Transcript

Transcript

Good evening, everybody, and welcome to tonight's first meeting of the municipal year of the Audit and Governance Committee. Before we move on to substantive matters tonight, I should like to put on record my intention as regards to my continued chairmanship of this committee. This committee is unique in the council in that there's a constitutional requirement for the committee to be chaired by an independent, non-voting, co-opted member. I am the only such member currently appointed to the council. In 2021, I spoke with the then monitoring officer expressing my intention to step down from the role due to the length of time I've been in the post. Given the transition that the council was about to go through at that time and the necessity to recruit to the role, I was asked if I would remain in post to provide continuity during the period of management change. I agreed to do so. Discussions continued, and in quarter one of 2023, it was agreed with the then monitoring officer that recruitment for a new independent member would be undertaken, and I agreed to continue in post for the remainder of that municipal year to allow for a smooth handover to a new chair. As we're all very aware, a section 114 notice was issued in June 2023, and focus necessarily shifted. No recruitment exercise had been undertaken to officers prior to the issuance of that notice. Constitutional amendments have now been made to provide that up to two independent co-opted members may be appointed to the council, and a job description and advert was drafted. The intention was that the advert would go out following the first meeting of full council in May with interviews for the roles taking place this week. On that basis, when asked, I agreed to continue in role with the intention that I would step down shortly after the appointment of a new co-opted independent member. I was then informed on the 10th of June that the job advert had not been placed and, following the call of a general election, would not be placed until after the election. I now understand that the intention is to bring a recommendation for appointment of a new co-opted member or members to the September meeting of full council. I therefore now wish to put on public record my intention to stand down from this role before the end of the calendar year, following recruitment of a new co-opted member or members. In the event that recruitment is not completed prior to the end of the calendar year, I will step down whether or not a replacement has been found. I feel strongly that the role of independent co-opted member is an important one in the governance structure of this council. It's a role that is supported and recommended by CIPFA, and it was highlighted in the Redmond Review. It is important that this council progresses with the reforms that it is making in the areas of governance, and I hope that putting my intention on public record will focus efforts to recruit to the role, rather than relying on my goodwill in agreeing to extend my appointment. I believe the Leader of the Council, Councillor Barker, wishes to respond to this statement. Thank you, Claire. I just want to take this opportunity, as Claire has decided to stand down from the role, to thank her for her hard work as an independent member of the council over a number of years. I've seen Claire tone up reliably to many council meetings and events, and ably chair the audit committee. She's taken on this important role with professionalism, always with good humour, and has provided challenge for officers and councillors over the years. The role of being an independent member does show real dedication. Like so many people in this borough, she's effectively given her time for effectively free. There's a very small allowance. It's a small proportion of the council's allowance that's paid to independent members, so she really has given a huge amount of time to support her local council. Thank you very much, Claire. We very much appreciate all that you've done. Thank you, Councillor Barker. Right, now moving on to the meeting itself. I'd like to welcome representatives tonight of BDO and Grant Thornton and internal audit team to tonight's meeting, and obviously welcome members back to this committee. First item on the agenda is to approve the minutes of the Standards and Audit Committee, as it was then known, held on the 11th of April, 2024, and the Audit and Governance Committee, the new name, on the 20th of May, as published. Are members content that the minutes reflect the meeting? Please, Councillor Oates. It was just pointed out to me, I had missed it when I read it, that I was listed as a substitute member at the minute, which wasn't the case. Sorry, can we go to your screen? That's the standards panel. Yes, it is. That's the standards panel. It's a reference to the standards panel, rather than the committee. The standards panel is a sub-committee of this committee. Thank you. Otherwise, are members content? Thank you. I will arrange for those minutes to be signed in due course. Second item on tonight's agenda is apologies for absence. Apologies for Councillor Jordan? No, no apologies have been received tonight. Sorry, please. Not sure if it is relevant at this stage, but just to note the apologies of the head of internal audit, Graham Clark. Thank you very much. Item three on tonight's agenda, declarations of interest. We have on the agenda papers the statutory declarations that are made in respect of officer employment procedure rules, which relate to Kevin Foster's disclosable interests. Are there any further interests to note tonight? No, thank you. And item four, urgent business. I'm not aware of any items of urgent business tonight. Thank you. We therefore move to matters for determination. I've had a request that we move item seven of the agenda, the update on external audit, to the top of the agenda list tonight, to facilitate the representatives from BDO leaving the meeting after this, because they are no longer our current year auditors. Are there any objections to me making that movement? Thank you. In which case, would you like to kick us off, Steve, with agenda item seven? Thank you. Thank you, Chair, and good evening, members. So a relatively brief report from us this evening, just to update you firstly on the developments within the local government external audit sector, and then a brief update on exactly where we are with our outstanding audits. If I first just start on a brief sector update, when I previously presented to this committee, we have discussed the steps that the government was taking to bring about a change in the number of audits that are currently delayed within the sector. So the proposal there was that there would be a series of backstop dates, statutory backstop dates, by which external auditors would be required to give their opinion on outstanding audits up to and including 22/23 by the 30th of September. To enable that to happen, there did need to be a statutory instrument brought in place, and there did also need to be a revised code of audit practice that external auditors work to enable that to happen. Unfortunately, that legislation wasn't put in place before the general election that was recently called and will take place next month. So what that means is that there isn't currently a statutory backstop date that would enable us to, as I say, sign off those audits up to and including 22/23. And members who have been on this committee for some time may recall that one of the things that was likely to happen with regard to that statutory backstop date is that there would be a number of the Council's audits that would, in effect, be disclaimed. So there would be no audit opinion issued. At this stage, it's unclear as to what will happen once a new government is formed and what their intention will be around those statutory backstop dates. I think at this stage, while we await the views of a new government and what they will do, our view is that we will continue to, as we were before the election was called, which is to seek to complete our 2019/20 audit over the summer and before 30 September. At this stage, we don't yet know what that will mean for those later audits that we still have outstanding. I think we will have to wait and see, as I say, what the new government's view is and what will happen with those statutory backstop dates. But as I've already said, our intention is to continue with that 2019/20 audit and seek to conclude that over the summer and before the end of September. If I just move on to the 2019/20 audit, again, I don't propose to go through all of the detail around the reasons for or the issues that were identified on that audit. I've set out what we see as the key ones within the reports that you've got before you. So really, there's three key areas there, so it is the transactions and balances relating to subsidiary undertakings, minimum revenue provision, and impairment of long-term debtors. And we've previously reported to this committee the difficulty that we've had in getting assurance over those balances. I think for us, the difficulty is always going to be where we have some significant transactions and balances that we can't get assurance over is what that means for our opinion. I think I've previously said that one of the areas where we can't get that assurance, what we would -- where it potentially leaves us is in a qualified audit opinion or in the worst case scenario, a disclaimed audit opinion. And I think because of the nature and the significance of those balances, one of the things that we are seriously considering is a disclaimed audit opinion, because we can -- because those transactions and balances are so pervasive to the accounts that any other opinion would appear unlikely. I think the issues are complex, and we are continuing to work through them without risk and technical team as to just what that opinion should be. And as I say, we expect to be able to conclude on that over the summer, as I've said before to this committee, issuing that opinion by the end of September. The other area of work that we do still need to conclude on is our value for money work, so that looks at the council's governance arrangements that were in place throughout the 2019-20 financial year. It goes -- it obviously goes a lot wider than just governance, so it focuses on financial sustainability of the council, and as I say, governance arrangements, so decision-making processes around significant investments would be one area that we would be looking at. That -- for the 2019-20 year, that is a binary opinion, so it is an unqualified or an adverse opinion, in worst-case scenarios, so where we find issues that are so significant as to cast the council's arrangements into doubt, then we would consider issuing an adverse opinion, and I think given the issues that the council has faced, that is something that we are considering and would -- where we would expect to land. So that's, in a sense, the work that we are still working on to do with the accounts and value for money conclusion. There is one objection to the council's accounts that is still outstanding and we will need to determine, and that is around minimum revenue provision, so we will need to conclude our work on that and write to the local objector, the local elector that has objected to the financial statements. At this stage, there's not really that much more I can add to what I've previously said to this committee, and as I've said a couple of times already this evening, that we are continuing to work on that 2019-20 audit and will expect to conclude that over the summer, so I'm happy to take questions. Thank