• Organiza: Mundubat
  • Fecha límite de presentación de candidaturas: 09/11/2020
  • Duración del contrato: 1 mes
  • Tipo de contrato: Evaluación externa
  • Dónde: España
 

 

TERMS OF REFERENCE

FOR THE EX-ANTE ASSESSMENT

OF A NON-GOVERNMENTAL ORGANISATION

APPLYING TO BECOME

A HUMANITARIAN FPA PARTNER

OF THE EUROPEAN COMMISSION

(AS REPRESENTED BY DG ECHO)

APPLICATION FOR 2021 FPA

 

FUNDACION MUNDUBAT

 

Organisation requesting the assessment:                     Fundación Mundubat

Country:                                                                         4 Sombrerería Street,  Bilbao 48005, SPAIN

Reference / date of request for services:                      9th November 2020

Period subject to Assessment:                                       The year (12 months period) ending on the day of the start of the field work (on-site procedures) of the assessment]

Starting date of the Assessment:                                   16th November 2020

Ending date of the Assessment:                                    18th December 2020

 

 

 

 

 

 

TABLE OF CONTENTS

TERMS OF REFERENCE FOR THE AUDITORS 3

TERMS AND DEFINITIONS 3

REQUIREMENTS FOR THE AUDITORS 4

  1. General Principles 4
  2. Objective and Scope 7
  3. Approach and Scoring 9
  4. Assessment Procedures 10
  5. Standards and Guidance 16
  6. Other matters 19
  7. Annex 20

 

TERMS OF REFERENCE FOR THE AUDITORS

 

The following are the terms of reference (‘ToR’) on which Fundación Mundubat agrees to engage the Auditor to perform and report on an assessment of Fundación Mundubat. These ToR are annexed to the Organisation’s request for services; The ToR are for the use of the Auditor and the Organisation.

TERMS AND DEFINITIONS

In these ToR and in Annex A, which forms an integral part of these ToR, the following terms apply:

  • ‘Ex-ante assessment’, ‘assessment’ or ‘engagement’ refers to this assurance engagement. The assessment covers two blocks of questions, namely ‘Minimum requirements’ and ‘ Additional suitability requirements’.
  • ‘Assessment’ means a compliance audit to be carried out under ISAE 3000 as issued by the International Auditing and Assurance Standards Board (IAASB) of the International Federation of Accountants (IFAC) to provide reasonable assurance to DG ECHO on the NGO’s ability to comply with the requirements as detailed in Annex 3 Assessment Questionnaire, of Annex A Assessment Report.
  • ‘Auditor’ refers to the audit firm contracted for performing this engagement and for submitting a report to the Organisation. ‘Auditor’ can refer to the person or persons conducting the assessment, i.e. the engagement partner or other members of the engagement team. The engagement partner is the partner or other person in the firm who is responsible for the engagement and its performance, and for the report that is issued on behalf of the firm, and who has the appropriate authority from a professional, legal or regulatory body.
  • ‘Organisation’, refers to the Organisation subject to the ex-ante assessment.
  • ‘Assessment Task Manager of the Organisation’ is a Manager of the Organisation, (e.g. Director, General Manager, Head of Finance and Accounting) appointed by the latter to manage and coordinate the assessment within the Organisation. S/he acts as the key contact for the Auditor, as indicated in the Assessment report’s Annex 1 Engagement context – Key information.
  • ‘Commission’ refers to the European Commission, represented here by DG ECHO.
  • ‘FPA’ refers to the Framework Partnership Agreement signed by DG ECHO and the Organisation in order to apply for EU funds in the humanitarian aid field.
  • ‘Niche’ organisation means a non-profit-making autonomous non-governmental organisation providing specialised capabilities in support of humanitarian aid operations (e.g. map-making, mine-clearance, telecommunication, organisations offering specialised transport services, such as humanitarian air transport services). While the capabilities of ‘niche’ organisations would in principle be used to support the operations of other humanitarian organisations, ‘niche’ organisations may also act to assist directly people in need (e.g. humanitarian mine-clearance operations). The specific expertise of the ‘niche’ organisation needs to be its own; expertise offered by organisations other than the applicant organisation will not be considered for the purpose of assessing the technical capacity of the applicant organisation.
  • ‘Programmatic Partner’ organisation means a non-profit-making autonomous non-governmental organisation with whom DG ECHO will establish a framework partnership agreement under which innovative ways of working will be fostered. Programmatic partners holding a valid FPA will be selected at a later stage through a dedicated procedure.
  • Annexes 1, 2, 3, 4A, 4B or 5 which are referred to in the text are the annexes to Annex A Assessment Report to the ToR. Those annexes should be filled in by the Auditor and form an integral part of the Assessment Report.

REQUIREMENTS FOR THE AUDITORS

1.                   General Principles

The Auditor must be an independent external auditor who is a registered member of a national accounting or auditing body or institution and who is authorised to conduct audits. By agreeing to these ToR, the Auditor confirms that s/he meets at least one of the following conditions:

  • The Auditor and/or the firm is a member of a national accounting or auditing body or institution, which in turn is member of the International Federation of Accountants (IFAC).
  • The Auditor and/or the firm is a member of a national accounting or auditing body or institution and, although this organisation is not member of the IFAC, the Auditor commits him/herself to undertake this engagement in accordance with the IFAC standards and ethics set out in these ToR.
  • The Auditor and/or the firm is registered as a statutory auditor in the public register of a public oversight body in an EU Member State in accordance with the principles of public oversight set out in Directive 2006/43/EC of the European Parliament and of the Council (this applies to auditors and audit firms based in an EU Member State).

The Organisation is entitled to use its own statutory auditors to undertake the engagement.

The Auditor must be fully independent of the Organisation concerned and hence the internal auditor of an Organisation subject to assessment is not eligible to perform this Assessment.

The Auditor will carry out the engagement in accordance with ISAE 3000 – Assurance Engagements Other Than Audits or Reviews of Historical Financial Information (Revised) (ISAE 3000) issued by the IAASB.

In reporting under these ToR, the Auditor must confirm that they have complied with the requirements of the International Standard on Quality Control (ISQC1) issued by the IAASB.

In reporting under these ToR, the Auditor must also confirm that they have complied with the Code of the International Ethical Standards Board (IESBA) for Accountants of IFAC.

 

1.1.              Qualifications, Experience and Team Composition

1.1.1.         Qualifications and Experience

The Auditor will employ adequate staff with appropriate professional qualifications and suitable experience with IFAC standards, in particular ISAE 3000, and with experience in performing institutional or compliance audits and/or performing systems audits or equivalent engagements of entities comparable in size and complexity to the Organisation.

In addition, the engagement team as a whole should have:

  • Experience with institutional or compliance audits and/or systems audits or equivalent engagements of development aid programmes and projects funded by national and/or international donors and institutions. It is desirable that the leader of the fieldwork team i.e. either the manager (category 2) or the senior auditor (category 3) has experience with systems audits of EU funded external aid actions and/or institutional or compliance audits of organisations in the development aid sector.
  • A very good command of either English or French, as the languages used by the Commission in its relations with FPA Partners, in addition to Spanish.

 1.1.2.         Team composition

The Commission distinguishes four categories of auditors as set out below. These categorisations and the specified criteria are to be considered indicative of the nature and type of experience required, as opposed to either definitive or exhaustive.

The team of auditors required for this assessment will be composed of a category 1 auditor who has the ultimate responsibility for the assessment and an engagement team which is composed of an appropriate mix of category 2 – 4 auditors. It is the responsibility of the Auditor to propose and use an engagement team which is composed of an appropriate mix of auditors for this engagement.

Category 1 – Audit Partner

An audit partner should be an experienced expert with a relevant professional qualification and have senior and managerial responsibilities in public audit practice. S/he will be authorised by the regulatory body of the audit firm to sign audit reports on statutory financial statements in accordance with the laws of the country in which the audit firm is registered.

S/he should be a member of a national accounting or auditing body or institution. S/he must have at least 12 years of professional experience as a professional auditor or accountant in public audit practice. Experience with working with the recipient countries of EU external aid will also be taken into account.

An audit partner, or another person in a position similar to that of a partner, is the person of the audit firm who is responsible for the engagement and its performance, and for the report that is issued on behalf of the firm.

Category 2 – Audit Manager

Audit managers should be experienced experts with a relevant university degree or professional qualification. They should have at least 6 years’ experience as a professional auditor or accountant in public audit practice including relevant managerial experience of leading audit teams.

Category 3 – Senior Auditor

Senior auditors should be experts with a relevant university degree or professional qualification and at least 3 years professional experience in public audit practice.

Category 4 – Assistant Auditor

Assistant auditors should have a relevant university degree and at least 6 months professional experience in public audit practice.

1.1.3.         Curricula Vitae (‘ CVs’)

The Auditor will provide the Organisation with CVs of the partner or other person in the audit firm who is responsible for the Audit and for signing the report together with the CVs of the managers, senior auditors and assistant auditors proposed as part of the engagement team. CVs will include appropriate details on the type of engagements carried out by the staff indicating capability and capacity to undertake the audit as well as details on relevant specific experience. The Organisation will examine the CVs before it signs an order form or other applicable contractual document for this engagement and reserves the right to reject them if they are not considered suitable for the requirements of the engagement.

DG ECHO reserves the right to also request, review and validate the authenticity of these CVs at any point in time up to 4 years after the date upon which the completed Assessment Report is submitted to it for its review.

 

2. OBJECTIVE AND SCOPE

The Auditor is engaged to assess the systems in place and the controls, rules and procedures applied by the Organisation against the criteria set by the Commission. The Auditor will conclude on a series of questions, grouped into two blocks, pertaining to the minimum requirements (Block 1) and to additional suitability requirements (Block 2) of the candidate organisation to become an FPA partner. The assessment report disclosing the conclusions and scores awarded by the auditors form an integral part of the Organisation’s application file. While this report will contribute to the assessment of the Organisation, DG ECHO retains the final decision on whether to award the FPA or not.

2.1.              Objective

The objective of this assessment is to provide DG ECHO with independent reasonable assurance on the ability of the Organisation to fulfil the criteria and conditions for being awarded a FPA (or a provisional FPA, see section 3 below for the thresholds), and to express a conclusion on a reasonable assurance basis as to whether the Organisation:

  • is an NGO entitled to receive EU funding in accordance with the Humanitarian Aid Regulation and with the specific conditions determined by the Commission on the basis thereof;
  • is transparent and accountable when delivering aid;
  • ensures that it complies with the humanitarian principles, observes the highest ethical standards and deploys adequate means to address irregularities, fraud, corruption and misconduct of any sort[1];
  • has a suitable operational capacity to design, implement and monitor EU-funded projects so as to meet relevant humanitarian needs by delivering aid in difficult circumstances;
  • ensures compliance with relevant rules, regulations, standards and contractual obligations in the areas specified by DG ECHO; and
  • has a sound internal control system based on international best practices and in line with the criteria set by DG ECHO.

Specific requirements may apply for niche organisations in some of the above-mentioned categories. Moreover, those organisations that would like to be considered for Programmatic Partnerships need to fulfil some additional requirements described in Annex 3 of the Assessment Report Template.

2.2.              Scope

2.2.1.         Location and period covered by the Assessment

This Assessment will be performed at the Organisation’s premises. The Auditor should confirm the location(s) for the assessment with the Organisation prior to the start of the fieldwork and ensure that relevant supporting documents as well as key staff will be available during the assessment.

The period to be covered by the assessment should normally be the year (12 months period) ending on the day of the start of the fieldwork of the assessment i.e. the day on which the Auditor effectively starts the on-site assessment procedures and tests at the location decided between the Organisation and the Auditor.

2.2.2.         Engagement context

The annexes referred to below are the annexes of the Assessment Report (Annex A).

The Auditor must obtain a preliminary understanding of the engagement context on the basis of Annex 1 Engagement Context – Key Information. This understanding must be fully reflected in the engagement letter between the Auditor and Organisation.  The understanding must be sufficient for the Auditor to submit a meaningful offer to the Organisation. The Auditor must take into account the specific engagement circumstances and apply professional judgment throughout the assessment process.

The Auditor shall design, plan and perform the assessment procedures in order to gather sufficient evidence to provide the scores and replies to Annex 3 Assessment Questionnaire. It shall do so by taking into account the criteria that DG ECHO deems essential or important for the Organisation subject to assessment to comply with.

The completed Annex 3 Assessment Questionnaire is an essential source of assessment information and evidence for the Auditor. However, it is by no means the only source for the Auditor to plan and perform assessment procedures, to draw conclusions on the questions as well as to establish the related scores. The Auditor may also add additional criteria if s/he considers that this is necessary to arrive at an informed conclusion. The Auditor remains fully responsible at all times to design, plan and perform the assessment procedures he/she deems necessary. Any additional criteria or testing should be described in Annex 5 Approach and Criteria.

The Auditor uses the information in the Annex 3 Assessment Questionnaire and the results of the assessment procedures to complete Annex 2 Overview of Scores and Replies and to draw a conclusion for each block subject to assessment.

Annexes 4A and 4B Specific description – Accountability provide a detailed description and assessment by the Auditor of several elements either i) when the organisation is a member of a family, network or federation of international non-profit non-governmental organisations (Annex 4A); or ii) when the funds are systematically implemented by one or several non-profit non-governmental organisations not covered by any of the situations referred to in Annex 4A (such as, in particular, organisations established in the country of intervention or another developing country) (Annex 4B).

