Agenda and draft minutes

There had been circulated copies of the Minute of the Meeting held on 25 September 2023.  With reference to paragraph 2.5, Mr Whalley advised that the point he was trying to make was there was an apparent governance failure.

DECISION

AGREED to approve the Minute for signature by the chair subject to the addition of the following: “Mr Whalley advised the Committee that there appeared to be an apparent governance failure.”

Consider update on Audit Committee actions.  (Copy attached.)

2.1       There had been circulated copies of the Audit Committee Action Tracker and the Chief Officer Audit and Risk summarised for Members.

2.2       In response to questions from Members, the Chief Officer Audit and Risk advised that the Committee that a paper on implementation of Internal Audit recommendations was included in the agenda which indicated that a second piece of Internal Work as part of the approved Plan would look in depth at completed Internal Audit recommendations.  As part of the process a check would be made on evidence of what had been achieved on improvement actions and the evaluation of the effects that it had made on business continuity management systems.

DECISION

NOTED the Action Tracker.

Consider presentation on corporate risks by Director People, Performance and Change.

3.1       The Chair introduced the Director People, Performance and Change to give a presentation on corporate risks in the People Performance and Change service and summarised the various responsibilities of the directorate.  Performance indicators were agreed to report to the Executive Committee.  A performance dashboard on risks was published to the SBC website to aid transparency.  With regard to staff recruitment and retention, a number of critical areas including recruitment within care and HGV drivers faced challenges also seen nationwide.  Mitigating work took place with Eildon Housing to provide social housing for a number of key workers.  Within Human Resources, there may be an adverse effect on maintaining staff morale and delivery if employee cases were not dealt with promptly.  Since May 2023, cases have steadily increased which affected service capacity which meant that the risk maintained at a heightened level.  Payroll processing faced a risk associated with experienced staff soon leaving the service.  Access to training was dependent on the stability of the IT network.  Staff behaviour associated reputational risk to Scottish Borders Council.  The Director People, Performance and Change advised that SBC was in the process of transitioning the Fit for 2024 transformation programme to a ‘business as usual’ model that would work alongside the target operating model.  A report would be presented to Scottish Borders Council outlining the next steps in 2024.

3.2       The Chair thanked the Director People, Performance and Change for the presentation and noted the importance of recruitment and retention as one of the largest employers in the Scottish Borders.  In response to Members questions, the Director People, Performance and Change advised that a key success to retaining staff in SBC included flexible working where people valued their home-work balance which also helped to bring younger people into the workforce.  A cascade system was in place so that the wider service were aware of risks and how they impacted on each team.  With regards to recruitment to the region, promotion in recruitment included promotion of the region and its selling points which included schools and lifestyle.  There was a significant demand for HGV drivers and the payrate was sometimes not competitive with other organisations.  SBC trained existing staff such as loaders in refuse work to obtain their HGV licence, however this was not a quick process.

DECISION

NOTED the report.

Consider Report by Director Finance and Procurement.  (Copy attached.)

4.1       There had been circulated copies of a report by Director Finance and Procurement which presented the mid-year report of treasury management activities for 2023-24, in line with the requirements of the CIPFA Code of Practice, including Prudential and Treasury Management Indicators, and sought comments from Audit Committee prior to consideration of the report by Council.  The report was required as part of the Council’s treasury management control regime.  It provided a mid-year report on the Council’s treasury activity during the six-month period to 30 September 2023 and demonstrated that Treasury activity in the first six months of 2023-24 had been undertaken in full compliance with the approved Treasury Strategy and Policy for the year.  Appendix 1 of the report contained an analysis of the performance against the targets set in relation to Prudential and Treasury Management Indicators, and proposed revised estimates of these indicators in light of the 2022-23 out-turn and experience in 2023-24 to date for Council approval.

4.2       The Chair noted that the presentation by Link on capital strategy and treasury management in November 2023 was beneficial to have received in time for the Mid-Year Treasury Management report.  With regards to not undertaking debt rescheduling, the Director Finance and Procurement advised that this had been based on advice from Link due to higher interest rates not being conducive to undertaking voluntary debt rescheduling.  SBC had an ambitious capital programme that may lead to peaks in loan charges which would put pressure on the 5-year revenue plan.  As part of long-term planning strategy, underspend in loan charges was used to create and build a treasury reserve to smooth peaks in loan charges.  Indicators that approval from Council was sought formed the basis of calculations for 2024-25.  In response to a question from Mr Whitfield, the Director Finance and Procurement advised that 20% of borrowing over 10 years was a lower limit and that the upper limit may need to be highlighted.  The 10 years and above category of borrowing was around 78% of borrowing which gradually reduced over other categories.  Lower and upper bandings of borrowing would be added to the report to Council.

DECISION

(a)       NOTED that treasury management activity in the six months to 30 September 2023 was carried out in compliance with the approved Treasury Management Strategy and Policy;

(b)       AGREED

(i)        to the presentation of the Treasury Management Mid-Year Report 2023-24, as contained in Appendix 1, to Council for approval of the revised indicators; and,

(ii)       to include upper and lower parameters of borrowing to the report for Council.

