HOW TO IMPLEMENT ISSAI 30
(INTOSAI CODE OF ETHICS)
Guidance for
Supreme
Audit
Institutions
EUROSAI
May 2017
www.eurosai-tfae.tcontas.pt
Foreword
Supreme Audit Institutions’ work aims at promoting good governance in the public sector,
thus contributing to reinforce stakeholders’ trust.
In order to effectively hold governments and public bodies accountable for a good use of
public resources, a Supreme Audit Institution (SAI) must conduct all its activities in
accordance with the fundamental principles of independence, transparency, ethics, quality
and accountability. An independent and professional SAI lives the principles that it expects
from the audited public sector entities, leading by example.
In this context, enhancing the ethical framework of SAIs is crucial for them to pursue their
role in an effective manner. This is stressed in the main INTOSAI principles and standards,
such as ISSAI 12. It is now also clearly highlighted in the recently revised ISSAI 30, endorsed by
the INCOSAI 2016 at Abu Dhabi. The implementation of the revised INTOSAI Code of Ethics is
now a significant challenge for SAIs.
EUROSAI established the
Task Force on Audit & Ethics (TFA&E) as an instrument to, among
other aspects, support European SAIs in promoting the relevance of ethical conduct.
In the period 2012-2014, in this specific area, the Task Force surveyed SAIs about their
practices in managing ethics, analysed those practices against standards and OECD
recommendations and published the paper ”
Supporting SAIs to enhance their ethical
infrastructure” –Parts I and II. During 2014-2017, to implement the goal “
Promote ethics as
a pillar of Supreme Audit Institutions”, the TFA&E participated very actively in the review of
ISSAI 30 and presents now this document, meant as guidance for SAIs on how to implement
the revised INTOSAI Code of Ethics.
The guidance now offered incorporates and completes the information included in the
previous TFA&E paper, in the light of the revised ISSAI 30 and considering the needs of SAIs,
as expressed in the comments to the respective exposure draft. It is meant as an open
document that can be further enriched with the ideas, experiences and lessons learned by
SAIs as they implement the revised standard.
The Task Force expects the information provided in this respect to be of use and interest to
SAIs, particularly when considered in the context of enhancements intended in their
respective ethical framework and management capabilities.
I deeply thank all the members of the Task Force for their kind contributions to enrich this
document and particularly to the European Court of Auditors for coordinating the project to
prepare it.
By delivering this guidance for Supreme Audit Institutions, we trust that the TFA&E strived to
its purpose to be useful and innovative. We very much hope it will add value to SAIs and their
leadership and staff and, consequently, to the citizens they serve.
May 2017
Vítor Caldeira
Chair of the EUROSAI Task Force on Audit & Ethics
President of
Tribunal de Contas (Portugal)
1
Table of Contents
Introduction
Section A: Approach to implement the ethics control system
Section B: Alternatives and good practices to implement the components of the
ethics control system
Code of ethics
Leadership
Ethics guidance
- Raising awareness and training on ethics
- Counselling
- Ethical dilemmas
Ethics management
- HR management : Recruitment
- HR management : Professional Development
- Balancing Confidentiality and Transparency
Ethics monitoring and control
- Conflicts of interests
- Rotation policies
- Political neutrality
- Gifts and hospitality
- Whistleblowing policies
- Ethics monitoring tools
Annex 1: Good practice references
Annex 2: Ethics Leadership: set the tone for action
Annex 3: Examples of ethical dilemmas: what should you do?
Annex 4: Model to address ethical dilemmas
Annex 5: Examples of conflicts of interests
Annex 6: Checklist for gifts and hospitality
3
INTRODUCTION
Lead by example SAIs are expected to make a difference to the lives of citizens. To do so, they
need to act as model organisations and lead by example. They should
respect the fundamental principles relating to ethics, like ensuring
appropriate transparency and accountability, providing good governance
and complying with the INTOSAI Code of Ethics1 .
The INTOSAI Code of Ethics (ISSAI 30) provides SAIs and the staff working for
them with a set of values and principles on which to base ethical behaviour.
SAIs and SAIs’ staff’s decisions should be driven by five fundamental ethical
Ethical values
values2:
Integrity: To act honestly, reliably, in good faith and in the public interest;
Independence and objectivity: To be free from circumstances or influences
that compromise, or may be seen as compromising, professional judgement,
and to act in an impartial and unbiased manner;
Competence: To acquire and maintain knowledge and skills appropriate for
the role, and to act in accordance with applicable standards, and with due
care;
Professional behaviour: To comply with applicable laws, regulations and
conventions, and to avoid any conduct that may discredit the SAI;
Confidentiality and transparency: To appropriately protect information,
balancing this with the need for transparency and accountability.
ISSAI 30, as revised in 2016, challenges SAIs for a new ethical approach:
Institutional
perspective
The Code has now an
institutional perspective: it is intended, not
only for auditors, but instead, for all who work for, or on behalf of, a
SAI; this includes all categories of staff and all managers.
The Code of Ethics specifically addresses the
responsibilities of SAIs
in promoting and safeguarding ethics and ethical values.
It is to be applied to all the existing models of SAIs - Legislative
(Parliamentary), Jurisdictional (Court), or any other model (e.g.
hybrid), whether the SAI is governed by a single Head or by a
decision making body (e.g. a board or judges)3.
It differentiates between
requirements, that SAIs and staff must
1 ISSAI-12
2 ISSAI-30, 9
3SAI-PMF, 3.3
5
comply with, and
application guidance, meant as advice to
implementation
Overall
ISSAI 30 establishes
Overall Responsibilities of SAIs to implement ethics in
their institutions4. These responsibilities are:
responsibilities
of SAIs
Adopting and implementing a code of ethics and making it public
Emphasising the importance of ethics and promoting an ethical
culture
Setting the tone at the top by the actions and example of the SAI’s
leadership
Requiring the engagement of staff and external providers in ethical
conduct and providing them guidance and support
Implementing an ethics control system
Solving conflicts between ethical requirements
Practical
This document intends to provide practical guidelines for SAI to implement
guidelines
ISSAI 30, including some practical tools that they can use.
Section A proposes an approach to implementing an ethics control system.
Section B identifies the main ethical issues a SAI usually faces regarding each
of the components of the ethics control system and focuses on concrete
alternatives and good practices available to deal with them; this section is
not exhaustive and must be completed and updated regularly on the basis of
References,
the SAI’s practical experience in implementing ISSAI 30.
examples and
tools
Annex-1 lists references to good practices identified in the different areas
Annex-2 lists important attitudes and initiatives of ethics leadership
Annex-3 lists ethical dilemmas that staff may face and that should be
discussed
Annex-4 includes a decision model to help individuals addressing ethical
dilemmas
Annex-5 lists examples of conflicts of interests
Annex-6 includes a self-assessment checklist concerning gifts and hospitality
4 ISSAI-30, 12
6
SECTION A:
APPROACH TO IMPLEMENT THE ETHICS
CONTROL SYSTEM
One of the main requirements of ISSAI 30 for
SAIs is that, to promote and
Ethics Control
safeguard ethics, they
should implement an ethics control system.
System
The ethics control system is the one that includes appropriate specific
strategies, policies and procedures to guide, manage and control ethical
behaviour5.
This requirement recognises that achieving a change in behaviour and
building a culture of integrity needs constant and not ad hoc efforts and
requires a comprehensive approach that combines several tools and
measures, management processes and integrity actors into a coherent
system. Establishing an organisational policy on integrity is a powerful
instrument to set up that coherent system and at the same time it is the
visible expression of an integrity culture (which spends time and resources in
making ethics a priority) and one of the important contributes to ethical
behaviour.
