Legal provisions of COM(2006)9 - Commission Action Plan towards an Integrated Internal Control Framework

Please note

This page contains a limited version of this dossier in the EU Monitor.

Important legal notice

|
52006DC0009

Communication from the Commission to the Council, the European Parliament and the European Court of Auditors - Commission Action Plan towards an Integrated Internal Control Framework {SEC(2005) 49} /* COM/2006/0009 final */


[pic] | COMMISSION OF THE EUROPEAN COMMUNITIES |

Brussels, 17.1.2006

COM(2006) 9 final

COMMUNICATION FROM THE COMMISSION TO THE COUNCIL, THE EUROPEAN PARLIAMENT AND THE EUROPEAN COURT OF AUDITORS

Commission Action Plan towards an Integrated Internal Control Framework

{SEC(2005) 49}

COMMUNICATION FROM THE COMMISSION TO THE COUNCIL, THE EUROPEAN PARLIAMENT AND THE EUROPEAN COURT OF AUDITORS

Commission Action Plan towards an Integrated Internal Control Framework

1. INTRODUCTION AND BACKGROUND

2004 marked the eleventh successive financial year for which the European Court of Auditors issued a qualified Statement of Assurance (DAS) as regards a part of the payment appropriations. In 2004, the DAS for the general budget was positive for payments relating to administrative expenditure, pre-accession aid and that part of agricultural expenditure subject to the Integrated Administration and Control System (IACS). This represents some 35% of budget expenditure.

The qualified DAS reflects the complexity of the issues facing the Commission in implementing the EU budget, and the challenge it faces in providing the Court of Auditors with satisfactory audit evidence. The public perceive the qualified DAS as a severe criticism of the Commission’s management of Union resources. These are two reasons why the Commission has made it a strategic objective to achieve a positive DAS during its mandate.

The Commission’s “Roadmap to an Integrated Internal Control Framework” of June 2005 sets out proposals for a Community integrated control framework which aims to achieve this objective. That communication proposed an integrated framework that would help to ensure more effective and efficient internal control of EU funds and, because it would be consistent with ECA opinion No 2/2004 on an effective and efficient integrated internal control framework, could provide a sound basis on which the Court could rely to draw up its statement of assurance.

The present communication:

- reports on action taken on the objectives set out in the June Communication,

- addresses the main gaps identified in the Gap Assessment, also taking into account the 2004 Annual Report of the Court of Auditors,

- reflects the follow-up to be given to ECOFIN conclusions of 8 November 2005,

- and, on this basis, identifies the main concrete actions to be taken and the role that the Council, Member States and the European Parliament should play in achieving a reliable and functioning integrated internal control framework, giving assurance to the Commission and, ultimately to the Court of Auditors.

2. CONCRETE PROPOSALS FOR ACTION IN THE 2006-07 PERIOD

The following proposals have been grouped thematically, and within each a description has been provided of the conceptual development of each action, from the Single Audit Opinion and Roadmap to the gap assessment and ECOFIN Council conclusions of 8 November 2005. The four themes for action are:

- Simplification and common control principles (action 1-4)

- Management declarations and audit assurance (action 5-8)

- Single audit approach: sharing results and prioritising cost-benefit (action 9-11)

- Sector-specific gaps (action 12-16).

2.1. Simplification and common control principles

To achieve the correct balance between ensuring adequate control and avoiding onerous compliance and bureaucratic requirements, the integrated framework will introduce common principles emphasising clarity, simplicity and a consistent approach to evaluating the risk of error in the underlying transactions. This approach has to be incorporated in the reflections of the Legislative Authority, focusing on an appropriate chain of control and the responsibilities of the different actors.

Action 1: Simplification review of proposed 2007-13 legislation

The Roadmap identified “exploring the scope for greater simplification of the management of EC funds, and ensuring that the control requirements are proportionate to the risks” as a key gap to be filled in the management of Community funds and proposed legislation for the period 2007-13.

