Risk-oriented planning internal state financial control. Comparative analysis of foreign experience of risk-oriented regulation of external governmental audit in the financial and budgetary sphere. Financial control: methodology and

MINISTRY OF FINANCE OF THE RUSSIAN FEDERATION

(MINISTRY OF FINANCE OF RUSSIA)

_____________ №______________

On approval of the standard for the implementation of internal state financial control

"OS 1. Standard for planning control activities of the Federal Treasury (taking into account the application of a risk-based approach to planning)"

In accordance with paragraph 3 of Article 269.2 of the Budget Code Russian Federation(Collection, 1998, No. 31, Art. 3823; 2013, No. 31, Art. 4191; 2016, No. 1 (Part I), Art. 26; 2016, No. 27 (Part II), Art. 4278) subparagraph 5.2. 30 of clause 5.2. Regulations on the Ministry of Finance of the Russian Federation, approved by Decree of the Government of the Russian Federation dated 01.01.01, No. 000 (Collected Legislation of the Russian Federation, 2004, No. 31, Art. 3258; 2013, No. 36, Art. 4578), s in a yu:

1. To approve the standard for the implementation of internal state financial control "OSGVFK 1. Standard for planning control activities of the Federal Treasury (taking into account the application of a risk-based approach to planning)".

2. This order comes into force on ______ 2017.

Approved by

by order of the Ministry of Finance

Russian Federation

dated "___" __________ 201_ No. _____

State Internal Financial Control Standard

"OS 1. Standard for planning control activities of the Federal Treasury (taking into account the application of a risk-based approach to planning, assessing the risks of violations by objects of control)"

I. General Provisions

The general standard for the implementation of internal state financial control of OS 1 "Standard for planning control activities of the Federal Treasury (taking into account the application of a risk-based approach to planning, assessing the risks of violations by objects of control)" was developed in order to increase the efficiency of federal budget expenditures, which is one of the priority areas activities of the Government of the Russian Federation, taking into account the best international and domestic practice.This Standard is applied taking into account other general and special standards and (or) other documents regulating the exercise of certain control powers of the Federal Treasury in terms of planning the activities of the Federal Treasury. The purpose of this Standard is to establish general principles, rules, requirements and procedures for planning control measures of the Federal Treasury, taking into account a risk-based approach, as well as accounting for unscheduled control measures. The objectives of this Standard are: defining goals, objectives and planning principles; establishment of the procedure for planning control activities; establishing the procedure for adjusting and monitoring the implementation of plans for control measures; requirements for the procedure for accounting for unscheduled control measures. The standard is applied by the Federal Treasury body in the exercise of powers for internal state financial control, including: control over compliance with the budgetary legislation of the Russian Federation and other normative, governing; control over the completeness and reliability of reporting on the implementation of government programs, including reporting on the execution of government assignments. The Standard does not apply in the exercise of other powers of the Federal Treasury, not specified in clause 5. By decision of the Federal Treasury, the Standard may be applied in the exercise of other powers. If there are contradictions in the planning of control activities in the text of this Standard and the documents (standards) regulating the implementation of the powers specified in clause 5, the priority is to use this Standard. Control activities are subdivided into planned and unscheduled ones and are carried out through planned and unscheduled control activities. Planned control measures are carried out in accordance with the plan of control measures of the Federal Treasury. Unscheduled control activities are carried out on the basis of the decision of the head (deputy head) of the Federal Treasury (its territorial, body), adopted by:

in case of receipt of applications (instructions) from the President of the Russian Federation, the Administration of the President of the Russian Federation, the Government of the Russian Federation, the Office of the Government of the Russian Federation, the Minister of Finance of the Russian Federation, the Investigative Committee of the Russian Federation, other state and municipal bodies, deputy inquiries, applications from citizens and organizations;

in case of receipt by an official of the Federal Treasury (its territorial body) in the course of execution job responsibilities information on violations of legislative and other acts on issues related to the scope of the Federal Treasury, including from;

in the cases stipulated by the legislation of the Russian Federation (including in the cases provided for by clauses 38, 47 and 67 of the Rules for the exercise by the Federal Treasury of powers to control the financial and budgetary sphere ").

II. Terms and Definitions

The following terms are used in this Standard with the meanings specified.

Control activities - an organizational form of implementation of control activities.

An identical control measure in relation to an object of control is understood to mean a control measure in relation to the same subject of control, subject of control, and the period being checked.

For the purposes of this Standard, the following definition of risk is used: probability of damage.

In this case, damage is understood as additional costs, federal budget, autonomous institutions that have been carried out or need to be carried out as a result of violation of the conditions of the document admitted by the object of control, which is the legal basis for the occurrence and implementation of expenses, the provision of funds from the budget, the allocation of budget funds, a state contract; and (or) budget expenditures that must be carried out to restore (acquire) the lost (damaged) state property; and (or) federal budget revenues to be received in the event that the object of control does not commit (prevent) violations.

Mandatory requirements - conditions, restrictions, prohibitions, obligations imposed on the activities of the objects of control, the performance of actions by them, the results of the performance of activities or the performance of actions, their use in the implementation of these activities, established in order to protect legally protected values by international treaties of the Russian Federation, acts of bodies Of the Eurasian Economic Union, federal laws and other regulatory legal acts of the Russian Federation, laws and other regulatory legal acts of the constituent entities of the Russian Federation, municipal regulatory legal acts. Strength mandatory requirements also have documents that are not regulatory legal acts (for example, documents developed by the objects of control themselves, as well as by organizations), if the obligation to comply with the provisions of these documents is provided for by the legislation of the Russian Federation.

Risk-oriented approach is a method of organizing and implementing state financial control, in which, in the provided cases, the choice of the intensity (form, duration, frequency) of control measures is determined by assigning the activity of the controlled object and (or) to a certain risk category or a certain class (category) danger.

Risk classifier is a form of recording information about the identified risk. A document containing a coded list of possible risks of carrying out activities by objects of control, which is the subject of control of the internal state financial control body.

Risk map is a document that includes an object-by-object calculation of the total potential risk in order to form a risk rating of objects of control, which is a source of information for the preparation of a draft plan of control measures of the Federal Treasury.

