Ühtekuuluvuspoliitika fondide rakenduskava 2021-2027 - Compliance Audits (2021-2027) - Draft Report - Ares(2026)4415434

Dokumendiregister	Rahandusministeerium
Viit	10-5/1921-1
Registreeritud	29.04.2026
Sünkroonitud	30.04.2026
Liik	Sissetulev kiri
Funktsioon	10 VALITSUSE SISEKONTROLLISUSTEEMI KOORDINEERIMINE NING EUROOPA LIIDU TOETUSTE JA VÄLISABI AUDITEERIMINE
Sari	10-5 Riigieelarve ja välisvahendite auditi lõpparuanded koos tõendusmaterjali ja kirjavahetusega
Toimik	10-5/2026
Juurdepääsupiirang	Avalik
Juurdepääsupiirang
Adressaat	European Commission
Saabumis/saatmisviis	European Commission
Vastutaja	Anu Alber (Rahandusministeerium, Kantsleri vastutusvaldkond, Finantskontrolli osakond)
Originaal	Ava uues aknas

Dokument on kokkuvõtte tegemiseks liiga mahukas (19815 tm).

Failid

E-kiri.eml

Preliminary Audit Findings.pdf

Anu Alber

Head of the Audit Authority

Financial Control Department

Ministry of Finance of the Republic of Estonia

Commission européenne/Europese Commissie, 1049 Bruxelles/Brussel, BELGIQUE/BELGIË — Tel. +32 22991111

EUROPEAN COMMISSION DIRECTORATES-GENERAL

EMPLOYMENT, SOCIAL AFFAIRS AND INCLUSION

REGIONAL AND URBAN POLICY

Joint Audit Directorate for Cohesion - DAC - The Director

Brussels, EMPL.REGIO.DAC.5/AR/sg(2026)3491768

Via SFC2021

Subject: Audit Planning Memorandum ‘Compliance Audits (2021-2027)’ —

Audit of the functioning of the management and control systems as required

by Articles 69 and 72-76 of Regulation (EU) N° 2021/1060), Key

Requirement 11

Programme(s): 2021EE16FFPR001 - Programme for Cohesion Policy

Funds 2021-2027

Covered Funds: CF 2021, ERDF 2021 and ESF+ 2021

Preliminary Audit Findings

Ref.: DAC521EE3469 (to be used in all correspondence)

EC Notification Letter – Ares(2025)11346584 18/12/2025

Request for further information – 13/01/2026 Ares(2026)3129332;

27/01/2026 Ares(2026)3129380 and 03/02/2026 Ares(2026)3129407.

Reply by MS to the requested further information – 15/01/2026

Ares(2026)3129600; 06/02/2026 Ares(2026)3129468 and 09/03/2026

Ares(2026)3129695

Dear Ms Alber,

Following the above-mentioned audit, please find enclosed the preliminary audit

findings.

In the context of the contradictory procedure, the audited authority should confirm or

clarify the facts presented and provide their agreement or disagreement with the provided

findings, and respective actions to be taken or recommendations, within one month of

submission of this audit report in the national language via SFC2021 – “EC audit report”

module.

Ref. Ares(2026)4415434 - 29/04/2026

Page 2 of 12

During the contradictory process, the auditee may consult relevant programme

authorities/bodies, particularly for findings affecting key requirement(s) for which these

authorities/bodies bear responsibility, as well as beneficiaries, if necessary.

Please note that, in the absence of a response within the timeframe presented above, it will

be considered that the programme authorities have accepted the preliminary findings and

conclusions. As a result, these will be deemed final and sent to the Member State for

follow-up.

Upon reviewing the reply from the auditee(s), when submitted within the specified

deadline, the Commission auditors will communicate the audit report. The Member State

will then be invited to inform the Commission auditors on the implementation of the

recommendations and actions outlined in the national language version of the audit report,

in accordance with the deadlines specified for each recommendation.

This report should be treated as confidential until the follow-up procedure is definitively

concluded. If the whole or part of the report is transmitted to persons concerned by the

audit to enable them to provide comments, please ensure that the information described in

this paragraph accompanies the transmission.

Please note that the audit report will be submitted in three months after receiving the

complete reply from the programme authorities to the preliminary audit findings; the reply

shall be considered complete in the absence of a request from the Commission to provide

further information or a revised document within 2 months from the date of receipt of the

Member State’s response.

I would also like to take this opportunity to thank you and your team for the cooperation

during the audit.

