Agenda and minutes

There were no apologies for absence.

Members are asked to declare any interests they may have in the business to be discussed.

There were no declarations of interest.

The Minutes of the previous meeting of the Audit and Risk Committee held on 24 November 2020 are attached and Members will be asked to confirm them as a correct record.

RESOLVED:

That the minutes of the meeting held on 24 November 2020 be confirmed as a correct record.

The External Auditor submits for noting the Annual Audit Letter to the Audit and Risk Committee which summarises the key findings arising from work carried out at Leicester City Council for the year ending 31 March 2020.

The External Auditor submitted for noting the Annual Audit Letter to the Audit and Risk Committee which summarised the key findings arising from the work carried out at Leicester City Council for the year ending 31 March 2020.

Grant Patterson, External Auditor reported the findings drew on reports previously submitted to the Committee. The External Auditors confirmed they had issued an unqualified opinion on the Council’s financial statements. The following points were highlighted:

·         There was an emphasis of matter in respect of the uncertainty over valuations of the Council’s land and buildings and the Council’s share of the pooled property assets of Leicestershire Pension Fund given the Coronavirus pandemic and was consistent with councils across the country. It was reported it had not affected the opinion but was just a statement to support the importance that readers recognised the financial uncertainties within the financial statements.

·         Further noted that an unqualified value for money conclusion was given in relation to the Council’s economy, efficiency and effectiveness in its use of resources.

·         It was reported that the Whole of Government Accounts had been submitted on 25 February 2021 which enabled the External Auditors to certify the audit closed. It was noted this delay was due to a national issue with the system and not due to a delay with the External Auditors or the Council. 

·         The External Auditors reported they were comfortable with the way the Council in general had addressed the pandemic and moved to remote working, and no issues were identified. In relation to material uncertainties, the authority had also provided an update in the accounts on the impact on its funding streams for the financial statements.

·         The report highlighted matters around the value of Property, Plant and Equipment which weren’t material.  The Council had decided not to amend for these matters and would pick up as part of the 2020/21 accounts.

·         Members were further reminded that looking at estimates moving forward would be a continuous focus of the external auditor’s work improving its quality assurance arrangements and making the sure the Council had the right information to support assumptions used in the preparation of the accounts.

·         Highlighted were the audit fees and how they had changed as the audit progressed in relation to in the impact of Covid-19 and additional auditing requirements.

The Chair thanked the External Auditor for the report, and noted the Executive Summary thanking the Council staff for the assistance and cooperation given, and noted the appreciation was given both ways.

RESOLVED:

1.    That the report be noted.

The External Auditor submits a report for noting which provides the Audit and Risk Committee an update on progress in delivering their responsibilities as external auditors.

The External Auditor submitted a report for noting which provided the Audit and Risk Committee an update on progress in delivering their responsibilities as external auditors.

Nicola Coombe, External Auditor presented the report and drew Members’ attention to the following points:

·         The report included the outcome of the audit-related assurance work in relation to the certification of claims and returns. There were three claims, all of which for the for the avoidance of doubt involved certain procedures set by the relevant funding body namely Housing Benefits, Pooling of Housing Capital Receipts and Teachers Pensions.

·         For the Housing Benefit assurance process, as in prior years, work had resulted in a qualification letter, but the level of errors had reduced, primarily as a result of the Council’s quality assurance team’s work.

·         Teachers Pensions and Housing Capital Receipts audits had not identified any issues.

·         For future audits of the Statement of Accounts the focus will continue to be the valuation of land and buildings and valuation of net pension liability. The focus is going to be enhanced further as a result of the new auditing standard on estimates.

·         The External Auditors reminded the Committee that as those charged with governance it was important Members understood the judgements and estimates that are included in the accounts.

·         It was reported the new Code of audit practice for 2021 issued by the National Audit Office changed how the value for money part of the audit was required to be delivered. The three main changes were improving the reporting on the three e’s (economy, efficiency and effectiveness), financial sustainability and governance. There was now a requirement for auditors to provide a commentary on arrangements across all three areas. It was noted there would no longer be a Value for Money conclusion, but a fuller commentary in the form of an Auditor’s Annual Report.