Risk rating of objects of control - a list of objects of control, sorted by the numerical values of the total risk of objects of control in accordance with the procedure established by this standard, and which is a source of information for the preparation of a draft plan of control measures of the Federal Treasury.

Planning of control activities based on a risk-based approach is the process of selecting objects of control depending on the degree of risk of damage caused by objects in order to be included in the plan of control measures of the Federal Treasury for the corresponding financial year.

The plan of control measures of the Federal Treasury (hereinafter referred to as the Plan) is a document establishing a list of control measures planned for implementation.

III. Unified procedure for planning control activities of the Federal Treasury, taking into account the risk-based approach

The planning of the control activities of the Federal Treasury, taking into account the risk-based approach, is carried out in order to effectively implement the relevant control powers. The use of a risk-based approach when planning control activities, depending on the degree of risk of damage caused by objects of control (hereinafter referred to as risk), should significantly increase the efficiency of spending resources for the functioning of the Federal Treasury by concentrating efforts on the most significant areas, as well as optimize the load on the objects of control. The planning tasks are: optimization of the control load on the objects of control, the implementation of which is associated with a high probability of causing significant damage (risk-oriented approach); optimization of resources allocated for the implementation of the control activities of the Federal Treasury, by increasing the efficiency of their spending; minimization of damage, including to state property, caused by objects of control; improvement of performance indicators (including financial and economic) of objects of control. The planning of control activities is based on a risk-based approach, taking into account the following principles:

interconnection of strategic, medium-term1, annual and current planning (current planning means semi-annual, quarterly, monthly planning, if any);

In early March, in a message to the Federal Assembly, Vladimir Putin said that the system of control and supervision should be transferred to a risk-based approach within two years. At the moment, the reform of control and supervisory activities is underway, it was approved in December 2016, the implementation period is until 2025.

What is this risk-based approach? We will tell you in the new text of Milknews under the headings “In Simple Words”.

The risk-based approach is used in control and supervisory activities and involves a reduction in the number of state inspections in areas where the risk of violations is less. Thus, he should reduce the administrative burden on bona fide enterprises.

The essence of a risk-based approach in any area is to reduce risks: control in high-risk areas is increasing, and in safer areas it is reduced or absent. This allows you to take the necessary measures in time where necessary and significantly save resources. Thus, resources are unevenly distributed, depending on the risk, and this affects both the frequency and the depth of checks.

How does it work now?

At the moment, the risk-based approach is manifested in the fact that for a small company, the supervisor may limit itself to the simplest risk assessment procedure, while for large institutions a more comprehensive due diligence will be applied.

The very approach to risk management originally appeared in the financial sector, the activities of whose participants involve significant risks - banks, insurers, investment funds seek to manage them in order to set prices for their services. Loan rates, the cost of securities and the amount of insurance premiums directly depend on the risks that the company assumes.

Due to the initial similarity of the work of the risk management departments in financial companies and internal control services, the risk-oriented approach was first introduced into the traditional audit, and then into other types of control and supervision, including the state one.

At the same time, the system was simplified - if the financial sector uses economic and mathematical models for calculating risks with an accuracy of tenths of a percent, then in other areas it is enough to divide risks into hazard groups, which we see now in the activities of control agencies.

Where is it written?

The application of the approach to the organization of state control is enshrined in Article 8.1 of the Federal Law of December 26, 2008 No. 294-FZ "On the Protection of the Rights of Legal Entities and Individual Entrepreneurs in the Exercise of State Control (Supervision) and Municipal Control".

Its main goal is the optimal use of labor, material and financial resources in the implementation of state control, reducing costs for those who are controlled and increasing the effectiveness of inspections.

To implement the approach in state supervision, the following classification of hazard levels is used:

short,
moderate,
average,
significant,
high,
extremely high.

This is a basic model, departments can "adjust" it for themselves, modifying it. The assignment to a particular category of risks depends on the likelihood of negative consequences, the scale of their spread, as well as the difficulty of resolving them. If an object is classified as an extremely high, high and significant hazard class, the state control body posts information about it on the website - this is how the promised principle of openness is manifested, which excludes "custom" checks.

How is the approach changing the way departments work?
Rosselkhoznadzor

In the activities of Rosselkhoznadzor, a risk-oriented approach is used in state land control, quarantine phytosanitary control, as well as in veterinary supervision and veterinary control at the border.

In his report, the Deputy Head Federal Service on veterinary and phytosanitary supervision Nikolai Vlasov notes that the department was preparing for the reform and as early as 2007 asked the question of optimizing control and supervision activities, but could not avoid difficulties during the transition.

The first problem the criteria for assessing risk became: it was not clear in which case to apply random inspection, and in which to carry out total control.
The second problem access to data on organizations became available - before the reform there was no system for registering enterprises as a property complex, there was only a system for registering enterprises as subjects economic activity... In this regard, the supervisory authority had a problem when a large agricultural holding with many sites (each of which has separate control methods) had one TIN, and it was difficult to control the types of activities in the register.

Since September 2017, a risk-oriented approach has been used when checking legal entities and individual entrepreneurs in relation to agricultural land, criteria for classifying objects of state supervision as a certain risk category, the frequency of scheduled inspections depending on the assigned category, are established for them. Three risk categories have been introduced: medium, moderate and low.

In a relationship land plots classified as medium risk category, the frequency of scheduled inspections is established no more than once every three years. The frequency of scheduled inspections for land plots of the moderate risk category is no more than once every five years, and for plots classified as low risk, scheduled inspections are not carried out.
In 2017, the Rosselkhoznadzor developed the above criteria, approved them, and also prepared a justification for categorizing objects in accordance with the basic model for determining the criteria and risk categories.

To develop the application of a risk-based approach in the field of land supervision, Rosselkhoznadzor is finalizing the Cerberus information system for creating and maintaining registers of supervised objects. This year, scheduled inspections of legal entities and individual entrepreneurs have already been formed taking into account the risk criteria.
Also, the department uses the form of a checklist - a list control questions presented to the checked. On their basis, a legal entity or individual entrepreneur can independently, even before checking, assess the compliance of the object to the hazard class.

The specified form of the checklist was approved by order of the Rosselkhoznadzor dated September 18, 2017 No. 908 "On approval of the form of the checklist (list of checklists) used by officials territorial bodies Federal Service for Veterinary and Phytosanitary Surveillance during routine inspections as part of state land supervision ", the order entered into force in December 2017. From that moment, the Rosselkhoznadzor and its territorial departments apply checklists in all scheduled inspections.

