Reactive and Rapid Auditing - New Forms of SAIs Work

DOI: 10.53122/ISSN.0452-5027/2021.1.11

„Kontrola Państwowa” 2/2021

PDF version

Jacek Mazur

The international guidance on public audit (ISSAIs)^[1] shows that, when selecting audit topics, Supreme Audit Institutions should be aware of emerging risks, threats and changing environments, and react to them in a timely way; they should react to citizens’ and other stakeholders’ expectations, which are widely discussed and attract interest^[2].

As a result, some SAIs introduce new solutions and new methods of work. In my previous article^[3], I discussed the investigations conducted since 2013 by the National Audit Office of the United Kingdom, intended to touch upon topical issues, usually narrow in scope, with a short auditing horizon, with easily accessible facts-only reports - with no evaluations or recommendations. In this article, I present the experience of the SAIs of Denmark, Latvia, the Netherlands, Slovakia and Poland. On the basis of their experience, I consider the conditions for such audits, which I call “reactive and rapid audits”^[4].

Various Practices

Denmark: Facts-Only Reports

The National Audit Office of Denmark conducts financial, compliance and performance audits, on the basis of which it presents the Public Accounts Committee with two types of document: reports (beretning) (about 25 annually) and memoranda (notat) (40-50 annually). “Reports” are comprehensive materials on important issues arising from audit results; while “Memoranda” contain results of audits of minor importance; they can also be the continuation of previous audits, or a preliminary study to precede a planned larger audit^[5].

Some Memoranda (usually from five to six a year) provide information on facts (factual memoranda - faktuelt notat)^[6]. They are elaborated within a two, three month period, much shorter than in the case of audits concluded with Reports, and are then submitted to the Public Accounts Committee. The Act does not directly regulate the issue of factual Memoranda; however, the practice generally follows the regulations on post-audit documents^[7].

Latvia: Reports During Audits

The State Audit Office of Latvia (the Office) conducts financial, compliance and performance audits, as well as combined audits that cover financial and/or compliance and/or economy, efficiency and effectiveness. The Office works in full compliance with international guidance on public audit for years, and complies with it when deciding on its audit methodology and approach^[8]. It itself decides on the standards to be applied: on the basis of the Act of 29 May 2002 on the State Audit Office of Latvia and the Act of 22 May 2001 on audit services - the Auditor General of Latvia has the right to define auditing standards to be applied by the Office. The decree of 5 July 2018 confirmed the long practice that “the international standards on public sector auditing recognised in Latvia are the International Standards of Supreme Audit Institutions (ISSAIs) of the International Organisation of Supreme Audit Institutions (INTOSAI)”^[9]. The Office has a special unit (audit sector) responsible for rapid/narrow/focused audits - audits for rapid response to current events in the country.

All rapid audits follow the “regular” audit process, and their results are published as audit reports, or as “interim reports” in compliance with the requirements of ISSAIs, thus continuously safeguarding the quality and contents of audit reports. Below, I give examples that illustrate the variety of recent audits of this type:

• enforcing patients’ right to compensation in case of damage to health during medical treatment^[10],
• proper regulation of the remuneration of board members of state companies^[11];
• taxi transportation at the international airport in Riga: the risk of unfair prices for services ^[12].

In 2020, within an examination of the state’s operations during COVID-19, the Office has developed an extensive interim reporting practice that allow to react quickly on emerging issues and make recommendations during the audit. A new type of audit products was introduced - “analyses of the situation”, as well as “interim reports”, aimed at communicating on audits in progress, were much more widely used than before.

An “interim report” (starpzinojums) is a document that can be presented at each stage of the audit process - if significant and topical information appears that can be useful for decision-makers and public opinion, allowing them to understand some specific issues related to the audit. It is not a new type of audit, but a preliminary presentation of findings of an “ordinary” audit, conducted in accordance with the relevant procedure and methodology. “Interim reports” can be issued for all types of audits with the aim to promptly inform decision-makers and the public, give recommendations and prevent irregularities. In COVID-19 context, the Office widely used the “interim reports” as a preliminary presentation of findings of financial audits on the accuracy of the drafting of the annual statements for the ministries and central governmental agencies. For each COVID-19 priority measure examined, a separate compliance opinion was also provided.

From July 2020 to February 2021, the Office published about twenty reports of the kind and COVID-19 related “interim reports” are continuously being published, e.g.:

• delivery process of personal protective equipment (face masks and respirators) in the healthcare sector^[13];
• procurement system of the Ministry of Defence and procurement during the emergency to limit the spread of COVID-19^[14];
• use of additional funding allocated to the Ministry of the Interior for the purchase of personal protective equipment and disinfectants^[15];
• providing distance learning during an emergency^[16];
• use of additional funding for bonuses for officials of the Ministry of Home Affairs directly involved in curbing the spread of COVID-19^[17];
• use of funding allocated to the Ministry of Social Welfare for payment of extraordinary benefits^[18];
• use of funding allocated to bonuses for the staff of the Prison Administration directly involved in curbing the spread of COVID-19^[19];
• financing unforeseen hospital repairs from the state budget^[20].

The above engagements were financial audits. The audit reports were based on the International Standard on Auditing 701 (ISA 701) “Communicating Key Audit Matters in the Independent Auditor’s Report”^[21]. In accordance with the standard, an auditor is obliged to evaluate the need to include ‘key matters’ in the financial audit opinion. Key matters are matters that, in the auditor’s professional judgement, are significant for the evaluation of a financial statement for a given reporting period, and which need to be communicated to the management of the audited entity; they can be informative for other potential users of the financial statement as well. The above “interim reports” comprise conclusions and recommendations, and they indicate why the matters they present have been considered as key for the audited issue.

For most COVID-19 response measure examinations the Office prepares a separate “interim report”. However, circa 20% of all COVID-19 spending will be examined and the results will be published upon completion of the financial audits for 2020, with no separate “interim reports”.

In addition, a “situation analyses” (situacijas izpetes zinojums) is an innovative tool: a document comprising information that does not require evaluation of the audited activity, or audit recommendations. It aims to present and summarise the facts, in order to allow readers to get acquainted with the status quo, to interpret the data and draw their own conclusions. In July 2020, the Office published a situation analysis related to the interventions and instruments used by the government in order to counteract the consequences of COVID-19, including decisions related to the procurement of goods necessary to curb the pandemic, and deviations from public procurement principles in a situation deemed extraordinary^[22]. The new product in this regard was published on 30.03.2021 “Provision of resources necessary for curbing the spread of Covid-19 in state and municipal institutions”^[23].

The Netherlands: Focus Audits

The Netherlands Court of Audit conducts financial and performance audits^[24]. Since 2017, some performance audits have been carried out in a new manner: rapid and focused, with no conclusions or recommendations, in order to present facts only - to facilitate public debates and respond to current or emerging issues (e.g., COVID-19). They have been inspired by the experience of the National Audit Office of the United Kingdom. They are called “focus audits” (Focus-onderzoek).

According to the Netherlands Court of Audit, focus audits should be:

• topical: look at relevant and topical issues;
• fast: to be topical, focus audits are carried out relatively quickly: at most 14 weeks from start to publication;
• focused: have a defined scope and a clear objective: to verify facts. The audit question is usually: ‘Is it true that...?’;
• factual: the SAI’s powers are exercised in order to throw light on the facts behind a topical discussion, therefore only the facts are reported (in context) without any conclusions and/ or recommendations;
• concise and explanatory: reports should be concise, explanatory and clear^[25].

Audit Topics

In order to explain the practice, I discuss two recent focus audits:

1. Differences of opinion on the Netherlands’ net payments to the EU

   How much does the Netherlands contribute to the European Union, and how much does it get back in European funds? And why do the Dutch government and the European Union publish different information on the amount? The Netherlands Court of Audit has compared the facts from the last six years in order to explain what key data (e.g., national income) are used to calculate the contribution. Records of EU funding were presented, as well as the methodology behind different definitions of net contribution. An analysis was also made of the impact of the rebate that the Netherlands received from the EU^[26]. In autumn 2020, these issues were of high importance, and constituted part of the discussion on the multiannual financial framework of the EU. The Court’s intention was to present precise and reliable data - in order to facilitate discussions in parliament and public debates, however without judging whether the definitions used were accurate.