In response to Members’ questions the following points were made:

·         The three e’s were referenced and it was asked why the word efficacy was not considered. It was noted that as part of decision making Members should have all information in front of them to make the right decision. When looking at decision making, External Auditors looked at the arrangements in place to enable the Council to make the correct and proper decisions.

·         It was noted that some of the reports and conversation presented to Members of the Audit and Risk Committee were complex and that training was required. It was noted that future training was planned for Members following Annual Council.

The Chair noted that the Audit and Risk Committee received complex reports and it could take a long time for Committee Members to understand. Members stressed the importance of training being delivered to Committee Members at the start of their time on the Committee.

RESOLVED:

1.    That the report be noted.

The External Auditor submits a report for noting to the Audit and Risk Committee the purpose of which is to contribute towards effective two-way communication between Leicester City Council’s external auditors and the Audit and Risk Committee as those ‘charged with governance’. The report covers some important areas of the auditor risk assessment where external auditors are required to make inquiries of the Audit and Risk Committee under auditing standards.

The External Auditor submitted a report for noting the purpose of which was to contribute towards effective two-way communication between the Council’s external auditors and the Audit and Risk Committee as those ‘charged with governance’. The report covered some important areas of the auditor’s risk assessment.

Nicola Coombe, External Auditor, highlighted the following points in the report:

·         This process feeds into their risk assessment and was an iterative process throughout the audit.  It was noted the questions had been enhanced for the new auditing standard.

·         It was noted the responses were provided by management and this was the opportunity for Members to ensure this was their understanding of the Council.

·         The External Auditor noted the significant impact of Covid-19 on the financial statements, such as Covid-related grants which would feature in the accounts for the first time, as well as a potential continued impact on the valuation of property, plant and equipment.

·         There were some areas in the report, such as the identification of related party transactions which were incomplete at the time of writing the report as the process is currently being completed.

Estimates was a key focus of the report for 2020/21, as previously noted in earlier items.

Councillor Moore asked that future reports be represented in black and white to enable easier reading of documents.

RESOLVED:

1.    That the report be noted.

The City Barrister and Head of Standards submits a report for noting to the Audit and Risk Committee which advises on the performance of the Council in authorising Regulatory Investigation Powers Act (RIPA) applications from 1^st July 2020 to 31^st December 2020 and seeks any comments on the reviewed Surveillance Policy.

The City Barrister and Head of Standards submitted a report for noting to the Audit and Risk Committee which advised on the performance of the Council in authorising Regulatory Investigation Powers Act (RIPA) applications from 1 July 2020 and 31 December 2020 and sought comments on the reviewed Surveillance Policy.

Lynn Wyeth, Head of Information Governance and Risk, Data Protection Officer for the Council, and RIPA Monitoring Officer for the Council presented the report. Points made during the presentation included:

·         0 Direct Surveillance Authorisations had been made for the period.

·         0 Communications Data Authorisations were made as they were no longer undertaken by the Council as a matter of course, though Trading Standards might continue to make applications.

·         The reviewed Surveillance Policy was noted, which covered all RIPA activities and also covered internal surveillance, such as directed or covert surveillance on employees and complied with the Information Commissioner’s Office Employees Surveillance Activities.

·         Since the report had been written, a survey had been sent to all staff following a recommendation that the Commissioner had given during the Council’s last inspection. This survey asked if employees used social media to check service users’ profiles and therefore could be classed as continuous covert surveillance.

·         For training purposes, officers were moving training from Learning Pool to in-house using Microsoft Office Sway. A training module on Data Protection was ready to be launched. A RIPA module would be developed for summer and Members would be invited to undertake the online training.

The Chair thanked the officer for the report.

RESOLVED:

1.    That the report be received and its contents noted.

The Director of Delivery, Communication and Political Governance submits a report for noting to the Audit and Risk Committee which provides an update on the Strategic and Operational Risk Registers and Health & Safety data.

The Director of Delivery, Communications and Political Governance submitted a report for noting to the Audit and Risk Committee which provided an update on the Strategic and Operational Risk Registers and Health & Safety data.

Sonal Devani, Manager for Risk Management, presented the report, and had been compiled following review by all Strategic Directors and the following points highlighted:

·         Risks were summarised at Appendix 1 to the report.