Rospotrebnadzor

Rospotrebnadzor was one of the first federal executive bodies in 2014 to start implementing risk-based supervision. The number of inspections carried out by Rospotrebnadzor from 2008 to 2015 decreased by 4 times: from more than 1 million inspections to 265 thousand (the number of scheduled inspections decreased by 7.5 times, unscheduled - by 2.2 times).
The draft of the corresponding government decree was published on the Single portal for posting draft laws and regulations.
In respect of the auditees, the risk calculation takes into account:

hygienic significance,
obedience to the law (number of violations detected),
the population under the influence
volumes of products or services provided, etc.

The detection of a large number of offenses automatically increases the hazard class of the supervised object, i.e. the level of danger depends not only on meeting the criteria.

if the indicator of the potential risk of causing harm in property terms is more than 10 million rubles, then the organization or individual entrepreneur will have an extremely high risk;
if the indicator of the potential risk of harm is from 1 million rubles. up to 10 million rubles - high risk;
from 100 thousand rubles up to 1 million rubles. - significant risk
from 10 thousand rubles up to 100 thousand rubles - average risk;
from 1 thousand rubles up to 10 thousand rubles. - moderate risk;
less than 1 thousand rubles - low risk.

Scheduled inspections in relation to legal entities and individual entrepreneurs will be carried out depending on the risk category assigned to their activities with the following frequency:

for the category extremely high risk- once a calendar year;
for high risk - once every 2 years;
for significant risk - once every 3 years;
for medium risk - no more than once every 4 years;
for moderate risk - no more than once every 6 years.

Regarding the low-risk category, Rospotrebnadzor does not conduct scheduled inspections.

How does it work in the world?

The basic concept of EPR implementation in other countries of the world is no different. At the initial stage, a regulatory framework and supervision tools are developed, the development stage involves strategic planning and risk-oriented documents for all industries, and the implementation stage implies regular updating of the regulatory framework and assessment of results.

Frequent problems faced by the EU countries in the transition to a risk-based approach were the insufficiently developed regulatory framework and the simultaneous use of old and new regulatory documents, as well as an unclear strategy and non-risk-oriented planning.

The main idea of risk-oriented regulation is that it is impossible to regulate and control everything efficiently, full control is not economically feasible.

In accordance with the American pyramid of law enforcement practice, control over the fulfillment of mandatory requirements should take place as follows: upon the first violation, the enterprise is issued a warning, a time frame is set for correcting the situation, and a second check is made. In the second case, a penalty is imposed if the violation has not been eliminated. In the event of a subsequent violation, a temporary suspension of activities is carried out, and then the facility or enterprise is closed.

Denmark

Using the example of Denmark, the expert of the International Finance Corporation (IFC) Gordana Ristic explained that in order to find the source of problems in the control and supervisory activities of the market food products a farm-to-counter traceability chain is used, and if problems are identified at one point in the chain, enforcement agencies should contact the responsible party for verification.

Control is also carried out in 5 groups of danger, but in Denmark there are also so-called. elite groups - the standard frequency of inspections is 0.5 per year (i.e. every 2 years), and if no penalties were provided for in the last 4 reports with the results of inspections, the company receives elite status and the number of inspections relative to it is reduced (from 5 up to 3 in the highest risk group and from 3 to 1 in the highest). In addition, it is a welcome bonus for the company that it can use its elite status icon in marketing, for example, in advertising or labeling.

In November 2017, the World Bank held a workshop on a risk-based approach, during the workshop, Professor Gordana Ristic presented a report on risk indicators for sanitary and epidemiological surveillance.

First of all, the effectiveness depends on the correct analysis of real threats arising at the checked objects. For example, food production should have different levels of risk depending on the processing methods of the products and the potential hazard to the consumer.

“Two identical businesses will have different risks due to different products. Fresh milk is more dangerous than pasteurized milk, ”said Ristic.

According to international practice, administrative measures applied by supervisory authorities should be a flexible instrument of influence. Enterprises should be given a certain time to eliminate violations and only then, in case of further non-compliance with requirements, be punished.

The expert also pointed out the importance of training inspectors. According to Ristic, “a modern inspector must know about good practices, skills, technologies. During the audit, he must evaluate both the infrastructure and the processes. ”

Regarding checklists, the expert emphasized that checklists should be a convenient tool for identifying risks, and not just copying legal norms. The way in the enterprise processes are carried out is more important than a formal assessment of the infrastructure.

In general, in the practice of introducing EPR in the EU, they came to the conclusion that inspection control can stimulate companies, or it can produce the opposite effect - prolonged and frequent inspections in order to issue a fine cannot improve the results of the company's activities.

Evaluations

On the whole, of course, from the outside, the reform looks like a positive change, making life easier for business. Deputy Minister of Economic Development, one of the initiators of the transition to ROP Savva Shipov said at the Russian Economic Forum that the decision to conduct an inspection should not be made by a specific inspector, but based on the degree of risk, Shipov explained.

"For example, there is a complaint about some violations. It is necessary to assess what requirements are violated, how much the violation poses a danger - causing harm to life, health, property, how much you can trust the source of information, and so on. Therefore, we believe that unscheduled inspections gradually should switch to a risk-based approach, and if the indicators trigger that the risk is really high, then the check is carried out, if not, then the check is not needed, "Shipov said.

However, representatives of business and consumer societies have received different reactions to the reform.

Dmitry Yanin, Chairman of the Board of the International Confederation of Consumer Societies (ConfOP), in a conversation with Milknews, criticized the ongoing reform and linked the changes to the reluctance to finance control bodies.

“In my opinion, the CPV reform was initiated out of despair. This is due to the reluctance of the state to fund effective supervision, the reluctance to provide compensation packages to supervisors, salaries and social guarantees checking.

The initiators of the reform proceed from the fact that, in their opinion, any inspector is a bribe-taker and corrupt official, and an inspector cannot honestly work for 25-30 thousand rubles. Therefore, instead of initiating an increase in the level of salaries for employees and monitoring the adequacy of spending by departments, we have been implementing a strategy to complicate the activities of control and supervisory bodies for more than 10 years.