   According to the Netherlands, it contributed EUR 8.1 billion to the EU in 2019, and received EUR 2.6 billion, implying a net contribution of EUR 5.5 billion. The definition forming the basis for such a calculation comprises all revenues from the EU and payments to the EU, including duties (import charges) charged at the port of Rotterdam and other locations. Using such an assumption, in the audit period 2014-2019, the Netherlands emerged as the largest net contributor to the EU. The European Commission, however, uses another definition and does not take into account some national payments, such as duties and leaves out of some revenues. Thus, in the opinion of the Netherlands, its contribution to the EU budget stood at 0.67% of national gross income, while according to EU Commission data, the figure was 0.35%^[27].

2. Risks of digital homeworking

   On 16 March 2020, the Prime Minister of the Netherlands appealed to society at large to take steps to combat the spread of the pandemic, among them homeworking. From one day to the next, some 175,000 employees of ministries and other central bodies started working from home. They cooperated and communicated on the phone, through traditional networks and electronic mail, as well as, more and more often, through videoconferences, communicators and online collaborative platforms. These technologies are not a novelty, but suddenly started to be used on a mass scale and for new purposes. This gave rise to numerous questions, e.g., are Zoom video conversations secure? What information can be made accessible through such applications? Can private laptops be used without security risks?

   From July to October 2020, the Court of Audit examined which information and communication technologies (ICT) tools were used by the employees of ministries and other central bodies, for what purposes those tools were used, what threats could arise, and how ministries communicated their policies in the area. The audit showed that the way officials used ICT tools sometimes threatened the security of information, e.g., some of them - contrary to regulations - were providing confidential information via application WhatsApp. Moreover, not all officials knew which rules they were obliged to comply with, and others had doubts as whether those rules were appropriate. The basis for the audit was the survey sent through the Ministry of Defence, the portal for civil servants Rijksportaal, and internet community OnsCommunicatieRijk. Extensive distribution of the questionnaire and the high response rate added to the importance of findings. In addition, interviews were held with directors and employees of departments of information and information security since they had knowledge of the rules and practices of using ICT collaborative tools. In order to find out whether those rules were implemented in a consistent manner, the question was raised as to which ICT tools were used by the ministers and secretaries of state, what rules were applied with regard to their use, and how those rules were communicated. The interviews made it possible, in the first place, to identify strengths and weaknesses, including the risks of the use of unapproved programmes and applications in computer hardware connected to the company network^[28].

Other examples of focus audits of the SAI of the Netherlands:

• effectiveness of the police in addressing issues raised in crime reports^[29],
• access to long-term care^[30],
• costs of offshore wind energy^[31],
• Netherlands contribution to Sint Maarten reconstruction^[32],
• corona virus: testing capacity went unused in the spring^[33].

Audit Process

The main stages of focus audits are similar to those of performance audits. They usually include:

• preliminary work: establishing the availability of audit material, the development of preliminary assumptions and discussion of them, Board approval;
• formal start: concise project proposal, Quality Control review with comments then incorporated (week 1);
• announcement meeting at the ministry and commencement (week 2);
• conducting the audit: information gathering, regular sharing of findings with civil servants (to coordinate work steps), weekly meetings with director and supervising Board Member (weeks 3-9);
• developing the first draft report, incl. infographics (week 10);
• further work on the draft report, Quality Control review with comments incorporated, approval by director (week 11);
• read-through of draft report and Board approval, sharing findings with civil servants at working level and incorporating their comments, final verification of contents, draft report then sent to minister for possible response (week 12 and 13);
• incorporating comments of minister, if any, discussion with Board Members, press and social media releases, publication (week 14)^[34].

Contacts with Parliament

The Court of Audit has extensive working contacts with parliamentary committees (mainly the House of Representatives - Tweede Kamer). It provides parliament with around 60-80 reports annually. For example, in 2020 it provided an annual Accountability Report (for the year 2019) together with 23 audit reports (mainly on ministries and state funds), 20 reports on performance audits; 18 letters to parliament about current affairs and proceedings and 2 dossiers on the website^[35]. Most of them are considered by committees (30-40 meetings per year). Sometimes the committee sends the SAI written questions on the report (as well as written questions to the minister concerned).

Reports on focus audits are also submitted to parliament and dealt with under similar rules. As these do not include conclusions or recommendations, the responsible minister not always gives a formal response. When he does respond formally a summary of the response is usually included in the report. The full text of the responses is published on the SAI’s website. In case a minister does not respond formally the committees of the House of Representatives can ask the relevant minister to give a written reaction on focus audit, e.g., the parliamentary committee requested the Minister of Finance to give an opinion on the EU payments situation.

Slovakia: Rapid Audits in Budget Execution Audit

The Supreme Audit Office of Slovakia conducts financial and compliance audits, and recently more often - performance audits^[36].

In 2020, the Office introduced a new practice of rapid audits within the budget execution audit that forms the basis for its statement on the draft state final account at year-end. Such audits were conducted at four ministries: Education, Science, Research and Sport; Interior; Transport and Construction; and Health. They were intended to examine the completeness of final settlements, and to evaluate financial management, the use of European funds, and developments in selected areas, as well as to point up potential examples of the uneconomical use of public funds. These audits started in February 2020 and lasted three months. In each of the ministries, cases of incomplete objective implementation were found, as well as of spending funds without complying with their intended purpose. The results of the audits were presented in the statement by the SAI on the draft state final account, and were submitted to parliament^[37] and considered by committee. In the opinion of the Office, the new practice of rapid audits allows for gathering useful information, and will be continued in the future.

Poland: Ad Hoc Audits

The Supreme Audit Office of Poland (NIK) has for many years been conducting audits that aim to satisfy urgent needs. Although NIK operates on the basis of an annual audit plan, it can also conduct audits “outside” the plan - so called ad hoc audits^[38]. In accordance with the Act, the basic principles and the general procedure for planned and ad hoc audits are the same; the differences lie with the decision making body (approval by the President or Vice-President of NIK; while the decisions on ad hoc audits lie with the director of a department or a regional office of NIK who is responsible for making a proposal, approving the topic, and introducing potential modifications), as well as several aspects of the manner in which audits are conducted^[39]. As in the case of other NIK audits, the ad hoc ones have to illustrate the actual state of affairs in order to properly evaluate the audited activity, draw conclusions and make recommendations.

In accordance with Article 3 (2) of the regulation by the President of NIK “ad hoc audits are conducted in particular to:

1. urgently examine topical issues of high importance to the state’s operations (special audit);
2. urgently examine a specific problem (problem audit);
3. conduct a preliminary examination of specific issues in order to develop a planned audit (reconnaissance audit);
4. examine the manner in which the conclusions and recommendations of a previous audit have been used (follow-up audit);
5. consider complaints and motions (complaint audit)”^[40].

For number of ad hoc audits in 2017-2019 divided into types see Table 1.

Table 1: Ad hoc audits of NIK in 2017-2019 divided into types

Year	Special audits	Problem audits	Reconnaissance audits	Follow-up audits	Complaint audits	Total
2017	-	30	35	15	27	107
2018	-	23	30	13	25	91
2019	-	17	17	34	25	93

Source: Activity Reports of NIK for years 2017-2019.

Ad hoc problem audits seem to resemble ‘reactive’ and ‘rapid’ audits best. Special audits, which are rarely undertaken, due to their nature (“examine topical issues of high importance to the state’s operations”) can be work and time consuming, so they are not suited to rapid reaction scenarios. Reconnaissance and follow-up audits are of a different nature, and have a different position in the audit process, since at least some of them can be foreseen and included in annual audit plans.

The method of preparing and conducting ad hoc audits has already been discussed in “Kontrola Państwowa”^[41], hence this article is limited to some of their aspects only. The form of presentation of audit results seems particularly important: if NIK’s document is to be distributed to a wide readership, it needs to be as readable and accessible as possible.

In accordance with Article 53 of the Act on NIK, the results of ad hoc audits are included in single-entity audit reports (post-audit statements - Polish: wystąpienie pokontrolne)^[42] addressed to auditee managers. A single-entity audit report is a formal document with legal weight and includes elements laid down by the audit procedure^[43], however, because of this, it is difficult to read and often has little appeal to uninformed readers.

So far, the majority of ad hoc audits have been concluded with single-entity audit reports (see Table 2):

Table 2: Ad hoc audits of NIK in 2017-2019 divided into audit results presentation

Year	Ad hoc audits concluded with single-entity audit reports	Ad hoc audits concluded with summary audit reports	Total
2017	98	9	107
2018	85	6	91
2019	88	5	93

Source: Activity Reports of NIK for years 2017-2019.

