The Perfect Timing
-
Upload
alexandru-vasile -
Category
Documents
-
view
218 -
download
2
description
Transcript of The Perfect Timing
2014 IAS Conference
"The perfect timing of the audit"
Case study: IAS audit of the AAR Process in the Commission
Cristiana Giacobbo, Head of Audit Unit, IAS, European Commission
Pascal Leardini, Secretariat General, European Commission
1
The Annual Activity Report
The AAR is the cornerstone of the EC's governance architecture since 2001
Result of a corporate process involving all the Directors-General/Directors of the Commission
Accountability, assurance and reporting tool for the Directors-General on the performance of their duties
Includes a Declaration of Assurance on use of resources, sound financial management, control system and legality and regularity.
Main basis for preparing the Synthesis report (tool for the Commission to take full political responsibility for the implementation of the budget)
Addressed to the College but used by Discharge Authority and ECA2
Why audit the AAR process in the Commission? – The auditor’s perspective
3
1. Interest from external users :Discharge Authority (discharge report) and ECA (DAS audit) are looking more and more to the AARs, with particular focus on:o Legality and regularity of financial transaction
o Sound management of activities and achievement of objectives
=> Reputational risk in case of non-reliable assurance-building process
Why audit the AAR process in the Commission? - The auditor’s perspective
4
2. Multiple actors:Corporate services:
o Guidance and supporto Quality assuranceo Consolidation at corporate level
DGs/Serviceso Preparation of AAR following the corporate guidance o Responsibility for the quality of information
=> Risk of inconsistent quality of the AARs, difficulties in comparing them
Why audit the AAR process in the Commission? – The auditor’s perspective
5
3. Continuous evolving processFrom reporting to accountability tool
Focus on legality and regularity led to very detailed chapter on control strategies’ results
Increasing information on policy achievement (used for the report to the EP) and performance
=> Risk of overly long and complex AARs, too much focused on legality and regularity,
hence not achieving their objectives
Why audit the AAR Process?The auditee's perspective
Multi-dimensional process:•Several actors•Local versus corporate dimension•Internal versus external dimension•Financial and reputational risks•Recurrent/repetitive but progressive/evolutive•Evolutionary process since 2001: usefulness of regular and timely auditing 6
Audit Sequence of the AAR Process until this audit
• Latest audit in 2007
• Follow-up audit in 2009 (no audit opinion)
• 2012 audit (audit opinion)
• Audit of corporate processes: regularly but not too often!
7
Objectives of the audit
Assess the support provided at Corporate level and the quality assurance function
Assess the quality of the AAR building process in the DGs
Assess whether the information provided in the AARs is sufficient to support the assurance of the AOD
8
Challenges
Very wide scope:
• Central Services (SG and DG BUDG)• 9 Operational DGs• Survey in all the other Operational DGs/Services
Time constraint related to the AAR annual cycle:• Preparation of revised corporate instructions:
Sept-Nov N-1• Draft AAR: end Feb N• Peer-review: Feb-Mar year N• Final AAR: end Mar N 9
Results of the audit AAR process well established and achieving its objectives as accountability and assurance tool from management to the Institution.
Main areas of improvements at corporate level:•Improve the instructions on reporting on economy, efficiency and effectiveness and cost/effectiveness of controls;
•Reinforce the quality control process to focus on substantive elements of the AAR
•Streamline the structure of the AAR to increase usefulness for the different readers (College, ECA, Discharge Authority).
10
Achievements: the Auditor’s perspective 1/3
11
The audit intervened at the right moment:
1.The AAR process was ready to move to a different level of
maturity (in parallel with the improvement of the MP)
2.The focus of the stakeholders (internal and external) was
moving from pure legality and regularity to sound
management
=> The audit accompanied this evolution with specific
findings and recommendations both at corporate and
DG level.
Achievements: the Auditor’s perspective 2/3
12
The results of the audit were shared in a timely way:
1.The preliminary conclusions were shared with the central
services on time for the revision of the corporate instructions;
2.The final conclusions were delivered before the quality
review process took place.
=> In both cases the Central Services implemented the
recommendations immediately.
Achievements: the Auditor’s perspective 3/3
13
In addition the audit:
•Allowed an open discussion about the Governance model of
the EC and the measures to reinforce it;
•Confirmed the importance of challanging the individual
DGs/Services centrally in their conclusions to ensure the
robustness of their Declaration;
•Enabled a closer partnership among the different actors,
including the Internal Audit Service (audit of the residual
error rate, active participation to the peer-review).
Key success factors from the Auditee's point of view
• Auditors and auditees agreed on main parameters and identification of risks
• The audit identified and covered the different actors and responsibilities in the process
• "Wide" audit approach:o Audit itself based on a selection of both corporate and
users serviceso Complemented by survey/questionnaire to ensure
100% coverage/validationo Recommendations come at the right moment of the
cycle and can be easily integrated14