exchange experiences. In addition to the FPDNet subgroups, a number of ad hoc working groups have been created since the adoption of the revised CAFS Action Plan in July 2023 with the purpose of implementing different actions. The FPDNet is involved in the coordination and monitoring of the implementation of the CAFS Action Plan.

The FPDNet has a dedicated webpage on the Commission’s anti-fraud website which was revised as part of the Commission’s corporate move to SharePoint online. The website was launched in June 2024 and is regularly updated.

Nr

Action

Lead

Due date

35

Regularly include aspects of the Commission’s anti-fraud policy on the agenda of the Corporate Management Board meetings, for example:

a.the follow-up to OLAF's recommendations and – where applicable – information received from the EPPO;

b.overall progress in the implementation of the Commission's anti-fraud strategy and its accompanying action plan.

SG, OLAF: lead

All DGs: support

2023 and continuous

State-of-play May 2025

The Commission’s Corporate Management Board (CMB) provides coordination, oversight, advice and strategic orientations on corporate management issues, including anti-fraud policy matters. OLAF’s Director-General is regularly invited to present aspects of the Commission’s anti-fraud policy.

a.In 2024, OLAF was invited to the October CMB meeting to discuss the follow-up of OLAF recommendations and information received from the EPPO.

b.In this meeting, the CMB also discussed the state of play of the implementation of the CAFS action plan.  

In April 2025, the CMB was updated on two ECA audits on the EU’s anti-fraud architecture and the Commission’s anti-fraud strategy. 

Nr

Action

Lead

Due date

36

Improve continuously service-level anti-fraud strategies and their implementation, notably by:

a.updating such strategies and fraud risk assessments in principle every three years 12 ;

b.seeking OLAF's advice at an early stage in the development of such a strategy or update, submitting the drafts for OLAF's mandatory review and to peer review, and justifying in writing when OLAF’s recommendations on the anti-fraud strategy have not been followed. Any issues that cannot be resolved between OLAF and the Commission department concerned may be discussed in suitable fora or be brought to the attention of the Corporate Management Board.

All DGs and executive agencies: lead

OLAF: support

2023 and continuous

State-of-play May 2025

Service-level anti-fraud strategies help tailor anti-fraud measures to different policy areas and operations, thus increasing their effectiveness and efficiency. OLAF provides support for the elaboration of service-level anti-fraud strategies through methodological guidance elaborated in consultation with FPDNet, through training and tailor-made advice.

a.In 2024, OLAF reviewed and approved the service-level anti-fraud strategies together with their fraud risk assessments of eight Commission departments and Executive agencies, in line with OLAF anti-fraud strategy methodology of June 2021. 

b.In the FPDNet meeting of February 2024, OLAF reminded Commission departments and Executive agencies of the need to update their anti-fraud strategies, in principle, every three years, and to involve OLAF at an early stage of the revision. OLAF reviewed all anti-fraud strategies submitted in 2024 and early 2025. Since early 2024, all service-level anti-fraud strategies are subject to peer review. A great majority of departments and agencies follow the guidance of OLAF and no issues in this regard were brought to the attention of the CMB in 2024.

Nr

Action

Lead

Due date

37

Make use of OLAF’s investigative experience in the Commission’s work with individual Member States, notably in the European Semester and in the Rule of Law processes where appropriate.

OLAF

2024 and continuous

State-of-play May 2025

OLAF’s knowledge and experience from working in Member States with national authorities can be of relevance to the European Semester and the Rule of Law processes.

As regards the European Semester process, OLAF participated in a number of meetings in 2024 and 2025, and got access to CeSaR (the Commission’s online database and monitoring tool for the Country Specific Recommendations), to better assess where OLAF’s contribution would be appropriate.

