strategy for development of public internal financial ... akti/2011/strategy pifc.pdf · for...

STRATEGY

FOR DEVELOPMENT OF PUBLIC INTERNAL FINANCIAL CONTROL IN THE REPUBLIC OF SERBIA

Belgrade, avgust, 2009

Strategy for Development of Public Internal Financial Control in the Republic of Serbia

2

Table of Contents

1. SUMMARY ...........................................................................................................................................4

2. INTRODUCTION ..................................................................................................................................6

3. DEFINITION OF PUBLIC INTERNAL FINANCIAL CONTROL...............................................................8

3.1. Responsibility of the management..................................................................................................... 8

3.2. Financial management and control.................................................................................................... 8

3.2.1. Control environment...................................................................................................................9

3.2.2. Risk management ......................................................................................................................9

3.2.3. Control activities ........................................................................................................................9

3.2.4. Information and communication ...............................................................................................10

3.2.5. System monitoring and evaluation............................................................................................10

3.3. Functionally independent internal audit.............................................................................................10

3.4. Harmonisation..................................................................................................................................11

3.4.1. Central Harmonisation Unit ......................................................................................................11

3.4.2. Coordination and harmonisation of methodology and standards ...............................................11

3.4.3. Coordination and harmonisation of professional development and certification of internal auditors, training for managers and employees in the area of FMC ....................................................12

3.4.4. Assurance of independence of entire internal audit function .....................................................12

3.4.5.CHU responsibility for annual reporting on PIFC progress 12 3.4.6. CHU networking 12

4. ANALYSIS OF CURRENT CONTROL ENVIRONMENT......................................................................13

4.1. Institutional framework .....................................................................................................................13

4.1.1. The National Assembly of the Republic of Serbia .....................................................................13

4.1.2. Government.............................................................................................................................13

4.1.3. State Audit Institution ...............................................................................................................13

4.1.4. Ministry of Finance...................................................................................................................13

4.1.5. Ministries and other authorities of the government administration .............................................15

4.1.6. Public Procurement Office........................................................................................................15

4.1.7. Commission for Protection of Bidders’ Rights ...........................................................................15

4.1.8. Property Directorate of the Republic of Serbia..........................................................................15

4.1.9 Local Self-Government .............................................................................................................15

4.1.10 Mandatory social security organisations ..................................................................................15

4.2. Legal framework ..............................................................................................................................16

5. EVALUATION OF CURRENT SITUATION AND ACTIVITIES NECESSARY FOR ESTABLISHMENT AND IMPROVEMENT OF FINANCIAL MANAGEMENT AND CONTROL SYSTEM ................................17

5.1. Evaluation of current situation of FMC system..................................................................................17

5.1.1. Regulation on Budget Accounting ............................................................................................18

5.1.2. Rule Book on Common Bases, Criteria and Duties of Financial Departments of Direct Budget Beneficiaries......................................................................................................................................18


3

5.1.3. Organisational structure of financial departments .....................................................................18

5.1.4. Rule Book on Common Criteria and Standards for Establishing and Functioning of the Financial Management and Control Systems in the Public Sector .....................................................................19

5.1.5 User Manual on Public Finance Management System...............................................................19

5.1.6. Training in the area of FMC......................................................................................................20

5.1.7. Level of establishment of FMC in public funds beneficiaries .....................................................21

5.2. Required activities towards establishment and improvement of FMC................................................21

5.2.1. Improvement of the legal framework on Public Internal Financial Controls................................21

5.2.2. Establishment of FMC..............................................................................................................21

5.2.3. Evaluation of training needs in the area of FMC .......................................................................22

6. EVALUATION OF CURRENT SITUATION AND REQUIRED ACTIVITIES TOWARDS ESTABLISMENT AND IMPROVEMENT OF INTERNAL AUDIT .........................................................................................23

6.1. Evaluation of current IA....................................................................................................................23

6.1.1 Rule Book on Common Criteria for Organising and Standards and Methodological Instructions for Internal Audit Operations in the Public Sector ....................................................................................23

6.1.2. Internal Auditing Handbook ......................................................................................................23

6.1.3. Training of internal auditors......................................................................................................23

6.1.4. Level of internal audit establishment in public funds beneficiaries.............................................24

6.2. Necessary activities for IA establishment and improvement ..............................................................24

6.2.1. Improvement of legal framework of Public Internal Financial Control.........................................24

6.2.2. Establishment of IA..................................................................................................................24

6.2.3. Assessment of IA training needs ..............................................................................................24

6.2.4. IA staff .....................................................................................................................................25

7. CENTRAL HARMONISATION AND REQUIRED ACTIVITIES FOR ESTABLISHMENT OF CENTRAL HARMONISTION UNIT...........................................................................................................................26

7.1. Central harmonisation......................................................................................................................26

7.1.1. Activities of Central Harmonisation Unit....................................................................................26

7.1.2. Preparation of regulations in the area of PIFC..........................................................................26

7.1.3. Staff problems..........................................................................................................................26

7.2. Activities for the establishment of CHU.............................................................................................27

7.2.1. Establishment of CHU..............................................................................................................27

7.2.2. Appointment of head of CHU....................................................................................................27

7.2.3. Required resources..................................................................................................................27

8. COOPERATION WITH THE SUPREME AUDIT INSTITUTION ...........................................................28

9. MEASURES AGAINST MAJOR IRREGULARITIES AND FRAUDS.....................................................28

10. CONCLUSION..................................................................................................................................28

11. ACTION PLAN FOR DEVELOPMENT OF PUBLIC INTERNAL FINANCIAL CONTROL....................29


4

1. SUMMARY

This document represents a plan for the establishment and development of comprehensive and effective system of public internal financial control, in order to ensure good management and protection of public funds, regardless of their respective sources as well as harmonisation with the requirements referred to in Chapter 32 – Financial Control of Accession Negotiations. In order to establish whether Serbia meets the requirements of harmonisation with Acquis Communautaire, defined in Chapter 32 on accession negotiations. The European Commission shall carry out assessment of the overall system of Public Internal Financial Control (PIFC). The term and concept of Public Internal Financial Control (hereinafter: “PIFC”), developed by the European Commission to help the countries in the accession process to understand and implement the well-developed and effective internal control systems, includes three elements: а) Financial management and control” (hereinafter:”FMC”), b) Functionally independent, decentralised Internal Audit (hereinafter:”IA”), c) Central Harmonisation Unit (hereinafter: “CHU”). In the context of this model, Financial Management and Control (FMC) and Internal Audit (IA) represent a system of Internal Control (IC) and are used to provide support to the management in meeting organisational objectives. To introduce and develop a comprehensive and effective PIFC system, it is necessary to ensure sustainable development of the following key areas:

Introduction and maintainance of the system of financial management and control as the basis for implementation of the concept of managerial accountability

The concept of managerial accountability means that managers of public funds beneficiaries shall bear responsibility for delegated fiscal, management and programme authorities. In the organisation concerned, managers are responsible for planning and programming, preparing the budget/financial plan, implementing the budget/financial plan, accounting, control, reporting, archives and supervision and/or they are responsible for setting and accomplishing the set targets. Managers are also responsible for establishing and proper functioning of financial management and control systems in their organisations. These systems will help managers of organisations that are beneficiaries of public funds in performing their tasks and/or organisations to meet their goals by operating properly, economically, efficiently and effectively.

Fully independent internal audit function The Government shall ensure introduction of the decentralised, fully independent internal audit function. Internal audit is a new profession, conducted by Certified Public Sector Internal Auditors (hereinafter: internal auditors). Internal Audit performs internal audit within its own organisation, and, based on the agreement, in the organisations that are not obliged to employ internal auditors. Internal auditors’ duty is to make assessment in systematic and disciplined manner and provide assurances and advice to managers regarding effective risk management, control adequacy and effectiveness as well as effective organisation management processes. Establishing and developing this profession require appropriate training, authorisations and necessary financial and other resources. Remuneration for internal auditors may not be determined at lower level than salaries paid out to auditors at the National Audit Institution.

Central Harmonisation Unit

Harmonisation shall be ensured by the establishment of the Central Harmonisation Unit as an administration or department within the Ministry of Finance. The CHU is a central organisation in the Republic of Serbia, responsible for preparation and promotion of control and internal audit methodologies in compliance with the internationally accepted standards and best practices. The CHU initiates, coordinates and monitors implementation of new regulations regarding responsibility of management structures (financial management and control systems) and internal audit, carries out training of managers and employees involved in financial management and control as well as training and certification of certified public sector internal auditors. Head of Central Harmonisation Unit reports directly to the minister on the development and progress in the area of PIFC.


5

Required preconditions To ensure successful functioning of the system, CHU staff as well as employees in all public sector organisations implementing the PIFC need to have appropriate qualifications, experience, training as well as adequate powers and necessary financial and other resources available.