This type of system can be built up separately or can be included within the
SAI’s overall internal control system. Ultimately, it must address three main
requisites:
It needs to include specific strategies, policies and procedures
applicable to ethics
It must address all the main components: guidance, management
and monitoring
It should be well integrated into the governance of the SAI.
The
main components of the ethics control system are6:
Components of
Code of ethics
the ethics
Leadership and tone at the top
control system
Ethics guidance
Ethics management
Ethics monitoring
Ethics
guidance is provided by statements of values and standards of
behaviour, such as codes of conduct, strong commitment from leadership
5ISSAI-30, 13.
6 ISSAI-30,14
7
and professional socialisation activities such as education, training and
counselling.
Ethics
management includes policies and practices that create conditions to
ensure fair and impartial selection, promotion and remuneration and
contribute to social respect.
Ethics
monitoring and control is ensured through an effective legal
framework that sets basic standards of behaviour, effective accountability
mechanisms, such as internal control and external audit, enforcement
procedures and transparency mechanisms providing access to public
information, facilitating public involvement and scrutiny.
The TFA&E paper ”
Supporting SAIs to enhance their ethical infrastructure” –
Parts I and II and Section B and Annexes of this guideline provide several
examples of policies and practices that SAIs can adopt regarding each one of
these components.
As for now, we would like to identify some key principles that SAIs should
keep in mind when designing their own ethics control system.
In setting up the ethics control system,
the SAI must consider, first of all
, its
culture and its legal and social systems7.
Put ethics in
There are different definitions and approaches to ethics depending on moral
context: set a
values and legal frameworks. The starting point for developing an ethical
common
framework is to obtain a
clear and common understanding of what ethics
understanding
means within the SAI. This implies that the SAI should put ethics in its own
context, taking into account cultural practices and national legislation, which
might differ from country to country. This context approach will also have to
include the SAI’s own environment, mission and values, and identify
references within its legal framework and audit standards.
Particular attention needs to be placed on setting
a clear distinction
between ethical and legal obligations, as this will have an impact on the
approach to be followed when enforcing ethical behaviour (normative,
prescriptive, guidance, soft-law, etc.).
It is essential to
identify the risks involved with potential failures in the
ethics control system and the necessary measures to be taken to mitigate
them. Moreover, potential problems and dilemmas should be anticipated on
the basis of ‘real life’ examples within the organisation in order to avoid
abstractness. It is the responsibility of the SAI’s leadership and management
to ensure that the SAI’s context is thoroughly scrutinized to set a common
understanding and definition of ethics within the institution.
7ISSAI-30, 16.
8
Secondly,
the SAI must proceed in an inclusive manner8.
Participative
approach
Ethics depend ultimately on the individual behaviour of the SAI’s leaders and
staff; it is therefore important to involve all of them, from the very
beginning, in the process of setting up an ethics control system.
This will imply adopting a participative approach; for example, by launching
surveys, online consultations, organising focus and working groups, carrying
out an IntoSAINT workshop, etc.
To enforce ethical values, it is also essential to allow a flow of information
throughout the SAI; this could be achieved with a good communication
policy and by organising regular meetings with staff to discuss ethical issues.
Throughout this process, special attention must be paid to establishing an
open spirit in which free and constructive discussions can take place at all
levels.
Thirdly,
the SAI must act in a transparent manner9 and provide relevant
information on its ethical behaviour.
Act
A good practice is to set up a transparency portal on the internet and
transparently
intranet, ensuring a proper communication flow both internally and
externally. The portal should contain information on ethical behaviour (such
as declarations of financial interests and the external activities of
management, policies on gifts, methodologies and rules regarding the
recruitment of staff, information on salary schemes, contracts with external
providers, etc.). Furthermore, the portal should allow the sharing and
dissemination of the information it contains.
Lastly and most importantly, SAIs must design their ethics control system
based on an
overall strategy to address their specific vulnerabilities and
risks. Each SAI operates in a different environment and has a different
organisational culture and functioning. Each situation may require different
Design the
combinations of policies.
ethics control
system on the
A structured approach that may be used to design, assess or prepare an
basis of a well
organisational ethics policy is the self-assessment tool IntoSAINT, developed
prepared
by the Netherlands Court of Audit. This tool enables SAIs to assess their
organisational
vulnerability and resilience to integrity violations and results in
ethics strategy
recommendations on how to improve integrity management. These
recommendations may be the basis of an action plan to build a complete and
coherent organisational integrity policy.
8ISSAI-30, 17 and 70.a.
9SSAI-30, 17.
9
SECTION B:
ALTERNATIVES AND GOOD PRACTICES TO
IMPLEMENT THE COMPONENTS OF THE
ETHICS CONTROL SYSTEM
1.
CODE OF ETHICS10
The basic piece of the ethics control system is the code of ethics or/and
Code of ethics
conduct, including statements of values and standards of behaviour.
is a central
A code of ethics or/and conduct is a way of expressing the needed common
piece of the
understanding of what is expected. This code provides a vision, guides
ethics control
behaviour and promotes habits.
system
SAIs should have their own codes of ethics, based on ISSAI 30 requirements.
The TFA&E paper ”
Supporting SAIs to enhance their ethical infrastructure” –
Part II, includes a detailed chapter about codes of ethics and codes of
conduct. There, the TFA&E analyses the different types of codes that SAIs
can adopt, their functions and advantages.
As mentioned there, some SAIs have chosen short codes stating the main
ethical values and principles whereas other SAIs have approved very detailed
codes. Usual content includes:
Statements regarding the values and principles guiding conduct
Descriptions of the associated expected behaviours
Concrete examples of dilemmas and sensitive situations regarding,
among others, conflicts of interests, political neutrality, as well as
gifts and hospitality, and
Provisions for dealing with misconduct
There is no ideal mix between principle and detail in ethics codes and
standards of conduct. The mix is better determined by evaluating the social
context and depends on which function is chosen as predominant: inspiring,
guiding or regulating. Most codes combine elements of the several possible
approaches. Examples can be found in the TFA&E mentioned paper and in
Annex 1 to this document.
ISSAI 30 adopts an institutional approach, stating that the code is applicable
to all staff of the SAI, and not to a particular profession. It should also be
applicable to seconded staff and to all external experts or contractors
10 ISSAI-30, 12(a), 15-17
10
conducting audit work for the SAI.
The process of preparing the code is as important as the code itself. This
process should be inclusive (involving all levels of the organisation),
Preparing
transparent and ensure commitment and ownership. The above mentioned
TFA&E paper describes some experiences and interesting approaches to
adopt when designing and reviewing a code of ethics.
To be relevant, a code of ethics or conduct must be effectively
communicated to those to whom it is targeted to. Communication is a key
success factor during all the life of a code of ethics/conduct: during its
Communicating preparation, during its launching and during implementation and review.
Making the codes easily available is an important part of its communication
and implementation. A code of ethics is meant to ensure credibility of the
SAI and represents a commitment towards SAI’s stakeholders (notably the
Making it
public). ISSAI 20 and 30 require that this code is made public.
public
Committing to the code is also a powerful instrument to communicate it and
to keep it alive. The most common means used to do it are:
Signing declarations or making an oath taking notice of the Code of
Ethics when starting functions in the SAI
Committing
Reminders of ethical obligations on a regular basis (often annually)
Commitment for each audit assignment
Training is used almost by all SAIs to ensure the communication of codes,
thereby raising awareness on ethics and supplementing the guidance
provided in the corresponding documentation.
But most importantly,
having a code of ethics/conduct is not enough. There
A code is not
is no ethics control system without it but there is no ethics control system at
enough
all if there are no other policies to make sure the code is implemented.
2.
LEADERSHIP11
Leaders must provide the vision, inspiration and purpose to influence the
SAI’s staff to behave in an ethical manner.
