Agenda and minutes

Audit Committee - Thursday, 26th July, 2018 1.00 pm

Venue: Meeting room, City Hall

Contact: Ian Hird  0117 92 22384

Items
No. Item

191.

Apologies and safety information

SAFETY INFORMATION – PLEASE NOTE:

1. There are no planned fire alarm tests or drills. If the alarm sounds, please exit

the room via the main entrance lobby at the front of the building.

2. Please then exit the building via the front ramp and assemble at the fire

assembly point, which is on the paved area between the side entrance of the

cathedral and the roundabout at the Deanery Road end of the building.

3. Please follow the instructions of the fire wardens and security staff on hand.

Please do not return to the building until instructed to do so by fire wardens.

Minutes:

At the start of the meeting, it was noted that the Chair, Cllr Mead would unavoidably be arriving slightly late for this meeting (and had sent apologies to this effect). 

Cllr Stevens (as Vice-Chair) therefore took the chair and welcomed everyone to the meeting.  He also reminded those present of the safety information as detailed on the agenda.

 

Apologies were received from Simon Cookson (independent member), Cllr Pearce and Cllr Shah.

 

192.

Declarations of interest

To note any declarations of interest from councillors. They are asked to indicate

the relevant agenda item, the nature of the interest and in particular whether it

is a disclosable pecuniary interest.

 

Any declaration of interest made at the meeting which is not on the register of

interests should be notified to the Monitoring Officer for inclusion.

Minutes:

In relation to agenda item 9 (Internal Audit activity report):

* Cllr Radford advised that her husband was an employee of Bristol Port Company.

* Cllr Brain advised that he was a trustee of Hawkspring (drug and alcohol support services).

 

193.

Minutes of previous meetings - to be confirmed as a correct record pdf icon PDF 215 KB

a.      Minutes – Audit Committee – 29 March 2018

b.      Minutes – Extraordinary Audit Committee – 2 May 2018

c.       Minutes – Audit Committee – 31 May 2018

Additional documents:

Minutes:

a. Minutes - Audit Committee – 29 March 2018

RESOLVED:

That the minutes of the meeting of the Audit Committee held on 29 March 2018 be confirmed as a correct record.

 

b. Minutes - Extraordinary Audit Committee – 2 May 2018

RESOLVED:

That the minutes of the extraordinary meeting of the Audit Committee held on 2 May 2018 be confirmed as a correct record.

 

c. Minutes - Audit Committee – 31 May 2018

RESOLVED:

That the minutes of the meeting of the Audit Committee held on 31 May 2018 be confirmed as a correct record.

 

194.

Action sheet from previous meeting pdf icon PDF 73 KB

Minutes:

The action sheet (tracking actions agreed at the 31 May meeting of the committee) was noted.

 

195.

Public forum

Up to 30 minutes is allowed for this item. Public forum items must be about

matters that fall within the remit of the Audit Committee.

 

Any member of the public or councillor may participate in public forum. Public

forum items should be emailed to democratic.services@bristol.gov.uk

 

Please note that the following deadlines will apply in relation to this meeting:

 

Questions - Written questions must be submitted by 5.00 pm on Friday 20

July 2018 at latest.

 

Petitions and statements - Petitions / written statements must be submitted by

12.00 noon on Wednesday 25 July 2018 at latest.

Minutes:

None.

 

196.

Work programme pdf icon PDF 290 KB

Minutes:

The latest update of the work programme was noted.

 

197.

Final Statement of Accounts 2017-18 pdf icon PDF 345 KB

Minutes:

(Note: the details set out in this section of the minutes also affect item 8 - BDO ISA 260 report and item 10 – Annual Governance Statement 2017-18).