Legal framework Key PIFC elements are prescribed in compliance with the Budget System Law, related bylaws and other laws. In order to ensure further improvement of the system and its harmonisation with the generally accepted international standards and practices in the EU and/or to ensure the PIFC implementation, it is necessary to improve the legal framework in the part dealing with Public Internal Financial Controls and redefine the Rules on the Common Criteria and Standards for Establishing and Functioning of the Financial Management and Control in the Public Sector and the Rules on the Common Criteria for Organisation and Public Internal Audit Standards and Procedures. It is necessary to publish tertiary regulations, including, inter alia, “Handbook of Financial Management and Control” and “Internal Auditing Handbook”. The above changes will operationally enable improvement and functioning of the PIFC. Absence of any of the above elements will, however, prevent establishing, implementing and developing adequate structure of Public Internal Financial Control. These elements must be developed at the same time, not separately.


6

2. INTRODUCTION

The purpose of the Strategy is to bring out key aspects of the present situation and, at the same time, it represents a long-term plan for introduction and development of the comprehensive and effective system of Internal Financial Control in the public sector of the Republic of Serbia, which should ensure sound management of public funds, irrespective to their source. Public Internal Financial Control system includes Financial Management and Control (FMC), Internal Audit (IA) and Central Harmonisation Unit (CHU). It is necessary to ensure, in compliance with the regulations and standards, full responsibility of the persons involved in public affairs and management of public funds so that the pubic assets are kept and used economically, efficiently and effectively. In addition, the Government policy aims to ensure faster and better quality provision of services that will be integrated, user-oriented and results-based. To meet these requirements, beneficiaries of public funds and all those responsible for public affairs need to establish and maintain appropriate structure for managing operations and protecting assets placed at their disposal. In the European Union Council Decision of 13 February 2008 on the Principles, Priorities and Conditions Contained in the European Partnership with Serbia including Kosovo, as defined by the UN Security Council Resolution 1244 of 10 June 1999, certain priorities regarding financial control are mentioned:

Short-term priority: - to develop strategy for Public Internal Financial Control and - to develop procedures and administrative capacities to ensure effective protection of EU

financial interests. Mid-term priorities:

- to develop and apply principles of decentralised responsibility of managerial structures and functionally independent internal audit in compliance with the internationally accepted standards and EU best practices;

- to strengthen operational capacities, functionality and financial independence of the supreme audit institution;

- to develop procedures and administrative capacities to ensure effective protection of EU financial interests.

In line with the above priorities in the Decision of the EU Council, The National Integration Programme was adopted by the Conclusion of the Government 05 No.: 011-8132/2007-11 оf 9 October 2008. Preparation and adoption of the Strategy for Public Internal Financial Control will allow dealing with the requirements of the EU Council in the area of financial control (Chapter 32). After adopting the Strategy, the Government will apply internal control and internal audit principles both to the Government-controlled public funds and EU funds based on the internationally accepted standards of internal control for the public sector1 and internal audit2, as well as EU best practices. For the structural changes proposed herein to be implemented, the Government needs to implement revised regulations, providing thus a solid basis for sustainable PIFC development as well as facilitating EU accession negotiations referred to in Chapter 32 – Financial Control. For the management of the EU Funds that will be allocated to the Republic of Serbia, the Government will set up the National Fund and Central Finance and Contracting Unit, as well as financial control mechanisms to meet the European Commission requirements in the area of project management.

1 INTOSAI internal control standards for the public sector (INTOSAI Guidelines for Internal Control Standards for the Public Sector) 2 IIA internal auditing standards (ECIIA Position Paper Internal Auditing in Europe)


7

There are a series of available reports, discussions, analyses and views on financial and managerial control from various sources. Although many of these documents have been analysed, this Strategy relies on the evaluation made by SIGMА3 in Serbia in 2007, stating the following: “It is necessary to develop mechanisms of responsibility within the state administration. The necessity of institutional reform and improved administrative capacities is present in all sectors and levels of the state administration. For successful introduction of internal control and internal audit concept, it is also necessary to solve a number of culturological differences. Public Internal Financial Control “policy” and strategy need to be prepared and then implemented systematically and methodically. It is necessary to revise Budget System Law and other bylaws regulating the area of efficient financial control and establishing internal audit in Serbia as well as improve them on comparative basis in order to ensure consistency and the system that will function in the Serbian circumstances as well as possible; it is necessary to reconsider reporting lines and responsibilities of all public funds beneficiaries and thoroughly examine their nature.“ The present Strategy has been prepared by the Ministry of Finance with the help of the Technical Assistance Project “Internal Audit and Internal Financial Control in the Public Sector - Phase 2”. During the preparation of the Strategy, a series of extensive consultations and analyses with ministries, mandatory social security organisations, employees of the Ministry of Finance and experts from other technical assistance projects were carried out. The Strategy is not dealing with the details related to the development of the State Audit Institution, because this institution is not part of PIFC system, but represents an important part of the process of external control of the Government. The National Parliament has adopted the law regulating the establishment of the State Audit Institution in Serbia and set up the Council. The PIFC system will be subject to ongoing changes and development. In order to take these changes into account, the Ministry of Finance-CHU will propose to the Government to update this Strategy and Action plan.

3 Support for Improvement in Governance and Мanagement – OECD Initiative


8

3. DEFINITION OF PUBLIC INTERNAL FINANCIAL CONTROL

Public Internal Financial Control (PIFC) is the term and concept developed by the European Commission for the purpose of providing help in understanding and implementing well-developed and effective control systems in the process of EU accession.

P – Public Sector; I – Internal to the organisation; F – Financial systems mainly but not exclusively; C – Control based on internationally accepted and recognised standards.

PIFC includes a comprehensive system established by the Government and/or public sector organisations for the purpose of financial management and control, internal audit and reporting on use of the public funds and EU Funds. It should ensure that management and control of the public funds (including foreign funds as well) are in compliance with the regulations, budget description and principles of sound financial management and/or efficiency, effectiveness, cost-effectiveness and transparency. PIFC includes all measures for control of public revenues and expenditures and allows proper management of assets and liabilities. PIFC also includes all internal control systems and use of funds. PIFC encompasses three key elements:

1. Financial Management and Control (FMC) 2. Functionally independent internal audit (IA) and 3. Central unit for harmonisation and coordination of the system of financial management and

control and internal audit methodology (Central Harmonisation Unit - CHU) 3.1. Responsibility of the management

In accordance with the principles of managerial accountability, managers of the organisations are directly responsible for management and development of the organisation they manage. Key functions of the managers include planning of organisation’s activities, introducing risk management processes, providing appropriate control system that will reduce risks to acceptable level, ongoing monitoring of control adequacy to provide reasonable assurances that the organisation is likely to achieve its objectives. As it would not make sense to establish a control system that would cover all potential risks, manager has a responsibility to constantly identify, assess and monitor potential risks and consequently establish controls to protect the organisation from unacceptable risks. Besides financial, manager is responsible for all other activities and processes in the organisation and should, therefore, understand the concept of internal control (financial management and control and internal audit) and promote it among the employees. Manager is also responsible for regular reporting on the condition of financial management and control system and the level of internal audit development in the organisation. Based on the enactments regulating the internal organisation and manner of operation, manager may delegate certain authorities to other persons. By delegating authorities, responsibilities are also delegated accordingly, but delegation of authorities and responsibilities does not exclude the responsibility of the manager. 3.2. Financial management and control

Financial management and control, being a component of PIFC, represents an overall system of financial and non-financial controls, including organisational structure, methods and procedures of not only financial systems, but also operational and strategic systems of public sector organisations. Through risk management, these controls provide, to a reasonable extent, assurances that the organisational goals will be achieved. Managers have the responsibility to establish a set of rules and enforce their implementation in order to ensure the following:

а) performing operations properly, economically, efficiently and effectively; b) business operations compliance with laws, regulations, policies, plans and procedures; c) protection of property and other resources against losses caused by poor management,

unjustified spending, unjustified use, irregularities and frauds;


9

d) strengthening of responsibility for successful accomplishment of tasks; e) timely and accurate financial reporting and monitoring of business results.

System for financial management and control shall be established in all public sector organisational units and at all levels within the organisation, regardless of its size and number of employees, and shall be implemented by managers and all employees. The system includes all funds, including the EU funds. Each organisation should establish its own system in accordance with its needs and the existing environment. For establishing Financial Management and Control, generally accepted INTOSAI internal control standards for the public sector shall be applied (INTOSAI Guidelines for Internal Control Standards for the Public Sector), which also include an integrated framework of internal control defined by The Committee of Sponsoring Organisations of the Treadway Commission, excluding the internal audit function, with five mutually connected elements:

control environment, risk management, control of activities, information and communication, system monitoring and evaluation.

