The Audit, Standards and Statutory Accounts Committee was scheduled to consider the proposed Internal Audit Plan for 2026/27, alongside the Internal Audit Charter and Strategy. The committee was also set to receive an update on the strategic review of the Council's risk management approach and a summary of fraud work undertaken by the South West London Fraud Partnership.

Internal Audit Plan, Charter, and Strategy 2026/27

The committee was scheduled to review the proposed Internal Audit Plan for 2026/27, which is designed to provide independent, risk-based assurance to strengthen the Council's ability to create, protect, and sustain value. This plan is grounded in legislation, specifically the Accounts and Audit Regulations 2015, which mandates an effective internal audit to evaluate risk management, control, and governance processes. The proposed plan aligns with the Global Internal Audit Standards in the UK Public Sector (GIAS), which became mandatory in April 2025.

The report presented the Internal Audit Charter and Strategy for the South West London Audit Partnership (SWLAP). The Charter outlines the purpose of the Internal Audit function, its commitment to GIAS, its positioning within the Council for independence, reporting relationships, the role of the Audit Committee, and the responsibilities of the Chief Audit Executive. The Internal Audit Strategy details how the service will be developed and delivered, including its vision, strategic objectives, risk-based planning approach, quality assurance processes, and key performance indicators (KPIs).

The Internal Audit Plan itself is risk-based, informed by various inputs including issues identified in the Annual Governance Statement, discussions with departmental management, reviews of corporate and service risk registers, and outputs from other assurance providers. Risks are evaluated based on reputational, legislative, financial, and health and safety considerations. The plan includes a mix of Wandsworth and Richmond specific audits, with a substantial proportion focusing on key financial systems to ensure robust assurance over financial controls. The plan also allocates capacity to support the Council's transformation programme.

The report also detailed the resourcing model for SWLAP, which includes directly employed staff and agency or contract auditors where specialist knowledge or capacity is needed. It highlighted the flexibility and adaptability of the plan, with contingency time allocated for emerging risks or urgent issues. Reporting and communication protocols were also outlined, including regular updates to the Audit, Standards and Statutory Accounts Committee.

The report recommended that the committee approve the Internal Audit Charter, the Internal Audit Strategy, and the Internal Audit Plan for 2026/27. It also recommended noting the approved Achieving for Children Internal Audit Plan for 2026/27.

Update Report on Strategic Review of Risk Management

This report provided an update on the strategic review of the Council's Risk Management Approach. It noted that local government challenges have increased in recent years, while capacity and capability have not grown at the same pace. Richmond and Wandsworth Councils had undertaken a comprehensive review of their joint Risk Management Strategy in 2025, prompted by feedback regarding oversight mechanisms, transparency, and the need to modernise risk reporting. The review proposed a shift from a manual, biannual process to a more dynamic, digital, and quarterly risk management framework.

The review identified a need for clearer escalation pathways and more consistent oversight, proposing a three-tier model: service-level risks reviewed at divisional level, divisional review and sign-off for departmental risks, and strategic risks identified and escalated to the Governance Board. A significant outcome of the review is the planned transition to a digital risk management platform using SharePoint and Excel-based templates, aimed at enabling real-time updates and visibility. Recommendations agreed by Executive Directors included implementing the digital register, adopting quarterly reviews, enhancing risk reporting with inherent/residual scores and historical trends, strengthening member engagement, formalising escalation protocols, and providing training for Board members and service leads.

Fraud Update

This report summarised the fraud work carried out by the South West London Fraud Partnership (SWLFP) during 2025/26. The report highlighted that the fraud risk threat remains substantial, with an increase in individuals committing fraud due to need rather than greed. Nationally, insider fraud and identity fraud are rising, often facilitated by AI. The report detailed key findings from the National Anti-Fraud Network (NAFN) and identified the most investigated fraud types for Richmond Council, including Tenancy Fraud, Permit Fraud, Housing Applications, and Temporary Accommodation.

The report noted emerging areas of fraud risk, particularly in Temporary Accommodation (TA), due to rising costs. It emphasised a renewed focus on fraud prevention and the Council's commitment to working with Internal Audit to meet the challenge of the new corporate offence of 'Failure to Prevent Fraud' within the Economic Crime and Transparency Act. The indicative fraud plan for 2026/27 allocated increased resources for fraud prevention work.

The report provided a breakdown of the fraud resource allocation for 2025/26, detailing reactive and proactive work by fraud type. Key performance targets for 2026/27 were also outlined, including the number of properties brought back into control through fraud checks and the number of verification visits completed for temporary accommodation. The report detailed the summary of fraud referrals investigated and the value of fraud/overpayments and notional savings identified. It also discussed developments in fraud detection and prevention, including the Public Sector Fraud Authority (PSFA), data analytics, and the use of Artificial Intelligence (AI). The report also provided a summary of RIPA and Non-RIPA applications made and detailed the Council's compliance with the Local Government Transparency Code regarding fraud investigation activity.

Committee Work Programme

The committee was scheduled to consider its Work Programme, with provisional agenda items for future meetings in July 2026, October 2026, February 2027, and April 2027. These included reviews of the council's governance arrangements, external audit updates, internal audit reports, fraud updates, and standards updates.