Yours faithfully,

(Electronically signed)

Franck Sébert

p.p. Ilse Van den Abeele

Acting Director

Enclosure: Preliminary Audit Findings + annexes

Page 3 of 12

c.c.: HE Ms Kyllike Sillaste-Elling

Ambassador Extraordinary and Plenipotentiary

Permanent Representation of Estonia

Directorate-General for Employment, Social Affairs and Inclusion

Ms Katarina Ivankovic-Knezevic, Director, D

Mr Daniel Woehl, Head of Unit, Unit D.5

Directorate-General for Regional and Urban Policy

Mr Hugo Sobral, DDG and Acting Director, D

Ms Linda Sproge, Acting Head of Unit, Unit D4

Directorate-General for Migration and Home Affairs

Ms Marta Cygan, Director, G

Ms Ute Stiegel, Head of Unit, Unit .G.1

Directorate-General for Economic and Financial Affairs

Ms Bernadette Frederick, Director R

Mr Stefan Ciobanu, Head of Unit, Unit R4

Directorate-General for Maritime Affairs and Fisheries

Mr Andrew Mathison, Acting Director E

Mr Andrew Mathison, Head of Unit, Unit E1

Joint Audit Directorate for Cohesion

Ms Cendrine De Buggenoms, Head of Unit DAC.5

Commission européenne/Europese Commissie, 1049 Bruxelles/Brussel, BELGIQUE/BELGIË — Tel. +32 22991111

EUROPEAN COMMISSION DIRECTORATES-GENERAL

EMPLOYMENT, SOCIAL AFFAIRS AND INCLUSION

REGIONAL AND URBAN POLICY

Joint Audit Directorate for Cohesion – DAC.5 - Audit V

Brussels,

PRELIMINARY AUDIT FINDINGS

Audit DAC521EE3469

AUDIT PLANNING

MEMORANDUM:

Compliance Audits (2021-2027)

SPECIFIC TOPIC COVERED IN

THE AUDIT:

Audit of the functioning of the management and control

systems as required by Articles 69 and 72-76 of Regulation

(EU) N° 2021/1060), Key Requirement 11

FUND(S): CF 2021, ERDF 2021 and ESF+ 2021

MEMBER STATE: Estonia

PROGRAMME(S): 2021EE16FFPR001 - Programme for Cohesion Policy

Funds 2021-2027

KEY REQUIREMENTS

AUDITED(1):

KR11: Appropriate separation of functions and functional

independence between the audit authority (and any body

carrying out audit work under the responsibility of the audit

authority on which the audit authority relies and supervises, if

applicable) and the other programme authorities and audit

work carried out in accordance with internationally accepted

audit standards

AUTHORITIES AUDITED

(AUDITEES):

AA - Rahandusministeerium

AUDIT DATES: 19/12/2025 - 30/01/2026

WRAP-UP MEETING DATE: 04/02/2026

RESPONSIBLE UNIT: DAC.5

ASSOCIATED UNIT(S) / DGS: -

EXTERNAL FIRM: No

This document sets out the provisional findings and recommendations of the Commission

auditors. These may be modified in light of the observations and further information

received from the national authorities. Accordingly, this report should be treated as

confidential until the follow-up procedure is definitively concluded. If the whole or part of

(1) Key requirements as defined in Table 1 of Annex XI CPR.

Page 5 of 12

the report is transmitted to persons concerned by the audit to enable them to provide

comments, please ensure that the information described in this paragraph accompanies the

transmission.

Page 6 of 12

Table of Contents

LIST OF ACRONYMS AND ABBREVIATIONS ................................................................ 7

1. EXECUTIVE SUMMARY ...................................................................................... 8

1.1. Preliminary audit conclusions ............................................................... 8

2. LEGAL BASIS .................................................................................................... 8

3. OBJECTIVES ...................................................................................................... 8

4. AUDIT SCOPE .................................................................................................... 9

5. APPROACH...................................................................................................... 10

6. PRELIMINARY FINDINGS AND ACTIONS PROPOSED TO BE TAKEN /

RECOMMENDATIONS ....................................................................................... 10

6.1. System findings ................................................................................... 10

Finding 01 ........................................................................................................ 10

ANNEX I – IMPORTANCE OF RECOMMENDATIONS ................................................... 13

Page 7 of 12

LIST OF ACRONYMS AND ABBREVIATIONS

Acronym Definition

AA Audit Authority

APM Audit Planning Memorandum

AMIF Asylum, Migration and Integration Fund

BAF Body with Accounting Function

BMVI Border Management and Visa Instrument

CF Cohesion Fund

CPR Regulation (EU) 2021/1060 laying down common provisions on the European Regional