3.2.1. Control environment

Control environment sets the “tone” in the organisation and influences employee awareness of control. It represents the basis for all other components of internal control by providing discipline and structure. Control environment factors include integrity, ethical values and expertise of the organisation staff, philosophy and style of management, manner how managers delegate authorities and responsibilities and establish reporting lines as well as how professional development and training of employees is organised. 3.2.2. Risk management

Risk management includes identification, assessment and control of potential events and situations that may have adverse effects on achieving objectives of the public funds beneficiary. Precondition for risk management is determining general and specific objectives to be fulfilled by the organisation. Purpose of risk management is to provide reasonable assurances that relevant objectives and targets shall be fulfilled. In order to manage risks, manager of a public funds beneficiary adopts risk management strategy that needs to be updated every three years as well as in the case of significant changes in the control environment. Controls aimed at reducing risks to an acceptable level must be analysed and updated at least once a year. 3.2.3. Control activities Control activities represent written policies and procedures and their implementation, which are established to provide reasonable assurances that the goal achieving risks have been reduced to an acceptable level as defined in the risk management procedures. The control is carried out throughout the organisation, on all levels and over all functions, by all employees, in accordance with the defined business processes and job descriptions. These activities cover authorisations, procedures of delegation of powers and responsibilities, segregation of duties, dual signature principle, as well as rules for safety and protection of property and information, procedures for complete accurate, correct and updated recording of all business transactions, procedures for human resource management, etc. Efficient controls must be appropriate; they should function consistently as originally developed and should be related to the general objectives of the organisation. Controls may be classified as follows: Preventive – designed to discourage any omissions, ineffificiencies, errors and/or irregularities from occurring. They cannot guarantee that the controlled factor will not reappear, but they reduce probability of its occurrence. Detective – designed to detect and correct errors, inefficiencies and/or irregularities. They cannot provide absolute safety because they are activated only after certain event/ outcome has already occurred, but can reduce risk from undesired consequences as they allow undertaking corrective activities.


10

Directive – designed to encourage activities and events necessary for fulfillment of objectives. Corrective – designed to correct detected errors. They allow certain compensation in case of losses or damage. Controls must be appropriate and costs of their implementation should not exceed the expected benefits from their introduction. 3.2.4. Information and communication Sound information and communication system has a vital role in maintaining efficient financial management and control system. It includes:

identification, collection and distribution, in appropriate format and timeline, of reliable and true information that allow employees to assume their responsibilities;

effective communication, both horizontal and vertical, at all hierarchy levels of the beneficiaries of public funds;

development of an appropriate information system that will provide all employees with clear and precise directives and instructions on their role and responsibilities concerning financial management and control;

use of the documentation and documentation flow system that includes rules for registration, preparation, flow, use and filing of documents;

documenting all business processes and transactions required for preparing appropriate audit trails; establishment of an effective, timely and reliable reporting system, including levels and deadlines for

reporting, types of reports to be delivered to the management and manner of reporting in case of any observed errors, irregularities, funds or information misuse, frauds or illegal activities.

3.2.5. System monitoring and evaluation It is necessary to introduce the system for supervision of financial management and control by assessment of adequacy and efficiency of its operation. System monitoring and evaluation includes reviewing activities and transactions of the organisation in order to evaluate operation quality in a certain period, as well as assess controls efficiency. Management is supposed to direct supervision activities according to the control system and accomplishment of the mission of the organisation. Monitoring and evaluation of the financial management and control system is carried out by ongoing supervision and self-assessment. 3.3. Functionally independent internal audit

Internal audit is an independent activity providing an objective professional consulting opinion designed to add value and improve an organisation’s operations. It helps an organisation to accomplish its objectives by bringing a systematic and disciplined approach to evaluate risk management, control and governance processes. In the framework of PIFC concept, established by EU, internal audit is regarded as a function performed by an authorised, organisationally and functionally independent internal audit unit or internal auditor. Organisational independence shall be understood to mean that internal audit is independent from an activity which is subject to auditing, that it is not part of any other business process and/or organisational part and for its work it directly reports to the manager of the organisation. Functional independence means that based on risk assessment internal audit shall independently choose the areas to be audited and manner of auditing and reporting thereon. Internal audit carries out an independent, professional and systematic assessment of financial management and control systems, which includes auditing of all functions, operational processes and controls established. It objectively collects, checks, analyses and estimates information as well as prepares management reports for decision making. Internal audit is focused on evaluation and checking control system operation, which is performed by using auditing programme based on risk. Internal audit gives professional opinion and recommendations as to allow management and control systems to be established in accordance with the regulations, standards and principles of sound financial management.


11

It is necessary to make distinction between internal audit and financial management and control systems. A manager of the organisation is responsible for financial management and control systems. Internal auditors are not responsible for establishment, functioning and development of the financial management and control systems, but for assessment of the functioning of those systems, their potential weaknesses, shortfalls and irregularities and for giving recommendations for improvement and undertaking of corrective activities. Manager of the organisation is responsible for implementation of the recommendations given by the internal audit. 3.4. Harmonisation

Key feature of modern financial management is the necessity to bring decision-making process and responsibility as close as possible to the transaction/action (down to the lowest organisational units - subsidiarity4). It means moving from centralised control where all decisions are passed and supervision performed centrally by the Government, usually Ministry of Finance towards decentralised control where decisions are passed and supervision performed by individuals responsible for rendering services required by the Government within public sector organisations. Advantages of this approach are twofold:

а) Management and employees in the organisation are in a better position to understand the influence and consequences of certain decisions.

б) By rendering services, management and employees have a feeling of greater “ownership“over services if they are given certain degree of control and responsibility for passed decisions.

Responsibility for financial control is decentralised, but decentralisation is carried out within the centrally regulated framework, through the mechanism of central harmonisation in the Ministry of Finance. 3.4.1. Central Harmonisation Unit In compliance with the EU best practices and practices in other EU candidate countries, Central Harmonisation Unit is established for the purpose of harmonisation of financial management and control systems and internal audit methodology. This unit proves quality and independence of all functions within the PIFC and is responsible for promoting and providing support in development of FMC and IA. The CHU is also responsible for coordination and appropriate training of managers of all organisations and employees in the area of financial management and controls and internal audit in the public sector. This unit functions as “competence centre” for PIFC area. As such, the CHU is engaged in monitoring good practice, international standards and European Commission standards. The CHU’s activities, connected with FMC and IA, are organised as two separate activities within one unit. The CHU is located in the Ministry of Finance and manager of this unit directly reports on the development and progress of the PIFC system to the minister. 3.4.2. Coordination and harmonisation of methodology and standards The CHU is responsible for drafting of relevant PIFC legislation and implementing regulations, development and implementation of the methodology and standards associated with FMC and IA, especially for:

а) Establishing standards for FMC; b) Providing general support and giving instructions to beneficiaries of public funds for

preparation of audit trails5, responsible for their preparation; c) Preparation of the methodology for risk assessment to be used by all beneficiaries of public

funds; d) Monitoring of FMC implementation;

4 Principle that smallest units of certain organisation are authorised to pass decisions. 5 Audit trail is a record covering entire documentation and showing a business change in all its phases, with the possibility to follow documents from the aggregate sums down to individual details and vice versa.


12

e) Preparation of handbooks and methodologies for FMC and IA; f) Preparation of instructions for drawing “IA Charter”; g) Establishing professional standards and code of ethics for all IA employees; h) Evaluation of quality and inspection of IA structure and operation; i) Monitoring the best practices related to FMC and IA.

3.4.3. Coordination and harmonisation of professional development and certification of internal auditors, training for managers and employees in the area of FMC CHU is responsible to prepare and conduct programme of certification of certified public sector internal auditors, as well as to coordinate and supervise organisation of training facilities for internal auditors that will provide them with the necessary skills to be able to follow the latest internal audit “trends”. CHU is developing ‘team spirit” through organising expert meetings as well as less formal workshops and seminars, used for promoting high standards and encouraging exchange of ideas and good practices. CHU identifies the needs for training of managers and other employees in the area of FMC and ensures organisation of the defined training. 3.4.4. Assurance of independence of entire internal audit function

CHU provides guidelines, advice and support to internal auditors faced with the pressure to carry out tasks beyond their scope of competence, and/or internal auditors who are facing difficulties in the implementation of their most important recommendations 3.4.5.CHU responsibility for annual reporting on PIFC progress To enhance transparency, the CHU produces a consolidated annual report of the state of play of PIFC in the public sector that will allow for regular benchmarking over time.To fulfill the task In preparation annual report about PIFC progress, based on public funds beneficiaries PIFC annual reports, CHU will elaborate two questionnares for a self assessment of internal audit and financial management and control and submit them to budget users. The analysis of the submitted answers in annual PIFC reports and compliance and quality assurance checks will facilitate the reporting role of the CHU to the Minister of Finance and the Government on the progress of PIFC implementation. 3.4.6. CHU networking Networking could be carried out by e.g. regularly organized meetings wihin the profession, the use of a website and/or of a regular magazine to disseminate the latest information and discussions on issues raised. Whereas adequate internal networking is a condition for the optimal performance of a CHU, external networking is of equal importance. This external networking relates to cooperation with the SAI, the private internal audit organizations, professional audit and accountancy bodies and relevant academic niches inside the country as well as to international contacts. Since CHU are recently established institutions, there is much benefit in learning from each other about common problems relating to the introduction and implementation of PIFC.


