AUDIT AND STANDARDS COMMITTEE 28 APRIL 2020 REPORTS …

1 Audit & Standards Cttee

28/4/20

AUDIT AND STANDARDS COMMITTEE

28 APRIL 2020

REPORTS OF THE CHIEF EXECUTIVE

PART 1 – ITEMS FOR DECISION

RECOMMENDED that the External Audit Planning Report for the year ended 31 March 2020 be received.

Purpose

To provide the Audit and Standards Committee with details of the proposed approach and scope for the audit of the 2019/20 financial statements. The Plan will be presented by Neil Harris of Ernst and Young LLP (EY). For members’ information, the Audit Planning Report is circulated separately. Audit Plan 2019/20 The Audit Planning Report sets out how the auditors intend to carry out their responsibilities as the Council’s auditor in respect of the 2019/20 financial year. Along with the mandatory procedures required by statute and auditing standards, the auditors will also carry out work on the following key areas:

The auditors will give an opinion on whether the Council’s financial statements give a true and fair view of its financial position as at 31 March 2020 and of the income and expenditure for the year then ended.

The auditors will provide a conclusion on the Council’s arrangements to secure economy, efficiency and effectiveness (the value for money conclusion).

The auditors will also review and report to the National Audit Office on the Council's ‘Whole of Government Accounts’ submission.

The auditors have assessed the key strategic or operational risks and the financial statement risks facing the Council, identified through their knowledge of its operations and discussion with members and officers. The significant risks identified for the 2019/20 financial year are detailed in section two of the audit planning report. Covid-19 The circulated audit plan was prepared before the full impact of the Coronavirus pandemic was felt in the UK. Neil Harris will give a verbal update at the meeting of the potential changes to the plan as a result of the Covid-19 crisis.

1. EXTERNAL AUDIT PLAN 2019/20 Director of Finance


28/4/20

Audit Fees The planned fee for 2019/20 is £36,137, compared to the final fee in 2018/19 of £46,637. The planned fee does not include the additional fee for the work required to audit the group arrangements in place with Badger BC Investments Ltd and Broxbourne Environmental Services (BEST) Ltd. The additional fee has not yet been estimated. The fees are based on a number of assumptions, including the Council providing good quality draft accounts and supporting working papers on the agreed dates and reliance being placed on the work of internal audit. Financial, Legal and Risk Implications There are no financial or risk implications arising from the recommendation in the report. The external auditors are required to comply with the Local Audit and Accountability Act 2014 and the statutory requirements governing their work, in particular the National Audit Office’s 2015 Code of Audit Practice and the Statement of Responsibilities issues by Public Sector Audit Appointments (PSAA) Ltd. Contribution to the Council’s Objectives and Environmental Sustainability Priorities The report supports the Council’s effective and enabling Council objective. Alternative Options Considered None. Equalities Implications There are no equalities implications arising from the recommendation in this report

Contact Officer: Mrs R Keene (Ext 5871)

List of Background Papers: Annual Audit Letter 2019/20


28/4/20

2. QUARTERLY REVIEW OF OPERATION

OF THE ETHICAL FRAMEWORK Head of Legal Services

RECOMMENDED that:

(a) the content of this report regarding the annual statistics be noted; and

(b) the procedure for dealing with alleged breaches of the Councillor Code of Conduct be noted.

Purpose This report is presented to the Committee to summarise ethical standards issues in the Council such as the number of complaints made, concerning alleged breaches of the members’ Code of Conduct, the outcome of any local assessments, investigations or determinations and any training provided on the Code of Conduct or other issues within the ethical framework. The report is included in the agenda of items for decision to ensure that the topic is raised for the Committee to consider whether any pro-active work on ethical standards issues needs to be undertaken.

For members’ information, Appendix A relates to this item. Introduction The Council is charged with promoting and maintaining high standards of ethical conduct by members in the Localism Act 2011. The Council is also required to adopt a Code of Conduct for members and co-opted members that accords with the Nolan principles of standards in public life. The principles of conduct are appended to the Code of Conduct which is part of the Council’s constitution. Annual Statistics There have been no complaints of a breach of the Councillor Code of Conduct since the last meeting of the Committee. Code of Conduct training for all Members of the Council, with an external trainer is in the process of being organised and will take place in May 2020. Procedure for dealing with complaints of a breach of the Code of Conduct At the Audit and standards Committee in November a draft procedure for dealing with alleged complaints of breaches of the Code of Conduct was considered. The Committee resolved that the Head of Legal Services and Chair of the Committee agree the final amendments. The final version of the procedure is attached for noting at Appendix A.


28/4/20

Legal, Financial and Risk Management Implications The legal implications are outlined in the report. There are no financial or risk implications. Contribution to the Council’s Objectives and Environmental Sustainability Priorities The Audit and Standards Committee has a pivotal role in how the Council delivers good governance and reviewing the effectiveness of these arrangements. Alternative Options Considered ‘Alternative options considered’ is not applicable to this report. Equalities Implications There are no equalities implications arising from the recommendation in this report.

Contact Officer: Mrs N Boateng (Ext 5702)

List of Background Papers: None.


28/4/20

Breach of the Councillor Code of Conduct Complaints Procedure

APPENDIX ‘A’

Introduction These “arrangements” set out how a complaint can be made against an elected Councillor or co-opted Councillor of the Borough of Broxbourne Council, who is alleged to have breached the Code of Conduct. These arrangements have been prepared in accordance with the Localism Act 2011. Under Section 28(6) and (7) of the Localism Act 2011, the Council must have in place “arrangements” to deal with allegations that a Councillor or co-opted Councillor, has failed to comply with the Code of Conduct. Such arrangements must provide for the Council to appoint at least one Independent Person, whose views must be sought by the Council before it takes a decision on an allegation which it has decided shall be investigated. The Independent Person’s views can be sought by the Council at any stage. The Councillor against whom an allegation has been made may also seek the views of the Independent Person. The Code of Conduct The Code of Conduct is the ethical standards framework that governs the conduct that is expected of Councillors. Broxbourne has adopted a Code of Conduct which is available on the Council’s website. https://www.broxbourne.gov.uk/sites/default/files/Documents/Councillor_services/Part%205%20-%20Codes%20and%20Protocols.pdf Making a complaint Complaints about the conduct of a Broxbourne Borough Councillor must be made in writing or via the online form and submitted to the Council’s Monitoring Officer together with any supporting evidence. The Monitoring Officer is an officer of the Council who has statutory responsibility for maintaining the register of Councillors’ interests and who is responsible for administering the system in respect of complaints of Councillor misconduct. The Monitoring Officer is only able to consider complaints that a Councillor has breached the Council’s Code of Conduct. Complaints should be sent in writing to the Council’s Monitoring Officer, who will be the point of contact regarding the complaint:

Nathalie Boateng Monitoring Officer Broxbourne Borough Council Borough Offices Bishops' College Churchgate Cheshunt Herts EN8 9XQ

https://www.broxbourne.gov.uk/sites/default/files/Documents/Member_services/Part%205%20-%20Codes%20and%20Protocols.pdf

https://www.broxbourne.gov.uk/sites/default/files/Documents/Member_services/Part%205%20-%20Codes%20and%20Protocols.pdf


28/4/20

Email: [email protected] Telephone: 01992 785555 extension 5702

When submitting a complaint the complainant must provide their name and a contact address or email address, so the complaint can be acknowledged and they can be kept informed of progress.

If the complainant wants to keep their name and address confidential, this must be indicated in the space provided on the complaint form. The Monitoring Officer will consider the request and if granted will not disclose the complainant’s name and address to the Councillor against whom the complaint is made, without the complainant’s prior consent.

However, the Council will not normally investigate anonymous complaints, unless there is a clear public interest in doing so. The complainant should also include details of what remedy they are seeking or whether an informal resolution would be acceptable.

The Monitoring Officer will acknowledge receipt of the complaint within ten working days of receiving it, and will keep the complainant informed of the progress of the complaint.

The Complaints Procedure Flowchart is annexed at Annex ‘1’.

Initial Assessment The Monitoring Officer will make an initial assessment, within 15 working days of receipt of the complaint. In certain straight forward circumstances the Monitoring Officer will dismiss the complaint at the outset. The complaint is likely to be dismissed if it does not merit further investigation, for example:

a) the subject of the complaint is no longer a Councillor,

b) the conduct complained about happened more than six months ago,

c) the conduct complained about happened in the Councillor’s private life, not when they

were acting as a Councillor or purporting to represent the Council,

d) the complaint is essentially against the actions of the Council as a whole and cannot

properly be directed against an individual Councillor(s),

e) the complaint is made anonymously,

f) there is no prima facie evidence that the Code has been breached or there is not enough

information to take the matter further,

g) the same, or substantially the same issue has been the subject of a previous Code of

Conduct complaint and there is nothing further to be gained,

h) the complaint is frivolous or vexatious,

i) the complaint is minor,

j) the complaint is against an officer of the Council (for which there is a separate complaints

procedure).

mailto:[email protected]


28/4/20

If the complaint is rejected at the initial assessment stage the Monitoring Officer will write to the complainant and the Subject Councillor to confirm why the complaint has not been progressed. A copy of the complaint will be provided to the Subject Councillor. If the complaint identifies potential criminal conduct at any time during this procedure, the Monitoring Officer will notify the Police. Where such a notification is made the Monitoring Officer will only confirm the notification to the complainant or Subject Councillor when it is appropriate to do so. Investigation Following the initial assessment, if the complaint hasn’t been rejected, the Monitoring Officer will liaise with the Independent Person (either appointed to act for Broxbourne or by arrangement with another Council) to determine whether the complaint should be investigated. The procedure for the investigation of the complaint is attached at Annex ‘2’. If the Monitoring Officer (in liaison with the Independent person) decides that a complaint merits further investigation, an Investigating Officer, (who may be the Monitoring Officer, a senior officer of the Council, an officer of another Council or an external investigator) will investigate the complaint. The Investigating Officer will decide whether they need to meet or speak to the complainant to understand the nature of the complaint and will suggest what documents need to be seen, and who needs to be interviewed. The Investigating Officer will write to the Subject Councillor and provide them with a copy of the complaint, and ask the Councillor to provide his or her explanation of events, and to identify what documents they need to see and who should be interviewed. In exceptional cases, where it is appropriate to keep the complainant’s identity confidential or where disclosure of details of the complaint to the Councillor might prejudice the investigation, the Monitoring Officer can delete the complainant’s name and address from the papers given to the Councillor, or delay notifying the Councillor until the investigation has progressed sufficiently. At the end of the investigation, the Investigating Officer will produce a draft report (“the Investigation Report”) and will send copies of the draft report, in confidence, to the complainant and to the Councillor concerned, to give both parties an opportunity to identify any matters in the draft report which are factually incorrect or require further consideration. Having taken into account comments the Investigating Officer will finalise the report. What happens if the Investigating Officer or Monitoring Officer concludes that there is no evidence of a failure to comply with the Code of Conduct? If an Investigating Officer has been appointed the Monitoring Officer will review the Investigating Officer’s report and, if satisfied that the Investigating Officer’s report is sufficient, the Monitoring Officer will write to the complainant and to the Councillor concerned, notifying them that no further action will be taken, and give both parties a copy of the Investigation Report. The report will not be referred to the Audit and Standards Committee or disseminated any further by the Monitoring Officer. What happens if the Investigating Officer or Monitoring Officer concludes that there is evidence of a failure to comply with the Code of Conduct? If an Investigating Officer has been appointed the Monitoring Officer will review the Investigating Officer’s report and either refer the matter for a hearing before the Audit and Standards Sub-Committee or if appropriate, in consultation with the Independent Person seek an informal resolution.