Development Fund, the European Social Fund Plus, the Cohesion Fund, the Just Transition

Fund and the European Maritime, Fisheries and Aquaculture Fund and financial rules for those

and for the Asylum, Migration and Integration Fund, the Internal Security Fund and the

Instrument for Financial Support for Border Management and Visa Policy

DAC Joint Audit Directorate for Cohesion

EMFAF European Maritime, Fisheries and Aquaculture Fund

ERDF European Regional Development Fund

ESF+ European Social Fund Plus

FNLC Financing not linked to cost

IB Intermediate Body

INTOSAI International Organisation of Supreme Audit Institutions

ISF Internal Security Fund

ISSAI International Standards of Supreme Audit Institutions

JTF Just Transition Fund

KR Key Requirement

MA Managing Authority

MCS Management and Control System

MPM Mission Planning Memorandum

MS Member State

SoA Statement of Assurance

SCO Simplified Cost Options

Page 8 of 12

1. EXECUTIVE SUMMARY

Based on the work carried out, the Commission auditors have identified the following

deficiencies:

Finding Type of finding Description Financial impact Conditions

for net FC

met?

01 System

KR11

Some aspects not included or are

insufficiently reflected in the AA’s

checklists for the audit of operations

N/A No

1.1. Preliminary audit conclusions

At this stage the Commission auditors conclude that the checklists in use by the audit authority

are substantially complete, but some improvements are still required as described in Section 6

of the preliminary audit findings report.

The Commission auditors will conclude on the audited key requirement (KR11) after having

carried out substantive testing during a compliance audit.

2. LEGAL BASIS

The legal basis for the Commission audits in Member States for ERDF, ESF+, CF, JTF,

EMFAF, ISF, BMVI and AMIF is Article 70(1) of Regulation (EU) 2021/1060, which

establishes the Commission’s powers and responsibilities under shared management.

3. OBJECTIVES

The audit was performed in the context of the Audit Planning Memorandum Compliance Audits

(2021-2027).

The main objective of compliance audits is to obtain reasonable assurance that the expenditure

entered in the programme accounts is not affected by a material level of error.

The compliance audits therefore allow to assess the degree of reliance to be placed on the results

of the AAs work presented in the annual control reports and audit opinions. For this purpose,

the audit authority needs to have in place adequate instruments to ensure reducing the detection

risk to the minimum. The audit work carried out under this enquiry and more particularly under

KR11 review aims to:

• ensure that the methodological tools used by the AAs are adequate (checklists, manuals

of procedures, instructions for the proper documentation of the audit work carried out,

etc); and

• obtain reasonable assurance that the work carried out by the AA (together with the work

carried out by other audit bodies on which the AA places reliance, if applicable) is

compliant with the requirements of the CPR, in particular Article 77.

Page 9 of 12

The specific objectives of this audit were to verify that the AA’s checklists for the conduct of

audits of operations are complete.

4. AUDIT SCOPE

The audit covered the audit work performed by the AA as defined in Article 77 of the CPR. In

particular, the following key requirement was covered by the audit:

• KR 11 Appropriate separation of functions and functional independence of the audit

authority and audit work carried out in accordance with internationally accepted audit

standards.

The scope of the audit work included specific elements of assessment criteria 11.1 - the review

of the completeness of all the AA's checklists used for the conduct of audit of operations.

The audit work carried out included the review of the completeness of all the AA's checklists

used for the conduct of audit of operations. This is only the first phase of the audit of KR11

since no audits of operations have been conducted so far so the walkthrough tests (e.g. if

sufficiently detailed to provide a clear understanding of the audit work performed, evidence

obtained and conclusions reached) will only be carried out during the first compliance audits

for the programming period 2021-2027.

The Commission auditors used the following checklists to carry out their audit work:

• General checklist for audits of operations

• Public procurement checklist

• Financial instruments checklist

• State aid checklist

• Simplified costs options checklist

• Financing not linked to cost checklist

Furthermore, the auditors checked if the checklists include the minimum requirements

according to the Reflection Paper on Audit Documentation – published by the European

Commission 2021 (hereafter refer to as Reflection Paper).

The objective of the Commission audit was to assess the design of the system through the

review of the checklists to be used by the AAs for conducting audits of operations, but the audit

work carried out by the Commission auditors did not include substantive testing. The

implementation will subsequently be reviewed through compliance audits.

The audit was conducted remotely at the DAC premises in Brussels via videoconferences

organised with the AA. The wrap-up meeting took place on 04/02/2026.

