Agenda and minutes

SAFETY INFORMATION – PLEASE NOTE:

1. There are no planned fire alarm tests or drills. If the alarm sounds, please exit

the room via the main entrance lobby at the front of the building.

2. Please then exit the building via the front ramp and assemble at the fire

assembly point, which is on the paved area between the side entrance of the

cathedral and the roundabout at the Deanery Road end of the building.

3. Please follow the instructions of the fire wardens and security staff on hand.

Please do not return to the building until instructed to do so by fire wardens.

The Chair welcomed all parties to the meeting.

To note any declarations of interest from councillors. They are asked to indicate

the relevant agenda item, the nature of the interest and in particular whether it

is a disclosable pecuniary interest.

Any declaration of interest made at the meeting which is not on the register of

interests should be notified to the Monitoring Officer for inclusion.

There were no Declarations of Interest.

The Committee approved the minutes of the previous meeting held on 25^th January 2018 as a correct record.

The Committee noted the Action Sheet from the previous meeting.

The following was noted:

·         The revised Code of Governance would form part of the constitution. An update would be provided on 22^nd May 2018

·         Officers indicated that they would pass on Councillors’ request to see the amended Code prior to it being submitted to Full Council and would clarify whether amendments can be submitted at or before Full Council to the Code of Governance by members Action: Nancy Rollason

·         In relation to complaints, members wanted to know any themes were emerging and requested a report from the Monitoring Officer. Action: Nancy Rollason

·         It was noted that Action 2 (BDO’s 2016/17 Grants Report – Housing Benefit Subsidy) had been completed

·         Bundred Report and Annual Governance Statement Tracker – the full document would be dispatched to all Audit Committee Members as soon as possible. Hard copies would not be placed in the public domain. Action: Jeremy Livitt

Up to 30 minutes is allowed for this item. Public forum items must be about

matters that fall within the remit of the Audit Committee.

Any member of the public or councillor may participate in public forum. Public

forum items should be emailed to democratic.services@bristol.gov.uk

Please note that the following deadlines will apply in relation to this meeting:

Questions - Written questions must be submitted by 5.00 pm on Friday 23 March 2018 at latest.

Petitions and statements - Petitions / written statements must be submitted by

12.00 noon on Wednesday 28 March 2018 at latest.

The Audit Committee received Public Forum questions from Alderman Brian Price, together with answers as follows:

Question 1 - Audit Committee – 29 March 2018

Dear BCC Audit Committee

In the light of Item 16 of your meeting of 21st Sept 2017: Underspent returned grants 2016-17.

Q1. What definite Returns/Claw Backs of Grants have been identified for 2017/18?

Q2. What potential Returns/Claw Backs of Grants have been identified for 2017/18?

Thanking you in anticipation of written answers.

Alderman Brian Price.

REPLY:

Q1. A: Only one grant has been identified as requiring a partial return in 2017/18.  This relates to a capital grant for work at Windmill City Farm Nursery.  Originally £740k was awarded by The Education & Skills Funding Agency (ESFA)  to build a new block on the site. However Windmill City Farm trustees rejected the offer as against the ethos of the nursery because the proposed build compromised too much of the existing outdoor play space.

An alternative scheme has now been developed around redeveloping an existing building on the site which will deliver some additional capacity. The new proposals have been agreed by trustees.  As this has led to an overall reduction in total project costs, £493k from the original grant allocation will be returned to the ESFA.

Q2 A: At this time no other potential returns of any further grants have been identified for 2017/18.