28/4/20

Informal Resolution The Monitoring Officer may consider that the matter can reasonably be resolved without the need for a hearing. In such a case, they will consult with the Independent Person, complainant and Subject Councillor to agree a fair resolution which also helps to ensure higher standards of conduct for the future. Such resolution may include the Councillor accepting that their conduct was unacceptable and offering an apology, and/or other remedial action. If the Councillor complies with the suggested resolution, the Monitoring Officer will report the matter to the Audit and Standards Committee for information, but will take no further action. Hearing If the Monitoring Officer considers that informal resolution is not appropriate, or the Councillor concerned is not prepared to undertake the proposed remedial action, then the Monitoring Officer will refer the Investigation Report to the Audit and Standards Committee. The Audit and Standards Sub-Committee will convene (comprising a minimum of three, maximum of five Councillors from its Committee) to hear the complaint. Five Councillors from the Audit and Standards Committee will be selected by the Leader (or deputy Leader if the Leader is the subject of the complaint) and ratified by Full Council annually to sit on the Sub-Committee (which much be politically balanced). The procedure for hearings is attached at Annex ‘3’. At the hearing, the Investigating Officer or the Monitoring Officer will present the Investigation Report, call such witnesses as they consider necessary and make representations to substantiate the conclusion that the Councillor has failed to comply with the Code of Conduct. For this purpose, the Investigating Officer or Monitoring Officer may ask the complainant to attend and give evidence to the Sub-Committee. The Subject Councillor will then have an opportunity to give their evidence, to call witnesses and to make representations to the Sub-Committee as to why he or she considers that they did not fail to comply with the Code of Conduct. The standard of proof to be applied by the Sub-Committee when determining whether the Subject Councillor has breached the Code of Conduct will be on the balance of probabilities; this means, on the evidence, the occurrence of the event was more likely than not. The Sub-Committee, with the benefit of any advice from the Independent Person, may conclude that the Councillor did not fail to comply with the Code of Conduct, and dismiss the complaint. If the Sub-Committee concludes that the Councillor did fail to comply with the Code of Conduct, the Chair will inform the Councillor of this finding and the Sub-Committee will then consider what action, if any, should be taken. In doing this, the Sub-Committee will give the Councillor an opportunity to make representations and will consult the Independent Person and will then decide what action to take in respect of the matter. What happens at the end of the hearing? At the end of the hearing, the Chair will state the decision of the Sub-Committee as to whether the Councillor failed to comply with the Code of Conduct and any action the Sub-Committee resolves to take. Within 7 working days the Monitoring Officer shall prepare a formal decision notice in consultation with the Chair of the Sub-Committee, and send a copy to the complainant and the Subject Councillor.


28/4/20

Who is the Independent Person? The Independent Person is an individual appointed by the Council to assist in an advisory role during investigations of an alleged breach of the Code of Conduct. The Independent Person cannot be an existing employee, a Councillor or co-opted member of the Council. The views of the Independent Person will be sought prior to the sub-Committee making a decision on a complaint. The Monitoring Officer will therefore send them a copy of the Investigation Report at the same time it is sent to the Subject Councillor and complainant. Any written representations from the Subject Councillor and complainant will also be sent to the Independent Person. The comments of the Independent Person will be made in writing and presented to the Committee for consideration. The Subject Councillor is also entitled to approach the Independent Person directly for their views. What action can the Audit and Standards Sub-Committee take where a Councillor has failed to comply with the Code of Conduct? Where the Sub-Committee decides there has been a breach of the Code, they will consider what sanctions should be imposed and recommend those sanctions to the Council. Possible Sanctions The sanctions that may be imposed are any or any combination of the following:

Removal of the Councillor from any Committee of the Council.

Terminate the Councillor’s appointment to any outside body where they represent the

Council.

Recommend to the Leader of the Council that the Councillor be removed from the

Cabinet, or removed from particular Portfolio responsibilities;

Censure or reprimand the Councillor.

Publish the findings of the Sub-Committee in respect of the Councillor’s conduct. (This

may be on the Council’s website and or in the local press, as determined by the Sub-

Committee).

Direct the Councillor to attend training.

Removal of any facilities which the Council provides to the Councillor.

Require the Councillor to apologise in writing to the Complainant and or the Council.

Exclude the Councillor from Council premises for a specified period of time (except

meeting rooms for the purpose of attending Council meetings which they are entitled to

attend (i.e. those open to the public)).

Appeals There is no right of appeal for either the complainant or the Subject Councillor against a decision of the Monitoring Officer or of the Audit and Standards Sub-Committee. However, if the complainant believes the Council has failed to deal with the complaint properly, the complainant may complain to the Local Government Ombudsman.

(March 2020)


28/4/20

Complaints Procedure Flowchart ANNEX ‘1’


28/4/20

Investigation Procedure ANNEX ‘2’

On receipt of instructions to carry out an investigation from the MO/ ensure sufficient detail is received to commence an investigation

Identify:

Whether further information from the complainant is required

What paragraphs of the code are alleged to have been breached

The facts which need to be determined to establish if the member has breached the code

The evidence you need to determine the issues

How you plan to gather the evidence

How long it is likely to take to undertake the investigation

Identify witnesses and arrange interview(s)

Interview subject Member

Request any further documentary evidence

Draft report and submit to MO for consideration. Report to contain:

Agreed facts

Facts not agreed and corresponding conflicting evidence

Conclusion as to whether there is a breach of the code or not

Acknowledge receipt

MO either accepts or asks you to reconsider your report

Contact complainant and request any

supporting or further documentary

evidence relating to the complaint

Contact Subject Councillor with details

of the complaint and seek explanation


28/4/20

Audit and Standards Sub-Committee Hearing Procedure ANNEX ‘3’

Item No.

Procedure

1

Quorum

1.1. A minimum of three Councillors must be present throughout the hearing to form a quorum.

1.2. The Committee shall nominate a Chairman for the meeting

2

Opening

2.1 The Chairman asks all present to introduce themselves. 2.2 The Chairman explains the procedure for the hearing.

3

The Complaint

3.1 The Investigating Officer presents their Investigation Report including any documentary evidence or other material and may call witnesses. The report and documentary evidence must be based on the complaint, no new points will be allowed.

3.2 The Councillor against whom the complaint has been made (or their

representative) may question the Investigating Officer on the content of their report and any witnesses called by the Investigating Officer. (This is the Councillor’s opportunity to ask questions rising from the Investigators report and not to make a statement)

3.3 Members of the Sub-Committee may question the Investigating Officer on the

content of the report and/or any witnesses called by the Investigating Officer

4

The Councillor’s case

4.1 The Councillor against whom the complaint has been made (or their representative) may present their case (and call any witnesses as required by the Councillor or their representative)

4.2 The Investigating Officer may question the Councillor and/or any witnesses 4.3 Members of the Sub-Committee may question the Councillor and/or any

witnesses

5

Summing Up

5.1 The Investigating Officer may sum up the Complaint 5.2 The Councillor (or their representative) may sum up their case.


28/4/20

6

Decision

6.1 Members of the Sub-Committee will deliberate in private to consider the complaint in consultation with the Independent Person prior to reaching a decision

6.2 Upon the Sub-Committee’s return the Chairman will announce the Sub-

Committee’s decision in the following terms:- 6.2.1 The Sub-Committee decides that the Councillor has failed to follow the

Code of Conduct or 6.2.2 The Sub-Committee decides that the Councillor has not failed to follow the

Code of Conduct 6.2.3 The Sub-Committee will give reasons for their decision 6.3 If the Sub-Committee decides that the Councillor has failed to follow the Code of

Conduct the Sub-Committee will consider any representations from the Investigator and/or the Councillor as to:

6.3.1 Whether any action should be taken and

6.3.2 What form any action should take

6.4 The Sub-Committee will then deliberate in private to consider what action if any

should be taken in consultation with the Independent Person 6.5 On the Sub-Committee’s return the Chairman will announce the Sub-Committee’s

decision

6.6 The Sub-Committee will consider whether it should make any recommendations to the Council with a view to promoting high standards of conduct among Councillors

6.7 The Chairman will confirm that a full written decision will be issued within 7

working days following the hearing.


28/4/20

3. INTERNAL AUDIT PROGRESS REPORT NOVEMBER 2019 TO MARCH 2020

Head of Internal Audit

Purpose To update members on the work undertaken by the Internal Audit and the Shared Anti-Fraud services since the November 2019 meeting. For members’ information, Appendices B to D relate to this item. Progress against Audit Plans Work is progressing on the 2019/20 Internal Audit Plan as detailed in Appendix B. Three audit reports have been issued since the last meeting as detailed below. Purchases/spend analysis - Substantial Assurance This audit was based on an analysis of the Council’s payments with in-depth testing for a sample of these. The audit found there are effective controls in place when setting up a new supplier and evidence of good practice during the weekly payment run by the Financial Services Manager that involves checks on payments above £10k and on other payments selected at random. System controls are in place to enforce segregation of duties; officers who raise a purchase order cannot also authorise payment of the same purchase order or the payment requisition. The audit found no inappropriate, fraudulent or duplicate payments. On the whole officers are complying with Contract Standing Orders although minor weaknesses where noted when undertaking purchases, in particular the maintenance of appropriate records to evidence and document value for money and when updating the Contracts List. HR starters, leavers and movers – Substantial Assurance There are effective processes and controls in place to ensure starters, amending movers and removing leavers are made on the Personnel and Payroll Systems (Snowdrop and Cintra) accurately and promptly. There was appropriate authorisation in place to substantiate these changes. Segregation of duties between the personnel and payroll sides within Snowdrop is not possible due to the system limitations and will need to be built into the new ‘iTrent’ system which is replacing Snowdrop.

All data (including personal and sensitive data) is transmitted securely via secure portals and manual data is held securely within the Personnel and Payroll office.

RECOMMENDED that:

(a) the progress made against the 2019/20 Internal Audit plan be noted; and

(b) the work of the Shared Anti-Fraud Service be noted.


28/4/20

Income Spotlight – Substantial assurance

The cash handling and banking arrangements at the Spotlight are well managed and there are robust controls to protect cash received. CCTV is in operation and cash is held securely in safes until collected by G4S. The documented cashing up procedures for food and beverage will be updated to reflect the actual processes carried out (which includes independent verification of reconciliations) to provide adequate instructions for anyone unfamiliar with the process to follow.

Spotlight income by all payment methods (cash, cheques, cards and internet) is reconciled daily by the Box Office and Admin Supervisor. Discrepancies are investigated promptly and reported if not resolved. Monthly reconciliations by finance ensure all income received is banked.

Significant Audit Reports Audit and Standards Committee Members have requested to see those audit reports giving limited assurance. None have been issued since the last meeting. Other Internal Audit Activities A number of assignments in the 2019/20 Audit Plan are intended to provide advice and guidance to the Council on current issues. As these assignments will not normally result in a single, traditional audit report. Internal Audit will summarise its output here for members’ information.

