Agenda item

The Committee received a report which set out the work undertaken by the in-house Audit and Fraud teams, as well as Mazars, for the quarter ending 31 December 2020. The report was introduced by Minesh Jani, Head of Audit and Risk Management as set out in the agenda pack at pages 39-51.

*Clerk’s note: 20:13 - The Chair had to leave the meeting temporarily. The Vice-Chair chaired the meeting in his absence.  20:18 - The Chair returned to the meeting and resumed chairing.*

The following was raised in discussion of the report:

1. The Committee noted concerns around the limited assurance assigned to the management of cyber risks audit and raised concerns about the importance of cyber security, emphasising the potential consequences to the authority if its cyber security provisions were not robust. In response, officers acknowledged the importance of cyber risk and advised that the reason that there was no date for the completion of the management actions raised in response to the audit findings was that a composite action plan was being developed by the service. Officers assured the Committee that this action plan would be monitored by the relevant director and that the audit service would be conducting a follow-up audit in 2021-22.
2. In response to a question around patching and whether the Council used a physical server, rather than a cloud-based server, officers advised that the issue in question was server based. Officers clarified that the auditors had conducted testing on all of the IT infrastructure and had identified some areas where the patching needed to be updated/improved. The Chair requested that a report be brought back to the next meeting which provided an update on IT security and the management action taken to date to rectify the issues raised. (Action: Minesh).
3. The Committee were advised that during Q3, 6 properties were recovered in relation to tenancy fraud, which brought the YTD total up to 16. It was noted that this was significantly behind the annual target and that this was due to Covid impacting the service’s ability to undertake site visits.
4. In relation to Right-to-Buy fraud, the service had prevented 15 properties proceeding to sale in Q3 and 53 for the year. Officers advised that the service was unlikely to reach its target of 80 for the year.
5. The Committee was advised that the Council had successfully won a court case earlier in the day around a tenant who was found to be illegally subletting their property and it was estimated that they had made around £19k from doing so. The Court awarded £21k in fines plus costs and the Head of Audit and Risk Management assured the Committee that the service would continue to prosecute similar cases where there was evidence of fraud. The Chair requested that members of the Committee be provided with a briefing on this court case and that it was also promoted through the Council’s communications channels. (Action: Minesh).
6. In the YTD to December there had been 43 referrals under NRPF.
7. In relation to the National Fraud Initiative, officers advised that they had received a number of ‘matches’ and were working through these. A table would be included in the next report which provided an update on work done around the National Fraud Initiative. (Action: Minesh).
8. In relation to a question around when audit reports issued in this quarter would be coming to the Committee, officers advised that these reports were due to be finished in this quarter. A summary of the outcomes of the audit report would be included in the next quarterly update coming to the Committee and the recommendations raised in those reports would also be issued once completed.
9. The Chair requested that once completed, all audit reports would be sent to the relevant Cabinet Member, Chairs of relevant committees and the Chair of OSC. The Head of Audit and Risk Management agreed to take this forward. (Action: Minesh).

RESOLVED

That the Corporate Committee noted the activities of the team during quarter three 2020/21.