you very much, Steve. I think it is incredibly disappointing that that statutory instrument that would have given us the backstop date hasn't made it through prior to the announcement of a general election, because I think it takes away some of the impetus and the clarity of the path going forward, and it's clarity which this council ultimately really needs. I'm going to open up members for comments and questions. Please, Councillor Rice. Thank you, Chair. As a new person to the committee in this situation, perhaps you can just highlight what the situation would be with the backstop and what it is without it, because the backstop creates a new situation, but what is the situation without the backstop? Thank you. So with the backstop, the intention was that the backstop date for all audits up to and including 22-23 financial year was that those audits would have to be concluded by the end of September. The consultation that the Government launched and consulted on did envisage that, again, there would be a number of disclaimed or qualified audit opinions for potentially a large number of councils. But for auditors to be able to do that, it needed that statutory backstop date to be in place, and it needed the revised code of audit to be in place as well. Without that statutory framework, then auditors were not just able to issue disclaimed audit opinions by that date. Without that statutory backstop date, I just think the position is just unclear at the moment. In the ordinary course of business, you would say that auditors would need to continue with those later running audits, so for us that would be 20, 21, 21, 22, 22, 23, but I think it's important that we just, before making any decisions on what we do on those audits, we wait and see what the new Government's intentions are around those statutory backstop dates, because what we don't want to do is start audits that we then aren't able to finish, because of, again, the introduction of perhaps a later statutory backstop date. Hopefully that answers. Thank you, Steve. Councillor Cosnahan. I think the good faith narrative to this, Councillor Rice, is that the Government got rid of the National Audit Office, audit firms in good faith bid for the lowest possible bid, of course, because that's where Government contracts work to do the work, BDO started the work, one of the audit companies that, one of the minor companies that we have went bust, transferred itself, evaporated in some way, so that the audit for one of the companies was never able to be done, and that proved to be a complete roadblock to everything else that we were doing. We were not alone in that situation where BDO had burnt off all the hours and all the timing that they were contracted to do, to get to that point. They couldn't get any further, they were stuck. We have been in this committee incredibly frustrated, I think, on both sides with that situation, and I think that it wasn't just us as Woking, it was all over the country that a similar thing happened, auditors had been frustrated in what they were doing. Lots of councils are stuck in 2019, audit-wise, as we are, and so the Government just before the election decided to try and help us by providing this backstop, and it was a get-out-of-jail-free card to a certain extent, and that now has been frustrated by the election. So we are in a difficult situation, and Claire's extension and extension, it reflects part of that as well, I'm afraid. I can see that you quite honestly say that you've done no more work on this, it's not to challenge you on that, I think understandably why, that's the situation. We can't do anything until the Government gives you the right to move on. But it is, as you say, frustrating for everyone. Thank you very much, Councillor Kosnohang, Councillor Oates. Thank you. My question is actually for Kevin and Stephen. At the end of the report, it says that the audits for the years 2020/21 through 2022/23 haven't been progressed because the Council hasn't produced good financial statements. I'm a bit puzzled by that, because as limited companies, the two subsidiaries I think would have had to produce financial statements, so what's the reason for the delay on that? Yes, thank you for your question. Steven Fitzgerald, Director of Finance. In terms of the preparation of the accounts, if you like, there are two issues here, the preparation of the sole entity accounts, and then there's the consolidation with the group company accounts. I think on my arrival in April this year, we still had those outstanding accounts to be prepared, and to move this forward, we engaged to partially help us with this, a team from PricewaterhouseCoopers who have been on site in Woking in terms of the preparation of those accounts. I think some of the problems was a departure of personnel from the finance team who created a difficulty, so the view was taken, which I recommended on, was that we needed to move the issue forward, and bringing in an external team was the right way to progress. I'm pleased to report to this committee that that exercise has been going well so far as the single entity accounts are concerned. So far as consolidation with the company accounts are concerned, you are absolutely correct that the companies produce their own accounts, but that is only one part of the story, and what we need to do is actually consolidate them into group accounts, and that is an extra piece of work that I've been talking to PWC about to include, if you like, their assignment with the council. So what I can report to this committee is we're moving forward in terms of the preparation of those, and I would hope to be bringing the 2021 accounts to this committee fairly shortly for consideration. So that's the situation, which I think, Councillor Oates, is not ideal, but it is the situation that we find ourselves in, and actually I'm really impressed with the work that has been done over the last two and a half months on that. I have a follow-up question, if you like. If you expect to bring the 2021/22 -- sorry, 2021 -- to the group in the near future, could you also give us an estimate of when the other years are going to be prepared? Because I think that would be useful for the external auditors when it comes to scheduling the work for actually approving those. Yes, I mean, in terms of we do have a timetable for preparation of this. I have to say why I'm loathe to commit to an absolute timescale at this time. I mean, what we have found, and what the PWC team have found, and other colleagues who have joined the council fairly recently have been involved with this, is there rather a range of issues associated with these legacy accounts that we are going through, a considerable amount of queries that need to be resolved, and a number of other issues related to the way the financial systems were configured and set up here, and the coding structure and all these things which are causing a problem in producing a set of statements where the chief financial officer, in this case myself, can say that they represent a reasonable true and fair view of what the financial position of the council was at that time. I mean, I can see that you're looking, we would hope to be well down the road with this in time for the September Audit Committee. Councillor Roger. Thank you, Chair. Chair, I am new to this committee and not a very much financial minded person, but while I was looking at the paper, I noticed that in the meeting of 29th February and 11th April meeting, there were serious concern were raised. And even today, when I was looking at the outline of the audit landscape, there are still many issues which are outstanding. And if you look at the previous year's attitude and the way how the practice was taking place, I think that's why we are here today in this situation. I just want to know that what mechanism, new mechanism, this committee have established that all the work is done on the time. Because you can notice that it's not confirmed about the outstanding issue that when they are going to be resolved. So every time receiving the report or noting the report doesn't bring us anywhere. So I personally, I don't feel comfortable in this type of situation and I'm sure the other people, member of the committee are having the same sort of views. So I want to know that what mechanism. Thank you. Thank you, Councillor Roger. Thank you, Mr. Chair. I just wanted to make sure that the people around the table share those feelings, that there is a lack of comfort in the room about the assurances we have. I think I'll ask officers to come in on this and perhaps I wanted to have a view as well. There clearly needs to be a step change in governance. There needs to be a step change in assurance and how willing members and committees are to accept that assurance or not. And I think there's a whole scheme of work that's going to need to be done. The work program, I think, is one of those places where I think we can have some very good and worthwhile discussions as to how we strengthen the work program to ensure that all members are able to rely and get assurance from the evidence they have before them. Having said that, I think I would support what Steven Fitzgerald has said about the accounts. It's clear there are legacy issues. It is clear there are issues of which we were not in the past aware. We had fully audited accounts. We had clean opinions. Those issues have surfaced and I think what's really important for the council going forward is to make sure that those accounts are as robust as they can possibly be. We know that the 1920 accounts are at best going to be qualified and I think it's probably fair to say they will be disclaimed. The following years, similarly, we'll hear from Grant Thornton as to what their basis going forward will be, but as a council, we need to know we are acting on accurate figures and I think that's where we need to allow potentially officers the time to make sure that those figures are accurate because speeding through this isn't going to get us anywhere as much as we want to be able to move on to the next chapter. We've got to move on correctly, but maybe officers, you can pick up on Councillor Roger's point. Yes. Very briefly, Chair, thank you. You're absolutely correct, Councillor Roger. It's an unsatisfactory situation and in a sense, I have a moderately long experience of working in local authorities and this is the most difficult accounts closing situation from my personal experience I've come across. I know there are others in other distressed authorities, but this has been a particularly difficult one. So I mean, why should you accept any assurance that we give because I know people have probably been in this chamber in the past and given assurances. I think what I will say and why when pressed, I don't particularly want to overpromise and underdeliver here and when dealing with this multiple year of unclosed accounts, we're trying to segment the issue and deal with one year at a time. That's why we haven't asked the team to delve into the consolidations of the companies yet because we want to make sure they focus on the single entity accounts. So what I would emphasise is that we have got an approach and I would absolutely re-emphasise how difficult it is here in Woking because of the history which many of you all know about better than I do. Thank you, Chair. I support Stephen's comments, the additional assurances that members should get is from the council's improvement and recovery program. That program has got two key work streams that you should get assurance from. One is a financial recovery work stream that Stephen leads and that includes all issues