Commission Action Plan towards an Integrated Internal Control Framework
The Commission sets out the measures it must take to achieve the objective of an integrated internal control framework as proposed in the corresponding roadmap. The European Court of Auditors issued a qualified statement of assurance in 2004. Although the statement was broadly positive, it reflected the complexity of the issues facing the Commission in implementing the budget of the European Union (EU) and the challenge it faces in providing the Court of Auditors with satisfactory audit evidence.
Communication from the Commission to the Council, the European Parliament and the European Court of Auditors of 17 January 2006 entitled "Commission Action Plan towards an Integrated Internal Control Framework" [COM(2006) 9 final - Not published in the Official Journal].
For each financial year, the European Court of Auditors (ECA) issues a Statement of Assurance (DAS) as regards implementation of the budget for which the Commission is responsible. In this connection, the Commission must provide the ECA with audit evidence for each financial year. Given the present Commission's objective of obtaining a positive DAS during its term of office, it is proposing to introduce an integrated internal control framework.
The communication reports on the progress made since the roadmap and on the gaps identified and lays down the main practical measures to be taken in 2006-07 with a view to introducing a coherent internal control framework. The concrete proposals for action have been grouped around four themes:
- simplification and common control principles;
- management declarations and audit assurance;
- single audit approach: sharing results and prioritising cost-benefit;
- sector-specific gaps.
Simplification and common control principles
The Commission is aiming to simplify as much as possible the regulatory framework proposed for the period 2007-13, including expenditure eligibility rules. Integrating common internal control principles will ensure that all stakeholders will be bound by a fundamental set of control principles. These common principles will also provide the ECA with a clearer basis for auditing management processes and procedures.
In order to ensure that supervisory and control systems are in place to limit the risk of any irregularity, it is necessary to demonstrate the assurance and to provide evidence that the control strategy is effective.
The Commission wishes to initiate an inter-institutional dialogue on the definition of reasonable assurance in terms of tolerable risk in underlying transactions.
Management declarations and audit assurance
In order to promote management declarations and audit assurance, the Commission intends to encourage declarations at operational level and the drawing up of synthesis reports at national level for each policy area.
Other measures proposed by the Commission in order to promote management declarations and audit assurance are aimed at:
- examining the utility of management declarations outside shared and indirect centralised management mode;
- promoting best practices for increasing the cost-benefit of audits at project level;
- facilitating additional assurance from supreme audit institutions (SAIs) regarding the management of Community funds.
Single audit approach; sharing results and prioritising cost-benefit
In order to avoid duplication of control work, sharing control information makes for greater effectiveness at each level in the chain. In the single audit approach, the sharing of audit and control data is key to improving the targeting of audit and control efforts.
A model for determining costs and for estimating and making an initial analysis of the costs of controls must be introduced for shared management and centralised indirect management.
The Commission stresses the importance of initiating pilot projects for evaluating the benefits to be gained from the different controls.
The proposed integrated framework must be capable of flexible application given the varying nature of individual EU policies. The Commission proposes measures for closing the gaps via management plans, with back-up in the form of annual activity reports from its participating departments.
The controls under shared management (in particular as regards the Structural Funds) at regional level must be analysed, and especially the existing statements. In this connection, promotion of the "contracts of confidence" initiative for the Structural Funds provides audit assurance on an annual basis.
Lastly, the Commission proposes establishing common guidelines per policy family in 2006 and 2007 in order to adopt consistent approaches, notably with regard to management of the risk of errors in the Structural Funds.
For the Action Plan, the Commission has based itself primarily on:
- ECA Opinion No 2/2004 on the "single audit" model (and a proposal for a Community internal control framework);
- the Commission communication of June 2004 on a roadmap to an integrated internal control framework;
- the assessment of gaps between the internal control framework within the Commission departments and the control principles set out in Opinion No 2/2004 of the Court of Auditors;
- four Commission working groups that helped in October 2005 to draft the questions to be addressed in the communication;
- the conclusions of the ECOFIN Council of 8 November 2005;
- the reactions of the European Parliament and the Court of Auditors.