Leadership is
key in building
They should be ready to engage in ethical issues and look after any related
an ethical
problems.
culture
Leaders should
set the tone by keeping the organisation’s ethical values and
the ethical conduct of staff and management as their key concern. This
should be done by their direct example, by the standards they demand from
Tone at the top
others and by the attention and resources they allocate to the subject.
11ISSAI-30, 18.
11
Ethical issues related to leaders must be displayed in a transparent manner
internally and externally. This includes, in particular, their salaries, privileges,
external activities and financial interests (as well as those of their spouses or
partners). It is a
good practice to make all these issues public in a
Transparency
transparency portal accessible via intranet and internet with regard to the
SAI’s leaders.
In respect of leaders, special mechanisms should be established to authorise
their external activities during and after their terms of office. To avoid any
kind of conflict of interest, conditions for authorising external activities
should be strict and should be made public.
Good practice includes, in
principle:
No conflicts of
No remuneration or payment of any kind (if remuneration or
interests
payment is allowed by the legislation, the rationale and amount
must be displayed transparently)
No area or matter that might conflict with their audit responsibilities
or damage the reputation of the SAI, and
No activities that might be detrimental to their ability to carry out
their function
Any authorisations in this connection should be granted by a
dedicate panel or committee.
Leaders and staff should participate in the ethical events and training
organised by the SAI.
Training
Specific training should also be delivered on the leadership role.
Good
practice includes ethics training on the leadership role involving practical
exercises (checklists, dilemmas, concrete experiences, etc.), a specific
module on ethics delivered to new leaders and a specific annual event
(conference, workshop…) for leaders on ethical matters.
Other leader initiatives to promote the ‘
Tone at the Top’, and place ethics on
the agenda of the SAI include:
Assigning responsibilities to ethics advisors;
Issuing messages relating to ethical issues on the relevant
knowledge-sharing platforms (the intranet, for example) whenever a
new dilemma or question arises;
Establishing measures to reward acknowledged ethical behaviour,
for instance through a prize, and the possibility of participating in
Reward and
ethics-related training, or even making a presentation in such an
enforce
event.
Taking firm corrective action when needed, always ensuring fair
hearing procedures
Special attention must also be paid to the `
Tone at the Middle’, that is, to the
12
behaviour and example given to staff by their closest managers.
Middle managers have a special responsibility to facilitate a good working
Tone at the
environment by fostering professional and personal cooperation.
middle
They must also be available to provide guidance and support on ethical
issues to the staff under their responsibility.
Annex 2 includes a list
of important attitudes and initiatives that leaders
should adopt to make sure ethics is a pillar in their institution, grouped in 5
main functions:
Ensuring a strategic approach to ethics
Leading by example
Managing ethically
Practising an open door policy
Enforcing as necessary
3.
ETHICS GUIDANCE12
Codes of ethics and Leadership are part of ethics guidance, referred
autonomously due to its key importance. Other policies for ethics guidance
are the professional socialisation activities such as education, training and
counselling.
Raising awareness and training on ethics
It is essential to raise awareness on ethical issues within the organisation. An
example of
good practice in awareness would be for SAIs to organise regular
events for all staff such as:
Organising
ethics events
Conferences
Seminars
Talks and/or other activities related to ethics, such as team building
exercises, “quizzes”, integrity weeks/ or days, etc
In organising these events, it is important to ensure that lessons are learnt
and best practices are identified from other experiences. To this end, it is
important to:
Identifying best
Keep in mind the need to introduce real tangible examples in order
practices
to avoid abstraction and prevent an “ethics fatigue” effect
Focus on identifying best practices first in your own SAI, then in
other SAIs and in the audit environment
12ISSAI-30, 19-20
13
Find other sources of best practices in civil society (research, law,
military, sports, medicine, media, etc.), public or private
organisations that deal with ethical issues (national parliaments,
NGOs like Transparency International, etc.).
Examples of
good practice also include the dissemination of information via
Use intranet
the SAI’s intranet site. Some SAIs have set up an “ethics corner”, bringing
together information on this issue; others regularly disseminate news
related to ethics to all staff.
Furthermore, it is a
good practice to establish connections with other non-
SAI organisations, allowing for the identification of other experiences in
terms of the methods used to raise awareness on ethics, like:
Contact and joint work with ethics, integrity and anticorruption
Learn from
agencies
others
Joint workshops and meetings
Reports and exchanges of information on resolving doubtful
situations, and
Fostering cooperation among NGOs and the public and private
sectors on ethics-related issues.
Knowledge-sharing is also a
good practice: auditors should be encouraged to
participate in external events, seminars and conferences regarding ethical
issues. Outside speakers might also be invited to talk to staff on ethics-
related issues.
Structured
training about ethics makes SAIs and their staff more able to
ascertain their integrity, identify risks and gain knowledge about how to
prevent unethical conduct.
Examples of
good practice in training include:
Training sessions or lectures for new employees
Training on
Training sessions or lectures for new leaders
ethics
Periodic cycles of training sessions for all employees
Seminars and/or workshops based on real-life situations
Compulsory training for all staff when there is a change in the ethical
framework (e.g. when a code of ethics is adopted or modified, when
new policies for gifts are introduced, etc.)
In these types of training, it is also
good practice to
:
Combine lectures on rules with interactive and tailor-made case
studies and workshops for training on values and ethical conduct in
risk situations. This approach should focus on reasoning from
principles, encouraging staff to ask ethics questions and managers to
include ethics in their daily work
Explore and discuss applicable ethical principles and expected
behaviour
14
Discuss examples of ethical dilemmas and ways to solve them.
A separate paper of the TFA&E refers to a model to organise training on
ethics.
Counselling13
Advice to staff
Staff of SAIs faces relevant integrity risks and strongly benefits from an
established advising function.
SAIs can support staff by assigning responsibilities to a dedicated person,
unit or committee to deal with ethical issues. The nomenclature employed
by the SAIs in this respect varies considerably, and includes the following:
Ethics Units
Ethics Committee
Ethics Commissioner
Ethics Director
Integrity Coordinator or Officer
Audit Counsellors or Advisers
Ethics Partners
These responsibilities can also be assigned to an ordinary unit of the SAI,
such as the Human Resources department, or may involve an external ethics
counsellor, who is not employed by the SAI.
Ethics
Ethics committees are composed of people who are recognised for their
Committee
ethical leadership and skills. It is
good practice to include in the committee
at least one external figure who is not employed by the SAI; this increases
independence and credibility.
Counselling may focus on advising staff on ethical dilemmas and difficulties.
It is important to keep in mind that, considering the nature of the possible
threats, it is often beneficial that the advice is provided by persons or units
different from the staff’s direct managers.
For this purpose, the ethical counsellors or advisors should be accessible to
all staff for consultation.
Good practice examples involve setting up a
Ethics advisors
network of ethical advisors (internal and/or external to the SAIs) which
cooperate in sharing experiences and identifying the best solutions for
addressing SAI-specific ethical issues. For networks of ethical advisers, it is
important to clearly define their role and offer adequate training on how to
act and provide advice to staff.
These persons, committees or units may also fulfil a guidance role by
13 ISSAI-30,20
15
providing advice to leaders on policies to enhance ethical culture and
Strategic advice
management. Examples are:
Ensuring the adequacy of policies and procedures relating to
integrity, objectivity and independence
Promoting the effectiveness of communication with senior
management and staff
Introducing preventive measures and facilitating solutions
In these cases, ethical committees should also regularly review the progress
made and identify future challenges and ways to address new risks.
Experience shows that, in some cases, these type of persons or units may
also have a control role.
