Emergencies are no longer exceptions. On 11 March 2020, the World Health Organization declared Covid-19 a global pandemic, prompting the European Commission to issue Recommendation (EU) 2020/403, authorising member states to relax procurement rules. Since then, a range of other crises have continued to shape emergency-driven governance practices across sectors and regions. Public procurement plays a central role in crisis response, as it enables the rapid purchase of essential goods and services. But the urgency and scale of these operations also make it especially vulnerable to corruption.

Public procurement is different during emergencies

Public procurement during emergencies differs substantially from regular practices due to the urgent need for speed, flexibility, and adaptability. While standard procurement adheres to strict regulatory frameworks, emergency procurement often operates under relaxed rules. This allows governments to bypass standard bidding procedures to acquire critical goods and services more easily.

In crisis situations, public spending typically increases to meet immediate needs, often at the expense of oversight. Unlike regular procurement, where buyers maintain leverage, emergencies shift negotiating power to suppliers controlling scarce, urgently needed resources. This dynamic fosters a supplier-driven market where non-competitive awards become more common. Procurement processes are fast-tracked, often through direct negotiations or single-offer bids, ensuring rapid delivery but reducing transparency.

When authorities rely heavily on direct awards and accelerated procedures, conventional corruption indicators may become misleading. Red flags – such as a high proportion of exceptional procedures, short advertisement periods, or single-offer contracts – typically associated with malpractice, may simply reflect necessary adaptations to emergency conditions. Consequently, the risk of false positives in corruption detection increases significantly. It is therefore essential to refine measurement approaches to distinguish legitimate crisis responses from actual corruption risks.

The CO.R.E. project: Addressing the challenges in emergency procurement processes

The CO.R.E. project (COrruption Risk indicators in Emergency) was launched in December 2021, in the midst of the Covid-19 crisis, to address these unique challenges. Its dual objectives are to adapt corruption risk assessment systems to emergency contexts and to map corruption risks while controlling for false positives.

The CO.R.E. conceptual framework leverages the temporal disruption caused by crises, distinguishing between pre- and post-crisis periods. Anomalies in company and contracting authority behaviours are identified through a set of red flags. These are computed before and after the outbreak, and followed by statistical testing aimed at verifying whether observed changes in procurement behaviours during emergencies are exceptional (ie statistically significant), rather than attributable to random fluctuations. The approach mitigates false positives by grounding assessments in observable market dynamics and historical behaviours.

The CO.R.E. methodology (see Gnaldi 2024; and Gnaldi and Del Sarto 2024) employs nine red flags, including traditional indicators adapted to emergency contexts and newly developed ones. Red flags are selected based on both their strong theoretical foundation and relevance for capturing sudden, potentially suspicious changes during crises. Examples include:

• Winning rate across the crisis: an adapted red flag identifying companies that significantly increase their share of awarded contracts during the emergency.
• Awarded economic value across the crisis: another adapted indicator, detecting firms securing unusually high-value contracts compared to their pre-crisis activity.
• One-shot opportunistic companies: a newly developed red flag capturing firms that win contracts during the crisis despite having no prior market presence.

What sets CO.R.E. apart is its hybrid architecture, which combines red flag adoption with machine learning techniques and statistical testing. Because data on confirmed cases of corruption are rarely available, supervised learning is not feasible. Therefore, CO.R.E. makes use of what is known as an ‘unsupervised’ machine learning approach – a model for uncovering patterns and insights in data without training the model against specific targets. Red flags act as behavioural anomaly detectors in this model, signalling significant departures from historical norms.

Pre-crisis data serve as a reference, enabling in-crisis and post-crisis behaviours to be evaluated through statistical testing. The rule for triggering red flags based on statistical testing is consistent: a statistically significant result indicates that the unit under analysis (contracting authorities and awarded companies) is at risk; otherwise, no flag is raised.