 

The External Auditor gave a verbal update on the progress of their audit of the Council’s 2017-18 accounts and related matters.  In terms of the overall position, the External Auditor advised that the audit was not yet completed as there were a number of outstanding queries and issues (identified from the audit process) to be resolved.  Given this, it was not going to be possible for the committee to receive the Final Statement of Accounts for approval at the Extraordinary meeting of the committee scheduled for 31 July.  The External Auditor’s ISA 260 report would also not be completed by 31 July. The issues currently outstanding in relation to the audit included:

a.      Heritage assets (increase in valuation for insurance purposes): Further work was taking place to review the adjustment and disclosures in the final set of accounts.

b.      Pension liability assumptions: Clarification was being sought in relation to mortality assumptions.

c.       Severance payment in respect of former Chief Executive: Clarification was being sought from BCC officers relating to the interpretation of the employment contract.

d.      Management override of controls: In addition to pension assumptions, there was outstanding work in relation to property, plant, equipment and investment properties.

e.      Risk of fraud in expenditure recognition: The External Auditor was awaiting documentation from the Council in relation to a number of items of expenditure to confirm that amounts had been recorded in the correct period.

f.        Non-domestic rates appeals provision: The value of the appeals provision had increased to over £20m.  Further information was awaited from the Council to confirm possible reclassification from the appeals provision to creditors.

 

In terms of context, it was also noted that the date for finalising the accounts had been brought forward 2 months compared to previous years.  There had also been a change during the past year in terms of the BDO staff allocated to the audit of the BCC accounts although the External Auditor confirmed that this change had not impacted on BDO’s capacity and ability to deliver the audit.

 

In discussion, the following points were raised/noted/clarified:

a.      The Chair and members were very concerned that the committee was not going to be in a position to approve the accounts by the 31 July deadline.

b.      Queries were raised as to whether the External Auditor had allocated sufficient resources to this audit.  In response, the External Auditor advised that the audit had been appropriately resourced from the outset.  Additional resource had also been allocated as issues for further investigation had been identified as the audit had progressed.

Cllr Mead arrived at the meeting at this point and took the Chair.

c.       In relation to the issue of the severance payment in respect of the former Chief Executive, the External Auditor confirmed that information was awaited in relation to BCC’s legal interpretation of the employment contract.

d.  ...  view the full minutes text for item 197.

198.

External Auditor ISA 260 report pdf icon PDF 346 KB

Minutes:

Item deferred.  See minute no. 7 above.

 

199.

Internal Audit activity report pdf icon PDF 373 KB

Additional documents:

Minutes:

The committee considered the latest Internal Audit activity report.

 

The Chair reminded the committee that in relation to the section of the report setting out summaries of completed audits, an exempt appendix had been prepared by officers in relation to some of these summaries.  At the appropriate point in the meeting, the committee would be asked to agree the required resolution to exclude the press and public from the meeting whilst those particular matters were discussed.

 

The Interim Chief Internal Auditor then presented the report, highlighting the following key messages:

a.      For quarter 1, planned work was below target as resources had been used predominantly to finalise assignments from the 2017-18 plan and certify grant claims.  Some progress had, however, been made on assignments in 2018-19 plans.

b.      The Annual Governance Statement had been drafted, consulted on and finalised and (as per the discussion earlier at this meeting) would be brought to the committee for final approval once the committee had approved the finalised 2017-18 accounts and received BDO’s ISA 260 report for 2017-18.

c.       Proactive counter-fraud work continued to identify a good level of recoverable savings and had resulted in a number of recovered council tenancies.

d.      The recommendation implementation rate was currently 84% implemented or partially implemented.

Main points then raised/noted/clarified in relation to the summaries of completed audits (reference numbers quoted below relate to those used in the report):

 

A - Corporate / Adults, Children and Education

 

A1 - Contract management:

7 Internal Audit recommendations for improvement had been agreed, including recommendations to address the following areas /findings:

* There was no corporate framework for managing contracts.

* There was no formal training or establishment of baseline competencies for contract managers.

* There was little evidence of contract risks being formally mapped in a standard and structured manner; also, the Corporate Risk Register and Directorate Risk Registers did not include risks associated with contract management.