·         It was noted that 19 risks had been updated at Appendix 2, mainly to do with target dates. The risk controls to specific risks (2, 11, 16 and 17) were amended.

·         Appendix 3 provided a summary of day-to-day risks for the operational running of the Council. Significant risks scoring 15 or above were transferred to the operational risk register. 21 risks were amended, 1 ‘deleted’, and 4 added for the period. Members were reminded that where a risk was ‘deleted’ did not always elude to the risk being eliminated, but referred to the risk score no longer being high and so would not appear on the operational risk register, and was a sign that controls were working and risks were being managed and reduced.

·         There was a 56% decrease in corporate incident reporting, such as Injury Incident, compared to the same quarter in 2019-20 thought to be due to Covid-19 restrictions and service closures.

·         The Coronavirus pandemic had been recognised in divisional risk registers, though in most divisions had not scored highly as it was being managed effectively.

In response the questions from Members the following points were made:

·         Members noted they received a snapshot in time with the risk registers and   questioned about receiving a dynamic picture showing how a risk had changed over time instead of a static picture The Manager, Risk  Management clarified that by referring to Appendix 1, this indicates over  a period of time how risks levels have changed. It is common that risks can remain static due to the nature of strategic risks.

·         Members asked how long officers would tolerate a high risk, and if there was complacency in some areas. It was noted that questions on individual risks were best answered by Directors who would decide on how long they would want to, or need to, tolerate a particular risk. The Committee was reminded that risk owners could be called to this Committee to explain why risks remained high.

·         Cyber risk was noted as high as when looking at the industry and globally it was seen as an unknown threat, but the Committee were assured it had good systems in place.

·         Members noted in Appendix 3, 15 Adult Social Care and Safeguarding Mental Health scoring Impact 4 and Likelihood 5, and 17 Adult Social Care and Commissioning – Passenger transport for children and vulnerable adults also scoring 4(I) and 4(L) as causes for concern, and asked for further information on the risks. The Manager for Risk Management would contact the relevant risk owners and feedback.

Colin Sharpe, Deputy Director of Finance, picked up on the point  ...  view the full minutes text for item 80.

The Director of Delivery, Communication and Political Governance submits to the Audit and Risk Committee the Risk Management and Business Continuity Policy Statement and Strategies which provide an effective framework for Leicester City Council to manage and respond to key risks facing its services and to support the delivery of its Business Plan.

The Audit and Risk Committee is recommended to consider and approve on behalf of the Council the updated Corporate Risk Management Policy Statement and Strategy at Appendices 1 and 2.

The Director of Delivery, Communications and Political Governance submitted to the Audit and risk Committee the Risk Management and Business Continuity Policy Statement and Strategies which provided an effective framework for the Council to manage and respond to key risks facing its services and to support the delivery of its Business Plan.

The Audit and Risk Committee was recommended to consider and approve on behalf of the Council the updated Corporate Risk Management Policy Statement and Strategy at Appendices One and Two of the report.

Sonal Devani, Manager Risk Management presented the report. Members noted the following points:

·         Significant changes were:

o   Expanding on the ‘risk’ definition referring to the ISO 310000 standard;

o   Adding the risk response column (4T’s – treat, tolerate, terminate and transfer the risk) to be completed by the risk assessor.

·         The Manager for Risk Management was working with HR to embed a positive risk culture, through training programmes and proactive reporting of risk.

·         It was noted the business continuity management was a mitigation of risk. Both the strategy and policy were submitted at the same time as they were linked.

·         Key deliverables were highlighted in the report, including assisting schools with business continuity planning. There was a school business continuity template provided to maintained schools and academies, which was reviewed annually. It was noted this service was charged to academies. 

·         Annually critical services plans were updated and sent to the Risk Management Team who held the information.

·         By carrying out Business Impact Analysis, the plan was to reduce the number of critical services by possibly half from 40. It was noted that if there was an incident the replacement of 40 critical services would be difficult in the first instance.  The Business Impact Analysis would help determine services that were really critical to the organisation to recover within set timescales. Adults, children and housing were critical, and it was questioned what else would need to be recovered immediately (within four hours).

·         It was noted a major incident exercise with nominated staff would be planned.

The Chair thanked the Manager for Risk Management for the report.

