Dear Communications Networks, Content and Technology (CNECT),

Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information:

The audit reports discussed hereunder were partially disclosed by DG CNECT in GestDem 2013/6442, http://www.asktheeu.org/en/request/1099/... (‘reports compilation’).

1. AUDIT REPORT #1, 5 FP6 & 3 FP7 PROJECTS

The audit report #1 is found in pages 217 – 298 of the reports compilation. It is very is remarkable because:

1. The audit was carried out by 5 DG INFSO officials, including the then Head of Unit and a senior official.
2. Pages 22-34 (12 pages) are devoted to personnel costs
3. Pages 35-29 (5 pages) are devoted to subcontracting
4. Annex 2 is merely 2-page long.

Typically, Annex 2 of an audit report sets out the details of the claimed personnel cost per reporting period and per each single employee whose labour costs were charged to an audited project. For 8 projects of a duration of 3 years, this detailed analysis would have been 24-page long.

The brief nature of Annex 2 of audit report #1 is to be contrasted with the length of Annex 2 of other audit reports found in the reports compilation, for instance the table of contents in pages 3 and 301.

It can be surmised that DG INFSO had rejected all claimed personnel costs for other reasons (perhaps undeclared subcontracting to a ‘suspicious’ company) and that is why Annex 2 of the audit report #1 does not set out the analysis.

Page 24 of the audit report (page 241 of the PDF file) reads:

‘5.1.2 Work performed
The tests performed on a sample basis during our audit work were the following:
- We ensured that personnel costs charged relate to the costs of actual hours worked by the persons directly carrying out work under the project;
- We interviewed key project staff in order to corroborate their involvement in the implementation of project work;
- We inquired about procedures related to the time recording system and internal controls regarding the time recording system;
- We compared for reasonableness the extent and timing of the hours charged in the financial statements with activities related to the project execution through examination of documents (Annex I, management reports) and through inquiries of management;
- We reviewed and understood the hourly personnel rate calculation;
- We performed substantive testing of underlying documents regarding the costs charged to the financial statement such as payslips, work contracts if any, invoices etc.; ’

I would be obliged if DG CNECT would grant partial access – to the widest possible extent allowed by Regulation 45/2001 and Regulation 1049/2001 – to the following documents:

R.1. The audit announcement letter and all annexes

R.2. The minutes of the interviews with ‘key project staff’, or equivalent document

R.3. The Privacy Statement DG INFSO handed over to the interviewees

R.4. Correspondence with the interviewees, if any, about their role in the 8 audited projects

R.5. The ‘notification’ pursuant to article 12 of Regulation 45/2001 with which DG INFSO informed the data subjects about the DG INFSO personal data processing arising out of the contents of the annexes of the audit report and the personal data processing ‘We performed substantive testing of underlying documents regarding the costs charged to the financial statement such as payslips, work contracts if any, invoices’

R.6. The documents, or parts thereof, held in the audit file about ‘We compared for reasonableness the extent and timing […] examination of documents (Annex I, management reports) and through inquiries of management’

R.7. The documents the former DG INFSO S.4 Unit drew up about the very legality of the audit as regards articles 7, 8, and 41 of the Charter of the Fundamental Rights of the EU (‘the charter’), article 16 TFEU, Directive 95/46/EC, Regulation 45/2001 and the Commission Decision 597/2008.

R.8. The documents drawn up by the auditee and addressed to the Commission services (not just DG INFSO) as regards the auditee’s corrective measures in respect of the audit findings.

R.9. The documents (or parts thereof) with which DG INFSO informed the Commissioner and her cabinet about the results of the audit in question; this includes summaries of the audit results, the amounts to be recovered, and the liquidated damages.

2. AUDIT REPORT #2, 2 FP7 PROJECTS

The audit report #2 is found in pages 299– 347 of the reports compilation. Page 18-19 (pages 316 -317 of the PDF file) read:

‘7.1.3. Work performed
The tests performed on a full scope basis during our audit work were the following:
-We ensured that personnel costs charged relate to the costs of actual hours worked by the persons directly carrying out work under the project;-
We reviewed procedures related to the time recording system and internal controls regarding the time recording system;
-We reconciled the hours recorded according to the time sheets with the hours charged in the financial statements;
-We compared for reasonableness the extent and timing of the hours charged in the financial statements with activities related to the project execution through examination of documents (Annex I, minutes of project meetings, management reports) and through inquiries of management;
-We reviewed the breakdown of total productive hours;
-We reviewed the hourly personnel rate calculation;
-We performed substantive testing of underlying documents regarding the costs charged to the financial statement such as personnel files, payroll information, etc.;
- We reviewed governing contractual Articles of Annex II- General Conditions to the grant agreement’