The main document - the law on the control of legal entities in the implementation of the CPV - actually reduced the effectiveness of control and supervisory measures. We have not found a practice in any EU country when an organization is warned about an unscheduled inspection 24 hours in advance - there are no such restrictions anywhere, because after a warning it is ineffective to send government officials for inspection. Officials-reformers, who initiated together with big business and supervisory authorities, are quite loyal to the scanty fines for deceiving consumers and counterfeiting, we do not have very high fines for violations of the requirements of technical regulations. Therefore, the trend continues, the quality and number of oversight agencies will decline, and business will continue to write the rules of the game, based on the conditions "do not interfere with doing what you want."

I am calm about other changes, such as ranking and cosmetic changes in legislation, the key problem is underfunding and low fines, problems in legislation, the inability of consumers to defend their interests en masse through the courts (for example, in the USA there are class actions filed by consumer societies , in some countries, the supervisory authorities can go to court for not only withdrawing products from the shelves, but also from the entire market, including the payment of compensation) ".

Vladislav Korochkin, First Vice President of OPORA RUSSIA, told Milknews that business is absolutely positive about the reform and “participates in it in the most direct way”. According to Korochkin, the advantages are the restructuring of the relationship between enterprises (and all, not only business) with an outdated paradigm, largely imposed by external agents, into a modern, more effective and less burdensome one for both the state and society. The downside is that the reform is not progressing as quickly as necessary.

“Those 2-3% additional GDP growth, which, according to estimates, could give new system, the country is still losing. How much will the transition to a risk-based approach make life easier for entrepreneurs? Very seriously. This is both a reduction in the number of expensive scheduled inspections, and getting rid of many "exotic" and paradoxical mandatory requirements, which, apart from doubts about the adequacy of the state representatives presenting them, did nothing, ”Korochkin said.

When asked whether a significant decrease in the number of inspections is not the government's unwillingness to fund supervision, the expert explained that effective control can (and should) be built, generally dispensing with scheduled inspections by government agencies. “The best world practices clearly show this. All the more so today, when there are thousands of ways to ensure control using a variety of technical devices. In addition, there is the practice of insurance and the work of Self-Regulatory Organizations. Quite positive. "

Since the end of the last century, most of the developed countries of the world are in the process of permanently searching for new forms and methods of effective state financial control that can ensure the achievement of an optimal balance between the state, society and market forces using state budget funds and state property. Therefore, the methods of exercising control over the activities of public sector bodies are constantly being improved on the way of their development.

The main trend for further improvement of the system of external state financial control and, in particular, the system of auditing the efficiency of the use of public resources in most developed countries in recent years has been the use of a system of risk-oriented regulation of performance audit in the financial and budgetary sphere. The essence of the risk-based approach to planning the activities of external state financial control bodies is to determine the directions of spending public funds, in which the probability of encountering violations of the budgetary and financial sphere is the highest.

In the context of the impossibility of conducting inspections of the activities of all ministries and departments, the need to audit the most "vulnerable" objects of control becomes especially urgent. At the same time, a lot of questions arise before the inspection staff of the control body. For example, how to prioritize control objects? What sources of information to take as a basis? How to analyze the received data?

Planning a performance audit based on a risk-based approach is a multi-layered process of answering the above questions, involving a series of interrelated actions. These actions are regulated by standards and methods approved in various countries 1

1 Comparative analysis criteria for similar methodologies in different countries will be control activities covering the fundamental principles, rules and approaches to the implementation of risk-based planning performance audit, as well as procedures for collecting, analyzing and processing information.

In particular, these methods provide for priority criteria that must be taken into account when determining the priority of objects of control for the next period. These criteria include:

the presence of changes in legislative acts affecting the activities of objects of control or the budgetary process;
changes in priorities public policy influencing the activities of the objects of control (for example, the approval of new target programs, changes in the composition and requirements for the exercise of state powers);
taking into account the complexity of the organizational and functional structure of a particular object of control, the presence of a network of subordinate institutions;
functioning in the considered object of an effective system of internal financial control (this takes into account not only the delineation of the control functions of personnel, determination of responsibility for non-performance (poor-quality performance) of their functions, but even the experience and duration of work of the heads of departments responsible for internal financial control);
the fact that the control object had detected violations, court cases and proceedings in the previous reporting periods;
the presence of a change in the control object of the level of current and future needs in human, material and technical and financial resources, revealed as a result general analysis activities of public authorities.

The collection of the necessary information for the preparation of the activity plan of the external state financial control body in accordance with the risk-oriented approach is carried out primarily on the basis of information provided directly by the audited bodies and objects of control. Further, the emphasis shifts to information provided by representatives of the legislative authorities, people filling managerial positions in related departments, well-known business representatives, scientists and representatives of non-governmental organizations and organizations protecting the environment. An integral part of collecting information from all of the above sources is its verification with the main official statistics.

table "l

Country (methodology of external governmental audit based on risk-based regulation)	External state financial control body	Sectoral, legal, organizational and functional and other factors affecting the priority of the inspected objects of control in the risk-based approach of the external state audit of efficiency in the financial and budgetary sphere
	External state financial control body	the presence of changes in legislative acts regulating the activities of objects of control or process	features of the state policy, providing impact on the activities of objects of control 1	complexity functional structure of the object control	functioning of an effective system of internal financial control in the object in question	the presence of violations, court cases and proceedings in past periods	prospective needs for human, material, technical and financial resources	subordinate institutions	indicators

	Office of the Audit General

Great Britain

Comparative analysis of criteria for performance audit methods based on risk-based planning in different _countries_

Cour des Comptes

r and Auditor- General

As a result, at the stage of planning the directions of control activities, the external state financial control body conducts research work aimed at identifying the most problematic subordinate institutions that should become the object of control in the first place. Thus, at the stage of preliminary control, not only risks are identified, but also the prompt prevention of inappropriate or ineffective spending of state funds; the possibility of overestimating the cost of the estimated costs is excluded; the justification for budgeted expenditures is increased; there is an increase in the quality and (or) quantity of planned goods (works, services) (without attracting additional funding); alternative options for the implementation of the planned event are considered. As a result, even before the official adoption of financial obligations by the government body, the justification and efficiency of state budget expenditures are significantly increased, as well as an optimal legal regime for the implementation of the measure is achieved.