related to financial performance, financial recovery, standards in the finance team and information like that which we report on to the executive, so to council. And the other is a governance work stream which Gareth, our launching officer, leaves on. And you'll have seen that we've changed the governance arrangements and decision making in the council. So both of those are key work streams about getting the council to a position of being a higher performing, high performing district council that you should expect from a council the size of Woking that has the business that Woking delivers. Thank you very much, Kevin. Do you want to add anything to what's been said, Steve? No, Chair, thank you, nothing to add. Are there any other questions or comments from members on the external audit update? Can I just add one then, please? The objection that was received from the resident to the accounts, obviously that objection was put in some time ago and is, as I believe, relatively specific in its reasons for objection. Is there any reason why that objection cannot be dealt with before the audit opinion is issued? Or does it have to be issued as part of the audit opinion? Thank you. No, that objection can be determined before the audit opinion is issued. And as you say, Chair, it does -- it's very specific and it's around the council's minimum revenue provision. There's been quite a lot of work that the council itself has done around that. So we would expect to determine that objection much before we issue the opinion on the council's financial statements because the two are not -- the work is the same, so it's the same work that we would do to give the opinion on the financial statements, but we can determine the objection before we give the opinion on the financial statements, and we will do as well. Thank you for that clarification. Councillor Kosnahan, I can see you offering. It's the narrative that gets me. So what Steve and Kevin and video are all saying is good, but the narrative seems -- this council up until 2022 seems to have run its accounts in a way that was almost deliberately set to make it difficult to audit, almost deliberately set to make it difficult to find the MRP, almost deliberately set to make it then -- to find things forward, and Kevin will probably object to that. Maybe they were set in a way that was set by legislation. And now we're going back and saying, well, we've got the, you know, the account numbers and we're having to replace things in different places. It feels like the accounts were almost designed, but I'm sure they weren't -- and I know that's why I said very carefully in my first statement about good faith. I think in good faith they were developed, but they actually in many ways created a situation where we couldn't actually see the wood for the trees in what we were doing. And Kevin, I think you probably quite rightly object to my characterization of it in that sense, but I feel that way as a member, that we see that the accounts can't be put forward, they aren't being auditable, because actually they're almost -- that there was something in the design that made it impossible for that to be easily done. I suspect it's not actually for this committee to infer at this stage how accounts were -- how accounts were constructed. And yes, I was going to say, there is a Grant Thornton report into this which will cover that. And we had audited reports. They must -- one would assume they were of a form that could be audited, but I think we're straying beyond the remit of this committee to be inferring good or bad faith in terms of accounting, what we have is a situation where we are finding it difficult. Thank you. Any further questions or comments? No. In which case, can I thank you, Steve, for your time in this, and also to Ryan for supporting Steve in this. We look forward to the next meeting of this committee with baited breath. But no, I think it's unfortunate that we've lost that backstop date, but we have. And so as much progress as can be made, please, for the next meeting. Thank you. Thank you very much. I'll just give video a chance to leave the chamber, and then we will go back to the agenda as planned. We'll be back to agenda item five, the internal audit progress report. Thank you. Kirk, did you want -- [inaudible] You are quite right. Thank you very much, Councillor COsnahan. We are requested indeed to receive the update on agenda item seven, our members agreed. Thank you. Apologies for omitting that. Okay. Moving on to agenda item five. This is the internal audit progress report. Kirk, did you want to introduce? Thank you. Thank you, chair. Yes. As you rightly point out, this is the internal audit progress report. It was obviously designed to give the committee an update on all internal audit activity in relation to the three plans, included the mopping up of the 22/23 -- excuse me, the -- yes, the mopping up of the -- I'm getting confused with my years. My apologies. The 23/24 plan, the mopping up of the 23 -- 22/23 plan, and the 24/25 plan, which is ongoing. Thank you. I'm glad I got through that. So the report is fairly self-explanatory, and as members will note, there's been an awful lot of activity since our last meeting in April. So nine reports have been issued in relation to the 23/24 plan, and section one just gives a snapshot of that activity there. Section two just goes into a little bit more detail about the reports issued since the last committee. Members will note that any reports that have been issued in draft on this report haven't had an assurance of any attributed to them, nor have we pointed out the recommendations that have been raised as a result. That's merely because of the fact that that may change. Section three is just a little bit more of an overview of the 23/24 plan and everything that's happened in total throughout the year. Section four, a bit of a good news story, really. Any outstanding work from the 22/23 plan has now been completed, all issued in final. Members can see, obviously, the opinions and the recommendations raised as that report. And then finally, another section four was actually obviously section five. It's just an overview of the internal audit plan for 24/25, that's the current year. Just one brief update to that, the field work for the GDPR compliance data privacy and document retention audit is now ongoing, so we kicked off that meeting last week. We're also due to kick off the insurance audit next week. So we're in fairly good shape here with motoring. Just some appendices in relation to definitions of assurance, they've remained since the previous year. Just a couple of things I would like to add in addition to the report is the working relationship between the council and ourselves has improved significantly. In fact, I would say it's excellent at the moment. The corporate strategy manager in particular has been extremely helpful, both in terms of moving reports into final and draft status, but also in communicating effectively throughout the council, coordinating everything. I would also say that meeting with CLT has actually been very, very useful. It's good to have the buy-in from the top, from the strategic directors. Another update is that members may have already noticed in this report that there is nothing regarding follow-up activity. You may have picked up from the annual report, which is our next item, that we haven't actually conducted any activity for this internal audit -- excuse me, we haven't conducted any follow-up activity for this internal audit plan. The reasons for that have been noted. There have been system issues. I'm very pleased to say that the system issues have very much been resolved. We have extracted data, and a new system has been implemented. We were subject to a presentation of that in a meeting this morning, and I have to say it looks excellent. It looks extremely robust, the sort of thing on which assurance opinions are built, not just for internal audit, but actually more management information that will help strategic tracking. So, on that basis, I will submit to members any questions. Thank you very much, Kirk, and I know I've got a whole range of questions, but I will pass over to Councillor Rhodes to take the floor. I have a couple. Section 2 and section 3 of your report, there's a discrepancy that the Office 365 report does not appear in section 2. So, the last committee was in April, Councillor, and the report had already been issued at that meeting. So, the table on section 2 is reports that have been issued since that committee. So, as I say, it just goes into a bit more detail on those. On the second section 4, the overview of internal audit plan 24/25, I was just wondering how those topics for the internal audit plan, how were they determined? Okay, so, at the last committee, we went into great detail describing the process undertaken for arriving at the internal audit plan. So, it's worth noting that the council now has in place a two-year strategic internal audit plan. The process involved review of the council's risk register and conversations between myself, the head of internal audit, previous finance director, members of CLT, both individually and as a group. So, suffice to say, it's been through some robust review and consideration and it's pretty much felt that the plan is designed to provide a much broader coverage rather than the previous focus, which was simply on financial controls. Are there -- before I raise my issues, are there any other member questions or comments on this paper? No? I'll raise -- I'll raise -- oh, sorry, Councillor Kostihan. You've raised some high issues, so I've lost them again, going back and forth. Here we go. In the 2023-24 audit plan section 2, you've got five issues that are high. Four in housing and one in payroll. Do you know if those have been worked on? What sort of things are they? Are they things that we should be worried about? Do we need assurance on them? Sorry, through you, Chair, on the basis that the risk is considered high, yes, the Council does need to be worried about them, to use your phrase. In terms of them being dealt with, they will all have completion dates that have been agreed with management. Those completion dates will be commensurate to the priority of the recommendation. As for the specifics, I don't have them at hand at the moment. I'm happy to get back to you offline about that, if you'd like. But suffice it to say, they will be included in the follow-up reviews going forward. So just again, to expand on the follow-up, we have a fairly lengthy follow-up planned for mid-September, due to kick off the day of the next audit committee, actually. That follow-up will do as much as we can do, and it will be risk-based, so it will start with the high priority actions, moving down to the mediums, and then the lows, if we get time. There are a significant amount of actions that we need to follow-up. These will obviously form part of those. Follow-up activity will be scheduled quarterly thereafter, and then reported to this committee as part of this report going forward. Thank you, Kirk. For members' information, audit summary reports are provided within the Council's directory on teams for every internal audit, so go on to teams and have a look. You will find, as soon as those summary reports are produced, they're uploaded, and so we can look at them. So you'll be able to see exactly what those recommendations were. And Kirk's absolutely right. We've had this interruption to our follow-up work in terms of audit recommendations, but it will be a standing item on every agenda. We have updates of implementation on internal audit recommendations. Historically, that