RESOLVED:

That:

1.    The report be noted.

2.    The Audit and Risk Committee approve on behalf of Council the updated:

-          Corporate Risk Management Policy Statement and Strategy.

-          Corporate business Continuity Management: Policy Statement and Strategy.

The Deputy Director of Finance and City Barrister & Head of Standards submit a report on updates to the assurance and corporate governance processes at the City Council and the Local Code of Corporate Governance. The Audit and Risk Committee are recommended to approve the Local Code of Corporate Governance.

The Deputy Director of Finance and City Barrister & Head of Standards submitted a report on updates to the assurance and corporate governance processes at the Council and the Local Code of Corporate Governance. The Audit and Risk Committee were recommended to approve the Local Code of Corporate Governance.

Amy Oliver, Chief Accountant presented the report. Members received the following information:

·         The annual report set out how the Council was committed to good governance, focussing on the governance framework for 2021/22 around plans and controls in place.

·         The Audit and Risk Committee was one of those controls, along with Internal Audit and External Audit – all part of the control framework.

·         The plans in the Appendix had been updated this year due to a change of focus around the Covid-19 recovery plans.

·         When the accounts for 2021/22 were available, the Audit and Risk Committee would also receive an update on the Code as part of the Annual Governance Statement.

The Chair thanked the officer for the report.

RESOLVED:

1.    That the Local Code of Corporate Governance be approved.

The Deputy Director of Finance submits a report on revisions to the Terms of Reference for the Audit and Risk Committee. The Committee is recommended to support the proposed revisions to the Terms of Reference and recommend to Council that they are adopted.

The Deputy Director of Finance submitted a report on revisions to the Terms of Reference for the Audit and Risk Committee. The Committee was recommended to support the proposed revisions to the Terms of Reference (ToR) and recommend to Council that they are adopted.

Amy Oliver, Chief Accountant presented the report. Noted were the following points made:

·         In Appendix One & Two of the report, the updated ToR and existing could be compared, and main areas of change were outlined in the report.

·         Members were being asked to support the ToR, before going to Council for approval.

·         It was noted the plan was to take the updated ToR at the same time as the proposed changes to the constitution currently being prepared by the City Barrister.  This meant the changes to the ToR were unlikely to be presented to the next Council meeting. 

·         The ToR were reviewed annually but would only be brought to Audit and Risk Committee if there were any major changes, such as a change in legislation.

The Chair thanked the officer for the report.

RESOLVED:

1.    That the Audit and Risk Committee support the proposed revisions to the Terms of Reference and recommend to Council that they are adopted.

The Deputy Director of Finance submits a report for noting to the Audit and Risk Committee which provides an overview of the Council’s relationship with other organisations in which it is a shareholder, member, and/or where officers and Members have roles on the board. The Audit and Risk Committee is recommended to note the report and support the next steps detailed and add any comments as Members see fit.

The Deputy Director of Finance submitted a report for noting to the Audit and Risk Committee which provided an overview of the Council’s relationship with other organisations in which it is a shareholder, member, and/or where officers and Members have roles on the board. The Audit and Risk Committee was recommended to note the report and support the next steps detailed and add any comments as Members saw fit.

Amy Oliver, Chief Accountant, presented the report. Points highlighted to Members were:

·         The report had been brought to the Committee following concerns at other councils about the governance of wholly or partly owned companies.

·         In the interest of good governance, the report aimed to identify the companies / organisations in which Leicester City Council had an interest, identifying involvement and potential exposure to risk.

·         It was noted that Leicester City Council did not have the financial risk that some councils had currently.

·         It was however noted that if some of the organisations were to fail there is potential reputational risk.

·         The report details how acting as a Director for another organisation can lead to conflict with an officer or member role at Leicester City Council.

·         Steps were set out in the report to ensure governance arrangements would remain, such as formalised training for officers and councillors, or if a partly owned company were to become active, then a report would be brought back to the Committee for a review of governance arrangements.

It was queried why there was a vacancy on the Fullhurst Learning Partnership. The Chief Accountant would provide detail on the reasons to Members in writing.

The Chair thanked the officer for the report.

RESOLVED:

1.    That the report be noted.

2.    The Audit and Risk Committee support the next steps detailed.

3.    The Chief Accountant to provide detail on the reasons to for the vacancy on Fullhurst Learning Partnership to Members in writing.

