Enhancing Public Procurement Through GRC Management: Navigating the Evolving EU Regulatory Landscape
DOI:
https://doi.org/10.59490/dgo.2025.978Keywords:
Regulation, GRC, InteroperabilityAbstract
The increasing complexity of the extensive regulatory frameworks in the European Union (EU) creates significant challenges for public procurement processes. Besides the existing Public Procurement Directives, new regulations, such as the Corporate Sustainability Reporting Directive (CSRD), the Corporate Supply Chain Due Diligence Directive (CSDDD), and the EU Taxonomy Regulation introduce intricate compliance requirements that strain existing procurement standards and systems. This paper explores the pivotal role of Governance, Risk, and Compliance (GRC) frameworks as enablers of legal interoperability and process optimization in this evolving landscape. The research first develops an overview matrix categorizing EU regulations from 2021 to 2027 based on their relevance and impact on public procurement. Building on this foundation, a second matrix maps tailored solution components to core challenges posed by high impact regulations, identifying critical areas requiring intervention. Synthesizing these findings, the paper proposes enhancements to current standards for electronic public procurement. These include extending the European Single Procurement Document (ESPD), introducing standalone reporting formats, and leveraging GRC software to manage compliance complexities. The study highlights the importance of integrating GRC frameworks with scalable, AI-driven solutions to foster legal interoperability and operational resilience. It therewith offers actionable insights for policymakers, for practitioners in the public procurement processes, and for researchers.
Downloads
References
Abraham, R., Schneider, J., & Vom Brocke, J. (2019). Data governance: A conceptual framework, structured review, and research agenda. International Journal of Information Management, 49, 424–438. https://doi.org/10.1016/j.ijinfomgt.2019.07.008
Ambec, S. (2022, September). The european union’s carbon border adjustment mechanism: Challenges and perspectives [Monograph]. TSE Working Paper. [link]
Baumüller, J., & Sopp, K. (2021). Double materiality and the shift from non-financial to European sustainability reporting: Review, outlook and implications. Journal of Applied Accounting Research, 23(1), 8–28. https://doi.org/10.1108/JAAR-04-2021-0114
Di Mauro, C., Ancarani, A., & Hartley, T. (2020). Unravelling SMEs’ participation and success in public procurement. Journal of Public Procurement, 20(4), 377–401. https://doi.org/10.1108/JOPP-03-2018-0013
Di Natale, L., & Cordella, A. (2023). ESGTech: Guiding ESG Regulation and Digital Governance. [link]
Directive (EU) 2022/2464 of the European Parliament and of the Council of 14 December 2022 Amending Regulation (EU) No 537/2014, EP, CONSIL, 322 OJ L (2022). [link]
Directive—2019/1937—EN - eu whistleblowing directive—EUR-Lex. (2019). [link]
Directive—EU - 2024/1760—EN - EUR-Lex. (2024). [link]
European Commission. (2017). New European interoperability framework: Promoting seamless services and data flows for European public administrations. DG Informatics. [link]
Flynn, A. (2018). Investigating the implementation of SME-friendly policy in public procurement. Policy Studies, 39(4), 422–443. https://doi.org/10.1080/01442872.2018.1478406
Gal, M. S., & Rubinfeld, D. L. (2018). Data Standardization. New York University Law Research, 94.