A comparative analysis of the models of risk-based regulation of external government audit in the financial and budgetary spheres of the countries considered above shows that, despite the difference in the wording of the approaches applied to the implementation of risk-based audit regulation, as well as the shift in emphasis in the implementation of this regulation in favor of one or another approach or method, the risk-based planning of control activities in each of the countries represented is based on a set of similar techniques: a risk assessment method, an audit judgment model, a logical approach (Table 3).

Table 3

Comparative characteristics of approaches to the implementation of risk-oriented regulation of external government audit in the financial and budgetary spheres of different countries

A risk assessment method is a technique or a set of techniques for performing various operations in the risk assessment process. Using the methods of risk assessment, the bodies authorized to carry out external state financial control in the analyzed countries identify risk factors, identify the reasons for its origin, subject to a detailed analysis of the potential consequences of the occurrence of possible risks. All risks in the framework of external governmental audit in these countries are considered according to two key criteria - the likelihood of occurrence and the degree of impact, while using a combination of quantitative and qualitative assessment methods (Figure 2).

A qualitative risk assessment implies activities aimed at detecting certain types of risk, identifying factors and causes that cause their occurrence. The use of the method of qualitative risk assessment by the inspecting staff of the control bodies as part of the risk-based approach to the implementation of governmental audit is envisaged in the case when it is not possible to quantify the relevant risks, or if obtaining and analyzing such information is associated with high costs.

One of the most common methods used for qualitative risk assessment is matrix representation or risk mapping. The advantages of this method include the simplicity and clarity of its use, as well as the possibility of obtaining a holistic picture of the problem areas of the object of verification and the consequences of the possible development of problems in these areas. Each risk is subject to personal identification, within the framework of which the likelihood of its occurrence and materiality are determined, that is, the amount of likely damage to the state budget in the event of the occurrence of this risk. Information on all risks is grouped in a matrix that clearly demonstrates the proportion of any individual risk that is taken into account when planning the activities of external governmental audit bodies (Figure 3).

The numerical values of this matrix reflect the risks, divided into five categories according to such criteria as probability and materiality, where each combination of materiality and probability corresponds to a certain type of risk. This grouping makes it possible to prioritize risks relative to each other. The black scalloped line shown in the figure represents the critical threshold of risk tolerance. All risks ranked above this threshold are considered “intolerable”.

Rice. 3.

The level of significance of risk manifestations is calculated as the product of the average rating estimates of the probability of occurrence of a particular event and the significance of its occurrence. At the same time, when determining the level of significance of risk manifestations (within the framework of a qualitative risk assessment), the concept of mathematical expectation, which is also widely used in the framework of quantitative risk assessment, can be used.

The risk quantification process is carried out in accordance with the results obtained from the previous risk analysis. Determination of a quantitative assessment includes the calculation of the probabilistic impact of risk and the degree of its impact on the indicators of financial and economic activities of the subordinate object of control.

It is generally accepted that the process of carrying out a quantitative risk assessment is associated with more labor costs than any other type of assessment, and assumes the use of mathematical models as its main toolkit.

In a generalized form, the methodology for quantitative risk assessment in the framework of the external governmental audit of the considered foreign countries can be classified into three groups:

1) The method of comparison with the benchmark consists in comparing the actual or predicted values of the parameters with the planned values to establish the facts of deviations from the acceptable level.
2) The method of using “improbable” models assumes the presence of subjective assumptions in the assessment of risk manifestations and takes as a basis the processes of factor analysis and content analysis of risk.
3) Methods of using probabilistic models make it possible to assess risk events and their impact, taking into account a wide range of data (including past periods) and modeling the results of the future development of the situation. Within this group, the economic and statistical method, simulation modeling, and the assessment of risk phenomena are actively used. independent experts, methodology for calculating the acceptable audit risk.

The most widely used method of comparison with the standard, characterized by the relative simplicity of its application. This method involves the calculation of the numerical values of the parameters characterizing the impact of risk manifestations on the activities of the subordinate object of control.

The algorithm for calculating and assessing risks in accordance with this method provides for determining the difference between the planned (officially approved) and predicted (or actual) values of the parameters:

A R = Ril - Rpr,

where Reel is the planned (approved) value of the parameter (excluding the negative impact of the potential risk); Рпр - predicted (taking into account the corresponding risk) value of the parameter.

Thus, at the stage of collecting data for risk-oriented planning of the activities of external governmental audit bodies, the facts of all kinds of deviations are established, which are subsequently used to substantiate the conclusions.

In the framework of the above calculations, a risk coefficient is used, reflecting the proportional ratio of deviations of parameters, both upward and downward from the foreseen level: Risk coefficient = M- / M +

where М- (+) - predicted values of parameters, less or, conversely, exceeding the planned values.

As part of the collection of preliminary information about the object of control, the inspecting staff of external state control bodies, based on the use of this coefficient, is able to get an idea of the effectiveness of the functioning of the internal control system.

Factor analysis is used to assess, at the preliminary stage, the state of affairs at the object of inspection, as well as to make a forecast of the possible degree of audit risk. It is based on the analysis and assessment of the parameters of risk factors, which makes it possible to identify the areas most vulnerable to the emergence of risk, that is, to determine the main foci of the emergence of risks, to assess the degree of their impact and materiality in a given situation.

The content analysis method is based on the calculation of parameters that contain not only the scenario consequences of an offensive, but also the likelihood of risk factors. The essence of this method is the calculation of the potential risk occurrence and the determination of the probable damage provoked by a specific risk. Within the framework of this approach the concept of probability is used to determine the frequency of occurrence of individual events and is calculated as an empirical scale of the probability of risk factors.

The economic-statistical method aims to calculate the probability of the occurrence of a risk event based on statistical indicators such as: coefficient of variation, average expected value (mathematical expectation), variance, standard deviation.

The simulation method involves projecting a situation that actually developed at a given moment in time into a virtual model, which allows you to visually demonstrate various scenarios of the development of events based on the specified parameters. It should be noted that the use of this method is impossible without the use of specialized computer programs(for example, Monte Carlo, Pertmaster Risk), which makes this approach to risk assessment one of the most complex and costly.