2.2.3.         Limitations in the scope

The Auditor will identify any limitations in the scope of work prior to the review commencing and work with the Organisation to eliminate these or to assess how the assessment can be continued.

Any limitations of scope that remain must be detailed in the final report of the Auditor and will form part of DG ECHO’s assessment of the Organisation.

3.                   Approach and Scoring

Block 1 and 2 – Overall rating and outcome of the ex-ante assessment

The replies and scores are displayed in Annex 2 Overview of Scores and Replies. The rating and outcome for the various cases are as follows:

OVERALL RATING
BLOCK 1 – MINIMUM REQUIREMENTS:  YES / NO
BLOCK 2 – ADDITIONAL SUITABILITY REQUIREMENTS: …/10
OUTCOME OF THE ASSESSMENT
A. ACCEPTABLE
FPA Partner   => Block 1 – Minimum requirements: reply = YES

  => Block 2 – Additional suitability requirements: score ≥ 6/10 and ≥ 4/10 for each question.

Programmatic Partnership   => Block 1 – Minimum requirements: reply = YES

  => Block 2 – Additional suitability requirements: score ≥ 7/10 and ≥ 4/10 for each question.

B. ACCEPTABLE as a provisional Partner with an Action Plan
FPA Partner => Block 1 – Minimum requirements: reply = YES

=> Block 2 – Additional suitability requirements: 5/10 ≤ score < 6/10 and ≥ 4/10 for each  question

In such cases, a follow-up within a year of the signature of the FPA by provisional partner’s auditors will have to be performed. Re-assessment of those questions with a score greater than 4 and below 6 and recalculation of the average score of the Additional suitability requirements block.

If the assessment report provided by the provisional partner leads to an overall rating of Acceptable (A), then status is changed to regular FPA partner. The organisation will be systematically included in DG ECHO’s Audit Plan and audited by DG ECHO auditors during the first year of FPA.

If the new assessment report provided by the provisional partner shows that recommendations have not been fully implemented and the new Additional suitability requirements score is below 6/10, the FPA is suspended or terminated.

Programmatic Partnership Not applicable
C. INELIGIBLE / REJECTED
FPA Partner 1.  Block 1 – Minimum requirements: reply = NO – whatever the Block 2 – Additional suitability requirements score.

OR

2. Block 1 – Minimum requirements: reply = YES and Block 2 – Additional suitability requirements: score is ≥ 5/10 but one of the question’s score is < 4/10.

OR

3.  Block 1 – Minimum requirements: reply = YES

 Block 2 – Additional suitability requirements: score is < 5/10

Programmatic Partnership 1.  Block 1 – Minimum requirements: reply = NO – whatever the Block 2 – Additional suitability requirements score.

OR

2. Block 1 – Minimum requirements: reply = YES and Block 2 – Additional suitability requirements: score is ≥ 7/10 score but one of the question’s score is < 4/10.

OR

3.  Block 1 – Minimum requirements: reply = YES

 Block 2 – Additional suitability requirements: score is < 7/10.

4.                   Assessment Procedures

The Auditor should perform the assessment in accordance with the procedures described below, which cover documentation and evidence, planning, fieldwork, and reporting. The Auditor should exercise due professional care and judgment and determine the nature, timing and extent of assessment procedures to fit the objectives, scope and context of the assessment.

4.1.              Assessment Documentation (Working Papers)

The Auditor should in accordance with ISAE 3000, prepare documentation that provides:

–   A sufficient and appropriate record of the basis for the Auditor’s report; and

–   Evidence that the assessment was planned and performed in accordance with ISAE 3000 and applicable legal and regulatory requirements.

Documentation or working papers means the record of assessment procedures performed, relevant evidence obtained, and conclusions the Auditor reached. Audit file means one or more folders or other storage media, in physical or electronic form, containing the records that comprise the assessment documentation or working papers for a specific engagement.

4.2.              Evidence

The Auditor should in accordance with ISAE 3000, ensure that evidence is gathered to support the Auditor’s conclusion and evidence that the Assessment was carried out in accordance with the IFAC International Framework for Assurance Engagements and International Standard on Assurance Engagements (‘ISAE’) 3000 (Revised), Assurance Engagements other than Audits or Reviews of Historical Financial Information.

The Auditor should obtain sufficient appropriate evidence to support assessment findings and to draw reasonable conclusions on which to base the assessment conclusions, using professional judgement to determine what constitutes sufficient appropriate evidence.

Access to Records and Documents of the Organisation

The Auditor should have full and unrestricted access at any time to all records and documents (including accounting records, contracts, minutes of meetings, bank records, invoices etc.), to employees of the Organisation and to the Organisation’s locations insofar as this is possible and relevant to the assessment. The Auditor may request the Organisation to get access to banks (e.g. to request a bank confirmation), consultants and other persons or firms engaged by the Organisation.

4.3.              Planning

4.3.1.         Preparatory Meeting with the Organisation

The assessment should commence with a preliminary meeting between the Auditor and the Organisation.  The purpose of this meeting is to discuss the planning, fieldwork and reporting of the assessment and to clarify outstanding issues. During the preparatory meeting, the Auditor may request additional information and documents that he/she considers necessary or useful for the planning and fieldwork of the assessment.

4.3.2.         Planning Activities, Assessment Plan and Assessment Work Programmes

The Auditor should plan the assessment so that it is performed in an effective and efficient manner. Adequate planning involves that appropriate attention is devoted to important areas of the assessment, that potential problems are identified and resolved on a timely basis and that the assessment is properly organised and managed in order to be performed in an effective and efficient manner.

The Auditor should have an assessment plan (or a similar planning document such as an assessment work plan or a planning memorandum) documenting the assessment approach and key principles of planning, fieldwork and reporting. The Auditor should have assessed work programmes that detail and document the assessment tests and procedures.

4.4.              Fieldwork

4.4.1.         Tests of Systems, Controls, and Procedures

The scope of work should include an assessment of whether relevant systems, controls, rules and procedures are suitably designed and, where required, operating effectively. This is specified in Annex 3 Assessment Questionnaire by the use of “D” (for assessment of design) and “E” (for assessment of effectiveness) in relation to each criterion.

4.4.2.         Assessing the suitability of the design of controls and systems in place

The scope of work should include an assessment of the suitability of the design of relevant systems, controls, rules and procedures that are relevant for the question concerned.

Procedures to obtain an understanding of the design of systems, controls, rules and procedures may include:

  • Enquiring of Organisation staff who may have relevant information;
  • Evaluating whether descriptions, if available, fairly present the systems, controls, rules and procedures that have been designed and implemented by the Organisation. Fairly described control procedures do not omit or distort significant information that may affect the assessments of the control risk;
  • Inspecting legal and regulatory documents (e.g. laws, regulations, contracts and agreements), internal instruction and guidance papers (e.g. operating rules, internal control manuals etc.) and any other document the Auditor may consider relevant;
  • Observing operations and inspecting documents, reports, printed and electronic records of transaction processing, accounting procedures (e.g. bank reconciliation) and other key approval and internal control procedures (e.g. periodical expenditure reports, budget – actual comparisons, review and approval of timesheets etc.), documents relating to the Organisation’s regulatory framework for external audit, documents relating to grant and procurement procedures, documents relating to financial instruments and financial instrument transactions etc.;
  • Re-performing controls and procedures.

The Auditor may consider using flowcharts or questionnaires to facilitate assessing the design of the controls, rules and procedures.

If there are omissions or misstatements with regard to the control objectives, the [Auditor] ask(s) the [Organisation] to amend the description. If it is not amended the [Auditor] consider(s) the need to state that fact in their report.

A control procedure is suitably designed if individually, or in combination with other control procedures, it is likely to prevent or detect errors that could result in the non-achievement of specified control objectives when the described control procedures are complied with satisfactorily.    

The (…) assessment of the suitability of control procedure design may include:

  • considering the linkage between the control procedures and the associated control objectives;
  • considering the ability of the control procedures to prevent or detect errors related to the control objectives;
  • performing walk-throughs of selected transactions and control procedures; and
  • performing further procedures, such as enquiry of appropriate entity personnel, inspection of documents and reports and observation of the application of specific control procedures, to determine whether they are [i] suitably designed to achieve the specified control objectives and [ii] if they are operated as prescribed, by appropriately qualified or experienced persons.”[2]

4.4.3.         Assessing the operating effectiveness of the controls and systems in place

A system, control, procedure or rule is operating effectively if, individually or in combination with other systems, controls, rules and procedures, it provides reasonable assurance that:

  • The Organisation’s objectives (e.g. objectives of the internal control system or of a grant or procurement process) are achieved and in particular that risks to the achievement of the objectives are properly managed and controlled;
  • The risks of error, irregularities and fraud, as well as misconduct, are properly and timely prevented, detected and corrected.

When designing and performing tests of controls, the Auditor should:

  • Perform other procedures in combination with inquiry to obtain evidence about:

–        How a system operated or how a control, rule or procedure was applied;

–        The consistency with which the system worked or a control, rule or procedure was applied, over a period of time, and;

–        By whom or by what means controls, rules or procedures were applied.

  • Determine means of selecting items for testing that are effective in meeting the objectives of the procedure.

When determining the extent of tests of controls, rules or procedures, the Auditor shall consider matters including the characteristics of the population to be tested, which includes the nature of the controls, rules and procedures, the frequency of their application (for example, monthly, daily, a number of times per day), and the expected rate of deviation.

Tests of controls, procedures and rules may include but are not limited to inspection (of records, documents and assets), observation, inquiry of management and others within the Organisation, confirmation, recalculation and re-performance.

Where the Auditor is “unable to test a described control procedure because, for example, it has not operated during the year, [s/he] states the fact that no tests have been carried out and the reason in [the] description of tests.[3]

4.4.4.         Sampling and other means of selecting items for testing

When designing and performing tests of systems, controls, rules and procedures the Auditor may apply sampling or other means of selecting items for testing. Sampling involves the application of procedures to less than 100% of items within a population of assessment relevance (e.g. a class of transactions or account balance) such that all sampling units have a chance of selection in order to provide the auditor with a reasonable basis on which to draw conclusions about the entire population.

Sampling can use either a statistical or non-statistical approach. The Auditor may use a judgmental selection of specific items from a population (e.g. high value or key items, all items over a certain amount, items to obtain information or items to test control activities, rules or procedures).

While selective examination of specific items will often be an efficient means of obtaining evidence, it does not constitute sampling. The results of procedures applied to items selected in this way cannot be projected or extrapolated to the entire population; accordingly, selective examination of specific items does not provide evidence concerning the remainder of the population. Sampling, on the other hand, is designed to enable conclusions to be drawn about an entire population on the basis of testing a sample drawn from it.

4.4.5.         Criteria and materiality

A description of the criteria and materiality applicable to these Terms of Reference is provided in Annex 5 Approach and Criteria to Annex A Assessment Report.

4.4.6.         Using the work of internal auditors

When the Auditor determines that an internal audit function is likely to be relevant for the assessment he/she (a) may determine whether, and to what extent specific work of the internal auditors can be used, and (b) if using the specific work of the internal auditors, whether that work is adequate for the purposes of the assessment. The Auditor should comply with ISA 610 insofar as this ISA is relevant to the assessment.

4.4.7.         Using the Work of Other Assurance Providers

When the Organisation has been in receipt of a previous assurance report by another provider of such services, other than internal audit, the Auditor may determine (a) whether, and to what extent specific work of the provider can be used, and (b) if using the specific work of the provider, whether that work is adequate for the purposes of the assessment. The Auditor should apply the same criteria as are set out in ISA 610 ‘Using the Work of Internal Auditors’ to the extent relevant. By way of example of possible reliance on other assurance providers, the Auditor could consider, if the Organisation has been certified or verified by the Humanitarian Qualitative Assurance Initiative[4],  to rely on it to reply to the relevant questions, provided they have satisfied themselves with the quality of HQAI work.

4.4.8.         Written representations

The auditor should obtain representations from the management. A written representation is a statement by the management provided to the Auditor to confirm certain matters or to support other assessment evidence. The letter should be signed by the member(s) of the management of the Organisation who have the primary responsibility for the systems, controls, rules and procedures operated by the Organisation.

4.4.9.         Debriefing Memorandum (‘Aide Mémoire’)

The Auditor will prepare a Debriefing Memorandum for discussion at the closing meeting. The Memorandum should outline the main assessment findings that have resulted from the fieldwork and recommendations. A copy of the Memorandum should be sent to the Assessment Task Manager of the Organisation.

4.4.10.      Closing Meeting

The Auditor should organise a closing meeting with the Organisation.

The purpose of this meeting is to discuss the Debriefing Memorandum and to obtain the confirmation and initial comments of the Organisation on the Auditor’s findings and recommendations. The Auditor and the Organisation can agree outstanding information to be provided by the Organisation and where applicable a deadline for submission. The Auditor can inform the Organisation about the reporting procedures. The Auditor should document any comments (verbal and written) made by the Organisation and take these into account for the assessment report.

4.5.              Reporting

The use of the model ‘Assessment’ report in Annex A is compulsory.

4.5.1.         Reporting process

Reporting Requirements

The Auditor should report the results of the assessment in accordance with ISAE 3000 and the requirements of these ToR.

The report should be objective, clear, concise, timely and constructive. The use of the model report and its annexes is compulsory. The model report is found in Annex A to the ToR.

The report should be presented in English.

The date of draft and pre-final reports should be the date when these reports are sent for consultation. The date of the final assessment report should be the date when the final Independent Auditor’s Report (Annex A) is signed.

