Agenda and draft minutes

Please note this meeting may be filmed or recorded by the Council for live or subsequent broadcast via the Council’s internet site or by anyone attending the meeting using any communication method.  Members of the public participating in the meeting (e.g. making deputations, asking questions, making oral protests) should be aware that they are likely to be filmed, recorded or reported on.  By entering the ‘meeting room’, you are consenting to being filmed and to the possible use of those images and sound recordings.

The Chair of the meeting has the discretion to terminate or suspend filming or recording, if in his or her opinion continuation of the filming, recording or reporting would disrupt or prejudice the proceedings, infringe the rights of any individual, or may lead to the breach of a legal obligation by the Council.

The Chair referred to the notice of filming at meetings and this information was noted.

To receive any apologies for absence.

No apologies had been received.

The Chair will consider the admission of any late items of Urgent Business. (Late items will be considered under the agenda item where they appear. New items will be dealt with under item 7 below).

There was no urgent business. 

A member with a disclosable pecuniary interest or a prejudicial interest in a matter who attends a meeting of the authority at which the matter is considered:

(i)            must disclose the interest at the start of the meeting or when the interest becomes apparent, and

(ii)          may not participate in any discussion or vote on the matter and must withdraw from the meeting room.

A member who discloses at a meeting a disclosable pecuniary interest which is not registered in the Register of Members’ Interests or the subject of a pending notification must notify the Monitoring Officer of the interest within 28 days of the disclosure.

Disclosable pecuniary interests, personal interests and prejudicial interests are defined at Paragraphs 5-7 and Appendix A of the Members’ Code of Conduct

There were no declarations of interest.

To consider any requests received in accordance with Part 4, section B, Paragraph 29 of the Council’s Constitution.

There were none.

To confirm and sign the minutes of the Audit Committee meeting held on 3 December 2024 and 27 January 2025 as a correct record.

To review the Action Tracker.

RESOLVED: That the minutes of the meeting held on 27 January 2025 be agreed and signed as a correct record.

In relation to the Action Tracker, the reasons why actions on it appeared for long periods was to ensure that no action was closed prematurely. The Committee would receive updates for actions until the action was complete. The Action Tracker would be updated at the next Committee to reflect progress. However, the actions would not be taken off the Tracker until the Committee was satisfied that the action was completed.

This paper is to update the Committee on progress against the recommendations of the 2022 Commercial Property Audit which provided Nil Assurance and the subsequent 2023 Commercial Property Audit which provided Limited Assurance. 

Andrew Meek and Sarah Lavery to present.

Mr Jonathan Kirby, Director of Capital Projects & Property, introduced the report.

The meeting heard: 

·      In terms of focusing some of the resource in order to deliver the priority recommendations, the team had looked to do this efficiently. Part of it was also about the usefulness of the data. As much resource as possible could be put into this, but if the data was not present, it was about being able to compile it or create it. One of the recommendations in the report was about management systems and digitalisation systems which would provide greater ability to clear some of the priority 1 recommendations.

·      A project plan to capture the data had been put in place and was subject to wider governance as the Council reviewed its financial position. The process cost money and because of the data issues, it would not be possible to express what the overall cost saving would be. This had been presented to Corporate Leadership Team and an outcome was awaited.

·      Digitalisation of lease reading through AI was one such potential progress.

·      The future of the property review was about the form and how the Council would look to do the delivery. One of the issues faced in the past in terms of reviews was systems being able to communicate to each other. There was a huge dependency with the financial reporting systems as much as the asset part. These needed to be aligned. Some reliance may be needed on use of spreadsheets in the meantime.  A lot of it also was about timing. If budget efficiency was needed in delivering the project property review, priority would have to be given to certain properties. This would take longer than the wider five-year program. A risk-based review would be taken for the highest risk sites which needed attention. This would have a red, amber, green (RAG) rating system.

·      As part of the team’s response to the Council's financial constraints, it was in the process of reviewing all properties and whether or not they provided wider value to Haringey or if the Council should look to change and have a much more efficient portfolio. This would though, take longer.

·      In relation to adapting the culture, the Council had brought all of the property figureheads together such as Facilities Management, Property and Asset Management. Attempts were being made to promote cross-working. There was still a long way to go, but some progress had been made on showing the benefits of collaboration and minor behavioural changes. There had been a marked improvement in this. The first recommendation that came through from the external property review was about creating a corporate property model - a corporate landlord approach through the Property Compliance Boards. Internal Audit attended these meetings due to the revised government structure so there was more ‘holding to account’ that took place. 

·      The priority ratings were from the audit via Mazars. They had provided the one, two three rating. Health and Safety was important as was the financial  ...  view the full minutes text for item 7.