Good practice examples include:
Control role
Ensuring compliance with ethical standards
Reporting cases of conflict of interest and violations of the ethical
rules; and
Receiving, investigating and keeping records of complaints.
In some situations, the committee deals with all ethical issues that the SAI
faces (including whistle-blowers, external and internal requests,
authorisation of activities, etc.) and also providie answers to ethical
dilemmas. SAIs should consider the potential disadvantages of concentrating
in the same unit the role of guiding and advising and the role of controlling
and investigating misconduct. Even apart from legal issues, this arrangement
may discourage individuals from seeking advice on doubtful situations.
Ethical dilemmas
Ethics guidance includes addressing ethical dilemmas14.
An ethical dilemma is a right-versus-right choice, a situation in which a
Ethical
member of staff faces a decision where two or more solutions are possible
dilemma: a
and legal. Different courses of action are possible and decisions will have
right-versus-
consequences.
right choice
Staff might also face situations where they still have doubts on the right
course of action; there may be a conflict with their own moral values or they
may have doubts or difficulties about the interpretation of the rule or
principle applicable to the individual case. In some cases, even if the law
rules the situation, there could be several interpretations on what is right or
wrong. One can even imagine some cases where what is legal is not
necessarily ethical.
Good practice examples for dealing with ethical dilemmas or similar
14 ISSAI-30, 19.
16
situations include:
Mentioning dilemmas in the code of conduct15; the dilemmas
mentioned will be examples of situations that can be encountered in
one’s daily work;
Producing a document describing a number of real-life situations
that staff, notably auditors, may face and providing concrete
guidance on the correct course of action for each situation;
Promote regular awareness and training on how to identify and
How to address
address ethical dilemmas.
ethical
A
good practice model for individuals to address ethical dilemmas should
dilemmas
include four main steps:
(i) Analyse the problem to assess whether it involves a right-versus-
right situation (a real dilemma) or a right-versus-wrong situation
(a compliance problem)
(ii) Evaluate the situation and provide a solution based on the values
at stake and assess the consequences
(iii) Check whether other persons involved (management,
colleagues) agree with the options identified, or see alternatives
(iv) Evaluate the real impact of the action taken and any feedback
Annex-3 list examples of common ethical dilemmas in a SAI, and
Annex-4 contains a model for individuals to address ethical dilemmas.
4.
ETHICS MANAGEMENT16
Ethics
management includes policies and practices that create conditions to
ensure fair and impartial selection, promotion and remuneration and
contribute to social respect. In fact, incorporating ethics in daily
management is essential to reinforce values.
Including an ethical approach in the Human Resources (HR) management is
key to promote ethical behaviour of staff, auditors in particular, and to
safeguard the reputation of the SAI. To this end, a commitment to ethical
values and principles should be criteria in all HR policies and procedures:
recruitment, performance appraisal, and professional and career
development.
15 ISSAI-30, 16.
16 ISSAI-30,21
17
HR management : Recruitment
As in any other domain of the public sector, but with a particular emphasis in
Assess ethical
the external audit area, recruitment for SAIs should be based on the
perspective of
principles of openness, publicity, equality and merit. Ethical behaviour
candidates
should be considered when recruiting auditors and staff.
Good practice
examples to apply in the recruitment process include:
Assessing candidates’ reactions to ethical dilemmas during
examinations and interviews
Conducting psychological tests and examinations
Undertaking background checks following security clearance
procedures.
HR management : Professional Development
Professional development and career progression should also be based on
the principles of equality and merit, with consideration to demonstrated
ethical behaviour.
Include ethical
Good practice incorporates ethical criteria into the annual performance
criteria in
appraisal and into the promotion choices, considering, for example, the
appraisal and
following:
promotion
Sense of responsibility
Integrity and professional conduct
Personal qualities
Conduct on and off duty, including professional ethics
Commitment to the institution and integrity
Active support for corporate policies; and
Demonstration of positive professional behaviour
Equal
opportunities
Another example of
good practice is to introduce positive measures for
promoting equal opportunities, including gender and disabilities’ issues.
Reward and recognition policies may also be applied through ethics related
Reward
awards and prizes.
Balancing Confidentiality and Transparency
The revised ISSAI 30 introduces an innovation in what regards the traditional
approach to confidentiality, as an ethical value applicable to audit and SAIs.
Recognising the specificity of public sector audit, more and more influenced
18
by the principles and expectations of transparency and public scrutiny,
INTOSAI expressly states the need to balance the confidentiality of audit-
Find the right
related information with the imperative of transparency and accountability
balance
of SAIs towards their stakeholders, especially the public, and with the
possible legal obligations of communicating specific information to
authorities. Legal rights of media, lawyers and other professionals may also
be at stake.
This mainly means that, now, and in ethical and practical terms, auditors and
other staff need specific direction from the SAI as to know which information
they should consider as confidential and which one they can or should
disclose and to whom.
This is an issue where national differences may be quite significant and
where SAIs have the duty to provide guidance to staff.
A
good practice is to issue a communication policy, and corresponding rules,
including guidance on:
Which information needs to be considered confidential, and for how
long
Guidance on
Which information can be disclosed and at what stage
confidentiality
Who, in the SAI, can provide information to whom
and disclosure
Which procedures should be followed in each situation
of information
Desirably, this communication policy should be made public, so that
stakeholders, citizens and auditees know what to expect and how to
proceed.
5.
ETHICS MONITORING AND CONTROL17
Ethics
monitoring and control is ensured through an effective legal
framework that sets basic standards of behaviour, effective accountability
mechanisms, such as internal control and external audit, enforcement
procedures and transparency mechanisms providing access to public
information, facilitating public involvement and scrutiny.
Identify risks of
Ethics management and monitoring starts by identifying the specific
unethical
vulnerabilities of the SAI’s activity, organisation and culture and the
behaviour and
consequent risks of unethical conduct and applying the appropriate policies
appropriate
and safeguards18. An IntoSAINT workshop could be an adequate tool to make
safeguards
this mapping in such a way that the concrete context and features of each
17 ISSAI-30,22
18 ISSAI-30, 28-29
19
SAI are considered and addressed.
However, in general, there are some common risks related to the SAI’s
typical audit activity, such as those arising from conflicts of interests or
confidentiality issues. It is therefore, important, that SAIs address these risks,
by identifying them and applying the adequate safeguards and monitoring
tools.
The practice in several SAIs allows us to explore some of them.
Conflicts of interests
Due to the requirements of an independent audit work, the SAI is
responsible for implementing independence and objectivity-related controls,
in particular by addressing the issue of conflicts of interests19.
Any conflict of interest, whether real or apparent, might impair the
independence and objectivity of the auditors and, therefore, jeopardize the
quality of the audit and damage the reputation of the SAI. There are a
number of relevant threats related to conflicts of interests, detailed in ISSAI
30 itself, notably:
Previous or current close relationships with the auditees, due to
Independence
previous jobs, family links with the auditee’s management or
and objectivity
employees, friendship or long term familiarity
threats
Financial or assets-related interests linked to the auditee or the
audited area
Activities outside the SAI, for example, consultancy or training for
audited bodies
SAIs should use policies, routines and procedures to prevent, address and
monitor such cases, including guidance, declarations and monitoring by
management or specialised units or committees.
Good practice in guidance would include, first at all, a definition of ‘conflict
of interests’, how a conflict might arise and which factors should be
considered. It is important to stress that the concept of a conflict of interests
does not only relate to a situation where an auditor has a private interest
which has actually influenced his impartially and objectivity, but also to a
situation in which the interest identified might appear to influence it
in the
eyes of the public.
Identify
Secondly, the guidance must include a lists of examples based on real
conflicts of
experience by the SAIs, the public sector and the audit business. These
interests
examples will help the auditors to identify and easily understand the
potential conflict of interests.