Shared Anti-Fraud Service (SAFS) Internal Audit continues to work closely with SAFS, and a summary of Council wide anti-fraud activities and their successes are detailed in Appendix C.

Annual Service Assurance Statement exercise Internal Audit is co-ordinating the process to ensure service assurance statements are completed by managers, and as part of year-end processes. The results of these will be analysed by Internal Audit, shared with the Corporate Governance Group and the results fed into the 2019/20 Annual Governance Statement which will be presented to the Committee in June.

Recommendation Tracker The Audit and Standards Committee receives details of all overdue recommendations, plus any fundamental recommendations from final reports, regardless of whether they are overdue or not. The current tracker (see Appendix D) contains nine recommendations which have passed their original implementation date and a comparison with previous periods is given to demonstrate progress. The high priority recommendation passed its due date relates to the requirement for an Asset Management Strategy action plan.

Recommendation type Number (March 2020)

Number (November 2019)

Number (June 2019)

High not passed its due date 0 1 0

High passed it due date 0 1 3

Medium passed its due date 3 4 2

Low passed its due date 3 2 1

Total 6 8 6


28/4/20

PROGRESS AGAINST THE ANNUAL GOVERNANCE STATEMENT In June 2019, the Audit and Standards Committee approved the Annual Governance Statement (AGS) which accompanies the Council’s Statement of Accounts.

The Governance Group, chaired by the Head of Legal Services continues to monitor the actions set out in the AGS, as a standing agenda item. The table below sets out the current position against the action plan:

Objective Action to be taken in 2019/20 Progress at March 2020

Trading Companies: In April 2019 the establishment of a Shareholder Panel to oversee the operation of the trading companies owned by the Council was agreed

Review the membership and outcomes of the Shareholder Panel to ensure it is adequately carrying out the shareholder functions on behalf of the Council

The Shareholder Panel met in July 2019 and agreed Terms of Reference and Chairman. Agenda items included the BEST business plan and Badger BC Investments Ltd management accounts for 2018/19. Progress will be ongoing

Brexit: If there is a 'no deal' Brexit then this may impair the Council's strategic aims and objectives

Brexit features on the corporate risk register and the Council has produced a document which outlines the possible implications for the Council. This will be continually monitored when there is more clarity around the position of the UK

Consequences of the recent exit from the European Union are being monitored by CMT. The risk around a no deal Brexit has been removed from the Council’s corporate risk register as from February 2020

Transformation: The Council continues in 2019/20 with its significant investment programme of service changes

Continue oversight via a dedicated named Cabinet Member and dedicated Director driving the transformation programme

The refurbished reception area is open and regular updates continue in the staff newsletter. Work has commenced on the next set of customer journeys. Training where required for new processes is being provided

Common themes from the Service Assurance Statements were: Succession planning The work of Personnel is this area will

be disseminated to service leads This has been discussed at CMT, a report is due to be prepared by the Personnel and Payroll Manager

Business Continuity Planning

Work at the corporate level on priority services has been largely completed. The focus in 2019/20 will be on non-priority services

CMT considered the updated plan on 4 September, and was considered by Heads of Service at their October meeting. Once formally approved the plan will be reviewed and updated semi-annually. A training and testing programme will be developed with the help of the Council’s insurer. Review of non-priority service continuity arrangements is outstanding

Financial, Legal and Risk Management Implications Internal Audit has a primary objective to provide an independent and objective opinion on the adequacy of the Council’s control environment, including its governance and risk management


28/4/20

arrangements. The audit reports referred to in this report assist managers to determine the adequacy and effectiveness of the arrangements in place in their services. Contribution to the Council’s Objectives and Environmental Sustainability Priorities Internal Audit supports and contributes to the achievement of the Council’s objectives through its Annual Plan of work. Namely: Innovative Broxbourne: An effective, enabling Council 14. Achieve financial self-sufficiency by 2020 17. Be transparent and ensure effective scrutiny and risk management 18. Develop a workforce with the skills to meet changing need 19. Assess the performance of Council services and take action to improve. Alternative Options Considered ‘Alternative options considered’ is not applicable to this report. Equalities Implications There are no equalities implications arising from the recommendation in this report. Conclusion Progress is being made against the agreed 2019/20 audit plan. Contact Officer: Mrs S Marsh (Ext 5527)

List of Background Papers: Internal Audit Plan Internal Audit monitoring reports Chartered Institute of Public Finance & Accountancy (CIPFA) audit committee practical guidance for Local Authorities and police (2018 Edition)


28/4/20

Progress Against Plan March 2020 APPENDIX ‘B’

Risk Area/Audit Risk Area/Theme Plan Days Status F

ield

wo

rk

sta

rte

d

Re

po

rt is

su

ed

to

Ma

na

gem

en

t

Fin

alis

ed

Op

inio

n:

Lev

el

of

As

su

ran

ce

Hig

h

Re

co

mm

en

da

tio

ns

Me

diu

m

rec

om

me

nd

ati

on

s

Lo

w

rec

om

me

nd

ati

on

s

Local Government Pension Scheme (LGPS) annual assurance audit

Chief Executive 5 Complete N/A 0 1 0

Economic Development Chief Executive 12 Final report Substantial 0 1 2

Income - Spotlight Finance 10 Final report Substantial 0 1 0

HR Starters Leavers and Movers Chief Executive 5 Final report Substantial 0 1 0

Value for Money and data analytics – spend analysis

Finance 10 Final report Substantial 0 1 3

H&S – Spotlight Corporate 10 Final report Moderate 0 4 0

Simple Lets Finance 10 Final report Limited 1 4 2

H&S – Golf Club follow up Corporate 10 Final report N/A 1 3 0

IT – Change and Patch Management Finance 10 In progress

IT – Omniledger system review Finance 10 In progress

Key Financial Control – Cash and Banking

Corporate 10 In progress

Key Financial Controls – Council Tax and Business Rates

Finance 25 In progress

Performance Management – housing and homelessness

Finance 10 In progress

Homelessness Finance 12 In progress

Asset Valuations (new audit) Finance 10 In progress

Complaints Corporate 10 In progress

Declarations of Interest (staff and Members)

Corporate 10 In progress

Building Control Chief Executive 10 Scoping


28/4/20

Information Management – data retention and disposals

Corporate 15 Scoping

Key TOTAL 2 16 7

H&S – Health and Safety HR – Human Resources

Summary of Anti-Fraud Activity April 2019 – February 2020 APPENDIX ‘C’

Payroll/Internal Fraud- Officers from Personnel, Internal Audit and the Shared Anti-Fraud Service (SAFS) are working together to

develop a new simpler process for staff and contractors to raise concerns, including fraud and corruption, and report these

anonymously for investigation. This will include a review of the Council’s Whistleblowing Policy.

The Council has in place an E-learning module on fraud, money laundering and bribery that is mandatory for all staff and this is be

linked to existing anti-fraud policies.

SAFS are delivering training to front-line enforcement staff in the use of the systems provided by the National Anti-Fraud Network.

Housing Fraud - SAFS has been working closely with the housing team to identify ways to prevent and deter fraudulent housing

applications and improve the way the service scrutinises housing and homelessness applications to identify potential fraud.

SAFS has been developing proactive methods to identify fraud, this has resulted in the removal of a number of applications from the

Housing Register.

SAFS works with B3Living investigating illegal misuse, including sub-letting, of social housing stock in the Borough. Where misuse is

proven and properties brought back into stock these are made available to the Council for priority housing.

Housing Benefit Fraud - SAFS works closely with the DWP to investigate instances of housing benefit fraud and with the Shared

Revenue and Benefit (R&B) Service who are able to report suspected fraud directly to SAFS as well as the DWP.

Council Tax Fraud - As above SAFS works with the Shared R&B Service where council tax fraud is suspected; this is often linked to

social security benefits and housing benefit.


28/4/20

Blue Badge Fraud/Misuse - SAFS staff have worked with the Council’s parking enforcement team for some years and ‘spot’

campaigns were run in 2019 and a further campaign, planned for March 2020, will be supported by the Council’s Communication

Team aimed at deterring the misuse of blue badges in the Council’s pay and display car parks.

National Fraud Initiative - Internal Audit and SAFS have been dealing with the outcomes of the Biennial Cabinet Office initiative.

The Council received 1571 matches for review. To date 274 reviews have been completed and notional savings of £109k reported to

the Cabinet Office. This work included the removal of 16 housing applications from the Housing Register.

Reported fraud and outcomes:

110 Allegations of suspected fraud have been reported to SAFS so far this year. Of the 110, 54 cases have been reported by the

public and the majority of cases relating to housing benefit or council tax support.

25 cases have been investigated by SAFS and closed to date. 14 cases have recoverable fraud losses of £65k identified. 46 cases

are still under investigation.

Three of the most serious cases have been referred for prosecution. One case relates to a fraudulent homelessness application, the

second to an internal fraud and the third a fraudulent council tax discount claim.

Seven financial penalties have been offered as alternatives to prosecution where council tax discount fraud was identified; raising

£6.1k for the Council.

Internal Audit Recommendation Tracker Last Updated: 13 March 2020

APPENDIX ‘D’

Audit Year

(Date report issued)

Rec Ref

Original Recommendati

on Priority

Original Managers Response

Responsible Officer

Agreed Imp Date

Revised Imp Date

Status Update from Management Status

Nightly Paid (Bed and Breakfast) Accommodation Report No. 09.18/19

5b Formally document the rent arrears processes and procedures and financial

Low Role of the Financial inclusion Service needs to be systematised.

Head of Housing

A workplan will be devised by 31/03/19 for

01/04/19 01/09/19 01/12/19 31/05/20

Mar 19: Proposals to formalise Financial Inclusion processes allowing for conditional tailored rent solutions to benefit capped cases are being worked up.

May 19: Formal documented rent arrears procedure was implemented in December

Overdue


28/4/20

Audit Year (Date report

issued)

Rec Ref


on Priority


Responsible Officer

Agreed Imp Date

Revised Imp Date


(November 2018)

Inclusion procedures.

implementation during 2019/20

2018. Procedures for Financial Inclusion are currently being written.

Oct 19: Financial Inclusion procedures are currently being written; due date 01/12/19.

Feb 20: Rent arrears process is currently being reviewed as part of the Transformation Programme service re-design work. New processes and procedures will be drawn up covering both the temporary accommodation team and financial inclusion service. Due date May 2020.

Parks and Grounds Maintenance Report No. 13.18/19 (April 2019)

1 Management should consider most cost effective way of updating works history on Easytree.

Low The option of automated updates will be discussed with the software provider.

Director of Environmental Services

30/06/19

.

31/03/20 01/06/20

Oct 19: No change as waiting for the transformation programme to be completed and expected hardware support to be confirmed prior to any software upgrade. The Green Spaces Manager is liaising with Transformation team

Feb 20: No change, transformation programme has started but not complete. Expected hardware support to be confirmed prior to any software upgrade. The Green Spaces Manager is liaising with Transformation team.

