Agenda item

Internal Audit Report to 31 March 2020

Meeting of Audit and Standards Committee, Monday 22nd June 2020 6.30 pm (Item AS20/8.)

Minutes:

The Audit Manager led Members through the internal audit report to 31 March 2020. The Council was required to ensure that it had reliable and effective internal control systems in place and the adequacy of these systems was tested by both Internal and External Audit.

The report included an annual report on the performance of the Internal Audit Service. In the year up to 31 March 2020, Internal Audit had operated in accordance with the Public Sector Internal Audit Standards (hereafter referred to as ‘the Standards’). It was a requirement of the Standards that a report was made to the Audit and Standards Committee on audit matters and any emerging issues, not only in relation to audit but risk management and corporate governance.

2019/20 had proved to be a challenging year for Internal Audit. Work had been behind schedule about halfway through the year owing to audit overruns and other circumstances beyond its control. Progress had been made, as indicated by the number of audits completed in the final quarter, but due to the Covid-19 pandemic the Internal Audit team was severely depleted during the last few weeks of the financial year, resulting in fewer audits being completed during the year than would otherwise have been the case.

The report gave details of the eight audit reviews that had been completed in the final quarter of 2019/20 (Business Rates, Property Investment, Benefits, Software Licensing, Payroll, Treasury Management, Cash and Banking and Creditors), a summary of all audit reports completed in 2019/20 and progress made on implementing audit recommendations. Seven of these provided good or substantial assurance on the overall governance arrangements, however one audit (Property Investment) only provided limited assurance. This was due to a number of areas where record keeping needed to be strengthened and/or transparency improved. The Head of Service Acquisitions, Transformation and Regeneration had confirmed that appropriate action had been taken. Progress on the recommendations would be reported back to the Committee at the next quarterly review in September.

Appendix B to the report provided a summary of all audit reports completed in 2019/20, the level of compliance and assurance rating for each review, and the overall performance of the Internal Audit team against the plan. It was noted that the details of all audit reports issued in the first three quarters of 2019/20 had already been reported to the Committee at previous meetings.

The summary showed that 82.1% of the 2019/20 Audit Plan was completed, however six planned audits were still outstanding at the end of the financial year. One of these (ICT Governance) was already at an advanced stage when the Government lockdown began but could not then be completed because the ICT Infrastructure team had to devote all its resources to the many logistical and technical support challenges posed by the sudden need to enable all officers to work from home.

Another audit (Transformation Projects Implementation) had also commenced but had been delayed due to other priorities. The four remaining audits were all postponed due to various reasons such as timing issues, staff turnover, project overruns or staff no longer being available to assist because of other priorities brought about by the Council’s response to the Covid-19 pandemic.

Due to the disruption caused by the Covid-19 pandemic and the many new challenges faced by officers at the time, information on the progress made in implementing the audit recommendations reported at previous meetings had not been sought.

In addition to compliance work, the Audit Manager also coordinated the National Fraud Initiative (NFI) data matching exercises. Work on the December 2018 Single Person Discount matches had identified £6,470 in savings (13 cases). The matches arising from the December 2019 Single Person Discount exercise were still being reviewed.

The Internal Audit team had also carried out some Counter Fraud duties during 2019/20. This work primarily focused on council tax and business rates and had resulted in the identification of a number of unbanded Council Tax dwellings and commercial premises that were either in receipt of rate relief they were not entitled to or had a change of usage resulting in a new liability. These cases were followed up with the help of colleagues in the Revenues and Benefits team and an additional £60,596 of revenue income was being collected as a result.

Internal Audit had also secured £20,000 of former Department for Communities and Local Government funding from the East Sussex Counter Fraud Hub for use on counter fraud initiatives. It was originally hoped that this money could be used to fund a fixed-term Investigator post in partnership with one of the Council’s neighbouring councils, but this proposal was unable to proceed. It had therefore been agreed by the Strategic Management Team to use the money to enhance the Internal Audit team’s counter fraud capacity by regrading the Internal Auditor post. This meant that the fund will be used gradually over a number of years.

Routine audit work during 2019/20 had also identified £10,632 in confirmed savings/extra income due to financial errors, which included a payroll timesheet recording error which resulted in an employee being overpaid, business rate relief which had been wrongly applied, and licence renewal payments in respect of software that was no longer required.

The Audit Manager’s latest self-assessment of his team’s compliance with the Standards (Review of Internal Audit 2019/20) was approved by Members on 18 May 2020 (Minute AS19/50 refers). The review did not identify any significant issues and concluded that there was a high level of effectiveness overall. The team’s first external peer review was completed in April 2017; no significant issues were found. Quality assurance questionnaires were also used to capture client feedback, the vast majority of which had been very positive indicating a high level of satisfaction with the quality of the Internal Audit Service.

Internal Performance Measures set for the Audit Team demonstrated that two of the targets for 2019/20 were met or exceeded.

The percentage of governance audits completed, and the percentage of the overall audit plan completed were both below target on this occasion owing to the issues outlined elsewhere in the report.

Three reports took longer than 15 days to issue due to delays caused by the auditee. In each case, management either failed to respond to the second draft report in a timely manner or raised concerns late in the audit process.

A draft assessment (as at 12 February 2020) was reported at the last meeting. The Audit Manager had reviewed the position again at the end of the financial year and confirmed his initial assessment of the issues and risks facing the Council remained satisfactory.

Taking into account all the factors within the report and the routine quarterly reports, it was confirmed that the Audit Manager’s overall opinion on the Council’s framework of governance, risk management and control was that it was adequate and effective.

An update on the Whistleblowing Policy activity in 2019/20 was provided at Appendix C to the report. A total of 21 whistleblowing cases had been reported to the Audit Manager in 2019/20, representing a 75% increase in the number of cases received in the previous financial year. All cases were initially reviewed by the Audit Manager and then either referred to the relevant Council officer for further investigation or reported to the appropriate authority.