As regards Rule of Law, OLAF contributed to the 2025 Rule of Law package and regularly participates in the discussions on individual Member States. To ensure that all potential Rule of Law issues are properly recorded and followed up upon, OLAF has continued the screening of its investigations and of the investigative outcome for such issues, notably through a dedicated module in its case management system. The initial trainings of OLAF staff concerning the RoL module in OLAF’s Case Management System were completed in 2024. Additionally, OLAF performed in 2024 an analysis of its administrative recommendations from a Rule of Law conditionality point of view.

Nr

Action

Lead

Due date

38

In implementing the EU’s anti-corruption policy 13 , exploit the synergies between anti-fraud and anti-corruption policies, notably by identifying common areas of high risk and measures to address such risks.

HOME, OLAF

2023 and continuous

State-of-play May 2025

With its anti-corruption package of May 2023, the Commission stepped up its efforts to integrate the prevention of corruption into the design of EU policies and programs, and to actively support Member States' work to put in place strong anti-corruption policies and legislation. The EU Network Against Corruption has been created as an umbrella forum for relevant stakeholders to exchange best practices and develop anti-corruption policy.

As part of these efforts, DG HOME committed in 2023 a study on high-risk areas of corruption in the EU. The study was published on 4 November 2024 and provides a comprehensive mapping of areas most at risk of corruption and in-depth analysis of the nature of and reasons behind these risks. The study notes that these areas also have a high risk of fraud. The findings of the corruption risk assessment were presented and discussed at the 2nd plenary meeting of the EU Network Against Corruption on 3 October 2024, highlighting areas such as public procurement, construction and infrastructure, and healthcare as being particularly vulnerable to corruption.

OLAF continues to participate in Commission internal meetings and external events on the fight against corruption, and contributes to the Commission’s anti-corruption efforts, such as the UNCAC (United Nations Convention against Corruption) implementation review of the EU.

On 23 January 2025, DG HOME organised a webinar focusing on recent anti-corruption projects stemming from Horizon Europe and Internal Security Fund. The main purpose was to present the achievements of six ongoing initiatives (RESPOND, BRIGEGAP, FALCON, KLEPTOTRACE, POSEIDON and iMonitor), share relevant policy developments and observations concerning gaps in data, missing phenomena analysis and similar aspects where security research could potentially help. OLAF also participated.

Between September 2024 and March 2025, based on data from the Irregularity Management System (IMS) and with the support of a number of Member States, OLAF carried out an analysis of the interaction between corruption and fraud against the EU’s financial interests. A summary of the findings is published in the Statistical Evaluation accompanying the 2024 PIF Report.

Nr

Action

Lead

Due date

39

Exploit the synergies between policies against organised crime, fraud and corruption, notably by identifying sectors at risk of fraud and corruption by organised crime, and of its infiltration in the legal economy, and measures to address such risks.

HOME, OLAF

2023 and continuous

State-of-play May 2025

Fraud, corruption and organised crime are often interlinked. These interlinkages need to be better understood to allow for the development of holistic policies.

In the framework of the EU Organised Crime Strategy, the platform of Organised Crime Experts Group will be used to identify, raise awareness and exchange best practices about sectors at high risks at the intersection of fraud, corruption and organised crime. To support this effort, in  the third quarter of 2024, as part of the European Ports Alliance public-private partnership, DG HOME organised a dedicated workshop, addressing the issue of combating the infiltration of organised crime in European ports, with a particular focus on corruption risks. In December 2024, an additional meeting took place with competent authorities from Member States focusing on the administrative approach to tackle criminal infiltration in the society, with an outlook to potential synergies with fraud.

OLAF has contributed to the development of the 2025 Serious and Organised Crime Threat Assessment (SOCTA) by sharing its strategic analysis in July 2024. This contribution underscores OLAF's commitment to enhancing the quality and scope of the assessment, thereby enriching the understanding of threats related to organised crime, fraud, and corruption.