Overdue

Leisure Income Report No. 12.18/19 (May 2019)

1 Management to consider introducing a formalised annual marketing plan, linked to Leisure Income Strategy in order to formally review

Low

The creation of a formal annual marketing plan will allow us to accurately measure and monitor outcomes; albeit there is a need to develop

Communications and Customer Services Manager/ Deputy Marketing Manager Centres Manager

31/12/19 01/06/20 Feb 20: Marketing colleagues have been provided with the marketing planning information which they will use to develop a marketing plan/strategy.

Overdue


28/4/20


issued)

Rec Ref


on Priority


Responsible Officer

Agreed Imp Date

Revised Imp Date


outcomes from investment in marketing activity

an integrated approach to CRM.

Head of Finance

Commercial Rents Report No. 02.18/19 (May 2019)

8(d)

Procedures should be reviewed and amended in line with the Commercial Property Policy to ensure they agree. Record date of review.

Medium There are a large number of procedural documents which given current workload and resources will take a number of months to review

Head of Property Services (Senior Surveyor)

31/12/19 31/12/20 Oct 19: The team has started looking at the procedures and are in the process of going through them in more detail. This has not yet been completed as very time consuming and lack of resources.

Feb 20: Still under review.

Overdue

Simple lets Report No. 09.18/19 (August 2019)

4 (a) Ensure reconciliation between the agreed simple lets loan agreement, the payments made from e5 and the amounts being invoiced on e5 is undertaken on a monthly basis and reconciling items are resolved.

(b) A copy of the payment requisition should be retained on Locata and a copy provided to Accounts

Medium Group accountant is going to complete reconciliation process. This will be completed every month.

Accommodation and Resources Manager / Housing Assessment Manager

01/09/19 01/12/19 31/03/20

Oct 19: Reconciliation still required to be undertaken monthly

Feb 20: Reconciliation in progress. Due to be up to date by end March 2020.

Overdue


28/4/20


issued)

Rec Ref


on Priority


Responsible Officer

Agreed Imp Date

Revised Imp Date


Receivable so that they can ensure invoices raised agree to loans provided.

Economic Development Report No.18.19/20 (October 2019)

1 The baseline position or measurements are defined, from the existing datasets, for each of the economic development objectives and areas of focus.

Medium Baseline data will be provided in a document that sits within the economic development work plan. It will enable progress to be monitored more effectively.

Economic Development Manager

31/01/20 31/03/20 Feb 20: Work is being completed on the statistics to drop into the Economic Development Strategy; this plan is in draft format.

Overdue


28/4/20

4. HERTFORDSHIRE SHARED ANTI-FRAUD SERVICE 2020/21 ANTI-FRAUD PLAN


RECOMMENDED that the Anti-Fraud Plan for 2020/21 be agreed.

Purpose To present the proposed 2020/21 Anti-Fraud Plan for the Council. For Member’s information Appendix ‘E’ relates to this item Introduction Reports published by Government and private/public sector organisations highlight fraud as a risk

for local government. Reviewing the findings from these reports has assisted in the design of the

Council’s anti-fraud arrangements and ensures that the Council is aware of its fraud risks and

finds ways to mitigate or manage these effectively wherever possible.

These reports include:

Fighting Fraud and Corruption Locally 2016–2019 Strategy produced by the Chartered

Institute of Public Finance and Accountancy (CIPFA) in March 2016 and supported by

MHCLG (Ministry of Housing, Communities and Local Government)

UK Annual Fraud Indicator 2018 published in partnership by Crowe Clark Whitehill,

Portsmouth University and Experian

CIPFAs Fraud and Corruption Tracker 2019 indicates that identified fraud had increased

since 2016 but that the capacity within the sectors counter fraud response had reduced, and

would continue to do so, potentially placing local government at even greater risk of fraud

The Cabinet Office, Ministry for Housing Communities and Local Government (MHCLG), National

Audit Office (NAO), and CIPFA (Chartered Institute of Public Finance and Accountancy) have

issued guidance, advice, and best practice directives to support local councils in the fight to

reduce the risk of fraud and prevent loss to the public purse. This advice includes the need for

councils to be vigilant in recognising their fraud risks and to invest resources in counter fraud

activities to prevent losses.

Broxbourne Council is a founding member of the Hertfordshire Shared Anti-Fraud Service

(SAFS). This Committee has previously received detailed reports how this service works closely

with the Council’s Internal Audit Service. SAFS works across the whole Council dealing with many

aspects of fraud from deterrence and prevention to investigation and prosecution.


28/4/20

It is essential that to support this work the Council has in place a robust framework to prevent and

deter fraud, including effective strategies and policies, and plans to deal with the investigation and

prosecution of fraud.

In 2017 the Local Government Association (LGA) published its Councillors Workbook on Bribery

and Fraud Prevention. A copy of the Workbook has been provided in the past to Members and

additional copies are available on request.

Plans and Reports 2020/21

Anti-Fraud and Corruption Strategy The Council has in place a detailed and up to date Anti-Fraud and Corruption Strategy. This

document sets out the Council’s stance on fraud and includes advice on reporting identified or

suspected fraud. This was approved by the Committee at their November 2019 meeting.

Anti-Fraud Action Plan 2019/20

The Council’s Anti-Fraud Action Plan for 2019/2020, approved by Members in March 2019, dealt

with all areas recommended by CIPFA ensuring that the Council acknowledges the risk of fraud,

its responsibility to combat this risk, and takes appropriate action to prevent, deter and pursue

fraud. Progress against this plan was provided to Members in November 2019 and a final report

for 2019/20 will be provided to the Committee at the June 2020 meeting.

Anti-Fraud Plan 2020/21

The plan for 2020/21 (Appendix E) follows a similar format to that used in previous years.

Financial, Legal and Risk Management Implications

There are no financial implications and no direct risk management implications arising from the recommendations. Contribution to the Council’s Objectives and Environmental Sustainability Priorities The Shared Anti-Fraud Service is an integral part of the Council’s Anti-Fraud and Corruption strategy and helps to safeguard Council resources. Innovative Broxbourne: An effective, enabling Council 14. Achieve financial self-sufficiency by 2020 17. Be transparent and ensure effective scrutiny and risk management 18. Develop a workforce with the skills to meet changing need 19. Assess the performance of Council services and take action to improve. Alternative Options Considered None


28/4/20

Equality Implications There are no equality implications arising from this report Conclusion The Council’s Anti-Fraud Plan supports the anti-fraud and corruption strategy. Contact Officer: Mrs S Marsh (Ext 5527)

List of Background Papers: None


28/4/20

APPENDIX ‘E’

Borough of Broxbourne Council Anti-Fraud Plan 2020/2021

in partnership with

Hertfordshire Shared Anti-Fraud Service

Introduction This plan supports the Council’s Anti-Fraud and Corruption Strategy by ensuring that the Council,

working in partnership with the Hertfordshire Shared Anti-Fraud Service and others, has in place

effective resources and controls to prevent and deter fraud as well as investigate those matters that do

arise.

The Council’s Strategy states its key aims and objectives;

Maintain a culture that will not tolerate fraud or corruption

Ensure staff and Members demonstrate the highest standards of honesty and integrity at all

times.

Commit to an Anti-Fraud and Corruption Strategy that covers the best practice principles of

prevention, detection, deterrence, investigation, sanctions and redress.

Establish and maintain effective systems of internal controls.

Promote efficiencies to tackle fraud and corruption through collaboration, partnership and

regional partnership working.


28/4/20

Support the work of the police and other external agencies, such as the Department for Work

and Pensions, the Cabinet Office (National Fraud Initiative) and the National Audit Office in

fighting fraud in the public sector.

Ensure the Council is aligned to national anti-fraud and corruption initiatives and good practice

including the UK Anti-Corruption Plan (last updated May 2016) and the national Local

Government Counter Fraud and Corruption Strategy 2016-19.

This plan includes objectives and key performance indicators that support the Strategy and meet the

best practice guidance/directives from central government department such as Ministry for Housing

Communities and Local Government (MHCLG) and other bodies such as National Audit Office (NAO)

and the Chartered Institute for Public Finance and Accountancy (CIPFA).

National Context

In 2013 the National Fraud Authority stated that the scale of fraud against local government “is large, but difficult to quantify with precision”. Since 2013 a number of reports have been published by various organisations including CIPFA, NAO and MHCLG stating that the threat of fraud against local government is both real, causes substantial loss and that fraud should be prevented where possible and pursued where it occurs. The Annual Fraud Indicator (AFI) 2017 (published in partnership by Crowe Clark Whitehill, Portsmouth University and Experian) attempts to identify the cost of fraud to the UK economy. The AFI estimated fraud losses for local government exceeded £7bn in 2016/17, excluding housing benefit fraud and council tax fraud. In 2019 the National Crime Agency’s Public Private Threat Update - (Economic Crime) for 2018 identified that reported nationally fraud loss had increased by 38% on the previous year and incidents of fraud crime had increased by 9%. The report highlights insider fraud, cyber enabled fraud and identity fraud as key areas of risk. In CIPFA’s Counter Fraud and Corruption Tracker 2019 – Summary Report reported fraud in local government had a downward trend in 2018/19 compared to previous years, in particular in relation to tenancy and social housing fraud. The report mentions that this trend may be indicative of action taken by local government to prevent this type of fraud. But that report goes on to suggest that the three biggest areas of fraud risk for local government remain procurement, council tax and adult care services. The Council has always accepted and acknowledged that it is at risk of potential fraud and it is clear that the increasing upward trend of reported fraud nationally requires the Council to ensure that it has in place robust processes and strategies to reduce the opportunity for fraudsters to attack the Council’s finances. Every pound lost to fraud from the public purse is a pound lost from essential front line services. The CIPFA Local Government Counter Fraud and Corruption Strategy (2016-2019) provides a

strategic response for local government to deal with the threat of fraud and provides three key principles

‘Acknowledge/Prevent/Pursue’. The strategy was supported by Department for Communities and Local

Government, the Local Government Association and Fighting Fraud Locally Board. A new strategy will

be announced in March 2020 and this expected to follow the same six themes or six C’s:

Culture - creating a culture in which beating fraud and corruption is part of daily business,


28/4/20

Capability - ensuring that the range of counter fraud measures deployed is appropriate to the

range of fraud risks,

Capacity - deploying the right level of resources to deal with the level of fraud risk,

Competence - having the right skills and standards,

Communication - raising awareness, deterring fraudsters, sharing information, celebrating

successes

Collaboration - working together across internal and external boundaries: with colleagues, with

other local authorities, and with other agencies; sharing resources, skills and learning, good

practice and innovation, and information

The Council’s Anti-Fraud Plan 2020/21 is based on the principles of ‘Acknowledge, Prevent and Pursue’

and the six C’s to ensure the Council is adequately protected against the risk of fraud and that, where

fraud does occur, there are plans to manage, mitigate and recover losses.


28/4/20


28/4/20

Key Performance Indicators (KPIs) 2020/21

KPI Measure Target

2020/21

Reason for KPI

1 Return on investment Demonstrate, via the SAFS Board, that the Council is receiving a financial return on investment from membership of SAFS and that this equates to its financial contribution.

Transparent evidence to Senior Management that the Council is receiving a service

matching its contribution.

2 Provide an investigation service

A. One FTE on call at the Council. (Supported by SAFS Intel/ AFI/Management).

B. Three Reports to Audit Committee. C. SAFS Attendance at Management Meetings/

R&B Liaison Meetings.

