Audit Committee - Wednesday 10 July 2024, 7:30pm - Wandsworth Council Webcasting

Audit Committee
Wednesday, 10th July 2024 at 7:30pm 

Agenda

Slides

Transcript

Map

Resources

Forums

Speakers

Votes

 
Share this agenda point
Share this agenda point
Share this agenda point
Share this agenda point
Share this agenda point
  1. Webcast Finished

good evening, in the absence of the appointed chair of the committee, may I please ask for nomination for a chat.
hello, Councillor Marshall and a second.
seconded.
thank you Councillor washing regularly.
thank you very much, good evening, everybody good evening anybody who is watching this,
so my name is Councillor Marshall and I'm going to be Chair for this evening's halted, meeting Councillor Paul has been unavoidably detained.
members of the Committee, I will now call your names in alphabetical order, please switch on your microphone to confirm your attendance Councillor C, Richard present.
yeah and Councillor hedges present, thank you.
and may I also please introduce our independent men member Vanessa business.
hello, everyone.
very welcome we've received apologies from the other independent member Elva 14 O'Connor and also from Councillors caddy and obviously, as mentioned before from Councillor Paul, we have a number of officers President who will introduce themselves when they addressed the Committee.

1 Declarations of Interests

so it only to start by asking if there are for declarations of interest, are there any declarations of either pecuniary or other registrable or non registrable interests?
no, thank you.
and

2 Minutes - 12 March 2024

item to the minutes members, no other minutes of the meeting held on 12th March 2024 agreed as a correct record.