Council reinforced this approach in the ECOFIN conclusions, paragraph 5: “The regulations to be adopted for the programming period 2007-13 should include simplification of the control requirements while providing reasonable assurance”.

The gap assessment also identified a number of areas across management modes where illegalities and irregularities were more likely to occur due to difficulties encountered by beneficiaries in applying eligibility criteria and other conditions. Simplification could contribute to avoiding this kind of irregularity. The administrative burden on beneficiaries should be reduced, and correct application by intermediary bodies should be made as straightforward as possible.

The Commission will keep the simplification of the regulatory framework under consideration during the negotiations on all the 2007-2013 legislation. The Council and the European Parliament are considered to support such initiatives.

Action 2: Integrate common internal control principles in the proposal for the revised Financial Regulation

The ECOFIN conclusions (paragraph 6) stated that “there is scope for general common principles and elements regarding internal controls” which could help “to optimise the effectiveness, economy and efficiency of current control systems”.

The outcome of the gap assessment carried out by the Commission services identified the need for an over-arching legal framework based on common principles. This will provide a means to guarantee that all stakeholders are bound by a fundamental set of control principles and also provide the Court of Auditors with a clearer basis for auditing management processes and procedures. In order to illustrate the scope and orientations for a budgetary principle on internal control, a first draft can be found in Annex 2.

The Council and the European Parliament should use the opportunity of the consultation on the revised Financial Regulation to give their opinion on the need to insert a budgetary principle on effective and efficient internal control providing a common standard.

Action 3: Establish and harmonise the presentation of control strategies and evidence providing reasonable assurance

As set out in the Roadmap, the ultimate goal of the integrated internal control framework is to ensure and provide evidence that supervisory systems and controls are in place which keep the risk of irregularity within reasonable limits.

The gap assessment showed a frequent lack of adequate definition and demonstration of all elements of the control strategy being employed in a given service or programme.

ECOFIN emphasised (paragraph 3) that “the controls and assurance required should be improved by building on existing control structures”, which is in line with the Commission's assessment that a considerable amount of assurance is already obtained, and that by more effectively structuring its presentation, the bases for assurance can be better communicated to the Court of Auditors and the Discharge Authority.

The European Parliament asked for an individual to sign the annual synthesis report. The Commission considers that, through the adoption of the synthesis report, it fully assumes its political responsibility for the implementation of the budget and expresses its political accountability to the discharge authority. It is the Commission’s firm opinion that it would not be appropriate to replace this collective responsibility with the signature of one individual. The Commission will, however, strive to express the Commission’s political accountability more clearly in the synthesis report. The Commission will enhance the presentation of the control strategies in place in each policy area, and improve the summaries of their implementation in the activity reports. Providing better guidelines on the content of the Commission services' Annual Activity Reports (AARs) should reinforce the AARs’ ability to provide a solid basis for the ECA’s DAS, by presenting clearly the basis for the Director-General's own assurance regarding the effective management of the risk of error in the legality and regularity of the underlying transactions.

The Court of Auditors should be able to develop its DAS methodology so as to rely effectively on the Annual Activity Reports of the Commission services and the related synthesis report by the Commission, focussing on the management of the risk of error in the legality and regularity of the underlying transactions.

Action 4: Initiate inter-institutional dialogue on risks to be tolerated in the underlying transactions

The ‘Single Audit’ opinion introduced the concept of a ‘tolerable risk of error’, which the Roadmap communication further developed into the definition of reasonable assurance in terms of the management of the risk of error in the underlying transactions. The European Parliament gave its political analysis of the issue in its resolution on the 2003 discharge, in which it also called on the Council to work with the Parliament and Commission to give the creation of a comprehensive control and audit framework the priority and political momentum it requires.