Facts and events that have come to the Auditor’s attention before the final report is signed and which have an impact on the findings in that report must be taken into account. However, the Auditor is under no obligation to enquire of the Organisation’s management and/or to carry out further procedures after the closing meeting and before the signature of the final report.

 

Procedures and timetable for the submission of draft and final assessment reports

1)          Procedure for the consultation and submission of the draft report 

The Auditor should submit a draft report to the Organisation within five calendar days after the day of the closing meeting (i.e. the end of field work). The draft report should include the comments of the Organisation insofar as these have already been obtained during the fieldwork of the assessment and the closing meeting.

A paper and an electronic version of the draft report along with a cover letter should be submitted. The word ‘draft’ should be clearly indicated on all versions.

The Organisation should provide comments to the Auditor, including comments on the recommendations in the dedicated section, within two calendar days from receipt of the draft report.

The Auditor should submit to the Organisation a revised draft report which takes into account any comments received within six calendar days from receipt of the comments.

The Organisation should submit comments to the Auditor within two calendar days from receipt of the draft report.

  • Procedure for the consultation and submission of the final report.

If no additional fieldwork is required, the Auditor should submit a pre-final report to the Organisation within two calendar days from receipt of comments on the draft report. The word ‘pre-final’ should be indicated on the cover page of the pre-final report. The Organisation should inform the Auditor in writing whether it accepts the pre-final report within one calendar day from receipt of the pre-final report.

The Auditor should submit a final report within one calendar day from receipt of the comments on the pre-final report.

The Auditor should then submit an original paper version and one electronic version of the final report along with a cover note to the Organisation.

The reports should be provided on original letterhead of the Auditor. The word ‘final’ should be clearly indicated on all versions. The Auditor should also send an electronic version of the final report (i.e. a scanned copy (in PDF format) of the signed and dated final report with the Auditor’s letterhead paper) to the Organisation.

The period between the closing meeting and the submission to the Organisation of the final report should not exceed twenty calendar days or three weeks.

The Organisation shall send/upload an electronic copy and a paper copy of the final Assessment Report to DG ECHO when applying for an FPA. Further details on this procedure will be given on DG ECHO’s Partners website[5] in due time.

4.5.2.         Reporting on findings, recommendations and conclusion

A description of the findings and recommendations applicable to these Terms of Reference is provided in the Annex 5 Approach and Criteria to Annex A Assessment Report.

Conclusions

The assessment report should include a reply/score for each question as well as for each block.

The overall conclusion for each block is as follows:

  • The conclusion on minimum requirements can either be positive (unqualified opinion) or negative (adverse opinion).
  • The conclusion on additional suitability requirements can either be: i) positive (unqualified opinion); ii) positive but with some non-critical areas for improvement (qualified opinion); or iii) negative (adverse opinion).

The final conclusion for the whole ex-ante assessment would be one of the following:

    1. ACCEPTABLE as an FPA Partner / for consideration for Programmatic Partnership after a further dedicated procedure
    2. ACCEPTABLE as a provisional Partner with an Action Plan
    3. INELIGIBLE / REJECTED

5. STANDARDS AND GUIDANCE

5.1.  Professional Standards Governing the Assessment

As detailed above, the Auditor who performs this Assessment is governed by:

5.2. Specific Standards applicable to Humanitarian Aid

The selection of NGO partners for the signature of the 2021 Framework Partnership Agreement (FPA) is carried out based on minimum requirements and additional suitability requirements criteria established by, or on the basis of, the following regulations[6]:

Specific benchmarks have been established for the minimum capacity required to be an ECHO partner in accordance with Article 7 of the HAR and with the Financial Regulation, as well as quality standards in the field of humanitarian aid, based on the following documents[9]:

  • The European Consensus on Humanitarian Aid[10], which is the reference  policy statement jointly agreed by the European Parliament, the Member States,  the Council and the Commission. The Consensus sets out the shared vision of the EU and of its Member States in relation to humanitarian aid policy;
  • The Sphere Handbook[11] – Humanitarian Charter and Minimum Standards in Humanitarian Response, which is one of the most widely known and internationally recognized sets of common principles and universal minimum standards in life-saving areas of humanitarian response;
  • The Core Humanitarian Standard on Quality and Accountability (CHS), which sets out Nine Commitments to improve the quality and effectiveness of the humanitarian assistance[12];
  • The internationally accepted Organisation for Economic Cooperation and Development – Development Assistance Committee (OECD-DAC) criteria for the evaluation of humanitarian aid laid down in the Guidance for Evaluating Humanitarian Assistance in Complex Emergencies[13];
  • The revised Committee of Sponsoring Organisations of the Treadway Commission (COSO) Integrated Framework[14] which has been used in the development of benchmarks and criteria for certain questions, as relevant.

5.3.  Guidance

The following guidance can be used for the auditor when assessing the minimum requirements and/or additional suitability requirements of the Organisation in the areas below:

5.3.1.  Procurement:

The purchasing / procurement policy of the Organisation must be written and must describe in a well-defined and transparent manner the appropriate policies, procedures, accountability and controls.

Transparency and competition are to ensure best value for money. This can be achieved with a policy that promotes broad competition of tenderers while limiting single source or negotiated procedures to reasonable amounts or duly justified cases.

Broad competition is better achieved if the information linked to a procurement procedure is shared or published in an open and appropriate way.

The respect of the best value for money principle is presumed if the purchasing policy of the Organisation contains provisions ensuring that when the estimated value of the contract is above a given threshold (e.g.  EUR 60 000), a minimum number of candidates of tenderers e.g. three) are engaged, provided that a sufficient number of suppliers satisfying the selection criteria exist.

Above that threshold, any exceptions to broad competition should be fully justified and documented and may include situations in which there is only one single supplier capable to provide the goods or the service or for urgent actions.

The fact that a good or a service can be purchased without a quotation (against an invoice or ticket) below a reasonable threshold (e.g. EUR 5 000) does not mean that best value for money is not achieved.

The internal controls of the Organisation should ensure that a procurement procedure is not split up in order to circumvent open competition. When a contract is sub-divided into several lots, the value of all lots together should be taken into account for the establishment of the procurement procedure to be used, even if each lot is subject to an individual contract.

The procurement policy of the Organisation must contain provisions to prevent any conflict of interest. As a minimum, the members of the evaluation committee cannot evaluate tenders in which they have a conflict of interest. If an evaluation committee is not required, the contract cannot be awarded by a person who is subject to a conflict of interest.

5.3.2. Anti-fraud and anti-corruption policy

The Anti-Fraud and Anti-Corruption policy of the Organisation should be thorough and comprehensive, in line with best practices (e.g. UN, Core Humanitarian Standards) and demonstrate a zero tolerance approach to fraud and corruption. The Organisation considers the potential for fraud in assessing risks to the achievement of objectives.

The scope of the policy should be clearly defined.

The policy should:

  • clearly stipulate that appropriate disciplinary and legal actions will be taken in all cases, where justified;
  • clearly define the roles and responsibilities of all members of staff, workers and contractors to report fraud;
  • identify key risks that may appear to staff and expected behaviours to deal with such threats.
  • emphasise that disclosures will be kept confidential and protection is given to ‘whistle-blowers’.

Whistleblowing reporting mechanisms should have dedicated confidential email addresses and hotline numbers.

5.3.3.  Safeguarding policy

The policy of the Organisation should:

  • clearly stipulate that appropriate disciplinary and legal action will be taken in all cases, where justified;
  • clearly define the roles and responsibilities of all members of staff, workers and contractors to report any safeguarding issue;
  • be succinct and avoid the use of ambiguous terms;
  • identify key risks that may appear to staff and expected behaviours to deal with such threats.
  • emphasise that disclosures will be kept confidential and protection is given to ‘whistle-blowers’.

Whistleblowing reporting mechanisms should have dedicated confidential email addresses and hotline numbers.

5.3.4. Key characteristics of environmental considerations

The Organisation should have developed corporate policies for staff, providing guidance on how to protect the local environment and how to identify and escalate the reporting of possible environmental risks.

The Organisation has developed procedures and aligned itself with a generally-accepted set of principles for environmental safeguarding such as the EU’s Green Public Procurement[15] (GPP) principles and the Extractive Industries Transparency Initiative[16].

6. OTHER MATTERS

6.1. Follow-Up

The Organisation may request the Auditor to provide further assistance with the follow-up of the final assessment report. Once it has effectively implemented the recommendations stemming from this assessment report, the Organisation may request the Auditor to carry out a re-assessment of one or more question(s) if the final assessment report concluded that the Organisation did not comply with the requirements for the question(s) concerned.

This work is not covered by these ToR and, if this is required, the Organisation will need to issue an addendum to the order form or to the other applicable contractual document for such an engagement.

6.2. Various Matters

1.- The audit process will be performed in Bilbao, 4 Sombrerería Street

2.- The auditing company may be:

– An audit entity (can be a natural or legal person) that has the correspondent certification of registration and/ r qualified to do so in accordance with local law.

– An Spanish audit entity (can be a natural or legal person) registered in the ROAC (Official Register of Auditors) under the Institute of Accounting and Auditing,

– Dependent or linked firms to a recognized auditing entity, provided that the documents proving the linkage and the signature´s accountability attesting the report are submitted.

3.- The fees agreed is including all expenses resulting from the tender for the service, in addition all taxes and discount.

4.- The bidders will present their proposal by e-mail to the following recipient:

candidaturas@mundubat.org

Proposals minimum content shall be the following:

  • Overall proposal adjusted to the ToR, indicating the methodology used and criteria of the sample of supporting documents of expenditure to be reviewed.
  • Economic cost and method of payment.
  • Certification of its legality as audit firm registered in the ROAC or in the applicable register if foreign.
  • Professional experience in the field concerned.
  • Human team of auditors in charge including CVs.
  • Knowledge of languages (English and Spanish) by the team in charge of the audit.

 

7. Annex

Annex A         Assessment Report IMPORTANT: Annex A, i.e. the Assessment report and its annexes 1 to 5, form an integral part of the present Terms of Reference.

<Annex A      Assessment Report >

 

<AUDITOR’S LETTERHEAD>

 

[DRAFT, PRE-FINAL OR FINAL] REPORT

[date]
<for the final report this is the date on which the final Independent Auditor’s Report is signed;
for a draft or pre-final report this is the date on which these reports are sent for consultation>

EX-ANTE ASSESSMENT OF

A NON-GOVERNMENTAL ORGANISATION

APPLYING TO BECOME A HUMANITARIAN FPA PARTNER

OF THE EUROPEAN COMMISSION

(AS REPRESENTED BY DG ECHO)

APPLICATION FOR 2021 FPA

 

[NAME OF THE ORGANISATION]

 

Organisation subject to Assessment:        [Organisation name]

Country:                                                    [Country where the Organisation is established]

Auditor:                                                    [Audit firm and office having responsibility for the assessment]

Period subject to assessment:                   [date] to [date] [this should normally be the year (12 months period) ending on the day of the start of the field work (on-site procedures) of the assessment]

Dates of assessment fieldwork:                [date] to [date]

Place of the fieldwork

(if different from country of establishment): [ City, Country]

INSTRUCTIONS FOR USING THIS MODEL REPORT

 

This model report for an ex-ante Assessment provides a report format and structure for the Auditor and it also includes guidance for the content of the report sections.

  • All grey shaded text in <Italic> is guidance which should be removed.
  • All text which is not grey shaded can be used by the Auditor for drawing up the report.
    The Auditor can modify text as he/she sees fit except for the prescribed text of the Independent Auditor’s report.

The prescribed text and wording of the Independent Auditor’s Report should be respected at all times and not be changed.

This instruction page should be removed from the report

TABLE OF CONTENTS

I – INDEPENDENT ASSESSMENT REPORT

II – EXECUTIVE SUMMARY

  1. SCORING AND OUTCOME
  2. SUMMARY OF FINDINGS AND RECOMMENDATIONS
  3. ACTION PLAN

III – FINDINGS AND RECOMMENDATIONS

  1. MINIMUM REQUIREMENTS
  2. ADDITIONAL SUITABILITY REQUIREMENTS

IV – ANNEXES

  1. INDEPENDENT ASSESSMENT REPORT

EX-ANTE ASSESSMENT

[full name and address of the Organisation]

We have carried out an ex-ante assessment of [name]; the ‘Organisation’ in accordance with the terms of reference issued by DG ECHO. The objective of this assessment is to provide DG ECHO with independent reasonable assurance on the ability of the Organisation to fulfil the criteria and conditions for being awarded a FPA (or a provisional FPA, see section 3 below for the thresholds), and to express a conclusion on a reasonable assurance basis as to whether the Organisation:

  • is an EU NGO entitled to receive EU funding, in accordance with Regulation 1257/96 and with the specific conditions determined by DG ECHO;
  • is transparent and accountable when delivering aid;
  • ensures that it complies with the humanitarian principles, observes the highest ethical standards and deploys adequate and effective means to address irregularities, fraud, corruption and misconduct of any sort;
  • has a suitable operational capacity to design, implement and monitor EU-funded projects so as to meet relevant humanitarian needs by delivering aid in difficult circumstances;
  • ensures compliance with rules, regulations, standards and contractual obligations for the areas specified by DG ECHO; and
  • has a sound internal control system based on international best practices and in line with the criteria set by DG ECHO.

The scope of our work and our conclusions for each of the respective Blocks are set out below.