It is therefore worth considering other forms of presentation of ad hoc audits results. In this discussion, stakeholder opinions matter a lot, especially that of the Sejm (lower house of the Polish Parliament) and other state bodies, citizens, non-governmental organisations, and the media:

• On the basis of Article 64 (1) of the Act on NIK, it is possible to develop a summary audit report of an ad hoc audit (pronouncement on the results of an ad hoc audit - Polish: informacja o wynikach kontroli doraźnej). The official addressees of this document are the Sejm, the President and the Prime Minister, but it is publicly available and everybody can have access to it. Such summary audit reports are descriptive documents, in the first place based on single-entity audit reports, but they can also contain data from other sources^[44]. Such a document contains, among other things, an evaluation of the audited activity and significant findings, however the scope of data can vary, depending on the decision by the President of NIK. It allows for various presentation options. Summary audit reports can present audit results in a brief manner, tailored to the needs of the most interested addressees, this would, however, call for departing - at least in some cases, on a trial basis possibly? - from the principle of a uniform approach to such document for the sake of flexibility and consistency between form and content.
• Within the constitutional principle of cooperation among state bodies, and maintaining its whistleblowing function^[45], the Supreme Audit Office can also present the Sejm with documents other than those listed in the Act on NIK. Therefore, it seems worth considering forms of communication that would best meet the intention to communicate audit results (e.g., short communiques or letters to parliamentary committees)^[46].
• Opportunities to communicate audit results in the Public Information Bulletin (Polish: Biuletyn Informacji Publicznej), on the NIK website (www.nik.gov.pl), through mass media (e.g., press briefings, interviews, press conferences), and in social media.

The decision on whether audit results should be disseminated, and how, must be taken on the basis of their contents and impact - with due consideration to the value of the findings and recommendations, and the addressees that may find them most useful.

In order to show the context of NIK’s work, recent examples of summary audit reports of ad hoc audits, as sent to the Sejm, can be enumerated:

• NIK audited the preparedness of the government administration to introduce an electronic toll collection system after 2018. The audit pointed up the lack of effective solutions to enable drivers to pay tolls easily, without “queuing”. For seven years, the concept of electronic toll collection was not developed. Delayed decisions, lack of knowledge of the latest toll collection systems, procedural mistakes, and the lack of competent staff led to the risk that tolls would stop being collected^[47]. In July 2019, a summary audit report was sent to the parliamentary Committee on State Audit and the Committee on Infrastructure. The document attracted wide interest in the media^[48]. At the meeting of the Committee on Infrastructure held on 29 October 2019, it was emphasised that the auditees had tried to prevent audit results from being disseminated by labelling some of the documents “restricted”. As a consequence, there was a dispute: representatives of the opposition supported NIK’s conclusions, while representatives of the government and the ruling party rejected them^[49].
• NIK audited the activities of regional authorities with regard to care homes that were providing 24-hour care for the disabled, chronically ill and elderly without permission. The care system provided by the regions was considered insufficient. The lack of appropriate knowledge and control allowed a grey area to develop. The legal regulations aimed at preventing the establishment and operation of illegal care-homes did not meet needs: there were no regulations allowing for effective reaction in cases of gross neglect, or to guard against failures to protect the rights of concerned persons. Regional governors also neglected the supervision of care homes. NIK formulated recommendations to the Minister of Family, Labour and Social Policy and regional governors^[50].

In March 2020, a summary audit report was sent to the parliamentary Committee on State Audit, the Committee on Senior Policy, and the Committee on Social Policy and Family. The document attracted broad interest in the media^[51], but was not discussed in the Sejm (as at March 2021).

In August 2020, changes were introduced to the procedure of initiating, preparing, conducting and reporting on NIK ad hoc audits. They were intended to:

• simplify the mechanisms for preparing and initiating ad hoc audits,
• make ad hoc audits better at addressing important public problems (at the local, regional and national level alike),
• better use information from NIK’s stakeholders,
• make the audit process more flexible and rapid,
• allow for wider dissemination of ad hoc audits results and their more extensive use for evaluating the state’s operations.

These changes may facilitate the implementation of suggestions related to organising work at NIK; they may also lead to making the audit process shorter.

Things to Consider

The problem with making audits more topical, so that they deal with important issues, has been observed for years, however in the light of new technologies it is growing in importance. The speed of information production has been increasing, and its massive dissemination is a fact. Systems for accessing information (e.g., the internet) have an impact on the contact between state bodies and citizens, and on citizens’ behaviour (e.g., social media). Supreme Audit Institutions should take this into account and adjust their modes of work. They possess unique knowledge and insight into state bodies’ activities, which can provide the basis for ensuring their transparency and accountability. Furthermore, fake information can rear its head, so that presentation of data by a body which people trust is in the interests of both the state and its citizen.

Supreme Audit Institutions meet these challenges: without giving up their current practice, new ways have been introduced to examine topical issues of high interest to state bodies, members of parliament, citizens and other interested parties. These changes affect key issues of SAIs’ work, such as the objectives of their activity, the essence of auditing, relations with stake-holders, legal regulations, organisation and internal operations, etc. It is impossible to discuss them in a short article, however some elements and conditions can be identified.

Audit without Evaluation and Recommendations?

Some of the procedures discussed here allow for conducting reactive and rapid audits as a form of an audit in the traditional understanding of the notion. However, the SAIs of the United Kingdom and the Netherlands conduct them without including any recommendations.

In accordance with the traditional definition of an audit (which I have recalled in more detail in my previous article), it is about comparing “things as they are” with “things as they should be”, so as to arrive at findings and evaluations. In this definition, an engagement that does not comprise evaluation or recommendations, is not an audit. However, I suggested taking a broader view: 1) presenting audit reports in a way that allows the readers to draw their own conclusions, 2) linking reactive and rapid audits with other (full?) audit engagements, 3) allowing for follow-up by other means, e.g., recommendations from parliamentary committees, pressure from the media. In this way, I suggested treating the UK NAO investigations as a new type of audit, similar to a performance audit, with the main difference being to rely on distinct and disparate forms of follow-up and implementation^[52]. I emphasised that the issue was still not clear and subject to debate. In response I have received various opinions: some supporting my stance, many others, against it, questioning whether any audits may conclude without evaluation and recommendations^[53].

Although reactive and rapid audits conducted by the SAIs of the United Kingdom and the Netherlands do not reflect the traditional understanding of an audit - they are still conducted on the basis of the tried-and-tested methodology of a given SAI, and reports go through the QC procedure. They may not, however, comprise several significant stages of the audit process, such as analysis of findings, identification of the reasons for irregularities, or recommendations for improvement - which are elements that in particular reflect the analytical capacity of SAIs. Therefore, such audits cannot be considered as full audits.

Despite the lack of evaluations and recommendations, the facts described in reports are important to the users, both citizens and state bodies, since they are presented by a reliable and independent institution. In this way, such activities complement the audit forms used to date, and they enable SAIs to participate in solving situations which, due to time limitations, do not allow for conducting a full audit, or do not require an in-depth analysis, or systemic problem identification, etc.

The Concept of Risk of Reactive and Rapid Auditing

When considering various reactive and rapid audit practices, it is necessary to recognise the risks that may arise. This is a vast topic that relates to the entire activity of an SAI; understandably, only a few hypotheses can be presented in the article. Primarily, I see a general risk of weakening the quality of planning and conducting audits and presenting their results due to the short amount of time and the associated rush; besides, it is worth taking into account some specific risks:

• the risk of misinterpreting audit findings if an entity other than a SAI evaluates the audit,
• the risk of depriving auditees of an opportunity to address draft evaluations and recommendations,
• the risk of lowering the quality assurance mechanisms,
• the risk of attributing audit characteristics to a document that has not been developed as a result of an audit.

The general approach to risk assessment should be adjusted to take account of the risks associated with reactive and rapid audits. Indeed, risk identification and assessment of its impact should accompany any audit process, and audit risk should be reduced to an acceptably low level, allowing the SAI to obtain reasonable assurance as to the preparation of the audit report.

The General Risk that Reactive and Rapid Audits May be of Less than Adequate Quality

It is extremely difficult to fully and correctly apply the existing procedures and international guidance on public audit if the audit process has to be carried out very quickly. The risks that need to be considered relate to the planning and preparation of the audit (e.g. risk of not identifying the relevant topic or scope of the audit, risk of inadequately planning the necessary resources; lack of time taken to properly understand the audited domain), carrying out the audit activities (insufficient time to obtain the necessary data and discussion with auditees, difficulty in gathering sufficient evidence to support audit findings, insufficiently thought-out conclusions and recommendations); insufficient coordination between auditors - when deadlines are tight, sometimes a larger team has to be involved, inaccuracies in the report; weakening of QC mechanisms - see further in a separate point). These are only examples - there are more risk elements in reactive and rapid audits.