has been high priority recommendations, and any medium priority recommendations that have either been picked out as being particularly relevant, or when they go well past their agreed date. So there should be good audit tracking of that, and it's very pleasing. I spoke with Pino back end of last week. On this point, I think it comes up in the next agenda item as well, but I spoke with Pino, and we are now in a position where there will be follow-up work with all of the owners of the recommendations, so that those within the Council who are responsible for implementing those recommendations, and then that work is starting this coming Monday. And then the ability to track those recommendations and those that are past their due date will exist. So as Kirk correctly says, from next meeting, we should be in a position to have a report of every outstanding recommendation that is past its due date. Obviously, there will be lots of recommendations that won't have reached their due date, and we have to allow the time for those recommendations to be implemented. So hopefully that helps there. Councillor Rice. Thank you, Chair. If I may ask, I'm just looking through teams here, and perhaps the officers could give us some guidance. The last thing I can find here is Standards and Audit Committee 2016. Hopefully, there's something a bit more recent than that. So they could give us some help in that in due course. The other question that I have is, is there a time matrix for if you have a high-level risk -- so it's red -- that hopefully these things are resolved a lot more quickly than something that's of lower risk? Is there a sort of matrix that you have for that sort of thing, that we don't leave a high risk lingering for too long? Through you, Chair, so I think I understand what you're asking, and that's do we have a set time scale for which high actions, medium actions and low actions need to be implemented? The answer is no. It's highly subjective, and it will depend very much on the individual circumstances for the recommendation. However, the urgency, as I mentioned before, is commensurate with the risk related to the finding. So it will very much be focused on getting it implemented as soon as possible. Obviously, high risk in payroll is extremely high risk. Indeed, yes. It's one of the obvious places for fraud in most organizations. Kevin, please. Yes. Thank you, Chair. Each of the recommendations will have a management response and a management time against that, and then that would go through the corporate leadership team in terms of a sign-off process. So if we think there is an action in there and we say actually that is not sufficient, then we will pick that up. We expect high risk areas to be responded to immediately. Their resolution, however, will depend on the issue in terms of when it gets concluded, depending on what the nature of the issue is. I know all the actions in the payroll are actually under way within that payroll audit because it is in my area and I spoke to the manager about it a couple of weeks ago. Thank you, Kevin. I will move on to the couple of points that I had on this report. I think in terms of readability, and I don't know whether members will agree with this, there is quite an element of toing and froing within this report and the need potentially to refer back to previous reports. So just as an example, in the first snapshot of internal audit activity, we talk about three reports which have been issued in draft in the last meeting have now been finalized, which is potentially prompting members to look back. We did share this week with members the spreadsheet that Pino is using as an audit tracker, which I think showed a degree of granularity, which perhaps we don't see in this. So we got to see, for example, where audit reports that have been issued in draft were sitting. Is it sitting on Woking's desk waiting for a response or is it sitting with Mazar's waiting for them to respond back? And I wonder, this is probably something to take outside of the meeting if members think this is a good idea, but I wonder whether we could consider using such a document to help the reporting of this. Obviously, even using a live document that is shared on a view-only basis for members, so that at any one stage, very much like dipping into the audit summary reports, members are able to see where particular audits are sitting and the areas of interest that they will have as a result of the portfolios they hold. Again, I'm thinking in terms of assurance that members can get, because it feels quite dry to say this is in draft, this has been finalized. But until you dig into it, until you look at those summaries, until you understand what management responses may or may not have been given, I think it's quite hard to understand what's going on. May not be one for now, unless you've got thoughts. We'll take it away and record it in the minutes and we'll do a review. We understand the point about how do you get greater assurance, how do you lift something off the page when it's a static document and you want to see something that is about, that's more up to date and live, so we'll take that away in terms of review of the situation and come back with something. Thank you. Councillor Rice. Thank you, Chair. One of the costs that might be of interest to members, to the committee, is to actually have an aging analysis by risk profile, so that, okay, it's identified as red, there's an agreed plan, but it's been outstanding for nine months, 15 months, whatever. I mean, that's part of our risk profile, that's the living risks that we have, if I may suggest, Chair. Thank you. Yeah, absolutely, and I think it's that kind of granularity that we're looking to bring in on this. When we get the follow-up reports, to a degree that is covered because we see what's happening, but I think you're absolutely right in that interim period before it's an overdue recommendation, there is a granularity that would be of use to members. My final point that I wanted to raise was in relation to the accounts payable creditors audit, which was being run as an exemplar project. I can see from the papers, it commenced on the 17th of April, debriefed on the 20th of May, slightly unclear from the papers whether the draft report has been issued or was to be issued, because I think we've got a draft issued, and then a couple of asterisks saying it was due to be issued prior to this meeting. So that aside, if maybe you could give us clarity on whether the draft has been issued, but more importantly, as an exemplar project, do you consider that audit to be a typical life cycle of an audit of that nature, and has there been anything whilst you've run that exemplar audit where you have identified improvements that could be made, if any, or things that you would like to do differently going forward? Thank you. Thank you for that, Chair. It's a good question. I think there are two parts to it, really. The short answer, and the easy one to answer, is yes, it has been issued in draft. We're currently awaiting management responses. I did have an immediate reaction from the -- not the audit sponsor, the lead manager for that. So we're continuing our discussion about a couple of the recommendations. My suspicion is that they -- that will result in a discussion and possibly even a revision of some of the recommendations, which is probably underlines the purpose of not having the recommendations and the overall opinion in the progress report. In terms of what we could do better, I think not an awful lot. It was very, very close to what you might call an exemplar audit. The life cycle was almost bang on what we would expect. The reason for the delay was very simply poor timing when it comes to study leave and annual leave. So that was the only reason the issuing of the report was delayed slightly. But nonetheless, I think we can all agree a far better performance than has been previously. That's helpful. Thank you. Anything further from members on this paper? Nope. In which case, I won't forget this time, the committee has requested to resolve that the report be received and that the progress against 2023-24 internal audit plan and implementation of internal audit recommendations, which actually we didn't have. So I think the resolve needs to be amended on this, that it's a resolve that the report we received and progress against the internal audit plan be noted. Thank you. That brings us on to agenda item 6, which is the internal audit annual report. Again, yours, Kirk. Thank you. Thank you again, Chair. I shall be hopefully a little bit more brief on this one. So the annual report sets out the annual opinion for the year, which we are required to provide the council with. It's worth noting here, this is formally stated on the basis of work undertaken as part of the 2023-24 internal audit plan only. It is noted in the report, but CLT in particular would like me to stress that although the opinion that we have provided is limited, it's on the backdrop of the council clearly being in the midst of a section 114 notice and that the focus of the revised internal audit plan was on financial controls. So the opinion is somewhat, as I say, focused. Large's opinion was unsatisfactory, so it's broadly speaking what you might consider an improved position from last year, albeit we wouldn't formally state it in those terms. Section 3 of the report is a summary of the work undertaken throughout the year. Again, members will notice in contrast to the previous progress report the opinions and the draft recommendations have been included in this report. The reason is simply that we needed some more substance to base our opinion on. So the opinion is very much based on the draft opinions for those, which actually I don't honestly see changing. Some of the recommendations may change, but I don't see the overall opinions changing too much. Section 4, benchmarking, again, just caveated with the fact that these are ultimately draft reports, and therefore draft numbers of recommendations. So again, if members have any questions, I'm happy to answer. Thank you very much, Kirk. I think like the last one, I have a number of questions, but Councillor Rose has indicated. Just the one, section 3 said the audit work undertaken 2223, shouldn't that read 2324? Yes, it should. My apologies, Councillor, I've clearly been stumbling across my dates, so that just proves it. So no apologies, we can issue a revised version. Thank you very much. Anything from Councillor Rice? Thank you, Chair. Paragraph 4, section 404 on benchmarking, this deals with no knowns, right, so things you've looked at. What about an ageing analysis of the things that you haven't looked at, and for how long? I mean, I assume there's an audit cycle, things like, let's say, pick for example, payroll is down on a certain frequency according to the risk assessment. Normally, most organisations, payroll is pretty high risk, so it's down annually, whatever. But what this tells us is what you've looked at and how it was graded, but it would be very interesting to know, for example, I see pension fund administration audit has been cancelled, but it's a potentially extremely high risk area, with what I read there, potential net liability, et cetera. So I think what I'm trying to get at, Chair, if I may, is to say what are the things that we should know about and we don't know about, because that's really our true risk profile. And here, we're just talking about what has been reported. We haven't looked at what hasn't been looked at, what hasn't been reported, and maybe one of the things that we should see is an ageing analysis of the different