| Dokumendiregister | Riigi Tugiteenuste Keskus |
| Viit | 11.1-8/24/1360-2 |
| Registreeritud | 12.11.2024 |
| Sünkroonitud | 13.11.2024 |
| Liik | Sissetulev kiri |
| Funktsioon | 11.1 Toetuste arendamine, sertifitseerimine ja järelevalve |
| Sari | 11.1-8 EL struktuurivahendite kirjavahetus |
| Toimik | 11.1-8/2024 |
| Juurdepääsupiirang | Avalik |
| Adressaat | Euroopa Komisjon |
| Saabumis/saatmisviis | Euroopa Komisjon |
| Vastutaja | Siret Soonsein (Riigi Tugiteenuste Keskus, Peadirektori asetäitjale alluvad osakonnad, Toetuste arendamise osakond, Toetuste korraldamise talitus) |
| Originaal | Ava uues aknas |
Mr. Aivo Orav
Ambassador, Permanent Representative
Permanent Representation of Estonia to the
EU
Rue Guimard 11/13, 1040, Brussels
Mr. Mart Võrklaev
Minister of Finance
Ministry of Finance
Suur-Ameerika 1, 10122 Tallinn
Commission européenne/Europese Commissie, 1049 Bruxelles/Brussel, BELGIQUE/BELGIË — Tel. +32 22991111
EUROPEAN COMMISSION
DIRECTORATE-GENERAL
ECONOMIC AND FINANCIAL AFFAIRS
Resources and performance management
The Director
Brussels, ECFIN/R4/GG/EE(2024)
Subject: EPM Audit of fulfilment of milestones and targets and compliance audit
with the Audit Authority
Estonian Resilience and Recovery Plan
Final audit report
Ref.: Audit No EE-Q2-2024-M/T and Compliance
Announcement letter Ares(2024)3575565
Draft audit report Ares(2024)5370980
MS reply Ares(2024)6588762
Your Excellency,
Please find enclosed the final audit report setting out the Commission auditors’ final
findings and related actions and recommendations.
The national authorities have informed the Commission auditors on the implementation
of actions and recommendations set out in the final audit report.
As the Member State authorities have implemented all audit recommendations, no further
action will be taken by the Commission and the audit is therefore closed.
Yours faithfully,
Bernadette FREDERICK
Electronically signed
Enclosure: Final audit report
c.c.: Coordinating Body
Triin Tomingas, Head of Foreign Financing Unit, State Budget
Department, Ministry of Finance of the Republic of Estonia
Siret Soosein, Expert, State Shared Service Centre, RRP coordinator
Katri Targama, Head of the Grants Management Unit, State Shared
Services Centre
Audit Body
Anu Alber, Head of Financial Control Department, Ministry of Finance
of the Republic of Estonia, the RRF audit body
Mart Pechter, Advisor of the Financial Control Department, Ministry
of Finance of the Republic of Estonia, the RRF audit body
Directorate-General for Economic and Financial Affairs
Bernadette Frederick, Acting Head of Unit, ECFIN R.4
Giulia Galli, Principal Auditor EE, ECFIN R.4
Peter Niklas, Associate Auditor, ECFIN R.4
Judith Schrenk, Associate Auditor, ECFIN R.4
Daniel von Dungen, Team Leader, ECFIN R.4
Javier Yaniz Igal, Acting as Director, ECFIN E
Joern Griesse, Head of Unit, ECFIN E.2
Recovery and Resilience Task Force
Maria Teresa Fabregas Fernandez, Director, SG.RECOVER.B
Luca Rossi, Head of Unit, SG.RECOVER.B2
Ave Schank-Lukas, SG.RECOVER.B2 – Tallinn
Joint audit service for Cohesion (DAC)
Franck Sebert, Director, REGIO.EMPL.DAC
European Anti-fraud Office (OLAF)
James Sweeney, Director, OLAF.C – Anti-Fraud Knowledge Centre
Charlotte Arwidi, Head of Unit OLAF.C.1 - Anti-Corruption, Anti-
Fraud Strategy and Analysis
European Climate, Infrastructure and Environment Executive Agency
(CINEA)
Paloma Aba Garrote, Director, CINEA
European Court of Auditors
Electronically signed on 11/11/2024 17:34 (UTC+01) in accordance with Article 11 of Commission Decision (EU) 2021/2121
1 | P a g e
EUROPEAN COMMISSION DIRECTORATE GENERAL
ECONOMIC AND FINANCIAL AFFAIRS Resources and performance management
Audit and Control
FINAL AUDIT REPORT (1)
Audit No. EE-Q2-2024-M/T and Compliance
EPM Audit of fulfilment of milestones and targets and
compliance audit with the Audit Authority
MEMBER STATE: Estonia
RRP COMPONENTS /
MEASURES / MILESTONES /
TARGETS
EE-C[A]-I[1-3-.1-3-]-T[7] - eFTI (electronic Freight
Transport Information) platforms development
(Development of digital waybills services)
EE-C[D]-I[4-7-.4-7-]-M[78] - Publication of a call for
proposals for a pilot energy storage programme (Pilot
Energy Storage Programme)
EE-C[C]-R[3-3-.3-3-]-T[49] - Deployment of IT
developments contributing to the implementation of the
