Agenda and minutes

There were no declarations of interest.

To approve as correct the minutes of the meeting held on 1^st March 2017 (attached) and authorise the Chairman to sign them.

The minutes of the meeting of the Committee held on 1 March 2017 were agrred as a correct record and signed by the Chairman.

Report attached.

Officers submitted the draft Annual Report, covering the period April 2016 to March 2017, for the Committees approval. The key highlights from the report were:

·            The Committee had maintained its usual work plan based on its Terms of Reference;

·           The Committee had received briefings on Statement of Accounts, Treasury Management and Role of Audit Committee;

·           The Committee had approved accounts compiled in accordance with the International Financial Reporting Standards;

·           The Committee had approved the Annual Governance Statement.

A challenge for the Audit Team had been the restructuring of the Audit, Risk and Fraud Teams during 2016/17 as part of oneSource, together with the integration with a third partner, the London Borough of Bexley.

Despite the challenges the Team had successfully delivered against its work plan for the year and responded to management requests for proactive audits.

15 system audits had been completed and 13 school audits completed.

The Committee agreed to Annual Report for submission to the Council in June.

Report attached.

The Committee received the annual report which provided members with an opportunity to consider the Council’s corporate risk register.  Risks were managed by individual officers and those which presented the highest risk to the Council’s objectives were included in the corporate risk register. 

The Senior Leadership Team reviewed the corporate risk on a quarterly basis.  As part of that review process the Senior Leadership Team had recently undertaken a risk review workshop to refresh the corporate risk register. 

The results from that review had been incorporated into the risk register and an updated version was appended at Appendix A to the report.

The Committee raised concern that digital security had not been identified as a corporate risk. Officers advised that one of the system audits planned for oneSource related to digital security. A specialist outside company would undertake this work. If a risk was identified the Senior Leadership Team would have the opportunity to review the register at its quarterly review.

The Committee noted the report.

Report attached.

Officers advised the Committee that the Accounts and Audit Regulations required the Council to undertake an effective internal audit to evaluate the effectiveness of its risk management, control and governance processes, taking into account the Public Sector Internal Auditing Standards (PSIAS) or guidance.

Internal audit was a key component of corporate governance within the Council.  The three lines of defence model, as detailed below, provided a simple framework for understanding the role of internal audit in the overall risk management and internal control processes of an organisation:

•           First line – operational management controls

•           Second line – monitoring controls, e.g. the system’s owner

•          Third line – independent assurance (Internal audit forms the Council’s third line of defence)

An independent internal audit function would, through its risk-based approach to work, provide assurance to each Council’s Audit Committee and senior management on the riskier and more complex areas of the Council’s business, allowing management to focus on providing coverage of routine operations.

The work of internal audit was critical to the evaluation of the Council’s overall assessment of its governance, risk management and internal control systems, and formed the basis of the annual opinion provided by the Head of Assurance which contributed to the Annual Governance Statement.  It could also perform a consultancy role to assist in identifying improvements to the organisation’s practices.

Officers of the Assurance Service had been involved in work with the Section 151 Officer and with senior management to update the Corporate Risk Register.  Horizon scanning work had already taken place with Heads of Audit, and through the Croydon Framework to identify common risk and audit themes.  These, along with manager requests and audit cumulative knowledge and experience, had formed the basis of the plan. Combined plans had been compiled for the three oneSource member councils.  These identified target resources and some common audit themes.  These allowed for some efficiency to be driven by utilising acquired skills across boroughs where there were common risks. However, each borough had its own unique objectives and approach to achieving these and these would be audited individually.  

The plan was exclusive of Counter Fraud investigations but there was provision for Internal Audit staff to support Counter Fraud work across the 3 authorities on system related work.  This a statement of intent and could be revised or amended at any time should higher priority risks or issues be identified, and there was provision to address emerging risk.

The work of the oneSource Internal Audit Team was underpinned by the Audit Charter and Strategy. This had been revised and updated and is attached as an Appendix to these minutes.

The Committee raised questions around the number of hours allocated to each of the three councils and OneSource. Officers explained that the allocation was based on the historical numbers of hours each Council had allocated prior to the creation of oneSource. The intention was that after the first two years the allocation would be reviewed to ensure an equitable allocation. The oneSource Management  ...  view the full minutes text for item 37.

Update attached.

Officers informed the Committee that the counter fraud section produced a work plan annually which detailed the broad areas of work that would take place. The plan had to be responsive to demand as it was not possible to predict precisely the areas that would require investigation. In developing the plan consideration was given to the national fraud picture both in terms of estimated fraud losses, the areas of emerging fraud risks and the local control environment.

The counter fraud team carried out investigations to a criminal standard with the aim of applying a suitable sanction and enabling the council to recover any losses. The audit service also had a role to play in assisting in providing assurance over the control framework and might carry out specific pieces of work that supported the counter fraud agenda.

Historically, the Audit Commission had produced more detailed work covering local government in their publications around Protecting the Public Purse.  Unfortunately, the Audit Commission team had been disbanded and the survey used to populate Protecting the Public Purse was no more. However, CIPFA had published a document ‘CIPFA Fraud and Corruption Tracker’, based on survey responses from a large number of local authorities.

The largest type of fraud according to value was Housing related. This was true in Havering and the Housing Tenancy Counter Fraud project had delivered real results in this area.

The largest source of fraud in pure numbers of attempt related to Council Tax discounts and Housing Benefits.  In recent years, councils had shifted their focus from benefit fraud to non-benefit fraud due to the transfer of all benefit investigation from councils to the Single Fraud Investigation Service (SFIS), run by the Department for Work and Pensions. 

CIPFA recommended the following:

Public sector organisations should carry out fraud assessments regularly and have access to appropriately qualified counter fraud resources to help mitigate the risks and effectively counter any fraud activity.

All organisations should undertake an assessment of their current counter fraud arrangements.

In line with the Fighting Fraud and Corruption Locally Board suggestion, local authorities should examine and devise a standard and common methodology for measuring fraud and corruption. Once it had been agreed, local authorities should use the measure to estimate levels of fraud and corruption.

It was as important to prevent fraud that had no direct financial interest, such as data manipulation and recruitment, as it was high value fraud

Organisations should develop joint working arrangements where they could with other counter fraud professionals and organisations.

Public bodies should continue to raise fraud awareness in the procurement process, not only in the tendering process but also in the contract monitoring element

Authorities should ensure that anti-fraud measures within their own insurance claims processes are fit for purpose and that there was a clear route for investigations into alleged frauds to be undertaken.

Taking all these considerations into account officers had produced a Fraud Plan for 2017/18.

This was year 3 of the Fraud Team being a oneSource shared  ...  view the full minutes text for item 38.

Report attached.

The Committee received an update on the performance of the Treasury Management Strategy during quarter 4. Officers advised that the average level of funds available for investment purposes in quarter 4 was lower than in quarter 3 but this was as anticipated. For the fourth successive quarter the Council had achieved a higher rate of return than that budgeted for, earning an extra £0.275m.

With the UK Bank rate at just 0.25% the Council will face a challenge to achieve a reasonable yield in 2017/18. On the advice of the council’s Treasury Management advisors the Council will have to consider investing additional cash in secure liquid investments with duration exceeding 364 days. In addition, the S151 Officer would ensure that all for investments, security and liquidity was paramount, before yield.

The Council was in the process of reviewing its Treasury Management Strategy in the light of these challenges.

The Committee considered the detail of deposits as at 31^st March 2017 and questioned officers around these. Officers agreed to provide further information as requested.

The Committee noted the report.