types of audits and the last time it was done, because that would tell us where there's gaps in the assurance methodology. Am I making -- does that make sense? Makes perfect sense, Councillor. Thank you. Yeah. So that helps us to understand our risk profile, I think, if I may. Thank you, Chair. No problem at all. I'll let Kurt come back on that. I think a lot of that will be brought into the internal audit planning. When we see the internal audit plans, we look at when things were last looked at and the selection of risk, but I think there's a very valid point to be made there to bring it into the report. If I may, Chair, what I'm thinking of is a one-pager to say this is when these things were last looked at, so that would actually inform your planning anyway. So we make sure that we cover off the loose ends, as it were. Yes, a very astute point, again, Councillor, and indeed something we've done and we presented to the April committee meeting. So we have -- no, no, that's totally understandable. So as part of the internal audit needs assessment, we produce what we call an internal audit universe, which looks at the past five years of Council audit cycle. We compare the assurance opinions and the year in which those opinions were given and that informs then our planning for the next two years. I'm just suggesting it should sit in the annual report as well. We can certainly take that away. Thank you, Chair. Thank you, Councillor. Thank you. Councillor Greentree, you indicated. I simply really wanted to support what Councillor Rice was saying because I found some of the graphics not especially helpful, particularly given that we've progressed from unsatisfactory to limited. I don't think it's reflected in those graphics. Thank you, Councillor Greentree. I think that nicely segues into a couple of points I was looking to make on this. The first is I suppose rather nebulous in its origins. What is the line between a significant weakness such that something could become inadequate, which leads to a limited opinion, what we've got now, and an unsatisfactory opinion? So how do we measure that implied improvement, I suppose, and then aligned with that on the benchmarking? Wondering what the effect is on the degree of assurance that members can take from this report given the decline in numbers carried out, appreciating that obviously different topics take up different amounts of time, but we've got quite a declining number of audits where we go from 2018, 2020, '21, all the way down to '07. And then layer on top of that the fact that we changed the internal audit regime in response to the 114 so that we were focusing on financial elements over and above everything else. As an audit specialist, how do members understand that, understand whether there is true improvement and how do they take assurance out of that declining market of samples? Thank you. Again, two really good questions, Cher. I'll take the first one in terms of the borderline between unsatisfactory and limited. There isn't really a clear answer to that, I think. First thing to note is it's the head of internal audit opinion, so ultimately the responsibility lies with the head of internal audit. It's done on just -- no, sorry, excuse me, not just the assurance opinions of the audits undertaken, but a wider opinion of the look and feel of the organization as we audit. Very often follow-up, although follow-up work wasn't included this year, the financial circumstances of the councils and the fact that the council is within a Section 114 notice did obviously take -- was taken into consideration. So it's more, I would say, look and feel based on some key data that we have. So like I said, I don't think there's a particularly clear answer. It's probably not particularly helpful for you or the committee, but it's more of a broader in-the-round opinion. In terms of assurance, and believe you me, we wrestled with this ourselves. There was a point in time in which we thought we weren't going to be able to provide the council with an internal audit opinion. So I think we've fallen on the side of issuing the opinion based on the fact that it was, as I said before, a focused internal audit plan looking at a specific set of circumstances for key financial controls. And that, as I say, is noted in the report. This year, obviously you'll notice that it's a much broader review, so we'll be able to give the council a much better assurance opinion, if you like. Thank you. I think that is actually helpful, particularly the comment around the look and feel. Can members extrapolate from that that there were no areas of concern that the committee haven't been identified of that came up within the audit? Sorry, I'm not quite sure I understand the question. Does this report reflect, I suppose, the totality of the opinion of the auditors? Are there any items that came up during the course of the year that the committee haven't been told about? Given that I joined the firm in November, and that the internal audit plan started in September, or there or thereabouts, I don't feel that I'm in a particularly good position to answer that question. My honest answer, that since I've been managing the account, the answer is a definite no, there is nothing that's been withheld from the committee. Okay. Lovely. Thank you. And I guess on a similar vein, the scope of opinion in the report states that you take into account any high or medium priority risks that were not accepted by management. Are you aware of any that weren't accepted? Again, since my involvement, there's been no such circumstances. From what I understand from speaking to the predecessor, my predecessor, excuse me, all recommendations have been agreed and therefore subject to follow-up activity. Thank you. Councillor Rice. One of the issues that would be of interest would be audit observations that were negotiated down from high to medium by council officers. Things that you saw as being high risk, but I know audits are a negotiation, they're not black and white. Of course. Thank you, Kevin, for your confirmation, but it helps us as a committee to -- what we're trying to do is to understand the risk profile of the council and given the history, there's concerns saying, right, we are on a process of real improvement. How's that happening? And I think to me, trying to understand the landscape in terms of what has not been looked at that might have been looked at in a normal council thing, because that's potential black spot, as it were, or black hole, and it's just really trying to understand those things and it's not just a question of what hasn't been done, but what has been done to the extent of, you know, I know from my own experience, you get an auditor in, you negotiate. You do not want a lot of high-risk observations. Through you, Chair, again, thank you for the question, Councillor. In terms of our independence and objectivity, I can absolutely assure the committee that there is no negotiation taking place with management in terms of priority of recommendations or assurance opinions. What we do is take a risk-based approach to our findings. We determine what the risk is in relation to those specific findings. Now, once we present a draft report to management, there is clearly discussion on, as you say, the priority of the recommendations, and you're right, management are always very keen to reduce those wherever possible. When they are reduced, it's always done on the basis of mitigation. So can the Council provide evidence such that we as independent and objective internal auditors are happy that the risk itself that we've highlighted has been mitigated in accordance with that reduction in priority? Thank you, Chair. There is no intention to even hint at any compromise of independence; I just know that robust managers negotiate robustly. Thank you, Chair. Thank you. Kevin, did you still want to comment on that? No, no. Only to say, and maybe to prepare the Audit Committee, I do expect audits to come through with areas of high recommendation. That's because management appoints an audit towards areas of high risk, and we treat internal audit as a management tool for areas of attention. So there will be issues in our audit program that come through this year that will be high risk, because if they weren't high risk, we shouldn't be putting those in an internal audit program in terms of the risk-based approach. So I know there are absolute areas in there that are in there because we have concerns, and if we've got concerns, we expect those to be in an internal, and we had a discussion with our managers yesterday in terms of our approach to internal audit, with all the senior managers in the Council, and that discussion was on the basis that internal audit is not to be feared; it is a tool to improve the management of the business of the organization. And if we treat it like that, we point it to the areas where we get the greatest value by highlighting risk. And I expect risks in some areas in the short term to go up, because the audit is in areas where they need to be. Thank you, Kevin. Councillor Costenhand. Thank you, Chair. [Laughter] Yeah, sorry about this, long enough just to make sure that it didn't stay on the screen. One thing is that there is no equal pay issue in working, I don't believe; is that right? Because in your top end of the thing, it said, Oh, councils are facing equal pay issues, and I don't believe that's true in working. We don't have any equal pay claims. No. We are undertaking a process of reviewing the structures of the Council, of the organization, but that's not on the back of an equal pay claim or issue. It's not about making sure that -- I recognize it was probably a particularly Birmingham issue where they deliberately ignored -- I suppose for woking the distribution of roles where equal pay risks typically occur, as a district council, we don't have -- we're not exposed to the same levels of risk that the big metropolitans and unitaries are, where you have the key areas between occupations that are primarily employing females and occupations that are primarily male and overtime peacetime based pay structures. So we have a lower degree of risk, and we don't have any current equal pay claims or challenges in -- Thank you for that assurance. It's not saying there will never be, but there isn't anything that's currently in there. I'm looking at the risk register part of it, and I find it quite -- well, obviously, it's not difficult to read. All the words make sense, so to speak. But the next section is about materiality, and I find the risk section, I -- in pages 32 onwards, am I looking at the right document? I think you may be looking at the next one, the ground forms and documents. I think that might be the case, Councillor. Did I jump? How did I jump? What page are you -- what page am I meant to be looking at? Sorry. In which case, apologies. Page 23 through to 29 -- sorry, 30 -- 23 through to 30. Which does include the equal pay, I think. I don't have a break there. I apologize. Mine just slipped straight on, so I'll leave it until later. Thank you. Thank you. Are there any further questions or comments from members on this paper? No. So I think we've come up with some ideas for reporting going forward on this. I think there is a positive news story in that we've got -- we're now up to date with audits and outstanding actions. And I think a second positive about the follow-up work that's now going to be able to go forward. And obviously, just on that point, I think it's absolutely critical that the Council get a handle on audit recommendation follow-ups. We need to create a culture where there's visibility of reporting. As