3 External Audit Reports 2022-23 and 2023-24 (Paper No. 24-189)

agreed, thank you so Item 3 external audit reports for 2022 23 0 2023 24, I'd like to ask Assistant Director of Finance Catherine burst and to introduce this, thank you.
evening game actually gonna pass over to the Chief Accountant Ellis erratic at a
hello, Lucy atief council. This paper provides an update on the external audit of the accounts for 2022 23 in 2023 24 financial years. I'm pleased to be able to confirm that the 23 24 draft accounts have been published in early June and the inspection period, and the full external audit has also begun for 23 24. As Members are aware, there are general backlogs in relation to all audits and whilst the draft accounts for 22 23 were published at the end of June 2023, the audit was delayed and is being performed by E. Why, as a limited scope audit, but including a value for money audit for which work has started in terms of statistics for 22 23 year audits, as at the 3rd of June, for the end of April, only 21% of local authority audits have been finalised for 22 23 with 63% awaiting sign-off and 16% and published
finally, the paper also discusses external audit fees, Janet Dawson and Adrian Balmer from EA, why are here who can also answer any questions, thank you.
thank you very much.
would you like to talk, thank you.
Janet Dawson external audit partner from e y and we've got two papers on the agenda, as the this year has said, one which brings you up to date on where we are, with the 22 23 Audit and in particular, the work that we've undertaken on the value for money, arrangements that were in place across the organisation up to the 31st of March 2023, and then the second one is the the Audit Plan for the full scope of work for the 23 24 Audit which, as Eliseu has explained, is already underway, but it sets out where the key risks and issues are that we are addressing through that work. So what I suggest this? I just give you a very quick summary of the 22 23 value for money arrangements report and then pass over to Adrian to take you through the highlights of the plan. That's
satisfactory,
OK, so the the 22 23 Audit for the moment is focused only on the value for money arrangements we are awaiting.
the department and the financial reporting Council and the NAO to determine what they want to do about the scope of work on financial statements, and you'll remember we brought this to your attention over the last year or so that plans were very well advanced amongst the system, leaders to reset the system for the Open years of accounts that was a slight hiatus was caused as a result of calling the election.
so we are now just awaiting those system, leaders to brief incoming Minister, to determine a whether they will proceed on that basis and be how quickly they will proceed.
but this, so that's just a little bit of the context. In the meantime, we have undertaken our scope of work on value for money arrangements, which looks at the arrangements that you have in place across three different criteria reporting criteria. So what have you got in place to ensure that your planning and managing our resources effectively to achieve financial sustainability? What governance arrangements have you got in place to ensure that you make informed decisions and properly manage your risks, and how do you use information about costs and performance to improve the way that you manage and deliver your services and just in very brief summary, you'll see on Page 17 of your page numbers that we assessed, having carried out our initial risk assessment, we didn't identifying risks of significant weakness and then having pursued those criteria across the arrangements in place within the organisation. We didn't identify any significant weaknesses in those arrangements either, and the report then summarises really the the arrangements that you have in the form of a commentary against the various sub criteria. So a clean bill of health from us for 22 23 on the value for money arrangements,
happy to pause there or hand on, thank you very much, members, to have any questions on Vanessa if you have any questions as well, please company.
so if you could get a fair summary and then Stephen first thing though this is admin, is it possible to turn off the outcome because I find it hard to hear especially everyone down the far end of the room, and I don't think we really need it now.
sorry, it was first one that so just repeat, so you're saying for the value for money for 12 for 22 23, which is are not as detailed an audit as we would've. We would had the year before and we will have this year clean bill of health. You're very happy with, have the council is managing its finances and its money so that the scope of the value for Money work is the same as you've had in the past in previously? It is not, it's not a lighter touch, so that's the full range of the work that we would. We would always do under the reporting requirements and yes, we are happy
Oscar I mean, one of the other things on this is.
that I was thinking of, but I was looking at the audit timetable. Maybe this is something we should take away from the Chair, is it looks to me that you're offering that you're suggesting wish, we will report back your you'll have the accounts ready, I think it was towards the end of November
but our audit meeting is before, and I just won I just thought that would be a pity, because if we get the timing wrong,
we
then have to wait until March, given the way the meetings are set up.
and maybe that's something that we could have a look at so that, once the accounts, what's the Audit is ready, we actually see it very soon after it becomes ready, rather than having to wait three or four months.
and that's really a question for the admin side and the Chair.
Councillor Richard yeah, thank you Chair and thank you to you why, for all the hard work you've done?
and appreciate the that we haven't got any significant risks, that's very good news, my point is actually around the the increase in fees, and I know we've talked about this last time and there is 133% increase, which is quite a lot.
and I understand that officers are pushing the point that you know if we're having a limit where we have got a limited scope order.
I am, therefore we should have limited.
so we should be paying a limited fee, can I just find out what the latest is on that, please.
thank you for your question, absolutely we are.
currently actually reviewing previous years fees as outlined in the paper, so it does take some time for that process to go through the awkward arbitration process with PSA.
so when we finalised the prior year sets a fees, I'm sure he why will put forward what they propose VAEF would be for the 22 23, once we know what the limiting of the limited scope, what the actual range of work would be for the 22 23 Audit at that point we can discuss with PSA were currently not in a position to
finalise above, obviously, as a council we will do our utmost to emphasised PSA that if we haven't had a full audit than when we don't expect to pay the full fee, don't know if you want to add to that Danny.
no, I think I think Katherine is is right that the issue that we've got at the moment is because the system leaders haven't yet been able to finalise how they are going to reset the system, then PSA, which is the contractual body, has nothing to work on for its audit contract to to help us determine our scope and then how that will be charged so where we're in a sort of wait and see process but it will be,
and obviously the FRC has a role to set what that scope of work needs to look like as well, which which isn't under our control or PSA is control over the Council's control, so we just.
trying to stay very close to it out me having that's the best way to to describe it so that it can move forward as quickly as possible.
thank you, my question is actually about the proposed outcome of their 22 23 accounts, so the disclaimed opinion, I'm I'm just wondering.
if I've understood correctly, it means that you might be unsure as to whether you could provide an opinion on the opening balances of the 2030 24 accounts and I'm trying to understand what risks might come with that and wondering if it's possible for you to outline some of the limitations that might come with that scenario perhaps the the worst case scenario just so we have seized about at this point.
shall I go and then you get Champions, so so you're right, so if you have opening balances in your and and comparative in your 23 24 statements that haven't been audited, then the question is what over what can we provide assurance? So we are focused on the track for transactions in year and the year end balances. We've had to look at our audit approach very carefully to understand where we would normally do a comparison back to a number from the prior year. How ED, perhaps using that, to build an expectation of what this year's number should look like, we need to have some alternative procedures to see how we can build build the assurance on that, and then the question is, is there sufficient
scope and resource to go back and rebuild some of that assurance over some of the opening balances as well, but that would be additional to the scope of the in-year audit. So said that the first bit, which is look at the alternative procedures, were we're in and doing that, and we've got guidance that to our teams already the second bit, which is, is there an opportunity to rebuild some of those balances that has not yet been determined, and that is partly because we're waiting to see what the Farc's view as to how what that Stoke needs to be, the more we can do that more quickly. We can move away from scope limitations, but if you have no rebuild, it takes three years to fully wash through the auditing process because even in the third, the second year you're looking at comparative, said well, which you haven't given an opinion, but you've rebuilt the opening in year and closing position if the if that makes sense, so so you sort of rebuild as you go through a number of years and were what we're trying to do is see if there's a fast away to increase that assurance, to get rid of a skip, limitations faster, but it but it's a system-wide question rather than an this team in this room
yeah
yes, Councillor, crucial, thank you, yes, I have one, I'm I'm going to say this is something I was going to ask the Chair, but I should not Filippo and maybe our independent men Rebecca also help and and the officers page 51 to 52, give the significant risks and the responses. My question is, how do we know we've got the right, significant risks, are we missing anything
I can take on actually so, this is our risk assessments, and this is a wise risk assessment in terms of the risks that we see in terms of the Council and kind of the potential risk of material misstatement so.
as part of our kind of general planning, an overall assessment of the Council each year week with for each of those areas of the country and we look at, we say, what's changed what we know from previous years and that will help to build up the kind of overall picture in terms of what we would be perceived to be the areas where the Council is a bigger risk or potential risk of material on the Stephen in their accounts.
so these risks are solely focused on material numbers, which actually, for you, your around headline 20 million are the kind of under level underlying level of that's about 10 million. So if you keep those numbers in your mind, whenever you are thinking about materiality, when we set our materiality, there was are the kind of title numbers that we're actually looking at, so we're not looking at everything to kind of say, is there a risk in all of the accounts? The risks starts with the kind of numerical number assessment
and then it moves down and looks at other areas, so is there any other areas of those accounts which may be non numerical, some more sensitive to kind of manipulation or other areas that may kind of, because?
so kind of wider sensitivity within both the Council are all Sir ac external stakeholders as well.
and if I, if I'd faith, free things within that, I'm going to give you an opinion on your financial statements. These are the risks that I give the wrong opinion, so they are either complex areas or their highly judgmental or their subject to manipulation, as a Adrian has suggested, which might lead to a number in there were where I give you assurance, but actually I shouldn't have given you assurance, so I'll give you a false opinions that that's how their framed in terms of being audit risks there are risks to me and giving you the wrong opinion. As opposed to organisational risks,
if there are no further questions, we are asked to no, he was two reports they've attached at Appendix A and Appendix B, the value for money, report on the audit planning report and also the external audit update and the audit fees update members of the Committee all those agreed,
thank you very much.