In line with the above, in paragraph 17 of the ECOFIN conclusions, the Council concluded that it should reach an understanding with the European Parliament regarding the risks to be tolerated in the underlying transactions, taking also into account the multi-annual character of EU-funding. The Commission also considers that such an agreement could help the Court of Auditors, when finalising their Statement of Assurance, because it clarifies the expectations of the Discharge Authority and allows for matching the costs of controls with the expected benefits.

The Commission will initiate an inter-institutional dialogue in March 2006 on the basic principles to be considered regarding the risks to be tolerated in the underlying transactions. On this basis, the Council and the European Parliament should reach an initial agreement regarding these risks by end 2006.

2.2. Management declarations and audit assurance

Declarations by management reinforce its accountability, and provide an incentive for managers of Community funds to assess and improve their underlying control systems. Together with assurance from independent auditors, they form part of the structure which provides assurance to the Commission and ultimately to the Court of Auditors.

Action 5: Promote operational level management declarations and synthesis reports at national level

In its communication on the Roadmap, the Commission took up the proposal of the European Parliament in its 2003 discharge that the Member States should provide annual ex-ante Disclosure Statements and ex-post Declarations of Assurance at the highest political level.

The gap assessment undertaken by the Commission's services identified a number of areas where management declarations could improve oversight and scrutiny, particularly in shared, joint and indirect centralised management.

The issue of Member State declarations met with some opposition in ECOFIN, which concluded that “existing operational-level declarations can provide an important means of assurance” (paragraph 12), but did not accept the usefulness of national-level declarations.

Given the above conclusion, the Commission will seek to ensure that existing declarations, and those provided for in forthcoming legislation, provide the maximum impact in terms of improving assurance on the effectiveness of the relevant control structures for shared and indirect centralised management. Moreover, due to the large number of intermediary bodies, there are considerable benefits to be gained from having one contact point, such as the Coordinating Bodies in the agricultural sector, which can promote the harmonised application of controls through training and guidance, and present a synthesis at national level of the assurances given by each operational management, and of the measures being taken to address any deficiency.

Member States should designate a national coordinating body per policy area which can for example provide all stakeholders with an overview of the assurance available in respect of Community actions under shared and indirect management in their Member State. The cooperation of Member States is necessary when ensuring such a provision in forthcoming legislation, and steering its implementation via implementing rules and guidance, adapted to the arrangements for providing assurance on Community funds for the policy area.

Action 6: Examine the utility of management declarations outside shared and indirect centralised management mode

In the areas of external policies and, to a lesser extent, internal policies, management declarations could play a valuable role in encouraging greater attention to the importance of effective internal control, as already outlined for shared management.

The Commission will explore the introduction of management declarations, where appropriate, in joint and decentralised management modes.

Council and the European Parliament should carefully examine the appropriateness of internal control structures and procedures proposed in the new legislative proposals.

Action 7: Promote best practices for increasing the cost-benefit of audits at project level

The Roadmap outlines, in a number of cases, how independent auditors can add assurance on the underlying transactions. Both the gap assessment and the Single Audit opinion identified the risk of partiality where an auditor has been selected by the beneficiary or intermediary body, or where his opinion is not directly useable by the Commission because of its restricted scope or content.

The expert panel discussed the possibility of using ‘agreed upon procedures’ which would explicitly require a transparent check on key eligibility criteria, a comparatively higher level of assurance for a given cost.

The Commission will, based on its services’ extensive experience with audit certificates, develop proposals for optimising the level of assurance available from third-party audit bodies at project level.

Member States should actively participate in enhancing the usability of independent audit results in the chain of control and integrate this aspect in its guidance for controlling EU funds.

Action 8: Facilitate additional assurance from SAIs

The Roadmap proposes a role for Supreme Audit Institutions to “exercise oversight over the national control frameworks for EC funds”, as well as providing an independent opinion on potential management declarations.

The gap assessment identified a number of areas in shared management where the SAIs could add assurance by providing an opinion as to the management of EU funds, or within the framework of their audits of national funds which provide co-financing for Community projects.