Ensure ongoing effectiveness and resilience of the Council’s anti-fraud

arrangements.

3 Action on reported fraud A. All urgent/ high risk cases two days.

B. All other cases five days on average.

Ensure that all cases of reported fraud are triaged within agreed timescales.

4 Added value of SAFS membership

A. Membership of NAFN (National Anti-Fraud Network) and PNLD (Police National Legal Database)

B. Membership of CIPFA Counter Fraud Centre

C. NAFN Access and training for relevant Council Staff

D. Five fraud training events in year for staff and Members

Deliver additional services that will assist in the Council in preventing fraud across all services and in the recovery

of fraud losses.

5 Allegations of fraud received and success

rates for cases investigated

A. All reported fraud (referrals) will be logged and reported to the Council by type and source.

B. 60% of cases investigated and closed in year with a positive outcome

C. All cases investigated will be recorded and the financial value, including loss/recovery/ savings of each, Reported.

This target will measure the effectiveness of the service in

promoting the reporting of fraud and measure the

effectiveness in identifying cases worthy of investigation.


28/4/20

KPI Measure Target

2020/21

Reason for KPI

6 Making better use of data to prevent/identify

fraud

A. Develop the Hertfordshire FraudHub for the Council.

B. Support the NFI 2020/21 data upload for the Council.

C. Consider other areas where the better use of data will benefit the Council financially.

Build a Hub that will allow the Council to access and share

data to assist in the prevention/detection of fraud.


28/4/20

5. AUDIT AND STANDARDS COMMITTEE AUDIT COMMITTEE ANNUAL REPORT 2019/20


RECOMMENDED that:

(a) the Audit and Standards Committee Annual Report for 2019/20 be agreed; and

(b) the report be referred to the Council for approval.

Purpose The Annual Report of the Audit and Standards Committee outlines the Committee’s work and achievements during 2019/20. The Annual Report helps to demonstrate to residents and the Council’s other stakeholders the vital role that is carried out by the Audit and Standards Committee and the contribution that it makes to the Council’s overall governance arrangements. Background The purpose of the Audit and Standards Committee is to provide:

independent assurance to the Council in respect of the effectiveness of its Council’s governance arrangements, risk management framework and the associated control environment; and

independent scrutiny of the Council’s financial and non-financial performance to the extent that it affects the Council’s exposure to risk and could weaken the control environment.

Assurance Activity 2019/20

To help the Committee draw conclusions about the effectiveness of the Council’s internal control framework, governance and risk management it gained assurances from the following sources: Internal Audit The Accounts and Audit (England) Regulations 2015 require the Council to maintain an adequate and effective Internal Audit function which is discharged by the Director of Finance. Internal Audit is a key source of independent assurance for both Members and management on the effectiveness of the control framework. The Committee has a responsibility for ensuring that Internal Audit is effective in the provision of this assurance. During the year the Committee considered and agreed reports regarding the Internal Audit Strategy, Internal Audit Charter and Annual Plan 2019/20, and progress in implementing audit recommendations. It also received regular progress reports on the work and performance of Internal Audit. These reports have helped in ensuring that there is an effective system of governance, risk management and internal control in place. Assurance Framework / Annual Governance Statement The Committee’s Terms of Reference include advising on the effectiveness of the Council’s internal controls and whether these are being adequately maintained. During the year, the Committee has received reports on the control framework by way of Internal Audit work, External


28/4/20

Audit work, the proactive fraud work undertaken, review of relevant policies (such as Local Code of Governance and the anti-fraud and corruption strategy) and updates from the Council’s risk registers. Members are provided with progress made on the issues raised in respect of the Annual Governance Statement and of the annual service assurance process. The Assurance Framework is compiled from various sources of assurance, for instance from Heads of Service and other key officers including the Director of Finance and the Head of Legal Services. The Head of Internal Audit provides an annual report and opinion regarding the Council’s control, governance and risk management framework. This opinion is considered by the Committee alongside other sources of assurance. The Committee reviewed the Annual Governance Statement (AGS) for 2018/19 along with progress in addressing the governance issues identified in the 2017/18 AGS. For 2018/19 the AGS identified governance issues requiring further improvement or for closer monitoring relating to:

Oversight of the Council’s trading companies via the Shareholder Panel

Potential impact of a ‘no deal’ Brexit

Delivery of the transformation programme

Succession planning

Business continuity testing Through the Internal Audit progress reports the Committee receives updates on progress being made for the governance improvement areas identified in the 2018/19 AGS. The assurance framework remained unchanged during 2019/20 and the Council’s Code of Corporate Governance was reviewed by the Audit and Standards Committee in November 2019 to ensure it remained compliant with the CIPFA (Chartered Institute of Public Finance and Accountancy)/SOLACE (Society of Local Authority Chief Executives) Framework – delivering Good Governance in Local Government and no changes were required. The Committee was able to satisfy itself that there is a robust assurance framework in place to safeguard the Council’s resources through reliance on the annual review of the Council’s system of internal control and the Head of Internal Audit’s annual opinion. During the year there have been no reported major breakdowns in internal control, governance and risk management issue that have led to a significant loss in one form or another, nor any major weakness in the governance systems that has exposed, or continues to expose, the Council to an unacceptable level of risk. Anti-Fraud and Corruption Countering fraud and corruption is the responsibility of every councillor and officer of the Council. The Committee’s role in this area has been to monitor and support the actions taken by officers to counter fraud, particularly those officers within the Hertfordshire Shared Anti-Fraud Service (SAFS), who work in tandem with Internal Audit. The Committee receives reports and presentations on such work undertaken in the Council and proactive fraud work, for example participation in the National Fraud Initiative (NFI) and providing training and awareness. The Council continues to send out a strong message that fraud will not be tolerated and that where fraud is proven the strongest possible actions of redress will be taken.


28/4/20

Based on the work to date, coupled with no major incidences of internal fraud and corruption being highlighted by management, SAFS or audit, the Committee concludes there is a sound anti-fraud and corruption framework in place. The Council’s Anti-Fraud and Corruption Strategy was revised and approved by the Committee in November 2019. Risk Management

In June 2019, the Committee received the annual report on risk management, which demonstrated the Council continued to progress its risk management programme. Including enhancing monitoring and reporting mechanisms to ensure there is adequate scrutiny and challenge of risk across the Council and aligning this with the service planning process. At each Committee members are presented with the corporate strategic risk register and a rolling review of the departmental risk registers. Statement of Accounts and External Auditors

At its June 2019 meeting the Committee reviewed and formally approved the Council’s Statement of Accounts for 2018/19. During the year the Committee received a number of reports from the external Auditors (EY) who regularly attend the Committee meetings. These reports include the Audit Results Report 2018/19, Annual Audit Letter 2018/19, Audit Plan 2019/20 and Grant Claims and Returns Certificate for the year ending March 2019. The Committee consider any risks highlighted by the External Auditors. Committee Working Arrangements The Committee has a rolling and flexible programme of work for its main areas of activity which is proactively reviewed and can be amended throughout the year to reflect changes in policies, priorities and risks. The Committee met three times in 2019/20. The Committee considered items which are presented annually, such as audit results, the Statement of Accounts, the Annual Governance Statement and audit plans; as well as other items including updates on risk, the Anti-fraud and Corruption Strategy and Code of Corporate Governance. A review of the Audit and Standards Committee Terms of Reference was undertaken and presented to the Committee in November 2019. Training sessions have been provided, typically before meetings, and the agreed work programme enables the Audit and Standards Committee to provide an independent assurance to the Council as to the adequacy of the risk management framework and the associated control environment. Training provided in 2019/20, which was open to all Councillors, included financial statements, Members code of conduct and treasury management. Ongoing training requirements are kept under review and training opportunities at other councils identified. In November 2019 the Committee undertook its own effectiveness review, the results of which concluded that the Council was able to demonstrate compliance with recommended best practice for an effective Audit Committee. Minor areas for improvement identified in the review are being addressed. For example, a skills and knowledge analysis is reported elsewhere in the agenda. Members of the Committee have a wide range of both experience and professional knowledge. The purpose, strategy and work programme of the Committee mitigates against any major failure by the Council to obtain independent assurance in relation to the governance processes underpinning:


28/4/20

an effective risk management framework and internal control environment including audit

the effectiveness of financial and non financial performance (to the extent that it affects exposure to risk and poor internal control)

the compilation and consideration of the AGS Outcomes The Audit and Standards Committee’s main outcome is in the assurance provided of the robustness of the Council’s arrangements regarding corporate governance, risk management and internal controls. The Committee has added value through its activity and in particular it has:

continued to place importance on governance issues, particularly risk management, anti fraud and the assurances sought that key risks are being mitigated

continued to raise the profile of internal control issues across the Council and to seek to ensure that audit recommendations are implemented.

Remit The Committee’s remit is achieved firstly through it being appropriately constituted, and secondly by the Committee being effective in ensuring internal accountability and the delivery of Audit and a robust assurance framework. The Committee has received and challenged reports from management and both internal and external audit. The Committee has continued to have a real and positive contribution to the governance arrangements of the Council. The Committee’s key achievement is in the additional assurance provided of the robustness of the Council’s arrangements regarding corporate governance, risk management and the control environment. Looking Forward The Audit and Standards Committee has continued to work well and has considered a wide range of different topics relating to the Council’s governance framework. It has continued to establish and develop its role, particularly in respect of ensuring that there are good risk management arrangements and good governance procedures in place. Internal control and the establishment of a Committee can never eliminate the risks of serious fraud, misconduct or misrepresentation of the financial position. However, the Committee will continue to raise awareness of the need for internal control and the implementation of audit recommendations as well as to maintain a watching brief on the areas highlighted in the AGS. In addition, through a process of independent and objective reviews, the Committee is best placed to provide an additional assurance as the adequacy of the Council’s overall governance arrangements. The Committee has performed its duties as required under its Terms of Reference, contributing to an effective control framework. In order to build upon its achievements to date and to raise awareness of the work of the Audit and Standards Committee during the coming year the Committee will focus on the following:

continuing to review governance arrangements to ensure that the Council adopts best practice

continuing to support the work of audit (external and internal) and ensure that appropriate responses are provided to their recommendations


28/4/20

continuing to help the Council manage the risk of fraud and corruption

providing effective challenge, particularly to officers, raising awareness of the importance of sound internal control arrangements and giving the appropriate assurances to the Council

embedding risk management including monitoring the effectiveness of the Council’s response to the potential risks arising internally and externally

providing existing and new members to the Committee with relevant training, briefings etc. to help in discharging their responsibilities

Financial, Legal and Risk Management Implications There are no financial implications and no direct risk management implications arising from the recommendations. There is no legal or constitutional requirement for the Committee to report to the Council on its work, however, it is considered good practice to do so. Audit Committees in local authorities are necessary to satisfy the wider requirements for sound financial management, internal controls and risk as set out in the Accounts and Audit (England) Regulations 2015. Contribution to the Council’s Objectives and Environmental Sustainability Priorities The Audit and Standards Committee has a pivotal role in how the Council delivers good governance and reviewing the effectiveness of these arrangements, which underpins the Council’s objectives. Alternative Options Considered None Equalities Implications There are no equality implications as a result of this report being a summary of the work of the Audit and Standards Committee. Conclusion The Committee’s objectives are achieved by being appropriately constituted, and by the Committee being effective in ensuring internal accountability and the delivery of audit and a robust assurance framework. The Committee has reviewed and considered reports from officers and external audit. The agreed work programme enables the Audit and Standards Committee to provide independent assurance to the Council as to the adequacy of the risk management framework and the associated control environment. The Committee has continued to contribute to the governance arrangements of the Council. Contact Officers: Mrs S Marsh (Ext 5527)

List of Background Papers: CIPFA Practical Guidance for Local Authorities and Police 2018 Edition


28/4/20

6. AUDIT COMMITTEE WORK AND

TRAINING PROGRAMME 2020/21


RECOMMENDED that:

(a) the proposed work programme be approved; and

(b) the proposal for the 2020/21 member training be agreed.