Methods peer review risks are based on the involvement of independent third-party experts to obtain information and conclusions related to risks. These methods are universal in nature, since they can be used both within the framework of quantitative and qualitative assessment of risk factors, and also do not depend on the actual availability of the initial information data. A significant disadvantage of this method is the possibility of distorting the accuracy of the results and conclusions due to the fact that the assessment of risk factors is based on the approach of subjective opinion.

As part of the external governmental audit, the method for assessing the permissible audit risk is also used, according to which the level of this risk is determined by the following formula:

where DAR - Desired Audit Risk, 1R - Inherent Risk, DR - Detection Risk.

When using this method, the risk is perceived as a combination of 2 risk factors:

the factor of the existence of significant inaccuracies in the reporting of the object of control;
the factor of possible non-detection of the above-mentioned inaccuracies of reporting by the inspection staff and the formation of incorrect conclusions of the auditor in this regard.

The use of the methodology of the theory of risk management allows, in full, in relation to objects subordinated to the external governmental audit bodies, to identify the most urgent risks, to make a qualitative and quantitative assessment of the materiality of certain risks, as well as the likelihood of their occurrence, on the basis of a qualitative and quantitative assessment, to rank probable risks. risks, building a priority list for the development of a future control plan based on a risk-based approach.

The risk assessment of the object of control has a direct impact on the frequency of its inspection: a higher risk assessment value corresponds to a high frequency of inspections.

When forming a plan for the control activities of the body carrying out external state audit in the countries under consideration, the following calculation algorithm is used:

Control objects to be included in the control activity plan = B + CP / 2 + N / 3,

where B - objects of control with a high degree of risk, СР - objects of control with a medium degree of risk, H - objects of control with a low degree of risk.

In accordance with this algorithm, all objects of control are classified into three groups: high, medium and low risk. According to the classification results, all objects of the first group (high degree of risk), 50% of objects of control of the second group (medium degree of risk) and 30% of objects of the third group (low degree of risk) will be included in the plan of control activities of the external governmental audit body. In other words, the objects of the first group are subject to a mandatory annual audit, the objects of the second group are subject to external audit every two years, for objects from the third group, the frequency of an external audit is once every three years.

The algorithm for assessing risks as part of the formation of a plan for control activities of external governmental audit bodies of the analyzed foreign countries can be presented in general view in the following diagram (Figure 4 1).

Rice. 4.

The audit judgment model is a symbiosis of audit risk, professional qualities and the experience of the auditor and the actual results of the audits. As part of data collection, the conclusion about the reliability of a single parameter when using this model is influenced by:

1) A priori assessment of the inspection staff of the possible value of the parameter, expressed as a probability density (based on the experience and knowledge of the inspection staff and their experience in assessing similar situations in the past).
2) Checking the population.
3) Comparison of the test results with the results of the a priori estimate and the calculation of "posterior probabilities". This model can be presented graphically in Figure 5 1, where k * is the value of the reporting indicator that was checked by auditors (for example, the initial cost of fixed assets, the cost of purchases made during the reporting period, etc.), L1 is the materiality interval for the reporting indicator; f (p) is the subjective probability distribution function.

The space below the curved line represents the auditor's judgment about the variety of all values possible for the reporting indicator. The shaded area in the figure represents the potential for material misstatement in the reporting data.

Rice. five.

The estimates of this model can represent the distribution of both discrete and continuous random variables. Among the advantages of this approach, it is worth noting the simplicity of calculations and the possibility of promptly matching the test results with a priori probabilities and the calculation of a posteriori probabilities. The weaknesses of this model include the possible mixing of subjective (psychological) probabilities with statistical details, as well as the mandatory formation of the corresponding function, which can present certain difficulties in a number of situations.

The advantages of the process of drawing up a plan for the control activities of external governmental audit based on a risk-based approach become more obvious if we pay attention to the disadvantages of the absence of such a process:

a) In a non-statistical study, the evidence-gathering algorithm does not provide an opportunity to build a clear, logically complete sequence. That is, there is no basis for understanding the applied processes.
b) The lack of a clear representation of the relationship between data and judgments lures the auditor into the status quo trap, depriving the possibility of both prompt changes and adequate defense of their findings (for example, in court).
c) The algorithm for collecting factual data when conducting non-statistical research does not imply the formation of ideas about optimal amount collected information and the mechanism of their interpretation, therefore, such an approach will inevitably lead to disorganized use of resources (some objects or industries of control will be subject to excessive attention from external governmental audit bodies, others, on the contrary, will remain untested). Even assuming that the inspection team and the auditor take into account this information, they do not have sufficient justification that there is no wasteful use of resources.

The essence of the logical approach within the framework of the implementation of risk-based regulation of external government audit is that it can be used to determine the likelihood of distortion of events after control measures:

(1-B1) (1-B2) + (1-B1) B2 (1-B4) + B1 (1-B3) (1-B5),

where В1 is the probability that the obtained data are reliable initially, that is, before the implementation of the control measure;

B2 - the probability that during the control event the presence of a distortion will be established;

ВЗ - the probability that after the control measure the existing distortion will not be found;

В4 - the probability that the identified distortion will be corrected during the control event;

В5 - the probability that in the event of a conclusion about a non-existent distortion, an error in the control measure will be revealed.

The use of such an approach allows you to analyze the potential for error by the inspection staff as part of an external government audit (at which facility / area and what errors may be made during data processing). The logical approach probability tree is shown in Figure 6-1.

In addition to the above methods of risk analysis, scientists have developed other methods of visualization and quantitative assessment of risk factors, which were highly appreciated by the external financial control bodies of the developed countries under consideration.

Previously, attempts to produce adequate analytical tools for assessing the risk factors of subordinate objects of control ended in failures due to the extreme complexity of processes and systems in the economy, a very contradictory and heterogeneous nature of relations and dependencies of economic objects.

Rice. 6.

In the process of assessing the risk factors of subordinate objects of control as constituent element system of economic relations, it is necessary to carry out a comprehensive assessment of the risk factors of management bodies and processes as a unified cybernetic system.

A similar approach is used by the Accounts Chambers of developed countries for socio-economic "diagnostics" through the Data Envelopment Analysis (DEA) methodology, which personifies the result of the work of a number of scientists in the framework of interdisciplinary research of the last two decades in the field of economics, system analysis and operations research. The basis of the DEA methodology is the fundamental provisions of mathematical economics, such as economic models by D. von Neumann, the theory of production functions, V. Leontiev's production models, and V. Pareto's optimality principles.