Risk of Misinterpretation of Audit Findings

An evaluation made within an audit reflects the opinion of a SAI on the audited activity - on the basis of the criteria applied. Although audit recommendations can be implemented with the use of various mechanisms, it does not mean that they can be formulated by another body. It lies with a SAI to make evaluations and recommendations, and if another entity does it, that very entity is allowed to interpret the findings and their consequences; and this in turn may give rise to mistakes.

Therefore, evaluations and recommendations should be formulated by SAIs, as far as possible, during each audit - in the interest of a SAI and, in general, of the public. Simultaneously, a variety of situations should be taken into account, which can imply that a structure, form or level of detail of evaluations and recommendations may vary.

Risk of Lack of Discussion with the Auditee

The contents of evaluations and recommendations is of high importance to auditees and they should have a right to address them. If SAIs publish audit results without evaluations and recommendations, this opportunity may not be available.

The majority of SAIs recognise the right of an auditee to give an opinion on draft documents that present audit results, including evaluations and recommendations. Reactive and rapid audits of the SAIs of the United Kingdom and the Netherlands comprise mechanisms that are limited to examining facts only:

• the National Audit Office of the United Kingdom contacts civil servants at an early stage in order to confirm the reliability of the facts. The final draft report is sent to the undersecretary of state (highest level civil servant in a given entity) who confirms the facts or gives comments;
• Netherlands Court of Audit examines facts at the working level with civil servants, and the final draft report is sent to the respective minister for comments.

Later, if an audit report is considered by a parliamentary committee, representatives of auditees can sometimes participate in its sessions, although there is no formal mechanism for consulting them on draft evaluations and recommendations.

Risk of Lowering the Quality Assurance Mechanisms

In the audit process, SAIs apply various, often very comprehensive, quality assurance measures^[54]. They are especially indispensable in reactive and rapid audits, which are often conducted in a necessarily short timescale. At the same time, striving to finish an audit within the deadline may result in pressure to omit them, or apply them in a less rigorous manner.

SAIs emphasise that for reactive and rapid audits they apply the same strict quality requirements as for other audits. For example, the National Audit Office of the United Kingdom organises internal peer reviews: a draft audit programme and draft report are evaluated by an experienced staff member (Case Manager) from the department that coordinates investigations (Central Investigations Team), and by the director of an audit department not engaged in the given audit (Partner Director). The quality procedure here is broader then in the case of “ordinary” audits: at the stage of audit programme development, an assessment is made as to whether a facts-only examination will add value, whether the scope of the audit is suitably narrow, and whether the schedule is feasible. At the stage of drafting the audit report, an additional task is an assessment of the summary with regard to its readability and internal consistency to determine whether it presents facts only (without evaluation), whether the description of the facts will encourage the reader to draw conclusions, and whether a facts-only report will lead to some desired responsive actions^[55].

Risk of Ambiguous Nature of the Document

Supreme Audit Institutions are tending more frequently today to produce not simply audit reports, but documents of a hybrid nature, partially based on audit results, and partially on other sources. For instance:

• the National Audit Office of Estonia published “reports which do not necessarily involve classic audit procedures, but focus on the analysis of a single question”;
• the National Audit Office of Latvia published “discussion papers based on findings from the performance and compliance audits conducted”;
• the National Audit Office of the United Kingdom published “best practice guidance documents summarising insights from its work”;
• the European Court of Auditors distributed review-based publications, such as 1) landscape reviews - descriptive, analytical documents on complex, large-scale policy areas or management issues, setting out accumulated audit experience and knowledge on the selected topic, often from a cross-cutting perspective; 2) briefing papers - similar in nature to landscape reviews (descriptive, analytical documents on policy or management issues), but address more focused topics; 3) rapid case reviews - presenting facts focusing on very specific issues or problems and, if necessary, including an analysis to help understand those facts^[56].

The variety of types may lead to a situation where the status of a document is ambiguous: is it an audit report, or a document based on other sources, e.g., a review or a synthesis of information from publically available materials, including previous SAI documents? Members of parliament or citizens may not see the difference between “full“ and ’’incomplete" audits. This can be confusing. To avoid doubt, a document needs to be clearly identified as an audit report, or something else.

Legal Basis

Legal regulations determine whether a SAI can conduct reactive and rapid audits - and in what forms. In the regulations that set forth the principles and mode of SAIs’ audits in various countries, two basic approaches can be observed:

• A general regulation that lists types of audit without definition, and without stating that the list is exhaustive, or refers to international or national guidance on public audit, or which mandates the SAI to define types of audit on its own. For instance, in the United Kingdom the legislation stipulates the comptroller function and ex-post financial audit, as well as the right to conduct performance audits, however the law does not lay down the audit procedure or methodology: in financial audits, general auditing standards are applied, while in performance audits - the NAO’s own principles, which have to comply with international guidance^[57]. Similarly in the Netherlands, the act obliges the Court of Audit to conduct financial and performance audits, with the provision on performance audit stating, in a rather general manner, that “The Court of Audit must examine the effectiveness and efficiency of policy pursued by central government”^[58], while the mode of an audit is set by the Court (the act regulates only the Court’s access to information, and the obligation to consult with the competent minister on the draft audit report).
• A detailed regulation that defines the audit procedure and/or types of audit - meaning that a given SAI can only conduct audits in accordance with the provisions of the law. For instance, the Polish Act on the Supreme Audit Office sets forth the audit procedure and audit criteria, and consequently audits can only be conducted in accordance with statutory modes^[59]; and it is so in the case of the Act on the Supreme Audit Office of the Czech Republic^[60]. These acts are interpreted in accordance with the principle that a state body is only allowed to act in the manner that its mandate entitles it to.

Reactive and Rapid Audits vs. Real-Time Audits

Discussing reactive and rapid audits, one can ask a question as to whether these are underway (in progress) audits. It is worth recalling that the mandate of some SAIs (especially of judicial SAIs) confines them to ex post auditing - so those SAIs cannot conduct reactive and rapid audits. The reasoning is as follows:

• auditing of events that are in progress, or that have just recently been completed, raises the risk of interfering with decision making processes. SAIs - especially judicial SAIs - should not interfere in this way;
• audit planning in some judicial SAIs is a slow process: a decision on a new topic and allocating resources is time consuming;
• in accordance with a long tradition, judicial SAIs - acting as courts - should not be perceived as bodies that follow press releases.

In this context, a question arises as to whether there is a connection between “reactive and rapid audits” and the concept of “real-time audit”. This relates to the practices of the Federal Court of Audit of Germany, which conducts both types of audits, “reactive and rapid audits” and “real-time audits”. In real-time audits the German SAI monitors the progress of government programmes throughout their implementation, providing professional advice to the government and parliament. In order to detect and correct potentially wrong decisions, the audit starts immediately after the taking of any administrative decision with financial consequences, i.e., before expenditure is incurred. The objective of this procedure - which does not replace an ex post audit - is to prevent potential mistakes. However, to avoid a situation where auditors become actual co-decision makers, audits can cover only decisions that have already been taken^[61].

It seems that the two concepts are related to different aspects of audit activity, since reactive and rapid audits can deal with both past events, and events that have started recently, or are underway, whereas real-time audits deal only with events underway.

Internal Organisation

In order to introduce new methods of working, and to realise a strategic vision of reactive and rapid delivery of audit results, changes in the organisation and operations of a Supreme Audit Institution may be appropriate:

• reactive and rapid audits can be conducted by “ordinary” audit departments within their area of responsibility, defined on the basis of entities or areas they audit, however some SAIs have dedicated units to conduct such audits;
• in some SAIs, there are units to coordinate and provide methodological support for reactive and rapid audits. For instance, the National Audit Office of the United Kingdom has a Central Investigations Team, responsible for developing standards and methodology for such audits, quality assurance, and, exceptionally, conducting audits (e.g., in urgent cases, or if a topic exceeds the scope of one ministry), identification of potential future audit topics, advice and support for the UK NAO management, continuous learning and gathering of experience.

Retaining New Practices

Reactive and rapid audits have a relatively short history. A Supreme Audit Institution can consider it a permanent practice if respective provisions are included in its strategic document. For example:

• in accordance with the strategy of the National Audit Office of the United King­dom, investigations constitute one of the main forms of NAO activity^[62],
• in accordance with the Strategy of the Polish Supreme Audit Office, a significant growth of ad hoc audits is foreseen, so that “rapid and effective ad hoc audits” become an element of NIK’s Vision in 2024^[63].

