An apology for absence was received from Cllr Emma Morley and CllrJohn Caller attended as her substitute.

The minutes of the meeting on Monday, 14 February 2022 were signed by the Chair.

Cllr Gow declared an Other Significant Interest as an appointed Board Member of Rosherville Limited, the Council’s Local Authority Trading Company.

The Principal Accountant (General Fund) presented a review of the Accounting Policies that are to be used in formulating the Financial Statements for the authority for the financial year 2021-22.

The Principal Accountant (General Fund) advised Members that although this review is not a statutory requirement CIPFA recommends that it is good practice for authorities to take their Accounting Policies through the relevant Committees.  

There had been no substantial changes to the CIPFA Code that had been identified that would influence the Council’s Accounting Policies for 2021-22.

As set out in section 3 of the report, CIPFA announced a consultation which the council had recently responded to. The proposed changes to the Accounting Code could have an impact on the preparation of the 2021-22 accounts. These proposed changes would help alleviate current delays to the publication of audited accounts across the country. The proposal would allow a “catch-up” period over the next 2 years so that by 2024-25 the timescales would be back on track.

Due to the given timescales of the consultation and our committee cycle the consultation was submitted on Friday 4 March 2022 and the outcome will not be known until the end of March, therefore any changes that have come out of the consultation will have to be reflected in accounting policies and will be communicated to subsequent committees.

Following questions and comments from Members, the Principal Accountant (General Fund)explained that:

• Regarding item 2.3 in the report, St George’s Shopping Centre, there has been some progress made with this and the council is receiving external consultancy advice to look at the documents regarding the transaction and that the council is liaising with its external auditors regarding this work.
• With regard to the consultation, the Principal Accountant confirmed that a copy of the council’s response to the consultation could be shared with the Committee, along with the headlines of the outcome itself once known. The outcome is due at the end of March but there is no guarantee that all or any of it will be become mandatory or adopted within the accounting code. The main factor behind the consultation is that CIPFA recognises that throughout the country, many authorities have outstanding audits of accounts for 2019-20 and 2021-22, and are therefore looking for practical ways to alleviate this.

Resolved that:

1.         Members are asked to endorse the use of the Accounting Policies as outlined at Appendix One to this report, subject to comments from the Council’s external auditor.

2.         Members are asked to endorse any updates to the Accounting Policies as resulting from the recent CIPFA consultation regarding emergency proposals for the update of the 2021/22 Code of Practice on Local Authority Accounting in the United Kingdom.

The Assistant Director (Corporate Services)presented the Committee with the outcome of the annual risk identification and analysis exercise that had been carried out to assist in the development of Gravesham Borough Council's Corporate Risk Register for 2022-2023 and explained that:

• The Risk Management Strategy sets out the approach the council has adopted for identifying, evaluating, managing and recording risks.

• The strategy itself is reviewed on an annual basis by Officers and there have been no substantial amendments or updates to the strategy policy since last year.

• The risk identification and analysis assessment document sets out the detail of all the risks that have been considered by Officers when producing the draft Corporate Risk Register together with the outcomes of those assessments.

• The risks that have generated to a high residual risk score of 10 and above are included in the draft 2022-23 Risk Register.

• Additional risks identified as part of the exercise however were not considered high enough to be included in the Corporate Risk Register were: 

·       Universal Credit

·       IT Infrastructure

·       Adoption and delivery of a sound Local Plan

These will be managed at service level.

On page 63 of the report the Draft Corporate Risk Register included comments and amendments suggested by Management Team and Senior Officers. The top 5 risks are identified for inclusion are:

·       On-going financial viability

·       Changes in national priorities and legislation

·       Organisational resilience and capacity

·       Cyberattack and data breaches

·       Investment risk

Following questions and comments from Members, the Assistant Director (Corporate Services) explained that:

• All risks are monitored throughout the year and the council has recently established a Risk Management Working Group to oversee this process. There are representations from each Directorate on this group who review the risks at service level and corporate risk level and identifies any merging risks. The last meeting of this group took place in February with another meeting due to take place in May.
• With regards to recent events in Ukraine and the possible increased threat to cyber security, this risk is continually monitored by the Assistant Director (IT Services) with any updates reported to the Risk Management Working Group.
• Inflation risk is covered within risk 1 “on-going financial viability of the council”. This risk covers the majority of financial risk. Within the MTFP there is a budget line for inflation provision and this was reviewed at the time of budget setting.
• Explanations regarding the various risk types are found at page 64. Regarding inherent risk, residual risk and target risk – the residual risk score should result in a decrease as this considers the controls that are put in place to help mitigate the risk.  The target risk score is where the council would like to be as this considers improvement to existing controls. 
• The council has written to all its external fund managers and responses have been received which confirm that they have not identified any exposure to Russian investments.

Resolved that Members are requested to review the draft Corporate Risk Register

for 2022-23 prior to  ...  view the full minutes text for item 148.

The Assistant Director (Corporate Services)provided the Committee with an overview of the Chartered Institute of Public Finance Accountants (CIPFA) Financial Management Code 2019, along with an annual self-assessment that was undertaken in February 2022 to identify compliance and areas for further consideration.

The latest self-assessment demonstrated compliance with the code with no significant amendments to be made. These self-assessments will be carried out annually and will be brought to the March Committee each year.

