Agenda and minutes

Audit & Governance Committee
Monday, 25th March, 2019 7.30 pm

Venue: Council Chamber, Civic Offices, High Street, Epping

Contact: A Hendry, Democratic Services  Tel: 01992 564246 Email:


No. Item


Webcasting Introduction

This meeting is to be webcast. The Chairman will read the following announcement:


I would like to remind everyone present that this meeting will be broadcast live to the internet (or filmed) and will be capable of repeated viewing (or another use by third parties).


If you are seated in the lower public seating area then it is likely that the recording cameras will capture your image and this will result in the possibility that your image will become part of the broadcast.


This may infringe your human and data protection rights and if you wish to avoid this then you should move to the upper public gallery.


Could I please also remind Members to activate their microphones before speaking”.


Additional documents:


The Chairman made a short address to remind everyone present that the meeting would be broadcast live to the internet, and would be capable of repeated viewing, which could infringe their human and data protection rights.


Declarations of Interest

To declare interests in any item on the agenda for the meeting of the Committee.


Additional documents:


No interests were declared by members of the Committee in any item on the agenda for the meeting, pursuant to the Council’s Code of Conduct.



Minutes pdf icon PDF 93 KB

To confirm the minutes of the meeting of the Committee held on 28 January 2019.


Additional documents:




That the minutes of the meeting held on 28 January 2019 be taken as read and signed by the Chairman as a correct record.


Matters Arising

To consider any matters arising from the minutes of the previous meeting of the Committee.

Additional documents:


There were no matters arising from the minutes of the previous meeting of the Committee.



Audit & Governance Committee - Work Programme pdf icon PDF 73 KB

To consider the attached work programme for the Committee for 2018/19.


Additional documents:


The Committee noted their work programme.


Internal Audit Strategy and Plan 2019/20 pdf icon PDF 157 KB

To consider the attached report.


Additional documents:


The Committee received the Internal Audit Strategy and Plan for 2019/20 with an indicative work programme for the subsequent two years (2020/21 and 2021/22). They noted that the Internal Audit function provided independent and objective assurance and consulting services to Epping Forest District Council. The Internal Audit Strategy summarised the key principles for the Internal Audit Team for the period 2019/20, with some longer term aims. The strategy supported the Audit Plan which set out the work of the Internal Audit function for the year.


The purpose of the Internal Audit Strategy and Plan was to document the Internal Audit team’s approach to provide independent and objective assurance to Members and senior management; ensure the recognition of the key risks the Council faces in meeting its objectives; add value and support to senior management; and to deliver an internal Audit Service that was compliant with the requirements of the Public Sector Internal Audit Standards.


The Chief Internal Auditor noted the key deliverables for the Internal Audit Service during 2019/20 was the delivery of the Audit Plan (to ensure there was sufficient audit coverage); the integrated approach to assurance (providing ongoing assurance to management); the management of commitment (to ensure agreed management responses to audit recommendations); to continually develop their approach (to develop, improve and deliver quality assurance); and to provide business insight (by working more closely with Officers, Members and services).


Internal Audit’s work would help inform each Council’s risk management framework, enabling greater recognition of key mitigating controls and other sources of assurances available. The risks identified in the Audit Plan were shown in appendix A of the report and had been taken, where possible, directly from the Council’s Risk Register.


In addition, an assurance map had been produced (at appendix B of the report) that provided a structured way to identify the main sources and types of risk assurance in the Council.


2018/19 had been the second year of the formal shared service between Broxbourne, Epping Forest and Harlow Councils, with Broxbourne being the host authority and employer of the shared internal audit staff. A Shared Services Board was created and was meeting regularly to oversee the implementation and delivery of the Internal Audit function, assess quality and performance, manage risks and consider major changes to the service.


A Jarvis wondered how many days were programmed in for a normal year’s work, as he thought that the coming year’s programmed days were quite low by normal standards at 438. He was told that there were no set days to deliver the work although Epping had traditionally more days than Broxbourne and Harlow, but the number of days had been reduced partly due to resource and operational issues in the audit team. With broad cross cutting audits hopefully this would produce the assurances that the Committee would want. A Jarvis was concerned that it had dropped from 500 days from when this Council was fairly stable to 438 days when the Council was under more pressure due to transformation.  ...  view the full minutes text for item 48.


Internal Audit Monitoring Report - February to March 2019 pdf icon PDF 156 KB

To consider the attached report.