Purpose

To consider the proposed work programme for the Audit and Standards Committee for the 2020/21 year and to consider member training sessions, which will be open to all members. For members information Appendices F and G relate to this item. Work Programme

An effective audit committee is an important part of the Council’s governance arrangements, supporting the Council’s overall system of internal control. To assist the Audit and Standards Committee in meeting its Terms of Reference, an annual work programme is prepared. Some aspects of the work programme are determined by statutory duties such as approval of the Statement of Accounts. In addition the work plan should cover the committee’s assurance needs to fulfil its Terms of Reference, whilst achieving a balanced and manageable workload. The work programme attached at Appendix F is designed to allow the Committee to cover the following areas of its Terms of Reference:

Internal and External Audit activity

Governance and regulatory frameworks

Risk Management

Statement of Accounts

Member standards of conduct

Training Programme

The Chartered Institute of Public Finance and Accountancy (CIPFA) 2018 Practical Guidance for Local Authority and Police Audit Committees recommends core areas of knowledge for audit committees. It also sets out the requirement for regular briefings or training to help committee members keep up to date or extend their knowledge. Core areas of knowledge include:

An overview of the operational requirements of the Council (statutory duties)

Assurance frameworks and the Annual Governance Statement

Values of good governance

Role of Internal and External Audit

Risk management

Information management, security and data quality

Contract Standing Orders and procurement regulations


28/4/20

Audit and Standards functions

Annual accounts – External Audit perspective and External Audit plan

Reviewing the annual accounts

Financial management and accounting

Anti-Fraud and Corruption

Partnerships

The Audit Committee has previously undertaken a skills and knowledge analysis and this exercise was repeated in February 2020, the results of which can be found in Appendix G. This confirms the committee has collectively a wide range of knowledge and experiences, including both public and private sectors. There was no one area that lacked collective knowledge or experience. Past programmes have consisted of 30 to 60 minute training sessions prior to each Audit and Standards Committee and in the last two years the following topics have been covered:

June 2018 – Training on Statement of Accounts

November 2018 – Fraud Awareness

March 2019 – The role of Internal Audit, ahead of the Committee receiving the Internal Audit strategy and plan

June 2019 – Refresher training on how to read a set of Accounts, ahead of the Committee receiving the 2018/19 Statement of Accounts

March 2020 – Treasury Management It is proposed that training for 2020/21 will continue with the same format of short topical briefings by officers with input, where appropriate, from the External Auditors. The proposed training programme for 2020/21 is detailed below:

June 2020 – Statement of Accounts

November 2020 – Governance frameworks including the roles of statutory posts

March 2021 – Risk management In order to maximise the benefit from training provided, all members of the Council are invited to attend and where appropriate members from Harlow and Epping Forest District Councils, being part of the Internal Audit shared service. In addition, training opportunities at Harlow and Epping Forest will continue to be offered to Broxbourne Councillors.


The operation of an effective audit committee provides assurance on the effective management of governance, risks and internal controls. Implementation of a work programme and training plan allows members to fulfil this assurance role. The fulfilment of this work programme will assist the Council in meeting a number of legal obligations including the consideration and approval of the Annual Statement of Accounts and the Annual Governance Statement. There are no specific financial implications associated with the recommendations. Contribution to the Council’s Objectives and Environmental Sustainability Priorities

An effective audit committee has a pivotal role in ensuring Council delivers good governance which underpins the Council’s objectives.


28/4/20

Alternative Options Considered

None Equalities Implications None

Conclusion The work programme as set out in this report assists the Audit and Standards Committee in discharging their duties as set in their Terms of Reference. Regular briefings or training will ensure committee members keep up to date or extend their knowledge. Contact Officer: Mrs S Marsh (Ext 5527)

List of Background Papers: Audit and Standards Committee Terms of Reference Accounts and Audit (England) Regulations 2015 Audit Committees – Practical Guidance for Local Authorities and Police, CIPFA 2018


28/4/20

Borough Of Broxbourne Audit And Standards Committee Proposed Work Programme 2020/21

APPENDIX ‘F’

Meeting Date Key Agenda Items

June 2020

Review and approval of the Statement of Accounts 2019/20 Review and approval of Annual Governance Statement 2019/20 External Auditors’ Annual Governance Report (ISA 260) Letter of representation Internal Audit Annual Report 2019/20 Internal Audit Progress Report Fraud Annual Report 2019/20 Risk Management Annual Report 2019/20 Ethical Standards Report

November 2020

Annual Audit Letter and Annual Grant Claim Certification Report 2018/20 External audit fees and Audit Plan 2020/21 Review of Effectiveness and Terms of Reference of the Audit Committee Review of Code of Corporate Governance Internal Audit progress report Review of the Internal Audit Charter Anti-Fraud and Corruption Strategy Shared Anti-Fraud Service update report Risk management quarterly progress report Ethical Standards Report

March 2021

Internal Audit Strategy and Plan 2021/22 Internal Audit progress report Annual Audit Committee Report 2020/21 Audit Committee work and training programme 2021/22 Shared Anti-Fraud Service update report Risk management – quarterly progress report Ethical Standards Report


28/4/20

Summary of Skills and Knowledge of Audit and Standards Committee Members

APPENDIX ‘G’

Number of returns 7 Number of expected returns

9

Area of knowledge Level of knowledge

Confident Aware Development appreciated

Council knowledge

4 3 0

Audit Committee role and function

7 0 0

Governance

2 3 3

Internal Audit

3 3 1

Financial management and accounting

1 6 0

External Audit

6 1 0

Risk Management

5 2 0

Anti-fraud and corruption

5 2 0

Values of good governance

3 3 1

Other areas of knowledge

Some of this knowledge is coming through professional backgrounds (for example banking, NHS, education) as well as being a Councillor.

Other comments

Specific requests were made regarding the role of the Section 151 Officer and access to the CIPFA/SOLACE good governance framework documents.

Area of skill Level of skill

Skilled Novice Nil

Accountancy

3 0 4

Internal Audit

2 2 3

Risk management

2 3 2

Governance and legal

2 3 2

Service knowledge relevant to the functions of the Council

2 4 1

Programme and project management

3 3 1

IT systems and IT governance

3 1 3

Other areas of expertise declared

Anti-fraud, GDPR (General Data Protection Regulations) and other data laws, coaching, compliance and risk analysis/management, management of staff, project management, contract law, youth, facilities management, network management and finance at a Director level.


28/4/20

7. INTERNAL AUDIT STRATEGY AND PLAN 2020/21


RECOMMENDED that:

(a) the effectiveness and contribution of the Audit Strategy and Plan within the

Council’s assurance framework be noted; and

(b) the Audit Strategy and Plan for 2020/21 be approved.

Purpose

To approve the Internal Audit Strategy and Plan for 2020/21and the indicative work programme for the subsequent two years (2021/22 and 2022/23).

For members information Appendices H and I relates to this item.

Introduction

The Internal Audit function provides independent and objective assurance and consulting services to the Council. The Internal Audit strategy summarises the key principles for the Internal Audit service for the period 2020/21, with some longer term aims. The strategy supports the Audit Plan which sets out the work of the service for the year.

Internal Audit supports and contributes to the achievement of the Council’s 2017-20 corporate priorities and objectives. These have been taken into account in developing the Internal Audit Strategy and Plan.

Purpose of the Internal Audit Strategy and Plan

The purpose of the Internal Audit Strategy and Plan is to document Internal Audit’s approach to:

Provide independent and objective assurance to Members and senior management on the

effectiveness of the Council’s internal control framework.

Ensure the recognition of the key risks the Council faces in meeting its objectives when

determining and allocating the use of internal audit resources.

Add value and support to senior management in providing effective control, whilst

identifying opportunities for improving value for money.

Deliver an Internal Audit Service that is compliant with the requirements of the Public

Sector Internal Audit Standards.

Internal Audit Mission and Core Principles

The Global Institute of Internal Auditors has developed an International Professional Practices Framework (IPPF) for auditors. The IPPF includes a mission statement and ten core principles which continue to be adopted by the Shared Internal Audit Service, and are listed below:

Mission: To enhance and protect organisational value by providing risk-based and objective

assurance, advice, and insight.

Other comments

Rating 1 to 10 would be more suitable. Big difference between ‘skilled’ and ‘novice’. Open to any specific training for the committee


28/4/20

Core principles:

1. Demonstrates integrity.

2. Demonstrates competence and due professional care.

3. Is objective and free from undue influence (independent).

4. Aligns with the strategies, objectives, and risks of the organisation.

5. Is appropriately positioned and adequately resourced.

6. Demonstrates quality and continuous improvement.

7. Communicates effectively.

8. Provides risk-based assurance.

9. Is insightful, proactive, and future-focused.

10. Promotes organisational improvement.

The Internal Audit Approach

While Internal Audit provides assurance through completing a programme of planned work the service is also flexible and responsive to changing and emerging issues. Some audit work is delivered on an advisory basis, contributing advice on risk and controls, for example attendance at project meetings or undertaking a specific investigation of a newly identified issue.

The purpose, authority and responsibility of Internal Audit is formally defined in the Internal Audit Charter, which was agreed at the November 2019 Audit and Standards Committee.

Key Deliverables

The key deliverables for the Internal Audit service during 2020/21 are:

Delivery of the Audit Plan - the Head of Internal Audit will ensure there is sufficient audit

coverage in order to provide an annual internal audit opinion and report, which feeds into

the Council’s Annual Governance Statement.

Integrated approach to assurance – Providing ongoing assurance to management on the

integrity, effectiveness and operation of the Council’s internal control, governance and risk

management processes. Working with other assurance providers, including External Audit,

to prevent duplication of work.

Management commitment - Ensure agreed management responses to audit

recommendations made are implemented thereby improving the overall control framework.

Continually develop the service – To develop, improve and deliver a quality assurance and

improvement programme for the service, including working closely with the Audit and

Standards Committee and senior management.

Business insight - working closely with senior Officers, Members and services to establish

greater relevance to what matters most to the Council by contemplating current and future

key risks and challenges.

Protocol for Audit Reviews

Internal Audit conduct each review in line with the standard audit methodology which is aligned to the Public Sector Internal Audit Standards.


28/4/20

For each audit a service lead will be identified who will be involved in scoping the audit to ensure it is appropriately focused on key risks areas, providing assurance and maximising added value. A terms of reference will be produced for each audit to ensure the scope, objectives and approach are agreed with the appropriate manager or Head of Service.

Following fieldwork a draft Internal Audit report will be issued for discussion with the appropriate levels of management which is normally set out in the terms of reference.