Consider Report by Chief Officer Audit and Risk.  (Copy attached.)

There had been circulated copies of a report by Chief Officer Audit and Risk that provided members of the Audit Committee with details of the recent work carried out by Internal Audit and the recommended audit actions agreed by Management to improve internal controls and governance arrangements.  The work Internal Audit carried out in the period from 1 August to 27 October 2023 associated with the delivery of the approved Internal Audit Annual Plan 2023-24 was detailed in this report.  A total of 4 final Internal Audit reports had been issued. There were 2 recommendations made associated with 1 of the reports (0 High-rated; 2 Medium-rated; 0 Low-rated).  An Executive Summary of the final Internal Audit assurance reports issued, including audit objective, findings, good practice, recommendations (where appropriate) and the Chief Officer Audit and Risk’s independent and objective opinion on the adequacy of the control environment and governance arrangements within each audit area, was shown in Appendix 1 of this report.  The SBC Internal Audit function conformed to the professional standards as set out in Public Sector Internal Audit Standards (PSIAS) (2017) including the production of the report to communicate the results of the reviews.  Members discussed the SLACIAG development session for Chairs and Vice Chairs for audit committees and noted that further work was being considered set up a forum for chairs across local authorities.

DECISION

(a)       NOTED:

(i)        the Executive Summaries of the final Internal Audit assurance reports issued in the period from 1 August to 27 October 2023 (Appendix 1) associated with the delivery of the approved Internal Audit Annual Plan 2023-24;

(ii)       the Internal Audit Consultancy and Other Work carried out in accordance with the approved Internal Audit Charter;

(iii)      the assurance provided on internal controls and governance arrangements in place for the areas covered by this Internal Audit work; and,

(b)       AGREED to approve the minor amendments to the Internal Audit Annual Plan 2023-24, as set out in paragraph 4.8 of the report.

Cllr Sinclair joined the Meeting during discussion of the above item.

Consider Report by Chief Officer Audit and Risk.  (Copy attached.)

6.1       There had been circulated copies of a report by Chief Officer Audit and Risk that informed the Audit Committee of the progress Internal Audit had made, in the first 6 months of the year to 30 September 2023, towards completing the approved Internal Audit Annual Plan 2023-24.  It also summarised the statutory obligations for Internal Audit and requirements of the Public Sector Internal Audit Standards.  The Internal Audit Annual Plan 2023-24 that was approved by the Audit Committee on 13 March 2023 set out the audit coverage for the year utilising available Internal Audit staff resources to enable the Chief Officer Audit & Risk (the Chief Audit Executive (CAE)), to provide the statutory annual Internal Audit opinion regarding the adequacy and effectiveness of governance, risk management and internal controls within the Council.  Appendix 1 of the report provided details of the half-yearly progress by Internal Audit with the delivery of its programme of work, which indicated good progress.  The programme of work for the six months from October 2023 to March 2024 based on the available resources indicated that the Internal Audit Annual Plan 2023-24 can be delivered in full.  Internal Audit assurance services were also provided to the Scottish Borders Council Pension Fund and the Scottish Borders Health and Social Care Integration Joint Board to meet their obligations.  Separate Internal Audit plans and reports were presented to their respective Management and boards/committees for assurance purposes.  The report also summarised the statutory obligations for Internal Audit and the requirements of the Public Sector Internal Audit Standards (PSIAS) with which the SBC Internal Audit function conformed.

6.2       The Chief Officer Audit and Risk summarised the report and answered Members’ questions and advised that the Chartered Institute of Internal Auditors were a global organisation that set global internal audit standards and determined that the standards needed some enhancement to improve governance and internal control.  The consultation process was useful especially in reflecting the views from smaller internal audit teams in Scottish local authorities.  Concerns were raised about the possible constrained system of performing external quality assessments every five years.  The Chief Officer Audit and Risk advised that the consultancy report on partnering was in draft form still though the distribution list for its dissemination had not yet been determined.  With regard to skills within internal audit teams, SBC had access to SLACIAG’s computer audit sub-group to cover broader IT content such as data analytics and other emerging areas.  Discussions had been taking place with Scottish Councils to share internal audit programmes and for training sessions to take place.  With regards to the scope of internal audit including external providers, the entirety of business applications were subject to audit.  IT general controls audit had a specific scope on use of business applications.  Specific audit work had been done previously on contract management with Live Borders. 

DECISION

(a)       NOTED the progress Internal Audit has made towards completing the Internal Audit Annual Plan 2023-24; and,

(b)       AGREED that the Committee was satisfied with the Performance  ...  view the full minutes text for item 6.

Consider Report by Chief Officer Audit and Risk.  (Copy attached.)