4 Annual Review of the Risk Management Strategy and the 2023/24 Review of Risks and Risk Controls by Directors (Paper No. 24-190)

so, moving on now to Item 4, which is the annual review of the Risk Management Strategy and the 2023 24 Review of risks and risk controls by directors
I'd like to ask her, I'll Assistant Director of Finance, Paul gelati, to comment, thank you Chair. So this is the newspapers says it's the annual review, so for most of you you would see this fairly regularly, but because obviously we got the new Independent Member for attending for that for the first time, I go into a little bit more detail to explain how we operate as it is, because the model that we use is probably slightly different to what you might see I've seen elsewhere, so rather than have you know in a reams and reams of risks that are just put on a document put in a database and not really
it looked at a infinite detail, we have a different tiered sort of approach in in the manner way that we manage it, so the top pain, which is our strategic, our our corporate key risks, are what the the directors steam to be those which are material and cut across all service areas are going to have a real impact on in other council managing to achieve its core objectives so they're normally around about 15 to 20 and that sort of window that that will cut across so it would include things like ICT like project like contracts and aspects of that nature.
sitting next down, keys, your service delivery model, so for that's all heads of service are then sent.
you know, or a form which they have to assess themselves not only on those key corporate risks, they'll have to assess the sees it relevant for their service. If it is, is it managed, or is it dealt with by somebody else? They also have to identify. You know what are the than you know, the key sort of half a dozen risks for themselves now quite often they double up, so they are the same as what would be in in the Core one, because quite often it may well be personnel, it might well be data, it might well be I T and those sorts of issues, but there might be something that specific and pertinent just purely to to those so they'll flag it, and they'll also determine how well they think they're performing against the whether it's managed or not, and then, thirdly, there is key project risks, so that's where you would get a far more detailed project plan and project risk assessment
and they would be for your major projects. So they are the three tears that are explained within the strategy. There is no real proposals you know from the previous year will not change anything significant in that approach. The anything that the there has been a change on and that's tea tied in with the appendix which is actually highlighting what those key corporate risks are is in relation to project management for several years, has been raised not just a in this committee but the other Barbara for which we work collaboratively with Richmond. Both audit committees of highlighted the inner projects are key for them and their and they've Hopkins concerned that it may not have had the same oversight, so you will note in a in the strategy there is a couple of extra paragraph seeing around 15 6, paragraph 15 16 around that sort of area where it's highlighting what the project management office are doing to enhance the reviews, an in in that particular area and project man management has been given its own specific corporate which specialist within the the new approach to the corporate
elements in in in the relevant appendix, so that's really the oversight on it and the key sort of changes as a couple of other minor issues, with some consolidation when we come out to do in the annual governance review, you will note that there's a there's a lot of detail in therein input budgetary control, so the need to have a separate review outside of the annual Governance Statement.
it seems superfluous, so hence why we've amalgamated them into one risk, so so that's really where we are at.
thank you, Mr jealousy.
Councillor hedges.
thank you, Mr jealousy, much appreciated, I'm glad to see we've got fraud and cyber on there and actually that a has now made it to the to the to the deck someone Platt pleased to see that my point actually is more around the annual governance statement which is on page 142 if I may go to that.
I and I mentioned fraud, obviously that being like one of the the top higher risks.
where we've got here on the page further down, we've got a total number of fraud cases investigated looks like there's been an increase on the housing and tenancy related investigations.
so from 0 sorry, my and the wrong via jumped ahead of Surrey, apologies that's for next one, for thank you.
in which case just very happy to see eye on next, I know we talked about it before.
yeah, I mean that there might evolve over time, something I will incorporate into the the traditional sort of cyber and governance, but clearly, as and when we got a new department, that's been set up, that will actually be looking at change and innovation, and I expect that we will be seeing a lot more and trying to ensure that we got relevant controls are in place for it, but on the cyber. Just to reiterate again, what we said previously is that the key issue is yeah. Unfortunately, we know it's more likely to be Wayne, an authority gets hit, not if so, you know, we
try to be as robust and.
plan for the future there are contracts in place, intervene and to have.
a a recovery plan that we ourselves as in those officers, don't have the skill set, so we do have contractors in place to help and support that, but I wouldn't want to rest on our laurels and for any reason think that we a perfect and will be and that these risk processes will protect us all just noting that we've got a
I think it's going to asked, but we will see more and more challenges evolve over time.
yes.
this is a.
I was also very pleased to see the use of a, I am included as a Strategic Risk I was just wondering if the chief digital and information officer has been appointed, I thought that other.
coming. Yes, it's of Ian, I think it's Ian Robinson, I think, is the individuals who has been it's been in for a little while now, so and again they'll be looking through a lot of the processes that we have within the council to ensure that we not just identify risk but create opportunities as well, because I mean we shouldn't be putting in controls as a barrier for us moving forward, we need to ensure that we've got the right tools to enable us to flourish and be able to to do things differently, engaging ensure that we gain access for everybody through the use of IT
I have a female questions Chairman, I continue that OK, thank you.
I was really interested to read about the newly established CPO and the role that they'll pay in providing.
Good practice guidelines, particularly the introduction of the central Learning Library as a resource for sort of you, know, lessons learned and just checking that it would be available to everyone that has a role in assessing and managing risk, and not just the risks specialists.
yes, sort of specialist. In essence, I mean on one of them them and their it's not down for us the whole or you know the the pe, Anna Saddlers team and in that area who devising it is really there to set up a framework, so that'll be all commissioners are or are able to do that. I mean coupled with this, I mean there is a repeat and a scenario that's been set up for contract management food for yourselves. That's been discussed here before, but clearly for he's opening a first meeting, this offices. You know a note both whether it be procurement or whether we project management are not there to deliver, they're there to provide advice, support and grow, and create a framework that enables officers to know what they should be doing. That's what it's all about, so that's about ensuring that you've got a a seizing model, that you can try to risk, assess what the project should be, and then you go down a particular pathway subject to that, similar to what we're doing with contracts, with them being put into a,
different category, whether it be bronze, silver, gold, platinum, and that will then enable you to know the processes that you've got and that would be accessible for.
thank you.
thank you, Councillor, I just sorry on page 99, we took that new and emerging risks, you say this would be identified owner, a day-to-day basis, but we haven't actually called out any I know I mentioned a I and cyber are there any others that the concern you or any anything else that you think would be relevant for this group please?
one but portrait management was the key one, that's been added as a separate category this time, so they do evolve, and you know, when we put the paper up to directors, a lot of it does stemmed from audits that come through any common themes that would be looking at and also listening to what goes on in other local authorities as well, and clearly when you're looking around some of the changes that were looking likely to be seeing
project, you know, we are relying upon third parties, so key projects are, although if there is new themes that will come through, they will be discussed.
follow up on the project management does that include?
the new projects
that are being funded out the reserves, like things like the change project and other other big projects.