The Council (paragraph 14) recognised that some Supreme Audit Institutions are willing to discuss further how they might strengthen their contribution to an integrated control framework governing EU funds without jeopardising their independence. The Contact Committee of the Heads of Supreme Audit institutions of the European Union continues to contribute towards improving the framework in this context and plans follow up of this work in 2006.

In collaboration with the European Court of Auditors, the Commission will strengthen its dialogue with SAIs, and analyse how existing assurance could be complemented and reinforced on the basis of existing SAI reports .

Member States should invite their national and regional Parliaments to ask their SAIs for audit and assurance on EU funding at their level. The conclusions of these reports should also be made available to the Commission and the European Court of Auditors.

2.3. Single audit approach: sharing results and prioritising cost-benefit

To minimise the duplication of control work, and maximise the level of control which can be achieved with a given level of resources, sharing well-defined and documented control information can permit reliance on controls at each level in the chain. A formalised assessment of costs and benefits at each level will enable the demonstration that the controls in place have optimised the residual risk of error in the underlying transactions.

Action 9: Construct effective tools for sharing audit and control results & promote the single audit approach

In the ‘single audit concept’, sharing audit data is key to improving the targeting of audit and control efforts. The Roadmap provides for “the coordination of working programmes, and access by each control body to the results of the work of others”. The gap assessment noted the desirability of sharing audit data across all management modes, both among Commission services and, via the control chain, between the Commission and Member States or Third Countries. ECOFIN (paragraph 6) requests clarification on “single Audit in the context of internal control”.

The Commission will build on its existing accounting system and its infrastructure of audit tracking tools to enhance the sharing and coordination of the audit efforts of the different stakeholders.

Member States are called on to continue to cooperate actively with the relevant Commission services in deciding on audit strategies, audit guidance, planning of audits and sharing of the results and their follow-up.

Action 10: Make an initial estimate and analysis of the costs of controls

The Court’s Single Audit Opinion and the Roadmap highlighted the need to reach an appropriate balance between the costs and benefits of controls.

The gap assessment showed that for the majority of Commission services, the concept of cost estimation required considerable development.

The Council (paragraph 5) requested the Commission to assess the cost of controls by area of expenditure.

As an initial step towards a more detailed analysis of control costs, the Commission will estimate the initial cost per key policy area, based on a consistent methodology, and aim to present the results in early 2007.

Member States are asked to deliver data on costs for the control of expenditure under shared and centralised indirect management in good time and in a comparable format to be defined by the Commission.

Action 11: Initiate pilot projects on evaluating benefits

In addition to the considerations on cost-benefit in the Roadmap and the Council conclusions, the gap assessment also noted the difficulties in identifying and quantifying the benefits gained from different aspects of internal control, inter alia, reputational issues, the deterrent/dissuasive effect, and the advantages of spreading best practice among the various beneficiary communities.

Bearing these difficulties in mind, the Commission will launch a pilot study on internal policies, including research, to quantify the benefits attached to a given control strategy, with a view to incorporating the cost/benefit approach in the management of the risk of error in the underlying transactions.

Council and the European Parliament are asked to integrate the results of these pilot studies in their reflections regarding the risks to be tolerated in the underlying transactions.

2.4. Sector-specific gaps

Due to the highly heterogeneous nature of individual EU policies, the integrated framework must be capable of flexible application if it is to be implemented optimally. Following the detailed analysis performed in the gap assessment, Commission services are now in a position to put in place the appropriate controls, coupled with a proportionate level of reporting in order to ensure that their effectiveness can be readily demonstrated.

Action 12: Address the gaps identified by participating services

In the Roadmap, the Commission instructed its services to identify the gaps and propose plans of action to complete the control framework on which the Court can base the assurance it seeks. The gap assessment report was further discussed with the panel of experts drawn from the Member States’ administrations.

The gap assessment by each service provides a detailed comparison of the control principles identified by the Court of Auditors in its Single Audit Opinion and those controls currently in place, or envisaged in the 2007-13 legislation. These gap assessments have now been updated following informal bilateral contacts with the staff of the Court of Auditors.