business event services and gateway (Development of
event services and digital gateway for entrepreneurs)
(Compliance part)
NATIONAL AUTHORITIES: • Coordinating Body (Ministry of Finance, State Shared
Service Centre)
• Estonian Audit Authority (Ministry of Finance)
• Estonian Business and Innovation Agency
• Ministry of Economic Affairs and Communications
• Environmental Investment Centre
• Ministry of Climate
DATE OF MISSION: 10/06/2024 - 14/06/2024
PRINCIPAL AUDITOR: GALLI Giulia
ASSOCIATED AUDITORS: NIKLAS Peter
SCHRENK Judith
(1) This report should be treated as confidential until the follow-up procedure has been brought to a final
conclusion. If the whole or part of the report is transmitted to persons concerned by the audit to enable
them to provide comments, please ensure that the information set out in this paragraph accompanies the
transmission.
2 | P a g e
TABLE OF CONTENTS
LIST OF ACRONYMS ..................................................................................................... 3
1. EXECUTIVE SUMMARY ......................................................................................... 4
1.1. Introduction ....................................................................................................... 4
1.2. Audit opinion and findings ................................................................................ 4
1.2.1. Overall audit opinion ........................................................................ 4
1.2.2. Findings .............................................................................................. 5
1.2.3. Good practices ................................................................................... 5
1.3. Subsequent events and conclusions ................................................................... 6
2. THE ENGAGEMENT CONTEXT ............................................................................. 6
2.1. Legal Basis ........................................................................................................ 6
2.2. Objectives of the audit ....................................................................................... 6
2.3. Scope of the audit .............................................................................................. 6
2.4. Methodology ...................................................................................................... 8
3. DETAILED FINDINGS AND RECOMMENDATIONS ........................................ 10
3.1. Findings relative to the Audit Authority’s system: ......................................... 10
ANNEX IA: IMPORTANCE OF THE FINDINGS RELATIVE TO AUDITS ON
M/T AND SYSTEM AUDITS ON M/T ................................................................... 14
ANNEX II: SAMPLE OF FINAL RECIPIENTS / OPERATIONS / PROJECTS
AUDITED ................................................................................................................. 16
ANNEX III: MEMBER STATE RESPONSE TO RECOMMENDATIONS .................. 17
1. Findings relative to the Audit Body’s system: ................................................ 17
3 | P a g e
LIST OF ACRONYMS
CID Council Implementing Decision
DG ECFIN Directorate-General for Economic and Financial Affairs
EC
European Commission
eFTI electronic Freight Transport Information
EPM Enquiry Planning Memorandum
EU European Union
FA (Financing
Agreement)
Recovery and Resilience Facility Financing Agreement between the
Commission and the Member State
ISA International Standard on Auditing
IT
KR
Information Technology
Key Requirement
MS
SSSC
Member State
State Shared Services Centre
RRF Recovery and Resilience Facility
RRF
Regulation
Regulation (EU) 2021/241 of the European Parliament and of the
Council of 12 February 2021 establishing the Recovery and
Resilience Facility
RRP Recovery and Resilience Plan
4 | P a g e
1. EXECUTIVE SUMMARY
1.1. Introduction
In accordance with DG ECFIN’s audit plan for 2023/24, and in the context of assessing
compliance with Regulation (EU) 2021/241 of the European Parliament and of the
Council of 12 February 2021, Commission auditors have conducted an audit on the
satisfactory fulfilment of the milestones and targets declared in the request(s) for
payment n°2 submitted by Estonia to the European Commission, on 18/12/2023.