we're not looking for his father risk strategy is not looking at individual items that comes through. It is actually looking at making sure you because you know what cuts across so that particular team should set up a framework that will enable everyone to draw down from, and that's what it, and that's what it is. We're not looking at anything service specific if there is a key project that separates them. If you, if you remember this 3 tears to this, there is a new corporate his service and then you project specific key projects. So if you do have a major project, I would expect him to be working with. You know the Project Manager Officer CPO, in order to actually devise a proper framework, where you would have a board that you would be accountable for, that would end up having a proper Forward Plan around key milestones that would be reported through to that project board. That's the third tier of this strategy, so that doesn't cut across everything because it's because it specific were saying that that needs to have its own risk register, that addresses and utilises. You know, the toolkits that have been made available to
thank you, I've got some questions to my own and then I've also got some that have been fed in by the Chair so that the ones I had was page 103 and 100 to 105 is sort of the statement before we get into the individual risks.
how much of that has changed since the previous year, so the actual preamble statement rather than the individual bits?
in the only real main changes, what we've said in in is in relation to the specific details around project or programme risks around paragraph 15 of the of the strategy, because that's just building on and enhancing on the new framework
that that's been been implemented, and and this is a good area of where the Audit Committee is going to help and support to look to direct change because the feedback that we got like I said, both for themselves and for the Richmond,
audit Committee was such that warranted it being brought forward, he got raised as something that was key and relevant for yourselves and and hence why that was put forward as a as I suggested, a change.
can I carry on OK right on page 107, climate change, just as a notices achieving baseline, scoping 1 and 2 emissions by June 2020 was there a type of some kind in there, and then we read the done it or we haven't all.
107 under the climate change.
and the last one is achieving baseline scoping, it's the risk strategy.
and I, I wasn't sure if we've actually say at Hay yeah yeah.
I was a bit confused because we have either Donny or we haven't donate if we were supposed to do it by June 2020, neither that that's farewell, we were going well and have a look at it, sometimes with a baseline that would be a set date.
coming through to give an example in the pension fund, we've got a baseline that we use of over 2019, and that's the based on that's been used, so it might not be boy during 2020, it'd be utilised in error.
from that data, but would go double check to take that away.
keep going.
the question was this came come through from Councillor Paul, is climate change also includes sustainability, but actually she said I would have expected to be in the other way round, with climate as one of the areas for sustainability and may be that's something that you might need to pick up with her about how she thinks because I was looking to see if we had a separate,
Clarke climate or a separate sustainability category.
we don't I mean part of the reason for doing that is joined to get language that is common, and when you're looking at Shauna, ask service managers to assess themselves if you put it in something else, like sustainability instead of climate change, everyone knows what climate changes and that's part of the process of dealing with it. So when you never be specialist, is gonna be do their report than the one it will be all encompassing, but remember that you know each Service Head is is required to assess themselves against that and we are asking them all of them to pay attention to that and focus on it. So I quite like the idea of using language that is well known and well established
then on the workforce, there's nothing mentioned about.
diversity and inclusion under the number 11 human resources workforce capacity.
and, given that I think we probably on as representative was, we might be, is that a a risk that we're missing, that we ought to be covering?
again, it's something that.
I think it is embedded into the work that we've we've done, even only today, when we had a senior management workshop, they were looking at any analytics and other data that was coming out from that to ensure that we already fully divest.
authority when you go through your recruitment campaigns, we've got anonymous data in order to to look at doing that and we go get the report in states that are coming through this can't have I mean, obviously, these are the key bullet points in the key sort of areas for us to determine where we are or are and what we're look into to seek today when we all are looking at
know whether or not we've got an appropriate one again, I'll just said, Look, if you look at.
yeah, but bulletpoint to we got to to retain sufficiently suitable trained workforce. Now one could argue that you know to sufficiently see, and a suitable would incorporate those that are actually meet the needs of our borough and one that will ensure that we are a fully diversified ankle and any the new change and innovation department which also includes our workforce at or HR team. They do look at those analysis within it so
I would I would articulate that and or argue that we are already embracing that and covering it, because it is reported through to relevant committees, is we've got it in the KPIs so they can be addressed if needed.
and page 117 onwards is the highlight existing risk mitigation strategic risk categories, some 117, so we've got the list of the risks, but there's nothing particularly around any mitigation for those risks, if you look at 117 118.
so, for example, adult social care, sustained increase in demand for care services, there may not be any mitigation unless there's a change in policy, but there's nothing said.
what the mitigation would be, which I would normally expect to see if I got risks, and this is just a summary of detailed reports that have come through it, and this is what it's for, this is just highlighting these are the areas for which the relevant service managers are flagging, as what they seem to be key issues for them. So when you ask him her, not in the previous paper, have identified some of the key risks this, but this is just to give you the oversight that they people are thinking in the right area. This isn't. This is not having the solution put any with all of the mitigating factors associated. That's not not what the report is actually showing you
and then the last one was, I hope, this is right pipe to asking about the progress of the implementation of the gold, silver and bronze contract, or is ushered that McDonald next paper.
I can do either could do whatever we, it probably has more than for the other paper or thought.
goodwill if there are any further questions, I will say yes, please. I just have a couple of questions about the insurance, if that's OK. So this is within schedule to Appendix A so starting at page 109, Section 10. This is under health and safety, it refers to injury or impairment of health, of of staff, etc but there's no mention of the Council's employers' liability insurance cover and know that it is a statutory requirement, but I would consider that the review of that policy to be a key mitigation control
alternatively, it could appear on page 111, section 14, that is the insurance Section it does refer to the public liability insurance there, but again no mention of the employer's liability insurance, it's fair, we cannot make that it, Sir, for your own benefit we self-insured to a large degree here so we do have insurance policies in place we do have case handlers that go through the relevant.
so it was a national sort of companies that that doing on our behalf, but a large chunk of what we do. We have quite a high threshold before we will actually get paid out by a third party because it's it's just more cost effective to do it that way, but we put you right, it's not just at 1.00 level of insurance, we do have the others which we can make changes for. Can I ask him a question about insurance, although I think I know the answer to this on, this is me to establish checking, so I see that there is no mention of insurance covering cyber attacks, and just going back to what you were saying previously about
the procedures that were in place in the recovery plan. I did see in minutes of a previous Audit Committee meeting when that I didn't attend, where I think the question was was asked and answered. So I just want to check that it is already being considered and has been ruled out as a necessity, and that's why it doesn't appear. It's been considered, it's been ruled out not because it's not a necessity, but it's not but is not available or at a price that we would be able to live with. So yes, if if anyone is aware of something that is affordable and sensible, then we would love to embrace it and take it on
yes for.
thank you so were recommended to receive, as information, the results of the annual review of the Risk Management Strategy and approve the risk management strategy.
agreed, thank you very much.
and so the last item on the agenda
is?
the
problem