I would be obliged if DG CNECT would grant partial access – to the widest possible extent allowed by Regulation 45/2001 and Regulation 1049/2001 – to the following documents:

R.10. The audit announcement letter and all annexes

R.11. The ‘notification’ pursuant to article 12 of Regulation 45/2001 with which DG INFSO informed the data subjects about the DG INFSO personal data processing arising out of the contents of the annexes of the audit report and the personal data processing ‘We performed substantive testing of underlying documents regarding the costs charged to the financial statement such as personnel files, payroll information, etc’

R.12. The documents, or parts thereof, held in the audit file about ‘We compared for reasonableness the extent and timing […] examination of documents (Annex I, management reports) and through inquiries of management’

R.13. The documents the former DG INFSO S.4 Unit or the DG CNECT R.4 Unit, as the case may be, drew up about the very legality of the audit as regards articles 7, 8, and 41 of the Charter of the Fundamental Rights of the EU (‘the charter’), article 16 TFEU, Directive 95/46/EC, Regulation 45/2001 and the Commission Decision 597/2008.

R.14. The documents drawn up by the auditee and addressed to the Commission services (not just DG INFSO) as regards the auditee’s corrective measures in respect of the audit findings.

R.15. The documents (or parts thereof) with which DG INFSO informed the Commissioner and her cabinet about the results of the audit in question; this includes summaries of the audit results, the amounts to be recovered, and the liquidated damages.

3. DG INFSO & DG CNECT MANUALS FOR RISK-BASED AUDITS

It is absolutely certain that both audits discussed above are risk-based audits.

The FP6 Audit Manual is now essentially in the public domain, http://www.asktheeu.org/en/request/finan.... That manual did not spell out that auditors were to carry out interviews in audits of FP6 projects; the Research DGs were careful in this respect due to Regulation 45/2001. Instead, in page 17 of the manual auditors were ‘reminded’ of the practice of the Research DGs to carry out interviews, where necessary, in audits of FP4 & FP5 projects.

Presumably, the interviews of key researches in audit #1 were carried out following the ‘recommendations’ of the DG INFSO manual of risk-based audits. Consequently, there is a host of questions about the compliance of the audit #1 with Regulation 45/2001.

I would be obliged if DG CNECT would grant FULL ACCESS to the following documents are regards the DG INFSO and DG CNECT manual(s) for risk-based audits:

R.16. Every single version of the manual(s) about the DG INFSO/DG CNECT Risk-Based Audits

R.17. The documents with which DG INFSO or DG CNECT formally adopted the Risk-based Audits Manual(s)

R.18. The documents with which the O2 and S5 Units of the former DG INFSO, and the R.4 Unit of DG CNECT, were duly authorised to carry out audits following the methods and techniques laid down in the Risk-based Audits Manual(s).

R.19. The documents with which DG INFSO and DG CNECT informed the Commissioner and her cabinet about the drawing up of the Risk-based Audit Manual(s).

4. OVERRIDING PUBLIC INTEREST

It is clarified that this application does not request the transfer of personal data. Therefore, the parts of the documents that enable the identification of data subjects are to be blanched out.

As regards the identities of the auditees, it is argued that in the event DG INFSO/DG CNECT had rejected more than 80% of the claimed costs due to irregularities (as defined in the FP6 contract and the FP7 grant agreement), it is questionable whether their identity is to be withheld. It is so because the auditees manifestly misused public funds. Therefore, this is not a matter just between DG INFSO/DG CNECT and the auditee. This kind of argument applies, a fortiori, when 100% of all claimed costs were rejected and the matter was referred to OLAF for further investigations.

The release of the documents under R.1 to R.15 will allow the further public scrutiny of the legality of the audit practices in two particular risk-based audits, particularly the observance of the fundamental right of personal data protection.

Finally, the granting of full access to the documents R.16 to R.19 will enable: (i) to scrutinise the legality of the methods of the Risk-based Audit Manual; (ii) to what extent, if any, the manual(s) was properly adopted by the Institution, as opposed to being the mere fruit of a very few ambitious DG INFSO officials who were pursuing the advancement of their own careers at the expense of the legality.

Yours faithfully,

Mr. Sifis RAPTIS