1.2. Audit opinion and findings
1.2.1. Overall audit opinion
❖ Unqualified for the fulfilment of milestones and targets audit part
Based on the work carried out, in accordance with International Standards on Auditing,
detailed in section 2 of the audit report, the auditors have obtained reasonable assurance
on the satisfactory fulfilment of the milestones and targets included in the scope of audit,
as declared in the request(s) for payment n°2 submitted by Estonia to the European
Commission, on 18/12/2023
The audit work carried out does not put in doubt the assertions made in the management
declaration(s) included in the request(s) for payment.
❖ Unqualified for the compliance audit part
Based on the audit work carried out, nothing has come to our attention that causes us to
believe that the subject matter of the audit is not in compliance, in all material aspects
with Article 22(1) of the RRF Regulation and Article 11 of the Financing Agreement.
In compliance with the “Guidance on the assessment of the Internal Control Systems set
in place by the Member States under the Recovery and Resilience Facility”, the
following table shows the results of the key requirement audited and the overall audit
opinion of the system audited:
Assurance on
KR5
Overall
opinion
High Unqualified
This audit represents the assessment and evaluation of the design of the internal control
system at a specific point in time. Hence, this compliance audit does not provide
assurance for future periods in view of risks such as the weakening of the internal
controls resulting from changes in conditions, or possible deterioration of the degree of
compliance with legal requirements or procedures.
5 | P a g e
1.2.2. Findings
The findings related to the audit identified by the ECFIN R4 auditors are summarised
below:
Fulfilment of milestones and targets audit:
- Findings related to the audit on fulfilment of milestones and targets:
No findings were identified by the ECFIN R4 auditors for T[7] and M[78].
Compliance Audit:
- Findings related to the re-performed audit on milestone and targets
No findings were identified by the ECFIN R4 auditors for target T[49].
- Findings relative to the Audit Authority’s system:
Fin-
ding
n°
Issue
Key
Require-
ments
Relevant
articles
of the
FA/LA
Classifi-
cation
(see
Annex I)
Coordin
-ating
body’s
response
Status
of the
finding
1
Missing elements in
the procedures and
checklists used by
the Estonian Audit
Authority
KR 5
Annex I
of the
FA:
KR 5
Very
ImportantAgreeClosed
2
Low number of audit
staff dedicated to the
RRF
KR 5
Annex I
of the
FA:
KR 5
Very
ImportantAgreeClosed
1.2.3. Good practices
The IT systems (SFOS) used by the Estonian Bodies can be considered “best practice”
and facilitate the Coordinating Body’s (and all the other national bodies) tasks in
monitoring, supervision, and reporting. SFOS is also interconnected with other national
databases such as the Business Register and the reporting platform e-grant.
SFOS and other interconnected databases enable the relevant bodies to store and verify
information related to:
- State Aid (SA);
- Public procurement (PP);
- Do no significant harm (DNSH);
- Protection of Financial Interest of the Union (PFIU) – (Double Funding, Conflict
of Interest);
- Implementation, monitoring and reporting of M/T;
- Audits.
6 | P a g e
1.3. Subsequent events and conclusions
On 18/09/2024 (2) the Estonian authorities submitted their comments on the draft audit
report. In particular, the Estonian authorities accepted all audit findings.
In addition, the Estonian authorities described the actions taken to improve the
functioning of the Audit Authority’s system.
Subsequently, based on the analysis of the Estonian reply to the audit findings all the
findings have been closed by the Commission auditors and in Section 3 of the Final audit
report it is described why the Commission accepted to close them.
2. THE ENGAGEMENT CONTEXT
2.1. Legal Basis
The legal basis for the audit on milestones and targets is foreseen in Article 12 of the
Financing Agreement of the Recovery Resilience Plan between the European
Commission and Estonia, in accordance with Article 22(2)(e) of the RRF Regulation (3).
2.2. Objectives of the audit
The audit was performed in the context of the Enquiry Planning Memorandum "Audit on
the fulfilment of milestones and targets and compliance audit.