5 Review of the Council’s governance arrangements incorporating internal control and on the publication of the Council’s Annual Governance Statement for 2023/24 (Paper No. 24-191)

yes, and a review of the Council's governance arrangements.
so again, the Director of financial Services.
yet again.
while our makes it can here, because it community what's coming through, yes, so again this is an annual review that comes to the Committee.
around this sort of to have a year, the appendix, which is the annual governance statement, will sit part of the actual councils accounts when they finally get signed off, it's a combination, this report, of a review of the governance arrangements and then and then we've also included within it our own annual report of the work that's been undertaken by the internal audit team and also the fraud team and then you get the summary.
of the work undertaken, including the outstanding actions of previous audits, for for which Aviva come to this committee for the first time and you're seeing the them with a forward plan, or they are important recommendations that are yet to be implemented.
so we've not really when we've done the review, there's not been any real, significant changes, We've provided updates on those Keith key areas for where we deem to be the in the most material. Just because an item sits within the annual governance statement doesn't mean that what we're saying is that it's poor practice is going on in the area that there's remedial actions need to be undertaken. We just highlighting to say similar to what was said for those Corporate Risk speci risk areas that they're fundamental to the delivery of our corporate objectives, and therefore they should should be on their, sometimes they're not, they are because they are problematic
we see things like devolve management organisations continue to be on their, but more often than not, that's, because they're beyond our control so it whether it be a school or whether it be one of the tenanted management organisations, there is limited work that we can do, but it has significant potential consequences on behalf of the reputation and our ability for the authority to deliver. But there are other areas like information, cybersecurity, where we're not saying that we think that it's really week what we've got, but if something were to go wrong, it would have significant impact for the Authority. So hence why we think it's warrants being on the annual governance certificate or statement
just to highlight here and flag it, so that's probably enough for an introduction, if there's anything specific around the core paper, then I will hopefully address it, if not, I might turn to my colleagues who are sitting around the sides to answer the query any any particular question.
thank you are Chair and Mr jealousy, so I'm going to ask this question the right paper now.
there's a mention of fraud risk, which you would expect to see in the annual governance annual governance statement, and obviously we talk about the fact that there has been a significant increase in the national level as well.
any interested to know more about the increase in some of the figures that are on page 142.
sorry bear with me now just intrigued to know more about the fraud risk and
one and how you monitor a and a bit more about the figures if you wouldn't mind place.
I'll give a broad overview and if you want more detail, I'll ask Kevin to to to give you some more background, the challenge you've got, especially whether with it being tendency related, is it takes a period of time to come through and in some cases that you investigate will be theme it will be on on a trend purpose other times if it's going to and if it's going through the courts.
it will be delayed in in order for us to get through, so when we're looking at some of the outcomes from it a year on year, increase or decrease doesn't necessarily give you should frighten you or give you comfort thinking, things are getting better because there are general sort of timelines.
but if there's, but if you look at something and I housing, related investigations in particular, if you're looking about, why is it gone from 3 6 2 2 4 7 3?
our posture, whether Kevin, to bear, to probably give you a better answer, the more I can give.
sorry, sorry.
Kevin Holland had permission for two relevant looking at yet.
came in on ahead of the fraud Partnership.
the the numbers you're looking, sorry, it's actually a reduction year on year, not have increased.
but the reason for the big changes in numbers is to do with the National fraud Initiative, so with what gets grouped in with the Housing, related fraud includes the data matching that so we do through the National fraud Initiative on housing applications.
that process is a two year process, so there is there so there will be peaks and troughs on on that.
quite a few of the matches they they are errors, inconsistencies rather than or I'd say, admin out fraud, but we talked earlier about no using a, I get a smarter use in our data. We gonna get smarter with using our data if we make sure we get the best quality data, so with their. I refer back to this Committee in paragraph 99 about need to do our best to cleanse our data and make sure we have the best quality data to feed into these processes in order to get the best outcomes. So those are reduced. I was in there, there have been changes in the tenancy successes. Some of that is still the knock-on effect from the the COVID period. Access to courts and also changes in the profile so
in years, gone by, when we had detected and found someone who shouldn't be there or was subletting their property, they'd come forward, they would hand over the property. Unfortunately, that ended probably about three three years ago, Andy around the COVID time where now we are having to take 90% plus of those cases through the court process, so we've got another 18 months to two and a half years timeline time lag in terms of recovering possession
and we know how many, or how many we actually recover or any we have to write off.
so on.
income in terms of percentages, and how we, you know, go through the whole process and and what the outcome is one and what the damage to the council was basically.
so I mean in terms of the actual numbers of properties recovered, that's inclu, that's mentioned in table 4 on page 1 40.
and that's based are on the work we do and the resource that we have to enable to to to recover properties.
in terms of measuring the fraud risk concern, it's thinkers back in 2019 was the last local government survey that came up with some, well, it's the figures we still we refer back to in terms of the incidence of fraud, I'm part of a wider group of all across London in the similar colleagues 45th status where we're trying to do something similar to see wherever we can get a
an up-to-date IT figure of the level of fraud within each of those four categories.
thank you.
right just looking at something I noticed, last year we had major risks out lined.
4, probably for where there is limited assurance, we had a different table and I would just like that covered.
and the Lindseys picked up that one, and on page 140, I think the numbers are wrong.
9 million but looks like we.
