Under section 16 of the Act on the National Audit Office (676/2000), a central government authority, agency, unincorporated state enterprise or a state fund must without delay and notwithstanding secrecy provisions report to the National Audit Office on irregularities concerning its activities or the property or the assets managed by it.
The National Audit Office is issuing the following guidelines on the application of the provisions.
1. How to report irregularities?
The notification concerning irregularities must be submitted to the National Audit Office without delay after the party with the statutory notification obligation has become aware of the situation. The notification must be made in writing in Finnish or Swedish and it can be on a free-form basis. The notification must be submitted when the suspected irregularities are first observed as part of administrative or legal procedures. ‘As part of administrative or legal procedures’ means the first written assessment in which it is determined, on the basis of concrete information, that there have probably been irregularities. The notification must be submitted by the time when an authority has heard the party suspected of the irregularities, as laid down in the Administrative Procedure Act (434/2003).
The suspected irregularities must be reported to the National Audit Office regardless of whether a report of a suspected offence is filed with the police. When submitting the notification to the National Audit Office, the parties concerned should not wait for the results of the police investigation, prosecutor’s decision or a court judgement.
The notification must contain a short description of the events (for example, details of the direct or indirect damage that may have arisen or that may arise), and a description of the measures that the party obliged to submit the notification has taken or is planning to take as a result of the irregularities.
Under section 11 of the Personal Data Act (523/1999), processing of sensitive personal data is prohibited. Because of this, the notifications submitted to the National Audit Office may not contain data on the basis of which the individuals suspected of the irregularities can be identified.
Irregularities and other cases of non-compliance reported to the European Commission must simultaneously be reported to the National Audit Office.
Copies of decisions and other documents providing background information on the matter may be appended to the notification.
The notification of irregularities can be sent to the National Audit Office by post or by email. Any secrecy provisions must be considered when the notification is delivered in this manner. You can also deliver the notification of irregularities directly to the registry of the National Audit Office during its opening hours. The address is Porkkalankatu 1, Helsinki.
You can also contact the NAOF public official processing the notification (by phone or in person at NAOF) to determine how the notification should be prepared and sent.
2. Measures resulting from notifications of irregularities at the National Audit Office
The aim of the National Audit Office is to ensure that all irregularities referred to in the law are reported to NAOF and that the authority submitting the notification will take all appropriate measures. For this reason, the NAOF public official responsible for the case will monitor its progress in central government and, if necessary, obtain additional information and urge the officials concerned to speed up the matter. At the same time, the National Audit Office will also draw attention to the fact that a compensation must be provided for the damage incurred by central government.
Irregularities in central government may be a sign that there are inadequacies in the internal control of the authority or the agency in question. When carrying out its auditing work, the National Audit Office pays attention to ensuring that these inadequacies are rectified.
Based on the notifications and other information revealed in the audits, the National Audit Office monitors and examines irregularities taking place in central government and their impacts on central government finances and the measures taken in central government to combat the irregularities.
3. Reporting a suspected offence to the police
Under section 17(1) of the Act on the National Audit Office, a central government authority, agency, unincorporated state enterprise or a state fund must report to the police suspected offences concerning its activities or the property or the assets managed by it. Reporting the offence is not necessary if, considering the circumstances, the act can be considered minor.
Under section 17(2) of the Act on the National Audit Office, the National Audit Office must report to the police the suspected offences referred to above that it has detected as part of its auditing activities, unless that audited entity has already done so. It is not necessary for the National Audit Office to report the offence if, considering the circumstances, the act can be considered minor.
Reporting a suspected offence is primarily the responsibility of the central government agency in question. The National Audit Office will only report suspected offences to the police in exceptional cases.
4. Data protection principles applied when notifications of irregularities are processed
When processing notifications of irregularities, the National Audit Office has to review both personal data and a large amount of other information. The Personal Data Act (523/1999) applies to the processing of personal data, and the Act on the Openness of Government Activities (621/1999) regulates access to official documents.
The processing of personal and other data connected with the notifications of irregularities at NAOF is described below.
Register entries
When the National Audit Office receives a notification of irregularities by post, by fax or by email or it is personally delivered to the agency’s registry, it is entered in NAOF’s register. The name of the party submitting the notification, the date of arrival of the notification and a brief description of its contents are recorded.
As the case is being processed, details of the information obtained and the dates on which it was received are added to the register. The register also contains the details of the officials processing, steering and supervising the case.
Under sections 26 and 29 of the Personal Data Act, everybody has the right to check the data on him or her kept by the National Audit Office in its register and request the correction of erroneous data. More detailed information on the information entered in the register, public access to the information, disclosure of the information, and the rights of the data subject are contained in the privacy policy, which is available at the registry of the National Audit Office, tel. +358 9 432 5809 or kirjaamo@vtv.fi.
Documents
Under section 12 of the Constitution of Finland (731/1999), documents and recordings in the possession of the authorities are public, unless their publication has for compelling reasons been specifically restricted by an act. The Act on the Openness of Government Activities contains more detailed provisions on the public access to and secrecy of documents. The aim of the act is to increase the openness of the official activities.
The secrecy grounds specified in the law, such as the right to privacy ensured by section 10(1) of the Constitution of Finland, restrict public access to documents. The most important restrictions on the publication of the notifications of irregularities processed at the National Audit Office are laid down in the Act on the Openness of Government Activities.
Reports of suspected offences made to the police and documents obtained or prepared for purposes of criminal investigations or the consideration of charges must be kept secret (section 24(1)(3) of the Act on the Openness of Government Activities). Under this provision, a large proportion of the notifications of irregularities submitted to NAOF are confidential. The secrecy may also be based on other provisions contained in the Act on the Openness of Government Activities.
No personal data on the individuals visiting the National Audit Office’s website is collected or stored.