The objective of the audit is to obtain reasonable assurance on:
- the satisfactory fulfilment of the milestone M[78] and target T[7] as declared in the
second request for payment submitted by the Republic of Estonia to the European
Commission on 18/12/2023;
- the compliance of audit activities performed by the national Audit Authority with
internationally accepted audit standards, related to target T[49].
2.3. Scope of the audit
The scope of the audit is limited to:
- a verification of the achievement of milestone M[78] and target T[7] declared in the
request for payment n°2 submitted on 18/12/2023 to the European Commission;
(fulfilment of M/T audit);
- public procurement and state aid procedure checks, do no significant harm (DNSH)
checks (where applicable);
(2) European Commission Reference: Ares(2024)6588762
(3) Regulation (EU) 2021/241 of the European Parliament and of the Council of 12 February 2021 establishing the
Recovery and Resilience Facility
7 | P a g e
- a verification of an adequate and independent audit of systems and cases of support to
investments and reforms KR5; (compliance audit);
- a review of the audit body’s methodology and procedures in relation to the above-
mentioned key requirement; (compliance audit);
- a review of the audit body’s working papers from audits carried out on the selected
milestones or targets declared to the Commission in the request for payment n°2
submitted on 18.12.2023; (compliance audit);
- the re-performance of the audit of the selected measure T[49] (compliance audit).
SEQUEN
TIAL
NUMBE
R (AS IN
CID)
NAME OF
MEASURE MILE-
STONE /
TARGET
INDICATORS
(QUANTITATIVE / QUALITATIVE) BODY(IES)
RESPONSIBLE FOR
REPORTING AND
IMPLEMENTATION /
FOR AUDITING
49Development
of event
services and
digital
gateway for
entrepreneurs
target Number of IT development projects contributing to the
implementation of the business event services and
gateway that have successfully deployed new
developments online.
These development projects shall be either directly
related to the development of the digital gateway for
entrepreneurs or to the development of business-event
services, which additionally include the development
of various related systems for interfacing with the
digital gateway. As a result of each development
project, at least a minimally functional IT solution shall
be completed (i.e., the IT solution shall be operational
at least in the basic parts for the end users
(entrepreneurs) and shall be able to provide feedback
for further development needs during the reform
implementation period or afterwards).
Compliance Audit:
Audit Authority
(Financial Control
Department -
Ministry of Finance
of Estonia)
78Pilot Energy
Storage
Programme
milesto
ne
An open call for proposals shall be published by the
Environmental Investment Centre to support energy
storage projects.
The call shall be based on project selection criteria and
award conditions that ensure that the selected projects
comply with the ‘Do no significant harm’ Technical
Guidance (2021/C58/01) through the use of an
exclusion list and the requirement of compliance with
the relevant EU and national environmental legislation.
The selection/eligibility criteria shall specify that the
supported activities and/or enterprises contribute to
climate-neutral economy, climate resilience and
climate change adaptation, including circular economy
objectives.
Fulfilment of M/T
Audit:
Ministry of Climate
Environmental
Investment Centre
7Development
of digital
waybills
services
target Number of projects developing an eFTI platform which
have received a positive grant decision.
Fulfilment of M/T
Audit:
Ministry of Eco-
nomic Affairs and
Communications
Estonian Business
and Innovation
Agency
8 | P a g e
The audit work was carried out at the premises of the Coordinating body and bodies
implementing reforms and investments and at the premises of the Audit Authority.
2.4. Methodology
The audit work was carried out in accordance with the methodology set out in the above-
mentioned Enquiry Planning Memorandum and was based on the standard checklist(s)
foreseen in the same memorandum.
The audit was performed in line with ISSAI 4000 (compliance with audit standard from
INTOSAI) and in line with the principle 13 of COSO 2013.
After finalising the on-the-spot work, the Commission auditors have requested additional
clarifications to the national authorities and received a complete reply.