The Head of Internal Audit Service (HoIAS) submits a report with an indication of internal audit work planned to be conducted during 2021-22. The Audit and Risk Committee are recommended to receive the plan, note its contents and seek clarification on any areas as they wish and then approve the plan, and to make any recommendations or comments with to the HoIAS or Director of Finance.

The Head of Internal Audit Service (HoIAS) submitted a report with an indication of internal audit work planned to be conducted during 2021-22. The Audit and Risk Committee were recommended to receive the plan, note its contents and seek clarification on any areas as they wished and then approve the plan, and to make any recommendations or comments to the HoIAS or Deputy Director of Finance.

Neil Jones, HoIAS presented the report and drew attention to the following:

·         The Committee was reminded that the Head of Internal Audit was to present the annual opinion on the overall adequacy and effectiveness of the City Council’s control environment, namely its framework of governance, risk management and control.

·         Ultimately, the Internal Audit opinion was one of the terms of assurance for the Council’s annual governance statement.

·         In order for the HoIAS to be able to reach an opinion a risk based annual audit plan is prepared. The plan was designed to give the Committee a reasonable and objective assurance on both new risks and business as usual, and to ensure they were being managed appropriately.

·         Planning methodology was outlined in the report. It was noted it was the Corporate Management Team’s responsibility to identify and manage risks and maintain controls.

·         It was noted the plan was formed by reviewing risk registers and consulting with Directors on emerging risk, planned changes and potential issues.

·         It was noted that the plan was only a statement of intent and there may be occasions arising that when it might need to be adjusted in response to Council’s change in risk operations, for example, continuing impact and future changes around Covid-19.

·         In conclusion the Annual Internal Audit Plan for 2021/22 hopes to give the Council optimal audit coverage with the resources available.

Councillor Joshi noted that all elected Members, through scrutiny commission meetings, briefings and or other meetings from time to time discussed many of the issues contained in the report.  It was noted there was regular reporting and updates on Covid-19. It was noted that all Members had taken a keen interest, debated, challenged all aspects of risks put before them.

The HoIAS said it was interesting to hear as in terms of gathering information for an opinion, information on those sorts of events mentioned, minutes of meetings, presentations etc, all added to the compendium of assurance for the year.

The Chair thanked the HoIAS for the plan.

RESOLVED:

1.    That the Audit and Risk Committee receive and approve the Internal Audit Annual Plan for 2021-22.

AGENDA

MEMBERS OF THE PUBLIC TO NOTE

Under the law, the Committee is entitled to consider certain items in private where in the circumstances the public interest in maintaining the matter exempt from publication outweighs the public interest in disclosing the information.  Members of the public will be asked to leave the meeting when such items are discussed.

The Committee is recommended to consider the following reports in private on the grounds that they will contain ‘exempt’ information as defined by the Local Government (Access to Information) Act 1985, as amended, and consequently makes the following resolution:-

“that the press and public be excluded during consideration of the following reports in accordance with the provisions of Section 100A(4) of the Local Government Act 1972, as amended, because it involves the likely disclosure of 'exempt' information, as defined in the Paragraph detailed below of Part 1 of Schedule 12A of the Act, and taking all the circumstances into account, it is considered that the public interest in maintaining the information as exempt outweighs the public interest in disclosing the information.”

Paragraph 3

Information relating to the financial or business affairs of any particular person (including the authority holding that information)

APPENDIX B1  PROGRESS AGAINST INTERNAL AUDIT PLANS AND A BRIEF UPDATE ON THE REDMOND REVIEW

APPENDIX B2  HOUSING BENEFIT & COUNCIL TAX SUPPORT VERIFICATION FRAMEWORK 2021

RESOLVED:

That the press and public be excluded during consideration of the following report, in accordance with the provisions of Section 100A(4) of the Local Government Act 1972, as amended, because it involved the likely disclosure of “exempt” information, as defined in the Paragraph detailed below of Part 1 of Schedule 12A of the Act, and taking all circumstances into account, it was considered that the public interest in maintaining the information as exempt outweighed the public interest in disclosing the information.

Paragraph 3

Information relating to the financial or business affairs of any particular person (including the authority holding that information).

