the Certifying Authority Kaur Siruli Ministry of Finance of the - - PowerPoint PPT Presentation

Compliance Assessment of the Certifying Authority

Kaur Siruli Ministry of Finance of the Republic of Estonia Financial Control Department 20.03.2013

Certifying Authority Auditing Authority Managing Authority

Estonian Ministry of Finance

Structure of the Ministry of Finance

General System for Structural Funds in Estonia

Ministry of Finance

Managing Authority Certifying Authority Auditing Authority 1st level Intermediate Bodies ( 5 ministries) 2nd level Intermediate Bodies ( 11 ) (National boards and inspectorates, state foundations, state companies etc) Final recipients: incl. local authorities, entrepreneurs, NGOs, state authorities etc

Compliance assessment in Estonia

• All the bodies went under compliance assessment

by the AA

• Assessments were done between spring 2007 to

July 2008

• In spring 2008 re-assessment of the bodies

assessed in spring 2007 (systems were already changed)

• Assessment was on the MCS level, in addition

procedures were reviewed where possible.

• All the bodies got the separate report about them
• Commission got one overall assessment report

Legal requirements for Certifying Authority – mission impossible?!

Certifying Authority in reg 1083/2006

Article 59 For each operational programme the Member State shall designate the following: (b) a certifying authority: a national, regional or local public authority or body designated by the Member State to certify statement of expenditure and applications for payment before they are sent to the Commission;

Article 61 – Functions of the CA

The certifying authority of an operational programme shall be responsible in particular for: (a) drawing up and submitting to the Commission certified statements of expenditure and applications for payment;

Article 61 Functions of the CA

(b) certifying that:

(i) the statement of expenditure is accurate, results from reliable accounting systems and is based on verifiable supporting documents; (ii) the expenditure declared complies with applicable Community and national rules and has been incurred in respect of operations selected for funding in accordance with the criteria applicable to the programme and complying with Community and national rules;

Article 61 Functions of the CA

(c) ensuring for the purposes of certification that it has received adequate information from the managing authority on the procedures and verifications carried out in relation to expenditure included in statements of expenditure; (d) taking account for certification purposes of the results of all audits carried out by or under the responsibility of the audit authority;

Article 61 Functions of the CA

• (e) maintaining accounting records in

computerised form of expenditure declared to the Commission;

• (f) keeping an account of amounts recoverable

and of amounts withdrawn following cancellation of all or part of the contribution for an operation.

1828/2006 Article 20

By 31 March each year the certifying authority shall send to the Commission a statement identifying: (a) the amounts withdrawn from statements of expenditure submitted during the preceding year following cancellation

• f all or part of the public contribution for an operation;

(b) the amounts recovered which have been deducted from those statements of expenditure; (c) a statement of amounts to be recovered as at 31 December of the preceding year, classified by the year in which recovery orders were issued.

Key requirements

Key requirement 1

Clear definition, allocation and separation of functions between and within the certifying authority / intermediate body/ies

KR 1 assessment criteria, separation of functions

• 24. separation of functions between the

certifying authority and the managing authority and intermediate bodies.

– Independence especially from implementing bodies – Needed to ensure possibility to exercise control over implementing bodies – Needed to have to possibility to refuse certification

• f expenditure that has not been controlled with

sufficient quality.

KR 1 assessment criteria, delegated tasks

• 25. Procedures in the certifying authority to

monitor the effective implementation of any delegated tasks.

– Implementing Bodies have to compose their expenditure declarations – Besides that it is not advisable to delegate CA tasks – In case tasks are delegated CA remains responsible and has to control the execution of delegated tasks.

KR 1 assessment criteria, setup

• 26. A clear definition and allocation of functions

(organisation chart, indicative number of posts, documented procedures and manuals), including the existence of a formal documented agreement setting out any tasks that are delegated by the certifying authority to the intermediate body/ies.

Questions in the checklist

• Is CA designated, how
• How CA is authorized to carry out the tasks
• Are the tasks listed/specified
• Are any tasks delegated and if so, to whom, and

are those tasks listed

• How are the tasks delegated
• System for monitoring over delegated tasks

Questions in the checklist

• Organizational chart, division of functions

between sub-units, number of posts

• Posts with clearly defined responsibilities
• Manual of procedures – know to staff
• Procedure for updating the manual of

procedures

• Date and reference to the manual
• Is the manual used by implementing bodies

Key requirement 2

Key requirement 2: Adequate audit trail and computerised system

KR 2 assessment criteria, accounting records

• 27. Adequate accounting records should be

maintained in computerised form of expenditure declared to the Commission

– Managing authority responsible for IT system – It would be reasonable to have ONE system for all bodies – System must allow CA to reconcile data of certifications with declarations from IB-s

IT system should include the following

• Claims and documents from beneficiary
• Checks, audits and their results
• Reports, checklists etc of management

verifications

• Irregularities
• CA has access to all data in system
• System should produce the declaration to EC (with

a push of a button)

• Amounts recovered, pending recoveries,

withdrawals, deductions

• Automatically updated debtors ledger

KR 2 assessment criteria, audit trail

• 28. The audit trail within the certifying authority

should allow reconciliation of the expenditure declared to the Commission with the expenditure statements received from the managing authority/bodies MA/IBs.