Additional documents:


The Chief Internal Auditor introduced the Internal Audit Monitoring Report for February to March 2019. The report updated members on the work completed by Internal Audit Shared Services and the Corporate Fraud Team since the January 2019 Audit and Governance Committee and provided the current position in relation to overdue recommendations. Appendix 1 set out where they were with the current audits for 2018/19 and noted that they would probably start in April the access to housing audit and were currently working with the Service Director and Manager to find out exactly what they needed to audit.


She noted the good news as set out in section 3, where they had undertaken four audits, safeguarding, Museums and Cultural Services (joint working collaboration), Health and Safety (Corporate) and Business Rates Corporate wide approach - and they had all come out with a “substantial assurance” mark.


As for the Recommendation Trackers the numbers were going down and there were reasons why some of them were taking longer than intended. Other internal audit activities were covered further on including the performance indicators that were all on target. The Corporate Fraud Team continued to give very good results and finally the update of the annual governance statement that would come to the Committee in July.


Councillor Whitehouse wanted more information on the access to housing audit. And at the bottom of page 46 of the agenda under Business Rates Corporate Wide approach, it used the phrase ‘…maximise income albeit’. What did that mean? He was told that access to housing was about homelessness and the word ‘albeit’ just seemed to have slipped in there uninvited.




That the Committee noted the progress made against the 2018/19 Internal Audit plan and the summary of work of Internal Audit and the Corporate Fraud Team for the period February to March 2019.


Corporate Fraud Team Strategy 2019/20 pdf icon PDF 129 KB

To consider the attached report.

Additional documents:


Martin Crowe, the Corporate Fraud Team Manager introduced the report on the focus of the Corporate Fraud Team for the year 2019/2020. This strategy summarised the key principles for the Corporate Fraud Team for the forthcoming 2019 / 20 period along with some longer term aims.

The Corporate Fraud Team sat alongside the Internal Audit team and therefore both together supported and contributed to the achievement of the Council’s 2018-23 strategic aims. These had been taken into account when developing the Corporate Fraud Strategy and Plan. The Fraud Team had adopted the familiar dual approach of proactive and reactive work.


The proactive work consisted of the process of vetting 100% of Right to Buy applications; reviewing areas of high fraud risk within the Council, targeting Revenue such as non-domestic rates fraud and fraud within Council tax discounts; the Team would continue with its good working relationship with the Housing Department; they would continue engaging other key stakeholders across the Council to raise awareness and encourage reporting of suspicions; and would further implement a rolling fraud  awareness programme.


The reactive work would consist of reviewing and risk assessing 100% of the referrals it received; continuing their programme of engaging with other council teams, providing advice, training and support; they would continue with the “Know a Cheat in your Street” advertising campaign for the forthcoming year; and would also continue to publicise their work including successful prosecutions.


Going forward, the new National Fraud Initiative exercise had just come in with well over a thousand data matches that needed to be looked at in conjunction with Internal Audit and other council departments.


The formal and informal joint and shared working arrangements would continue into the forthcoming year. Also the Corporate Fraud Team were now expected to undertake a set number of hours of Continued Professional Development (CPD) to keep their existing knowledge and skills up to date and to develop new skills.


Longer term projects being considered included exploring pre-employment vetting and an ongoing process looking at all documents and processes that gave access to the Council’s public services to ensure that they were as fraud proof as possible.


Councillor Jennings said that this was an impressive programme and noted that they had joint working arrangements with Brentwood and Chelmsford councils; was there any reason it was those councils in particular. He also positively commended the start of officer development and CPDs. The Corporate Fraud Team Manager replied saying that the opportunity at Brentwood was the Corporate Fraud Team was in the right place at the right time. Brentwood had recently lost all their anti-fraud resources and we saw this as an opportunity to help as well as a commercial opportunity to take this on in a more formal basis. As for Chelmsford and Harlow, this was a more informal arrangement. There is an investigator in Chelmsford who used to work for us and had kept this link. Harlow was a shared service with Audit. This had all just happened this way with  ...  view the full minutes text for item 50.


Audit Planning Report to the Audit & Governance Committee for the Year ending 31 March 2019 pdf icon PDF 380 KB

To consider the attached report.


Additional documents:


The representative from Deloitte the Council’s External Auditor, Craig Wisdom, introduced their planning report to the Committee for the 2019 Audit. Assuming that the report had been read he gave a brief synopsis of the key points of the report. The audit would be carried out in accordance with the requirements of the Code of Audit Practice and supporting guidance published by the National Audit Office.