Resolved that the Finance and Audit Committee are requested to note: 

•           The findings of the annual self-assessment

The Head of Internal Audit & Counter Fraud Shared Service (Chief Audit Executive)presented the Committee for approval of the Internal Audit Quality Assurance & Improvement Programme (QAIP) for 2022-23.

This enables the evaluation of the internal audit activity’s conformance with the Definition of Internal Auditing and the Standards, an evaluation of whether internal auditors apply the Code of Ethics and also the efficiency and effectiveness of the internal audit activity and whether there are opportunities for improvement.

The QAIP, for short, is reviewed annually to ensure it meets the requirements set out in the Standards and that will reflect the work of the service. 

As outlined in the report, the document had a complete refresh this year, to remove any references of counter fraud activity as the Officers are no longer in multi-disciplinary roles.

Paragraphs 2.3.1 to 2.3.4 in the covering report provide the key changes. The aim is to ensure Members receive the most relevant information and data used to calculate the outturns have been adjusted to ensure more accurate detail around internal audit. 

Although the counter fraud indicators are no longer included in the QAIP, there are still a number of performance measures relating to counter fraud activity but these are now listed in the Counter Fraud Plan.  

Resolved that Members approved the QAIP presented at Appendix 2 for use in 2022-23.

The Head of Internal Audit & Counter Fraud Shared Services (Chief Audit Executive)presented for approval the Internal Audit Plan (Q1-Q2) 2022-23 for Gravesham.

The council is required to prepare an audit plan outlining how internal audit resources will be used throughout the year. 

While a draft plan has been prepared for the full 12 months, Appendix 2 of the report outlines the plan for the first six months of the year. The purpose of this change in approach is to ensure that audit resources are being directed to the council’s highest areas of risk throughout the year.

The risk assessment was completed in January which is three months before the commencement of work and there is a high possibility that the risk landscape could change.

In July, the Audit Risk Assessment will be refreshed and used to update the current second half of the year plan based on any changes to risk landscape or legislative requirements.  The plan for the second half of the year will be presented to this Committee alongside the first update in September.

This is to enable the service to be more responsive to changes, manage resources in a more efficient manner and ensure we continue to focus audit resources in the highest risk areas.

The Risk Assessment or Audit Needs Assessment was completed after consultation with Directors and senior Managers to consider their views on the risks for each service in the coming year and the draft plan was also shared to identify any timing issues as early as possible. That has partly determined what has been selected for the first part of the year.

Members will note that there are some changes to the layout of the plan, the day allocation for individual reviews are no longer included. As part of the planning process, each review has been allocated an indicative figure of 15 days but the Internal Audit Manager will have the freedom to reduce or increase that allocation to ensure the review provides the right level of assurance.

The update reports presented to the Committee will continue to specify the number of days that have eventually been allocated to each review and will report the number of days taken to actually complete the review.

There are specific links to the corporate risk register in the plan which were highlighted from the last external quality assessment to focus on the council’s risk areas. 

Following questions and comments from Members, the Head of Internal Audit & Counter Fraud Shared Services (Chief Audit Executive)explained that:

• There is no upper limit to the 15 workings days to complete a review, but they are unlikely to exceed more than 20 days. The Head of Internal Audit & Counter Fraud Shared Services (Chief Audit Executive) was not aware of other council’s setting upper limits.
• The Chair was glad to see the link to the Corporate Risk Register and asked about the weighting scores. The HIACF explained that the assessment covers a full list of auditable areas of all council  ...  view the full minutes text for item 151.

The Head of Internal Audit & Counter Fraud Shared Service (Chief Audit Executive)presented for approval the Counter Fraud Plan for 2022-23.

Since 1 March 2016 the council’s counter fraud activity has been delivered by the Internal Audit & Counter Fraud Shared Service with Medway Council. Planned counter fraud activity has previously been included as part of an overall plan for Audit & Counter Fraud as officers were working in multi-disciplinary roles. Following a return to designated roles, and in line with recommended best practice, a separate work plan had been produced to cover all counter fraud activity and provide more detail around the work of the Counter Fraud Team than has previously been specified in the joint plans.

The Counter Fraud plan for 2022-23 had been designed to show how the council will aim to use the available resource and demonstrate all the activity that the Counter Fraud team are involved in.  

This new plan gives an indication of how we intend to use the resources but it has to been noted that some of the activity may be aspirational. For example, if the team already has a significant number of cases to investigate, it is unlikely that pro-active activity to identify further cases would be undertaken as there would be no resource available to deal with them.

The plan contains a number of performance measures for the counter fraud team but many do not have targets as these are beyond the control of the service. Members will receive details of the outturns against these indicators as part of the periodic update reports.

Following questions and comments from Members, the Head of Internal Audit & Counter Fraud Shared Service (Chief Audit Executive)explained that:

• There Internal Audit team now consists of an Audit Manager, one senior internal auditor and six Internal Auditors. The Counter Fraud Team consists of the Counter Fraud Manager, two Counter Fraud Officers and two Intelligence Officers.

• The two counter fraud investigators are new to the role but are delivering very good results.  

Resolved that Members approved the Counter Fraud Plan 2022-23 presented at

Appendix 2.