Bodies Ares number Received
Coordinating Body (Ministry of Finance,
State Shared Service Centre)
Ares(2024)4497461 and
Ares(2024)4405970
13/06/24
17/06/24
Estonian Audit Authority (Ministry of
Finance)
Ares(2024)4405847 17/06/24
Estonian Business and Innovation Agency Ares(2024)4405820 13/06/24
Ministry of Economic Affairs and
Communications
Ares(2024)4405947,
Ares(2024)4466865 and
Ares(2024)4474068
18/06/24
19/06/24
20/06/24
Environmental Investment Centre Ares(2024)4405926 13/06/24
Ministry of Climate Ares(2024)4405970 and
Ares(2024)4502738
17/06/24
21/06/24
Based on the audit work, the auditors identified two types of audit findings which do not
have the same implications for the audited entity:
Type A audit findings correspond to errors found in the audited sample and related to
items specified in the CID. These errors are extrapolated to the entire population in the
draft audit report and may lead to the conclusion that the corresponding target or
milestone has not been satisfactorily achieved.
9 | P a g e
Type B audit findings correspond to errors found in the audited sample, which are not
related to elements specified in the CID. In some cases, these findings are linked to non-
compliance with national or EU rules and require follow-up by the national authority,
which should:
1. check whether the corresponding funding has been unduly paid or not;
2. decide on the recovery of the corresponding amount;
3. confirm whether recovered amounts will be reused for the same objectives and, if
so, the timeline of this use; and
4. report these elements to the Commission as part of the contradictory process of
this audit.
On the basis of these elements, the Commission will be able to subsequently update its
conclusion as to the satisfactory achievement of the objective and compliance with the
agreement of financing. (4)
(4) On the fulfilment of milestone and target audit there were no Type A and Type B findings.
Only for the compliance audit part ECFIN R4 had issued some findings and recommendations to the
Audit Authority.
10 | P a g e
3. DETAILED FINDINGS AND RECOMMENDATIONS
3.1. Findings relative to the Audit Authority’s system:
Finding n° 1 Issue: Missing elements in the procedures and checklists used
by the Estonian Audit Authority
Legal basis and other sources:
Annex I of the Financing Agreement - KR 5
Description of the finding:
During the compliance audit, ECFIN R4 auditors focused their questions on the
following aspects:
-the audit performed by the Estonian Audit Authority on the measure T[49]
-the procedures, checklists and working documents used by the Estonian Audit Authority
to prepare, conduct and report on their audits.
The audit trail and the documentation provided by the Estonian Audit Authority related
to the target T[49] is succinct, but the ECFIN R4 auditors’ analysis concluded that the
European Commission can rely on the audit work carried out by the Estonian Audit
Authority.
The Estonian Audit Authority explained to ECFIN R4 auditors that:
- in case of absence of findings during the audit of a measure, only the final audit report
is drafted without a draft audit report or contradictory procedure.
- the audit work is also supported by other levels of controls, e.g. by the Internal Audit
Departments in the Ministries and Agencies and by the Coordinating Body itself, and by
well-functioning and strong IT systems (SFOS).
ECFIN R4 auditors before and during the mission analysed the summary of audit,
templates of checklists / working papers used by the Estonian Audit Authority and the
audit manual. During the analysis of documents and during the compliance audit, ECFIN
R4 auditors identified some missing elements in the procedures and checklists used by
the Estonian Audit Authority to prepare, conduct and report on their audits, compared to
the standards applied by the European Commission.
Specifically, ECFIN R4 auditors observed that:
In the audit strategy there is no reference to:
- the quality controls carried out;
- the international auditing standards that the Estonian auditors follow;
- the reference to the sampling methodology.
11 | P a g e
In the templates of checklists / working papers the following standard questions are
missing:
- the respect of the requirements in the description of the M/T and measure as defined in
the CID Annex;
- the checks on the publicity requirements as defined in the RRF Regulation;
- the checks on the eligibility compliance period (the implementation of the measure has
not started before 01 February 2020).
In the audit manual there are only references to the Structural Funds, and not to RRF.
1. Additionally, regarding the structure of the audit trail, ECFIN R4 auditors concluded it is
missing the following elements, according to the description of the Estonian Audit
Authority:
- a formal announcement letter template in which the contradictory procedure is covered;
- a formal mission planning memorandum explaining the audit methodology, the scope
and the sampling methodology applied.
Recommendation(s):
The audit authority (Ministry of Finance) is recommended to:
1. Ensure improvements to the audit strategy by:
- adding the reference to the quality controls carried out;
- adding the reference to the international auditing standards that the
auditors follow;
- adding the reference to the sampling methodology.
