Internal audit
Internal audit of the implementation of the general budget of the European Union
Expenditure and revenue transactions relating to the Community budget are subject to internal audits, which are carried out independently within each institution. The purpose of internal audits is to provide each institution with a guarantee that its aims are being achieved economically, effectively and efficiently, that its assets are being properly protected, and that its financial transactions are legal, procedurally correct and justified. In the Community system, internal audits are not confined to checking the legality and regularity of transactions but also focus on compliance with the principles of sound financial management.
Internal audits were initially carried out by the financial controller (Article 19 of the 1977 Financial Regulation). The controller, assigned to the authorising officer of each institution, conducted ex ante verifications of the commitment and authorisation of all expenditure and on the recording and recovery of revenue. Having carried out an ex ante verification, the financial controller issued an explicit prior authorisation, known as ‘approval’, for each budgetary commitment, payment or recovery operation. The 1977 Financial Regulation also stipulated that the financial controller was to ensure that the authorising officer complied with the principles of legality and regularity, and that the transactions which the latter intended to carry out were consistent with sound and efficient management.
The Council Regulation of 23 November 1998 amended the 1977 Financial Regulation, assigning to the financial controller the additional function of internal auditor of his or her institution. In performing this function, the financial controller was required to assess the efficiency of management and monitoring systems and to verify that transactions were being carried out in accordance with the applicable rules.
The Council Regulation of 9 April 2001 once again amended the 1977 Financial Regulation, providing for the separation of the functions of the internal auditor from the other duties assigned to the financial controller. This meant that financial controllers continued to perform their customary functions, including ex ante financial verification, but were no longer necessarily responsible for internal auditing. Because of the high volume and the nature of the transactions carried out by the Commission, the separation of these functions was mandatory for the Commission and optional for the other institutions. Accordingly, the Commission had to appoint an internal auditor who was independent of the financial controller. The tasks of the auditor were to assess the efficiency of the management and verification systems as well as the regularity of operations, and to submit an annual report to his or her institution outlining the main lessons to be learned from the previous financial year.
In the specific case of the Commission, in the wake of the administrative reforms initiated in 2000, an Internal Audit Service (IAS) and internal-audit structures in each directorate-general were created in 2001. The IAS is a central service which conducts audits of matters relating to the institution as a whole and of certain areas of particular interest. It also provides technical support to the internal-audit structures of the directorates-general. In other words, the IAS is a separate directorate-general whose aim is to help the Commission and its departments to manage risks more effectively, to improve the quality of their management, monitoring and internal-audit systems, and to enhance the efficiency and effectiveness of their operations. The IAS draws up an annual report for the college of Commissioners as well as a summary report, which it submits to the authority responsible for giving discharge, i.e. the European Parliament.
Finally, the 2002 Financial Regulation abolished the post of financial controller and, with it, centralised ex ante verification, especially the endorsement issued by the financial controller in advance of revenue and expenditure transactions. The system of ex ante verifications has thus been replaced by provisions entrusting responsibility to the authorising officers, whose job is to authorise expenditure and payments. In addition, the internal auditor replaced the financial controller in each institution. The internal auditor is accountable to his or her institution for the verification and proper functioning of systems and procedures for the implementation of the budget. This means that an internal auditor is required to assess the effectiveness and efficiency of the management and internal control systems established by the authorising officer, but is not empowered to intervene in the implementation of the budget. Internal auditors also submit to their respective institutions an annual report indicating the number and types of internal audits that have been carried out, the recommendations made and the action to be taken on these recommendations. The report is then forwarded to the European Parliament, which is the discharge authority.