Rice. 7.

The essence of the DEA approach is to study the set of input and output parameters of the subordinate object of control during its functioning in the surrounding economic environment. The mathematical expression of the essence of the DEA approach is reflected in the solution of a large family of optimization problems. Within the framework of solving these problems, objects of control act as a set of agents that overprocess state resources in some kind of result or social effect.

The subordinate object of control at the input has a set of parametric data (including the results of financial and performance audits), and at the output - parameters characterizing the assessment of the inherent risk factors of the subordinate object (Figure 7). An obvious advantage of this technique is the interconnection of a large number of heterogeneous factors within the framework of the analysis of a separate system or a number of systems, which makes it possible to significantly increase the efficiency of assessing the risks of an object's functioning.

The described method allows one to assess the quantitative measure, dynamics and tendencies of the emergence and development of risks of functioning of objects of control, visualizing the multidimensional econometric space (using the construction of two-dimensional and three-dimensional sections).

Figure 8 shows a cross-section of the derivative of the risk function of the subordinate control object in a model with one input and one output parameter.

Rice. eight.

The dotted set, reflected in Figure 8, of the subordinate object of control is very informative, since it forms an idea of the relative risk factors of the object. The degree of risk is characterized by the location of the point of the analyzed object of control relative to the boundary of the set:

if the point is on the border of the function (points (XI, Yl), (X2, Y2), (X3, Y3), (X4, Y4)), then the probability of risks of the controlled object tends to one hundred percent;
if the point is inside the set (point (X5, Y5)), then the degree of risk is characterized by the distance from the function boundary - the smaller this distance, the higher the risk.

The DEA approach makes it possible to determine a quantitative measure of the risk factors of an object, makes it possible to determine the ways best optimization risk manifestations, identify the stability zones of the subordinate object, analyze the trends and dynamics of changes in the state of affairs of the object as a system. Such advantages of this approach make it possible to more reasonably develop and implement strategies for the implementation of external government audit.

Summing up, it should be noted that at the stage of developing a plan for the implementation of control activities by the external governmental audit bodies of the considered foreign countries, a kind of research work to identify subordinate institutions with a high degree of presence of risk factors, followed by ranking the level of risks of these institutions to form a list of priorities for the implementation of control activities. Within the framework of this study, not only the facts of the presence of risks are established, but also there is a passing suppression of inappropriate or ineffective use public funds; suppression of the overestimation of the cost of expected costs and their additional justification; without the use of additional financial resources of the state, the quality and (or) the number of provided services (goods, works) is improved; an analysis of alternative scenarios for the implementation of measures carried out to achieve the goals of functioning of the subordinate objects of control is carried out.

As a consequence, the above advantages of a risk-based approach to the implementation of external governmental audit allow us to conclude that it is consistent with all modern requirements a well-oiled, efficient system of state financial control and allow us to conclude that such an approach is largely promoted to the effective and sustainable development of a state with high rates of economic growth.

Priority directions social policy, changes in the composition and requirements for the implementation of state. powers, approval of new targeted programs, etc.
At the same time, the procedure for delineating the control functions of the personnel of the object of inspection, determining responsibility for non-fulfillment (poor-quality performance) of their functions, the presence of a legal service (lawyer) in the structure of the organization is also assessed; even the experience and duration of work of the heads of the relevant departments. Compiled by the author
Compiled by the author
Compiled by the author
Compiled by the author
Compiled by the author

control and audit indicates insufficient methodological ... ... connection with which the article discusses topical issues of the organization risk-oriented internal financial control and directions ... ... Risk-oriented VFK # 304873_300_d # Interior financial the control is a management tool that allows you to quickly ... ... the control ny actions. Table 2. Risk-oriented planning internal financial control Budget operation ...

About draft standards internal financial control

Public comment in progress. Their application in the implementation internal state (municipal) financial control scheduled from January 1, 2020. Currently... ... control... The Ministry of Finance has prepared two drafts of such standards: - " Planning the control the activity of the body internal state ... ... part 1 of Art. 265 BC RF state (municipal) financial the control will be carried out in order to ensure compliance with the provisions ... ... of the financial and budgetary sphere, minimization of budgetary and property risk and ensuring quality improvement financial object disciplines ...

Features of implementation internal financial control and audit

Continuously circulating within one or another financial systems, as well as associated with ... ... (redistribution), use, accounting and the control undoubtedly play a crucial role ... ... the management functions of the state: goal-setting, planning, organizing, encouraging ... ... to protect his interests. State system control and, accordingly, the classification ... ... of government. The control reduces risk and Federal Law No. 252-FZ affected ... ... the departmental control(a-udita) in part internal financial control(audit) ....

Current issues of implementation internal state financial control, internal financial control and audit

The seminar is devoted to the study of issues of conducting internal state financial control, the priority of the preliminary control before the subsequent, organization and ... ... regional and municipal level: New approaches to implementation the control noisy activities; Risk- oriented planning; Risk- oriented approach to the classification of violations; Methods of conducting ... ... Monitoring and audit in the field of procurement; Public, departmental, state the control in the field of procurement; Justification of purchases for 2017; Rationing; Definition...

Interior fin the control created. It's about efficiency

To create and operate the system internal financial control and a lot has already been done in Moscow. But how ... ... superimposed 470 disciplinary action, 37 materials were sent to Chapters the control to bring violators to administrative responsibility .... ... authorities internal control and is to shoot risk and that the head of the executive authority can ... ... the deputy head of the Chief the control I.E. Zaiko's management, planning- this is only the first stage of implementation internal ...

WFC and interior the control facts of economic life: similarities and differences

Subjects. By virtue of budgetary legislation and by virtue of accounting legislation, they must carry out two types internal control - interior financial the control and interior the control facts of economic life. How much are these two species (two varieties) internal control intersect ... ... the control environment, the composition of the elements of which corresponds to international standards internal control... Approaches to working with risk amy. Let's note two very important differences. 1 In the rules for the implementation of the WFC, an emphasis is placed on working with risk after implementation ...