2. Ensure improvements to the templates of checklists/ working papers by including
standard questions on the below mentioned aspects:
- adding the respect of the requirements as in the description of the M/T and
measure defined in the CID Annex;
- explicitly checking the publicity requirements defined in Article 34 of
RRF Regulation;
- explicitly checking compliance with the eligibility period in accordance
with Article 17(2) of RRF Regulation (the implementation of the measure has not
started before 1 February 2020).
3. Improve the audit manual by:
- adapting the audit manual developed for the Structural Funds, in order to
make it suitable for the RRF specificities (like data collection according to Article
22 RRF Regulation, eligibility period, publicity requirements under NGEU, etc.).
4. Improve the structure of the audit trail by:
- defining a formal announcement letter template in which the contradictory
procedure is covered;
- defining a formal mission planning memorandum explaining:
o the audit methodology;
o the scope, including fulfilment of M/T, PP/ SA and other thematic issues
like PFIU aspects (fraud, corruption, conflict of interest, double funding);
o the sampling methodology applied.
Deadline for implementation:
3 Months
Importance (See Annex 1A):
Very Important
12 | P a g e
Body responsible:
Audit Authority (Ministry of Finance)
Finding n° 2 Issue: Low number of audit staff dedicated to the RRF
Legal basis and other sources:
Annex I of the Financing Agreement - KR 5
Description of the finding:
During the compliance audit, ECFIN R4 auditors learned that while the Estonian Audit
Authority deals with all European funds, the Audit Authority has only one specialised
auditor for the Recovery and Resilience Facility (RRF).
The staff of all teams is supporting each other’s audit work. The specialised auditor for
the RRF benefits from the experience of fellow auditors working on other European
funds.
Coordinating body’s response to recommendation (agree / partially agree / reject):
Agree
Coordinating body’s comments:
See Annex III
Auditors’ further comments (if applicable):
Finding Closed
Auditors took into account the reply from the MS and the documents provided as
evidence and consider them sufficient.
1) Regarding the first recommendation the evidence was received on 25/09/24: "2 2024
Audit Strategy RRF".
2) Regarding the second recommendation the evidences were received on 25/09/24: "2
2024 Audit Strategy RRF", "4 2024 A2 General KL-TP RRF_EN".
3) Regarding the third recommendation the evidence was received on 14/10/24:
"PA_Handbook_ver10_2024_new".
4) Regarding the second recommendation the evidences were received on 25/09/24: "2
2024 Audit Strategy RRF", "4 2024 A2 General KL-TP RRF_EN", "7 2024 A5 Audit
plan and declaration_EN", "9 2024 A7 Letter informing about the audit_EN".
13 | P a g e
Additionally, the Estonian Audit Authority relies on audit activities performed by the
Internal Audit Departments in the Ministries and Agencies. Overall and in particular for
the RRF the number of auditors is limited.
The low number of auditors puts a strain on the effort of the Estonian Audit Authority to
be effective and is a risk for business continuity.
Hiring an additional auditor dedicated to the RRF would contribute to guarantee business
continuity at the Estonian Audit Authority and would be a contribution to ensure that
sufficient resources for the purpose of the RRF are allocated.
Recommendation(s):
The audit authority (Ministry of Finance) is recommended to:
1) Analyse the administrative capacity and report to the Commission auditors on how
sufficient RRF audit coverage is ensured; consider adding an additional auditor
dedicated to RRF.
Deadline for implementation:
3 Months
Importance (See Annex 1A):
Very Important
Body responsible:
Audit Authority (Ministry of Finance)
Coordinating body’s response to recommendation (agree / partially agree / reject):
Agree
Coordinating body’s comments:
See Annex III
Auditors’ further comments (if applicable):
Finding Closed
Auditors took into account the reply from the MS and the document provided as evidence
and consider them sufficient.
The evidence was received on14/10/24: "MEMO RRF work account 2024".
In the future ECFIN R4 will review if indeed the administrative capacity was increased,
and the audit coverage is adequate (e.g. in the payment request assessment checklist
based on the Summary of Audit and follow-up questions).
14 | P a g e
ANNEX IA: IMPORTANCE OF THE FINDINGS RELATIVE TO AUDITS ON M/T AND SYSTEM
AUDITS ON M/T
Critical: Fundamental issue that is likely to affect the quality, integrity and ability of the
underlying data management systems and/or pose severe risks to the reliability of
reported data on achieved milestones and targets of the RRP.