13

4. ANALYSIS OF CURRENT CONTROL ENVIRONMENT

4.1. Institutional framework

4.1.1. The National Assembly of the Republic of Serbia

The National Assembly of the Republic of Serbia is the supreme representative body and carrier of constitutional and legislative power in the Republic of Serbia. It passes the laws and adopts the state budget, controls the operations of the Government and other carriers of the public functions that report to the Assembly in accordance with the Constitution and the law. 4.1.2. Government

The Government is the carrier of the executive power in the Republic of Serbia and it proposes to the Assembly and enforces laws and other enactments of the National Assembly, issues decrees and other general enactments for enforcement of the laws, directs and supervises the operation of the government administration. 4.1.3. State Audit Institution State Audit Institution is a supreme body for auditing public funds in the Republic of Serbia. The institution is a standalone and independent state authority. For the operations within its scope of competence, the Institution reports to the National Assembly of the Republic of Serbia. The Assembly passed the State Audit Institution Law in November 2005 and founded the Council in September 2007, whereas the furnishing and staffing of the Institution is presently in progress. 4.1.4. Ministry of Finance

The Ministry of Finance carries out, inter alia, operations of government administration relating to the following: republic budget; defining consolidated statement of public revenues and expenditures; system and policies of taxes, revenue stamps and other public revenues; policy of public expenditures; management of available public finance in the Republic of Serbia; public debt and financial assets of the Republic. In order to ensure efficient conduct of activities, the following organisational units have been formed in the Ministry of Finance, with the following responsibilities:

- Budget Inspection Department within the Budget Inspection and Audit Sector The function of budget inspection is to control implementation of laws governing the area of material and financial operations and earmarked and legal use of the resources of the public funds beneficiaries and it is carried out in accordance with the plan approved by the minister. In case of any observed irregularities, the budget inspection decides on the measures for their elimination and undertakes other actions stipulated by the law. If beneficiaries of public funds do not act upon the final decision of the budget inspection, minister may issue an order on suspending transfer of budget funds to such organisations in the current period, except for the funds necessary for salaries, up to the amount of non-ear markedly spent funds that should be reimbursed according to the final decision of the budget inspection. In the mid-term, it will be considered way the budget inspection operations may focus on anti-fraud and anti-corruption only, based on the reports, request and complaints, by amendments to the existing legal framework or by adopting a separate legal framework.

- Internal Audit Department within the Budget Inspection and Audit Sector

The Internal Audit carries out the following functions: checking implementation of the laws and compliance with internal control regulations; evaluation of the internal control systems regarding their adequacy, efficiency and completeness; providing appropriate advice when introducing new systems, procedures or tasks; audit of the operations (performance), i.e. evaluation of business operations and processes, including non-financial operations in order to evaluate economy, efficiency and effectiveness; establishing cooperation with external audit; performing other tasks necessary to ensure safety regarding the functioning of the internal audit system. The Internal Audit Department carries out internal audit activities as a centralised unit at the Government level until decentralised internal audit function has been established. The broad responsibilities and duties of this Department also include activities related to the development of the PFIC in accordance with the international standards. These responsibilities and duties will remain within the competence of the Department by the establishment of the Central Harmonisation Unit. According to the


14

systematization of the Ministry of Finance from February 2009., there is an Internal Audit Unit for the internal auditing of the MoF itself is forseen, placed directly under Minister. This unit is not actually staffed. Personnel fulfillment of this sector will be done mainly through internal redistribution of specified personnel from ministry and other public administration bodies (inspectors, controllers) after which they will undertake additional education.

- Sector for Macroeconomic and Fiscal Analyses and Projections This Sector carries out analytical study operations that include: drawing up and preparation of the Memorandum on budget and economic and fiscal policy for the next three-year period; drawing up and preparation of the economic and fiscal programme, i.e. mid-term pre-accession economic programme; preparation of analyses on macroeconomic and fiscal trends; making mid-term projections of macroeconomic and fiscal aggregates and indicators; preparation of the public finance bulletin in Serbian and English; determination of macroeconomic and fiscal assumptions for budget preparation; making projections of public revenues, public expenditures and deficit/surplus, as well as sources for covering deficit/utilisation of surplus; preparation of consolidated statement of public spending in the Republic of Serbia; analysis of macroeconomic and fiscal effects of the legal and other administrative regulations and measures of economic and fiscal policies.

- Treasury Administration Sector for Budget Preparation of the Treasury Administration carries out the following activities: administrative and analytical study operations for the preparation of laws and other regulations referring to the budget system, system of financing mandatory social security organisations; system of financing local authorities; drafting the Budget Law of the Republic of Serbia and participation in the preparation of the laws and other regulations based on which funds from the Republic budget, budget of the local authorities and mandatory social security organisations are engaged; planning and preparation of extra budget and additional financial plans of mandatory social security organisations and decision on temporary financing; development of instructions, procedures and guidelines for preparation of the budget and financial plans of budget beneficiaries and mandatory social security organisations; proposing appropriation per beneficiaries and types of expenditures of the Republic budget. Sector for Budget Execution of the Treasury Administration carries out the following activities: analysing and monitoring of the Republic revenues; evaluation and planning of financial operations and expenditures; participation in drafting laws and bylaws associated with the Sector’s scope of activities; management of cash and other financial resources and liquidity maintainance within the consolidated account of the Treasury. Budget Accounting and Reporting Sector of the Treasury Administration carries out the following activities: receiving and checking the documentation of budget beneficiaries; processing payments and recording revenues; keeping the general ledger, auxiliary books and records in the Treasury; financial reporting; preparation of the final statement of the Republic budget and consolidated statement of the Republic; development of the regulations for budget accounting, keeping classification system, stipulating internal and external reporting requirements. Control Sector in the Treasury Administration is responsible for receiving and checking correctness of the requests for assumption of liabilities and payments as well as documentation of the budget beneficiaries and other bodies and organisations; cooperation with budget beneficiaries and dealing with current problems in order to adjust the budget execution with the Budget Law and instructions on Treasury operations; entering data into the automatic data processing system for the purpose of the budget realization.

- Tax Administration As a procedure for checking and identifying legality and observance of tax liabilities and liabilities against obligatory social insurance, tax control is carried out through office and field control of regularity, i.e. checking accuracy, completeness and compliance with the law and/or other regulation of the data entered in the tax return and tax statement, as well as accounting statements and other taxpayers’ records by cross-checking with the data from the tax book-keeping and other official records held by or available to the Tax Administration. Tax police is responsible for identifying tax crime and their perpetrators.

- Customs Administration Customs Administration performs the operations of customs supervision and control of customs goods, performs customs procedure, makes calculation, collection and enforced collection of import and other


15

duties, excise and sales taxes and commissions for imported goods and/or exported goods, when stipulated otherwise by separate regulations; carries out preventive and subsequent control; carries out the procedure provided for by the law for detecting customs violation, corporate offences and criminal acts as well as other activities within its scope of responsibilities.

- Foreign Exchange Inspectorate Foreign Exchange Inspectorate carries out the operations of supervision over the implementation of the regulations related to international trade of goods and services and conducting business abroad from the aspect of foreign exchange operations and international credit transactions.

- Administration for Prevention of Money Laundering The Administration collects, analyses and keeps data and information obtained from the obligors, as financial intelligence unit, informs relevant government authorities of any suspicious transactions related to hiding illegal origin of money or property acquired by criminal acts. It contributes to the strengthening of the system for the detection and prevention of money laundering in the Republic of Serbia and maintenance of the integrity of the state financial system. 4.1.5. Ministries and other authorities of the government administration

Ministries and other authorities of the government administration have been pursuing policies and programmes by responsible usage of the public funds and efficient provision of services within their competences. Within certain ministries inspection departments are established to carry out inspection supervision activities in accordance with the laws and bylaws. Implementation of the inspection supervision, in accordance with separate laws, includes direct inspection of general and specific enactments and documents, conditions and manner of operation of the inspected entities in the Republic of Serbia and undertaking measures stipulated by the law and other regulations to adjust the identified condition and operations with relevant regulations. An inspection is carried out by inspectors and other public servants authorised to conduct inspection supervision as specified by a separate law. Such activities represent standard inspection supervision that may be considered a subsequent control, which is not part of the PIFC.

4.1.6. Public Procurement Office

In accordance with the Public Procurement Law, the Office carries out, inter alia, the following operations: participation in drawing up regulations in the area of public procurement; supervision of public procurement procedures; submission of request for protection of public interest; other operations in accordance with the law. Once a year, the Public Procurement Office submits to the Government a report on public procurements in the previous year, together with the proposed measures. 4.1.7. Commission for Protection of Bidders’ Rights

Commission for Protection of Bidders’ Rights is responsible for the protection of the rights of bidders and public interest, in all phases of public procurement procedure. 4.1.8. Property Directorate of the Republic of Serbia The Directorate monitors and analyses the state-owned assets, manner of use of such assets and performs supervision of the implementation of the provisions of the State Assets Law of the Republic of Serbia and other regulations on disposal, use and management of such assets, unless otherwise stipulated by the law. In conducting supervision, the Directorate has the right to inspect the records and documents on acquisition, sale, use and management of the state-owned assets and the obligation to propose measures to be taken for correcting the found irregularities and non-compliance. 4.1.9 Local Self-Government

Control operations at the level of self-government fall within the competence of the budget inspection and internal audit departments, if established locally, as well as the treasury of the local self-government. 4.1.10 Mandatory social security organisations

Mandatory social security organisations in the Republic of Serbia provide services defined by the law in the area of pension and disability insurance, health insurance and temporary unemployment compensation.