5. APPROACH

The audit followed the methodology (including checklists) from the abovementioned Audit

Planning Memorandum and was carried out in line with ISSAI 4000 (INTOSAI's compliance

guidelines)

Page 10 of 12

6. PRELIMINARY FINDINGS AND ACTIONS PROPOSED TO BE TAKEN / RECOMMENDATIONS

6.1. System findings

Finding 01

Key Requirement: KR11 - Appropriate separation of functions and functional independence

between the audit authority (and any body carrying out audit work under the responsibility of

the audit authority on which the audit authority relies and supervises, if applicable) and the

other programme authorities and audit work carried out in accordance with internationally

accepted audit standards

Assessment Criteria: AC 11.3

Gold plating issues? No

Performance data reliability issues? No

Weakness in audit checklists

Legal basis / Standard / Methodological note:

Art. 77 CPS

Description of the finding:

The following aspects are not included or are insufficiently reflected in the AA's checklists for

the audit of operations:

1) Public Procurement: The checklist does not include a verification of the obligations of the

contracting authority in cases where a tender is considered abnormally low because the tenderer

has received State Aid as per Art. 84 of Directive 2014/25/EU. In addition, some control points

for time limits and deadlines have to be complemented with the cases (albeit less frequent)

where the procurement documents were not made available electronically. Finally, the checklist

needs to be updated to include control points on less frequent (but still possible) procedures,

namely the use of electronic auctions or design contests.

2) Audit of operations: The checklist does not address all verifications related to community-

led local development operations and does not verify in detail fund-specific exclusion of certain

costs as listed under Art.7 of Regulation 2021/1058, Art. 9 of Regulation 2021/1056 and Art.

16, 21-22 of Regulation 2021/1057.

3) Financing not linked to costs: The checklist does not include an explicit and standalone

verification on whether the MA and/or beneficiaries have carried out adequate

management/administrative verifications, with respect to verification of conditions to be

fulfilled and results to be achieved in line with the approved FNLC scheme.

4) State Aid:

- GBER Common Provisions: The checklist verification of aid intensity does not cover the type

of aid referenced in Art. 7(5) of Commission Regulation (EU) No 651/2014.

- SME Aid: The list of applicable thresholds included in the AA's checklist is not exhaustive

and there is no explicit verification of aid intensity.

- SME Access to Finance Aid: The references to the applicable GBER provisions need to be

updated. In addition, some questions in the checklist provide inconsistent level of details when

referencing GBER provisions or requirement. This could be misleading to the auditor filling in

the checklist as some questions include an exhaustive list of mandatory control points while

others don’t.

Page 11 of 12

- SGEI: The checklist does not include a verification on the applicability of the cumulative

criteria under the “Altmark Judgment”, which would render the public service compensation

outside of the state-aid framework.

Action to be taken/recommendation 01.01

The AA is recommended to improve its checklists used for audits of operations, and specifically

to review and update the checklists by addressing the shortcomings detected by the Commission

auditors and described above.

The AA is requested to submit the revised checklists to the Commission auditors in reply to the

current preliminary audit findings.

Importance of the recommendation: Important

Deadline for implementation: One month

Responsible body:

AA - Rahandusministeerium

Page 12 of 12

ANNEX I – IMPORTANCE OF RECOMMENDATIONS

Recommendations related to system findings:

Critical: Corrective action is needed to address a fundamental weakness in key controls,

which puts in question the reliability of the whole management and control systems and

has led or may lead to widespread irregularities. There is a substantial risk to the reliability

of (financial and other) reporting for the programme, the effectiveness and efficiency of

the operations and activities and the compliance with national and EU regulations.

Very Important: Corrective action is needed to address a significant weakness in key

controls, affecting the reliability of a significant part of the management and control

systems, which has led or may lead to irregularities. There is a high risk to the reliability

of (financial and other) reporting for parts of the programme, the effectiveness and

efficiency of some of the operations and activities and/or the compliance with national and

EU regulations.

Important: Corrective action is needed to address a weakness or deficiency in the

management and control systems, which has a moderate impact at the programme level

but which, combined with other weaknesses, may lead to irregularities. Improved controls

would benefit the implementation of the programme and/or allow for greater effectiveness

and/or efficiency.

Recommendations related to Project findings:

Critical: Corrective action is needed to address a serious irregularity (including

irregularity of systemic nature) with high financial impact.

Very Important: Corrective action is needed to address an irregularity with medium

financial impact.

Important: Corrective action is needed to address a weakness or an irregularity with no

or limited (potential) financial impact.

Electronically signed on 29/04/2026 12:05 (UTC+02) in accordance with Article 11 of Commission Decision (EU) 2021/2121