– Audit trail is considered sufficient when it permits reconciliation of the summary amounts certified to the Commission with the individual expenditure records and supporting documents

KR2 Assessment criteria Audit trail

–Location of the documents –Verification of the payment to the beneficiary –For each operation the selection criteria –Project documentation from grant approval to procurements and audits –Chronological order of the project transactions

Questions in the checklist

• Description of the accounting system; is it

centralised or decentralised

• In case decentralised then how data is sent to

the CA

• Are accounting system and information system
• ne and the same or two separate systems
• If separate, how the data is linked, is the data

identical

• Is the system operational, if not, when it will be

Questions in the checklist

• Does the system show total expenditure per

fund and priority

• Verification of the allocations and the transfer
• f the the public funds
• Allows to split payments made to beneficiaries

to the year concerned

• Is it only SF system or also used for other funds
• If not separate does it identify SF trancations

Key requirement 3

Adequate arrangements for the certification of expenditure to be reliable and soundly based

Key requirement 3

For the purpose of certification the certifying authority has received adequate information concerning:

• the procedures operated by the managing

authority and by intermediate bodies to verify the delivery of the co-financed products and services,

• the reality of the expenditure claimed,
• compliance with the applicable Community and

national rules,

• that the expenditure declared has been incurred in

respect of operations properly selected for funding adequate audit trail has been maintained.

KR 3 assessment criteria

• procedures
• 29. The certifying authority should specify the

information it requires on the procedures

• perated by the managing authority and by the

intermediate bodies for the verification of expenditure and has put in place agreed procedures with the managing authority to ensure that it receives it on a regular and timely basis.

KR 3 assessment criteria

• procedures

The assurance should be based on evidence that the systems of the managing authority and intermediate bodies are functioning effectively to prevent, detect and correct irregularities.

• The description of the control systems, procedures

applied, and checklists used;

• The methodology for sampling for verifications on the

spot;

• Management verification procedures and checklists
• The results of the risk analysis carried out
• The risk mitigation activities

KR 3 assessment criteria

• reporting
• 30. CA should review the reports drawn up by the

managing authority or the intermediate bodies on the progress of implementation, including a review

• f the verifications carried out (all reviews should be

documented).

– number of on-the-spot verifications, – percentage of operations covered, – percentage of expenditure covered, – level of error found, – type of errors found – follow-up actions taken, corrections made.

KR 3 assessment criteria

• audits
• 31. CA should review the results of all audits (all

reviews should be documented).

– Audits of operations – System audits – Audits by all audit bodies, incl European Commission, OLAF, (European) Court of Auditors

KR 3 assessment criteria

• analysis
• 32. CA should ensure that the results of these

examinations are properly taken into account in reaching a conclusion as to whether there is a sufficient basis for certifying that the expenditure being certified is legal and regular.

– CA has to analyse data form different sources – Conclude if some errors might have systemic nature – Refuse certification and demand action plan in case weaknesses are identified

KR 3 assessment criteria

• calculations
• 33. CA should reconcile and do an arithmetical

check of the payment requests.

– computerised system with automated internal controls (i.e. numerical and logical checks made automatically by the IT system) – provision of audit trail

Questions in the checklist

• Flowchart and a description of the procedure

by which statements of expenditure are drawn up, certified and submitted to the Commission

• Does it show the flow of expenditure fully –

from beneficiary to the Commission

• Description of steps CA is taking to comply with

article 61 of 1083/2006

• Description how CA has access to all results of

controls and audits

Key requirement 4

Satisfactory arrangements for keeping an account

• f amounts recoverable and for recovery of

undue payments

KR 4 assessment criteria

• recoveries
• 34. The certifying authority should keep an

account of amounts recoverable and of amounts withdrawn following cancellation of all or part of the contribution for an operation.

– withdrawals and using the funds for other

• perations

– Waiting for the recoveries and only then deducting the expenditure from the certified costs – The first of the two is recommended

KR 4 assessment criteria – info to EC

• 35. By 31 March each year the certifying

authority shall send to the Commission a statement, in the format in Annex XI of R 1828.

– CA has to keep an account of amounts recoverable and of amounts withdrawn – Report to the Commission once a year – Also amount awaiting for recovery

Questions in the checklist

• System ensuring the prompt recovery of

Community assistance

• Arrangements for maintaining a debtor’s ledger
• Procedure to deduct amounts recovered from

expenditure to be declared

• Composing annual declaration on recoveries

Compliance assessment questions on the IT System

Questions in the checklist - IT

• Central or networked system common to the

whole organisation of MA, CA and other authorities?

• Decentralised system in which information is

held in several local systems that are not networked?

• IT security

Questions in the checklist - IT

• Is a description including a flowchart of the

information system(s) supplied, showing their elements and the links between them, and whether they are networked or decentralised?

• Has the MA ensured that there is a system for

recording and storing in computerized form accounting records for each operation under the operational programme?

Questions in the checklist - IT

• Has the system been used in the previous

programming period.

• Does this IT system description provide

evidence that:

– the separation of function is guaranteed within the MS ? – the documents electronically signed by the authorities responsible are those transmitted to the Commission?

Questions in the checklist - IT

• Is the system capable to gather reliable

financial and statistical information for financial management purposes and to serve as the basis for certifications of expenditures?

• Is the system capable to gather reliable data on

implementation of operations for monitoring and evaluation purposes?

Questions in the checklist - IT

• Is the system capable to gather reliable data for

verifications and audits purposes?

• Is it indicated how is the system linked to the

Accounting System?

• Is there a capacity at present to transfer data

electronically to the Commission for:

– expenditure declarations – annual implementation reports – project data for audit purposes

Many wise heads afterwards, none before

kaur.siruli@fin.ee