16

Some mandatory social security organisations have established, in accordance with separate laws and bylaws, special departments dealing with supervision of the operations of the controlled entities and taking measures stipulated by the law and other bylaws. 4.2. Legal framework

Reform of the public internal financial control in the Republic of Serbia was initiated in 2002 by passing the Budget System Law and a set of relevant bylaws. Ex-ante control has been introduced, which is carried out on public funds beneficiaries and on centralised basis in the Treasury Administration within the Ministry of Finance. In case of beneficiaries of public funds, ex-ante control is carried out within the financial department, whereas legality of the undertaken liabilities (commitments) and payments is verified by dual signature principle. In case of certain direct beneficiaries of budgetary funds, services of internal controllers are organised that carry out, independently from the financial departments, ex-ante control of the legality and regularity of assuming liabilities and payments. Ex-post control is introduced and it is performed by the Budget Inspection of the Ministry of Finance with the responsibility for the overall public sector and services of internal controllers, which are organised in certain organisations-beneficiaries of the budget funds to carry out ex-post control in those direct beneficiaries as well as indirect beneficiaries within their competences. Internal audit has been established on centralised basis in the Ministry of Finance with the responsibility to perform internal audit in the public sector. Amendments to the Budget System Law, adopted in October 2006, lay out the obligation for public funds beneficiaries to establish appropriate internal control systems (set of regulations, procedures and responsibilities of all employees), to set up an organisationally and functionally independent decentralised internal audit unit and ensure harmonisation of the methodology and standards for financial management and control and internal audit in the public sector by founding the Central Harmonisation Unit in the Ministry of Finance. In September 2007, Rule Book on Common Criteria and Standards for Establishing and Functioning of Public Financial Management and Control Systems and Rule Book on Common Criteria for Organising and Standards and Methodological Instructions for Public Sector Internal Audit Operations were adopted. The proposed PIFC provision in the draft Budget System Law, once adopted, will be the basis for further PIFC development in accordance with European Commission concept.Existing rulebooks will ned to be amended upon the Budget System Law adoption. With a view to developing and implementing the PIFC as a comprehensive internal control system, a number of bylaws were adopted, the most important of which are given below:

Rule Book on Common Criteria and Standards for Establishing and Functioning of the Financial Management and Control Systems in the Public Sector (“Official Gazette of the Republic of Serbia”, No. 82/2007);

Handbook of Financial Management and Control; Instruction for Preparation of the Budget to be Adopted Every Year; User Manual on Public Finance Management System (PFMS), January 2008; Rule Book on Common Bases, Criteria and Duties of Financial Departments of Direct Budget

Beneficiaries (“Official Gazette of the Republic of Serbia “, No. 123/2003); Regulation on Budget Accounting (“Official Gazette of the Republic of Serbia “, No. 125/2003,

12/2006); Rule Book on Standard Classification Framework and Chart of Accounts for the Budget System

(“Official Gazette of the Republic of Serbia”, No. 20/2007…3/2009); Rule Book on the Manner of Preparation, Drafting and Submission of Financial Statements of

Beneficiaries of Budget Funds and Mandatory Social Security Organisations’ Funds (“Official Gazette of the Republic of Serbia “, No. 51/07, 14/08);

Rule Book on the Manner of Use of the Funds from the Subaccounts and/or other Accounts of the Consolidated Account of the Republic Treasury and on the Manner of Reporting on Investing Funds of the Beneficiaries of the Budget and Mandatory Social Security Organisations’ Funds (“Official Gazette of the Republic of Serbia “, No. 3/2004, 140/2004, 1/2006);


17

Rule Book on the Conditions and Manner of Opening and Closing Subaccounts of the Treasury’s Consolidated Account with the Treasury Administration (“Official Gazette of the Republic of Serbia “, No. 92/2002, 8/2006).

Rule Book on Common Criteria for Organising and Standards and Methodological Instructions for Internal Audit Operations in the Public Sector (“Official Gazette of the Republic of Serbia”, No.82/2007)

Internal Auditing Handbook, containing, inter alia the following: - Model for Drafting Internal Audit Charter; - Model for Preparation of Code of Ethics of Internal Auditors; - Model for Preparation of Internal Auditor Classification and Job Description; - Model for Preparation of Strategic and Annual Internal Audit Plan of Activities; - Overview of the Standards of the Institute of Internal Auditors; - Instructions for Holding Interviews and Assessment of Internal Control Systems.

Handbook of Financial Management and Control and Internal Auditing Handbook are waiting for official issuance. Based on the laws and bylaws, appropriate organisational structures have been established and job descriptions and criteria for employee performance monitoring and appraisal, as well as manner of delegation of tasks and reporting lines have been defined.

Presented below is an overview of key regulations: Law on Public Administration; Law on Free Access to Information of Public Importance; Law on Prevention of Conflict of Interests in Activities of Public Officials; Law on Salaries in Government Authorities and Public Services; Public Servants Law; Law on Salaries of Public Servants and Employees; Labour Law; Public Procurement Law; Law on Tax Procedure and Tax Administration: Customs Law; Laws Governing the Area of Obligatory Social Insurance; Regulation on the Principles for Internal Organisation and Job Systematisation in the Ministries,

Special Organisations and Services of the Government; Regulation on Job Classification and Criteria for Job Description of Public Servants; Regulation on Merit Appraisal of Public Servants.

5. EVALUATION OF CURRENT SITUATION AND ACTIVITIES NECESSARY FOR ESTABLISHMENT AND IMPROVEMENT OF FINANCIAL MANAGEMENT AND CONTROL SYSTEM

5.1. Evaluation of current situation of FMC system

In accordance with the provisions of the Budget System Law, a senior official of the direct and/or indirect budget beneficiaries is responsible for assuming liabilities, their verification, issuance of orders for payments to be made out of the funds of the entity under his/her management and issuance of orders for payment of funds pertaining to the budget. Senior official of the direct and/or indirect budget beneficiaries is responsible for legal, earmarked, economic and efficient use of the budget appropriations. Head of organisation or an officer authorised by him/her is responsible for establishing safe and efficient internal controls related to all decisions in the area of financial management and control. Senior official of the direct and/or indirect budget beneficiaries may delegate certain authorities to other persons in direct and/or indirect budget beneficiaries. The Budget System Law regulates that a direct budget beneficiary is responsible for accounting of its own transactions and, according to its powers, for the accounting of the transactions of the indirect budget beneficiaries under its competence (hereinafter: Budget Accounting). Programme portion of the budget was introduced by amendments to the Budget System Law of 2006. It is part of the budget that covers tasks and activities of budget beneficiaries, which are carried out with a view


18

to ensuring efficient fund management according to the proposed programmes and which contribute to fulfilment of strategic goals in line with the national economic policy. Programme portion of the budget includes activities referring to capital projects, subsidies and other actual state aid expenditures, cofinancing of expenditures for implementation of development aid programmes of the European Union as well as other activities of the beneficiaries in accordance with programme goals. Introducing of the programme portion of the budget has enhanced transparency and accountability in using public funds.

Consultants of the Project “Internal Financial Control and Internal Audit – Phase 2’’ prepare Handbook of Financial Management and Control but remain to be seen wether it is used in practice through annual FMC reports.

5.1.1. Regulation on Budget Accounting In accordance with the Budget System Law, the Government adopted the Regulation on Budget Accounting that closely regulates budget accounting (balance and changes in assets, receivables, liabilities, finance sources, expenditures, costs, revenues and income) and the general ledger system of the treasury. The Regulation provides for that the accounting document must be signed by the officer who has prepared the document, the officer who controlled it and the officer responsible for the business transaction and other event and submitted for posting on the following day, but not later than two days after respective transaction and other event. By signing the documents, persons responsible for preparation and control of the accounting documents guarantee that they are true and correctly disclose the subject transaction. Budget beneficiaries are obliged to define by internal general enactment the following: accounting system organisation; internal accounting control procedures; officers responsible for legality, correctness and preparation of documents on business transaction and other event; flow of accounting documents as well as delivery deadlines. 5.1.2. Rule Book on Common Bases, Criteria and Duties of Financial Departments of Direct Budget Beneficiaries

In compliance with the Budget System Law, Minister of Finance adopted the Rule Book on Common Bases, Criteria and Duties of Financial Departments of Direct Budget Beneficiaries. According to the Rule Book, the direct beneficiary is obliged, depending on the type and volume of material and financial operations involved, which are subject to the scope and volume of its competence, to define job description and number of employees in the financial department by its general enactment that should be approved by the minister of finance. Financial department of the direct beneficiary is, according to the Law and Rule Book, responsible for the following activities: drawing up and preparation of financial plan proposals, allocation of funds to indirect budget beneficiaries within approved appropriations, preparation and completion of documentation for realization of the financial plan, execution of tasks related to the management of the assets under the responsibility of the direct beneficiary, business book-keeping and reconciliation with the treasury general ledger and preparation of consolidated interim and annual statements, as well as other material and financial operations. 5.1.3. Organisational structure of financial departments Organisational structure of financial departments may vary depending on the needs and capacities of the respective public funds beneficiary. Certain financial departments have three different organisational units:

Budget planning and preparation unit; Budget execution unit; Accounting unit.

Some public funds beneficiaries organise a financial department as one organisational unit performing all above mentioned functions. Public funds beneficiaries with the financial department organised in three different organisational units appoint heads for each organisational unit. These unit heads report to the finance manager of the organisation. Public funds beneficiaries having a financial department as a part of an organisational sector of that organisation shall have only one finance manager, who reports to the head of that organisational sector. Public funds beneficiaries may be classified into three different groups:

Without indirect budget beneficiaries. They perform activities within their competences with small number of employees and they may encounter duty segregation problem.