However, being flagged does not imply that all units carry the same level of risk. To refine the assessment, flagged cases are further differentiated based on two elements: the extent of deviation from historical behaviour; and the strength of the statistical evidence, measured by the p-value. In general, greater behavioural shifts and lower p-values suggest a higher degree of risk.

Critically, this assessment is not conducted in isolation. The framework controls for broader market trends, allowing it to distinguish individual anomalies from system-wide shifts caused by the crisis. This feature enhances the diagnostic precision of CO.R.E., ensuring that red flags reflect abnormal behaviour specific to individual units rather than general patterns resulting from emergency-induced volatility.

This methodology is designed to adapt to the high variability and evolving conditions characteristic of crisis situations. It is scalable across countries and flexible enough to accommodate changing market dynamics, offering a robust tool for proactive corruption risk detection. Moreover, its framework can be extended to any context where procurement systems undergo a simplification similar to that seen in crises: any time that urgency, reduced competition, and streamlined procedures take precedence.

To put this methodology into practice, CO.R.E. developed Coresoi, an open-source R-package offering functions, datasets, and documented code for analysing corruption risks during emergencies. Coresoi allows users to select datasets, choose computations (individual red flags or a composite indicator), define timeframes, and set territorial aggregation levels across various emergencies (eg the Covid-19 pandemic, earthquakes, wildfires, etc.), enhancing flexibility in research and monitoring efforts.

The CO.R.E. project also launched a dedicated dashboard, available on the CO.R.E. website, to visualise corruption risk levels across emergencies in the project’s four partner countries: Ireland, Italy, Portugal, and Spain. Specifically tailored for emergency contexts, the dashboard provides detailed views across multiple territorial levels (regions and provinces), offering intuitive maps and infographics. Users can explore individual red flags or composite indicators and focus on specific emergencies within each country.

Patterns emerging from the dataset

At the regional level, the CO.R.E. risk assessment for the Covid-19 emergency revealed that corruption risks tended to concentrate in specific areas: Castile and León, Cantabria, the Basque Country, and Catalonia (Spain); Veneto (Italy); the Eastern and Midland region (Ireland); and Alentejo (Portugal).

This distribution suggests two dynamics at play. On the one hand, regions with large, complex healthcare systems and high regional autonomy (eg Catalonia and Veneto) exhibited increased vulnerability to corruption risks. On the other hand, regions such as Castile and León and Alentejo, already marked by comparatively weaker administrative capacity, transparency, and oversight mechanisms, experienced a further deterioration of governance conditions under the pressures of the emergency.

The experience of emergency procurement underscores the need to rethink how integrity and efficiency are balanced during crises. Insights from CO.R.E. highlight the importance of selecting red flags carefully and looking at crises as natural ‘breaks’ that can provide a clear picture of anomalies. Observations from a single point in time lack context, offering no basis for evaluation and limiting their diagnostic value (Gnaldi and Del Sarto 2024).

Tailored risk detection systems are needed to address the specific dynamics of crises. Policy and preparedness strategies should therefore develop crisis-responsive risk assessment frameworks. They should also adopt adaptive systems capable of distinguishing legitimate crisis responses from actual corruption risks, thereby reducing the likelihood of false positives.

CO.R.E.’s lessons for policy and preparedness strategies

This shift requires moving away from static models relying on fixed red flag indicators toward dynamic, context-sensitive approaches. New models should anchor corruption risk assessments in real-time market trends, focus on the most affected economic sectors, and use historical data supported by statistical and machine learning techniques.

Investing in data infrastructure and analytical capabilities is paramount. The effectiveness of systems like CO.R.E. relies on access to reliable procurement data – such as the Global Public Procurement Dataset– and the capacity to analyse behavioural patterns over time. Achieving this requires greater interoperability across agencies and the ongoing development of specialised tools and skills within public institutions. While not a panacea, strengthening these capacities represents a significant step toward enabling early risk detection and supporting accountability in emergency procurement.