SAIs’ management can communicate in other ways, too, e.g., the resolution of the Netherlands Court of Audit of 16 April 2019 reads that focus audits increase the added value of the Court, and therefore the Court has decided to include them in its standard product portfolio.

Audit Reports in Parliament

In accordance with the international guidance on public audit, SAIs should submit audit reports, in the first place, to parliaments^[64].

Although parliaments are political bodies and everything they do has a political meaning, a way needs to be found to reduce the chance of politicisation of the debate when audit reports are discussed, so that they remain, to the largest extent possible, based on factual criteria. This is of particular importance in case of reactive and rapid audits. The experience of the United Kingdom is interesting here - in the Public Accounts Committee of the House of Commons, political issues (evaluation of the government and ministers) have been separated from professional issues (evaluation of civil servants)^[65], however things are not like this in the majority of other countries. Another element of the British practice to be followed is examination of the vast majority of the UK NAO audit reports by the Committee.

Exchange of Experience

In accordance with the international guidance on public audit, SAIs should develop, build capacity to achieve results, and draw from other SAIs’ experience^[66]. The National Audit Office of the United Kingdom organised the EUROSAI seminar on reactive and rapid auditing (London, 14-15 November 2018)^[67]; later the topic was included in the agenda of the EUROSAI Congress, which was supposed to take place in June 2020 in Prague^[68]. On 16 July 2020 and on 8 December 2020, webinars were held on reactive and rapid auditing, organised by the UK NAO^[69] and the Netherlands Court of Audit^[70].

Final Remarks

It seems that SAIs have already found some new ways to respond to the challenges of the contemporary - rapidly changing - world. I do not formulate a clear conclusion because the topic still requires analysis and discussion.

The international guidance on public audit recommends that SAIs, besides their basic responsibilities, i.e., compliance, financial and performance audits, perform, within their mandates, other types of work, such as judicial review or investigation into the use of public resources or matters where the public interest is at stake^[71]. Results of such studies can contribute, e.g., to parliamentary debates, media discussions, or shaping citizens’ opinions.

Reactive and rapid audits seem to be an effective tool, which SAIs can use when applicable: they allow for a response to topical issues, and can provide information when public opinion and the media are still interested in the given topic. Their brief reports add to an understanding of the information they contain. However, notwithstanding the above recommendations, it must be remembered that the basic task of SAIs is to conduct compliance, financial and performance audits, while other types of auditing or non-audit tasks can complement their work, but should not be their core activity.

Reactive and rapid audits are not a distinct form (type) of auditing, they are rather a new way of organising SAIs’ work, and of audit management. The practices of six Supreme Audit Institutions discussed here vary: one could say that each SAI goes its own way, in search for methods that best meet their needs, considering their legal basis and opportunities. Such a variety of approaches makes a valuable contribution to any discussion on audit methodology. The practices of the SAIs of the United Kingdom, the Netherlands and Latvia are particularly inspiring here.

Reactive and rapid audits can be compliance, financial and performance audits alike. What makes them special, is the way in which a decision is taken to launch one (rapid reaction to a problem of high importance to public finances or society, etc.) - instead of proceeding with the concept within the scope of a given SAI’s audit planning horizon for the upcoming years. Another characteristic is the simplified procedure, narrower scope, and flexible approach to audit management, as well as to audit report development.

In spite of the differences between the individual country approaches, reactive and rapid audits have the same objective: to ensure accountability and transparency of government and administration activity, and to improve the quality of public services. This is in compliance with the tendency of SAIs to evolve from institutions that mainly audit public finances into bodies that to a greater extent examine and evaluate the outcomes of administrations’ activity. As the British practice shows, reactive and rapid audits are mostly conducted in the case of “issues or the suspicion that things do not work as they should, or when problems exist that - regardless of the reason - should be solved by government, or at least call for government to take a view”. For example:

• government programme implementation, effectiveness and quality of management, e.g., measured against the failure to achieve the expected results or changes of the programme;
• government’s (competent department’s) activities in response to emerging or unexpected issues that raise public concern (epidemics, catastrophes, bankruptcies of companies of high importance to the economy, etc.);
• problems with accessing public services;
• compliance with the law, especially in areas of high importance to citizens or other private entities;
• distribution of government resources (e.g., subsidies), often in the context of alleged privileges;
• other problems with transparency and accountability of the administration, including conflicts of interest^[72].

This means that the main addressees of such audits are not only state bodies (parliament, government, etc.), but also - and sometimes in the first place - the citizens. More and more SAIs recognise that citizens are their main stakeholders^[73]. To this end, proper communicating of audit results is of high importance, so that they are easily accessible and widely disseminated.

The need to react to rapid economic, political, social and media processes incurs changes in the operations of the public sector, which consequently has an impact on the nature and forms of public auditing. In the contemporary world, audits conducted in full compliance with the recommendations produced to date may prove too time consuming - consequently, even the most accurate evaluations and recommendations included in reports published two or more years after the start of the audit may not be possible to use. Therefore, in future a shift in audit approach may take place - in order to simplify and reduce audit procedures, and to make them more flexible. Then it will be worthwhile considering SAI experience to date with regard to new methods, approaches and tools, taking into account the different elements of audit risk. An international discussion on this issue seems to be more and more desirable.

The Editor of “Kontrola Państwowa” invites contributions to the discussion about needs and direction of changes in the approach to public audit^[74].

JACEK MAZUR PhD

Retired Advisor to the President of NIK

Key words: Supreme Audit Institutions, the concept of audit, audit methodology, types of audit, simplification of audits

---

[1] See my theses on the international guidance on public audit: J. Mazur: New Trends in the Works of Supreme Audit Institutions, “Kontrola Państwowa” No 3/2020, pp. 33-34; https://www.nik.gov.pl/en/kontrola-panstwowa-magazine/new-trends-in-the-works-of-supreme-audit-institutions.html (accessed 18.03.2021).

[2] INTOSAI P-12 The Value and Benefits of Supreme Audit Institutions - making a difference to the lives of citizens, 2019, p. 6, 8, 10; https://www.intosai.org/fileadmin/downloads/documents/open_access/INT_P_11_to_P_99/INTOSAI_P_12/INTOSAI_P_12_en_2019.pdf (accessed 10.10.2020).

[3] J. Mazur: Investigations of the UK NAO, “Kontrola Państwowa”, No 6/2020; https://www.nik.gov.pl/en/kontrola-panstwowa-magazine/investigations-of-the-uk-nao-a-new-type-of-audit.html (accessed 18.03.2021).

[4] Possibly, reactive and rapid audits are conducted by other SAIs as well, still I do not have such information. However, it is evident that some SAIs do not perform this kind of audit activity.

[5] More information available from the SAI of Denmark’s website https://uk.rigsrevisionen.dk/ (accessed 24.10.2020); J. Mazur: Urząd Kontroli Państwowej Danii (National Audit Office of Denmark), “Kontrola Państwowa” No 3/1998; Public Audit in the European Union, European Court of Auditors, Luxembourg 2019, pp. 74-80.

[6] Examples: Notat til Statsrevisorerne omrevisionen af Nordisk Rad, Nordisk Ministerrad og Nordisk Kulturfond for 2006, 30.11.2007; https://docplayer.dk/68626496-Notat-til-statsrevisorerne-om-revisionen-af-nordisk-raad-nordisk-ministerraad-og-nordisk-kulturfond-for-december-2007.html (accessed 4.10.2020); Rigsrevisionens notat om Skattestyrelsens forlig med 61 amerikanske pensions-planer mfl. fra maj 2019, 15.01.2020; https://rigsrevisionen.dk/Media/E/9/1404-20.pdf (accessed 24.10.2020).

[7] Audit of Government Accounts etc. Act (Consolidated Act no. 101 of 19 January 2012); https://uk.rigsrevisionen.dk/our-work/legislative-framework/the-auditor-general-act (accessed 24.10.2020).

[8] Information at the Office’s website: https://www.lrvk.gov.lv/en (accessed 25.10.2020); Public Audit..., ibid, pp. 134-140.

[9] See https://www.lrvk.gov.lv/en/about-us/legal-framework/auditing-standards (accessed 9.02.2021).

[10] Does the Medical Treatment Risk Fund operate for the benefit of patients?, 08.05.2019; https://www.lrvk.gov.lv/en/audit-summaries/audit-summaries/does-the-medical-treatment-risk-fund-operate-for-the-benefit-of-patients (accessed 8.02.2021).