Respective responsibilities of the Organisation’s management and the Auditor

The Organisation’s management are responsible for ensuring that the systems, controls, rules and procedures connected with the two Blocks are in accordance with internationally accepted standards and with the criteria set by the European Commission (as represented by DG ECHO) for each Block. The Organisation’s management is also responsible for providing information, documents and access to systems and Organisation staff to the Auditor insofar this is necessary and relevant for the purpose of this assessment.

Our responsibility is to assess the systems put in place and the controls, rules and procedures applied by the Organisation for each Block to determine the overall minimum requirements and additional suitability requirements of the Organisation to enter into a FPA with DG ECHO based on the criteria defined for each Block and to report our findings in accordance with the Terms of Reference for this assurance engagement.

As required by the Terms of Reference for this assignment issued by DG ECHO, this ex-ante assessment was carried out in accordance with the International Standard for Assurance Engagements 3000 – Assurance Engagements other than Audits or Reviews of Historical Financial Information (Revised) issued by the International Assurance and Auditing Standards Board (IAASB).

We comply with the quality control requirements of International Standard on Quality Control (ISQC 1) issued by the IAASB and the independence and other ethical requirements of the Code issued by the Independent Ethical Standards Board for Accountants.

Scope of work

The scope of our engagement includes a review and assessment for each Block of the systems put in place and controls, rules and procedures applied by the Organisation.

Depending on the requirements for the Block concerned, our assessment has covered the design or the design and operating effectiveness of the relevant systems, controls, rules and procedures.

Our assessment involved comparing factual information and data relating to systems, controls, rules and procedures against the questions, criteria and guidance defined by the DG ECHO, as set out in the Annexes of our detailed report. The latter were taken into account for the purpose of determining what is a material weakness or deficiency in systems, controls, rules and procedures.

We have primarily looked into the systems, controls, rules and procedures which are in place for the Organisation’s regular operations. The conclusions and scoring of this assessment do not relate to specific actions, projects, contracts or agreements, neither present nor future.

Because of their inherent limitations, internal control and other systems, controls, rules and procedures may not necessarily prevent or detect errors. In addition, projections of this historic assessment of the design and effectiveness of systems, controls, rules and procedures to future periods are subject to the risk that these systems, controls, rules and procedures may become inadequate because of changes in conditions, or that the degree of compliance with rules and procedures may deteriorate.

We have taken into account all the available evidence presented to us during our fieldwork which we finalised on [date of closing meeting], including the subsequent comments and information of the Organisation up to the date of this report.

We believe that the evidence we have obtained is sufficient and appropriate to provide a basis for our conclusions and scoring.

 

CONCLUSION FOR BLOCK 1 – MINIMUM REQUIREMENTS

The scope of our engagement includes an assessment as to whether the Organisation is eligible to become a FPA Partner of DG ECHO, i.e. the Organisation:

  1. is an EU NGO entitled to receive EU funding, in accordance with Regulation 1257/96 and with the specific conditions determined by DG ECHO;
  2. is transparent and accountable when delivering aid.

Our work was designed to concentrate on the minimum requirements components and controls, which DG ECHO considers fundamental and which are detailed in the 17 questions of Block 1 – Minimum requirements as set out in Annex 3 Assessment Questionnaire.

Conclusion

<wording to be used for a positive conclusion; remove this part if not applicable>

Based on the procedures performed and the evidence obtained whereby the Organisation obtained a positive reply for the 17 questions assessed under Block 1 (and subject to the recommendations we have made in Section III of this report), we have obtained reasonable assurance that the minimum requirements set by the Commission under Block 1 are fulfilled.

On this criterion, in our opinion the Organisation has demonstrated that it is meets the minimum requirements to enter into a Framework Partnership Agreement with DG ECHO.

<wording to be used for an adverse conclusion; remove this part if not applicable>

We refer to our findings as set out in Section III of our detailed report which sets out the fundamental area(s) where the Organisation obtained one or several negative replies for the 17 questions assessed under Block 1. On this basis we have obtained limited/no[17]* assurance that it fulfils the minimum requirements set by the Commission under Block 1.  The Organisation has not been able to demonstrate that it fulfils the minimum requirements set by the Commission under Block 1.

In our opinion, the Organisation has not demonstrated that it meets the minimum requirements to enter into a Framework Partnership Agreement with DG ECHO.

CONCLUSION FOR BLOCK 2 – ADDITIONAL SUITABILITY REQUIREMENTS

The scope of our engagement includes an assessment as to whether the Organisation is suitable to become a FPA Partner of DG ECHO, i.e. the Organisation:

  1. ensures that it complies with the humanitarian principles, observes the highest ethical standards and deploys adequate and effective means to address irregularities, fraud, corruption and misconduct of any sort;
  2. has a suitable operational capacity to design, implement and monitor EU-funded projects so as to meet relevant humanitarian needs by delivering aid in difficult circumstances;
  • ensures compliance with rules, regulations, standards and contractual obligations for the areas specified by DG ECHO; and
  1. has a sound internal control system based on international best practices and in line with the criteria set by DG ECHO.

Our work was designed to concentrate on the additional suitability requirements components and controls, which DG ECHO considers essential and which are detailed in the 13 questions of Block 2 – Additional suitability requirements, as set out in Annex 3 Assessment Questionnaire.

Conclusion

<wording to be used for a positive conclusion; remove this part if not applicable>

Based on the procedures performed and the evidence obtained whereby the Organisation secured an overall score equal or greater than 6/10 and no individual score under 4/10 for Block 2, (and subject to the recommendations we have made in Section III of this report), we have obtained reasonable assurance that the controls and procedures, as described under Block 2, will enable the Organisation to fulfil the additional suitability requirements, set by the Commission under that Block, in all material respects if applied in practice.

On this criterion, in our opinion the Organisation has demonstrated that it is suitable to enter into a Framework Partnership Agreement with DG ECHO.

<wording to be used for a positive conclusion for Programmatic Partnerships; remove this part if not applicable>

Based on the procedures performed and the evidence obtained whereby the Organisation secured an overall score equal or greater than 7/10 and no individual score under 4/10 for Block 2, (and subject to the recommendations we have made in Section III of this report), we have obtained reasonable assurance that the controls and procedures, as described under Block 2, will enable the Organisation to fulfil the additional suitability requirements, set by the Commission under that Block, in all material respects if applied in practice.

On this criterion, in our opinion the Organisation has demonstrated that it is suitable to be considered for entry into a Framework Partnership Agreement with DG ECHO as a Programmatic Partner.

<wording to be used for a qualified conclusion; remove this part if not applicable>

We refer to our findings as set out in Section III of our detailed report which sets out the weaknesses identified for the question(s) where the score obtained is between 4/10 and 6/10, with no question obtaining a score below 4/10, as well as to the overall score for Block 2 which is greater than 5/10 but below 6/10. We also refer to the Action Plan as agreed between the Auditor and the Organisation to address those weaknesses, as set out in section 3 of the Executive Summary of this report. Taken individually and collectively, the replies to these questions do not lead to non-compliance, i.e. to a negative reply to the question. We have, therefore, obtained reasonable assurance that the controls and procedures will enable the Organisation to fulfil most of the additional suitability requirements, set by the Commission under Block 2, in all material respects if applied in practice.

On this criterion, in our opinion the Organisation has demonstrated that it is suitable to enter into a provisional Framework Partnership Agreement with DG ECHO.

<wording to be used for an adverse conclusion; remove this part if not applicable>

We refer to our findings as set out in section III of our detailed report which sets out the material or serious weaknesses and deficiencies identified for the question(s) where the average score obtained for Block 2 is below 5/10 or the average score obtained is equal or greater than 5/10 but one or several question’s score is below 4/10.

On this basis, we have obtained limited/ no[18] assurance in this regard.

In our opinion, the Organisation has not demonstrated its suitability to enter into a Framework Partnership Agreement with DG ECHO.

Distribution and Use

The Organisation has requested this report for the information and use of the Organisation and DG ECHO. While the report is primarily intended to be used for the purpose of assessing the capacity of the Organisation to enter into a Framework Partnership Agreement with DG ECHO, the Organisation and DG ECHO may agree to share the report with other donors, it being understood that the Auditors did not have any duty of care towards those donors when assessing the Organisation.

 

Auditors’ signature <person or firm or both, as appropriate>.

Name of Auditor signing <person or firm or both, as appropriate>.

Auditor’s address <office having responsibility for the assessment>.

Date of signature <not be used for draft reports. The date when the final report is signed.>

  1. EXECUTIVE SUMMARY

1. SCORING AND OUTCOME

We provide below an overview of the individual scoring and for each of the questions of the two Blocks, as well as the outcome of our assessment.

OVERALL RATING[19]
BLOCK 1 – MINIMUM REQUIREMENTS:  YES / NO <delete as appropriate>
BLOCK 2 – ADDITIONAL SUITABILITY REQUIREMENTS: …/10
OUTCOME OF THE ASSESSMENT
<tick applicable outcome in accordance with rules set in Section «Outcome of the Assessment» in Annex 2>

¨ A. ACCEPTABLE as an FPA Partner / for consideration for Programmatic Partnership after a further dedicated procedure<delete as appropriate>

¨ B. ACCEPTABLE as a provisional Partner with an Action Plan

¨ C. INELIGIBLE / REJECTED

BLOCK 1 – MINIMUM REQUIREMENTS YES / NO
<List only the questions that got NO as a reply, if applicable>  
BLOCK 2 – ADDITIONAL SUITABILITY REQUIREMENTS .. / 10
PRINCIPLES  
18 Ethics .. / 10
19 Anti-fraud and anti-corruption .. / 10
20 Safeguarding .. / 10
OPERATIONAL CAPACITY  
21 Planning, staffing and safety .. / 10
22 Project design .. / 10
23 Project management .. / 10
COMPLIANCE WITH RULES, REGULATIONS, OBLIGATIONS AND STANDARDS  
24 Humanitarian .. / 10
25 Operational .. / 10
26 Protection of personal data .. / 10
INTERNAL CONTROL  
27 Governance, risk management and oversight .. / 10
28 Human Resources .. / 10
29 Budgeting, accounting and reporting .. / 10
30 Audit trail and document management .. / 10
   

2. SUMMARY OF FINDINGS AND RECOMMENDATIONS

<to be included only for B. ACCEPTABLE as a provisional Partner with an Action Plan>

We have concluded that, since the Block 2 score is equal to or greater than 5/10 but below 6/10, the Organisation does not adequately fulfil the additional suitability requirements for the question(s) [specify  question(s)] which obtained a score that is equal or greater than 4/10 but below 6/10.

We have found weaknesses in ……. <briefly describe the main weaknesses for the Question(s) concerned in accordance with the findings in Section III>.

We have made a number of important recommendations to remedy these weaknesses <briefly describe the recommendations for the question(s) concerned in accordance with the recommendations in Section III>.

For this purpose, we propose an Action Plan including a timetable to address and remedy the weaknesses. This Action Plan including the timetable for implementing our proposed measures has been discussed and agreed with the Organisation <The Action Plan should, to the extent possible, be agreed with the Organisation prior to the issuing of the Auditor’s final report. If this is not possible, the reasons should be clearly explained>.

Therefore, based on the conclusion and scores obtained, the Organisation can apply to sign a provisional FPA, while committing to implement the recommendations included in the Action Plan below in a timely manner so as to enable DG ECHO to make an informed decision on the possible award of a regular FPA at the latest within a year of the signature of the provisional FPA[20]. The decision to award a provisional FPA lies with DG ECHO.

The implementation of the Action Plan to address the recommendations should be assessed by an independent auditor through a follow-up engagement carried out under ISAE 3000. The follow-up will:

  1. re-assess the question(s) the Action Plan relates to (i.e. those with a score equal or greater than 4/10 and below 6/10);
  2. attribute a new score to each question concerned; and
  • recalculate the average score of Block 2 – Additional suitability requirements.

The provisional partner may apply for a regular FPA if the new score for Block 2 is equal or greater than 6/10 and no individual question has a score lower than 4/10. The engagement should be carried out in timely manner enabling the submission of the resulting report to DG ECHO at least two months before the end of the provisional FPA. The resulting report will serve as a basis for the Organisation to apply for a regular FPA. The decision to award a regular FPA lies with DG ECHO.

3. ACTION PLAN

The table below presents the findings, recommendation and Action Plan.

ACTION PLAN
 Question no and title (only for those with a score between 4/10 and 6/10)
No° Description of the finding / recommendation
1 Finding: <short description of the finding >
Recommendation: <short description of the recommendation>
Comment from Organisation
Action Plan: <The action plan should clearly set out which proposed measures will be implemented and how they will be implemented as well as a clear and realistic timetable.>

Agreed date of implementation:

Etc.

Note: The number and description of the finding / recommendation must correspond with the detailed finding / recommendation in Section III – subsection 2.3 below.

III. FINDINGS AND RECOMMENDATIONS

1. MINIMUM REQUIREMENTS

1.1. Summary of any additional work performed and criteria used for the assessment

<Provide a summary description of any additional work to the Assessment Questionnaire in Annex 3 i.e. procedures and test performed for the assessment of the Minimum requirements Block. Briefly describe the criteria used for this additional work>

  • Findings and Recommendations

Our detailed findings and recommendations for the questions which we replied «No» to are set out below.