Final reports will be issued after the approval of draft reports which contain completed management actions plans identifying those responsible for their implementation and appropriate timescales.

Agreed actions or recommendations will be followed up through the tracker process. All high priority recommendations and any passing their original implementation date are reported to the Audit and Standards Committee.

Quality Assurance and Performance Management

The Internal Audit Quality Assurance and Improvement Programme ensures the work of the Internal Audit function conforms to the Public Sector Internal Audit Standards (PSIAS), so that it operates in an efficient and effective manner and is adding value and continually improving Internal Audit activity. This is achieved through internal and external assessment, monitoring, and reporting on performance.

The Council’s latest External Quality Assessment (EQA) confirms the Internal Audit service complies with the Public Sector Internal Audit Standards. Annual internal review confirms this compliance still holds true. To achieve planned coverage, deliver a high standard of customer care and demonstrate effectiveness of the service the following service performance targets will be measured and monitored during 2020/21:

Aspect of Service Performance Indicator Target

Audit Plan Achievement of the annual Plan

Sufficient internal audit work in order that the Head of Internal Audit can give their annual opinion.

Internal Audit processes

Issue of draft report after closing meeting

Issue of final report after draft is agreed

Within 10 working days

Within 5 working days

Effective management engagement

Management responses within 10 working days of draft report

Implementation of agreed audit recommendations

10 working days

Within agreed timescales

Continuous Professional Development (CPD)

Auditors maintain and improve their knowledge, skills and other competencies through directed and self-directed activities

40 hours of CPD activity per auditor

Developing the Internal Audit Plan

The methodology for developing the Internal Audit Plan is focused on the quantification of the risks associated with the Council’s objectives in consultation with key officers. This process also takes into account:


28/4/20

Knowledge and experience accumulated by Internal Audit, including the results of

previous reviews

A review of audit themes against the strategic risk register and Council priorities

The work of other assurance providers both internally and externally

The external environment including economic climate, Brexit implications and government

initiatives such as welfare reform and changes in funding

The harmonisation of themes with Harlow and Epping Forest District Councils to enable

benchmarking and sharing of good practice.

It is imperative there is good alignment between the Internal Audit plan and the risks facing the Council. Internal Audit’s work will help inform the Council’s risk management framework, enabling greater recognition of key mitigating controls and other sources of assurances available. Where possible, the risks identified in the Audit Plan (Appendix H) have been taken directly from the Council’s risk register.

In addition, an assurance map has been produced (Appendix I) that provides a structured way to identify the main sources and types of risk assurances in the Council. This demonstrates sufficient Internal Audit work has either been undertaken or has been planned for the Council’s key risks.

The Internal Audit Plan is indicative and changes may need to be made as the risk profile and priorities of the Council change. This will be achieved by ongoing review and amendment in consultation with relevant officers and any significant changes brought to the Audit and Standards Committee for approval.

It is important for Internal Audit to plan ahead and allocate resources over the medium term but still maintain a flexible approach. This is achieved by documenting known risks over a three year period so that the three year plan includes an indication of proposed audit work for years two and three, based on current known risks if circumstances remain unchanged. However, as new risks emerge audit resources over the medium term will be focused accordingly.

The sections of the Internal Audit Plan include:

Corporate Framework – key risk areas including those defined in the Council’s strategic

risk register

Strategic themes – including cross cutting issues some of which will be incorporated within

operational audits or will be undertaken through consultative work

Service areas – operational audits determined on a risk assessment and/or business

priorities.

Priority Areas for 2020/21

Having regard for the current risk profile of the Council the following have been identified as priority areas for Internal Audit work for 2020/21. These may not be audits in themselves, but cross cutting themes that will be fundamental to the scope of Internal Audit work undertaken.

Information Governance and Management: Internal Audit continues to work with the

Council’s Data Protection Officer helping to ensure and maintain compliance across the

Council

Risk Management – Internal Audit has a key role in promoting effective risk management

and will continue to work with the Head of Finance and the Treasury, Insurance and Risk

Manager to embed a robust risk management framework across the Council. Internal Audit


28/4/20

will seek compliance with good risk management practices and the adequacy of controls

put in place by Heads of Service to mitigate risks in their service areas.

Fraud – Internal Audit will support the Council’s anti-fraud work and, consider the potential

for fraud working in tandem with the Hertfordshire Anti-Fraud Service.

Value for Money (VfM) – A focus on VfM is reflected in Internal Audit’s work mainly as a

cross cutting theme within operational audits, benchmarking where appropriate with

Epping Forest and Harlow. Audits will consider how the Council makes the best use of

resources and assets, the balance of cost and performance and meeting the needs of our

residents; and providing challenge on whether services could be provided in a different

way.

Audit and Standards Committee Support – Internal Audit works with the Audit and

Standards Committee in developing its role in relation to best practice and to contribute to

effective corporate governance of the Council.

At the operational level the key priorities of Internal Audit work in 2020/21 include:

BEST (Broxbourne Environmental Services Ltd) – as the company will have been trading

for a year Internal Audit will review governance arrangements in place and to start to

actively seek assurances on its operations.

Key Financial Systems – the effectiveness of controls and management of risks with the

core financial systems remains a part of the Internal Audit work. Audits have been

scheduled on a cyclical basis so not all key financial systems will be undertaken each year.

New HR system – Internal Audit will provide advice as the new HR system is implemented

and then after undertake audits on specific aspects to ensure no erosion of controls and

the system (and associated processes) is working as intended.

Resources

2019/20 has been the third year of the formal shared service between Broxbourne, Epping Forest and Harlow Councils, with Broxbourne being the host authority and employer of the shared internal audit staff. A Shared Services Board was created and is meeting regularly to oversee the implementation and delivery of the Internal Audit function, assess quality and performance, manage risks and consider major changes to the service. The Board comprises of key Officers from Broxbourne, Harlow and Epping Forest as well as the Head of Internal Audit. The Internal Audit function consists of the Head of Internal Audit (1.0 f.t.e), three Senior Auditors (2.8 f.t.e) and three Auditors (each1.0 f.t.e). One of the Auditor posts is being covered by an apprentice with a view to take them on permanently subject to performance. This was the same route taken by one of the other Auditors, who was made permanent in September 2019. In addition, the service has a call off contract with an external provider of Internal Audit to undertake more specialist audits when required. Audit Plan 2020/21

The Audit Plan as detailed in Appendix H requires 305 days, as set out in the table below:

Thematic Area Audit days

Assurance framework including governance, fraud, value for money and risk management

68

Information and performance management audits 20

Projects, Joint Working, Outsourced services and Partnership 28


28/4/20

Financial audits 41

IT Audits 20

Cross cutting/themed audits 33

Operational Audits 34

Follow Up work 15

Audit Committee support including training 12

Advice, other engagement with the business and contingency 34

TOTAL 305


The responsibilities, duties and obligations of Internal Audit are set out in the Accounts and Audit Regulations 2015 and the Public Sector Internal Audit Standards (2016) against which internal audit activity should be measured and determined.

Failure to achieve the audit plan may lead to a lack of assurance that internal controls are effective and risks properly managed.

Contribution to the Council’s Objectives and Environmental Sustainability Priorities

Innovative Broxbourne: An effective, enabling Council

14. Achieve financial self-sufficiency by 2020

17. Be transparent and ensure effective Scrutiny and risk management

18. Develop a workforce with the skills to meet changing need

19. Assess the performance of Council services and take action to improve.

Alternative Options Considered

None

Equalities Implication

None, as this strategy sets out the rationale and approach for the work of the Internal Audit function.

Conclusion

The annual plan presented and resource requirements are based on a risk assessment of internal and external factors which could affect the Council in achieving its objectives. It is important that sufficient work is undertaken by Internal Audit in order for the Head of Internal Audit to give their annual opinion on the Council’s internal control, risk management and governance arrangements.

Contact Officer:

Mrs. S Marsh (Ext 5527)

List of Background Papers:

Public Sector Internal Audit Standards Internal Audit Charter

Internal audit resource plan and risk assessment


28/4/20

Broxbourne Internal Audit Three Year Plan 2020/21 to 2022/23 APPENDIX ‘H’

Audit Area and Context

Corporate Risks 2020/21 2021/22 2022/23 Outline/Scope of work for 2020/21 (to be finalised when the work is scoped)

Corporate Framework

Governance and probity An effective, enabling Council is a key priority of the Council

The Council’s governance framework underpins everything it does; therefore, robust arrangements are key in managing this risk

Governance – BEST

Governance – Brookfield

Development

Member expenses and

allowances

Member gifts and hospitality

(last audit 2018/19)

Governance - Badger BC Investments (last audited

2016/17

Review effectiveness of governance and oversight arrangements including during periods of significant change. During 2020/21 review the governance arrangements in place regarding BEST (Broxbourne Environmental Services Trading Ltd)

Anti-Fraud and Corruption, including proactive fraud work

Any loss through fraud is a drain on resources which, in turn, reduces the amounts available for service delivery

Includes BEST fraud risk

assessment

Includes a review of the Anti-Money Laundering framework

Includes continuation of service fraud

risk assessments

Potential for fraud considered in all audits. Continue co-ordination of proactive fraud work (including National Fraud Initiative matches and Fraudhub) and investigations with the Hertfordshire Shared Anti-Fraud Service. In 2020/21 Internal Audit will undertake a fraud risk analysis of BEST due to a small number of incidents within this area

Assurance Framework including Risk Management and

Risk in achieving corporate priorities as these are underpinned

Operational risk management

Annual co-ordination of year-end assurance reporting, including the Annual Governance Statement.


28/4/20



support to Audit Committee

by sound leadership, management of resources, and governance

Member of the Corporate Governance Group and servicing the Audit Committee. During 2020/21, working with the Treasury, Risk and Insurance Manager to revitalise operational risk management processes and how this links with business/service planning and project management processes

Information Management and Governance Data protection and security. Data sets, owners and protocols. Governance and data sharing. Training and awareness

Features in the corporate risk register. Breach of data protection and other legislation related risks which could lead to significant fines and reputational damage

Data breach management

Subject Access Requests

Data sharing with third parties

Freedom of Information

requests

Continue to assist the Council’s Data Protection Officer (DPO) by providing assurance in targeted areas. For 2020/21 this will be a cross cutting review to ensure the Council’s data breach management and subject access request policies are working as intended. Internal Audit will continue to complete a GDPR checklist for each audit, feeding the results back to the DPO

Performance Management

Data integrity and quality (collection, collation, analysis and validation).