Each Commission service will take steps, within the framework of the normal Strategic Planning and Programming cycle, to close these gaps via the Annual Management Plans, and report on progress in the Annual Activity Reports.

Member States are called upon to cooperate with the Commission services in the implementation of actions, and where the actions involve changes to legislation the Council and the European Parliament should be open to considering such amendments.

Action 13: Analyse the controls under shared management (in particular Structural Funds) at regional level and the value of existing statements

As requested by the ECOFIN Council, by the end of 2006 the Commission will examine the present implementation of controls on the Structural Funds at sector and regional level, covering sample checks, paying authorities and winding-up bodies, as well as the value of existing statements and declarations, based on annual reporting to be delivered by 30 June 2006 by the Member States' authorities under Article 13 of Regulation (EC) No 438/2001, and on audits performed by Commission services.

Member States should ensure that the relevant information to be provided by the authorities under Article 13 for Structural Funds is delivered in accordance with the proposed timetable. The issue of how Member States can provide assurance to the Commission in the most efficient and effective manner will also be discussed during the bilateral annual meetings with the Member States’ auditors.

Action 14: Provide greater guidance for Structural Funds on managing the risk of error

The Roadmap identified a number of areas for improvement in the area of Structural Funds which would contribute to managing the risk of error in the underlying transactions for both the current and future periods.

The Council (paragraph 6 of the ECOFIN conclusions) requested clarification with regard to a number of issues, most of which have been addressed in the gap assessment. The services responsible will strengthen the existing guidance, to enable beneficiaries and intermediaries to adopt a targeted approach to reducing error in the underlying transactions through more systematic control work and intensified information activities directed at beneficiaries. Special attention will also be given to the role and responsibilities of paying authorities in providing assurance regarding the Structural Funds.

Support is requested from Member States in developing and implementing the guidance for Structural Funds where it is most needed, and in its distribution and dissemination.

Action 15: Promote the ‘Contracts of Confidence’ initiative for Structural Funds

The Roadmap identifies the ‘Contracts of Confidence’ as an initiative that can assist in rendering controls effective throughout the programming period.

The gap assessment notes that the ‘Contracts of Confidence’ initiative offers audit assurance on an annual basis which is comparable to that proposed for the new period, and is thus of particular interest as a mechanism to improve assurance for the current programming period, as well as representing a proactive measure to prepare for the next programming period.

The ECOFIN conclusions (para. 11) have now added further impetus to this action and the political level commitment of five Member States (Denmark, the Netherlands, Austria, Portugal and the United Kingdom) to sign such contracts has recently been obtained.

Member States should implement for Structural Funds the ‘Contracts of Confidence’ to provide assurance for the current period, and also to lay the groundwork for the next programming period. Those that do not should reflect on how to provide comparable assurance on the present period and how they will prepare their control systems for the next programming period.

Action 16: Establish common guidelines per policy family

The Roadmap requires action on “improving cooperation arrangements in line with the single audit approach, and completing the existing body of guidance on common principles and standards regarding auditing methods, key controls and strategies for on-the-spot checks”.

As noted in the gap assessment, considerable progress has already been made in many policy families via bilateral discussions in the area of error rates, recoveries, audit approaches (risk and representative sampling) and on-the-spot checks. These initiatives will be further reinforced in the course of 2006.

To enable consistent approaches to be adopted for each policy family in line with the internal control framework, the Commission will formalise guidelines per policy family in 2006 and 2007.

As this is mainly an internal Commission measure, the Council, Parliament and the Court of Auditors should benefit from the progress made in this domain in the form of clearer and more coherent reporting in the Annual Activity Reports of the services.

3. CONCLUSIONS

It is for the Commission and the Member States together to ensure that the Court is in a position to find audit evidence of progress towards adequate management of the risk of error (taking into account an accepted tolerance level).