This report provides an update to the Audit Committee on the Council’s treasury management activities and performance quarters ending 31^st December 2024, in accordance with the CIPFA Code.

Sam Masters and Josephine Lyseight to present.

Mr Sam Masters, Head of Finance (Pensions and Treasury), introduced the report.

The meeting heard: 

·      When the Council set its budget each year, it was set for what the Council expected to borrow in the year. The Council did not actually borrow funds until it needed to (it would only borrow once other forms of financing had been utilised). The Council had spoken about its high levels of borrowing and how it needed to be reduced or needed to limit any increases in future years. In 2025/26, although the Council may set a budget, the Council should be trying to limit spending, given the high levels of debt. One way to do this was to continue to review the capital program through 2025/26. The Council had quite a significant capital program both for the general fund and also for the HRA. Another way was to consider the Exceptional Financial Support (EFS). The budget for 2025/26 was set based on the sum of £37million EFS - £10 million of which was funded from capital receipts and £27 million from borrowing. The £37 million was the maximum sum anticipated to be needed. The emergency response arrangements put in place was an attempt to find savings where possible so this could reduce how much of the £37 million the Council utilised and therefore, reduce the amount needed to be borrowed.

·      The Council had a cash flow model forecast for the whole year which would give the it an indication about when it needed to borrow. The Council always had a cash flow model in place. Over the last couple of weeks, the Council had tried to tighten it to get a clearer picture around when the Council needed to borrow. It was important to understand how the Council’s spending profile was for the capital program. It was not a case of simply trying to keep the capital program to a reasonable size.

·      It was possible to take the strategy to not borrow until towards the end of the year so that borrowing was done at the latest possible time. However, this could result in the Council getting caught out and into a situation where the Council would pay a couple of percent more than it would need to. This could result in quite a significant debt.

·      One way to fund Exceptional Financial Support was via capital receipts, as opposed to borrowing. However, the Council should refrain from disposing of valuable community assets just to fund EFS as directed by Central Government. This was expressly stated in the letter sent by Central Government which the Council published as part of the budget report. The assumption the Council had made was that the £10 million would be from capital receipts with the balance being from borrowing. At least £8 million of the capital receipts had already been received. With regard to the capital receipts, the cost to the Council was effectively the lost opportunity costs as the receipts could have been used to fund other  ...  view the full minutes text for item 8.

To provide the amended statement relating to the 2023/24 financial year for noting.

Vanesa Bateman to present.

Ms Vanessa Bateman, Deputy Head of Audit and Risk Management, introduced the report.

The meeting heard:

·      There was an improvement plan, but the plan for data was captured within the themes to which it related. There was an improvement plan for housing which included the data element, as did property and procurement.

·      On the Annual Governance Statement (AGS), there was a broader issue around information governance. Some of the differences in the update included a significant change to all matters relating to finance within the document. There had been a significant governance issue around finance. There was a small amount of change regarding new external auditors. Everywhere within the document where it talked about KPMG or CIPVA, this was all added content. In relation to the significant governance issues, the one relating to finance had been refreshed significantly. Each of the other five had involved work with senior leaders regarding where they were with their action plans. This was done as part of the AGS process in any case. The responsibility for facilitating the document was rotated.

·      The Council recently had a cyber related internal audit and it was the most positive assurance that had been received. The organisation had a firm grasp of the continuity arrangements and how it needed to respond to emergencies. The Committee had heard in the past of a limited assurance on business continuity plans, but this was about two years ago. It was now likely that the Council would be able to respond to any emergency. One challenge the Council had was that it had a vacancy for about two years for a Continuity Manager. The Council did now have a new manager, although a different manager had taken maternity leave.

·      Payment of the London Living Wage was part of the contracts in practice. The section which referred to it may need to be revised.

·      The only time that the Committee could not be informed in detail about instances relating to fraud was if an alleged fraud was going through the judiciary system, in which case, no comment would be made.

RESOLVED:

To note the amended 2023/24 AGS, attached at Appendix A of the report.

The Audit Committee is responsible for reviewing and approving the annual internal audit plan as part of its Terms of Reference.

Minesh Jani to present.

Mr Minesh Jani, Head of Audit and Risk Management, introduced the report

The meeting heard:

·      There was no overarching five-year report in terms of the audit plan. The audit plan was a one-year plan for next year. This was because it was hard to foresee the level of risks in future years for the program and the type of work needed to be done. However, due to the Council’s past circumstances, a long list of all the audits carried out – at least since 2016 - acted as a prompt to make sure that nothing was missed.

·      Having a five-year plan might be useful. However, some boroughs did not have a plan for the year and instead had a plan for three months only with indications of what they might look at and only deciding what they would do after they've looked at their risk register at the end of the three months. The trend for internal audit to maintain focus on the key areas of risk was pointing in the opposite direction. This meant not having a long plan and focus on risks as they arose and give assurances on risks as they arose.