Gascó, M. (2012). Approaching E-Government Interoperability. Social Science Computer Review, 30(1), 3–6. https://doi.org/10.1177/0894439310392181
Gervais, E., Kleijn, R., Nold, S., & van der Voet, E. (2023). Risk-based due diligence in supply chains: The case of silver for photovoltaics. Resources, Conservation and Recycling, 198, 107148. https://doi.org/10.1016/j.resconrec.2023.107148
Gualdi, F., & Cordella, A. (2022). Techno-legal entanglements as new actors in the policy-making process. [link]
Guijarro, L. (2007). Interoperability frameworks and enterprise architectures in e-government initiatives in Europe and the United States. Government Information Quarterly, 24(1), 89–101. https://doi.org/10.1016/j.giq.2006.05.003
Guijarro, L. (2009). Semantic interoperability in eGovernment initiatives. Computer Standards & Interfaces, 31(1), 174–180. https://doi.org/10.1016/j.csi.2007.11.011
Gurtu, A., & Johny, J. (2021). Supply Chain Risk Management: Literature Review. Risks, 9(1), Article 1. https://doi.org/10.3390/risks9010016
Hardy, C. A., & Williams, S. P. (2008). E-government policy and practice: A theoretical and empirical exploration of public e-procurement. Government Information Quarterly, 25(2), 155–180. https://doi.org/10.1016/j.giq.2007.02.003
Haugh, T., & Bedi, S. (2023). Valuing Corporate Compliance (SSRN Scholarly Paper 4380918). Social Science Research Network. https://doi.org/10.2139/ssrn.4380918
Hellberg, A.-S., & Grönlund, Å. (2013). Conflicts in implementing interoperability: Re-operationalizing basic values. Government Information Quarterly, 30(2), 154–162. https://doi.org/10.1016/j.giq.2012.10.006
Hevner, A., & Chatterjee, S. (2010). Design Science Research in Information Systems. In A. Hevner & S. Chatterjee, Design Research in Information Systems (Vol. 22, pp. 9–22). Springer US. https://doi.org/10.1007/978-1-4419-5653-8_2
Hevner, A. R., March, S. T., Park, J., & Ram, S. (2004). Design science in information systems research. MIS Quarterly, 28(1), 75–105.
Hummel, K., & Bauernhofer, K. (2024). Consequences of sustainability reporting mandates: Evidence from the EU taxonomy regulation. Accounting Forum, 48(3), 374–400. https://doi.org/10.1080/01559982.2024.2301854
Kalogirou, V., Stasis, A., & Charalabidis, Y. (2020). Adapting national interoperability frameworks beyond EIF 3.0: The case of Greece. Proceedings of the 13th International Conference on Theory and Practice of Electronic Governance, 234–243. https://doi.org/10.1145/3428502.3428536
Kalusivalingam, A. K., Sharma, A., Patel, N., & Singh, V. (2022). Enhancing Corporate Governance and Compliance through AI: Implementing Natural Language Processing and Machine Learning Algorithms. International Journal of AI and ML, 3(9), Article 9. [link]
Knill, C., & Liefferink, D. (2021). The establishment of EU environmental policy. In Environmental Policy in the EU (4th ed.). Routledge.
Kouroubali, A., & Katehakis, D. G. (2019). The new European interoperability framework as a facilitator of digital transformation for citizen empowerment. Journal of Biomedical Informatics, 94, 103166. https://doi.org/10.1016/j.jbi.2019.103166
Latest update on Anti-money laundering and countering the financing of terrorism legislative package—European Commission. (2024). [link]
Lim, B., Hong, K., Yoon, J., Chang, J.-I., & Cheong, I. (2021). Pitfalls of the EU’s Carbon Border Adjustment Mechanism. Energies, 14(21), Article 21. https://doi.org/10.3390/en14217303
LkSG - nichtamtliches Inhaltsverzeichnis. (2021). [link]
Mohungoo, I., Brown, I., & Kabanda, S. (2020). A Systematic Review of Implementation Challenges in Public E-Procurement. In M. Hattingh, M. Matthee, H. Smuts, I. Pappas, Y. K. Dwivedi, & M. Mäntymäki (Eds.), Responsible Design, Implementation and Use of Information and Communication Technology (pp. 46–58). Springer International Publishing. https://doi.org/10.1007/978-3-030-45002-1_5
Okoye, C. C., Ofodile, O. C., Tula, S. T., Nifise, A. O. A., Falaiye, T., Ejairu, E., & Addy, W. A. (2024). Risk management in international supply chains: A review with USA and African Cases. Magna Scientia Advanced Research and Reviews, 10(1), 256–264. https://doi.org/10.30574/msarr.2024.10.1.0024
Qiao, Y., & Cummings, G. (2003). The use of qualifications-based selection in public procurement: A survey research. Journal of Public Procurement, 3(2), 215–249. https://doi.org/10.1108/JOPP-03-02-2003-B004
Racz, N., Weippl, E., & Seufert, A. (2010). A Frame of Reference for Research of Integrated Governance, Risk and Compliance (GRC). In B. De Decker & I. Schaumüller-Bichl (Eds.), Communications and Multimedia Security (Vol. 6109, pp. 106–117). Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-642-13241-4_11
Racz, N., Weippl, E., Seufert, A., & Vienna, T. (2010). A process model for integrated IT governance, risk, and compliance management. Proceedings of the Ninth Baltic Conference on Databases and Information Systems (DB&IS 2010), Business, Computer Science, 155–170.
