Agenda and minutes

Venue: The Oculus, Buckinghamshire Council, Gatehouse Road, Aylesbury HP19 8FF. View directions

Contact: Charlie Griffin - Email: 


Webcast: View the webcast

No. Item


Appointment of Vice-Chairman

Additional documents:




It was confirmed that Councillor Lesley Clarke OBE be appointed Vice-Chairman for the municipal year.


Minutes pdf icon PDF 549 KB

To approve as a correct record the minutes of the meetings held on 24 March 2021 and 26 May 2021.

Additional documents:




The minutes of the meeting 24 March 2021 and 26 May 2021 were agreed by committee and signed by the chairman as correct record.


Declarations of interest

Members to declare any interests.

Additional documents:




External Audit Update

Additional documents:


This item was taken next on the agenda. Iain Murray, key audit partner for the council from Grant Thornton, was in attendance to present a verbal external audit update. This included a brief overview of how external audit works, as well as an update on the timeline for this work to take place.


The following key points were highlighted:

·       The role of the external auditor includes issuing an opinion on the council’s financial statements, and giving a view as to whether they reflect a fair and accurate truth of the council’s finances. This is published in the auditor’s annual report.

·       Members were advised that timelines for audit of this financial year had changed owing to pressures on the external auditors, and a new deliverable timeline would be drawn up in due course. It was noted that work on the Pension Fund would still be brought to the September meeting of the committee.

·       The Statement of Accounts briefing scheduled for September would be rearranged to align with the new timeline for external audit.

·       Local authorities were expected to submit their accounts to government by 30 September each financial year, although this was not a statutory deadline.

·       Public Sector Audit Appointments (PSAA) reported that 50% of local authorities did not meet the deadline last year due to the covid-19 pandemic.

·       It was hoped that this year’s audit work would be completed towards the end of this year (for the November meeting), and that planning for the 2021 - 2022 audit work would begin January 2022 to ensure work was on track going forward. Members would be informed if any issues arose.

·       It was also hoped that future audits would be smoother going forward as the council will be embedded.




That the update be noted.


Note 1: Councillor N Thomas arrived at 10.39.


Action log pdf icon PDF 358 KB

Additional documents:


Richard Ambrose, Section 151 Officer for Buckinghamshire Council, updated the committee on the general financial situation before members considered the action log. Members were advised that all legacy financial accounts were now signed off and published, although an issue remained in relation to fees. It was noted that a discussion around fees took place with legacy district councils audit partner, Ernst  & Young (EY) at the March meeting of the Audit and Governance Committee. The action arising from the discussions was for Mr Ambrose not to agree the fees at the time but to undertake further discussions with the PSAA on the fees. It was noted that those fees were still not finalised and the council was awaiting further communications from the PSAA on those fees. Action (Richard Ambrose): to follow up with PSAA on 2019/20 district audit fees and report the outcome of discussions to the Audit and Governance Committee at their meeting 28 July 2021.


In response to a question, it was noted that the PSAA are the body that procure external audit services on behalf of the majority of local authorities (99%), and if requirements on external auditors change, then there would be an audit adjustment which would be agreed by the auditing body and the person carrying out the audit.


An update on progress against planned actions on the council action plan would be given to members at the July meeting of the committee. Charlie Griffin to update action log (action).




That the action log be noted.


Whistleblowing Policy pdf icon PDF 714 KB

Additional documents:


Members received the draft Whistleblowing Policy for consideration. The Section 151 Officer advised members that this policy, as well as the Anti-Fraud and Corruption and Anti-Money Laundering Policies, are part of the governance framework designed to protect the public purse. The Whistleblowing Policy detailed a safe way of raising concerns in the public interest. The policy had been reviewed and minor updates made such as to reflect changes in job titles, contact details and links to other documents/ websites.


A further minor update was raised relating to the Business Assurance Team in section 4 of the policy; the wording to be amended to an alternative route for a concern to be raised against the Business Assurance Team – as the team usually received all concerns.


A question was raised as to how the council could measure the effectiveness of the policies, as well as how often the policies were communicated to staff. It was noted that the September Annual Audit Report of the Head of Business Assurance assessed the effectiveness of the policies and a summary of cases would be considered by members of the committee at that time. It was also noted that the policies were communicated to staff on a regular basis through internal communications and were also displayed on the intranet. Anti-Fraud and other training sessions were also run by the Business Assurance Team.


A question was asked as to what the role of the external auditor was in the appeals process, and it was noted that the external auditor would carry out an independent review of the case. This usually occurred when the whistle-blower was not satisfied with the action taken by the council. A point was raised on the difference between malicious allegations and allegations. Members were advised that on occasion malicious allegations were raised that were not malicious but were made in good faith, and that malicious allegations tended to be repetitive.