Risk of not achieving corporate priorities

Customer Services

BEST – KPIs and payment mechanisms

Broxbourne Sport

Performance Indicators (PIs) considered within operational audits plus specific review each year on sample of Corporate PIs or Performance Monitors. In 2020/21 the


28/4/20



Use of performance targets

focus is on Customer Services following significant changes as part of the previous year’s transformation programme

Value for Money (VfM)

VfM helps the Council achieve its effective/enabling Council objective in its Corporate Plan

Customer Services

Spend analysis Use of consultants

Each year value for money is considered within operational audits in terms of the 3 Es (economy, efficiency and effectiveness), benchmarking and good practice. This will considered for customer services and links with the performance management audit above

Joint Working, Shared Services, Outsourcing and Partnerships

Alternative working arrangements such as joint ventures, shared services, outsourcing and subsidiary companies are mechanisms for helping deliver the Council’s corporate plan

BEST – policy compliance

BEST – see performance management

above

Sopra Steria contract

arrangements

To ensure joint arrangements are working in the best interests for the Council with appropriate governance/monitoring arrangements in place. In 2020/21, linking to the BEST governance audit above, Internal Audit will assess the adequacy of the assurance framework to ensure compliance with key policies, which if not followed could impact on the Council’s reputation such as staff Code of Conduct, Contract


28/4/20



Standing Orders and Data Protection. Also links with the BEST fraud risk assessment detailed earlier

Projects Business case, project methodology, governance arrangements, contract management and viability

Poor project management increases risk of projects not being delivered on time, to budget or does not meet the needs of the Council

Implementation of the new HR

system

HR system post project

implementation reviews

Capital programme (last audit 2017/18)

Annually focus on a sample of projects examining a particular element such as business case, procurement, delivery through to post project reviews.

Internal Audit will advise on internal controls during the implementation of the new HR system. The following year, IA will assess the success of the project in meeting the needs of the Council

Contingency Annual provision for responsive work, special investigations or key/emerging risk areas

Also takes into account any themes/issues coming out of the Annual Governance Statement

Themed/cross cutting audits

Income To ensure financial resilience the Council needs to protect and

Income from recyclables

Parking (last audit (16/17)

Commercial Rents and

Service Charges (last audit 18/19)

The 2020/21 audit will focus on income arising from recyclables.


28/4/20



maximise its income streams

Procurement Themed audits - compliance, vfm, fraud, goods and services. End to end processes (need, selection, appointment, contract management and exit strategies)

Risks include noncompliance with legislation, fraud and not achieving value for money

IT Contract Management (see IT audits

below for detail)

Letting of contracts

including the compliance and

maintenance services

contract (last audit 14/15)

Contract management, including the

parking contract

Annually focus on an aspect of procurement which could range from need, selection, appointment, contract management and exit strategies.

The 2021/2022 audit will assess the framework in place to ensure contracts are let before they expire, and that value for money can be demonstrated. It links with the spend analysis work to be undertaken in the same year (see value for money above)

Health and Safety Was on the strategic risk register. Risk of compromising the health and safety of individuals and noncompliance with H&S legislation leading to fines or imprisonment

H&S building compliance

(incl. Fire Risk Assessments,

asbestos management, gas safety and

legionella)

H&S policy and procedure

compliance, especially for remote sites

Staff wellbeing, including

stress management

Internal Audit will in 2020/21 ensure there are robust arrangements to ensure compliance with statutory H&S testing for the buildings that it owns excluding those rented out


28/4/20



Business Continuity Planning (BCP)

Was on the strategic risk register. Without adequate BCP the Council could fail to deliver its services in the event of significant incident

Business Continuity

IT Disaster Recovery (last audit 2017/18)

Emergency Planning

In 2020/21 IA will formally assess business continuity arrangements across the Council

Key Financial Controls Rolling programme of full system and key controls unless significant change in process/system or poor audit outcome

To ensure the robustness of controls for the Council’s key financial systems

Hertfordshire Pension Fund

Housing Benefits (not audited since the transfer)

Treasury Management



Payroll (last audit 2017/18),

following implementation of the new HR

system. To include BEST

Creditors (last audit 2016/17)


Debtors (last audit 2017/18)

General Ledger

(2018/19)

There is a rolling programme of key financial control (KFC) audits. Therefore, some KFC audits do not feature in this three year plan, being council tax, business rates and cash and banking as these were last audited in 2019/20.

Each year IA provides assurances to County over the calculation of pension fund contributions

IT Audits: IT Governance, IT Regulation, Security/Privacy, Business Systems, DRP/BCP, Network,

Risks around data and asset security and loss of service Opportunity for IT to be an enabler for delivering the

Software Licencing

IT Contract Management (including the

help desk)

IT Strategy

Cyber security (last audit 2018/19)

Mobile Working risks

A specialist IT auditor will be brought in for the more technical audits. In 2020/21 Internal Audit will ensure there is a robust process for managing and monitoring software license. In addition, Internal Audit will review service provision provided


28/4/20



Emerging Technologies e.g. mobile devices, IT Applications and Projects

Council’s priorities

through the IT contract, including the IT helpdesk. The audit will also seek assurances that there are robust processes around granting system and email access to staff and third parties

Operational/service audits - Audits post 2020/21 may change depending on the Council’s risk profile

Environmental Services (ES): BEST; Waste and recycling, street cleaning, parks and grounds, cemeteries, vehicle and fleet management, highways and environmental enforcement

Environmental Health

Community infrastructure and regeneration (incl town centres)

No explicit corporate risk but features in the Council’s corporate plan

Houses in Multiple

Occupation (HMOs)

BEST operations – trade waste

BEST operations –

waste

Community Infrastructure

and regeneration -

project management

BEST operations –

grounds maintenances

Environmental Enforcement

In 2020/21 Internal Audit will review HMO’s due to recent changes in legislation and trade waste now this is undertaken by BEST

Finance: Finance

Homelessness and Affordable Housing was on

Housing Register and

Budgetary control and

financial

Community Development

Many of the areas under Finance are covered elsewhere in the plan. The


28/4/20



Property Services, including facilities

IT (contract) -covered elsewhere

Revenues and Benefits (contract) – covered elsewhere

Housing

Broxbourne Sport (leisure and golf centres)

Broxbourne Leisure and Culture (Spotlight, food and beverage)

Community Development

Internal Audit

Parking

Customer Services

the strategic risk register

Allocations (last audit 2014/15)

management (last audit

14/15)

Homelessness - temporary

accommodation including voids


Broxbourne Sport – staff

contracts, use of casuals, rotas and

timesheets

2020/21 Internal Audit will examine the end to end process to ensure bona fide customers are allocated housing in line with Council policy


28/4/20



Chief Executive: Economic Development

Planning

Support Services (Member Services, licencing, land charges and support to voluntary organisations)

Communications

Legal

Community Safety

Personnel and Payroll

Economic Development and the Local Plan both feature on the corporate risk register

Planning fees and income (last audit 2014/15)

Mandatory training for staff

Infrastructure Delivery Plan

(as part of Local Plan)

Section 106 agreements (last audit 2017/18)

Community Safety (last

audit 2014/15)

Electoral Registration (last audit 2011/12) –

focus on data integrity and

security

Management of staff

performance including appraisal processes

In 2020/21 Internal Audit will assess the mechanisms to ensure staff complete mandatory training, and the appropriateness of mandatory training required. The planning fees audit will ensure there is a transparent end to end process.

Internal Audit will assess the processes in place to deliver the Local Plan in 2021/22, in particular the Infrastructure Delivery Plan, the impact on planning obligations and funding arrangements. This will link with the planning application audit which will consider the end to end process including the role of Officers and Members

Follow Up Audits Review of progress against recommendations on the tracker.

Tracker process ensures risks identified in audits have been managed to an acceptable level

Includes specific follow up work especially where Limited assurance previously given. Includes maintenance of the recommendation tracker


28/4/20

Risk based assurance map for Broxbourne APPENDIX ‘I’

Ref Corporate risk Risk rating

(net) as at Feb 20

1st line of defence – delivering the risk and control environment

2nd line of defence – oversight and assurance functions

3rd line of defence – independent assurance and advice

1 Local Plan 15 (amber)

The plan has been prepared to ensure it 1.) is supported by evidence studies 2.) complies with duty to co-operate. 3.) meets objectively assessed needs. 4) complies with government policy

Reporting to Cabinet.

Council oversight

The Council has issued modifications in response to the Inspector's post-hearing advice

Planning Inspectorate examination.

Following approval of the Local Plan, audits are planned on planning applications and section 106 processes

2 Economic development

12 (amber)

Economic Development Team, who are delivering the Economic Development Strategy

1) Ec Dev strategy and skills strategy 2) Economic Board 3) Partnership working incl LEP, HCC, LSCC and Herts Perfectly Placed 4) Working in tandem with the Local Plan 5) The Digital Innovation Zone is now in place. 6) New partner arrangements have been confirmed within the Chamber of Commerce. 7) Membership of the W. Essex / E. Herts Digital Innovation Zone has been agreed. 8) Membership of the

2019/20 Economic Development audit (substantial assurance)


28/4/20


(net) as at Feb 20




Herts Growth Board. 9.) Economic advisor engaged via LSCC.

Oversight by the Chief Executive and Cabinet

3 Compliance with data protection legislation, including GDPR (General Data Protection Regulations)

12 (amber)

A suite of data protection policies and procedures accessible via the Intranet.

An Information Asset Register and Register of Processing Activities.

Training provided to staff and Councillors.

A system of data breach and subject access request monitoring

Designated and resourced Data Protection Officer (DPO) and Senior Information Risk Officer roles.

Introduction of Information Governance champions

Audits undertaken throughout 2019/20 also assessed compliance with GDPR which has been fed back to the Corporate Governance Group, whose membership includes the DPO.

2019/20 audit on data retention and disposal is in progress

4 Business continuity

12 (amber)

A Corporate BC Plan (BCP) has been adopted which is underpinned by departmental BCPs. An IT Disaster Recovery is in place to cope with system

Oversight through the Corporate Governance Group and CMT

Internal Audit continues to have oversight of the work of the Treasury, Risk and Insurance Manager in developing and embedding the


28/4/20


(net) as at Feb 20




failures and was successfully tested in January 2019

Council’s approach to business continuity

Audit on business continuity planned for 2020/21

5 Health and Safety

8 (yellow) A formal H&S framework including policies and procedures, training and awareness programme, a designated H&S Officer and accident reporting system.

The H&S policy statement was updated in August 2019

Corporate H&S Group.

A quarterly report is taken to CMT which provides an update of accident trends and progress made with H&S initiatives

2018/19 audit on corporate H&S (substantial assurance). 2019/20 Spotlight H&S audit (moderate assurance)

6 Air quality (section of the A10 Cheshunt)

8 (yellow) 1) Detailed study of air quality undertaken. 2) Consultants have been appointed to make recommendations

1) Set up of Joint Members Engagement Group 2) Detailed transport and air quality and economic modelling as part of an outline business case. 3) Development governance infrastructure with

Situation being monitored by Internal Audit


28/4/20


(net) as at Feb 20




project partners. 4) Public consultation on proposals

7 Balancing the budget

8 (yellow) Medium Term Financial Strategy, budget setting and monthly monitoring processes. Supporting policy and procedures including Financial Regulations and Contract Standing Orders

Council approval Medium Term Financial Strategy, annual budget and regular monitoring of the financial position and reserves policy

External Audit issued an unqualified opinion on the 2018/19 financial statements with an unqualified opinion on the Council’s arrangements for securing economy, efficiency and effectiveness in its use of resources.

Internal Audit undertakes a rolling programme of financial audits: most recently 2018/19 General Ledger (substantial assurance) and 2018/19 Commercial Rents (moderate assurance) Asset valuations, Council Tax and Business Rate audits currently in progress


28/4/20

AUDIT AND STANDARDS COMMITTEE 28 APRIL 2020 REPORTS …

Documents

Transcript of AUDIT AND STANDARDS COMMITTEE 28 APRIL 2020 REPORTS …