Regulation—2020/852—EN - taxonomy regulation—EUR-Lex. (2020). [link]
Regulation—2022/2554—EN - DORA - EUR-Lex. (2022). [link]
Regulation—2022/2560—EN - EUR-Lex. (2022). [link]
Regulation—2023/956—EN - cbam regulation—EUR-Lex. (2023). [link]
Regulation—2024/2847—EN - EUR-Lex. (2024). [link]
Ruijer, E. (2021). Designing and implementing data collaboratives: A governance perspective. Government Information Quarterly, 38(4), 101612. https://doi.org/10.1016/j.giq.2021.101612
Schilling-Vacaflor, A., & Gustafsson, M.-T. (2024). Towards more sustainable global supply chains? Company compliance with new human rights and environmental due diligence laws. Environmental Politics, 33(3), 422–443. https://doi.org/10.1080/09644016.2023.2221983
Schmitz, A., Siapera, M., Prentza, A., & Wimmer, M. (2023). Harmonization in eProcurement: Design of a Holistic Solution Model for Pre-award Procedures (pp. 18–33). https://doi.org/10.1007/978-3-031-41138-0_2
Schmitz, A., & Wimmer, M. A. (2023). Framework for interoperable service architecture development. Government Information Quarterly, 40(4), 101869. https://doi.org/10.1016/j.giq.2023.101869
Siapera, M., Schmitz, A., Andriana, P., & Maria, Wimmer. (2023). Closing the gap: Leveraging data for seamless integration between pre-award and post-award in public procurement.
Smit, L., Holly, G., McCorquodale, R., & Neely, S. (2021). Human rights due diligence in global supply chains: Evidence of corporate practices to inform a legal standard. The International Journal of Human Rights, 25(6), 945–973. https://doi.org/10.1080/13642987.2020.1799196
Sönnichsen, S. D., & Clement, J. (2020). Review of green and sustainable public procurement: Towards circular public procurement. Journal of Cleaner Production, 245, 118901. https://doi.org/10.1016/j.jclepro.2019.118901
Sonntagbauer, P., & Bodiroza, M. (2009). Pan European Public E-Procurement Online (PEPPOL): Challenges of Implementing European Wide Solutions. 853–862.
Telles, P. (2017). The European Single Procurement Document (SSRN Scholarly Paper 2969066). [link]
Vicente, P., & Mira Da Silva, M. (2011). A Conceptual Model for Integrated Governance, Risk and Compliance. In R. King (Ed.), Active Flow and Combustion Control 2018 (Vol. 141, pp. 199–213). Springer International Publishing. https://doi.org/10.1007/978-3-642-21640-4_16
Webster, J., & Watson, R. T. (2002). Analyzing the Past to Prepare for the Future: Writing a Literature Review. MIS Quarterly, 26(2), xiii–xxiii.
Weihrauch, D., Carodenuto, S., & Leipold, S. (2023). From voluntary to mandatory corporate accountability: The politics of the German Supply Chain Due Diligence Act. Regulation & Governance, 17(4), 909–926. https://doi.org/10.1111/rego.12501
Wimmer, M. A., Boneva, R., & di Giacomo, D. (2018). Interoperability governance: A definition and insights from case studies in Europe. Proceedings of the 19th Annual International Conference on Digital Government Research: Governance in the Data Age, 1–11. https://doi.org/10.1145/3209281.3209306
Zamfir, I. (2020). Towards a mandatory EU system of due diligence for supply chains. European Parliament. [link]
Downloads
Published
How to Cite
Conference Proceedings Volume
Section
License
Copyright (c) 2025 Andreas Schmitz, Maria A. Wimmer
This work is licensed under a Creative Commons Attribution 4.0 International License.