A significant amount of improvement action was being taken in relation to contracts and procurement.  Further to the discussion at the 31 May meeting of the committee, a specific report on action being taken to improve the situation with regard to contract waivers would be submitted to the 20 September meeting of the committee.

 

A2 - Adult Care Provider Failure:

The outcomes of this review, as highlighted, were noted.  The Internal Audit recommendations had been agreed for implementation.

 

A3 - Adult Social Care (ASC) Commissioning:

The outcomes of this review, as highlighted, were noted.  The Internal Audit recommendations had been agreed for implementation.

 

A4 - Changes to Payment Terms:

The outcomes of this review, as highlighted, were noted.  The Internal Audit recommendations had been agreed for implementation.  New procurement regulations were in place as part of the constitutional changes approved at the 22 May Annual Council meeting.

 

A5 - Voluntary Sector Commissioning:

The outcomes of this review, as highlighted, were noted.  The Internal Audit recommendations had been agreed for implementation.

 

C - Corporate

 

C1 - Partnership Governance:

The outcomes of this review,  ...  view the full minutes text for item 199.

200.

Final Annual Governance Statement 2017-18 pdf icon PDF 124 KB

Additional documents:

Minutes:

Item deferred.  See minute no. 7 above.

 

201.

Corporate risk register & risk management report pdf icon PDF 372 KB

Additional documents:

Minutes:

The committee considered a report seeking their review and comment about progress made on the Council’s risk management arrangements and the Corporate Risk Report (CRR) (appendix A of the report), as a source of assurance that risk management arrangements are in place and developing.

 

The Interim Risk Manager presented the report, highlighting the following:

a.      The CRR was a key tool in managing the authority’s risk, providing an overview of the significant risks faced by the Council and how they are being managed.

b.      As work continued to progress and strengthen the Council’s strategic planning, resource management and resilience processes, the identification, management and communication of risk in relation to the achievement of the Council’s strategic priorities and objectives would also continue to embed.

c.       The risk management policy would be reviewed annually and outputs from the CRR would contribute to the annual Audit Plan.

d.      There was a particular focus currently on increasing the level of engagement and ownership by service managers in relation to risk management, and to embed best practice and principles across the organisation.

e.      No critical risks were identified currently in the CRR; there were 12 high rated risks, 5 medium rated risks, and 1 high and 1 medium event risks.

Main points raised/clarified/noted in discussion:

a.      It was confirmed that there was currently a high emphasis on engagement with key managers and staff in promoting learning and development around effective risk awareness and management.  A series of workshops were being held currently.  Training could also be offered to members.

b.      The format of the CRR as presented was generally welcomed.  It was noted that the “arrow” symbol shown in the performance column was intended to provide a “quick” visual indication of the direction of travel in terms of the management /mitigation of each identified risk.

c.       The CRR was designed to highlight the organisation’s significant and highly rated risks.  All other risks were included in directorate risk registers and monitored accordingly.

d.      In terms of wider partnership governance, it was noted that further work was likely to be needed to align certain risks in the Council’s risk registers with those of partners, e.g. in relation to the risks around student suicides and those affecting vulnerable people.

e.      Scrutiny commissions would be actively reviewing directorate risk registers.

 

Noting and taking the above into account, it was:

 

RESOLVED –

That the progress made on the Council’s risk management arrangements and the Corporate Risk Report (appendix A of the report) be noted as a source of assurance that risk management arrangements are in place and developing.

 

202.

Updated Audit Committee terms of reference and establishment of Values & Ethics Sub-Committee pdf icon PDF 208 KB

Additional documents:

Minutes:

The committee considered a report of the Interim Director - Legal and Democratic Services.

 

In discussion, it was noted that the proposed membership of the sub-committee was 4 councillors (one from each political group represented on the committee) plus an independent member who would chair the committee.  It was noted that in circumstances where the sub-committee was investigating an alleged breach of the member code of conduct by a councillor, the relevant political group representative (i.e. of the political group that the councillor under investigation belonged to) would not participate in the sub-committee investigation of the breach.