19

With indirect budget beneficiaries transferring major portion of the budget to indirect beneficiaries. Their financial departments have more employees and less frequently face problems of segregation of duties.

Public funds beneficiaries, such as mandatory social security organisations (MSSO) whose main activity is to implement mandatory social security in the territory of the Republic of Serbia. Organisational structure of the financial departments of MSSO is more complex than the structure in the ministries. This is due to the fact that the organisational structure of mandatory social security organisations includes head office, branches and departments throughout the country. Heads of financial departments of MSSO are located in Belgrade and for their work and correct financial operations of the branches and departments report to the director of MSSO.

All financial departments perform five basic financial functions, as follows:

Preparation of budget/financial plans; Definition of financial control framework; Management of budget execution and assets within the responsibility of the beneficiary; Business book-keeping; Financial reporting.

5.1.4. Rule Book on Common Criteria and Standards for Establishing and Functioning of the Financial Management and Control Systems in the Public Sector

Rule Book on Common Criteria and Standards for Establishing and Functioning of the Financial Management and Control Systems in the Public Sector defines the key elements of the system, manner of establishment and functioning, as well as coordination and harmonisation of FMC. 5.1.5 User Manual on Public Finance Management System User Manual on Public Finance Management System (hereinafter: PFMS), issued in January 2008, defines the procedures for appropriations, for budget execution and quota plan and procedures for assumption of liabilities, as well as procedures for payments and transfer of funds. After the payment needs of public funds beneficiaries have been identified, forms for execution of budget/financial plan are prepared, verified and approved and then sent to the Treasury Administration. Request for creation of assumed liability is delivered to the Treasury Administration, together with the form and related documentation. Request for funds transfer is delivered together with a document, signed by the authorised officer, and specifying the manner of use of such funds. In case of transfers, as of 1 January 2008, direct budget beneficiaries transfer funds directly to their indirect beneficiaries, Request for liability assumption is not controlled by the Treasury Administration, but directly entered and verified in PFMS by direct budget beneficiary. Budget funds from the consolidated treasury account may be withdrawn by the following procedure:

- Finance officer of direct public funds beneficiary – responsible for specific area, identifies payment liability. Account, subaccount or some other document must serve as the ground for payment liability.

- Finance officer of direct public funds beneficiary – checks whether the accompanying documents are appropriate and correct. If the ground for payment request is a pro-forma invoice or some other document, then he/she checks whether the figures have been accurately calculated and whether the documents are appropriate and/or legally grounded. Accompanying documents are forwarded to the officer responsible for preparation.

- Officer for ‘’preparation’’ of direct public funds beneficiary – based on the available (own) documents, he/she prepares the Request for creation of assumed liability , both in electronic and paper (printed) form, attaches photocopies of documents evidencing legal soundness of such funds withdrawal, type of expenditure, expected payment date, amount of payment liability, source of financing, function and economic classification code, then signs the form Request for creation of assumed liability (both in electronic and printed form) in the column “prepared by” and sends it, together with accompanying documentation, to the certifying officer, responsible for “certification” in the direct beneficiary.


20

- Certifying officer responsible for ‘’certification’’ of the direct public funds beneficiary – checks the Request for creation of assumed liability and accompanying documentation to verify whether the form has been correctly filled in, whether procurement has been carried out in accordance with the purpose approved in the budget, whether estimated payment dates and amounts have appropriate grounds, i.e. whether they correspond to the approved appropriations and quotas; this officer certifies the Request in printed form in the column “certified by”.

- Authorising officer responsible for ‘’authorisation’’ of the direct public funds beneficiary – Senior officer managing the direct public funds beneficiary or other person authorised by him/her checks the Request for creation of assumed liability and accompanying documentation, then signs the form in the printed format in the column “authorised by” and forwards it to the financial department;

- Financial department of the direct public funds beneficiary – sends the Request for creation of assumed liability (original form), decision on funds allocation (original) and copies of the accompanying documentation to the Treasury Administration.

- Ministry of Finance, Treasury Administration carries out the following:

1. checks the Request for creation of assumed liability and signatures thereon; controls the

Request for creation of assumed liability and whether the sign “final document” has been entered; whether economic classification code is adequate; whether the amounts specified in the Request correspond to those in the final document (within the accompanying documentation); checks the expected payment date and controls the accompanying documentation.

2. Before authorization by the Treasury Administration, the Request for creation of assumed liability is only registered in PMFS and may be modified or deleted.

3. After the Request for creation of assumed liability has been authorised in PMFS, and/or after it is given the status “valid for payment”, it cannot be any longer modified and deleted. If the direct beneficiary changes the status of the assumed liability, it must create the Request for change of the assumed liability and such change shall be valid after the authorizing officer in the Treasury Administration has authorised it, in accordance with the described procedure.

When the direct public funds beneficiary receives the report “assumed liability” in electronic form, an officer responsible for preparation makes reference, i.e. ‘’adds payment’’ and creates Request for payment in electronic form. Direct public funds beneficiary, “certifying” officer certifies the electronic Request for payment and in that status the Request for payment is waiting for withdrawal of funds, made by the Treasury Administration. After that, financial department of the direct public funds beneficiary archives original copies of the Request for creation of the assumed liability and accompanying documentation. (Request for creation of the assumed liability is in paper and electronic form). Based on such certified Request for payment, the Treasury Administration generates a payment order that will wait for execution by the expected payment date. The Ministry of Finance, Treasury Administration separately files Requests for creation of the assumed liability with accompanying documents that are after authorization archived. After executed payment, in PMFS data is generated and kept for the General Ledger of the Treasury. Financial department of the direct public funds beneficiary reconciles transactions from the reports with the submitted Requests for payment and enters changes in its auxiliary books and records. 5.1.6. Training in the area of FMC

In 2007 FMC training was carried out in seven cycles and included 141 attendees from 60 public sector organisations, of which number 100 participants attended course for acquiring theoretical skills for performing internal audit. For the training, conducted by consultants of the Project “Internal Financial Control and Internal Audit – Phase 2’’ and local skilled instructors from Internal Audit Department of the Ministry of Finance, an appropriate literature was provided. The training included the following four modules: Module 1 – Introduction to internal audit; Module 2 – Risk management;


21

Module 3 – Managerial control system; Module 4 – Implementation of financial management and control. 5.1.7. Level of establishment of FMC in public funds beneficiaries

Some public funds beneficiaries have adopted internal acts that regulate certain business processes or special activities. Most of business processes do not have operating procedures, which should be prepared in order to ensure their implementation in accordance with the principles of legality, economy, effectiveness and efficiency. Furthermore, no audit trails have been prepared (description of business process and/or procedure, description of activities, person responsible for implementation of specific activity in the business process, as well as deadline for activity implementation). All instructions should be prepared in written and official form, not verbal and informal. Beneficiaries of the public funds have only started to adopt the methodology of risk management, but have not yet established written risk management system, which includes identification, assessment and control of potential events and circumstances that may have adverse effects on achieving goals and targets and/or have not established strategy of risk management or created a risk register. The existing system of controls has not been established in relation to the goals public funds beneficiaries plan to achieve and risks affecting fulfilment of such goals. The existing controls focus on legality and correctness, but not economy, efficiency and effectiveness. Major common problem with all financial departments is lack of staff so that the principle of duty segregation is not adequately ensured. So far training in the area of financial management and control covered a narrow circle of public servants. The training did not involve senior managers and it included only a small number of middle managers and other public servants. In the future period it is necessary to pay more attention to the assessment of training needs in this area among public funds beneficiaries from the republic level. Appropriate levels of training courses for managers, public servants and internal auditors should be organised. 5.2. Required activities towards establishment and improvement of FMC

For the Republic of Serbia, it is the priority to develop a strong and comprehensive internal financial control system for the entire public sector that will ensure sound financial management of all public funds (including EU funds). 5.2.1. Improvement of the legal framework on Public Internal Financial Controls

To achieve this objective, it is necessary to improve the legal framework on public internal financial controls by amanding implementating rule as to complement the provisions of the draft Budget System Law and Rule Book on Common Criteria and Standards for Establishing and Functioning of the Financial Management and Control Systems in the Public Sector that would clarify definitions, mutual relations and clearly distinguish key elements of PIFC in order to raise awareness of managers on their role and managerial accountability in the new system of decentralisation. 5.2.2. Establishment of FMC

For establishing FMC, manager of public funds beneficiary appoints a manager responsible for financial management and control (one of senior managers in the organisation-public funds beneficiary), who will coordinate activities related to introduction and development of the system. Depending on the needs, an organisation may form a working group or an internal organisational unit for FMC responsible for implementation of certain tasks to ensure the establishment of this system. Manager responsible for FMC, if appointed, and/or manager of the public funds beneficiary shall adopt the plan of FMC establishment, development and activities. Public funds beneficiaries will pass internal enactments to define certain business processes or special activities. For business processes it is necessary to proscribe the manner of their operation in order to ensure their implementation in accordance with principles of legality, economy, effectiveness and efficiency, as well as to prepare audit trails (description of business process and/or procedure, description of activities, person responsible for implementation of specific activity in the business process, as well as deadline for activity implementation). All instructions should be prepared in written and official form, not verbal and informal.