Mark, and I have of so that'll get me started, then I've got some other things, I'd I know I'd I'd noticed wants, should be really I think that's 3.3 point 9 million 0 9.9 look just added that the numbers very quickly more had going through, so I think there's, I think it is yes, it is, I apologise, it's one of optimism. Overly optimistic typo
so sorry, but what was the other question I've got, I've got sidetracked by next year we could at last year we had are made, one of the tables included major risks.
I think, unfortunately, haven't got lost his paper in front bay, but I think I asked you to have a.
I'd not seen a major risks in the thing they were big towns, where you had recommendations were promoted its in a major, you know that it was the major.
recommendations, not yeah, so so, yes, so when you are looking at it from the previous year, so there was 43 major 326 important or repeat to risks.
and 58 minor for 23 24, there were 34 major 242 important and 15 9, so in total those 427 recommendations and that's been reduced to 3 3 5, that's not met, but that's taken slightly out of context if you remember, we used to have 2008 days and he got reduced to 16 110 audit days.
so the proportion of that reduction would be down to the fact that we've we've been doing fewer audits, so into 2022 3 there was actually 107 audits undertaken, and I think we're looking at doing the target for 23 24 was 85, so that would show some of the reasons for the reduction in number of recommendations made because we've got that 400 fewer days of audit time.
thank you, would you be able to circulate that yeah thanks?
thank you Chair, and looking at Appendix A in terms of the Audit findings I know we, I know I asked this last year and it was a different school and children's services last year, I remember it with Beatrix Potter and there had been a couple of DBS checks that haven't been carried out obviously with heightened security you know.
you know, just with the general environment I've noticed there is another one in their under Frances Barber.
would you mind sort of please explaining because I'd I remember last time that there was a there was a simple explanation for, but I think it would just be good to clarify that one, please.
I'll pass over to colleagues if there's anything specifically on on the audit cheers.
1 5 7
do you mean by with gynaecology, she I am worried many here for the FA Frances, Barbara in particular, there was this find needed to be had and we are actually for week actively with the school to make sure that they did address the finding, and I can tell you in this particular case we had a little bit difficulties to get evidence and tomorrow I know that there will be a call and after they'd call it will be a visit to the school to get evidence for all the open actions
thank you, this is a real worry I mean, is there any way that we can ensure this doesn't happen, because it's come up again a year later to ensure that we don't we don't hire?
anyone any school where they haven't been DBS checked first should just point out that this is regulation is over, the finding isn't saying a cheque, wasn't done.
it will say they haven't retained any evidence that it was done, so there's a key difference between between the two, it means still a worry, though still solar concerned, as behind that will obviously be we've been any could retain dates and retain evidence for certain periods of time but normally speaking when it comes to this when we've looked at I can't talk specifically about this, but if you talk about thematically,
in general, we do find the for, certainly for frontline staff various if there is, in general, appropriate measures in place to get those jerks. People shouldn't be left alone when they are, if they haven't got it, but quite often some of the challenges isn't like Susan about them actually actively been done. It's that when we turn up to do the order, whether or not the individual that were liaising with, has actually got the information, so I think on this particular one, if you look down on on on the wording, it was stated in a when, when query, the the school business manager. It was stated that no evidence could be provided by the minute
but him manages to to support the check being done prior to the commencement of the employment so
we would ensure double-check now that we where it is, I think that's what Tony saying is around to see whether or not we we've got that coming through, but for peace of mind. For here it's just to just to highlight the signal there is a key difference between not having or not having done and not retaining the evidence. It's basically the score that should have shied shared them, enhance their record. Keeping said that you know that said that we we've got that assurance when they know when we come in, they know what we ask for is making sure that they've got it when we're when we, their that's part of the challenge, is that historically, the when you turn up to an order then may not necessarily have all the relevant information with, but I agree with you, this isn't in this, isn't something that's
you know out of the blue that we're turning up and doing something that isn't something, that's new that we're asking them for, that you would expect that they've not had for these other cities, other basic queries, that we would always Audit and check you would expect them to have the relevant information available.
could you can I just add, could I just add something quickly that OK, and so I would just say that?
yes, it is a concern, yes, it is something we find when we do school audits, what this what we're not saying here, though it is that they haven't completed barred list check, which has got the gonna belt and braces check that all schools need to do so the DBS check is really important that needs to be done.
it's also something that Ofsted checks. When Ofsted gonna score, you know they look at the single central register, and if and if DBS checks haven't been haven't been recorded there, then that's that's a real problem for the school but but the Bill embraces as a either barred list check, so I'd need to check this one specifically, but because we haven't reference that in the recommendation I'm assuming the barred list check was completed, which means we have at the school has at least check that that person hasn't haven't been barred from working in schools which gives some level of comfort.
just just picking up on that, as this is the second time that's come up is there are a training issue that we as a Council could help with with schools around reminding that the importance of not only having done it is making sure that it's clear you've done it because that's yeah, I mean that's happened, it's happened for two schools, we've picked it up.
and that's maybe a question to take away. All I would say, if I'm being really candid, is that we do all the time, that's why, if you look at the annual governance statement, DMOs are still on there and they've been on on there for at least 14 years, because schools on on the same school is in order to every year so it goes in cycles. You'll get a new business Manager, you'll get a new head teacher, you get a new Simon, it goes to your
yeah, Tenants, Management organisations, you get things, OK, right, people move on and it changes, and you know.
