Meeting documents

To approve as correct records the Minute of the meeting held on 25 January 2016, attached as an appendix.

RESOLVED –

That the minutes of the meeting held on 25 January 2016 be approved as a correct record.

To consider the report attached as Appendix B.

Contact Officer:  Kate Mulhearn (01296) 585724

The Committee received a report and External Audit Plan which summarised the proposed approach and scope of work to be undertaken by the external auditors for 2016 in accordance with statutory requirements and to ensure it was aligned with the Committee’s expectations.

The Audit Plan had been prepared having regard to several key inputs including:-

·                    Strategic, operational and financial risks relevant to the financial statements.

·                    Developments in financial reporting and auditing standards.

·                    The quality of systems and processes.

·                    Changes in the business and regulatory environment.

·                    Management’s views on all the above mentioned issues.

The auditors had assessed the key risks which would drive the development of an effective audit and the planned audit strategy in response to those risks and had identified three significant risks to the opinion of the financial statements.  These were the risk of fraud in revenue recognition, the risk of management override and the complexities in accounting for property, plant and equipment, the cyclical approach to valuations, and the material values involved.

There were also other financial statement risks that would be looked at, namely:-

·                    New General Ledger System – the Council had changed its general ledger system from 1 June 2015.

·                    Group Accounts – while the Council had been preparing group accounts for a few years in respect of Aylesbury Vale Estates LLP, three new companies (AVB Broadband, Novae Consulting and Vale Commerce Ltd) had been established in 2015.

·                    Pension Liability – the pension liability was considered a significant estimate in relation to its size.  In 2014/15, the liability stood at £90.3m.

·                    Provision for Business Rates Appeals – although the Council had developed an appropriate methodology for calculating a provision in 2013/14, it was intended to reassess the methodology to ensure that the assumptions remained appropriate.

The audit work would also focus on whether there were proper arrangements in place for securing financial resilience at the Council, and to secure economy, efficiency and effectiveness in the use of resources by the Council.  In particular, the auditors would be looking at the Council’s finances and Medium Term Financial Plan for future years to ensure that appropriate means had been identified to account for the projected budget gap to 2018/19 of £5.6m.

An update on the results of the audit work in these areas would be reported back to the Committee in September 2016.

The indicative fee scale for the audit work was £56,785, although it was possible that this fee could increase in due course if additional testing or work was required in addition to that already identified within the Audit Plan.  In addition, the estimated fee for the certification of the housing benefits subsidy claim and return was £11,286.

For the purposes of determining whether the financial statements were free from material error (i.e. the magnitude of an omission or mis-statement that, individually or in aggregate, could reasonably be expected to influence the users of the financial statements), the external auditors had determined that overall materiality for the financial statements was £2.12 million based  ...  view the full minutes text for item 2.

To consider the report attached as Appendix C.

Contact Officer:  Tamsin Ireland (01296) 585004

The Committee received a report updating Members on Risk Management and the results of the Service Risk Assurance for 2015/16.  The risk management arrangements were a key part of the overall internal control arrangements of the Council and formed part of the Annual Governance Statement.

The Council was currently undergoing significant organisational change. The introduction of the new CIPFA Governance Framework in April 2016 and the ongoing Commercial AVDC Programme had also necessitated a review of the risk management arrangements.

The starting point for this had been a review of the Council’s risk management strategy in late summer 2015, and a revised risk management strategy had then been submitted to the Audit Committee in September 2015. 

The Strategic Risk Register had last been reviewed in September 2015.  A high level review in January 2016 identified that a number of the risks were no longer relevant, or had changed.  Workshops were planned with sector leads to identify the strategic and corporate risks and sources of assurance over those risks.  This information would be used to update the Risk Register.  Procedures for ongoing risk management and reporting would then be established.

The Service Risk Assurance process had been undertaken with 20 Services/teams but due to a number of organisations it had not been possible to make a direct comparison with last year.  However, as had been the case since a new service risk assurance checking system had been introduced in 2014, the process looked to address identified gaps in assurance for specialist areas such as Health and Safety, IT security, financial control and safeguarding.

The biggest risks identified by services were Information Security, Health and Safety and Business Continuity.  The Committee discussed the graphs provided which showed a summary of the Risk Rating for all services/teams.  Members requested further information and were informed:-

(i)         that a further report on risk management would be submitted to the July meeting, with information evidencing that the Council was ensuring that risk management was being embedded in processes being implemented to advance the Council’s commercial ambitions.

(ii)        that the consolidated results information on page 52 of the Committee report regarding the biggest risks posed by Information Security and Health and Safety would help to set the programme of internal audit work put together.