Annex-5 contains a possible list of such
19 ISSAI-30, 34-49
20
examples.
Finally, the guidance should explain the procedures to be followed and the
measures to be taken when the auditor identifies the potential conflict. ISSAI
30 mentions some of them20: disclose the conflict, remove individual from
the audit team, review work and judgments or report the conflict.
A tool that SAIs may use to prevent, identify and monitor conflicts of
interests
consists of formal declarations by the SAI’s staff on the absence of
Declarations on conflicts of interests regarding their activity or assignments.
Good practice
the absence of
indicates that these declarations may take one or several of the following
conflicts of
forms:
interests
Regularly renewing oaths or declarations of independence and
impartiality
Periodically (e.g. annually) stating adherence to the ethical
obligations
Formally declaring, as an auditor, and in every audit, compliance
with applicable ethical requirements, including the absence of actual
conflicts of interests
Formally declaring, as an audit supervisor, and in every audit, that
he/she has confirmed the absence of any conflicts of interest within
the audit team, and
Regularly declaring public and private interests.
Good practice requires the monitoring of the routines and procedures
Monitoring the
introduced by the SAI to prevent and deal with conflicts of interest.
absence of
Monitoring may be carried out by management (e.g. by the audit supervisor,
conflicts of
by a designated audit manager or director, by HR departments, or by Legal
interests
departments). The SAI might entrust a specialized unit or a committee with
carrying out the monitoring. These units or committees might also deal with
other ethics-related matters and might also be consulted by staff on these
issues.
Rotation policies
ISSAI 30 mentions policies for the periodic rotation of staff as a control to be
included in the ethics control system21. ISSAI 40 also states that the ‘
SAIs
should ensure that policies and procedures are in place that reinforce the
importance of rotating key audit personnel, where relevant, to reduce the
risk of familiarity with the organisation audited’.
Rotation of staff A rotation policy is therefore necessary to avoid auditors’ auditing the same
area over a too long period of time, and, thus, preserve their independence,
20 ISSAI-30,39
21 ISSAI-30, 39(f)
21
objectivity and impartiality; by the same token, rotation also promotes
personal development and contributes towards the motivation of staff.
Good practice examples in rotation policy include:
A maximum period for auditing the same institution: examples are
two, five or seven years
Compulsory mobility for auditors after a period of five, seven or
eight years in the same department
Compulsory mobility for management posts after a period of seven
years
Encouraging, facilitating and monitoring the effective rotation of
staff
Considering the effective rotation of staff as a positive factor in the
annual appraisal report and in the career development of auditors
Establishing other safeguards when full rotation is not feasible. This
includes, for instance, the possibility of rotating audit fields, instead
of auditors themselves, thus maintaining successful teams
Rotation policies also present some risks:
They may jeopardize the necessary audit knowledge and expertise
within the team responsible for the engagement
They may be impossible to adopt or they might be ineffective in
small SAIs or small geographical environments
Alternative
Alternative measures to preserve the independence, impartiality and
measures
objectivity might involve:
Regular scrutiny of rotation possibilities in order to rotate staff
whenever feasible; e.g. the SAI’s management team could analyse
the staff situation every year and take any rotation decisions that are
possible;
A more flexible composition of the audit teams; e.g. ensuring the
replacement of the most senior member on a regular basis, with one
auditor always assigned on a short-term schedule (one or two years),
etc.
Stronger collegiality, division and review of audit work.
Political neutrality
Complying with the core principles of SAIs’ institutional independence, as
The risks of
stated in ISSAI 10, is very important to protect its judgements from political
political
influence. But that might not be enough. ISSAI 30 mentions the risk that the
involvement
22
concrete political involvement of leaders and staff may impair their
impartiality and objectivity and the credibility of the SAI22.
Although mentioning this risk, ISSAI 30 gives no concrete direction on how
SAIs and their staff should act in this respect.
In fact, it is important to acknowledge that political neutrality is an area
where it is difficult to produce general common guidance for either SAIs or
their staff because the relevant threats and safeguards are closely related to
the individual national contexts, including their cultural and legislative
environments. Freedom of speech, civic capacity and political rights are, in
some countries, strongly protected by constitutional guarantees, stating that
any restriction to these rights is strictly limited.
ISSAI 30 expects that these situations are addressed by a national specific
approach, considering the context. However, the ISSAI warns that, where
leaders and staff are permitted to participate in political activities they must
be aware that these activities may lead to professional conflicts and they
should act to prevent them. In fact, participation in public political activities,
public expression of political views or candidacy in view of election to public
office may be perceived by stakeholders as having an impact on the SAI’s
ability to form unbiased judgements.
Possible
policies
In this respect, practices implemented by several SAIs are as follows:
Public political activities of any kind are often forbidden for SAI’s
Heads and members
In some cases they are also forbidden to senior audit staff
SAIs usually advise their staff to act with discretion when disclosing
their political views, especially when speaking in public, in letters to
the press, in books, articles or leaflets, or in any other media that are
in the public domain. This also applies to canvassing on behalf of
candidates for local authorities, national parliaments or the
European Parliament, or on behalf of a political party
Some SAIs have issued policies or rules about the use of social media
by their staff.
Good practice indicates that transparency is key: where political activities
are permitted to members and staff, it is very important to publically
disclose them, so that everyone can scrutinise the audit work and be alert to
any potential or real risk to political neutrality.
22 ISSAI-30, 28(d), 43 and 44.
23
Gifts and hospitality23
It is well established and recognised that integrity, independence,
impartiality and objectivity can be affected by:
Receiving gifts or hospitality from auditees or suppliers
Accepting meals during audit assignments
Receiving free travel, accommodation or entertainment
Policies and
Even though,
practice varies:
checklist
Some SAIs completely forbid staff from receiving any gifts or other
relating to gifts
and hospitality
benefits
Many have specific rules and guidance, either included in law or
established in their code of ethics. Provisions specify the nature and
the maximum value of the gifts that might be accepted; in some
cases the auditors must also ask for permission from management
before accepting any gifts
Several SAIs consider that staff should not accept inappropriate or
inadequate gifts and provide guidance for defining these concepts
In most cases, social and protocol gifts must be handed over to the
institution
A few SAIs maintain gift and hospitality registers
Annex-6 includes a checklist for self-assessing the circumstances under
which gifts or hospitality could or should not be reasonably accepted.
Whistleblowing policies24
Sound ethics management sets standards of behaviour, but not only that. It
also monitors compliance with those standards and enforces them as
needed.
SAIs should establish and implement policies to identify ethical misconduct
and to act against it, timely, fairly and effectively. Disciplinary measures
Identify ethical
allowing the imposition of timely and fair sanctions, while ensuring a fair
misconduct
process, are a matter of investigation, discipline and jurisdiction.
For this system to work, the disciplinary measures have to be initiated
following decisions of public managers and mechanisms that signal the
23ISSAI-30, 22(a), 28(b), 35(a), 48(c)
24 ISSAI-30, 22(c)
24
wrongdoing situations. Organisations and managers have their own
management and control systems and procedures, which sometimes allow
misconduct to be identified and communicated through the line
management or ethics units or responsible persons.
Nevertheless, clear and known procedures that facilitate the reporting of
wrongdoing and provide protection to whistleblowers assist the detection of
individual cases of misconduct and are internationally recommended.
Therefore, SAIs should establish and implement policies on whistleblowing in
the event of serious irregularities by SAI staff.