22

Public funds users will adopt an internal act to proscribe the establishment of the risk management system that includes identification, assessment and control over potential events and circumstances that may have an adverse effect on achieving goals. Public funds beneficiaries will carry out assessment of the current system of controls and their implementation in relation to the goals planned to be achieved and risks affecting achievement of those goals. Financial departments should be strengthened to ensure implementation of the principle of segregation of duties. 5.2.3. Evaluation of training needs in the area of FMC

For successful implementation of PIFC system, it is necessary to provide appropriate training of employees in public funds beneficiaries, who will be in charge of establishment and development of this system. In the first phase managers of public funds beneficiaries will get acquainted with PIFC system, with structure and importance of FMC as well as with importance of internal audit helps an organisation to accomplish its objectives by bringing a systematic and disciplined approach to evaluate risk management, control and governance processes. . In the second phase, it is planned to organise training for managers responsible for financial management and control, middle managers, employees in financial and accounting departments and other employees. Plan and schedule of training of employees for all levels of public funds beneficiaries shall be made by the Central Harmonisation Unit.


23

6. EVALUATION OF CURRENT SITUATION AND REQUIRED ACTIVITIES TOWARDS ESTABLISMENT AND IMPROVEMENT OF INTERNAL AUDIT

6.1. Evaluation of current IA

By amendments of the Budget System Law of 2006, the obligation of establishment of decentralised internal audit function in the public sector was introduced. At the beginning of 2007, in the Serbian public sector, at the central level, there were 101 internal controllers in 24 public funds beneficiaries and 11 internal auditors in the Ministry of Finance. Reorganisation of the centralised internal audit function, carried out by eight internal auditors of the Internal Audit Department of the Budget Inspection and Audit Sector of the Ministry of Finance is presently in progress. The evaluation of the internal audit function in the public sector at the level of the Republic, which covered 23 public funds beneficiaries, as at 1 April 2008 found that six beneficiaries established internal audit function with 43 internal auditors in total whereas in 17 beneficiaries the process of internal audit establishment was under way. 6.1.1 Rule Book on Common Criteria for Organising and Standards and Methodological Instructions for Internal Audit Operations in the Public Sector The Rule Book on Common Criteria for Organising and Standards and Methodological Instructions for Internal Audit Operations in the Public Sector was adopted by the Minister in September 2007, by which the criteria for the establishment and organisation were closely defined; operations, standards and methodology; rights and responsibilities for performing activities of internal audit head and internal auditors; internal audit planning, implementation and reporting. In their work, internal auditors apply the method of system auditing. Based on the risk assessment, strategic and annual operating plans shall be drawn up and approved by managers of public funds beneficiaries. According to the annual operating plans, objectives and scope of activities for each individual audit are determined. Internal auditors perform assessment of adequacy and control system success that help an organisation to meet its general objectives: economic and efficient use of the assets; compliance with the established policies, procedures, laws and regulations; protection of the assets and interests of an organisation against any kind of losses, including fraud, irregularities or corruption; integrity and reliability of information, accounts and data. Functional independence is established by independent planning, implementation and reporting on the performed internal audits, whereas organisational independence is established in relation to the audited entities. Internal auditors are directly responsible to the managers of the direct budget beneficiaries, managers of mandatory social security organisations and/or manages of public enterprises and legal entities, 6.1.2. Internal Auditing Handbook The Internal Auditing Handbook is harmonised with consultants of the Project “Internal Financial Control and Internal Audit – Phase 2” and used in the training organised for internal auditors. The Handbook has four parts:

Part One: Internal Auditing Principles, Standards and Policies – This part represents an instruction on the key issues of the policy in the area of internal audit management and work on internal audits;

Part Two: System Auditing – This part describes the steps to be followed in the system auditing; Part Three: Internal Audit Skills – This part represents guidelines for a series of interpersonal skills

and techniques required for internal auditors; and Part Four – Internal Audit Tools (Instruments) – This part contains basic audit tools and other

instructions designed to facilitate some most typical audits.

6.1.3. Training of internal auditors

With a view to establishing a new profession of internal auditing, consultants of the Project “Internal Financial Control and Internal Audit – Phase 2” delivered the training for trainers/instructors, which was attended by the employees of the Internal Audit Department of the Ministry of Finance. In 2007, local trained instructors for the Internal Audit Department, together with the consultants, held seven cycles of training courses, covering 155 attendees from 48 public sector organisations. The training is divided into four modules, as follows:


24

1. Introduction to internal auditing; 2. Audit skills; 3. Interview and reporting skills of internal auditors; 4. Information system audit and fraud concepts. Consultants held a three-day informative seminar on internal audit of the EU pre-accession and post-accession funds for 30 representatives of the public sector. In 2008 trainers/instructors from the Internal Audit Department of the Ministry of Finance held four cycles of training courses on internal audit in the public sector “Practical Implementation of Internal Audit Tools”. The training was attended by 94 participants from 24 organisations and covered the following areas: budget planning and preparation; reporting and accounting; public procurement; salaries; revenues; information systems; preparation of strategic and annual audit plan. On-the-job training for 12 public funds beneficiaries with 68 trainees is presently in progress as well as preparation of the certification scheme for internal auditors. 6.1.4. Level of internal audit establishment in public funds beneficiaries In public funds beneficiaries in the Republic, the level of internal audit establishment is in an early phase. Of The most frequent weaknesses include the following: heads of internal audit departments have not been appointed; internal audit charters and operating rule books have not been adopted; size and structure of internal audit departments in the starting phase have not been determined and agreed on with managers of public funds beneficiaries; mid-term and annual internal audit plans have not been prepared and approved; standards, code of ethics and auditing methodology are not adequately understood, they are gradually adopted and implemented partially. A new profession, internal auditor in the public sector is not sufficiently attractive because of low salaries and inadequate remuneration system, which results in the staff moving into the private sector. This causes the problem of recruitment, employment and retention of appropriate staff. 6.2. Necessary activities for IA establishment and improvement

The priority of the Republic of Serbia is to develop and establish a decentralised internal audit function for the entire public sector, including the EU funds. 6.2.1. Improvement of legal framework of Public Internal Financial Control

For achieving this goal, it is necessary to amend the legal framework in the area regulating PIFC by amanding implementating rule as to complement the provisions of the draft Budget System Law and Rule Book on Common Criteria for Organising and Standards and Methodological Instructions for Internal Audit Operations in the Public Sector in order to clarify definitions, mutual relations and make a clear distinction between the key components, as well as to raise awareness of managers of their role and managerial accountability in the new decentralisation system. 6.2.2. Establishment of IA The establishment of the decentralised internal audit function started with the training of internal controllers of direct beneficiaries of the Republic budget funds and MSSO and by assigning them to internal audit jobs (internal auditors). For further reform implementation it is necessary to appoint heads of internal audit departments where it has not been already done. Heads of internal audit units should agree with managers of public funds beneficiaries on defining the charter, operating rules, starting size and structure of internal audit units and based on the risk assessment heads of internal audit units shall prepare mid-term and annual internal audit plan and submit it to the managers of public funds beneficiaries for approval as it presented at the IA Manual. 6.2.3. Assessment of IA training needs

Plan and schedule of training of candidates for acquiring the title ‘’Certified Public Sector Internal Auditor’’ for all levels of public funds beneficiaries shall be made by the Central Harmonisation Unit. The precise number of internal auditors, required for internal audit function in 62 beneficiaries of the public funds at the Republic level can be determined after risk-based assessment of needs, which is a complex process and therefore requires a detailed assessment of goals, risks and systems within each organisation. Within the Project ‘’Internal Financial Control and Internal Audit – Phase 2”, consultants proposed establishing of the internal audit function with about 200 internal auditors in 62 beneficiaries of the Republic public funds. As the training


25

is presently organised for the first 100 trainees, next group of another 100 participants will have completed the training by the end of 2010. To ensure an appropriate quality of work of internal auditors, the certification scheme for acquiring the title “Certified Public Sector Internal Auditor” will be defined. For the purpose of implementing the audit standards, code of ethics principles and methodology, assessment of training needs will be regularly made and the training will be continually provided in accordance with the guidelines of the Central Harmonisation Unit. 6.2.4. IA staff The new profession, public sector internal auditor, should be made sufficiently attractive by offering appropriate salaries and remuneration system, as well as training and other resources necessary for work and professional development.