Very Important: Significant issue that is likely hamper the quality, integrity and ability
of the underlying data management systems and/or pose significant risks to the reliability
of reported data on achieved milestones and targets of the RRP.
Important: Moderate issue that may hamper the quality, integrity and ability of the
underlying data management systems and/or pose risks to the reliability of reported data
on achieved milestones and targets of the RRP.
Desirable: Minor issue, the correction of which would support the quality, integrity and
ability of the underlying data management systems and/or enhance the reliability of
reported data on achieved milestones and targets of the RRP.
15 | P a g e
ANNEX IB: IMPORTANCE OF THE FINDINGS RELATIVE TO PFIU FOR THE SELECTED
MILESTONES AND TARGETS
Critical: Corrective action is needed to address a fundamental weakness in key controls,
which puts in question the reliability of the whole or part of the internal control system of
the auditee to protect the financial interests of the Union and has led or may lead to
widespread irregularities. There is a substantial risk that the financial interests of the
Union are not protected with respect to the RRF measures implemented by the
corresponding auditee(s). If not addressed and depending on the impact on the overall
implementation of the funds, such weaknesses may constitute a serious breach of the
financing agreement leading to financial corrections in accordance with articles 3 and 19
of the financing agreement.
Very Important: Corrective action is needed to address a significant weakness in key
controls, affecting the reliability of a significant part of the internal control system of the
auditee to protect the financial interests of the Union, which has led or may lead to
irregularities. There is a high risk that the financial interests of the Union are not
protected with respect to the RRF measures implemented by the corresponding
auditee(s). If not addressed and depending on the impact on the overall implementation
of the funds, such weaknesses may constitute a serious breach of the financing agreement
leading to financial corrections in accordance with articles 3 and 19 of the financing
agreement.
Important: Corrective action is needed to address a weakness or deficiency in the
internal control systems, which may lead to irregularities. Improved controls would
benefit the implementation of the RRP and/or allow for greater effectiveness and/or
efficiency of the measures to protect the financial interests of the Union with respect to
the measures implemented by the corresponding auditee(s).
Desirable: Minor issue, the correction of which would support the effectiveness,
efficiency and reliability of the measures to protect the financial interests of the Union.
16 | P a g e
ANNEX II: SAMPLE OF FINAL RECIPIENTS / OPERATIONS / PROJECTS AUDITED
List of the selected Final recipients / Operations / Projects audited for fulfilment of T[7]
EE-C[A]-I[1-3-.1-3-]-T[7]
COMPANY NAME VAT NUMBER ADDRESS
ATV Transport Aktsia
Company
EE100171787 Harju maakond, Tallinn, Kesklinna linnaosa,
Uus-Sadama tn 21
Waybiller OÜ
EE101946348 Harju maakond, Tallinn, Mustamäe
linnaosa, Mäealuse tn 2/1
Live Technologies OÜ
EE101635620 Harju maakond, Tallinn, Lasnamäe linnaosa,
Valukoja tn 32/3
Planlogi OÜ
EE102042047 Viljandi maakond, Viljandi linn, C. R.
Jakobsoni tn 11
Eveod OÜ
EE102346031 Lääne maakond, Haapsalu linn, Haapsalu
linn, Metsa tn 23
GoSwift OÜ
EE100619906 Harju maakond, Tallinn, Mustamäe
linnaosa, Mäealuse tn 2/1
17 | P a g e
ANNEX III: MEMBER STATE RESPONSE TO RECOMMENDATIONS
1. Findings relative to the Audit Body’s system:
Finding n° 1 Issue: Missing elements in the procedures and checklists used by the
Estonian Audit Authority
Coordinating body’s response to recommendation (agree / partially agree / reject):
Agree
Coordinating body’s comments:
Recommendation 1)
- Missing elements in the audit documents and procedures: quality control.
Your recommendation was to add information to the Audit Strategy to reference the
quality
controls carried out. The Audit Authority has added to the Audit Strategy under the section
“Methodology” a clarification, that in accordance with the general methodology of the
Department, a working paper for quality control will be filled out for each audit by the
Audit Supervisor of that audit.
- Missing elements in the audit documents and procedures: international auditing
standards.