Good practice in this regard includes adopting legal rules to define the rights
and obligations of the parties involved. These rules should establish:
What should be considered as a serious irregularity (insignificant
facts, differences of opinion, conflicts between staff should be
Whistleblowing
disregarded)
policies should
The conditions for providing the information (e.g. in writing,
clarify
annexing evidence, etc.)
conditions,
The channels for providing the information (via middle management,
channels and
directly to top management or to an external public body
procedures to
responsible for these matters)
handle
How the information is to be handled by the SAIs (e.g. deadline for
information
informing the whistle-blower of the action taken); it is essential to
and provide
preserve confidentiality in handling the information to protect both
protection to
the whistle-blower and the person reported (the principle of
reporters
innocence must always be respected)
Specific provisions to protect whistle-blowers from any form of
retaliation and preserve their working conditions and careers. The
rules should also include provisions to prevent wrongful or
detrimental allegations made in bad faith.
Ethics monitoring tools25
Ethics monitoring should allow regular assessment with the purpose of
recommending measures for improving ethics management and ensuring
Improving
accountability.
ethics
Good practice examples of ethics monitoring tools include:
management
and ensuring
The IntoSAINT self-assessment tool, which enables SAIs to assess
accountability
overtime their vulnerability and resilience to integrity violations and
provides recommendations as how to improve integrity
management
Internal evaluations of the ethical framework conducted by ethics
25 ISSAI-30, 22(b),23
25
committees, ethics advisers, ethics counsellors or internal auditors
Self –
An assessment using the SAI Performance Measurement Framework
assessment,
(SAI-PMF), a tool developed by the IDI and recently endorsed by
internal and
INTOSAI
external
External evaluation conducted within a general peer review
evaluation
(including a focus on ethical issues)
External evaluation of the ethical framework conducted by peer
SAIs, by a renowned public body, independent experts or an NGO
specialized in ethical issues (e.g. Transparency International). These
evaluations contribute considerably towards fostering commitment,
accountability and transparency in the SAIs
Involving auditees in assessing the ethics-related performance of
Audittees
audit staff. This is mainly accomplished through surveys on audit
feedback
practices and through the administration of client feedback
questionnaires and self-assessment during and after audit tasks.
A report should be produced after monitoring assessments or evaluations.
Good practice examples of reporting would:
Reporting
State the conclusions and recommendations, leading to an action
plan to address the shortcomings identified
Make the SAI’s leadership and management accountable for the
results of the monitoring
Make staff aware, at all stages, of the proceedings and the
willingness of management to truly improve the ethical environment
of the SAI
Make the report available to the public, as a way of ensuring full
commitment with ethics and transparency.
26
Annex 1 to the TFA&E paper “HOW TO IMPLEMENT ISSAI 30”
Good Practice References
ETHICS STRATEGIES
Strengthening ethics and integrity (SAI Albania)
Plan for preventing integrity risks (CoA Portugal)
Good practices in managing ethics in SAIs (GAO US)
CODES OF ETHICS
Code of Ethics (CoA Belgium)
Code of Conduct (AG Denmark)
Code of Deonthology (Cdc France)
The Court’s Ethical Guidelines – Decision No 66-2011 (ECA); The Code of Conduct for Members
of the Court (ECA)
Code of Conduct (NAO Iceland)
Code of Ethics (SAI of Indonesia)
Code of Standards and Behaviour (Ireland)
Code of Ethics (SAI Israel)
Code of Ethics (SAO Latvia)
Code of Institutional Ethics (NAO Lithuania)
Code of Ethics (NAO Malta)
Code of Conduct (NCA Netherlands)
Code of Ethics (SAI Poland)
Code of Ethics (SAI Romania)
Code of Ethics (SNAO Sweden)
Ethics Guide (Turkey)
Code of Conduct and Ethical Standards for Auditors (NAO UK)
LEADERSHIP
Decision No 38-2016 laying down the rules for implementing the rules of procedure of the
Court of Auditors (ECA)
27
ECA-Transparency Portal (ECA)
Portal de la transparencia (CoA Spain)
Leadership Contract (Italy)
ETHICS GUIDANCE
RAISING AWARENESS AND TRAINING
Examples of conferences/talks/visits: Public ethics (compulsory one day course for newcomers,
held twice per year), compulsory workshop on the Court's ethical guidelines for all staff,
Leadership & Ethics: Recent changes and future trends, Ethics from a medical perspective
(ECA)
Ethics Training for Public Officials (OECD)
Ethics training for managers and staff (Portugal)
COUNSELLING
Ethics Committee (SAI of Brazil)
Ethics Commissioner (Croatia)
Decision No 48-2014 appointing ethics advisers (ECA)
Regulation on the Ethics Commission (SAO Latvia)
Ethics Commission (NAO Lithuania)
Ethics Committee (CoA Romania)
ETHICAL DILEMMAS
Examples of ethical dilemmas that may be faced in our day-to-day work (References are to the
ethical guidelines) (ECA)
ETHICS MANAGEMENT
RECRUITMENT
Integrity and ethics in recruitment processes (SAI of Estonia)
Recruitment process and its relation to ethical code (SAO of Czech Republic)
PROFESSIONAL DEVELOPMENT
Staff Notice 62-2016 – Staff assessment reports – Compass procedure, Promotions procedure
and
Decision No 86-2008 setting up a Joint Committee on Equal Opportunities (ECA)
Ethics in performance evaluations (SAO of Slovak Republic)
Ethical criteria in performance appraisal (CoA Portugal)
28
BALANCING CONFIDENTIALITY AND TRANSPARENCY
Balancing confidentiality and transparency (UK NAO)
Freedom of Information Act (Ireland)
Decision No 12/2005 as amended by Decision 14/2009 regarding public access to Court
documents (ECA)
Transparency port
al: http://www.eca.europa.eu/en/Pages/Transparency-access-to-
documents.aspx (ECA)
ETHICS MONITORING AND CONTROL
CONFLICTS OF INTERESTS
Code of Conduct for Members of the Court;
Staff Notice 45/2015 – New forms for notifications
and authorisation requests in relation to ethics issues; Staff Notice 13/2015- Outside activities;
Form: Declaration of spouse's employment; Form: Declaration of intention to publish; Form:
Declaration of intention to engage in an occupational activity after leaving the court (ECA)
Special Report No 15, Management of conflict of interest in selected EU Agencies (ECA)
Declaration of independence and impartiality (NAO Iceland)
Ethical Compliance Declaration (Ireland)
Declaration on absence of conflicts of interests for each audit assignment (CoA Portugal)
Publication of authorised external activities (CoA Portugal)
Independence statement (CoA Romania)
Interest and wealth statement (CoA Romania)
ROTATION POLICIES
DEC43-15-Staff rotation policy (ECA)
POLITICAL NEUTRALITY
Political Activities (Extract Code of Conduct) (UK NAO)
Code of Conduct for Members of the Court – Articles 6 and 7 and
Decision No 38-2016 laying
down the rules for implementing the rules of procedure of the Court of Auditors (ECA)
Treaty on the Functioning of the European Union (TFEU) – Articles 285, 286, 287 and 339
webpag
e https://www.asz.hu/en/ (SAO Hungary)
GIFTS AND HOSPITALITY
BRH System for accepting gifts and gratifications (Germany)
The Code of Conduct for Members of the Court –Article 3 and
Internet Transparency
Portal/Ethics- Gifts and hospitality (ECA)
WHISTLEBLOWING POLICIES
29
Internal Whistleblowing Policy (UK NAO)
http://www.ombudsman.europa.eu/en/home.faces (EU Ombudsman)
Good administrative behaviour-
http://www.ombudsman.europa.eu/en/resources/code.faces#/page/1 (EU Ombudsman)
https://secure.edps.europa.eu/EDPSWEB/edps/lang/en/EDPS/cache/offonce Data protection
supervisor (EDPS)
Rules of procedure for providing information in the event of serious irregularities
(“whistleblowing”) (ECA)
ETHICS MONITORING TOOLS
Acknowledgement declaration of the positive working environment policy (anti-harassment,
sexual harassment and bullying) (Ireland)
IntoSAINT workshops
Ethics internal evaluation (NAO Bulgaria)
Internal Audit (SAO Czech Republic)
Tools for monitoring and controlling ethical and integrity issues (CoA Romania)
Hotline system (SAI Korea)
Transparency International EU Integrity report
30
Annex 2 to the TFA&E paper “HOW TO IMPLEMENT ISSAI 30”
ETHICS LEADERSHIP: SET THE TONE FOR ACTION
Don´t do this!