The plan had been developed based on planning work and a preliminary risk assessment and all the work was carried out in accordance with the code of Audit Practice. The key thing would be materiality, a judgement for him to make. They had determined a materiality of 2% which translated to £1.9 million. They would also report back any misstatements above £96k. However, as materiality was based on a forecast they may revise it once final numbers were known.


Key risk areas were identified such a valuation of properties, which were complex and required judgement, and it was where they would use their own real estate team. They would also be focusing on the Capitalisation of Expenditure to make sure that it was appropriate; and thirdly, would be considering the Management Override of Controls, an assumed risk by international auditing standards and was not something that was actually happening in this Council. He also noted that last year BDO had as a significant risk the Council’s pension scheme, he had not identified this as a significant risk in the current year but it would be an area he would focus on through the year.


He also commented on the arrangements that the Council had in place for economy, efficiency and effectiveness; at the moment the risk assessment on that was ongoing. There was nothing that he had put into the significant risk category at the moment but that was an ongoing assessment, as was all their work through the year.


Councillor Mohindra asked about risk 2, capital expenditure, capitalising the corporate capital expenditure and if we reclaimed any of the VAT. Mr Maddock noted that we would be able to reclaim it in the normal way but that was not particularly related to this risk.


A Jarvis asked if they audited any similar council to this one and if so could they share insights gained there. He was told that as a firm they audited various different councils and collated their knowledge to pass on the benefit of their experience.


Councillor Whitehouse asked about property evaluation; this being quite complex, could they expand on what the potential impact of getting this wrong would be. He was told that from a valuation perspective it had an impact on depreciation if it was wrong. This was a big number on the Council’s balance sheet and if it was wrong it could have an impact. A lot of this was based on judgement which was why it was flagged up as a significant risk and why they used their in-house valuation team.


The Chairman asked that the  ...  view the full minutes text for item 51.


Effectiveness of the Arrangements for Risk Management pdf icon PDF 170 KB

To consider the attached Report.

Additional documents:


The Chairman announced that this would be Mr Maddock’s last Audit and Governance Committee meeting as he would be leaving the Council shortly. His expertise and advice would be greatly missed.


The Chief Finance Officer introduced the report on the effectiveness of the arrangements for risk management. Members were requested to consider the effectiveness of the Council’s arrangements for Risk Management to provide assurance to the Council on the functioning and adequacy of this important internal control. He also noted that the Finance and Performance Management Cabinet Committee looked at risk management at a member level.


It was noted that the internal arrangements for Risk Management remained unchanged for the majority of the year. However, the methodology was currently undergoing an internal review to align with the new corporate structure.


It was common practice within services for risk assessments to be conducted on new or changed activities and capital projects. All directorates were required to have a section on Risk Management in their business plans. This section would contain details on the directorate’s key risks, a risk matrix and action plans for dealing with the risks that were above the risk tolerance line.


All directorates were required to have Risk Management as a standing item on management team meeting agendas. This is to ensure that directorate risk registers were kept up to date with any new items and that existing action plans, both for directorate and corporate risks, were monitored. The regular discussion of risks allowed directorate champions to report back on discussions at the Risk Management Group (RMG) and also to bring forward items from their directorates that they felt should now be included, or if already included updated, on the Corporate Risk Register. The Risk Management Group then considered updates to the Corporate Risk Register by making recommendations to the Leadership Team.


N Nanayakkara noted that there was repeated reference to a potential for missing a time scale in regards to the NPPF which would result in the Council having to use a standard methodology. Can you confirm that we did not miss that time frame? The Chief Finance Officer assured her that we did not miss that time frame, the Planning Inspectors were now here and we were currently going through the process.


A Jarvis noted that the format used was the same since 2013, will there be a review of the profiles and the way it was presented at a future meeting. He was told that they were reviewing Risk Management now, this was being carried out by the Commercial and Regulatory directorate and Internal Audit would be heavily involved in this process, advising them of best practice.


Councillor Whitehouse observed that half the risks mentioned were in the ownership of one officer that was departing in May; would this be taken into consideration and passed on in an appropriate way. N Nanayakkara said that was good point and could Mr Maddock highlight what the interim arrangement were and the arrangements for his role going forward.  ...  view the full minutes text for item 52.


Any Other Business

Section 100B(4)(b) of the Local Government Act 1972 requires that the permission of the Chairman be obtained, after prior notice to the Chief Executive, before urgent business not specified in the agenda (including a supplementary agenda of which the statutory period of notice has been given) may be transacted.

Additional documents:


No other business was raised for consideration by the Committee.