Your recommendation was to add information to the Audit Strategy to reference the
international auditing standards that the auditors follow. The Audit Authority has added to
the Audit Strategy under the section “Introduction” a clarification that the Financial
Control Department carries out audit work in accordance with the global internal audit
standards of the Institute of Internal Auditors and has been externally evaluated as such.
Missing elements in the audit documents and procedures: sampling methodology.
Your recommendation was to add information to the Audit Strategy to reference the
sampling methodology. The Audit Authority has added to the Audit Strategy under the
section “Risk assessment” a clarification that the Audit Authority will consult the
“Guidance on sampling methods for audit authorities” issued by the European
Commission to ascertain which method is the most appropriate to the task.
Recommendation 2)
- Ensure improvements to the templates of checklists/ working papers: adding the respect
of the requirements.
Your recommendation was to improve the templates of checklists/ working papers by
adding the respect of the requirements as in the description of the M/T and measure
defined
in the CID Annex. The Audit Authority has added to the “General checklist / working
paper
for checking the fulfilment of milestones and targets” (Annex 2 of the Audit Strategy) the
respective control question.
- Ensure improvements to the templates of checklists/ working papers: adding the explicit
check for publicity requirements.
Your recommendation was to improve the templates of checklists/ working papers by
explicitly checking the publicity requirements defined in Article 34 of RRF Regulation.
18 | P a g e
The Audit Authority has added to the “General checklist / working paper for checking the
fulfilment of milestones and targets” (Annex 2 of the Audit Strategy) the respective
control
question.
- Ensure improvements to the templates of checklists/ working papers: adding the explicit
check for the eligibility period.
Your recommendation was to improve the templates of checklists/ working papers by
explicitly checking compliance with the eligibility period in accordance with Article 17(2)
of RRF Regulation. The Audit Authority has added to the “General checklist / working
paper for checking the fulfilment of milestones and targets” (Annex 2 of the Audit
Strategy) the respective control question.
Recommendation 3)
- Improve the audit manual: suitability for the RRF specificities.
Your recommendation was to improve the audit manual developed for the Structural
Funds, to make it suitable for the RRF specificities. The Audit Authority has added to the
Audit Strategy under the section “Introduction” a clarification, that the Financial Control
Department uses in its work the general audit methodology developed by itself in
accordance with the same standards. Whenever this methodology is used for Recovery and
Resilience Facility, amendments will be made to the respective working documents to
clarify their accordance with its specifics (such as data collection, eligibility period,
publicity requirements, etc.).
Recommendation 4)
- Improve the structure of the audit trail: formal announcement letter.
Your recommendation was to improve the structure of the audit trail by defining a formal
announcement letter template in which the contradictory procedure is covered. The Audit
Authority has added to the Audit Strategy an Annex 7 “Audit Announcement Letter”,
which includes points such as the scope of the audit, the sampling methodology and details
about the contradictory procedures.
- Improve the structure of the audit trail: formal mission planning memorandum.
Your recommendation was to improve the structure of the audit trail by defining a formal
mission planning memorandum explaining the audit methodology, the audit scope, and the
sampling methodology applied. The Audit Authority has added to the “Audit Plan and
Declaration of Objectivity” an Annex 8 “Audit Announcement Letter” (Annex 5 of the
Audit Strategy”, the respective points.
If necessary, updated documents will be sent to you directly by the Auditing Authority.
19 | P a g e
Finding n° 2 Issue: Low number of audit staff dedicated to the RRF
Coordinating body’s response to recommendation (agree / partially agree / reject):
Agree
Coordinating body’s comments:
Recommendation 1)
Your recommendation was to analyse the administrative capacity and report to the
Commission auditors on how sufficient RRF audit coverage is ensured; consider adding an
additional auditor dedicated to RRF.
The Audit Authority has analysed the administrative capacity required for delivering the
necessary results for RRF and proposes diverting a larger number of auditors within the
Department to the task of carrying out RRF audits when that task arrives again. Audit
Authority would also like to add an additional auditor full-time equivalent to the
Department when the resources allow for it, so as not to leave other tasks of the
Department undermanned as a result.
Electronically signed on 11/11/2024 17:34 (UTC+01) in accordance with Article 11 of Commission Decision (EU) 2021/2121
| Nimi | K.p. | Δ | Viit | Tüüp | Org | Osapooled |
|---|