The Committee noted the Work Programme. The following points were made:

•          Officers agreed to arrange for a position update on the arrangements for grants for Looked After Children Action: Denise Murray

•          There had been some slippage this year with reports. In future, officers were urged to ensure that the work timetable was adhered to as closely as possible and if there were difficulties, to ensure the Committee was kept informed Action: Jonathan Idle/Chris Holme/Denise Murray

•          Ethical Standards Consultation – consultation was due to end on 18th May 2018. Since the next meeting of the Audit Committee was not scheduled until 24th May 2018, it was proposed that officers prepare a written response based on the consultation requesting observations and then send them off . If necessary, an Informal Meeting would take place Action: Nancy Rollason

·         Corporate Risk Update – This issue would be submitted to Cabinet in June 2018, following which it would be submitted to the subsequent Audit Committee in June 2018

The Committee discussed the Bundred report and Annual Governance Statement Tracker. The following comments were made:

·         B18: Officers advised that the new decision pathway had been recently introduced and had now been approved and published. Although it was noted that there was no specific reference to scrutiny, this formed part of the process. It had been signed off by the Mayor and the new strategic board. Any future issues concerning the pathway would be dealt with as required

·         Officers drew the Committee’s attention to the table setting out the details, together with recommendations. Some areas remained only 50% complete (ie Finance) which reflects the scale of the journey completed and what remained to be done. Future focus needed to concentrate on pier reviews and culture

·         At the end of the year, 77% of actions were still listed as amber. The Chief Internal Auditor stated that it was very disappointing that this remained the case as of March 2018. An Internal Audit report and Annual Governance Statement were required

·         Officers stated that target dates for completion were set out

·         Officers confirmed that the Corporate Risk Register was being refreshed with a new approach which would test and mitigate options

·         Officers stated that arrangements for accelerating the process were working. Audit Committee could ask for more a more detailed briefing if required

·         Members stated that in the past there had been greater style than substance in the preparation of information. This situation had improved recently Shorter notes were often preferable to a fuller report, with links being a useful tool to supplement information as required.. Officers pointed out that Bundred had criticised the lack of sufficient detail in information. As a result, information was provided either through a presentation or a detailed report

·         B39 and B40: Whilst most officers would readily provide information to Councillors if required, members stated that it was not always clear where members should go to obtain information. Members did not always know what they were entitled to see. Officers were required to remind all members about this. Action: Nancy Rollason to brief Councillors.

·         In addition, some existing generic e-mails were unhelpful and, in some cases, needed to be updated. Officers advised that they represented all Councillors in as open and transparent a way as possible unless a report was exempt. Action: Officers to check generic e-mail addresses and provide information for Councillors to assist them in reducing the amount of time that it can take for them to get information that they require as part of their casework – Denise Murray

·         Officers noted concerns from the Independent Members that there needed to be a proper indication where actions were not on track for delivery, in addition to an assessment of what the risks are and how to manage them. It was pointed out that those items which were identified as amber required further action. However, it was acknowledged that a narrative could also be provided Action: Denise Murray

·         There were 85 recommendations in the Bundred  ...  view the full minutes text for item 160.

Dave Eagelson and Gregory Vince (External Auditors) introduced this report. It was noted that Dave Eagleson would be taking over this area of work and had been working in audit since 1992.

They made the following points:

·         Page 58 set out the timetable of work. Some initial meetings had taken place with finance to ensure that the timetable could be met

·         Following an early valuation of assets on 1^st December 2017, work was still requited to ensure that these were still valid as of 31^st March 2018

·         The following areas of greater risk had been identified: (1) Group Accounts – PWC (2) Pensions – Grant Thornton

·         Anything above 2% of materiality level above actual gross expenditure in 2016/17 would be reported

·         Members’ attention was drawn to Page 63 setting out the Key Audit Risk and Page 64 setting out the property, plant and equipment, investment property valuations and pension liability assumptions

·         In response to members’ concerns that he National Non Domestic rate (NNDR) was not red, it was noted that this was the subject of a separate review

·         The External Auditors noted concerns that liabilities could be overvalued and the deficit was not sufficiently reduced, this could lead to future intervention by the Secretary of State. However, they pointed out that the ranges were fixed and were an issue for all Local Authorities. Therefore, issues such as longevity could not be commented on. However, local assumptions could be examined (ie pay increases). In addition, other issues such as the Brunel Pension Pool were outside the scope of their work

·         The External Auditors confirmed that collection funds would be a part of their review of their assessment of the Medium Term Financial Strategy

·         It was noted that it was still a challenging environment to ensure sustainable finances

·         Details of audit fees were set out

Resolved – that the report be noted.