A must do
Role
Not having a code of ethics in
Establishing a code of ethics in
your SAI
your SAI to:
-
State values
-
Guide
-
Set criteria for behaviour and
performance
-
Ensure stakeholders’ trust
STRATEGIC
APPROACH TO
Closing your eyes to integrity
Making it clear, through frequent
INTEGRITY
risks
statements and specific policies,
Denying integrity problems
that ethics is a priority
Solely relying on individuals’
Putting ethics in the top
actions
management agenda
Putting in place a strategic
approach to ethics, targeted at
building an ethics infrastructure
Allocating resources to ethics
(time, staff, space, training)
Not giving a good example,
Demonstrating fundamental
doing the opposite of the
values
requirements
Concerning for others and
Abusing your power
showing it
Using your position for
Being consistent with what is
personal benefits or using the
required from everyone
office for political power
Reacting ethically in critical
Trying to influence the
situations
recommendations and
Ensuring true
professional
LEAD BY EXAMPLE:
outcomes of the audit missions
management
BEING THE MODEL
or refraining from publishing
Respecting,
guiding and
giving
some of the audit results, due
feedback
to political or personal reasons
Being fully
accountable for own
(e.g. career)
and other’s decisions and
Being arrogant: “
I’m the boss. I
behaviours
don’t need to respect my staff” Ensuring
high standards of
Not taking responsibility
accountability and transparency
31
Don´t do this!
A must do
Role
Allowing nepotism, employing
Apply merit and ethics as the
relatives and friends
main features of the daily
Not demanding enough from
management practices, e.g. in the
your staff: accepting or
human resources policies
stimulating unqualified
(recruitment, performance
ETHICAL
workforce
appraisal, professional
MANAGEMENT
Demanding too much from
development)
staff and not providing enough
Recognising and rewarding good
resources
behaviour
Making or allowing promotions
Taking actions that develop trust,
not based on merit
such as sharing useful information
Being
inclusive
Deciding alone, not involving
Giving employees a voice in the
teams and staff
decision making processes
Ignoring needs and
Encouraging discussion of ethics’
expectations of others
issues, problems and dilemmas
Not discussing ethics problems Ensuring an open and
mutual
OPEN DOOR POLICY
Not facilitating advice and
learning environment
guidance
Providing
guidance
Making sure that
ethics’ advice is
available to staff wanting to
discuss concrete situations
Doing nothing to prevent
Identifying and solving
potential
unethical behaviour
ethical risks or conflicts
Doing nothing to face problems
Assessing behaviours and
Disobeying code of ethics
reviewing intentions
Not managing unethical
Using permanent awareness and
situations
monitoring/control tools
ENFORCEMENT
Not taking care of working
Taking
firm corrective actions
discipline
when needed
Establishing
whistleblowing
policies
Ensuring
fair hearing procedures
Never stop
re-examining
32
Annex 3 to the TFA&E paper “HOW TO IMPLEMENT ISSAI 30”
EXAMPLES OF ETHICAL DILEMMAS: What should you do?
For the last couple of years, you (the auditor) have performed the annual budgetary audit
of the same auditee. By now, you have developed friendly relations with the chief
accountant. On your birthday, which he/she knows by now, the chief accountant brings
you a small gift. What should you do?
You are carrying out an audit in an entity which has been audited before by your
colleagues. You discover a significant error, which, according to the documents, has
already been present for several years and was not detected during the previous audits.
Disclosing the error would show that the earlier audits by your office were not thorough
enough but, if you conceal it, it will persist. What should you do?
You take part in a coordinated audit, which will be carried out on the basis of the same
methodology in a number of entities. The audit procedures include testing the use of a
new IT tool. So far, you have not used this tool in practice and it was not possible to
provide you with formal training in time. Besides, you have some doubts as to whether
these computer-based methods really improve audit quality. You think that your long
experience is a better guarantee for that. What should you do?
At the end of an audit, you realize that you focused so much on one important issue that
you missed a couple of other important questions in the audit programme. There is no
time to conduct analyses in accordance with the methodology specified for them. What
should you do?
Your colleague wants to spend his/her life savings on the purchase of land to build his/her
dream home there. During an audit, you discover that the mayor is currently conducting
confidential preliminary negotiations with a potential investor of the construction of a
municipal garbage sorting station on the land adjacent to the location chosen by your
colleague. What should you do?
A member of the audit team you lead is very competent at work and produces good
quality audits but he/she is often impolite towards employees of auditees, uses offensive
language and has a quick temper, threatens and shouts at them and sometimes throws
documents. He/she is very sensitive to criticism of any kind and asking him/her to refrain
from this sort of behaviour may reduce the quality of his/her contribution in future audits.
What should you do?
You have to give an opinion on an audit programme developed by another unit. You have
three working days for this task. A member of the team responsible for the audit urges you
to prepare an opinion by tomorrow because they are already late with the programme,
and if the audit is not started immediately, its entire planning will be wasted. You have
other work to do and doubt whether you can really familiarise yourself with the material in
such a short time. What should you do?
You find out by coincidence that your colleague, whose work has never been a subject of
criticism, is copying entire books from the library on an office photocopying machine to
put in his/her own library at home. What should you do?
33
You notice that contracts for cleaning the premises of an audited entity have been granted
to the same company for several years. Analysis of information on the website of the
company shows that the surname of the owner is the same as the name of the employee
of the entity in charge of building maintenance, who has been working at the company for
many years. Upon being asked, he states that the company was founded by his son who,
after a long period of unemployment, received a grant from the Labour Office to start the
company with which he now supports his family (a wife and two children). If it is disclosed
that tendering for the cleaning contracts was not performed in accordance with the
regulations, the father will be dismissed and the son’s company will be in danger of going
bankrupt. The cleaning costs are in line with market rates and the contracts only represent
a small part of the total budget of the entity. What should you do?
An auditor who is an avid football fan goes with friends to a home match of his favourite
team. Prior to the match, they get in the mood by drinking quite a few beers. During the
match, the auditor enters into an argument with an intoxicated supporter of the other
team, who has been improperly accosting women in the public. The argument becomes
heated, blows are exchanged and the stadium stewards call the police. The auditor shows
his office ID to the police officers and argues that his opponent should be arrested as his
improper behaviour was the cause of the fight, while he was only trying to protect the
ladies. What to do?
The auditee’s office is in a remote industrial area with bad public transport and no
canteen, and there is no café or restaurant in walking distance. The auditee offers you free
transportation to your hotel and daily coffee and snacks. What should you do?
34
Annex 4 to the TFA&E paper “HOW TO IMPLEMENT ISSAI 30”
A MODEL FOR INDIVIDUALS TO ADDRESS ETHICAL DILEMMAS- CHECKLIST
Step
Elements to be considered
1. Analyse the problem to assess whether ou are facing a
Elements to consider
right-versus-right situation (a real dilemma) and not a
The right-versus-wrong test:
right-versus-wrong situation (a compliance problem).
The compliance test: “Do I infringe any law or established rules/principles in the
organisation?”
-
Is one option against a legal requirement or contrary to
The mirror test: “can I live with the decision I'm taking?”
ethics?