Kevin says, where internal audits are not feared, that they are actually used as a management tool. And we absolutely must not find the Council in a position that it found itself in several years ago, where we're going back probably six or seven years ago, where there was a buildup of outstanding recommendations and where this committee had to call officers and managers in to explain why those recommendations were outstanding. So I think the fact that we're able now to bring that to the fore and pick up again on a regular basis is good. So thank you very much for the report and look forward to seeing it again when it comes around again. Thank you. Thank you, Chair. On the basis of that discussion, the committee is requested to resolve that the annual assurance opinion of the head of internal audit over the control environment be noted. Agreed? Thank you very much. Order Item 8 sees us move on to the external audit plan. Thank you very much for your patience. Joe, are you taking this or is Paul taking it? Paul's taking it. Thank you, Paul. Thank you, Chair. So the paper in front of you is our audit plan. It provides an overview of our plan's scope of work for the 23/24 audit. The highlights of the plan are set out on page 43, and it's page 7 of our report. The plan sets out significant areas of risk, and I'll propose work that we plan to address these. Once we've completed the work, we'll obviously report back to this committee of the findings. The following are the significant risk areas. So we have management override of controls. This is prevalent in every audit that audits undertake. So it's in the private sector and public sector, so you'll see this across audits all over the place. At the risk of fraud in both revenue and expenditure recognition, we have, given the financial challenges of the council, there is the risk that management will seek to overstate your income and understate expenditure in the financial statements. We also have the valuation of land and buildings, investment properties, and council dwellings. These are the large values on the balance sheet that are complicated estimates, and the council will get the assistance of an external valuer to help them with this. Valuation of the pensions liability, again, it's a rather large number on the balance sheet. It has a number of assumptions feeding into the estimate, and the council will get assistance from an expert, in this case, an actuary, to help them calculate that balance. As we briefly touched on earlier, the minimum revenue provision, the council proposes to put an adjustment through their 23, 24 financial statements. This will be a big figure, and at the stage of writing the plan, there's still ongoing discussions on what that figure's likely to be. We have the impairment of long-term debtors. As you're aware, the council has advanced significant loans to its subsidiaries. Some of these are posting losses and are unlikely to repay the loans, so there's likely to be a significant impairment in the accounts. The group position, the council has not prepared group accounts for a number of years. The group structure of the council is very complex. The council is also considering some of the treatment around the Victoria Square treatment in previous years. Once the council have established what the group structure is and how they prepare, the group council will come back and do our assessment on the group then. We've also noted the capacity, skills and corporate knowledge of the finance team. There's been lots of changes in the finance team, and they are receiving assistance from PWC, who commented earlier in preparing the financial statements. There is a risk around loss of corporate knowledge on transactions that go back years, and this could have a detrimental impact on the quality of the working papers and the financial statements. The final risk that Shannon talked about is open imbalances. As you're aware, you're likely to be caught by the backstop when it comes into place and have a disclaimed opinion for '22, '23 financial statements. At the moment, we're unclear of the amount of work that we'll need to undertake to get our assurances over the open imbalances, but as soon as we get guidance and the regulators, we will follow that guidance and inform the committee of our proposed approach. The materiality for the statements. We set up materiality at a planning stage of about $1.7 million. This is based on statements that are fairly old, the 2021 financial statements, the ones that we were last given to see. We will update our materiality once the Council has gone through the '22, '23 statements and provided us '23, '24, we will update our materiality on them figures then. In relation to the value for money work that we undertake, we are currently still in the planning stage of this work, and that will be informed by the outcome of the work that the predecessor auditors are undertaking. Finally, probably to touch on the fee, so the proposed fee set by the regulator, public sector, all the appointments, and that's £306,000. That's probably the highlights from the plan, but obviously happy to take questions. Thank you very much, Paul. Councillor Oates? I have three questions. First one, under your key matters, you said that the Council still lacks some of the data systems and capacity to be able to respond quickly to many of the challenges it faces. I assume you will be making recommendations with respect to those, like that was the first point. The second point is around the materiality, that you have taken 1.5% of operating expenses of '22, '21, that would imply operating expenses of $111 million. I can only assume that in that, that's also included the interest charge that we couldn't pay. I wonder if a more suitable measure for materiality would be based on, if we look at the General Fund budget and the HRA budget for next year, then the first is approximately $24 million and the second is about 21, so I think a more realistic basis for calculating materiality would be the $45 million rather than the $111 million that you have taken. And the third point on the value for money, here it only mentions '22, '23. Just for clarification, that's separate from the value for money review that is going to look at the period where all of the unfortunate decisions were made, right? Okay. So those are the three points I had. So I think then just to take those in order, we are aware through working with Stephen and the finance team of the arrangements they have put in place to produce the unaudited accounts and to strengthen the capacity and experience within the finance team, that is something we will continue to look at as part of our external audits and obviously if we have observations around that to help the Council going forward, then we would be capturing that at a suitable point in our reporting. On the materiality, we usually use a benchmark which is a percentage of operating costs. We have taken it from '20-'21 unaudited accounts which gives us the $1.67 million. We will use the '23-'24 numbers for that. In public sector, we usually use an expenditure benchmark and we recognise the accounts we base that on have not been audited and they potentially contain errors within them. That is why we will use the '23-'24 unaudited but it will be within that same percentage range and we will look at any one-off items or anything there that would not be appropriate to include in our calculation and we will set that back out to you on how we have calculated it. Okay. The last point is we are doing a deeper dive into the investments and the history piece and that is in the drafting stage. We will need to do some additional value for money considerations which did not fall into that scope particularly around anything around the governance side of wider Council business and financial sustainability, picking up the position around the arrangements in place and capitalisation and that will come through in a separate report when we conclude our work on the financial statements which we hope to do ideally within this calendar year but there are some challenges within that. What is the latest estimate for the value for money review that is going to look at the historical case, so the investment decisions and so on, what is the latest date of that? The latest piece for that is due to the election and that announcement, we have held off on the consultation of our draft report. We plan to do that after the election, at the moment we are planning to do that, I think it is Monday 8 July and we have a four-week consultation period, so we intend to enter into that and at that point it is still very much a draft where we will take on board those consultation comments and hope to finalise it thereafter, but our timetable has been pushed back a little bit with the election announcement. Thank you, Stephen, you wanted to come in? Yes, thank you, Chair. Very briefly, just on the point about the resourcing of the finance team, I think it is worth mentioning one of the issues that commissioners have raised is about capacity and capability of the team and what I want to share is that, shall we say, in the spring we put in a range of interim arrangements and I think it is entirely appropriate that I just mentioned behind me, Matt Davis, who is Deputy Director on an interim basis here and has done quite a lot of work on internal audit in the session we were talking about under the previous item, so we have brought in some interim resource pending longer-term permanent appointments to strengthen the team in the short term which has added to the ability to address the accounting issues and all those things, but there is also a way to go on this to get to the level that would satisfy members and indeed the commissioners. Thank you, Stephen. Can I just ask a question about materiality? Am I right in thinking that this committee needs to satisfy itself that the materiality is appropriate? I have recollection that in previous years we asked for the trivial figure to be reduced. I think when it was set in 1920 we had materiality at 2.4 million and trivial at 50,000. I wonder whether I am correct in that recollection that there can be input to move it down if appropriate? What I would say in terms of materiality is obviously there is the audit of judgment there around what is material to these accounts and our plan sets out our rationale which is obviously based on outdated figures. That gives trivial at the moment based on these 83,000. Obviously anything above that threshold we would report to you as to whether management has adjusted or whether it is set as unadjusted. Your overall materiality, 1.67 million, is relatively small compared to the size of your balance sheet and some of the entries on your balance sheet. As an auditor, that presents a certain challenge in terms of what we need to audit to and what we would be considering as a material error in these accounts. Our rationale and our benchmarks are set there. It is obviously for the audit committee to consider whether they think that is sufficiently appropriate. In our view, that is a very low level already. Thank you. I wouldn't disagree. I think it was really to sort of draw out for members' benefits what kind of input they can have in this process to understand where it goes. Mr. Rice. Thank you, Chair. I think you sort of alluded to what is not material in the balance sheet can be extreme material in the income expense statement and that is the thing that we are trying to -- and I am trying to understand the paragraph where it says we are obliged to report uncorrected omissions or misstatements other than those which are clearly trivial to those