The Interim Head of Internal Audit introduced this report and made the following points:

·         The draft plan was set out, including detailed plans and how resources would be allocated

·         Sample areas would be covered to enable an opinion to be formed on the Poll Control Framework

·         A desk top review would be carried out on the Risk Register and the Annual Budget

·         Since under current plans it was planned to deliver more days than were resourced, officers were assessing core and non-core areas of work 

·         Risk management and assurance mapping would be developed, previously unavailable due to lack of resource. This would assess a number of the highest risks, different types of assurances and whether they were effectively managed or if there were gaps

·         Pages 85 and 86 set out details of project management arrangements and performance indicators

She made the following responses to members’ questions:

·         Inputs would form part of the Governance Review

·         Item 12 set out those items in Bundred which had been brought into audit

·         Discussions were taking place with DLT, Section 151 Officer, the Statutory Policy Board and the Executive Member concerning this issue and of any relevant plans from the eternal auditor

·         Officers agreed to provide a comparison of the previous 2 years' Audit Plans to compare with the 2018/19 Audit Plan Action: Alison Mullis/Jonathan Idle

Resolved – that the report be noted.

The Interim Head of Internal Audit made the following points:

·         In accordance with best practice, an Annual Audit of whistle blowing arrangements had been prepared and was submitted to Audit Committee

·         Following concerns previously identified, a process for whistle blowing had been introduced in 2017. However, there was a need to publicise arrangements

·         The benchmarking indicated that there could be a low level of awareness or of confidence in the current procedures. Out of 9 cases which had been received, not all had been concluded at the time of audit and were still in the process of being investigated. It was acknowledged that better oversight was required

·         There was currently no mechanism in place to use lessons learned appropriately. Therefore, a system of quarterly case management was proposed.

·         Management had been very receptive to the recommendations proposed in the report. An update report would be submitted to Audit Committee in 2019 which would set out the results and progress in implementing the recommendations

Members expressed concern that this procedure was not sufficiently promoted across BCC and the lack of evaluation of the outcome.

Officers confirmed that Trade Unions had not been consulted directly – however, a staff survey had been produced to assess confidence in procedures but the response had been poor (17/18% of staff). It was noted that Trade Unions had been consulted as part of a refresh earlier in the year. Action: Alison Mullis/Jonathan Idle to obtain feedback from Trade Unions and report back

Resolved – that the report be noted.

The Interim Chief Internal Auditor introduced this report and made the following points:

·         A peer review had been sponsored in July 2017 and had been carried out by Sheffield City Council

·         The review had set out 349 standards of self-assessment

·         Sheffield had tested and validated BCC’s work and had identified a number of key areas for improvement (listed on Page 108 of the report)

·         The assessment was broadly satisfactory – against approximately 340 BCC standards, 84% had been confirmed in full, 13% had been partially confirmed

·         One of the key issues was the internal audit’s role in Risk Management – as the role has previously been too close to BCC, it had not been deemed possible for the review to be independent

·         The following themes had been identified – (1) Training and Appraisals (2) CATS (Computer Audit Techniques) and the need to extend data analytics training (3) Performance Targets for 2018/19 – these will be vigorously rolled out. It was noted that there was an absence of a training strategy. Therefore, training needs and funding requirements for this would be identified (4) Other processes – a sample of audits to track back to their source and provide evidence of working policies. Monitoring was required of Quality Assurance Procedures to improve the required documentation

In response to Members’ questions, he made the following points:

·         The following low level recommendations had been identified – (1) Best Practice – conflict of interest statements (2) A record of positive report formats (3) Action Plans. Most of these would be addressed by November 2018

·         Point 4.1.34 on Page 129 set out details of other assurances in place to ensure appropriate prioritisation and assurance mapping. The process was intended to ensure that the risk was more formally identified

·         Whilst responsibility for the budget remained with Full Council, the Audit Committee would be able to comment on resources to ensure delivery was balanced within the organisation – for example, through the Audit Plan

·         Based on the Audit Plan, there was a significant ad-hoc call on resources which required a close focus and reporting back if necessary

Resolved – that the report be noted.