 

Noting and taking the above into account, it was:

 

RESOLVED –

1.      That the updated terms of reference of the committee, as approved by the Full Council on 17 July be noted.

 

2.      That a Values and Ethics Sub-Committee be established, as per the terms of reference set out in Appendix A.  In relation to the membership for 2018-19, it was noted this would comprise 4 councillors: 1 Labour (Cllr Mead), 1 Conservative (Cllr Radford), 1 Green (Cllr Stevens) and 1 Liberal Democrat (Cllr Negus). The sub-committee would be chaired by 1 of the 2 independent members of the Audit Committee.

 

3.      That arrangements be made for an inaugural meeting of the sub-committee.

 

203.

Audit Committee Programmes relating to the Bristol City Council wholly owned companies pdf icon PDF 407 KB

Minutes:

The committee considered a report of the Shareholder Liaison Director.

 

The Shareholder Liaison Director presented the report, highlighting the following:

a.      The role of the company’s own audit committees in identifying the risks faced by the companies and thus the appropriate audit programme.  Specifically, each of the company audit committees would:

* Develop and approve an annual audit plan.

* Initiate audits.

* Consider audit outcomes and the need for additional work.

* Review external audits and meet with the auditors to discuss any issues raised.

* Report to their respective Company Board

b.      The role of the Shareholder Group in ensuring that the programmes of activity identified by the company’s audit committee are delivered in a timely manner.

Main points raised/clarified/noted in discussion:

a.      It was clarified that the role of the BCC Audit Committee in relation to the company audit processes would be:

* To review the consolidated annual audit plans for the companies.

* To consider sampling the company audit reports (in detail or in summary) to the company audit committees.

* By exception, to initiate audits to investigate areas of concern or issues that may arise due to the nature of the interface between the Council and the companies.

* By exception / rotation, to request meeting with representatives of a company’s audit committee as part of the annual review of effectiveness.

b.      In terms of the company audit committee membership, this comprised a Non-Executive Director as Chair plus another company director, and a councillor. The company managing director, finance director and operations director would attend as required by the committee.

c.       It was suggested that it may be appropriate for the relevant councillor appointed to the company audit committees to attend the BCC Audit Committee periodically, e.g. when the BCC Audit Committee received the consolidated company audit plans.  Essentially, the BCC Audit Committee needed to seek assurance that the companies were managing their risks effectively.

d.      It was suggested that at the point when the Overview and Scrutiny Management (OSM) Board receives an update on the recent review of the governance of the companies, it would be appropriate for a member of the BCC Audit Committee to be invited to attend the OSM Board for that item.

Noting and taking the above into account, it was

 

RESOLVED –

That as part of the Audit Committee annual work programme, the committee should consider the following items in overseeing the Company’s audit programmes:

1.      Annual accounts (within the context of the overall Council audit).

 

2.      Annual Governance Statement.

 

3.      A consolidated version of the Company’s Annual Audit Programme (prepared by each of the company’s audit committees).

 

4.      A 6 month update on progress with the Annual Audit Programme.

 

204.

GDPR update pdf icon PDF 204 KB

Minutes:

The committee considered a report of the Interim Director – Legal and Democratic Services.

 

Main points raised/clarified/noted in discussion:

a.      A good rate of progress had been achieved over the last few months.  The project deliverables (in relation to the project established to deliver the essential elements of compliance with GDPR) had been achieved by 25 May (the date that GDPR came into effect).  As a consequence of the action taken, the GDPR risk rating for the organisation had been reduced to “medium” from “high”.  Members generally  welcomed the progress achieved.

b.      A significant amount of work had taken place to raise organisational awareness about GDPR, including training for officers and members.

c.       Further work was planned to embed GDPR into the organisation to ensure ongoing compliance.  This included ensuring training for staff joining the organisation, refresher training for all employees and ensuring that ICT systems met GDPR requirements.

RESOLVED:

That the steps taken to implement the General Data Protection Regulations be noted.

 

205.

Exempt Appendix (A2) to Item 9.1

Minutes:

See item 9 above.