·      The audit on case management within Children's Services was essentially the audit of the Liquid Logic case management system within Children's Services to make sure that it was being utilised in terms of capturing the totality of case load.

·      Auditors needed some boundaries around the audit so that it could scope the work. Audits did go beyond those boundaries and did have implications elsewhere. Attempts would be made so that when the Committee received a report, the scope of the audit along with implications in other services that was relevant.

·      Typically, when the auditors had completed their work, they would usually raise recommendations based on two aspects; either that the design of the process was not good enough or that a design was present, but was not being followed. In addition to this, a cultural consideration should be taken into account which could help look at root causes.

·      It was difficult to be sympathetic to the proposal of continuously waiting for a new system. The Council had to operate its services and functions and ideally a system could do everything that was required. However, if this was not forthcoming, then a resolution of some kind would need to be sought. Systems and functions needed to operate.

·      It would be useful to seek a short-term solution until a long-term solution could be found.

RESOLVED

To approve the updated Annual Internal Audit Strategy and Plan for 2025/26 (as at Appendix A of the report), the Internal Audit Charter (as at Appendix B of the report) and note the Internal Audit Protocol (as at Appendix C f the report) and the Assurance Risk Map (as at Appendix D of the report).

This report details the work undertaken by Internal Audit for the period 1 November 2024 to 31 January 2025 and focuses on progress on internal audit coverage relative to the approved internal audit plan, including the number of audit reports issued and finalised – work undertaken by the external provider (Forvis Mazars).

Minesh Jani to present.

Mr Minesh Jani, Head of Audit and Risk Management, introduced the report.

The meeting heard:

·      The service was responsible for making sure that they produced regular information and a request for updating a list of housing boards could be passed onto the service. Internal audit would not have that information on an ongoing basis but the service could be asked to create this and this could be reported back to the Committee.

·      The contract that the Council had for the delivery of audit was with a company called Mazars. The contract ran until to the end of the next financial year and was through the Croydon framework. Croydon Council went out a few years ago to allow all London boroughs potentially to buy off their framework for the delivery of audit. Haringey had accessed it to employ Mazars.

·      In relation to management of contract spend, a nil assurance tended to indicate a completely broken system, whereas a limited assurance indicated a system which was not working as well as it should do. In this specific area, the arrangements that should be in place was if there was any off-contract spend, that this was identified it and fix it so that it was minimised. There was a specific team that looked out for contract spends and reported back. The actions that should follow were not happening. Having identified the anomalies, actions needed to be taken. In relation to culture of compliance, it was often the case that people were found to not be following the rules. This was followed up to understand what it was that drove people to do what they did. Upon investigation, staff appeared to be trying to follow the rules, but the length of time it took for them to complete a task took too long and looked for a quicker way of doing something. A better process needed to be established.

·      In all of the internal audit reports, there had been quite a few of limited assurance where compliance was an issue. The data on compliance was being monitored and reported to services. For the last four or five months, this data was being reported to the corporate leadership team as part of the monthly reporting. This was not just on off-contract spend, it was also around Purchase Card compliance. For about four weeks, all new contracts now had to be signed off by an assistant director. The Council was about to put in place a regulation that no purchase orders would be approved without setting up a small spending panel. This had not necessarily been part of an outcome of the internal audit review. The new Procurement Board that had been established was about having a tight grip over buying and purchasing behaviour.

·      The manner in which the Council arranged its processes for billing clients led to the adult social care debt. One of the one of the key issues is that the Council did not have a variable direct debit so  ...  view the full minutes text for item 11.

This report details the work undertaken by the in-house resources in the Audit and Risk team and communicates a third quarter update on completion of the work plan for 2024/25.

Vanessa Bateman to present.

Ms Vanessa Bateman, Deputy Head of Audit & Risk Management, introduced the report.

The meeting heard:

·      In relation to the death list information, there was a section on the Council’s website that residents could use to inform the Council of a death to withdraw services that were no longer required. Other death lists came from other services like the Registrar which was shared across the Council. Within the National Fraud Initiative, there was a lot of matching data to death records. Deaths occurring abroad was more challenging to document.  The team had mechanisms to support Housing if there were suspicions, but these would be made apparent through a tenancy not being used or abandoned or through identifying unauthorised occupants and then investigating the issue. Council tax had different information from different places and this had not looped through to housing. There had been cases where Housing knew about a death, but direct payments did not. This had a vulnerability to fraud.

·      A query was raised regarding where an employee of a care provider contracted by the Council was being asked to pay money to the care provider. In response, the meeting heard that in certain circumstances the Council would investigate something like this, but it was more likely for other agencies to get involved and some joint work may be done.