you'll always get a lot more recommendations that come up with those entities because they are small local businesses in their own right. So I wouldn't be right to challenge your rights of focus on the hormone and these things because they are keen important. However, it would be remiss of me to say what managing expectations about some of these things, because let's say because of church. The changes Andrews highlighted that some of the key fundamental elements is looking at those borrowing list. Look at where it is and how many other checks and insurance levels that you can get you've got Ofsted, you've got others so
there's you know from what we do. We obviously liaise with the department. They will obviously have got their own relevant officers that will go out liaison, whether it had been housing or in children, and a reasonable referring a housing is because they have similar sort of challenges and issues where you get the same thing time and time again and up, but I can guarantee you that next year you'll probably find a similar recommendation on their five years' time. If you are still on this Audit Committee, you will find a similar recommendation on the
so I wonder how many DBS checks thereafter carried out in any year to miss one or two will not to be able to find the evidence, and one or two is possibly I hope you keep all of our DBS checks, that's all I'm getting the name.
as to which of records, the first item that recommended due date has been shifted again.
so it was the first recommended due date was.
and we'll figura end of 2022, and it's been it was yes, I know it's been shifted because I looked at last year's.
of actually going to make the date.
it's one of our teams, we really ought to be getting the documents sorted, that's the first one.
we see the school is, I think, of if you can answer that one, I'll carry on with a couple of other.
then we need an answer to Tony that to the I'm sure it's the, it's the first recommendation in the appendix I I can take that one, sorry I didn't introduce myself last-time, deny, I'm Andrew Hamilton, the head of the shared audit service.
yes, the recommendations means been outstanding. For a long time, we have had conversations with the Monitoring Officer on several occasions. They are progressing, so for a long time there was a lack of a of a valuable money for, in the first instance, to pay for resource. The money was then made available. It was then difficult to get a resource because it's not a, it's not an exciting piece of work to do sitting in the basement cataloguing, I would agreements they now. They have now found a resource, so we are expected to be completed
have our also had conversations with the monitoring officer to really try and understand what the risk is for the Council.
the recommendation was made some time ago, wasn't it, and it was accepted at the time that it was a priority 1, his his his view, I is, is maybe that it's not a serious is that I think it is still an issue that the the fundamental issue would be that documents if there was a fire could could be burned that perhaps had titles to small tracts of land that the Council owned.
he assures me that they would be able to piece together information from committee reports going back as as far as they needed to do to legally demonstrate that this land belonged to the Council and he he was very show of himself when he said that I I'm not legally trained in that sense to understand that the localities but it does need to be done and he is aware of it and we do expect it to be completed or and if not maybe he could come along to the meeting and explain that to you.
there's one about the environment, community services, the Building Maintenance DSS all developing a set of KPIs and including timeless response, and something I did wonder is, do how do we know how low, if I don't know, why made a note of this, but I did about things being outstanding for more than one year must have been,
something about what's going on there, for that should have been finished, shouldn't at the environment, can we just sent Services Audit Slaschova's there is there a question, yes, there is what's going on there, it's hi-fi, set a little bit more precisely so that we can actually on-street yeah,
they're supposed to have got KPIs about.
housing team works being completed.
yeah, so all these there, and do we also have KPIs back anything that's been outstanding for particularly long time, for example, like a year?
sorry, because there is doubt about the Auditor, this was title building maintaining CDS are OK, thank you.
I'd eat it, if, if that's something, you need to go away and also happy to for that to happen that way, yeah, I don't have the specifics, but when we will go away and we will come back to you.
Councillor creature comforts just suggests that possibly we are going to a level of detail in the Scrutiny here the
is possibly not worth the candle, but the evidence here would suggest that we've got some very, very detailed, the comprehensive work here and the fact that we're turning up one or two errors, isn't sidings of dates is wholly hardly surprising, miss discuses, you have a question.
the question. Yes, this is just a page 126 function 21, it states that the anthem on money laundering and Anti bribery Policy is a link to the whistleblowing policy and procedure were last reviewed in October 21. I just wondered how frequently those policies are reviewed and when the next one is due, it's yeah, I chat with Kevin earlier before we normally would look at these every three years. These is normally where we'd look to try to seek to do it as an an optimum basis. Sometimes it slips
but it is on our radar and we are anticipating doing it, you know during TW 2024 I have a follow up question if that's OK Chair, and then it is part of the reason why I've asked about the review actually is because there's a protection of whistleblowing Bill that looks like it will be replacing the existing.
law and there are wider provisions around the definition of what whistleblowing would mean and give the government more powers for enforcement of it, so my question is, if the legislation changes will that trigger a review, even if it falls outside of the review period.
it would normally yes, because obviously the three years is where you look to try and do it in the absence of anything key fundamental, there are different approaches, whistleblowing and also the the the anti-money laundering and anti-bribery reviews. I'm the Council's anti-money laundering officer, but one but then you've got HR who would ultimately be responsible for the whistleblowing approach, so it's a collaborative approach. More for here will we be looking at is on a on on the Money laundering Angel, but clearly you got you as a committee want to ensure that there is an unfettered access through to individuals like myself like my colleagues,
so that they can you know actively and in our are encouraged to highlight areas of poor practice or all areas, it is something that is key for us, one of the staff survey queries and questions here, this was the Angel about how it was they felt an inability to referred queries, it didn't get a good enough response to my view and and therefore you know it was actually quite Paul