Quality monitoring financial management and planning the control Noah activity

Can quality monitoring financial management to be a useful tool when planning events internal and external financial control? Read the answer to this question in Dmitry Andreevich's article ... ... (drafting a budget, budget execution, accounting and reporting, the control and audit). Based on the results of this analysis and assessment by the Ministry of Finance ... ... covering all stages of the budget process: medium-term financial planning; budget execution in terms of expenses; budget execution ... ... federal budget expenditures in the current financial year as well risk and the appearance of cash gaps in the current financial year in ...

"Fin the control" for financial controllers

About the organization internal state financial control in the capital, new methods and forms of its implementation to the journal ... ... and to identify objects the control risk ov. The main thing the control riskthe control planning

Implementation challenges internal financial audit

The article presents the conclusions made by the State Service financial control Of the Republic of Dagestan based on the analysis of the execution of the powers of the main administrators of budgetary funds to implement internal financial audit. The article presents the findings ... ... of ethical norms and anti-corruption legislation. Substandard planning- poor quality performance In addition common mistakes drawing up ... ... noteworthy is the formal approach to analysis and evaluation risk as well as linking the planned audit procedures to the assessment ...

Financial the control : methodology and automation

New powers need to develop a methodology control budget legislation, monitoring methodology ... ... (procedures). It is advisable to lay in the basis of the system internal G (M) FC a set of tools that provide ... ... the body and other authorities: the control but countable, financial, treasury, law enforcement, etc. ... ... advanced development - the software complex "Fin the control-SMART ". Qualification of violations Classification issue ... ... the entire list of conducted the control activities. Risk-oriented planning According to Rosfinnadzor, the share of successful ...

Unified information space of the system financial control

State (municipal) system financial control in the near future will receive a good incentive for ... ... a specialized solution - software package"Fin the control-SMART ". Unified standards and classifiers ... ... reporting and performance monitoring control. Planning the control work The most important innovation of the planning stage is the introduction into practice of the fixed normative legal acts risk-oriented approach in the formation of the annual ... ... it is necessary to coordinate planning work of organs internal and external control in relation to some and ...

Get away from the total control

About the organization internal state financial control in the capital, new methods and forms of its implementation told ... ... and identify objects the control activities using analysis risk ov. The main thing the control the new administration of Moscow is already applying risk-oriented ... ... based on a system of selection of the most problematic indicators under the control spheres. Our experts have identified indicators that ... ...? - First of all, these are, of course, indicators that characterize planning and budget execution, receivables and payables, ...

Financial management: increasing the efficiency of budget expenditures

The article discusses the issues of harmonization financial management in the public sector with ... ... the results of the execution of budgetary powers (budget risk s). Quality monitoring financial management ... ... budget reporting, asset management, implementation internal financial control and internal financial audit. In fact ... ... It is necessary to understand the difference between processes such as the control , audit and monitoring, in terms of their results, ... .... Weight after 2014 1. Medium-term financial planning- 1. Medium-term financial planning ...

Society was invited to discuss financial control standards

Reporting in government and municipal institutions, government agencies, local governments and extra-budgetary funds; - the control in the field of procurement. Also, the draft standard defines the norms by which officials financial control authorities must be guided by ... ... ethical and professional. The purpose of the second standard is to establish basic planning rules the control Noah organ activity internal financial control. Planning the control activities are supposed to be carried out using risk-oriented approach to focus efforts on the most significant areas and to minimize the control load ...

New approaches to the implementation of control activities

Destinations the control activity outlined the building of the system risk-oriented work planning the control authorities, ... ... matters requiring special attention. State service financial control Samara region (hereinafter - the Service, the control) is a structure aimed specifically at implementation risk-oriented approach in the implementation of preliminary and subsequent internal financial control and control in the field of procurement. Innovativeness ... ... unjustified funding has more serious reasons. For example, planning works using expensive materials with ...

Relevance and prospects of the draft law on the foundations of state and municipal control(supervision)

Notes that the process of reforming the system control and supervision goes with a creak, his instructions ... ... article 4 of the bill, which is called “ The control for the activities of bodies of state ... ... functions through the organization and implementation internal control, departmental control... ... implementation rules the control noisy activities. Risk-oriented execution - what is it? ... ... within the state (municipal) financial control(hereinafter - G (M) FC). Employees ... ... should be conducted on a planned basis, and planning should be carried out annually ....

Risk-oriented planning the control Noah activity

Olga Aleksandrovna MIKHEEVA, Head of the State Service financial control Samara region: in connection with the reform of the state system and ... ... improving the quality financial control... One such method is risk-oriented planning, used in the Samara region since mid-2012 ... ... changes State-owned companies disclose information on salaries Internal factors in the economy influenced the results of the year Salary growth ... ... recommendations and elimination results risk s, and the service carries out the control behind this process. In addition, the efficiency the control Noah...

Risk-oriented planning and a system of preliminary control

Indicate the gradual transition of the system of planning measures for control and oversight to risk-oriented approach based on focusing attention on objects of increased risk but. Planning based on the assessment risk ov is an innovation laid down ... ... such a system risk ov can be based on the calculation risk under the control object by assigning them different categories (levels) ... ... of the State Civil Code as a body authorized at the same time to implement internal state financial control, control constituent entity of the Russian Federation in the field of implementation ...

Risk-oriented approach in the activities of Glavkontrol

... the control nogo administration of the city of Moscow took part in round table"Practice of application risk-oriented planning approach control in the field of procurement ", which was held within the framework of the All-Russian forum-exhibition" State order ... ... presented the topic " Risk-oriented planning approach control in the procurement of bodies internal financial control". She talked about how ratings are compiled for customers ... ... business indicators, analytical indicators), settlement management, risk-monitoring, analytics and planning checks. Ksenia Rodionova made a generalization on the topic “Application of tools ...

The foundation must be reliable

Features of implementation the control finance the city of Moscow. Kristina Alekseevna TITOVA, Deputy Head of Department internal control Department finance of the city of Moscow The article presents ... ... the use of state resources. In addition, external and interior the control combine uniform methodological techniques for its implementation. ... ... a list has been developed and approved, in which all risk Intensive operations in the implementation of budgetary procedures and identified ... ... budget allocation, compliance with the norms labor legislation and etc. Planning the control activities in the Department finance carried out ...