[11] Vai valstij tiesi un pastarpinati piederoso kapitalsabiedribu valdes locekju atlidzibas regulejums ir pietiekams?, 16.04.2020; https://www.lrvk.gov.lv/lv/revizijas/revizijas/noslegtas-revizijas/vai-valstij-tiesi-un-pastarpinati-piederoso-kapitalsabiedribu-valdes-loceklu-atlidzibas-regulejums-ir-pietiekams (accessed 8.02.2021).

[12] Taxi transportation at the Riga International Airport still poses a risk of receiving service at an unfair price, 07.10.2020; https://www.lrvk.gov.lv/en/news/taxi-transportation-at-the-riga-international-airport-still-poses-a-risk-of-receiving-service-at-an-unfair-price (accessed 9.02.2021).

[13] Interim Report "Delivery process of personal protective equipment (protective face masks and respirators) in the health sector", 20.07.2020, https://lrvk.gov.lv/en/audit-summaries/audit-summaries/delivery-process-of-personal-protective-equipment-protective-face-masks-and-respirators-in-the-health-sector (accessed 26.10.2020).

[14] Audit interim report “The procurement system established by the Ministry of Defence and the procurements made during the emergency to limit the spread of COVID-19", 17.08.2020; https://www.lrvk.gov.lv/en/audit-summaries/audit-summaries/the-procurement-system-established-by-the-ministry-of-defence-and-the-procurements-made-during-the-emergency-to-limit-the-spread-of-covid-19 (accessed 26.10.2020).

[15] Audit interim report “The use of additional funding allocated to the Ministry of the Interior for the purchase of personal protective equipment and disinfectants", 02.09.2020; https://www.lrvk.gov.lv/en/audit-summaries/audit-summaries/the-use-of-additional-funding-allocated-to-the-ministry-of-the-interior-for-the-purchase-of-personal-protective-equipment-and-disinfectants (accessed 26.10.2020).

[16] Interim Report “Providing a distance learning process during an emergency”, 30.09.2020; https://www.lrvk.gov.lv/en/audit-summaries/audit-summaries/providing-a-distance-learning-process-during-an-emergency (accessed 26.10.2020).

[17] Interim Report “The use of the additional funding for bonuses for home affairs officials directly involved in curbing the spread of COVID-19", 13.10.2020; https://www.lrvk.gov.lv/en/audit-summaries/audit-summaries/the-use-of-the-additional-funding-for-bonuses-for-home-affairs-officials-directly-involved-in-curbing-the-spread-of-covid-19 (accessed 26.10.2020).

[18] Interim Report “The use of the funding allocated to the Ministry of Welfare for payment of continued parent benefit, extraordinary bonus to national family benefit for disabled child, and increased childcare benefit”, 26.1 1.2020; https://www.lrvk.gov.lv/en/audit-summaries/audit-summaries/the-use-of-the-funding-allocated-to-the-ministry-of-welfare-for-payment-of-continued-parent-benefit-extraordinary-bonus-to-national-family-benefit-for-disabled-child-and-increased-childcare-benefit (accessed 8.02.2021).

[19] Interim report “The use of funding allocated to the Ministry of Justice for bonuses for the Prison Administration staff who have been directly involved in curbing the spread of COVID-19", 14.12.2020; https://www.lrvk.gov.lv/en/audit-summaries/audit-summaries/the-use-of-funding-allocated-to-the-ministry-of-justice-for-bonuses-for-the-prison-administration-staff-who-have-been-directly-involved-in-curbing-the-spread-of-covid-19 (accessed 8.02.2021).

[20] Interim report “Has funding from the state budget program “Contingency Funds" for repairs in hospitals been requested for unforeseen needs unplanned in the annual budget?", 22.12.2020; https://www.lrvk.gov.lv/en/audit-summaries/audit-summaries/has-funding-from-the-state-budget-program-contingency-funds-for-repairs-in-hospitals-been-requested-for-unforeseen-needs-unplanned-in-the-annual-budget (accessed 8.02.2021).

[21] International Standard on Auditing (ISA) 701, Communicating Key Audit Matters in the Independent Auditor’s Report; https://www.ifac.org/system/files/publications/files/ISA-701_2.pdf (accessed 26.10.2020).

[22] Situacijas izpetes zinojums „COVID-19 izraisltie arkartas apstakji un kompetento instituciju pazinojumi attieclba uz COVID-19 uzliesmojuma ierobezosanai nepieciesamajiem iepirkumiem un atkapem precu atbilstlbas novertesana", 20.07.2020; https://www.lrvk.gov.lv/lv/revizijas/revizijas/noslegtas-revizijas/covid-19-izraisitie-arkartas-apstakli-un-kompetento-instituciju-pazinojumi-attieciba-uz-iepirkumiem-un-atkapem-precu-atbilstibas-novertesana (accessed 26.10.2020).

[23] Situacijas izpetes zinojums “Covid-19 izplatibas ierobezosanai nepieciesamo resursu nodrosinajums valsts un pasvaldlbu institucijas", 30.03.2021. See Crisis management requires a greater role of the government in the practical implementation of the decisions; https://www.lrvk.gov.lv/en/news/crisis-management-requires-a-greater-role-of-the-government-in-the-practical-implementation-of-the-decisions (accessed 6.04.2021).

[24] Information available at: https://english.rekenkamer.nl/ (accessed 26.10.2020); Public Audit..., ibid, pp. 161-166.

[25] Focus audits at the Netherlands Court of Audit, https://english.rekenkamer.nl/about-the-netherlands-court-of-audit/what-we-do/innovation-in-audit/focus-investigations (accessed 7.02.2021).

[26] In general, membership contributions to the EU budget are calculated on the national revenue and the VAT resource (0.3% is levied on the harmonized VAT base of each Member State). Some countries pay more than they receive. To partially reduce or correct this imbalance, Austria, Denmark, the Netherlands and Sweden use the correction of contributions to the EU budget, the so-called rebates. In the past, the UK rebate was the most important: the UK was reimbursed 66% of the difference between its contribution to the EU and the amount it receives from the EU budget.

[27] Focus on the Netherlands’ net payment position, 14.10.2020; https://english.rekenkamer.nl/publications/reports/2020/10/14/focus-on-the-netherlands%E2%80%99-net-payment-positon (accessed 26.10.2020).

[28] Focus on digital home working, 2.11.2020; https://english.rekenkamer.nl/publications/publications/2020/11/02/focus-on-digital-home-working (accessed 6.02.2021).

[29] Focus on crimes reported to the police that are likely to be solved, 19.12.2017; https://english.rekenkamer.nl/publications/reports/2017/12/19/focus-on-%E2%80%98crimes-that-are-likely-to-be-solved%E2%80%99-reports-made-to-the-police (accessed 26.10.2020).

[30] Focus on access to long-term care, 06.06.2018; https://english.rekenkamer.nl/publications/reports/2018/06/06/focus-on-access-to-long-term-care (accessed 26.10.2020).

[31] Focus on the cost of offshore wind energy, 27.09.2018; https://english.rekenkamer.nl/publications/reports/2018/09/27/focus-on-the-cost-of-offshore-wind-energy (accessed 26.10.2020).

[32] Focus on the Dutch contribution to the reconstruction of Sint Maarten, 13.12.2018; https://english.rekenkamer.nl/publications/reports/2018/12/13/focus-on-the-netherlands%E2%80%99-contribution-to-the-reconstruction-of-sint-maarten (accessed 26.10.2020).

[33] Focus on corona crisis measures: testing capacity went unused in the spring, 23.09.2020; https://english.rekenkamer.nl/topics/coronavirus/news/2020/09/23/testing-capacity-went-unused-in-the-spring (accessed 6.02.2021).

[34] On the basis of the presentation by the SAI of The Netherlands Overview of steps in NCA focus audits during the webinar of EUROSAI held on 8 December 2020 (EUROSAI Investigations webinar II).

[35] The NCA only sends a letter to parliament so MPs know that information can be found on the website (no paper report made).

[36] Information from the Office’s website: https://www.nku.gov.sk/ (access 24.10.2020); P. Banaś, J. Mazur: Peer Review of the Supreme Audit Office of the Slovak Republic: Reflections of Peer Review Team Members, “International Journal of Government Auditing”, Washington, October 2011; Public Audit..., ibid, pp. 189-194.

