The Governance, Audit, Risk Management and Standards Committee (GARMS) met on Monday 16 February 2026 to review the audited Statements of Accounts for 2024-25. The committee received a disclaimed audit opinion on the Council's financial statements due to insufficient time for auditors to complete necessary procedures before the backstop date, a situation replicated across many local authorities. The Pension Fund accounts, however, received an unqualified opinion. The committee also discussed the Corporate Risk Register, noting four red risks including a successful cyber or ransomware attack and financial risks in adult social care, children's services, and temporary accommodation.

Statement of Accounts 2024-25 Audited

The committee received the audited Statement of Accounts for the financial year 2024-25. Sharon Daniels, Strategic Director of Finance, presented the report, explaining that due to the backlog in financial reporting and audit work, the external auditors, Forvis Mazars LLP, would be issuing a disclaimed opinion on the Council's financial statements. This was due to insufficient time to complete the required procedures to gain full assurance before the statutory backstop date of 27 February 2026. The auditors noted that this situation was not unique to Harrow and was a national issue.

For the Pension Fund accounts, however, the auditors issued an unqualified opinion, stating that the financial statements give a true and fair view and have been properly prepared.

The committee was asked to:

• Consider the Audit Completion Reports from Forvis Mazars LLP.
• Approve the audited Statement of Accounts for 2024-25 and authorise the Chair to sign them.
• Note the Pension Fund Annual Report 2024-25.
• Authorise the Strategic Director of Finance, in consultation with the Chair, to make any final minor amendments to the Statements of Accounts prior to signing.

Councillor Philip Benjamin raised concerns about the valuation of investment properties and short-term investments, questioning the finality of the figures given ongoing audit testing. Suresh Patel, from Forvis Mazars, clarified that while testing was ongoing, no material misstatements had been identified at that point. The discussion also touched upon the complexities of IFRS 16 implementation and the reasons for the disclaimed opinion on the Council's accounts, which were primarily linked to the need to rebuild assurance over opening balances following previous disclaimers.

Corporate Risk Register 2025/26 Q3

Tracy Barnett, Assistant Director Audit and Anti-Fraud, presented the Quarter 3 Corporate Risk Register, which covers the period up to the end of December 2025. There were four red risks identified:

• A successful cyber or ransomware attack on the Council.
• Failure to meet the demand for Adult Social Care (ASC) within the budget set out in the Medium Term Financial Strategy (MTFS).
• A significant overspend on the Children's Services Placements budget.
• Insufficient supply of affordable accommodation to meet the demands of homelessness.

Councillor Dan Anderson questioned the rewording of risks and whether it impacted their calculation, while Councillor Kuha Kumaran sought monthly or quarterly updates on cyber threats and the latest technologies deployed. Councillor Philip Benjamin drilled down into the risk of inequality and disproportionality experienced by staff, noting an increase in its rating and seeking clarification on whether this was proactive or reactive. Alex Dewsnapp, Managing Director, explained that the rewording of risks was to focus on what the Council could control and mitigate. Ben, from the IT security team, provided details on actions being taken to address cyber risks, including restricting external access to Teams and implementing a new AI-powered security monitoring system, with the aim of bringing the risk level down to amber.

Directorate Risk Register (Resources)

Jonathan presented the Quarter 3 Directorate Risk Register for Resources. There were seven open risks, with one rated red: a successful cyber attack or ransomware attack on the Council. Six other risks remained stable since the previous quarter. Councillor Ghazanfar Ali questioned the data and evidence behind the risks, while Councillor Rashmi Kalu suggested expanding the register to include quantitative metrics for community cohesion. Sharon Daniels, Strategic Director of Finance, confirmed that none of the Council's business-critical contracts were currently causing critical concern.

Internal Audit & CAFT Progress Report

Tracy Barnett and Justin Phillips presented the Internal Audit and Corporate Anti-Fraud Team (CAFT) progress report for the period ending 31 December 2025. Internal Audit had met all its performance indicators except for 5%, with slippage attributed to work on current year audits. Two additional reviews had been requested, resulting in 13 recommendations. The CAFT team was meeting or exceeding all targets except for the recovery of social housing units and disruption of fraudulent Right to Buy applications. Justine Phillips provided a summary of fraud referrals, outcomes, and financial savings, totalling over £1.1 million for the financial year. Councillor Yogesh Teli inquired about the nature of fraud cases, and Justin Phillips provided examples including false sickness claims, failure to disclose conflicts of interest, and polygamous working. Councillor Ghazanfar Ali asked Sharon Daniels about IR35 procedures and whether the Council had undergone a PAYE inspection by HMRC, to which Sharon Daniels responded that she was not aware of any recent inspections.

Review of Treasury Management Strategy

Sharon Daniels presented the Review of Treasury Management Strategy, which covers both the General Fund and the Housing Revenue Account (HRA). There were no changes to the strategy compared to the previous year. The report detailed planned capital expenditure of £164 million for the General Fund and £256 million for the HRA over the next three years, with a total borrowing requirement of £226 million. The borrowing portfolio had increased from £413 million to £430 million, primarily due to repaying a market loan with a higher interest rate. The average borrowing rate had reduced from 3.45% to 3.23%. Investment portfolio average rates had also decreased from 4.52% to 4.19%, although UK government investment rates had increased. The report also discussed the voluntary MRP policy, which had built up a provision of £6.8 million that would be used to help balance the budget in 26-27. Councillor Kanti Rabadia requested that the treasury report be moved to the first agenda item for future meetings. The committee agreed to recommend to the Council the approval of the Treasury Management Strategy Statement, Prudential Indicators, Minimum Revenue Provision Policy Statement, Annual Investment Strategy, and Annual Capital Strategy for 2026-27.

The meeting concluded with the committee noting the progress report on Internal Audit and CAFT, and agreeing the recommendations for the Treasury Management Strategy.