OLAF is involved in EMPACT Operational Action OA 2.4, which focuses on fraud involving EU funds. OLAF contributed to a survey aimed at national judicial police responsible for investigating criminal fraud against the EU budget. By proposing three targeted questions, OLAF seeks to identify potential links between fraud on EU funds and organised crime. The collection and analysis of survey results will provide valuable insights into how organised crime may exploit EU funding mechanisms and help refine future strategic responses.

Nr

Action

Lead

Due date

40

Map, enhance and promote existing ethics and anti-fraud training and awareness raising for staff at all levels across the Commission, and reinforce the existing financial learning activities with additional messages on ethics and anti-fraud matters.

OLAF, HR, SG, BUDG: lead

All DG’s: support

2024

State-of-play May 2025

There is a continued need to strengthen the knowledge and maintain a high level of awareness among Commission staff regarding ethics and anti-fraud matters. The Commission is gradually strengthening training and awareness raising on ethics and anti-fraud in a holistic manner, as the two topics go hand in hand.

The existing corporate training – Fraud Staying Vigilant has been revamped and is being delivered across Commission services. OLAF has carried out a survey among Commission services and executive agencies to assess if anti-fraud training should become mandatory or at least highly recommended for certain categories of Commission staff and will follow up on the results.

Another strand of action is to prepare a common customisable anti-fraud training material available to services, which can then further tailor it to their specificities. A draft has been prepared and distributed to the Commission services for comments. Following the reception of comments the work will continue. This initiative is complemented by a “train-the-trainer” component, where OLAF colleagues train colleagues across Commission to deliver customisable training in their respective services.

In addition, OLAF has also started working on the e-learning module on fraud prevention in EULearn.

The ethics e-learning module is going to be revamped to integrate modules of ethics and anti-fraud. Results of a compliance feature pilot show an increase in uptake in the participating DGs. DG HR is working on an interinstitutional awareness raising campaign on ethics.

DG BUDG produced a training video on conflicts of interests in the management of EU budget, and how to spot, prevent and address them to safeguard the integrity of the EU budget and addressing professional conflicting interest in the field of procurement. Strengthened messages on the protection of the EU financial interests and avoidance of conflict of interest were added to the regular BUDG training sessions.

The action has been completed. Further streams of work (e.g. development of an anti-fraud e-learning module) deriving from the mapping exercise will continue throughout 2025.

Nr

Action

Lead

Due date

41

Promote awareness on Members’ ethical obligations among Members of the Commission and Cabinets through the Network of Ethics and Transparency Contact Points and through targeted information for Members at the beginning and end of their mandates.

SG: lead

OLAF, HR: support

2023 and continuous

State-of-play May 2025

The EU Treaties and the Code of Conduct for the Members of the European Commission lay down the rules on how Members should perform their duties. They shall observe the highest standards of ethical conduct.

In 2020, the Commission established a Network of Ethics and Transparency Contact Points composed of correspondents in the Cabinets of the Members of the Commission. The aim is to raise awareness on the Members’ obligations in the areas of ethics and transparency. The Network serves as a regular platform for the exchange of information, and meetings are organised on routine basis. In 2023 two such meetings were held, followed by three meetings in 2024. Among the 2024 meetings, one focussed specifically on ethical standards for the participation of the Members of the Commission in the European Parliament election campaign, as well as in national election campaigns. Another meeting addressed post-mandate activities for outgoing Members.

In the first half of 2025, two additional meetings took place, including one dedicated to updates of the Members’ declarations of interests. Furthermore, information sessions were held for both outgoing and incoming Members of the Commission, aiming to raise awareness as regards the ethical obligations applicable to them under the Treaty and the Code of Conduct. In addition, since December 2024, dedicated training on ethics and the application of the Code of Conduct was provided to 12 out of 27 Cabinets (44%) further supporting awareness and compliance efforts.

Nr

Action

Lead

Due date

42

Provide corporate training and guidance on grants and procurement, including on simplified forms of reimbursement for grants, while ensuring that the training and guidance contain relevant anti-fraud elements.