(iii)       that safeguarding was taken very seriously by the Council across all service areas.  However, there were some services areas that had greater exposure to young people / adults who might be vulnerable, and these areas had identified safeguarding as a higher risk for their day-to-day work activities.

(iv)       that AVDC did engage in some joint safeguarding work with other authorities and partners, including sitting on Bucks Safeguarding Boards.

RESOLVED –

That the results of the Service Risk Assurance for 2015/16 be noted.

To consider the report attached as Appendix D.

Contact Officer:  Andy Barton (01296) 585430

As the approaches of the Commercial AVDC programme and particularly the formation and ownership of companies had the potential to become more common place, there was a need to ensure that good governance was in place so that the actions of AVDC and those companies were clear, transparent and in line with the overall aims of AVDC.

The Committee received the ‘Guide to Creation and Working with Companies in which AVDC has a Financial Interest’, that was included as an appendix to the Committee report and which set out how the relationships between any company that AVDC had a financial interest in and the council should be conducted.  It also covered in broad terms the way in which new companies should be developed.

The governance of any company owned or invested in by AVDC was important as there was a need to :

·                     ensure that it was clear for the staff, public, Members and the company staff who was responsible for what, when and why.

·                     ensure that AVDC and the company was clear on its roles and responsibilities.

·                     ensure that nothing was developed that conflicted with AVDC, or placed AVDC in an unlawful positon.

·                     ensure that any and all legal or contractual issues were complied with.

·                     ensure that the company was operating ethically and transparency was in line with the councils legal responsibilities.

The aim of any company owned or part owned by AVDC was to produce overall benefits for the residents and businesses of the Vale.  The overarching aim should be at the heart of all decision making, and the guide sought to assist in developing these approaches.  It was recognised that companies created preceding the publication of the guide may not be fully compliant, or those who were not 100% owned by AVDC, however where possible these should be transitioned over the medium term to align with the guide where practical.

Members requested further information and were informed:-

(i)         that the companies were legal entities in their own right, so AVDC could not totally control their activities, as long as they were acting in accordance with their agreed Business Plans.  They would also be bound by their Articles of Association that were quite constricted.

(ii)        an explanation was provided on how Freedom of Information legislation would impact on the companies.  Companies would be expected to work with AVDC on responding to data requests.

(iii)       that quarterly monitoring reports on the companies would be made to shareholders.

Members considered the guide and while they did not suggest any changes to it they also commented:-

·                    that it was important that sufficient resource(s) were made available to deliver the companies’ aims and ensure good governance.

·                    that it was important for the Directors and Officers of the companies to have the right skill(s) sets to enable them to fulfil their roles, and to report/monitor the activities of the companies.  This could be supplemented by periodic scrutiny by Members.

·                    that it would be important for the companies to have Business Plans  ...  view the full minutes text for item 4.

To consider the report attached as Appendix E.

Contact Officer: Kate Mulhearn (01296) 585724

The Committee received a report updating Members on the progress made in developing the Annual Governance Statement (AGS) for 2015/16.  A copy of the current draft AGS was included at Appendix 1 to the Committee report and was in a format similar to AGS presented to Members for the last few years.  However, the introduction of the new CIPFA Good Governance Framework in April 2016 would require changes to the Annual Governance Statement for 2016/17.

The preparation and publication of the AGS was a statutory requirement of the Accounts and Audit Regulations 2011, with the Council required to review at least annually the effectiveness of its system of internal control and to prepare a statement on internal control in accordance with proper practices.

Part of the assurance gathering process used in putting together the draft AGS included a key assurance gathering process with Service Managers and Heads of Service, which had been introduced at the end of 2013/14 to replace the previous "Internal Control Assessment".  Some minor improvements had been made to the process following a feedback session with some key staff.

This year, the assessment had been undertaken slightly earlier in January to avoid clashing with the office move at the end of January 2016.  The results would be incorporated into the statement.  An updated and more complete version of the AGS would then be reported to the Audit Committee’s next meeting in July 2016.

Following some consideration of this early draft of the Annual Governance Statement, it was

RESOLVED –

That the current position regarding the preparation of the Annual Governance Statement 2015/16 be noted.

To consider the report attached as Appendix F.

Contact officer:  Kate Mulhearn (01296) 585724

The Committee received a report with details of the Internal Audit Risk Assessment and Plan for 2016-17.  The methodology applied in developing the Internal Audit Strategy and Plan had been updated for 2016-17.  A full assessment of the "Audit Universe" had been performed with each auditable unit being risk assessed at a high level to determine the priority for internal audit, represented by the frequency of audit review.

As part of the Commercial AVDC Transformation Programme a number of "Business Reviews" were being undertaken across the Council.  Where these have been defined, they had been identified in the risk assessment as Commercial AVDC reviews and projects could provide additional assurance.  Internal Audit would review the scope of these projects and the outcomes and update the risk assessment accordingly.