Appendix B1 – Progress Against Internal Audit Plans and a Brief Update on the Redmond Review

Appendix B2 – Housing Benefit and Council tax Support Verification Framework 2021.

The Head of Internal Audit Services (HoIAS) submits a report for noting to the Audit and Risk Committee which provides a summary of progress against the 2019-20 and 2020-21 Internal Audit Plans, information on resources used to progress the plans, summary information on high importance recommendations and progress with implementing them, and a brief update on the Government’s response following the Redmond Review.

The Head of Internal Audit Service (HoIAS) submitted a report for noting to the Audit and Risk Committee which provided a summary of progress against the 2019-20 and 2020-21 Internal Audit Plans, information on resources used to progress the plans, summary information on high importance recommendations and progress with implementing them. In addition, a brief update on the Government’s response following the Redmond Review was given.

Bharat Mistry, Internal Audit, presented the report, outlined the main headlines and provided and overview of audit work planned, completed and postponed. The following points were noted:

·         The Internal Audit Service had continued to operate remotely throughout the financial year. Though the pandemic had made it a challenging year, every effort had been made to continue to provide an effective internal audit service to the Council to be able to provide an opinion on the adequacy and effectiveness of the Council’s control environment at the end of the financial year.

·         During the course of the year a number of audits had been added, mainly around Covid-related grant audits.

·         An estimated 650 days would be delivered by Internal Audit by the end of the financial year but would revert to 800 days for 2021-22.

·         Taking account of CIPFA guidance and making a number of changes to the Internal Audit Plan, the HoIAS advised there would be enough breadth of audits to form his opinion.

Members noted that there was one High Importance recommendation, which was an ongoing challenge and work in progress. A number of High Importance recommendations were also included in the report, and whilst it was acknowledged it had been a challenging year for all, the HoIAS was keen to close off as many as possible.

The Committee received an update on the Government’s response to the Redmond Review recommendations on the effectiveness of local (external) audit and the transparency of local authority financial reporting, and a summary response from MHCLG was provided to Members. A further report would be brought to a future meeting of the Audit and Risk Committee.

The Chair thanked the officer for the report.

RESOLVED:

1.    That the contents of the routine update report be noted.

The Deputy Director of Finance submits a report for noting to the Audit and Risk Committee which summarises the emergency evidential measures taken in response to the Covid-19 outbreak for Housing Benefit (HB) and Council Tax Support (CTS) new claims and changes of circumstance from 23^rd March 2020 and to outline the new Verification Framework (VF) Policy to take effect from 1^st April 2021 in compliance with Government guidance in DWP Subsidy Circular 211/2011.

The Committee is recommended to note the current Emergency Measures, the new Verification Framework, and make any observations as it sees fit to the Chief Operating Officer (the Section 151 Officer) prior to implementation.

The Deputy Director of Finance submitted a report for noting to the Audit and Risk Committee which summarised the emergency evidential measures taken in response to the Covid-19 outbreak for Housing Benefit (HB) and Council Tax Support (CTS) new claims and changes of circumstance from 23 March 2020 and to outline the new Verification Framework (VF) Policy to take effect from 1 April 2021 in compliance with Government guidance in DWP Subsidy Circular 211/2011.

The Audit and Risk Committee were recommended to note the current Emergency Measures, the new Verification Framework, and make any observations as it saw fit to the Chief Operating Officer (the Section 151 Officer) prior to implementation.

James Rattenbury, Principal Policy Officer, Revenues & Customer Support, presented the report. Points made included:

·         Prior to March 2020, Risk-Based Verification (RBV) software was used to determine appropriate evidence from customers. During the Covid-19 outbreak and closure of the Customer Services Centre, emergency evidential measures were used in line with government guidance utilising technology and other sources of reliable information as an alternative to directly provided original evidence.

·         A new policy was devised based on transferrable elements of RBV and best practice established during Covid-19 and had been approved by the Section 151 Officer and would take effect from 1 April 2021.

·         The new VF policy also offered additional alternate forms of evidence that might be considered acceptable, for example, screenshots of bank statements.

The Chair thanked the officer for the report.

RESOLVED:

1.    That the Audit and Risk Committee note the current Emergency Measures and the new Verification Framework.

There being no other items of urgent business, the meeting closed at 19:10pm.