<The use of the table format below is compulsory and it must be respected at all times>

 

Question n°: [number] Title: [the exact title from Block 1]
Finding / Rec. n°: [number] Title: [short description of the finding and recommendation]
Description of the finding:

[describe in detail the finding covering facts, criteria, cause and impact]

Description of the recommendation:

[describe in detail the recommendation]

Comments from the Organisation:

[state whether the Organisation agrees or disagrees with the finding / recommendation and describe the Organisation comments]

Further comments of the Auditor:

[complete only if the Organisation does not agree with the finding / recommendation of the Auditor but the Auditor still believes that the finding / recommendation is valid. In that case the Auditor should rebut here the comments of the Organisation and justify why the finding is still made]

2. ADDITIONAL SUITABILITY REQUIREMENTS

2.1. Summary of any additional work performed and criteria used for the Assessment

<Provide a summary description of any additional the work to the Assessment Questionnaire in Annex 3 i.e. procedures and test performed for the assessment of the Additional suitability requirements Block. Briefly describe the criteria used for this additional work. >

2.2.  Findings and Recommendations for questions which have obtained a score equal to or greater than 6/10.

Our detailed findings and recommendations are set out below.

<The use of the table format below is compulsory and it must be respected at all times>

 

Question n°: [number] Title: [the exact title from Block 2]
Finding / Rec. n°: [number] Title: [short description of the finding and recommendation]
Description of the finding:

[describe in detail the finding covering facts, criteria, cause and impact]

Description of the recommendation:

[describe in detail the recommendation]

Comments from the Organisation:

[state whether the Organisation agrees or disagrees with the finding / recommendation and describe the Organisation comments]

Further comments of the Auditor:

[complete only if the Organisation does not agree with the finding / recommendation of the Auditor but the Auditor still believes that the finding / recommendation is valid. In that case the Auditor should rebut here the comments of the Organisation and justify why the finding is still made]

2.3. Findings and Recommendations for questions which have obtained a score equal to or greater than 4/10 but below 6/10.

Our detailed findings and recommendations are set out below.

<The use of the table format below is compulsory and it must be respected at all times>

 

Question n°: [number] Title: [the exact title from Block 2]
Finding / Rec. n°: [number] Title: [short description of the finding and recommendation]
Description of the finding:

[describe in detail the finding covering facts, criteria, cause and impact]

Description of the recommendation:

[describe in detail the recommendation]

Comments from the Organisation:

[state whether the Organisation agrees or disagrees with the finding / recommendation and describe Organisation comments]

Further comments of the Auditor:

[complete only if the Organisation does not agree with the finding / recommendation of the Auditor but the Auditor still believes that the finding / recommendation is valid. In that case the Auditor should rebut here the comments of the Organisation and justify why the finding is still made]

2.4. Findings and Recommendations for questions that have obtained a score below 4/10.

Our detailed findings and recommendations are set out below.

<The use of the table format below is compulsory and it must be respected at all times>

 

 Question n°: [number]  

Title: [short description of the finding and recommendation

Finding / Rec. n°: [number] Title: [short description of the finding and recommendation]
Description of the finding:

[describe in detail the finding covering facts, criteria, cause and impact]

Description of the recommendation:

[describe in detail the recommendation]

Comments from the Organisation:

[state whether the Organisation agrees or disagrees with the finding / recommendation and describe the Organisation comments]

Further comments of the Auditor:

[complete only if the Organisation does not agree with the finding / recommendation of the Auditor but the Auditor still believes that the finding / recommendation is valid. In that case the Auditor should rebut here the comments of the Organisation and justify why the finding is still made]

IV ANNEXES

 Annex 1          Engagement Context – Key Information

Annex 2          Overview of Scores and Replies

Annex 3          Assessment Questionnaire

Annex 4A       Specific description – Accountability

Annex 4B       Specific description – Accountability

Annex 5          Approach and Criteria

 

Annex 1 Engagement Context – Key Information

 

ORGANISATION SUBJECT TO ASSESSMENT <state the full name of the Organisation subject to assessment>

 

1. Description of the Organisation subject to assessment

<Provide a description of the Organisation. Suggested maximum 2 pages.

Main features and characteristics of the Organisation, organisational structure, nature of activities and operations etc.>

 

2. Persons contacted or involved in the Assessment

The Auditor – [name of the audit firm]
[Name 1] [indicate position / title of the person in the audit firm who has ultimate responsibility for the engagement and its performance, and for the report that is issued on behalf of the firm, e.g. Partner, Director or equivalent]
[Name 2  optional] [optional (if not in conflict with the practices and HR policies of the Audit Firm). Indicate position / title in the audit firm of the person in the audit firm who has been managing the assessment,.e.g. Senior Manager]

 

The Organisation subject to assessment – [name of the Organisation]
 

CONTACT DETAILS
Organisation : [full name of the organisation subject to assessment]
Address Country
Phone Fax
Website
Key contact 
Name Function <indicate executive function  e.g. Director, General Manager, Head of Finance and Accounting>
E-Mail Phone/Fax
[Name 1] [indicate position / title in the Organisation, e.g. Director, Finance Manager, Accountant, Programme Manager]
[Name 2 etc] [as 1]

 

<Indicate name of any other external organisation or person contacted or involved in the assessment such as the Organisation’s statutory auditors or Technical Assistants. Remove this table if not applicable>
[Name 1] [indicate position / title in the Organisation]
[Name 2 etc] [as 1]

ANNEX 2                   Overview of Scores and Replies

BLOCK 1 – MINIMUM REQUIREMENTS Score * Yes / No
LEGAL STATUS  
  1 – NGO status Yes / No
  2 – Headquarters Yes / No
  3 – Autonomy Yes / No
  4 – Non-exclusion Yes / No
PRINCIPLES  
  5 – Humanitarian purpose Yes / No
  6 – Humanitarian principles Yes / No
  7 – Humanitarian Aid Experience Yes / No
FINANCIAL STATUS  
  8 – Certified accounts Yes / No
  9 – Liquidity ratio Yes / No
  10 – Unrestricted net equity Yes / No
  11 – Operating income Yes / No
SYSTEMS  
  12 – Segregation of duties Yes / No
  13 – Accounting system Yes / No
  14 – Procurement procedures Yes / No
ACCOUNTABILITY  
  15 – Ensuring quality of proposals Yes / No
  16 – Monitoring and oversight arrangements Yes / No
  17 – Reliability of reporting Yes / No
   
* SCORE: The overall reply to the Minimum requirements block is Yes only if ALL the replies to the questions are Yes.

 

BLOCK 2 – ADDITIONAL SUITABILITY REQUIREMENTS SCORE ⃰ (…/10)
 PRINCIPLES  
  18 – Ethics .. / 10
  19 – Anti-fraud and anti-corruption .. / 10
  20 – Safeguarding .. / 10
OPERATIONAL CAPACITY  
  21 – Planning, staffing and safety .. / 10
  22 – Project design .. / 10
  23 – Project management .. / 10
COMPLIANCE with rules, regulations, obligations and standards  
  24 – Humanitarian .. / 10
  25 – Operational .. / 10
  26 – Protection of personal data .. / 10
INTERNAL CONTROL  
  27 – Governance, risk management and oversight .. / 10
  28 – Human resources .. / 10
  29 – Budgeting, accounting, and reporting .. / 10
  30 – Audit trail and document management .. / 10
   
* SCORE is the mathematical average of the scores of all questions.
 
OVERALL RATING[21]
BLOCK 1 – MINIMUM REQUIREMENTS:  YES / NO
BLOCK 2 – ADDITIONAL SUITABILITY REQUIREMENTS: …/10
OUTCOME OF THE ASSESSMENT[22]
A. ACCEPTABLE as an FPA Partner / for consideration for Programmatic Partnership after a further dedicated procedure

B. ACCEPTABLE as a provisional Partner with an Action Plan

C. INELIGIBLE / REJECTED

ANNEX 3                  ASSESSMENT QUESTIONNAIRE

 


PURPOSE AND USE OF THIS DOCUMENT
This annex is a support tool for the Auditor to design, plan and perform the assessment procedures and to take into account the criteria which DG ECHO deems fundamental or essential for the Organisation subject to assessment to comply with. Questions must only be completed by the Auditor based on his/her professional judgment and the assessment procedures and tests performed. The replies for Block 1 can only be Yes or No. The replies for Block 2 can be Yes (Y), No (N), Partially (P) or Not applicable (N/A). The use of N/A should be duly justified by the Auditor in all cases and should remain exceptional, except for Niche Organisations where it is more likely to occur.

The completed questionnaire is an essential source of assessment information and evidence for the Auditor. However, it is by no means the only source for the Auditor to plan and perform appropriate procedures and to draw conclusions. All information provided by the Organisation is indicative and provisional and subject to such procedures the Auditor deems necessary. The Auditor must not rely on information until s/he has ensured through appropriate procedures that information is sufficiently accurate and complete for the purpose of the assessment and to arrive at informed conclusions for each question.

The Auditor may also add additional criteria if s/he considers that this is necessary to arrive at an informed conclusion for each question.

Use of the column ‘Auditor comments’: The Auditor may adapt the width and/or length of this column to enter information and comments. Alternatively, the Auditor may use attachments (e.g. long narratives and/or documents obtained from the Organisation) which can be referred to.

The Auditor remains fully responsible at all times to design, plan and perform the assessment procedures s/he deems necessary to arrive at a conclusion for each section which is subject to the assessment. The Auditor must take into account the specific engagement circumstances and apply professional judgment throughout the assessment process.

 

  BLOCK 1 – MINIMUM REQUIREMENTS Criteria/Guidance Auditors’ comments SCORE

Yes/No

 
  LEGAL STATUS  
1 NGO status

Is the Organisation registered as a non-profit Organisation in a Member State of the European Union under the laws in force in that Member State, or in an EFTA State member of the European Economic Area?

Article 7(1)(a) of the Humanitarian Aid Regulation.   Yes/No  
2 Headquarters

Does the Organisation have its main headquarters (being the effective decision-making centre for all humanitarian aid operations that might be financed by the Commission) in a Member State of the European Union, in an EFTA State member of the European Economic Area, or in a third country in receipt of European Union humanitarian aid, or, exceptionally, in a third donor country?

Article 7(1)(a) of the Humanitarian Aid Regulation.   Yes/No  
3 Autonomy

Is the Organisation autonomous in its decision-making, i.e. does it have the final say in all areas?

Article 7(1)(a) of the Humanitarian Aid Regulation.   Yes/No  
4 Non-exclusion

Can the Organisation confirm that it is not in one of the situations referred to in Article 136(1) and 141(1) of the Financial Regulation?

Organisations which are in one or more of the situations listed  in the afore-mentioned articles are excluded from EU financing.

To be noted: under Article 137(1) of the Financial Regulation, there is also a need to confirm that the natural or legal persons that are members of the administrative, management or supervisory body of the Organisation are not in one of the exclusion situations referred to in points (c) to (h) of Article 136(1) of that Regulation.

  Yes/No  
  HUMANITARIAN PRINCIPLES  
5 Humanitarian purpose

Is the humanitarian purpose of the Organisation clearly spelled out in its statutory document?

Preamble to Article 7 of the Humanitarian Aid Regulation.   Yes/No  
6 Humanitarian principles

Are the principles of humanity, neutrality, impartiality and independence clearly reflected in the mission statement or the internal documentation (such as the Code of Conduct) of the Organisation?

Preamble to Article 7 of the Humanitarian Aid Regulation.

 

For a definition of the Humanitarian Principles, see the European Consensus on Humanitarian Aid.

 

Guidance: The Code of Conduct for the International Red Cross and Red Crescent Movement and NGOs in Disaster Relief is one of the most widely known and internationally recognised document laying down the fundamental humanitarian principles in disaster relief. The International Federation keeps a public record of all the humanitarian organisations which are signatories of the code.

 

  Yes/No  
7 Humanitarian Aid Experience

Has the Organisation implemented at least one humanitarian project of a minimum amount of EUR 200 000 during each of the past three years?

Note: The threshold of EUR 200 000 does not apply to Niche Organisation.

 

Article 7(2)(a), (2)(b) and (2)(c) of the Humanitarian Aid Regulation and Article 198(3) of the Financial Regulation.

 

Humanitarian aid operations are understood to be any operations falling under Articles 1 to 4 of the Humanitarian Aid Regulation. The Organisation must prove sufficient experience and capacity in the implementation of humanitarian aid. Such experience is deemed to exist when the condition set out above is met. Implementing humanitarian aid projects of a minimum size constitutes also relevant indicators of the administrative and financial management as well as the technical and logistical capacity of the Organisation.

 

By “implemented”, it is meant: one new contract entered into in each of the last 3 years. Please note that one contract spanning multiple years does not fulfil this criteria.

The Organisation may have participated in a project as implementing partner provided it has covered a share of the action that represented at least EUR 200 000.

 

  Yes/No  
  Financial status  
8 Certified audited financial statements

Were the financial statements for the past two consecutive years, audited by an independent external auditor, with a satisfactory audit opinion?

Article 196(1)(d), fourth paragraph, of the Financial Regulation.

 

The accounts exist covering the last two years; if so, they have been audited by independent auditors.

  Yes/No  
9 Liquidity ratio

Is the liquidity ratio of the Organisation higher than 0.85 for the last two accounting periods?

Articles 130(6) and 198(2) of the Financial Regulation.

 

The Organisation must be capable of covering its short-term commitments, i.e. paying its charges when they are due. The required ratio is fixed at 0,85 for the purpose of the present assessment.

 

Note: The liquidity ratio is the division between current assets (including receivable grants) and short-term liabilities plus restricted funds.

Liquidity ratio:

Y1: …%

Y2: …%

Yes/No  
10 Unrestricted net equity

Is the unrestricted net equity of the Organisation positive for the last two accounting periods?