7.1       There had been circulated copies of report by Chief Officer Audit and Risk that provided an update to Members of the Audit Committee on the status of the implementation by Management of audit recommendations made and agreed in Internal Audit reports.  Internal Audit was an independent appraisal function established for the review of the internal control system as a service to Scottish Borders Council.  It objectively examined, evaluated and reported on the adequacy of internal control as a contribution to the proper, economic, efficient and effective use of resources and the management of risk.  The Internal Audit activity added value to the organisation (and its stakeholders) when it considered strategies, objectives, and risks; strived to offer ways to enhance governance, risk management and control processes (by way of making audit recommendations); and objectively provided relevant assurance.  The Remit of the Audit Committee included the function to consider “all matters relating to the implementation of recommendations contained within internal audit reports”, as part of its high-level oversight of the framework of internal control, risk management and governance within the Council.

7.2       The Chief Officer Audit and Risk summarised the report and answered Members’ questions.  The Chief Officer Audit and Risk noted that it was routine to report to CMT each quarter and that comments from Audit Committee may be presented.  The Chief Officer Audit and Risk advised that the audit actions whose dates that were extended and reforecast were highlighted in the comments section of the Appendix.  The Chair expressed disappointment that Internal Audit recommendations were not being completed by Management on timey.  The Chair suggested to the Committee that the recommendation be amended so that the report was noted and that an updated report be presented to the Committee for the next quarter with an expectation that there would be improvement in the progress made.

DECISION

(a)       NOTED:

(i)        the progress made by Management in implementing Internal Audit recommendations to improve internal controls and governance, and mitigate risks;

(ii)       that Internal Audit will continue to monitor the completion of outstanding recommendations and will provide update reports to this Committee

(b)       AGREED that the Committee was not satisfied with the progress and that an updated report be presented at the end of the next quarter with an expectation that there would be improvements in progress made.

Cllr Thornton-Nicol left the Meeting and Cllr Richards assumed the Chair.

Consider Report by Chief Officer Audit and Risk.  (Copy attached.)

There had been circulated copies of a report by Chief Officer Audit and Risk that made the Audit Committee aware of the findings and necessary actions arising from the Integrity Group’s assessment of counter fraud controls.  Having robust fraud prevention and investigation arrangements in place contributed to safeguarding the Council’s financial resources, for delivery of services, as part of protecting the public purse.  A focus on prevention and detection and promotion of a counter fraud culture across the Council to improve its resilience to fraud, taking account of reducing resources, were associated with the Counter Fraud Strategy 2021-2024 that was approved by Council in December 2021.  The purpose of the Integrity Group was to improve the Council’s resilience to fraud, theft, corruption, and crime.  One way it could achieve that is self-assessing the Council’s arrangements against best practice and agreeing any appropriate actions to continuously improve the arrangements in place.  This report referred to a national fraud report published by Audit Scotland, which set out recommendations for public sector organisations.  Part of the Audit Committee’s role was to oversee the framework of internal financial control including the assessment of fraud risks and to monitor counter fraud strategy, actions and resources.  Assurances about the effectiveness of the Council’s existing systems and arrangements for the prevention, detection and investigation of fraud could be taken from the outcomes contained within the report.  The Chief Officer Audit and Risk summarised the report and answered Members questions.  It was advised that the corporate fraud officer retired in December 2020, and the post was subsequently removed from the establishment to achieve approved budget reductions.  There had been many counter fraud improvement actions that the corporate fraud officer had developed which were included in the appendix of the report. 

DECISION

(a)       NOTED the findings from the Integrity Group’s assessment of counter fraud controls 2023-24 in response to fraud risks set out in Appendices 1 and 2 of the report; and,

(b)       AGREED the ongoing Management actions to enhance the Council’s resilience to fraud, as summarised in the Action Plans set out in Appendices 1 and 2 of the report.

Cllr Thornton-Nicol rejoined the meeting and resumed the Chair.

Consider Report by Chief Officer Audit and Risk.  (Copy attached.)

There had been circulated copies of a report by Chief Officer Audit and Risk that made the Audit Committee aware of the outcomes of the completion of the Self-Appraisal Checklist (Review Data Matches and Recording of Outcomes Phases) by the Integrity Group, as part of the Council’s participation in the National Fraud Initiative (NFI) 2022-2023 Exercise.  The Council was committed to minimising the risk of loss due to fraud, theft, corruption or crime and to taking appropriate action against those who attempt to defraud the Council, whether from within the authority or from outside.  The primary responsibility for the prevention, detection and investigation of fraud rested with Management, supported by the Integrity Group.  Part of the Audit Committee’s role was to oversee the framework of internal financial control including the assessment of fraud risks and to monitor counter fraud strategy, actions and resources.  Assurances about the Council’s participation in the National Fraud Initiative (NFI) 2022-2023 Exercise could be taken from the Actions and Self-Appraisal contained within the report.  The Chief Officer Audit and Risk summarised the report and answered Members’ questions.

DECISION

NOTED:

(a)       the Progress Update by the Integrity Group on Management Actions in response to the Recommendations arising from the ‘National Fraud Initiative in Scotland 2022’, as summarised in the Action Plan set out in Appendix 1 of the report; and,

(b)       the outcomes of the completion of the Self-Appraisal Checklist (Review Data Matches and Recording of Outcomes Phases) by the Integrity Group as part of the Council’s participation in the National Fraud Initiative (NFI) 2022-2023 Exercise, as set out in Appendix 2 of the report.