Should further internal audit work be required as a result of emerging risks highlighted during the Commercial AVDC Business Reviews, the annual plan would be updated to accommodate this work.

The work plan had been discussed with Directors and Sector Leads to obtain their views and took into account any areas they had specifically identified as areas to review.  The core financial systems areas and housing benefits and collection fund remained on the list each year but the scope of the reviews would be tailored to look at different areas of risk each year as well as the core key controls.

The Internal Audit Plan would be reviewed on a quarterly basis to allow for flexibility to pick up new areas of risk or organisational change. This would be reported to the committee as part of the progress report.

Members sought further information and were informed:-

(i)         that all Council areas would be considered for audit at least every 3 years, or at the frequency intervals detailed in the Plans’ Risk Assessment.

(ii)        that the majority of the plan would be delivered by the in-house Internal Audit Officer.  Business Assurance Services currently had budget for 2 FTE vacant positions and where necessary, some of that money would be used to buy in specialist input to individual audit reviews.

(iii)       that this was the first year that the Internal Audit Plan had been assessed against auditable units.  This would be re-assessed each year and it was possible that the frequency with which some services were then subject to audit would change.

RESOLVED –

That the Internal Audit Strategy and Plan for 2016-17 (Appendix 1 to the Committee report) be approved.

To consider the report attached as Appendix G.

Contact Officer:  Kate Mulhearn (01296) 585724

The Committee received a progress report against the 2015/16 Business Assurance Plan.  The report also contained confidential information on the financial systems and controls review and Members referred to these as part of their deliberations.

The following Business Assurance work and matters were highlighted:-

(i)         Assurance reviews completed since the last progress report:

Accounts Payable and Accounts Receivable – the review had been given a Limited Assurance rating, details of which were attached at Appendix 3 to the Committee report.

Payroll – the review had been given a Reasonable Assurance rating and had raised two medium priority recommendations regarding the need to perform a monthly reconciliation between the payroll costs in iTrent and the general ledger, and to formally adopt a Corporate ‘Pay Rate Structure’ for casual workers and to review this annually.

(ii)        Assurance Plan Work in Progress – the following work from the 2015/2016 plan had started:-

Council Tax and Business Rates collections – the audit work was complete and a draft report was being prepared.

General Ledger and Budgetary Control – the review had been scoped and the terms of reference issued.  The fieldwork and a draft report would be completed by the end of March 2016.

Housing Benefits – the review had been scoped and the terms of reference issued.  The fieldwork and a draft report would be completed by the end of March 2016.

Data Protection (Home working and use of personal devices) – work on this assurance review would commence on 14 March 2016

(iii)       Revised Assurance Plan 2015/16 – a revised plan had been approved by Members in January 2016.  The plan had been further reviewed and updated for the remainder of the year and these changes were reflected at Appendix 2, which also detailed work completed, outstanding and the changes.

(iv)       Overdue Audit Recommendations and follow up work

Section 106 (Developer Contributions) – this review had incorporated a ‘health check’ against the new regulations that impact on Section Agreements.  The review had been completed and had highlighted the need for the Council to reflect the Community Infrastructure Levy (CIL) Regulations in the way Section 106 agreements were drafted.

Taxi Licensing – an assurance review had been undertaken to check the controls around vetting and issuing licences to drive private hire and hackney carriages.  There had been one recommendation which the Department was currently actioning regarding a procedure for data retention that covered not just taxi licensing but all other documents that may contain personal, sensitive information within the Environmental Health and Licensing Department.

The Chairman informed Members that he had met with the Business Assurance Services Manager (interim) and the Director with responsibility for finance to discuss the confidential information on the financial systems and controls review, and the actions being taken to update and improve some key monitoring controls.  He was satisfied that actions to improve the controls were being taken, and had asked that a further report be made on the matter to the Audit Committee in due  ...  view the full minutes text for item 7.

To consider the work programme attached as Appendix H.

Contact Officer:  Kate Mulhearn (01296) 585724

The Committee considered the future Work Programme for 2016 which took account of comments and requests made at Audit previous Committee meetings and the requirements of the internal and external audit processes.  It was noted that a report on the Audit Committee Review of Effectiveness would be submitted to the next meeting on 25 July 2016.

RESOLVED –

That the future Work Programme as discussed at the meeting be approved.

Future meetings are planned as follows:-

·                    6.30pm on 25 July 2016

·                    6.30pm on 26 September 2016

·                    6.30pm on 14 November 2016

The next meeting of the Audit Committee would be held at 6.30 pm on 25 July 2016, in the Olympic Room at The Gateway, Gatehouse Road, Aylesbury.