Note: Please provide the financial independence ratio, which is the division between Unrestricted funds and total liabilities.

Articles 130(6) and 198(2) of the Financial Regulation.

The unrestricted net equity refers to own and permanent resources that the Organisation can use without restriction, e.g., legal reserves, voluntary reserves, and under certain conditions: endowment funds, bequests and operating grants.

The unrestricted net equity can provide protection for business continuity and allow the Organisation to adjust to changes in its financial position.

The unrestricted net equity must not include i) restricted funds for projects; ii) grants from government, public bodies and other organisations that are for a specific purpose;  iii) provisions; iv) funds that are restricted as to usage by donor instructions or permanent capital (endowment); or v) funds representing gifts and bequests that are given for a specific (i.e. restricted) purpose.

 

 

Financial independence ratio: Y1: …%

Y2: …%

Yes/No  
11 Operating income

Does the operating income of the Organisation exceed EUR 2 million for each of the last two accounting periods?

Note: Niche NGO: EUR 50 000.

 

Articles 130(6) and 198(2) of the Financial Regulation.

The operating income includes resources (restricted + unrestricted) coming from the normal activity of the Organisation, such as sales, services, grants, donations, contributions, write-backs of depreciation, as well as reports of unused projects resources from previous years. Financial incomes (e.g. financial incomes provided by investments, bank interest, discounts obtained, and exchange rate gains) and exceptional incomes (e.g. incomes primarily related to fixed assets sales) should be excluded.

  Yes/No  
  SYSTEMS  
12 Segregation of duties

Does the Organisation ensure segregation of duties between departments and/or tasks related to Finance Management, Human Resources, Project Management (operational) and Procurement?

Article 7(2)(a) of the Humanitarian Aid Regulation.

The administrative and financial management capacities of the Organisation constitute relevant and material considerations for the award of an FPA. Segregation of duties, in the context of the overall internal control system of the Organisation constitutes a fundamental requirement in relation to such capacities.

 

Principle 10 of Effective Internal Control – COSO Framework.

The Organisation selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels. When putting in place control measures, the Organisation management considers whether duties are correctly divided between staff members to reduce risks of error and inappropriate or fraudulent actions.

  Yes/No  
13 Accounting system

Does the Organisation have a double-entry accrual accounting method at HQ level?

Article 7(2)(a) of the Humanitarian Aid Regulation.

The administrative and financial management capacities of the Organisation constitute relevant and material considerations for the award of an FPA. A double-entry accounting system constitutes a fundamental requirement in relation to such capacities

 

A double-entry accounting system is a set of rules for recording financial information in a financial accounting system in which every transaction or event changes at least two different nominal ledger accounts.

  Yes/No  
14 Procurement procedures

Does your Organisation have procurement procedures that ensure the application of the principle of ‘best value for money’, or, as appropriate, to the tender offering the lowest price while avoiding any conflict of interest?

Article 7(2)(a) of the Humanitarian Aid Regulation and Article 205 of the Financial Regulation.

 

The Organisation may award public contracts under the Union-funded action in accordance with its usual purchasing practices provided that the contract is awarded to the tender offering best value for money or, as appropriate, to the tender offering the lowest price, while avoiding any conflict of interest.

  Yes/No  
  ACCOUNTABILITY

The following information must be gathered and checked to the extent possible by the auditors:

–        If the Organisation belongs to a family, network or (con-)federation of NGOs, the auditors should fill in Annex 4A of the report.

–        If the funds are systematically implemented by one or several organisations, other than those referred to under Annex 4A (such as, in particular, organisations established in the country of intervention or another developing country), the auditors should fill in Annex 4B of the report.

–        If both situations apply, the auditors should fill both annexes.

 
  No FPA may be awarded to an Organisation that would not perform the core operational tasks related to EU-funded humanitarian aid Actions. Therefore, any Organisation, including those belonging to networks or (con-)federations of international non-governmental Organisations, which would transfer the implementation of more than EUR 60 000 (per Implementing Partner), should be able to demonstrate in an objective manner that it is effectively in charge of the management and oversight of EU-funded humanitarian aid operations throughout the project-life cycle thereof (ensuring quality of proposals, monitoring and oversight arrangements and reliability of reporting) and that, in the absence of financial transfers exceeding EUR 60 000 per Implementing Partner, it would be impossible or overly difficult to achieve the objectives of the humanitarian aid Action concerned (Article 204 of the Financial Regulation).  
  The auditors have to assess the actual role of the Organisation when the actions are implemented by one or several other organisations. Such role would at least imply that the organisation fulfils the tasks and functions laid down in this section, in a fully autonomous manner.  
15 Ensuring quality of proposals

Can the Organisation guarantee the quality of all proposals to be submitted to the Commission in light of the underlying needs assessment, the humanitarian objectives pursued and all relevant legal and policy requirements and operational priorities, as defined by the Commission in the humanitarian aid field?

Article 7(2)(a), (2)(b) and (2)(c) of the Humanitarian Aid Regulation and Articles 130(6) and 198(3) of the Financial Regulation.

Such a guarantee implies that the Organisation is either directly in charge of the preparation of the proposals or can avail itself, in case it would rely on preliminary work undertaken by other entities (such as Implementing Partners), of in-house expertise and resources enabling it to review critically the substance of any such work, in particular where this preliminary work would take the form of a draft proposal.

  Yes/No  
16 Monitoring and oversight arrangements

Can the Organisation guarantee an effective monitoring and oversight of the adequate and timely implementation of EU-funded humanitarian aid Actions?

 

Article 7(2)(a), (2)(b) and (2)(c) of the Humanitarian Aid Regulation and Articles 130(6) and 198(3) of the Financial Regulation.

 

Effective monitoring and oversight implies regular interactions (teleconferences, video teleconferences, field visits and equivalent) between the Organisation and those staff members and/or entities tasked with the practical implementation of the Actions in the field. The frequency of such interactions should be appropriate in light of the length, complexity, scale and difficulties of the operating environment.

 

Those interactions should: i) be properly documented and shared within the Organisation to all those who may be concerned; and ii) cover all relevant aspects of the implementation of the Actions concerned: staff management, procurement, financial management, quality control, distribution and provision of services to final beneficiaries, etc.

 

  Yes/No  
17 Reliability of reporting

Can the Organisation guarantee the reliability of interim and final reports?

Article 7(2)(a), (2)(b) and (2)(c) of the Humanitarian Aid Regulation and Articles 130(6) and 198(3) of the Financial Regulation.

 

The Organisation is either directly in charge of the preparation of those reports or can avail itself, in case it would rely on preliminary work undertaken by other entities (such as Implementing Partners), of in-house expertise and resources enabling a  review of contents, and quality of any such work as well as the legality and regularity of the expenditure claimed.

  Yes/No  
           

 

  BLOCK 2 – PRINCIPLES
18 Ethics

Does the Organisation commit to observe the highest ethical standards while ensuring ethical and fair working conditions to its employees, volunteers or salaried?

… / 10  
  Criteria

 Article 7(2)(a), (2)(b), (2)(f) and (2)(g) of the Humanitarian Aid Regulation and Articles 130(6) and 198(3) of the Financial Regulation.

 

Y-N-P-N/A  
D –        The Organisation has a written Code of Conduct (CoC) or equivalent containing provisions promoting ethical behaviour, applicable to Board, management and staff. The CoC clearly: i) identifies the types of prohibited conduct and clearly states that staff must refrain from any acts of misconduct (generic examples of what constitute acceptable and unacceptable behaviour could be included); ii) states the consequences of engaging in conduct that breaches this policy; and iii) includes a statement of receipt and an understanding section that staff are requested to sign and date.    
D –        The Organisation’s internal documents (staff members’ contracts, Code of Conduct, procurement procedures, staff policy, etc.) contain provisions or procedures that ensure equal treatment and non-discrimination on the basis of race, gender, age, religion, sexuality, culture or disability.    
D –        Guidance material, training and other systems are in place to make sure staff understand and adopt ethical working practices.    
D –        The Organisation includes provisions in its procurement, sub-granting policies and contracts to ensure that its tenderers, implementing partners and contractors observe and uphold integrity rules and ethical standards, such as: i) avoidance of child labour; ii) respect of basic social rights and working conditions based on international labour standards and iii) respect of applicable law relating to anti-money laundering and combatting terrorism financing, in the execution of their contracts.    
D –        Procedures and controls are in place to prevent, detect and respond to possible conflicts of interest at Board and management level.    
D –        Appropriate/ proportionate procedures (e.g. disciplinary sanctions, financial and personal liability) are in place for Board, management and staff who do not comply with integrity rules and ethical values.    
E –        The Organisation provides fair working conditions to its staff, volunteers and salaried. It has developed corporate policies for staff, covering areas such as medical care, insurance and other benefits. Programme plans include written assessment of security, travel and health risks specific to the country or region. The assessments are reviewed at appropriate intervals and communicated to staff as needed.    
  Auditor’s brief rationale for scoring and other relevant comments

 

 
 

 

  BLOCK 2 – PRINCIPLES
19 Anti-fraud and anti-corruption

Does the Organisation deploy adequate means to prevent, detect, respond and report on irregularities, fraud, and corruption allegations and established cases?

… / 10  
  Criteria

Article 7(2)(a) of the Humanitarian Aid Regulation.

Y-N-P-N/A

 

 
D –        The Organisation has an anti-fraud and anti-corruption policy, which is in line with best practices, communicated to Board, management and staff.    
E –        Staff at HQ and field have been trained on the prevention, detection, response to and reporting on irregularities, fraud and corruption.    
E –        The Organisation identifies key staff involved in recruitment or in sensitive posts with risk of collusion (e.g. bank/cash management, procurement and purchase functions).    
E –        It ensures that they are not in situation of conflict of interest and puts mitigating measures in place (e.g. rotation of functions, segregation of duties, additional controls).    
D –        The Organisation has a complete and reliable register of irregularities, fraud and corruption allegations and established cases. The register is followed-up by trained staff. Confidentiality and integrity of data are ensured.    
D –        The Organisation has a whistle blowing reporting line(s) whereby staff can report suspicions of misconduct, SEA, fraud or corruption, or any other ethical breach in a confidential and protected way.    
E –        The Organisation has the capacity to investigate irregularities, fraud and corruption issues in an independent and confidential way, while protecting both the alleged victim and the alleged perpetrator.    
E –        Investigation conclusions and recommendations are followed-up in a timely manner.    
E –        A regular and reliable consolidated reporting on irregularities, fraud and corruption issues is provided to the Board of the Organisation or the appropriate authority if the Board is compromised.    
  Auditor’s brief rationale for scoring and other relevant comments  
 

 

  BLOCK 2 – PRINCIPLES
20 Safeguarding

Does the Organisation has a zero tolerance policy for misconduct and unethical behavior and is committed to prevent, detect, respond and report on any such cases?

… / 10  
  Criteria

Article 7(2)(a), (2)(f) and (2)(g) of the Humanitarian Aid Regulation and Articles 130(6) and 198(3) of the Financial Regulation.

Y-N-P-N/A  
D –        The Organisation has a child protection policy and a safeguarding policy in line with best practices (the Inter-Agency Standing Committee’s Six Core Principles Relating to Sexual Exploitation and Abuse[23] or equivalent standards).    
D –        The policy clearly states that it has zero tolerance for sexual exploitation, abuse and harassment as well as any type of unethical behaviour such as discrimination, forced and child labour, modern slavery, exploitative practices towards staff, partners, contractors or beneficiaries, illegal employment and intentional environmental damage.    
D –        The Organisation ensures that its activities respect the environment of the local community it works with. Throughout its activities, it ensures that it respects and protects the environment it is working in, both at HQ and in the field. It is committed:  i) to respect high environmental standards in its procurement and waste management, and ii)  to alert in case of imminent risk of damage to the environment of the local community or its own.    
D –        The Organisation has developed procedures and aligned itself with a generally-accepted set of principles for environmental safeguarding (e.g. the EU’s Green Public Procurement (GPP) principles).    
E –        There is a training programme on safeguarding issues and evidence that (a) board, management and staff have undergone training and (b) that the programme is designed to provide continuous training on an ongoing basis, both at HQ and in the field.    
E –        The Organisation regularly assesses safeguarding risk in the countries and regions where it operates, including identifying key staff involved in sensitive posts with risk related to safeguarding and child protection. It has put in place mitigating measures to address the risks identified (e.g. rotation of functions, reinforced controls, continuous training of personnel in safeguarding issues).    
D –        The Organisation has appropriate and proportionate procedures and controls in place, both at HQ and field, to prevent, report, detect, respond to and report on safeguarding issues and allegations.    
D –        The Organisation has a whistle blowing reporting line(s) whereby staff can report suspicions of misconduct, fraud or corruption, or any other ethical breach in a confidential and protected way.    
D –        The Organisation has a complete and reliable register of safeguarding allegations and established cases.    
E –        The Organisation has the capacity to investigate safeguarding issues in an independent and confidential way, while protecting both the alleged victim and the alleged perpetrator. If not, there are appropriate measures in place to follow-up on allegations.    
E –        Investigation conclusions and recommendations are followed-up in a timely manner.    
E –        There a regular and reliable consolidated reporting on safeguarding issues to the Board of the Organisation or the appropriate authority if the Board is compromised.    
  Auditor’s brief rationale for scoring and other relevant comments  
 

 

  BLOCK 2 – OPERATIONAL CAPACITY  
21 Planning, staffing and safety

Does the Organisation adequately plan the achievement of its objectives, to be carried out by the most suitable staff, while ensuring their safety on the field?