[37] Stanovisko Najvyssieho kontrolneho uradu Slovenskej republiky k navrhu statneho zaverecneho uctu Slovenskej republiky za rok 2019, 17.06.2020; pp. 19-32; https://www.nku.gov.sk/documents/10157/164819/Stanovisko+NK%C3%9A_%C5%A0Z%C3%9A2019.pdf (accessed 24.10.2020).

[38] Article 6 (2) of the Act of 23 December 1994 on the Supreme Audit Office, Journal of Laws 2020, item 1200.

[39] In accordance with Article 28a of the Act on NIK: “1. An audit included in an annual work plan of the Supreme Audit Office is conducted in accordance with an audit programme approved by the President or Vice-President of the Supreme Audit Office. 2. An ad hoc audit is conducted with consent of the President or Vice-President of the Supreme Audit Office in accordance with an audit topic approved by the director of the competent audit unit. If an ad hoc audit is conducted by several audit units, the audit topic is approved by the director of the unit that coordinates the audit [...]”.

[40] Zarządzenie Nr 11/2020 Prezesa NIK z dnia 25 lutego 2020 r. w sprawie szczegółowych zasad przygotowywania kontroli, zadań kontrolerów oraz zasad sporządzania informacji o wynikach kontroli, zmienione zarządzeniem Nr 49/2020 Prezesa NIK z dnia 5 sierpnia 2020 r. (Regulation No 11/2020 by the President of NIK of 25 February 2020 on detailed rules for preparing audits, auditors’ tasks and rules for developing pronouncements on audit results, amended with regulation No 49/2020 by the President of NIK of 5 August 2020); https://bip.nik.gov.pl/podstawy-prawne-dzialania-nik/akty-prawne/zarzadzenie-w-sprawie-szczegolowych-zasad-przygotowywania-kontroli.html (accessed 21.10.2020).

[41] E. Jarzęcka-Siwik, M. Proksa: Przygotowanie i przeprowadzanie kontroli doraźnych przez NIK (Preparing and Conducting Ad Hoc Audits by NIK), “Kontrola Państwowa” No 5/2016. See also: Najwyższa Izba Kontroli i prawne aspekty funkcjonowania kontroli państwowej (Supreme Audit Office and Legal Aspects of State Audit Operations), ed. E. Jarzęcka-Siwik, Warszawa 2018, pp. 167-171.

[42] To explain this concept: NIK performs single-entity audits, but in a coordinated way rather than separately. It allows for examination of broader issues in which case recommendations can cover a whole sector of the administration or economy. In coordinated audits, many NIK departments and auditors take part. The starting point for this kind of audit is preparation of a joined-up audit program on the basis of which single-entity audits are carried out. See J. Mazur: The Polish Supreme Chamber of Control in comparison with Supreme Audit Institutions of other countries, “Iyunim. Studies in State Audit”, Jerusalem, Volume 61, 2007, pp. 164-165.

[43] In accordance with Article 53 (1) of the Act on NIK, a post-audit statement should comprise: 1) number and title of the audit; 2) name, surname, and position of the auditor, name of the competent audit unit, and number and date of the authorization to conduct the audit; 3) marking of the auditee, its address, as well as name and surname of the manager of the auditee; 4) brief description of the status quo and evaluation of the audited activity, including irregularities identified on the basis of audit evidence included in the audit file, and their reasons, scope and consequences, and persons responsible; 5) comments and conclusions on elimination of the irregularities identified; 6) note on providing information set forth in Article 51 (1), and note on preventive measures taken by the end of the audit, and their impact, or a note on the lack of such measures; 7) caution on the right to submit objections referred to in Article 54.

[44] In accordance with Article 64 (1) of the Act on NIK: “The basis for developing a pronouncement on audit results are, in particular, post-audit statements and evidence gathered in the audit file”.

[45] In accordance with Article 51 (1) of the Act on NIK: “An auditor is obliged to immediately inform the manager of the auditee, or the manager of the supervising entity, or the competent bodies or organisational units, about a direct threat to life of health, or a significant loss of assets, in order to prevent danger or damage”.

[46] It is worth paying attention to the provisions of the Act of 15 July 2011 on audit in the government administration (Journal of Laws, 2020, item 224), which refers to “an ordinary procedure audit” (where a post-audit statement is the final document - Article 36), and “a simplified procedure audit” (where an audit report is the final document - Article 52).

[47] Informacja o wynikach kontroli „Przygotowanie administracji rządowej do prowadzenia elektronicznego poboru opłat drogowych po 2018 r., NIK (Pronouncement on audit results “Preparedness of the government administration to introduce electronic system for toll collection after 2018"), https://www.nik.gov.pl/kontrole/I/17/001/KIN (accessed 22.10.2020); Wyboista droga przez e-myto (Bumpy Road Through e-Toll), 2019-07-24, https://www.nik.gov.pl/aktualnosci/wyboista-droga-przez-e-myto.html (accessed 22.10.2020).

[48] G. Suteniec: Kompromitacja państwa przy e-mycie (State’s Fiasco with e-toll), “Puls Biznesu”, 24.07.2019; T. Żółciak: Repolonizacja viaTOLL czyli ani lepiej ani taniej (Repolonising viaTOLL - Which Means Either no Better or no Cheaper), “Dziennik Gazeta Prawna”, 24.07.2019; Nadal nie ma systemu e-myta koncepcji poboru opłat drogowych (E-toll System Still Not There - NIK About the Concept to Collect Road Charges), www.pracujwlogistyce.pl, 24.07.2019; A. Jadczak: NIK: nieudane przejęcie obsługi systemu viaToll (NIK: Unsuccessful Takeover of the viaToll System Service), www.itwiz.pl, 25.07.2019; NIK skrytykowała przejęcie systemu ViaToll (NIK Criticises the Takeover of the ViaToll System), www.biznes.interia.pl, 27.07.2019; M. Michalak: Najwyższa Izba Kontroli krytykuje przejęcie systemu opłaty elektronicznej dla ciężarówek i autobusów (Supreme Audit office criticises the takeover of the electronic payment system for trucks and buses), “Dziennik Łódzki” 07.07.2019.

[49] Pełny zapis przebiegu posiedzenia Komisji Infrastruktury (nr 312) z dnia 29 sierpnia 2019 r.; Kancelaria Sejmu Biuro Komisji Sejmowych (Full record of the meeting of the Committee on Infrastructure (No 312) of 29 October 2019); Chancellery of the Sejm, Office of Sejm Committees, http://orka.sejm.gov.pl/zapisy8.nsf/0/4F31AB0687D0930CC125846C0046FF69/%24File/0465308.pdf (accessed 22.10.2020).

[50] Informacja o wynikach kontroli „Działania podejmowane przez wojewodów wobec placówek udzielających całodobowej opieki bez wymaganego zezwolenia" (Pronouncement on audit results “Activities of regional governors with regard to centres providing 24-hour services without permission"), NIK; https://www.nik.gov.pl/plik/id,21939,vp,24606.pdf (accessed 22.10.2020); Pozorny nadzór państwa nad placówkami świadczącymi opiekę całodobową (Sham supervision of the state of centres providing 24-hour care), 22.04.2020; https://www.nik.gov.pl/aktualnosci/nadzor-nad-placowkami-opieki-calodobowej.html (accessed 22.10.2020); M. Miłoń: Całodobowa opieka w placówkach działających bez zezwolenia - nieskuteczny nadzór wojewodów (24-hour Care in Centres Providing Services Without Permission - Insufficient Supervision of Regional authorities), “Kontrola Państwowa” No 3/2020.

[51] E.g. NIK miażdży Ministerstwo Rodziny, Pracy i Polityki Społecznej (NIK Crushes the Ministry of Family, Labour and Social Policy), “Fakt”, 23.04.2020; A. Kołodziej: Przez lata nikogo nie obchodziło, co dzieje się w domach opieki nad starymi i schorowanymi ludźmi (For Years Nobody Has Cared of What Happens in Care Centres for Old and Sick people), www.spidersweb.pl, 24.04.2020; G. Pilecki: 200 nielegalnych domów opieki w Polsce (200 Illegal Care Centres in Poland), “Życie Kalisza”, 29.04.2020; M. Kocejko: Prawa człowieka mieszkańców DPS to zapomniana sprawa (Human Rights in Social Care Centres is a Forgotten Thing); www.publicystyka.ngo.pl, 26.05.2020; P Wójcik: Państwo nie opiekuńcze (State), “Przewodnik Katolicki”, 28.06.2020; K. Uliczny: Uwaga! Seniorzy pod nielegalną opieką (Caution! Seniors Taken Care of Illegally), “Dziennik Bałtycki”, 3.08.2020.