charged with governance. What does that mean in simple English? That means we will report to any error that is over 83,000 pounds to this committee. Who are those charged with governance? That is the committee. Oh, OK. Not -- because we talk about governance and financial governance and accountability, I would have thought that is us. That is the members. OK. So that is misstatements in the financials. Is that what you are talking about? Yes. Thank you. Thank you. Did I see -- I apologize. I kept going from the last time I should not have. The risks. Now I am in the right place. I don't know what happened but the previous version I had missed eight to ten pages out which didn't help me at all. You have got what seemed to me a very standard list of significant risks. So the first two being risk of fraud in revenue recognition, risk of fraud in expenditure recognition. Now obviously the first thing you then ask with a risk is its probability and its effect. So to make up some sort of risk score, is there a high risk of fraud in revenue recognition? If so, how would that be made up? And exactly the same in expenditure recognition because it feels to me that with the materiality discussion we have just had, that our revenue comes in in fairly big blocks, therefore it is difficult in one sense, you know, if the government gives us, you know, 10, 15 million and whatever in a block that we are going to, you know, skim off 5% in some dodgy fund. If someone comes in and pays us through the bank account for their rent in a month, then materiality probably doesn't account for anything in that sense. So I just was interested with the risks because I don't see a scoring system here as to how big they are. They are said to be significant, but I find that difficult to measure in my own mind. So I think what I would say is there is risks within here where we have to identify them as risks because the auditing standards require us to consider them and flag them to you as risks. That includes management override of control. It also includes us considering is there a risk of fraud in revenue and/or expenditure in a public sector landscape. We have set out within the plan where we have pinpointed the risk. So, for example, in the revenue recognition one, we wouldn't associate that level of risk with something like government grants, council tax, your NNDR income. Those are standard sources of income which are traditional council income. So we would look to look at specifically any fees and charges, service income, where there could be a potential, we are not saying there is, but there could be a potential for management, given your current financial position, to look to misstate the financial statements to show an improved financial position. You could do that here either through revenue, potentially that small source of revenue, or understating your expenditure in a year. That is why we have pinpointed those two specifics. Out with the auditing standards, we then think about where is there an opportunity or potential for the accounts to be materially misstated. As part of that, we look at a higher risk where there is a large judgment or estimate or a large material balance. That is driven through the risks around the valuation and the pension. Then, specifically looking at your current position, that is why we have drawn out MRP, the group consolidation, and the impairment of the long-term data. Those are not typical significant risks in a council. In a standard district, you probably have three, maybe four significant risks. That is your override of controls, probably expenditure, recognition, valuation, and pension. Thank you. Just looking at those risks, you pulled up the pensions as being a particular risk. As a borough council, we sit in an interesting plane. We have a pension scheme that is run by the county, but which the borough has pay-in. Two questions out of that. How does things like data quality checking work with that interplay between borough and county? Then the second one is potentially a little bit more technical. Are we still seeing the impact of the McLeod judgment as being a material risk in the field of pensions? They were a couple of pension ones. The other one that we haven't picked up on, IFRS 16, are we seeing that as a material risk going forward? I know there is a page on that, but it doesn't appear within the risk profile. I think the next financial year, 2024-25, you will see that as a significant risk. It will be the first year of implementation for the 2023-24 accounts management has to put in the council estimate the figures could be, what the impact is going to be, and what the likely impact is. It is only a disclosure rather than what the actual impact is, which you will see in 2024-25. In terms of helping the council going forward, there will be comment on how the council are handling the impact of that going forward and the change between ops and finances. We will comment on what procedures and processes management have got in place to identify the leases and transactions that will be affected by this change in standard. Thank you. As regard the pensions? In terms of the pension fund, there is an auditor protocol in place, where we write and engage with the auditor of the pension fund. As part of those assurances they provide us with, that covers aspects of the accuracy of membership data, the data that is sent by the pension fund, along with the assets and liabilities. We then take that assurance along with our own pension testing to form our overall view on that significant risk. Not such a big issue, obviously it was in the previous years, but people have made assumptions and judgements on Macleod now, so it is less an issue. Thank you, thank you very much. Anything further from members on the plan? No? Sorry, please, Councillor Wright. Thank you, Mr Chair. Just to try and improve my understanding, I suppose what you are saying in summary is the greater risks is where there is management subjectivity input into the accounts, because cash entries are dead easy, council tax, you have got a stream of payments, tick, done, but it is all the subjective stuff, like actuarial, you know, actuaries, it is inexact science, being an actuary, or valuations, subject to subject, very much subject to subjectivity. So it is really, it is the non-cash type items that pose a greater risk. Thank you. Thank you, Jim. Thank you. My final comment then, if there is nothing else from members, looking at logistics, we have, I think there is note in the papers that there was a risk assessment, or the risk assessment that was taking place wasn't completed due to council capacity issues. So I am wondering whether officers, this is probably coming to you, are you able to comment on capacity of the organisation to handle the external audit requests with the staffing that we have currently got, and whether there are any logistical concerns with how the external audit is likely to run? I think that comment would primarily relate to the engagement with the finance function, which is where Stephen is putting his resourcing plans in place, and getting the support to be able to support such a process. I couldn't comment specifically, but from what we have heard from Stephen and we know in terms of that focus, then I think it would play into that area. Yes, I think just to obviously add, we catch up routinely with Stephen in terms of the financial accounts, but also the wider developments in the financial position of the council. We are very aware of the production of the unaudited accounts to catch up when the unaudited accounts for 23 or 24 are available, then we will work with the finance team to be able to audit those. We should be able to do that in the absence of open and balanced guidance if we have to do that, but I think it is very much when the council is ready, and then our working with the team on what we require from an audit and how we will then best phase that work. We recognise the group positions are complicated and there might be a position where we want to look first and foremost with the council only before we look as well at the group, but we are meeting monthly and having those conversations around the logistics and the timetable. The backstop legislation, as in when it comes in, that sets, as we understand it, that will set a deadline for when the 23 or 24 accounts need to be audited by, and obviously if it goes beyond that deadline, then you would have to backstop that audit, and that is not in anybody's interest to do that, so we continue to talk about that as well. That is very helpful, thank you. Anything further from members? No. Thank you very much, Joe and Paul. Very helpful and engaging discussion on that. The committee is requested to resolve the indicative external audit plan for 23/24 be agreed. Thank you. Agenda Item 9 is a fairly straightforward paper. It is a registration of interest for members elected in May. Gareth, did you want to speak to this one? Thank you, yes, nothing to say other than there is full compliance with this and to point out there is a typo in the date, which should read 2024. Thank you. Thank you, Gareth. Noting that typo and taking the opportunity to remind members that should your interest change to make sure that the register is updated, I am going to assume there is no discussion on this. No, thank you. The committee is requested to resolve the registration of the interests of the members newly elected in May 2024 being noted. Thank you. Agenda Item 10 tonight is the audit and governance committee work program. Gareth, did you -- no. Nothing to -- so we have before us the plan for the committee's work program. And in essence, it follows the plans that we have used before. I would suggest that this is a piece of work that potentially needs to be looked at in some considerable detail. And note that there are plans in place for two things which hopefully will assist members. An assurance mapping exercise so that members can see where the assurances that they are going to need to get in order to make decisions later on sit. And also a new plan for a chairs committee to coordinate work plans. And I think both of those potentially play into this. For what it is worth, I had some suggestions that I think might enhance the program. I think we need to remember that the committee's role is to ensure that the governance processes are in place, that they are robust and effective, and that appropriate and proportional controls exist to safeguard the public interest. So in that extent, we are not a deep dive committee. However, I would potentially, subject to members' views, suggest that we need a more robust program in front of us. We need to see standing items that would potentially encompass the work program itself being a standing item, which would allow members to see what is coming up and facilitate additions to that program as necessary. A standing item relating to the annual governance statement, and that is for new members to the committee, that is the statement that this committee signs off, effectively saying we have fulfilled our governance obligations by doing X, Y, Z. Traditionally, that document has come to the committee once a year, and it comes dry. And I get the sense it would be helpful for members to see that more than once a year, to see it as a work in progress, because that will enable members to focus on what assurance they need and where they are getting it from. I potentially also think that within the internal audit progress reports, which we do get every meeting, we might want to bolster those with audit trackers. As we discussed, I think Councillor Ritchie made the point about