26

7. CENTRAL HARMONISATION AND REQUIRED ACTIVITIES FOR ESTABLISHMENT OF CENTRAL HARMONISTION UNIT

7.1. Central harmonisation

Harmonisation and coordination of financial management and control and internal audit in the public sector is at starting stage of the development. The mentioned functions are performed by the Central Harmonisation Unit by providing unified access to the financial management and control and internal audit in the overall public sector. 7.1.1. Activities of Central Harmonisation Unit Internal Audit Department of the Budget Inspection and Audit Sector in the Ministry of Finance shall carry out activities of the Central Harmonisation Unit for the area of FMC and IA until its reorganisation into the Central Harmonisation Unit. CHU will be established with two departments. Responsibilities of IA department include preparation and updating of the methodology and standards, conducting training, certification and supervision over the establishment and development of internal audit in the public sector, as well as preparation of consolidated report on FMC. The present legal solution that the Central Harmonisation Unit performs audit activities is given only as temporary until decentralised functionally independent internal audit departments have been established. It should be noted that CHU is not supposed to perform internal audit. Its role in the area of internal audit, at a later stage, will involve quality control and monitoring implementation of the recommendations given to the internal auditors to ensure unified procedures and improvement of their work. 7.1.2. Preparation of regulations in the area of PIFC

Internal Audit Department of the Budget Inspection and Audit Sector in the Ministry of Finance was involved in the preparation of the Draft Law Amending the Budget System Law, adopted in October 2006. The major novelty proscribed by these amendments is definition of terms, segregation of duties and precise specification of functions of internal control, internal audit and budget inspection as well as proscribing the obligation of the establishment of the Central Harmonisation Unit. The Department submitted the proposal of new Draft of the Budget System Law referring to PIFC area. The Department prepared the proposal of Regulation Amending Regulation on Activities and Authorities of Budget Inspection and Audit and Features of Budget Inspection, adopted by the Government, Draft Rule Book on Common Criteria and Standards for Establishing and Functioning of Public Financial Management and Control Systems and Draft Rule Book on Common Criteria for Organising and Standards and Methodological Instructions for Public Sector Internal Audit Operations, adopted by the Minister in September 2007. Internal Auditing Handbook was harmonised with consultants of the Project “Internal Financial Control and Internal Audit – Phase 2”. The proposed handbook was tested in the practice of the Internal Audit Department of the Ministry of Finance and handed out to the training participants. The proposed handbook for financial management and control, based on INTOSAI standards for internal control and prepared by the consultants, was handed out to the training attendees. 7.1.3. Staff problems

Internal Audit Department of the Ministry of Finance, presently in the process of reorganisation into the Central Harmonisation Unit, lacks professionals with appropriate experience and skills to be able to meet the scope and complexity of the activities related to PIFC reform to a full extent. To attract appropriate professionals and retain the existing staff (45% employees have left the department), it is necessary to introduce an appropriate remuneration system, organise training and ensure necessary powers, financial and other resources.


27

7.2. Activities for the establishment of CHU

The priority of the Republic of Serbia is the establishment of CHU to ensure unified approach to financial management and control and internal audit in the overall public sector. 7.2.1. Establishment of CHU

The Ministry of Finance will establish the Central Harmonisation Unit for financial management and control and internal audit by the reorganisation of the Internal Audit Department of the Budget Inspection and Internal Audit. The Central Harmonisation Unit is planned to include:

а) Internal Audit Department – responsible for preparation and updating of the methodologies and standards, organisation of training, certification and supervision of the establishment and development of public sector internal audit, consolidation of the annual internal audit statements and preparation of the consolidated annual report on PIFC with proposals on necessary improvements for increasing efficiency of the public sector internal financial control.

б) Department for Financial Management and Control – responsible for preparation of methodologies and standards, organisation of training of managers and employees engaged in financial management and control operations, supervision of the establishment and development of internal financial control system in the public sector, monitoring of the evaluation of the current situation, consolidation of the annual reports on the internal control system of the public funds beneficiaries.

7.2.2. Appointment of head of CHU Head of the Central Harmonisation Unit will be appointed with the required experience and qualifications, as well as dedication and understanding of the requirements of internal financial control and internal audit in the public sector with the aim to initiate and implement changes related to the improvement of the financial management and control and internal audit in Serbia. To stress the significance the Government attaches to this position, head of the Central Harmonisation Unit will have a direct communication with the Minister of Finance. 7.2.3. Required resources

The Central Harmonisation Unit will be staffed with employees with appropriate expertise and skills in order to be able to meet the scope and complexity of the activities within the implementation of PIFC reform to a full extent. To attract eligible professionals and retain the existing staff, an appropriate remuneration system, training, powers as well as required financial and other resources will be provided.


28

8. COOPERATION WITH THE SUPREME AUDIT INSTITUTION

Cooperation between the Supreme Audit Institution and PIFC system will be maintained by the Ministry of Finance via CHU. Close cooperation and constructive dialogue between the Supreme Audit Institution and Ministry of Finance is of utmost importance for building a comprehensive and effective system of management of public funds. 9. MEASURES AGAINST MAJOR IRREGULARITIES AND FRAUDS

This area is not fully included in PIFC. One of the projects soon to be implemented will focus on discussing this area more closely. Internal auditors and key players involved in PIFC need to get acquainted with the type of actions in case of identifying major irregularities or frauds. 10. CONCLUSION

In order to ensure the establishment and strengthening of PIFC system in compliance with the generally accepted standards, it is necessary to:

- Establish the Central Harmonisation Unit in the Ministry of Finance; - Prepare, harmonise and adopt regulations and procedures related to financial management and

controls in the ministries and public sector organisations; - Develop strategy for training of persons involved in financial management and control in public

sector organisations; - Prepare guidelines for the establishment of the internal audit in public sector organisations; - Define timeline for the establishment of the internal audit, update secondary and tertiary regulations

such as rule books, manuals, internal audit standards, code of ethics, samples of standard job descriptions and other necessary instructions;

- Develop strategy for training and certification of public sector internal auditors; - Establish internal audit units; - Introduce mechanisms of cooperation and monitoring the development of PIFC.

11. ACTION PLAN The Action Plan is attached to this strategy as an integral part. 12. FINAL PROVISION This strategy is published in the ,,Official Gazette of the Republic of Serbia". 05 No. 47-4655/2009-1 In Belgrade, 23 July 2009. The

GOVERNMENT

First Deputy Prime Minister - DEPUTY PRIME MINISTER

Ivica Dacic


29

11. ACTION PLAN FOR DEVELOPMENT OF PUBLIC INTERNAL FINANCIAL CONTROL

No. Measure / Activity Competence Deadline

А) COMMON ACTIVITIES

1 Discussion and harmonisation of Draft Strategy with key local and international players

Ministry of Finance, Public Sector, DG Budget

Oktober 2009

2 Establishment of the Central Harmonisation Unit in the Ministry of Finance

Ministry of Finance December 2009

3.

Improvement of the legal framework on Public Internal Financial Control by amanding implementating rule as to complement the provisions of the draft Budget System Law

Ministry of Finance, Government

December 2009-December2010

B) ACTIVITIES IN THE AREA OF INTERNAL AUDIT

4. Establishment of the decentralised internal audit function in direct beneficiaries of the Republic budget funds and MSSO

Managers of direct budget beneficiaries and MSSO Jun 2010

5. Establishment of the certification scheme for acquiring the title ‘’Certified public sector internal auditor’’ CHU December 2009

6. Plan and schedule of training of candidates for acquiring the title ‘’Certified public sector internal auditor’’ for all levels of public funds beneficiaries

CHU Oktober 2009

7. Training of candidates for acquiring the title ‘’Certified public sector internal auditor’’ referred by direct beneficiaries of the Republic budget and MSSO

CHU Oktober 2009 – December 2012

8. Assessment of ongoing IA training needs CHU Ongoing

9. Providing salaries and other resources required for the work and professional development in the area of IA Government December 2009

10. Publishing of The Internal Auditing Handbook CHU Oktober 2009

11. Training of candidates for acquiring the title “Certified public sector internal auditor ‘’ referred by beneficiaries of the local self-government public funds

CHU January 2012 – December 2014

12. Training of candidates for acquiring the title ‘’Certified public sector internal auditor’’ referred by other public sector organisations


C) ACTIVITIES RELATED TO IMPLEMENTATION OF PUBLIC FINANCIAL MANAGEMENT AND CONTROL

13. Familiarisation of managers of direct beneficiaries of the Republic budget funds and MSSO with PIFC system CHU Oktober-

December 2009

14. Appointment of managers responsible for coordination of the establishment of FMC

Managers of public funds beneficiaries December 2009

15. Publishing of FMC Handbook CHU Oktober 2009

16.

Training of managers responsible for FMC, middle managers, employees working in financial and accounting departments and other employees of the direct beneficiaries of the Republic budget funds and MSSO

CHU Oktober 2009 to December 2012

17. Adoption of the Plan of the establishment, development and FMC activities in the organisations and annual report about PIFC

Managers of public funds beneficiaries, CHU December 2009

18. Adoption of internal acts regulating specific business processes and operating procedures

Managers of public funds beneficiaries, CHU,

As of December 2009 ongoing


30

Expert assistance

19. Plan and schedule of training for other levels of public funds beneficiaries CHU December 2011

20. Familiarisation of managers of beneficiaries of the local self-government budget funds with PIFC system CHU January 2012 –

December 2012

21. Familirisation of managers of other public sector organisations with PIFC system CHU January 2012 –

December 2012

22.

Training of managers responsible for financial management and control, middle managers, employees working in financial and accounting departments and other employees of the beneficiaries of the local self-government budget funds of other public sector organisations


23. Amendments to the existing legal framework or adopting a separate Inspection law MoF December 2014

strategy for development of public internal financial ... akti/2011/strategy pifc.pdf · for...

Documents