·      The Commissioning team did quality audits on the Council’s providers, some of which involved examining employee files and HR files. This was how some assurances were sought around what staff were being paid. The Council had a duty to ensure that staff had the right to work and proper DBS checks. However, the team that did this was a small team.

·      Internal Audit had done a project to look at cases in council tax which had a probate rating. This meant that checking that the team that worked in council tax knew that the person had died and then looked at whether Housing were aware and had acted on it.

RESOLVED:

To note the activities of the team during quarter three of 2024/25.

The Audit Committee is responsible for providing assurance about the adequacy of the Council’s Risk Management Framework and Policy and monitoring the effectiveness of systems for the management of risk across the Council and compliance with them as part of its Terms of Reference.

MineshJani to present.

Mr Minesh Jani, Head of Audit & Risk Management, introduced the report.

The meeting heard:

·      When the Risk Register was presented to the Committee previously, the implementation date for the future actions was shown as the 31 March 2025. Now that the risk had been refreshed, management had reassessed the timeline and it now displayed the implementation date to be 31 December 2026. In October 2024, the service had indicated that they would complete the actions by 2025, but this had been now reassessed and it indicated they would complete them by 2026.

·      Although the risk wording had been updated with emphasis on lack of corporate change and the future risk increased from “8” to “12”, the Corporate Risk Register stated that future risk was listed at 20. This needed to be examined.

·      It was possible to use the risk table to inform where potential risks may lie, but through the work that the Committee had been doing and all the discussions it had, it was possible to discern where the risks actually were. There may be other risks not yet considered, but on the risk map, there were quite a few risks that needed to be managed. However, work would still be done to look at the systems and see if it was possible to populate it with ‘inherent risks’ (a risk profile without controls).

RESOLVED:

To note the Corporate Risk Register as at 31 January 2025, attached at Appendix A of the report.

The Audit Committee is responsible for Anti-fraud and Corruption arrangements as part of its Terms of Reference.   In October 2024 the Anti-fraud, Corruption and Bribery policy was approved.   At that time, this appendix had not been updated but the work is now complete and updated policy ready for approval.

Vanessa Bateman to present.

Ms Vanessa Bateman, Deputy Head of Audit & Risk Management, introduced the report.

RESOLVED:

To endorse the Money Laundering Policy.

This report provides an update on this specific request above but also a fuller update on progress with all internal audit recommendations relating to strategic procurement, progress with the implementation of the Procurement Modernisation Plan and current position with the implementation of the changes to ensure compliance with the Procurement Act 2023 which came effective on 24 February 2025.

Barry Phelps and Taryn Eves to present.

Ms Taryn Eves, Corporate Director of Finance Resources and Mr Barry Phelps, Chief Procurement Officer, introduced the report.

The meeting welcomed the report and heard:

·      All of the Procurement staff were now accredited practitioners in the Procurement Act. They had all gone through the central government college and taken the courses required to become accredited under the Procurement Act. Some members of the team were advanced practitioners. Ongoing training was in place for the Council which ran three times a week and would do so for the next few months. These included training sessions introducing staff to the Procurement Act, picking out the salient points that they needed to be aware of regarding their procurement, commissioning and contract management activity. Specific focus sessions were held and specific training was done for the care teams. As of next month, the Council would introduce a refresh contract management training so that the Council could rise to a better standard of contract management. It would understand what staff obligations were under the Procurement Act, but also introduce best practice which was aligned with central government. There would also be an ongoing program of training for the foreseeable future, but at a reduced scale.

·      As part of the modernisation program, a restructure within strategic procurement had been completed. This involved the introduction of a policy and sustainability workstream. A compliance officer had been appointed within Strategic Procurement who was looking at some of the areas previously picked up in audits around multiple contracts going to certain suppliers and different spending. All procurements above £25,000 was being centralised. Previously, the team only managed procurements above £160,000. The team that would be managing a significant amount of the expenditure would follow compliance. The Compliance Officer was monitoring compliance by the team as well as others. A regime that monitored the transparency requirements under the Procurement Act had already been established to ensure that procedures were being followed. A monthly meeting was held with officers and a structured set of data was provided on compliance information.

·      Data was being used to specify a targeted engagement with people where it was needed. The spending controls put in place as part of the emergency response to the financial position was not a long stain long-term sustainable solution. Compliance as part of business as usual should be a normal practice. The training and engagement would continue as long as it was needed. This was so that staff became aware of their roles and responsibilities and if there was still non-compliance, then the consequences needed to be considered. A second line of defence was there for compliance, whether it was the Procurement team or the Finance team. A range of enabling services needed to be the eyes and ears for each other. If there were areas of non-compliance, it would be useful to understand why this was the case.  Sometimes it was a training or communication need.

RESOLVED:

To note the information contained in the report.