Each service will address the gaps identified in its gap assessment. On the basis that positive opinions have been received on administrative expenditure, pre-accession aid, the European Development Fund and that part of agricultural expenditure subject to IACS, the first horizontal issues to be addressed will concern internal policies and Structural Funds.

However, for about 80% of the budget, the Commission shares the implementation with the Member States, and it expects the Member States to have an adequate control framework in place which is correctly applied. They should ensure that their management of money on the Commission’s behalf reduces the risk of irregular expenditure to an acceptable level, and that they can demonstrate this to national and Community auditors.

Therefore, the Commission insists on the help of Member States, the Council and the European Parliament, as specified above and outlined in Annex 1, to ensure a successful outcome in the interest of the European Union and its citizens.

ANNEX 1Summary of action plan and requested support from other Institutions

Simplification and common control principles |

1 | Simplification review of proposed 2007-13 legislation | The Commission will keep under consideration the simplification of the regulatory framework during the negotiations on all the 2007-2013 legislation. Council and the European Parliament are considered to support such initiatives. | June 2006 |

2 | Integrate common internal control principles in the proposal for the revised Financial Regulation | The Council and the European Parliament should use the opportunity of the consultation on the revised Financial Regulation to give their opinion on the need to insert a budgetary principle on effective and efficient internal control providing a common standard. | February 2006 |

3 | Establish and harmonise better the presentation of control strategies and evidence providing reasonable assurance | The Court of Auditors should be able to develop its DAS-methodology so as to rely effectively on the Annual Activity Reports of the Commission services and the related synthesis report at Commission level, focussing on the management of the risk of error in the legality and regularity of the underlying transactions. | End 2006 |

4 | Initiate inter-institutional dialogue on risks to be tolerated in the underlying transactions | The Commission will initiate an inter-institutional dialogue in March 2006 on the basic principles to be considered regarding the risks to be tolerated in the underlying transactions. On this basis, the Council and the European Parliament should reach an initial agreement regarding these risks by end 2006. | December 2006 |

Management declarations and audit assurance |

5 | Promote operational level management declarations and synthesis reports at national level | Member States should designate a national coordinating body per policy area which can for example provide all stakeholders with an overview of the assurance available in respect of Community actions under shared and indirect management in their Member State. The cooperation of Member States is necessary when ensuring such a provision in forthcoming legislation, and steering its implementation via implementing rules and guidance, adapted to the arrangements for providing assurance on Community funds for the policy area. | End 2006 |

6 | Examine the utility of management declarations outside shared and indirect centralised management | Council and the European Parliament should carefully examine the appropriateness of internal control structures and procedures proposed in the new legislative proposals. | Permanent action |

7 | Promote best practices for increasing cost-benefit of audits at project level | Member States should actively participate in enhancing the usability of independent audit results in the chain of control and integrate this aspect in its guidance for controlling EU-funds. | 2006 and later on permanent concern |

8 | Facilitate additional assurance from SAIs | Member States should invite their national and regional Parliaments to ask their SAIs for audit and assurance on EU-funding at their level. The conclusions of these reports should also be made available to the Commission and the European Court of Auditors. | End 2006 |

Single audit approach: sharing of results and prioritising cost-benefit |

9 | Construct effective tools for the sharing of audit and control results & promote the single audit approach | Member States are called on to continue to cooperate actively with the relevant Commission services in fixing audit strategies, audit guidance, planning of audits and sharing of the results and their follow-up. | 2006 and later on permanent concern |

10 | Conduct an initial estimation and analysis in the costs of controls | Member States are asked to deliver data on costs for the control of expenditure under shared and centralised indirect management in good time and in a comparable format to be defined by the Commission. | By February 2007 |

11 | Initiate pilot projects on evaluating benefits | Council and the European Parliament are asked to integrate the results of these pilot studies in their reflections regarding the risks to be tolerated in the underlying transactions. | From mid 2007 onwards |