risk, and I think we made that point with internal audit, that we have tracking documents that come to this committee. Even if they are not actually debated, but we are having those sort of rag-braided documents in front of us, so that members are fully cognisant at each stage where we sit, and then hopefully, if there are matters of concern, it is easier to bring them out. That risk management element, I am slightly concerned there is nothing in the programme specifically on risk, and that we should at the least be seeing an annual report on strategic risk. We are not talking individual project risk here. This is strategic risk, and potentially half yearly updates on where that is sitting. This is getting it to be a long list. Consideration of an annual report to full Council, that doesn't appear on the programme currently, but I think we would potentially benefit from being there in draft form for good discussion. Again, just to consolidate what we are doing from meeting to meeting. Finally, one I should have raised with Stephen as our 151 officer before I came in but didn't have the opportunity. Mentioned last committee was made of the role of internal audit and how we get quality assurance over that role. Something that other authorities have on their work programme is a 151 officer report on the effectiveness of internal audit. As I say, I should have raised that with Stephen before the meeting, but didn't do so. The final missing thing to my very long list, private meeting with the auditors. We don't currently diarise that. Auditors have been very good at coming and raising matters as necessary, but I think, again, potentially good governance for building that into the programme that we have that opportunity to have a private meeting with our auditors to discuss matters of concern and to gain assurance over some of those issues where there may be discomfort. Using that was a very long list. I don't know whether members have any comments or thoughts of their own. I think the risk element and having some sort of risk log that we can see on a regular basis is really helpful. I think one of the difficulties for us is that we have four or five meetings a year, once a quarter. It's really hard to remember what happened exactly last time. It's difficult for us because we're not living it as councillors to get a feel for that. Therefore, some sort of, as you say, risk log would be really helpful. I think the annual report, again, seeing it develop rather than actually being presented with a complete, almost fairly complete, is a much better way of doing things. Thank you. Thank you, Chair. The old question in Latin, I think it's Quis custodies custodiam, who guards the guardians? And a more continental European approach is to split internal control from internal audit, internal control being online real-time and the audit being post-facto. So I don't know if the external auditors would think it would be appropriate for the external auditors to comment on the adequacy of the internal audit function because they're entirely independent. And obviously, it is of great interest and importance that the Chief Financial Officer reports on the internal control environment within which he works, workflows, cooperation, information, completely transparent environment, et cetera, et cetera, all the things that we'd like to see. But then the out turn of that in the audit work, I would have thought my experience in the past was that would come from external audit. And external audit would certainly come down hard if they didn't think the internal audit was effective. Nothing personal here, but this is the professional sort of segregation of functions, as it were, if I may set that out, Chair, as something to consider, if I may. Thank you. Thank you very much. Any officers or auditors have any comments on suggestions that have been brought forward? I think just responding to some of those members or particularly in terms of a specific thing about the CFO, if you like, reflecting on the performance of internal audits. I mean, I think one of the things that we've all orally dealt with tonight is kind of the improvement. I think, you know, a very good comment from reflection from MSRs on how things have progressed. Now, if members think there is a value of a written report coming to this committee from the CFO reflecting, if you like, on internal audits performance in between meetings, I think that is something we could certainly do. So that would not be an issue. I think it's quite important to understand about externalized internal audit, because it always seems a bit complex, but it's not an unusual model for the delivery of internal audit. But in a sense, MSRs operate as a in-house chief internal auditor, except it is an externalized performance. And as I've had informal discussions with members in the past, it gives a wider spread and a wider offering than trying to run an in-house team in a small authority in a competitive environment. So it's worth remembering why we do that. So although they are external, we are joined up. And I think hopefully we've demonstrated some of that tonight. Nevertheless, if members feel there's further assurance on having a brief report which says what has been done between quick committees, I think we can absolutely do that. I think in terms of the governance point, I think it's worth saying that any controlled environment, if you like, Councillor Wright, is the annual governance statement is designed to do that. And as the chair has already recommended, if you see that regularly throughout the year, that gives the report on, you know, how we're responding to governance challenges and the particular control environment issues in the council. So in a sense, the way that the chair is suggesting probably strengthens what we're doing there. Jo, thank you. Just adding to that from the annual governance statement, obviously our role as external auditors is to look at and review the annual governance statement around the content, the knowledge of the council and give an opinion on the annual governance statement. Our wider work, which we touched on briefly in the plan around the value for money, is governed by the NEO code, and that includes an element of governance, and that includes an element of considering internal audit. We don't rely on the work of internal audit, but we do look at your internal audit function, the capacity and their contribution to the council's control environment. So when you do see an output from us around that value for money, that will include some of these broader governance areas and provide you with assurance alongside officers' recommendations and actions that they'll take forward, which we track through, similar to internal audit, in terms of how these recommendations are being implemented. So there is a governance dynamic within our reporting as well, and that comes through the annual auditor's report. Thank you very much, Jo. Councillor Green. Thanks, Chair. Just wanted to kind of support what you were saying in terms of the work programme. As it currently stands, I think we as members have to accept in good faith the programme that's put before us, and that it will provide all the necessary assurance once completed. So I think anything that can give us reassurance, and assurance that we're looking in the right place in terms of focusing on risks and the risk register, I think can only be a good thing. Thank you. Councillor Roger. Thank you, Chair. In this work programme, it's the mention of received the annual report on ombudsman complaints. I just want to note that do this committee have any input in the process of ombudsman working pattern or anything, or do they consult sometime to these committee members? Sorry, Councillor, could you repeat what's your question in respect to the ombudsman in relation to...? It's a point of information that it's mentioned that received the annual report on ombudsman complaints. I just want to note that do this committee have any input in their process, or do they consult to the members of... I'll take that one if I may. No, that's entirely dealt with by officers who liaise with the ombudsman and provide them with the required information that's requested. They're not brought before this committee as such in terms of the way they're dealt with. What this committee sees is the annual summary of the number of complaints that have been made and what the ombudsman has done with those complaints, and generally speaking, it's been a very positive picture for working. Councillor Cossam. I think what it does for us is that it gives us the ability to see where the council might be failing and where potential risk is, and that's why we as a committee see it. It then informs what's going on in audit and other things. So if suddenly you've got a thousand people complaining about a certain item of the council's programme, we might wish to say, well, how about why? And that's why we're bringing it. Thank you very much. Are there any other questions or suggestions for the work programme? Please, Councillor Cossam. Can I ask, since we're suggesting quite a radical overhaul of this single sheet of paper, that it be brought back to the next meeting as a more complete item? I was hoping someone would suggest that because it means I don't have to, but no, absolutely. I think we need to work with officers to pull this programme together to check that actually we're not ending up with a very heavy programme, because I don't think it helps the committee if we have an incredibly heavy session, but to work with officers to come up with something along the lines suggested and presented in good tabular form. I've seen some very good examples out there, and particularly where there are some great tables which will show when various things come up that I think give greater visibility than a piece of paper that is very wordy and not easy to digest. Please, Kevin. I think it's really helpful to flesh out the audit programme you've explained there, and not only because it gives greater depth, but also it gives an ability for the chair to take it to the chair's group and do a read across between the overview and scrutiny, because risk will be on a number of those, so it's to make sure it's not duplicating, but it's complementing various activities in scrutiny and the audit role in that process, so really helpful to flesh that out. I think that was exactly my point behind expanding some of these things, because I think there are certain synergies with the various committees that haven't been exploited in the past, and that there are great lost opportunities to work together to ensure that not only is this committee cited on audit and governance, but actually other committees are as well, because ultimately many of the decisions are full council. Okay, so on that basis -- oh, sorry, Councillor Costa-Hannigan. Can I therefore suggest an amendment to the agenda item, because the committee is currently requested to resolve that the work programme be received, but we're not, so I suggest that the work programme be noted and that a new version be brought back to the next committee as an amendment. Thank you very much, Councillor Costa-Hannigan. I guess technically I need a seconder for that. Thank you, Councillor Greentree. So on that basis, does the committee agree the resolve as amended by Councillor Costa-Hannigan? Thank you very much. That, I believe, brings us to the end of tonight's agenda, so thank you very much, everyone. Thank you particularly to our external and internal audit team who have been very patient throughout and to all officers. Thank you. Thank you. Thank you. Thank you. Thank you.