🇵🇹 Daily Portugal news for expats & investors — FREE Subscribe

An Outside Firm Will Comb Through Eleven Years of Bank of Portugal IT Contracts After Police Searches

The Bank of Portugal has hired Eternamix Consulting to audit more than 1,000 IT contracts signed over the past 11 years, for €108,000 plus VAT and a three-month deadline. The review follows last year's Judicial Police searches into the central bank's technology contracting.

An Outside Firm Will Comb Through Eleven Years of Bank of Portugal IT Contracts After Police Searches

The Banco de Portugal (Bank of Portugal) has hired an outside firm to comb through more than a decade of its own technology spending, ordering an independent audit of every IT contract it signed over the past 11 years. The review lands a year after the central bank was caught up in a Polícia Judiciária (Judicial Police) investigation into how it awarded work in the informatics area — and it hands an external auditor the job of deciding whether anything in that paper trail was irregular.

According to a tender first reported by ECO and carried by Jornal de Negócios (Business Journal), the winning bidder was Eternamix Consulting, which will be paid €108,000 plus VAT to examine the contracts and report back within three months. The scope is unusually wide: more than 1,000 contracts for goods and services covering the supply of hardware, software and related IT services stretching back over eleven years.

Why the central bank is auditing itself

The trigger was last year's search operations, when the Judicial Police visited the bank as part of an inquiry into IT-sector contracting. Rather than wait for the criminal process to run its course, the Bank of Portugal has commissioned its own forensic look at how the money was spent — a defensive housekeeping exercise as much as a compliance one. The auditor's brief is to flag any irregularities in how the contracts were tendered, awarded and executed, and to hand over a report the bank can act on.

Public procurement in Portugal is governed by the Código dos Contratos Públicos (Public Contracts Code), which sets thresholds above which work must be openly tendered rather than handed to a chosen supplier. IT spending is a notoriously grey area for public bodies everywhere: contracts are technical, framed around a single vendor's ecosystem, and easy to renew or extend without a fresh competition. Eleven years of accumulated renewals is exactly where an auditor tends to find loose ends.

An institution used to scrutinising others

There is an irony in the exercise. The Bank of Portugal is the country's banking supervisor — the body that audits, inspects and fines the lenders it oversees, and which recently pushed for every shop to accept at least one form of card or digital payment. Turning that same investigative lens on its own back office is not a comfortable position for an institution whose authority rests on being beyond reproach.

What to watch next

  • The three-month clock: Eternamix has until roughly October to deliver its findings. Whatever it turns up will feed into, but sits apart from, the separate criminal inquiry.
  • Named suppliers: If the audit identifies specific contracts or vendors, expect the details to surface — the bank publishes procurement data, and reporters will cross-check.
  • A wider pattern: Central banks and regulators across Europe have faced similar questions over long-running IT deals; the outcome here may set a tone for how Portuguese public bodies police their own technology budgets.

For now, the Bank of Portugal has done the one thing a supervisor is supposed to do when questions are raised: open the books. Whether the answers vindicate its past decisions or complicate them will not be clear until the auditor reports in the autumn.