BUDG

2024 and continuous

State-of-play May 2025

Direct expenditure in the form of grants and procurement represent a major part of the Union's expenditure. Simplified forms of funding have significant potential to reduce administrative burden and the overall error rate. Simplified cost options (SCO), such as lump sums or flat rates, are therefore increasingly used to provide funding in EU grants.

In 2024, the grants dedicated pages on BUDGpedia were updated and workshops of grants were organsied, with specific exercises on SCOs. Workshops on procurement were organised, highlighting anti-fraud matters, conflict of interest and professional conflicting interest. Strengthened messages on the protection of the EU financial interests and conflict of interest were added in the regular BUDG training courses.

A new training video was produced, breaking down what conflicts of interests are when managing the EU budget, how to spot, prevent and address them to safeguard the integrity of the EU budget and addressing professional conflicting interest in the field of procurement.

A training campaign on the changes brought by the Financial Regulation recast was designed, including stronger protection of the EU budget against fraud, corruption and conflict of interest. Specific sessions were organised on the procurement experts platform and EDES experts platform.

Nr

Action

Lead

Due date

43

Based on identified needs and priorities of Commission departments and Member States, perform and disseminate strategic analysis and guidance, notably to:

a.feed into training and awareness raising, fraud risk assessments, and other prevention and detection activities of Commission departments, agencies, Member States and other anti-fraud partners;

b.translate audit results and experience from investigations into concrete advice on fraud risks, fraud patterns and red flags, for example, in the form of case compendia.

OLAF: lead

All DGs: support

2023 and continuous

State-of-play May 2025

To increase the anti-fraud knowledge of the Commission, partner organisations and Member States, notably on fraud risks, trends and modus operandi, OLAF has established a strategic analysis function within its Anti-Fraud Knowledge Centre.

In 2024, OLAF disseminated two strategic analysis reports on agriculture and cohesion policy to relevant Commission services and Member States, to feed into their fraud risk assessments. Updated versions of these reports will be disseminated in 2025. OLAF also carried out an analysis of the impact of fraud in the different areas of the cohesion policy and an analysis of the interaction between corruption and fraud against the EU’s financial interests.

Nr

Action

Lead

Due date

44

Consider anti-fraud aspects when reviewing the recruitment process in the context of the implementation of the Commission's new HR strategy, notably in the behavioural assessments and in the training of selection panels, and reinforce the checks of originals of qualifications and certificates of candidates.

HR: lead

OLAF: support

2023

State-of-play May 2025

With a workforce of over 32 000 staff in close to 200 places of employment, the Commission recruits every year approximately 500 officials and 1 800 temporary or contract agents. It is important to consider anti-fraud aspects in the recruitment process, to identify any unethical tendencies and potential wrongdoers and avoid recruitments potentially damaging for the institution.

In 2024 and at the beginning of 2025, DG HR designed a New Recruitment Model (NRM) for appointing officials drawing from the laureates on reserve lists established under EPSO’ new competition model, after 1 January 2025 (“new reserve lists”). Designed to attract top talent, but also to strengthen anti-fraud efforts, the NRM introduces several key measures. Notably, HR Representatives will now be mandatory participants in all recruitment panels for EPSO competition laureates from the new reserve lists. Their main responsibility will be to evaluate candidates' general skills, but also to spot any potential irregularities and fraud. Selected based on their recruitment experience, these representatives unbdergo mandatory training of three half-a-day modules on interviewing technicques to acquire the skills for mapping general skills and abilities, including focusing on observing a candidate’s consistency and questioning to verify credibility of provided replies.

Additionally, DG HR is facilitating regular exchanges with the HR Representatives to promote the sharing of experiences and best practices, including with an emphasis on fraud detection strategies. The NRM is currently being rolled out by DG HR with the first EPSO laureates’ list published in March 2025.