 

 

… / 10

 
  Criteria

Article 7(2)(a), (2)(b) and (2)(c) of the Humanitarian Aid Regulation and Articles 130(6) and 198(3) of the Financial Regulation.

Y-N-P-N/A
D –         The Organisation has a sound planning process, setting realistic and clear objectives which take into account the risk level of the country of operation.  
E –         It ensures that its activities are implemented by adequate staff in numbers and qualification.  
D –         It has particular security assessments and protocols (Security plans and SOPs) in place to protect staff in dangerous environments.  
D –         It has a mandatory training programme for the relevant staff on security before an international assignment.  
E –         It sets up regular security meetings and briefings for staff to inform them on all risks relevant to their role and missions on the field.  
E –         The Organisation’s obligations and individual responsibilities in relation to possible risks are clearly communicated to its staff.  
E –         Insurance is taken to cover field staff and HQ staff visiting the field for health, repatriation, etc.  
  Additional criteria for PPs  
D –         There is a written evaluation of how the strategic and/or annual plan has been implemented (e.g. in an annual activity report).  
D –         There are plans for emergency evacuation/repatriation of field staff in case of civil or military unrest. The plans cover local staff, expatriates and volunteers.  
E –         Relevant staff are regularly trained on security measures, notably by following a Hostile Environment Security Training (HEST).  
  Auditor’s brief rationale for scoring and other relevant comments

 

 
     

 

  BLOCK 2 – OPERATIONAL CAPACITY
22 Project design

Does the Organisation ensure that projects are well designed, based on a proper needs assessment?

… / 10  
  Criteria

Article 7(2)(a), (b) and (c) of the Humanitarian Aid Regulation and Articles 130(6) and 198(3) of the Financial Regulation.

Y-N-P-N/A  
E –         The Organisation adheres to the Sphere Standards. If not, other relevant quality standards are followed.    
E –         The Organisation has adopted a Project Cycle Management (PCM) and a Logical Framework Approach. PCM describes the management activities and decision- making procedures used during the life cycle of a project (including key tasks, roles and responsibilities, key documents and decision options).    
E –         The Organisation provides methodology, procedure and training on how to design projects that: i) are supportive of overarching policy objectives; ii) are relevant to an agreed strategy and to the real problems of target groups/beneficiaries; and iii) are feasible, meaning that objectives can be realistically achieved within the constraints of the operating environment and capabilities of the implementing agencies; and benefits generated by projects are likely to be sustainable.    
E –         The Organisation provides methodology, procedures and training on how to carry out a proper needs assessment. Needs assessment refers to the process of identifying the needs and determining the discrepancies between an existing situation and the wanted outcome. The appropriate tools for identifying these needs could be the involvement of local communities via the conduct of surveys and interviews, taking into account of assessments conducted by other humanitarian actors, on – site presence and collection of specific data, on-going situational analysis (rapid emergency assessments, follow up assessment, next-phase (recovery) assessment).    
E –         The Organisation considers and appropriately mitigates fraud and other risks related to the circumstances and environment in which the project will be implemented.    
  Auditor’s brief rationale for scoring and other relevant comments

 

 
   

 

  BLOCK 2 – OPERATIONAL CAPACITY
23 Project management

Does the Organisation ensure that projects are well managed through effective monitoring?

… / 10  
  Criteria Y-N-P-N/A  
E –         The Organisation has a description or a procedures manual of how it monitors its operating performance. As defined by OECD/DAC, monitoring is: “a continuing function that uses the systematic (at regular intervals) collection of data on specified indicators to inform management and the main stakeholders of an ongoing operation, of the extent of progress and achievement of results in the use of allocated funds and aid.” Regular monitoring is a key element in ensuring that the project achieves its set results.    
E –         The Organisation ensures that a proper distribution of goods/items/cash is taking place (including securing and retaining evidence of proof of delivery to final beneficiaries). It also takes measures, collects and assesses specific data derived from different target groups to ensure that the beneficiaries’ needs are being met by the distribution of such goods/items/cash.    
E –         Staff based in HQ monitor field offices regularly and effectively, i.e. issues are identified by suitably qualified staff and timely remedial action is taken to resolve them.    
E –         Field office staff monitor projects regularly and effectively, i.e. issues are identified by suitably qualified staff and timely remedial action is taken to resolve them.    
D –         Does the Organisation have a procedure to ensure proper monitoring arrangements under a Remote Management context?    
  Auditor’s brief rationale for scoring and other relevant comments

 

 

 
   

 

  BLOCK 2 – Compliance with rules, regulations, standards and obligations
24 Humanitarian

Has the Organisation put in place adequate mechanisms to ensure compliance with the principles of humanity, impartiality, neutrality and independence and, in situations of armed conflict, with International Humanitarian Law?

… / 10  
  Criteria

Preamble to, and Article 7 (2)(g) of, the Humanitarian Aid Regulation.

 

Y-N-P-N/A  
E –         The Organisation has put in place adequate mechanisms, i.e. methodology, procedures and controls, to ensure compliance with the humanitarian principles throughout its activities, both at HQ and in the field (see European Consensus on Humanitarian Aid).    
E –         The Organisation ensures compliance with IHL throughout its activities, both at HQ and in the field, where applicable.    
E –         The Organisation has put in place adequate mechanisms, i.e. methodology, procedures and controls, to ensure that its Implementing Partners comply with the humanitarian principles when implementing actions on behalf of the Organisation.    
  Additional criteria for PPs    
D Does the Organisation have a procedure to develop its acceptance strategy in the different humanitarian context where it implements its activities?    
  Auditor’s brief rationale for scoring and other relevant comments

 

 

 

 
     

 

  BLOCK 2 – Compliance with rules, regulations, standards and obligations
25 Operational

Does the Organisation ensure that specific rules and conditions, including procurement, are well known and respected?

… / 10  
  Criteria Y-N-P-N/A  
D –         The Organisation has procedures in place that ensure that specific rules and conditions are well known and respected. Such rules and conditions can relate to inter alia: the minimum requirements of expenditure, procurement rules, origin rules, specific donor rules, rules for the transfer of assets at the end of a project.    
D –         The Organisation has procedures in place that ensure that specific rules and conditions are well known and respected by its Implementing Partners. Such rules and conditions can relate to inter alia: the minimum requirements of expenditure, procurement rules, origin rules, specific donor rules, rules for the transfer of assets at the end of a project.    
E –         The Organisation has procedures in place that ensure that actual expenditure incurred and revenue received, including by its Implementing Partners, for activities and projects is in conformity with applicable rules i.e. conditions set out in contracts and agreements?    
E –         Management ensures and signs-off that cost claims sent to donors are eligible and justified by supporting documentation, including by its Implementing Partners.    
E –         The Organisation has procedures in place to be followed when management finds it necessary to override established procedures and internal controls, including documenting the circumstances and approval. It requests derogations (e.g. from normal grant conditions) as appropriate and documents them properly if and when they are granted.    
E –         The Organisation applies these rules to its own Board and staff, volunteers and salaried.    
E –         The Organisation applies these rules, including in the procurement process.    
E –         When procuring food supplies, the Organisation ensures that they: i) comply with any quality standard laid down in the domestic legislation of the country of origin and/or country of destination, whichever has the higher quality standard; and ii) as much as possible, match the nutritional habits of the beneficiary population.    
E –       When procuring/purchasing medical supplies, the Organisation ensures that its policies and procedures include the adequate consideration of qualitative criteria for the selection of medical suppliers.    
D –       For medical and food supplies, as applicable: the Organisation has procedures in place i) to verify the quality of the supplies received; ii) to properly store them; and iii) to dispose of them.    
E –       The Organisation ensures that its Implementing Partners respect the same rules and procedures when procuring, receiving and disposing of food and medical supplies (please use the three criteria set above).    
  Additional criteria for PPs    
D –         The Organisation has a description or a procedures manual to ensure compliance with regulations and rules for using funds.    
D –         The Organisation has adopted a formal quality standard system and reports regularly on it to the Board and/or senior management.    
D –       The Organisation has emergency procedures in place to respond to situations of improper disposal of medical supplies.  
  Auditor’s brief rationale for scoring and other relevant comments

 

 

 
     

 

  BLOCK 2 – Compliance with rules, regulations, standards and obligations
26 Protection of personal data

Does the entity ensure protection of personal data equivalent to that referred to in Article 5 of the FR, in line with EU Regulation No 2016/679[24]?

… / 10  
  Criteria Y-N-P-N/A  
D –         The Organisation has clear rules on protection of personal data.    
D –         The following requirements are integrated in the procedures and rules: As a general rule, personal data are:

–         processed lawfully, fairly and in a transparent manner in relation to the data subject;

–         collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;

–         adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;

–         accurate and, where necessary, kept up to date;

–         kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;

–         processed in a manner that ensures appropriate security of the personal data.

   
D –         Procedures and rules capture the following principles:

–         right of information;

–         right of access to and rectification or erasure of personal data;

–         right of data portability and

–         right of confidentiality of electronic communications.

   
D –         The Organisation has controls within the document management process, which ensure respect for data protection and confidentiality rules    
D –         The Organisation has procedures and training in place which ensure that specific rules and conditions are well known and respected.    
  Auditor’s brief rationale for scoring and other relevant comments

 

 
     

 

 

  BLOCK 2 – INTERNAL CONTROL  
27 Governance, risk management and oversight

Is there an adequate control environment in place, whereby governance and management functions are duly exercised with regard to risk management and internal control and their importance in the Organisation, both at HQ and at field level?

… / 10  
  Criteria Y-N-P-N/A  
D –        Responsibilities are clearly defined (i.e. clearly stipulated in employment contracts and/or operating manuals).    
E –        Segregation of duties is ensured between the authorising officer (authorisation, processing, recording and reviewing of transactions for operational and/or financial issues) and the accounting officer (authorisation and the execution of payments). It is formally stipulated for example in an operating or procedures manual.    
E –        The Organisation assesses and addresses the risks that may affect the achievement of its objectives, both at HQ and at field level.    
E –        The Organisation monitors internal controls regularly and takes timely remedial actions, both at HQ and at field level.    
E –        Recommendations stemming from various audit reports (internal, external, donor) are followed-up and implemented.    
E –        Management is aware of incident reporting responsibilities, including reporting all safeguarding and fraud incidents to the Board/Executive Director.    
  Additional criteria for PPs    
D –        The Organisation carries out a comprehensive risk assessment(s) covering Organisational, financial and operational risks, both at global and project level.    
D –        The Organisation has a risk register which is monitored and regularly updated.    
  Auditor’s brief rationale for scoring and other relevant comments

 

 
     

 

  BLOCK 2 – INTERNAL CONTROL
28 Human resources

Does the Organisation have adequate policies and procedures to recruit and train staff as well as to monitor staff cost?

… / 10  
  Criteria Y-N-P-N/A  
D –         The Organisation has a formal recruitment procedure that ensures a transparent and competence based recruitment?    
E –         The Organisation performs background checks for staff it is about to recruit, both at HQ and field level.    
E –         All staff, volunteers and salaried are required to sign an employment contract.    
E –         The Organisation has a staff training policy that ensures that each member of staff receives adequate training that is appropriate to his/her responsibilities and tasks and the environment they operate in.    
E –         The Organisation ensures that payroll and time management are complete, reliable and duly authorised, by a.o. ensuring the following:

–         It has a system to allocate staff and salaries and related costs to projects.

–         It ensures that time spent by staff on specific projects is appropriately supervised, approved and recorded (through time-keeping procedures (use of timesheets)).

–         Authority to change personnel records is restricted and audit trails are available.

   
  Additional criteria for PPs    
E –         The Organisation can continue its operations in case a number of key staff leave or are unavailable. Measures are in place to ensure institutional memory and business continuity.    
  Auditor’s brief rationale for scoring and other relevant comments

 

 
     

 

 

  BLOCK 2 – INTERNAL CONTROL
29 Budgeting, accounting and reporting

Does the Organisation have sound budgeting, accounting and reporting procedures, with controls that allow preventing, detecting and correcting errors?

… / 10  
  Criteria Y-N-P-N/A  
E –         The Organisation has sound budgeting procedures.    
E –         The cost allocation keys, which are applied to compute budget cost data, are based on logical, consistent and plausible assumption and principles. The system ensures that only genuine, incurred and eligible cost is charged to the project.    
E –         The budgeting system and procedures allow generating relevant and reliable information for preparing budgets on activities and projects.    
D –         It has a manual with accounting policies, rules and procedures, that include detailed descriptions of accounting procedures for the various types of financial and accounting transactions, including bank and cash management systems.    
E –         The Organisation performs regular bank reconciliations and cashbook reconciliations (where applicable) and in such a way that no material differences are left unexplained.    
E –         Data consistency is ensured between the personnel database and payroll. Reconciliations are performed on a regular basis (in principle monthly).    
E –         Authority to change records and payroll is restricted and audit trails are available.    
E –         The Organisation has controls and procedures in place which ensure reliable reporting – both internal and external (inbound and outbound) – in line with applicable requirements and standards.    
  Additional criteria for PPs    
E –         The Organisation can continue its operations in case a number of key staff leave or are unavailable. Measures are in place to ensure institutional memory and business continuity    
  Auditor’s brief rationale for scoring and other relevant comments  
     
  BLOCK 2 – INTERNAL CONTROL
30 Audit trail and document management

Has the Organisation put in place a document management system that enables it to gather, in a timely manner, a complete audit trail of all expenditure incurred?

