Legislative Observatory
European Parliament
Please fill in this field to find a procedure

2006 discharge: EC general budget, Section III, Commission

2007/2037(DEC)

DISCHARGE 2006 – COMMISSION : ANNUAL REPORT

ON THE INTERNAL AUDITS

PURPOSE: this report informs the Discharge Authority about the work carried out by the Commission's Internal Audit Service (IAS) in 2006. It is based on IAS audit work and consulting activities in 2006, as well as on the work of the DGs' Internal Audit Capabilities (IACs), via the IAS's twice-yearly reports. It does not cover the IAS audit work for the Community agencies

CONTENT: an action plan for the roadmap towards an integrated internal control framework was presented in January 2006 with a series of 16 specific proposals. This was the means by which the Commission sought to improve its accountability by having individual assurance declarations and reservations issued by its Directors General in order to explicitly assume its political responsibility for management.

In 2006, a quality review of 32 Commission internal audit capabilities (IACs) was undertaken by the IAS (see also the summary of the parallel document SEC (2007)0208). This paved the way for a coordinated strategic audit planning (in which most IACs participate) and for revised audit charters (on which work has started).

On the basis of this long consultation and audit exercise, a certain number of conclusions were reached which are outlined below in the form of operational recommendation: these are the result of the IAS and do not (necessarily) reflect the position of the Commission itself:

IAS Conclusion 1: continue improvement efforts: the IAS audit work found clear improvements in the internal control systems in many areas. Big steps have been taken by the Commission to improve the control environment (e.g. the Communication on business continuity, the organisation of an ethics day and the focus provided by the high-level group looking at EC law). However, there are also still major weaknesses and further efforts are needed, as illustrated by the number of critical IAS recommendations (twelve) and the number of audits with adverse IAS opinions (nine).

Areas for improvement include:

·        ex-post controls,

·        IT (buildings, data security, adequate staffing and planning processes for IT projects and continuity of services),

·        implementation of new accounting rules and contract management(oversight of use of framework contracts,

·        monitoring of subcontracting and multiple roles of a single service provider).

IAS Conclusion 2: follow-up, a recurring issue: the overview reports on follow-up show that the culture of follow-up proposed in the 2005 report has not yet been fully established. Further efforts must be made in the Commission in order to ensure proper, systematic and swift follow-up of audit recommendations. Implementation of internal and external audit recommendations is vital to achieving the Commission’s strategic objective of a positive DAS.

IAS Conclusion 3: Integrated Human Resources strategy: not only the reviews of the human resources management, but also the audits of the SPP/ABM process, of monitoring of implementation of EC law and of IT management showed that a long-term strategy for human resources management is an important factor in success and that inadequate allocation of human resources can have a substantial negative impact on the operations and reputation of the Commission. DG ADMIN, as the central service in charge of human resources management, together with the decentralised human resources units in DGs and services, should develop a strategy fully aligned on the strategic planning process.

IAS Conclusion 4: improve the efficiency and robustness of internal audit architecture: the Commission has a two-tier system of internal audit: the IACs and the IAS, which closely reflects the Commission’s governance architecture. The quality review concluded that the vast majority of IACs partly or generally complied with the standards. However, the efforts to increase professionalism should continue and the recently introduced coordinated planning process should be solidly embedded in order further to improve the overall efficiency of internal audit work in the Commission. Without prejudging any further Commission decision, some issues, such as further strengthening the independence of IACs by giving them the and are still pending; they will be revisited by the APC in 2007.

IAS Conclusion 5: annual governance statement: the Commission has laid a solid foundation for its governance. In order to achieve full maturity and to make its governance architecture and its latest developments known to stakeholders, the Commission should describe its governance policy and practice, preferably in the synthesis report summarising the DGs' annual activity reports, make it available on its website and provide for its regular updating. Such a description could include explanations of the Commission's risk management system, strategic planning, the code of ethics, the role of the Accountant, the internal control systems, internal audit and the APC. In this way, the Commission could increase credibility and trust on the part of its stakeholders and EU citizens.