Sector-specific gaps |

12 | Address the gaps identified by participating services | Member States are called upon to cooperate with the Commission services in the implementation of actions, and where the actions involve changes to legislation the Council and the European Parliament should be open to considering such amendments. | Permanent action |

13 | Analyse the controls under Shared Management (in particular Structural Funds) at regional level and the value of existing statements | Member States should ensure that the relevant information to be provided by the Authorities under Article 13 for Structural Funds, is delivered in accordance with the proposed time table. The issue of how Member States can provide assurance to the Commission in the most efficient and effective manner, will also be discussed during the bilateral annual meetings with the Member States’ auditors. | June 2006 End 2006 |

14 | Provide greater guidance for structural funds on managing the risk of error | Support is requested from Member States in developing and implementing the guidance for Structural Funds where it is most needed, and in its distribution and dissemination. | End 2006 Dissemination: 2007 |

15 | Promote the ‘Contracts of Confidence’ initiative for Structural Funds | Member States should implement for Structural Funds the ‘Contracts of Confidence’ to provide assurance for the current period, and also to lay the groundwork for the next programming period. Those that do not should reflect on how to provide comparable assurance on the present period and how they will prepare their control systems for the next programming period. | September 2006 |

16 | Establish common guidelines per policy family | As this is mainly an internal Commission measure, Council, European Parliament and Court of Auditors should benefit from the progress made in this domain through clearer and more coherent reporting in the Annual Activity Reports of the services. | From 2006 onwards |

A NNEX 2 Draft outline of Principle of effective and efficient Internal Control

1. The implementation of the budget shall be ensured through effective and efficient internal control in accordance with each management mode.

2. For the purpose of the implementation of the budget, internal control is defined as a process applicable at all levels in the chain of control and designed to provide reasonable assurance on the achievement of the following objectives:

3. effectiveness and efficiency of operations,

4. reliability of financial reporting,

5. safeguarding of assets and information and prevention and detection of fraud and irregularities,

6. adequate management of the risks related to the legality and regularity of the underlying transactions.

7. Effective internal control is based on best international practices and includes particularly the following key components: segregation of tasks; adequacy of knowledge and skills needed to perform assigned tasks; appropriate risk management and control strategy; promotion of ethical behaviour, avoiding conflicts of interest; communication of pertinent information and guidance; adequate audit trails; data integrity in data systems; monitoring of performances; procedures for identified internal control weaknesses and exceptions. Such components are subject to periodic assessments.

8. Efficient internal control relies for all activities on the following principles: adequacy of controls at beneficiary level; agreed risk strategies striving to relate the cost of control to the level of risk to be managed; control results accessible to all appropriate actors in the chain of control; clear and unambiguous legislation and guidance; enforcement of dissuasive penalties at the earliest possible stage in the control chain as well as provision of annual management assurance at the appropriate level in order to provide a reasonable assurance on the legality and regularity of underlying transactions.


COM(2005) 252.

OJ C 107, 30.4.2004, p. 4 (the ‘Single Audit’ Opinion).

SEC(2006) 49 accompanying this Communication.

An overview of all actions and related Council and European Parliament issues is attached in annex 1.

As adopted at its meeting in Stockholm on 5-6 December 2005.

DGs participating in the gap assessment were those with activity above a certain threshold in EUR and meeting other necessary criteria.

Only the services with the major level of expenditure in the different management modes were asked to provide such a gap assessment.

SEC(2005) 1152.

The primary controls (checks on the reality of the service rendered and on the expenditure claimed) are either exhaustive, or else sufficient with regard to the costs and benefits of the checks.

There is an appropriate risk analysis.

The error rate for each programme is assessed and reported.

There is adequate information to beneficiaries.

Proportionate but dissuasive sanctions are applied for serious irregularities.

Primary controls are adequately supervised by the implementing body and by the Managing Authority;

Corrective action is taken whenever necessary;

The Paying authority has the means and resources to obtain the assurance it needs to certify the amounts claimed from the Commission.