The publicity test: “Am I willing to read about this in the newspaper? Tell my family?”
(If YES, you are not facing an ethical dilemma)
The signature test: “Do I take public responsibility for this?”
The
kantian test: “What if everybody acted like me?”
-
Two courses of action are possible but you cannot do
Ethical dilemma paradigms:
both; two desirable values are in conflict
Truth versus loyalty:
(If this is the case, you are facing an ethical dilemma).
Honesty & integrity versus commitment or promise
Myself versus the others; us versus them; smaller versus larger group.
Short term versus long term
Now versus then; immediate needs versus future goals
Justice versus mercy; fairness even-handed application of rules versus compassion and
empathy
2. Evaluate the situation and provide your own solution
Resolutions methods
based on the values at stake, assess the consequences.
END-BASED: the greatest good for the largest number (it includes a small amount of bad
-
Do I have all elements to solve the dilemma?
for a few people).
-
What is my solution to the dilemma?
RULE-BASED: I'm setting the standard – I want everyone to act the same way in the same
situation.
CARE-BASED: I put myself in the shoes of those affected by my decision.
35
3. Check whether other persons involved (hierarchy,
Questions to reply
colleagues) agree with the options you identify or see
-
Who is involved?
alternatives.
-
What do they think?
-
Are there opposing views?
4. Evaluate the real impact of your action and any feedback. Final considerations
-
Take a course of action on the best option identified.
-
Evaluate the real impact of your action and any feedback, as this experience can serve as
a precedent or a good point of departure when facing similar situations in the future
Sources:
Fabrice Mercade, Ethical dilemmas and how to address them (EUROSAI TFAE conference, Lisbon 2014)
Rushworth KIDDER “ How good people make tough choices: Resolving the dilemmas of ethical living”
Paolo Giusta: “Ethics Matters – Practical micro-ethics for civil servants of the European Union”. European Court of Auditors, 2006.
United Nations Ethics Office; http://www.un.org/en/ethics/index.shtml;
European Commission, Practical Guide to staff Ethics and Conduct (http://ec.europa.eu/civil_service/admin/ethic/index_en.htm)
36
Annex 5 to the TFA&E paper “HOW TO IMPLEMENT ISSAI 30”
EXAMPLES OF CONFLICTS OF INTERESTS
I have been asked to audit a maritime infrastructure project in a commercial harbour. This
project was carried out by an engineering company “X” for which I worked 12 years ago.
The Managing Director of “X” is no longer the same but some of my former colleagues are
now shareholders in the company. I ask my superior to appoint another auditor, as my
credibility and the result of my audit may be questioned.
My husband’s uncle owns a milk farm that benefits from public subsidies. One of my tasks
consists of auditing this farm – among others. Even if I have never met this second-degree
relative of my husband’s, I can foresee that there may be a potential family conflict
because I might have to report some errors in the application of the funds. I ask my
superior to take me off this task.
I am an active supporter of a political party that has won the recent elections. I am asked
to audit a state department whose newly-appointed director was a political associate of
mine. I do not want it to be thought that my work as an auditor in this case can be cast
into doubt by my political beliefs. I immediately talk to my superior and ask him to appoint
another auditor.
I am asked to audit the state agency that employed me just before I joined the Supreme
Audit Institution. I ask my superior to be removed from this task.
Having been elected to my local municipal council, I am invited by the mayor to manage a
programme receiving public funds from the state budget. I decline the invitation.
I am currently working in the department responsible for auditing international
cooperation for development aid. I have been invited to sit on the management board of
an NGO which receives a substantial amount of this aid. I decline the invitation.
I have been assigned to a team responsible for auditing a state agency in which my brother
is working as a clerical assistant doing. I check with him and conclude that he will not have
any role in the audit. I inform my superior and carry out the audit. I avoid talking to my
brother about the audit.
I have been assigned to a team responsible for auditing a state agency; my sister chairs the
agency's governing board. I inform my superior and ask to be removed from the task.
I have been assigned to a team in charge of auditing a state agency. A close friend of mine
is head of a department in this agency. I inform my superior. We discuss the matter and
conclude that the audit should not normally involve the department headed by my friend.
I can carry out the audit, but I remain attentive in case my friend is required to play a role
in the audit. I avoid talking to my friend about the audit.
I have been assigned to a team in charge of auditing the travel expenses of the Members
of the Parliament. Two years ago, before joining the SAI, I was responsible for authorising
travel expenses at the Parliament. I inform my superior and ask to be removed from the
task.
I have been assigned to a team in charge of auditing the implementation of an
environment programme. Before joining the SAI, I worked as a financial officer in a
regional department of the Ministry of Environment. I inform my superior. We discuss the
matter and conclude that the audit will not involve the department in which I worked. I
can carry out the audit.
37
I am auditing a private company receiving state budget funds. The Director offers me a
position that interests me. I inform my superior. We conclude that, since my audit
observations on the company have already been made and communicated and that I will
not be involved in further reporting, there is no possibility that the job offer will influence
my audit work. I accept the position.
I am auditing the implementation of a public fund programme by a large municipality.
During the wrap-up meeting with the responsible authorities, I am approached by the
Director of the programme, who offers me a well-paid advisory position in the
municipality. I inform my superior; we conclude that there was an intention to influence
my work. I decline the offer.
38
Annex 6 to the TFA&E paper “HOW TO IMPLEMENT ISSAI 30”
MAY YOU ACCEPT GIFTS OR HOSPITALITY? A SELF-ASSESSMENT
CHECKLIST
1. Are you authorised by the rules of your Provisions on the acceptance of gifts and hospitality can be found
office or by any other applicable in:
regulations
to
accept
gifts
or SAI Code of conduct, ethical guidelines and specific rules.
hospitality under certain conditions?
Staff regulations applicable to civil servants.
2. Does the gift or hospitality comply with
Conditions might refer to:
those conditions?
A maximum value (e.g. less than 50€)
The nature of the gift or hospitality (e.g. covered by the
Convention on International Trade of Endangered Species, like
an object made of a protected animal skin or shell; a counterfeit
object; an invitation to an illegal or ‘inappropriate’ place, like a
gambling house).
The person or entity that offers the gift or hospitality (e.g. a gift
or hospitality offered by an auditee or by a supplier or potential
supplier of the SAI).
Any other condition established by the rules.
3. If you accept the gift or hospitality, Elements to consider:
would you feel uncomfortable, under Does the gift or hospitality comply with the conditions set out in
influence or unduly inclined to adopt a
the rules, and is it proportionate and appropriate.
different attitude or opinion?
Are the gifts or acts of hospitality over-frequent?
Is there any real or perceived actual or potential conflict of
interest.
4. How would other people react when To assess the reaction of others consider the following:
they know that I have accepted the gift You are setting the standard – you want everyone to act the
or hospitality?
same way in the same situation
Put yourself in the shoes of those affected by your decision
Accepting the gift or hospitality might not be seen as
detrimental to the interests of the SAI, in any case
5. Consult other people.
In case of any doubt, do not hesitate to consult your superiors or
colleagues, or the ethical advisers of the SAI.
6. Display the information openly; declare Inform your superiors and follow the SAI’s rule on declaring and
the gift or the hospitality accepted or registering gifts and hospitality. This concerns gifts and hospitality
rejected.
offered, whether they are accepted or not.
39
TASK FORCE ON AUDIT & ETHICS
Participating Member SAIs
Portugal (Chair)
Albania
Croatia
Czech Republic
ECA
Finland
Former Yugoslavia Rep. Macedonia
France
Germany
Hungary
Israel
Italy
Malta
Moldova
Montenegro
Poland
Romania
Russian Federation
Serbia
Spain
The Netherlands
Turkey
United Kingdom
41