… / 10  
  Criteria

Article 7(2)(a) of the Humanitarian Aid Regulation and Article 130(6), Article 198(2) and 198(3) and Article 203 of the Financial Regulation.

 

Y-N-P-N/A  
D –         The Organisation has a document management procedure which ensures appropriate and timely audit trail of all expenditure incurred.    
E –         Effective systems are in place to ensure that documentation is kept securely and can be repatriated to the HQ for audit purposes on a complete and timely basis.    
E –         The Organisation retains securely all original documents, especially accounting and tax records.    
E –         The Organisation stores all original documents on an appropriate medium, including in a digitalised original format, where and when these are authorised by the applicable national law.    
D –         Security procedures are in place, and detail how the Organisation ensures that documentation stored is kept confidential.    
  Additional criteria for PPs    
D –         The Organisation uses a formal electronic archiving system to aid in this process.    
D –         A person is responsible for its control and management, both at HQ and field level.    
  Auditor’s brief rationale for scoring and other relevant comments

 

 
     

ANNEX 4A                SPECIFIC DESCRIPTION

ACCOUNTABILITY

(Block 1 – Minimum requirements / Accountability)

When the Organisation is a member of a family, network or (con-)federation of international organisations, and intends to use other member(s) of said family, network or (con-)federation as Implementing Partners, the auditor should gather and check to the extent possible the information needed to provide a fair description of the following:

  • the relationship between the Organisation and the other entities, and the related working arrangements (MoUs etc.).
  • the extent to which, if any, the decision-making of the Organisation involves other members of the family, network or (con-)federation.
  • the financial flows (through a flowchart) between the entities.
  • whether one or several members of the network/ family/ federation is based outside the EU.
  • whether one or several members of the network/ family/ federation holds an FPA.
  • whether funds are systematically implemented by another member of the family / network / federation? If so, the specific rules or arrangements that define the roles and/or the share when implementing an action?
  • whether those arrangements ensure that the Organisation retains full responsibility for the actions implemented by another Organisation of the network or federation.
  • the process to review the quality of the proposals.
  • the monitoring arrangements in place and the specific areas covered, if any, and any financial retribution for this.
  • how the Organisation guarantees the reliability of the interim and final reports to donors with regards to results achieved, accuracy of indicators reported and legality and regularity of expenditures claimed.
  • the rationale for that set-up, i.e. the reasons and circumstances, including efficiency and effectiveness, justifying why grants are to be transferred to such a high proportion to other members of the family, network or (con-)federation in an Implementing Partner capacity.

ANNEX 4B                SPECIFIC DESCRIPTION

 

ACCOUNTABILITY

(Block 1 – Minimum requirements / Accountability)

 

When funds are systematically implemented by one or several other organisations (Implementing Partners), other than those referred to under Annex 4A, the auditor should gather and check to the extent possible the information needed to provide a fair description of the following:

 

  • the relationship between the Organisation and the other entities, and the related working arrangements (MoUs etc.).
  • the decision-making process whereby the decision is made to use a given organisation in a systematic manner as Implementing Partner.
  • the financial flows (through a flowchart) between the entities.
  • whether the implementing organisation is based outside the EU.
  • whether the implementing organisation holds an FPA.
  • the specific rules or arrangements that define the roles and/or the share of budget when implementing an action?
  • whether the arrangements ensure that the Organisation retains full responsibility for the actions implemented by another organisation.
  • the process to review the quality of project proposals.
  • the monitoring arrangements in place and the specific areas covered, if any, and any financial retribution for this.
  • how the Organisation guarantees the reliability of the interim and final reports to donors with regards to results achieved, accuracy of indicators reported and legality and regularity of expenditures claimed.
  • the rationale for that set-up, i.e. the reasons and circumstances, including efficiency and effectiveness, justifying why grants are to be transferred to such a high proportion to Implementing Partners.

 

 

Annex 5                  Approach and Criteria

1.                   Criteria and materiality

For the purpose of determining what is a material weakness or deficiency in systems, controls, rules and procedures, the Auditor must take into account the criteria and the levels of importance (i.e. scoring thresholds) defined by the Commission as these factors might influence the decision of DG ECHO to sign an FPA with the Organisation. Criteria have been defined by DG ECHO in Annex 2 Overview of Scores and Replies and in Annex 3 Assessment Questionnaire.

Block 1 – Minimum requirements

The questions in Block 1 – Minimum requirements are fundamental. The Auditor must apply professional judgment to reply Yes or No to each question based on the evidence s/he has obtained in Annex 3 Assessment Questionnaire. The questions are formulated as Yes/No questions and no other answer is allowed. The questions in Block 1 are not broken down. They assess the minimum requirements of an Organisation to receive EU humanitarian funding. For this purpose, criteria and guidance are provided where appropriate.

Block 2 – Additional suitability requirements

The questions under Block 2 – Additional suitability requirements are essential. Each question has several criteria. The Auditor must apply professional judgment first to reply to each criteria based on the information and evidence s/he has obtained. Then, based on the answers to the criteria, to provide a scoring to the related question. The questions and criteria are in Annex 3 Assessment Questionnaire based on the information and evidence s/he has obtained. The Auditor can formulate additional questions and perform additional tests and procedures, as s/he deems necessary or appropriate.

For the criteria, four types of replies are possible:

  • The answer to the criteria is ‘Yes’. This means that the Organisation complies with the requirements of the criteria concerned. The reply of the Auditor must be formulated in the positive form, which is equivalent to an ‘unqualified opinion’.
  • The answer to the criteria is ‘Partially’. This means that the Organisation complies overall with the requirements of the question concerned, except for some aspects which, taken together, do not lead to non-compliance. The reply of the Auditor must still be formulated in the positive form, which is equivalent to a ‘qualified opinion’.
  • The answer to the criteria is ‘No’. This means that the Organisation does not comply with the requirements of the criteria concerned. In this case, the reply must be formulated in the adverse form, which is equivalent to what is called an ‘adverse opinion’ under international standards.
  • The answer to the criteria is ‘Not/applicable. This means that this criterion does not apply to the Organisation. Such cases remain exceptional, except for Niche Organisations. Such a reply should be, in all cases (i.e. even for Niche Organisations), duly justified.

 

For each question, the Auditor must apply professional judgment to attribute a score on a scale 0 to 10 to the related question in Annex 3 Assessment Questionnaire based on the information and evidence s/he has obtained and on the replies to the related criteria. The scores are attributed in accordance with the following:

  • A majority of «no» answers over the “yes” and “partially” answers to the criteria gives a score below 4/10, meaning that the Organisation does not comply with the requirements of the question concerned.
  • A majority of “yes” and «partially» answers over the “no” answers” to the criteria gives a score equal to or greater than 4/10 and below 6/10, meaning that the Organisation complies overall with the requirements of the question concerned, except for some aspects which, taken together, do not lead to non-compliance.
  • A majority of «yes» answers over the “partially” and “no” answers to the criteria gives a score between 6/10 and 10/10, meaning that the Organisation complies with the requirements of the question concerned.
  • For the Programmatic Partnership, the score should be 7/10, based on the answers provided to both the criteria and the additional requirements for PPs, in line with the guidance provided above.

 

The overall score for Block 2 – Additional suitability requirements is a score on 10, the result of the mathematical average of the scores obtained for each question.

2.                   Findings

Block 1 – Minimum requirements

The findings are presented only for those questions which received «no» for a reply.

Block 2 – Additional suitability requirements

  1. If the Additional suitability requirements Block has obtained a score equal to or greater than 6/10 and no individual question has obtained a score below 4/10, the assessment is not expected to have given rise to any material weaknesses or deficiencies. The Organisation is not required to contract a follow-up assessment. The follow-up of those recommendations will be done as part of ECHO’s regular ex-post audits, should the Organisation sign an FPA.
  2. If the Additional suitability requirements Block has obtained an average score equal to or greater than 4/10 and below 6/10 and no individual question has obtained a score below 4/10, the auditors have identified weaknesses that should be brought to the attention of the Organisation, as they have led to a partial fulfilment only of the requirement set by DG ECHO. These findings relate to weaknesses in systems, controls, rules and procedures which, individually or in the aggregate, do not adversely affect the achievement of the objective for the question concerned. This means that the Organisation complies overall with the requirements of the Additional suitability requirements Block, except for some aspects which, taken together, however, do not lead to non-compliance. In such a case, the Organisation can become a provisional FPA Partner and should draw up and implement an Action Plan. These findings and recommendations, and the related Action Plan are briefly described in the Executive Summary.

The signing a provisional FPA is conditional upon the Organisation’s commitment to implement the recommendations included in the Action Plan in a timely manner so as to enable DG ECHO to make an informed decision on the possible award of a regular FPA at the latest within a year of the signature of the provisional FPA.

An independent audit firm will have to re-assess all the Additional suitability requirements question(s) that had initially obtained a score greater than 4/10 and below 6/10. The follow-up assessment will attribute a new score to those questions and will re-calculate the average score of the Additional suitability requirements block. The provisional partner can apply for a regular FPA if the new score for the Additional suitability requirements block is equal to or greater than 6/10 and no individual question has a score lower than 4/10. If the new assessment report provided by the provisional partner shows that recommendations have not been fully implemented, and the new Additional suitability requirements score is below 6/10, the provisional FPA will lapse.

  1. Questions which have obtained a score below 4/10, indicate material weaknesses or deficiencies in systems, controls, rules and procedures. Material means that these factors are so important for DG ECHO that they need to be taken into account by the Commission when making a final determination with respect to awarding the FPA to the Organisation. Where the Auditor has found material findings for a question this will lead to an adverse conclusion for the Additional suitability requirements Block. Main findings also include cases where several findings which taken individually do not relate to a material weakness or deficiency but which taken in the aggregate involve a finding of material weakness or deficiency. The combined impact of such findings is considered so important (i.e. material) that this will lead the Auditor to conclude that the Organisation does not meet the requirements for the question (i.e. the score is below 4/10).

3.                   Recommendations

The recommendations are presented in relation to one or several findings, as described in the section above.

Critical recommendations relate to material weaknesses and deficiencies in systems, controls, rules or procedures and to cases where the criteria defined by DG ECHO and /or internationally accepted standards are not complied with (on a regular basis).

Very important recommendations relate to findings that should be brought to the attention of the Organisation, as they have led to a partial fulfilment only of the requirement set by DG ECHO. These findings relate to weaknesses in systems, controls, rules and procedures which, individually or in the aggregate, do not adversely affect the achievement of the objective for the question concerned.

Important and Desirable recommendations relate to findings which are not of a material nature.

***

 

[1] In relation notably to child labour, sexual exploitation and abuse, money laundering and terrorism financing.

[2] Institute of Chartered Accountants of England and Wales (ICAEW), Technical release AAF 01/06, “Assurance reports on internal controls of service organisations made available to third parties”, page 18.

[3] Institute of Chartered Accountants of England and Wales (ICAEW), Technical release AAF 01/06, “Assurance reports on internal controls of service organisations made available to third parties”, page 18.

[4] http://hqai.org/Organisations/

[5] dgecho-partners-helpdesk.eu/

[6] All reference made to Union legislation shall be understood as referring to the most recent applicable version of the legislative text as published in the Official Journal of the European Union.

[7] Council Regulation (EC) No 1257/96 of 20 June 1996 concerning humanitarian aid (Humanitarian Aid Regulation – HAR)

[8] https://ec.europa.eu/info/publications/financial-regulations_en.

[9] This is a non-exhaustive list. See also ECHO publications such as ECHO Factsheets and sectorial policies.

[10] Joint Statement by the Council and the Representatives of the Governments of the Member States meeting within the Council, the European Parliament and the European Commission (2008/C 25/01).

https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:42008X0130(01)

[11] https://spherestandards.org/handbook-2018/

[12] https://corehumanitarianstandard.org/

[13] https://www.oecd.org/dac/evaluation/2667294.pdf

[14] https://www.coso.org/Pages/guidance.aspx

 

[15] http://ec.europa.eu/environment/gpp/index_en.htm

[16] https://eiti.org/

[17] Delete as appropriate.

[18] Delete as appropriate.

[19] This overall rating does not include the assessment to be made by the Commission on the acceptability of the level of accountability of the candidate NGO when the latter works with Implementing Partners in the situations covered by Annex 4A and 4B.

[20] See Annex 5 Approach and Criteria.

[21] This overall rating does not include the assessment to be made by the Commission on the acceptability of the level of accountability of the candidate NGO when the latter works with Implementing Partners in the situations covered by Annex 4A and 4B.

[22] Delete as appropriate.

[23] https://interagencystandingcommittee.org/principals/documents-public/iasc-six-core-principles-relating-sexual-exploitation-and-abuse-2002

[24] https://eugdpr.org/the-regulation/

The bidders will present their proposal by e-mail to the following recipient:
candidaturas@mundubat.org

Proposals minimum content shall be the following:

• Overall proposal adjusted to the ToR, indicating the methodology used and criteria of the sample of supporting documents of expenditure to be reviewed.
• Economic cost and method of payment.
• Certification of its legality as audit firm registered in the ROAC or in the applicable register if foreign.
• Professional experience in the field concerned.
• Human team of auditors in charge including CVs.
• Knowledge of languages (English and Spanish) by the team in charge of the audit.

Esta web es colaborativa. La Coordinadora de ONGD-España no se hace responsable de las ofertas publicadas por las ONG socias de la red.