It was noted that staff were consultation on the policy during the unitarisation process, but not on this particular update to the policy as only minor amendments to the policy has been made.




That the Whistleblowing Policy be approved.


Anti-Fraud and Corruption Policy pdf icon PDF 592 KB

Additional documents:


Members received the draft Anti-Fraud and Corruption Policy for consideration, which included the fraud response plan. Again, the policy has been reviewed and minor updates made such as to reflect changes in job titles, contact details and links to other documents/ websites. Specific responsibilities had been set out in section 6 of the policy.


The wording at paragraph 7.8 was to be amended to say that the work plan is to be agreed and monitored by the Audit and Governance Committee and Section 151 Officer.




To approve the Anti-Fraud and Corruption Policy.


Anti-Money Laundering Policy pdf icon PDF 688 KB

Additional documents:


Members received the Anti-Money Laundering Policy for consideration and approval. The policy has been updated to reflect the changes in the government’s Money Laundering Regulations, as well as other minor updates reflect changes in job titles, contact details and links to other documents/ websites.


A suggested amendment was made to paragraph 6.4 to reflect the UK’s move to follow the Financial Action Task Force (FATF) blacklist as opposed to the European Commission’s list of high-risk jurisdictions.




To approve the Anti-Money Laundering Policy.


Business Assurance Strategy (including Internal Audit Plan) 2021/ 2022 pdf icon PDF 593 KB

Additional documents:


Members received the draft 2020/ 21 Business Assurance Strategy and proposed Internal Audit Plan. The 2021/ 22 Internal Audit Plan was at appendix 2 to the report. It was noted that the plan was reviewed on a quarterly basis.


It was noted that a significant proportion of the Internal Audit plan contains audit activity which was deferred during 2020/ 21 due to the covid-19 pandemic, as the team had been heavily involved in covid-19 grant assurance activities. Members were advised that the team were now in a position to start delivering to plan as set out in appendix 2.


In response to a question, it was noted that the key risks that the audit activity would aim to address would be considered by the Risk Management Group. Members were concerned as to whether there would be sufficient rigour over audit actions, and were advised that reports containing outstanding audit actions were regularly considered by management teams and directorate boards, and that the culture of the organisation was that audit actions were taken seriously.


Members were informed that the key performance indicators (KPIs) targets at appendix 1 were assessed for each area of activity, and set according to what the team were trying to deliver.




To approve the 2020/21 Business Assurance Strategy and Internal Audit Plan.





Risk Management Strategy 2021/ 2022 pdf icon PDF 588 KB

Additional documents:


Members considered the draft 2021/ 22 Risk Management Strategy which had been updated following the first year of Buckinghamshire Council. The strategy provided a framework to enable a robust and efficient risk management process to be embedded across the council, and was reviewed on an annual basis. The following key points were highlighted:


·             The Risk Management Group (RMG) was a key function to delivering the strategy and would oversee and challenge the council’s risk management framework. The RMG would report regular updates to the Audit and Governance Committee meetings.


·             The system used for risk management enabled the team to set automatic triggers for Audit Service Leads to review risks.


·             The team were supported by a network of Risk Champions within each directorate, who regularly report into the Corporate Risk Manager. This was a well-embedded network that operates effectively.


·             A risk could be reviewed more frequently depending on the nature of the risk.


·             Corporate Management Team (CMT) saw the risk profile every 6 weeks but were reviewing risks at all times.


·             CMT owned the Strategic Risk Register.


·             Strategic risks were high level risks. Escalated risks were held within service directorates and were visible risks.


·             Some Risk Champions had risks were cross-cutting e.g., health and safety, or recruitment. Work to ensure these risks were consistent across directorates was ongoing.


·             Last year, the RMG looked at consistency of risk scores; this piece of work was ongoing for the team.


·             Risk management and fraud awareness training sessions took place with members and staff, but these sessions were not mandatory training.


·             A question was asked as to how the council reprioritised actions when urgent matters arose, and it was noted that depending on the nature of the risk determined the timing for review. Some risks were constantly reviewed e.g., cyber risks. The council received external support specifically for IT risks.



To approve the Risk Management Strategy.



Appointments to the Risk Management Group

Additional documents:




That, in addition to the Chairman of the Audit and Governance Committee, the following members be appointed to the Risk Management Group for the ensuing year:


·             David Anthony

·             Robert Carington

·             Lesley Clarke OBE

·             Anders Christensen

·             Simon Rouse


Internal Audit Charter pdf icon PDF 589 KB

Additional documents:


Members considered the Internal Audit Charter. The purpose of the charter was to formally define the internal audit activity’s purpose, authority and responsibility.




That the Internal Audit Charter be approved.


Work programme pdf icon PDF 184 KB

Additional documents:


It was noted that a Business Assurance Update would be given to members at each meeting.




That the work programme be noted.