[52] J. Mazur: Investigations..., p. 47.

[53] Having published the article on investigations, I received comments, which I really appreciate. They were very helpful and have been considered when I worked on this article.

[54] See e.g. J. Mazur: Kontrola jakości postępowania kontrolnego w Europejskim Trybunale Obrachunkowym (Quality Control at the European Court of Auditors), “Kontrola Państwowa” No 6/2001; J. Mazur: Kontrola jakości postępowania kontrolnego w Narodowym Urzędzie Kontroli Wielkiej Brytanii (w zakresie kontroli finansowej) (Quality Control of the Audit Process at the National Audit Office of the United Kingdom (with Regard to Financial Audit), “Kontrola Państwowa” No 5/2003; J. Mazur: Mechanizmy zapewnienia jakości w postępowaniu kontrolnym Najwyższej Izby Kontroli (Quality Assurance Mechanisms in the Audit Process of the Supreme Audit Office) [in:] “Gdańskie Studia Prawnicze”, Vol. XII Miscellanea konstytucyjnoprawne, 2004.

[55] On the basis of the presentation of the National Audit Office of the United Kingdom at the EUROSAI seminar, held on 14-15 November 2018 in London and at EUROSAI webinars organised on 6 July 2020 and 8 December 2020 by the Netherlands Court of Audit. See also: L. Summerfield: NAOInvestigates, 7 July 2017; https://www.nao.org.Uk/naoblog/nao-investigates/#more-1832 (accessed 18.10.2020).

[56] Public Audit..., pp. 30, 86, 140, 224.

[57] J. Mazur: Investigations..., pp. 12-13.

[58] Article 7 (16) of the Government Accounts Act 2016; https://english.rekenkamer.nl/about-the-netherlands-court-of-audit/publications/publications/2018/01/01/government-accounts-act-2016, accessed 2021-02-27)

[59] In accordance with Article 27 of the Act on NIK (see footnote 38) “Audit procedure is conducted in accordance with the provisions of this Act”.

[60] Zakon c. 166/1993 Sb., o Nejvyssim kontrolnim uradu (https://www.nku.cz/assets/nezarazene/zakon-166-1993-web.pdf; accessed 2021-02-27).

[61] A. Demir [in:] Heuer/Scheller, Kommentar zum Haushaltsrecht und der Vorschriften zur Finanzkontrolle, 74. Lfg., 2020, § 114 BHO Rn. 8; Germany: Bundesrechnungshof. Real-time audits, „EUROSAI Innovations”, Vol. III, April 2015, p. 11; https://www.eurosai.org/handle404?exporturi=/export/sites/eurosai/.content/documents/strategic-plan/goal-team-1/Eurosai-Innovations-III_en.pdf (accessed 17.02.2021).

[62] The National Audit Office’s five-year strategy 2020 to 2025, pp. 11, 19; https://www.nao.org.uk/wp-content/uploads/2020/05/nao-strategy-2020-25.pdf (accessed 12.02.2021).

[63] Strategy of NIK - first in 18 years, 16.10.2020; https://www.nik.gov.pl/en/news/the-strategy-of-nik-first-in-18-years.html (accessed 7.04.2021).

[64] INTOSAI P-12..., p. 8.

[65] J. Mazur: Kontroler i Audytor Generalny Wielkiej Brytanii (Comptroller and Auditor General of the United Kingdom), “Kontrola Państwowa” No 1/1995, pp. 162-167; J. Mazur: Opozycja parlamentarna a najwyższy organ kontroli (Parliamentary Opposition and Supreme Audit Institution) [in:] Ustrój polityczny RP w nowej konstytucji z 2 kwietnia 1997 r. (Political System of Poland in the New Constitution of 2 April 1997), Lublin 1998, pp. 259-262.

[66] INTOSAI P-12..., pp. 12-14.

[67] Output of the first EUROSAI Project Group on the introduction of reactive and rapid audit reporting. Using facts-only reports to assist public accountability, 5.03.2019; https://www.eurosai.org/en/calendar-and-news/news/News-Strategic-Goal-1-Output-of-Investigations-seminar-published-00001/ (accessed 18.02.2021).

[68] Workshop 11 Reactive and Rapid Auditing; https://www.eurosai2021.cz/workshop11.html (accessed 18.02.2021).

[69] For more information on investigations at the UK NAO you can visit https://www.nao.org.uk/about-us/our-work/investigations/ (accessed 7.04.2021).

[70] For more information on focus audits at the Netherlands Court of Audit you can visit https://english.rekenkamer.nl/about-the-netherlands-court-of-audit/what-we-do/innovation-in-audit/focus-investigations (accessed 7.04.2021).

[71] INTOSAI P-12..., p. 8.

[72] J. Mazur: Investigations..., p. 43.

[73] J. Mazur: New Trends....

[74] They can be sent to: kpred@nik.gov.pl.

Bibliography

1. P. Banaś, J. Mazur: Peer Review of the Supreme Audit Office of the Slovak Republic: Reflections of Peer Review Team Members, “International Journal of Government Auditing”, Washing­ton, October 2011.
2. A. Demir [in:] Heuer/Scheller, Kommentar zum Haushaltsrecht und der Vorschriften zur Finanzkontrolle, 74. Lfg., 2020, § 114 BHO Rn. 8.
3. Germany: Bundesrechnungshof. Real-time audits, “EUROSAI Innovations”, Vol. III, April 2015.
4. INTOSAI P-12 The Value and Benefits of Supreme Audit Institutions - making a difference to the lives of citizens, INTOSAI, 2019.
5. ISSAI100 Fundamental Principles of Public Sector Auditing, INTOSAI, 2019.
6. J. Jagielski: Kontrola administracji publicznej (Auditing of Public Administration), Warszawa 2006.
7. E. Jarzęcka-Siwik, M. Proksa: Przygotowanie i przeprowadzanie kontroli doraźnych przez NIK (Preparing and Conducting Ad Hoc Audits by NIK), “Kontrola Państwowa” No 5/2016.
8. Public Audit in the European Union, European Court of Auditors, Luxembourg 2019.
9. J. Mazur: Kontroler i Audytor Generalny Wielkiej Brytanii (Comptroller and Auditor General of the United Kingdom), “Kontrola Państwowa” No 1/1995.
10. J. Mazur: Urząd Kontroli Państwowej Danii (National Audit Office of Denmark), “Kontrola Państwowa” No 3/1998.
11. J. Mazur: Opozycja parlamentarna a najwyższy organ kontroli (Parliamentary Opposition and Supreme Audit Institution) [in:] Ustrój polityczny RP w nowej konstytucji z 2 kwietnia 1997 r. (Political System of Poland in the New Constitution of 2 April 1997), Lublin 1998.
12. J. Mazur: Audyt wykonania budżetu państwa przez najwyższe organy kontroli w niektórych krajach (State Budget Execution Audit by Supreme Audit Institutions in Selected Countries), “Kontrola Państwowa” No 4/2002.
13. J. Mazur: Kontrola jakości postępowania kontrolnego w Narodowym Urzędzie Kontroli Wielkiej Brytanii (w zakresie kontroli finansowej) (Quality Control of the Audit Process at the National Audit Office of the United Kingdom (with Regard to Financial Audit), “Kontrola Państwowa” No 5/2003.
14. J. Mazur: The Polish Supreme Chamber of Control in comparison with Supreme Audit Insti­tutions of other countries, “Iyunim. Studies in State Audit”, Jerusalem, Volume 61, 2007.
15. J. Mazur: New Trends in the Works of Supreme Audit Institutions, “Kontrola Państwowa” No 3/2020.
16. J. Mazur: Investigations of the UK NAO, “Kontrola Państwowa” No 6/2020.
17. M. Miłoń: Całodobowa opieka w placówkach działających bez zezwolenia - nieskuteczny nadzór wojewodów (24-hour Care in Centres Providing Services Without Permission - Insufficient Supervision of Regional Authorities), “Kontrola Państwowa” No 3/2020.
18. Najwyższa Izba Kontroli i prawne aspekty funkcjonowania kontroli państwowej (Supreme Audit Office and Legal Aspects of Public Auditing), ed. E. Jarzęcka-Siwik, Warszawa 2018.
19. State Audit in the European Union, UK National Audit Office, London 2005.
20. L. Summerfield: NAO Investigates, 7 July 2017; https://www.nao.org.uk/naoblog/nao-investigates/ (accessed 18.10.2020).