and concerning, but there has been addressed as part of that. You know that this is in the senior management team. It has been flagged to try to encourage in in and engage with our officers, but if I'm honest, we that is more to do it when we actually moving tackled into the detail and this is sometimes some sort of we are looking at surveys in approaches. It was more poor practice in the result in performance matters rather than they actually been poor practice as in the way that you're behaving and actually doing wrongdoing if that makes sense
interesting actually to hear about the results of the staff survey, because one of the elements that is being looked at in the new bill is around the culture of an organisation and ensuring that that is that at that level is correct, because it will then encouraged people to know that it will be upheld. So we are asking the right questions were not getting the right answers similar have. Yes, it will not know, answers are happy with either, nor I answered that makes it would chase you'll be got more work to do to actively encourage and engage with with
you know, officers in general but also members of the public members, if you look at least, what was you are seeing in the the table earlier in the conversations with Kevin in relation in investigative work, it's not just our own team, it's how we get whistleblowing from others so things such as to recover your property quite often whilst we might be proactive work you are relying upon information coming through as well from whistleblowers.
to ensure that we've got that pipeline.
perhaps one more question, Councillor Chris children, than we could move to a conclusion, it's the one from Councillor Paul about the contracts, so the question is around patient, one force at 1.00 4 6 1 4 7 implementation of the contract Management system how is it going?
OK, it's work in progress.
the key issue with atomistic whether there was actually getting the
the tender modules first, because obviously you know before you can actually do heavy contract management module really in in operation, you need to have the procurement modules being done. First, that had priority spend analysis, work has been, there was a second tier and that's carrying going on to try to address, to see if there are what's the severity of off contract spend. There has been analysis done by the commissioners to assess Webb where the contract should be bronze, silver, gold, platinum, that's in train and you know, but still yet to be finalised, because that will then help deliver and set up what we do with the contract monitoring modules. The contract monitoring modules are yet to be implemented because the focus has been on those previous other modules
have we got an idea about how?
matches be unnecessary percentage terms how matches of the work is being done, and also when it will all be finished, so when we get all the contracts on their properly to manage where the contracts are on their in relation to putting them on for the tendered modules, what we're looking at is you know for the the contract management angle.
it's all about having KPIs been uploaded and everything else, so that's I can't sit here and give you a date now as to when that will be, we are looking at that's the next phase or what's what's been put in, but the aim will be to get it completed by the end of the financial year but whether or not it has everything is subject to light said there is that contract off contract spend analysis that's being undertaken, it's it's a fluid piece of work,
that sounds that makes me feel a bit anxious, I don't know whether that's the right feeling about it, but given that contract management is obviously an area where we can in.
the there ought to be some find that you know managing Co contracts properly would give us a financial edge, it would worry me that it's we've identified this as a problem like 2 years a year and a half two years ago, but it still looks like it's going to be another year before in a position to start using this properly means that what I'm saying about it'd be a year before we can use it properly.
is that the correct deduction?
it's not incorrect in the sense that you know, this is a IT system that stronger help and as for people to do what they should be doing already, so this isn't the you know this isn't the panacea this isn't they know that the idea of than doing it in contract management is with commissioners?
minutes for them to be able to that and I know what their contracts are. Now they know what they're KPIs are now they should be managing a contract in accordance with the KPIs. This is a tool to help them deliver that. That's why I'm saying you know, this is something that there should be doing already, so the idea that you can't have contract management without this talk without its toll is not nor accurate, and I don't want members in this committee to thing that this is the answer. This is delivering everything else. It still requires individuals to do certain things. What the what the module will do is not for every
contract because you've got a you, or your housing contracts already handled our KPIs being uploaded to the relevant system, the rather than doing it this is just saying for those that don't it's gonna, have the KPIs put on to it and to help them the
the provider will be uploading on a regular basis onto the system, so we could we could see the data quicker and more efficiently
thank you, Mr G Latty, just following on from that, presumably also the contract Management system lets, comes up with an alert, so sorry, for example, for contracts up for renewal, you'll get an alert six months in advance so that you can check the KPIs see if performance is great and then compare it to other companies and then we'll get a better deal will get up get maybe three quotes or something next time we can make it more beneficial and efficient for the Council overall.
it will go a part of that I mean it, will. It should have the alerts allow allow people to know when they should start planning to do the audits, because you'll have the key relevant Marseillan days it doesn't you know Lincoln with a database, to know what price points are going on outside and also to say, are you getting value for money compared to peer groups in other local authorities? Now you wouldn't get that. The only way you'll achieve that is through soft market testing and going out and doing the programme, but if you start the process early enough because you've got a key date, that should be the factored into it when you're going out and lend to look to see specification, correct and right and proper or or should evolve because he last procured five years ago
things moving and change, but the only way you achieve that is by starting the process 18 to 20 months in a 24 months in advance, and that's what this should again highlight and give a red flag coming through, but only if it's on there and that's why I said it's it's we put into contracts that we know about on their we're looking at all of the spend analysis to see you know whether or not those there are other.
spend other, theatrical spend areas that should have contracts, that's where the focus has been on 1st will then look at the key outlining the KPIs and contract managing, which should already be been done already.
that's what comes now.
if, however, because since then, of these have but proposals approved.
obviously gave him a good, thank you very much, Ted in that case showed the meeting to a close, thank you very much, Councillors, thank you very much for this.
this is thank you. Officers have a very good evening