The Interim Chief Internal Auditor introduced this report and made the following points:

·         Significant issues were outlined in the report including proactive fraud analysis to identify recoverable savings

·         Notional savings would rise to £4.2 Million

·         Details of completed audits were set out on Pages 152 to 168 of the report

·         Exception reports were set out, together with other summaries – where managers disagreed with the assessment, they had indicated this and took responsibility for the assessed risk

·         Contract waivers – 35% of waivers could have been avoided, with 10% retrospective requests

·         Contract registers – areas of good practice and improvements were set out

·         Reasonable Assurance Audit Opinion – nearly all recommendations had been fully implemented

·         Housing Voids – A good piece of work had been carried out reviewing compliance analysis and had identified the following (1) the level of voids was set at £373,000 (2) there had been inaccurate reporting to Councillors (3) no clear audit trail (4) there were undocumented and unreconciled manual adjustments (5) data had not been independently checked. Recommendations for improvement were set out

·         Details of cash receipting and contract monitoring were set out

·         Bank Reconciliation – despite reasonable assurances concerning this service, 12 recommendations had still been made

·         Clearing House Automated Payment System (CHAPS)  - recommendations had been made concerning this service and would be followed up

·         Accounts Payable – an action plan was required in this area

Members made the following points:

·         Where Management did not accept an assessment and took the risk, there was nevertheless a need for them to set out mitigation measures

In response to members’ questions, officers made the following points:

·         Loans Fund Journal – a monthly reconciliation process was carried out and loans were set up to reconcile. This was regarded by Finance Managers as a managed risk in the same way as any bank reconciliation. This process also operated in BANES and South Gloucestershire.

·         Members’ concern about 240 missing cheques was noted. It was explained that this was caused by human error. The processes had been reviewed to ensure they were robust enough o prevent it happening again

·         Page 148 – GDPR was currently set out as red. Since this was not a live project, it would be subject to a review which would advise how things had progressed since the original assessment was made. The Interim Chief Auditor commented that he had previously expressed concern at the inadequacy of preparations in this area in terms of the resource challenge, leadership and role of the data protection officer and whilst he had received adverse feedback, it was important to challenge this. In his view, the Audit section’s involvement in the GDPR process had accelerated the process

·         Foster Carers – this was a project based assessment which would be the subject of a review in May 2018 and was ongoing

Resolved – that the report be noted.

The Monitoring Officer introduced this report and made the following points:

·         There was a huge task for an organisation to ensure compliance within the required time period

·         As at present, 92% of returns had been received

·         The training module had been rolled out across the organisation

·         Weekly updates would be provided to ensure 100% compliance

·         A Privacy Impact Assessment would be carried out

·         Subject access requirements needed to be received within 30 days

·         It had been proposed that the process was centralised to ensure effective control

·         The Statutory Data Protection Officer would play a key role in ensuring behaviour changed and was embedded

·         5 super users would also be trained to support the process

·         It would be significantly tied up by this process and therefore proper alternation of work assist

·         A fair processing template would be developed for Councillors

·         Councillor Cheney was regularly briefed. A written update would be provided to Committee members by e-mail to provide a direction of travel in this area

Action: Shahzia Daya

            Resolved – that the report be noted.

It was noted that the next meeting was scheduled as the Annual Meeting for 2018/19 at 2pm on Thursday 24^th May 2018.