The Committee received a report which set out the
work undertaken by the in-house Audit and Fraud teams, as well as
Mazars, for the quarter ending 31 December 2020. The report was
introduced by Minesh Jani, Head of Audit and Risk Management as set
out in the agenda pack at pages 39-51.
*Clerk’s note: 20:13 - The Chair had to leave
the meeting temporarily. The Vice-Chair chaired the meeting in his
absence. 20:18 - The Chair returned to
the meeting and resumed chairing.*
The following was raised in discussion of the
report:
- The Committee
noted concerns around the limited assurance assigned to the
management of cyber risks audit and raised concerns about the
importance of cyber security, emphasising the potential
consequences to the authority if its cyber security provisions were
not robust. In response, officers acknowledged the importance of
cyber risk and advised that the reason that there was no date for
the completion of the management actions raised in response to the
audit findings was that a composite action plan was being developed
by the service. Officers assured the Committee that this action
plan would be monitored by the relevant director and that the audit
service would be conducting a follow-up audit in
2021-22.
- In response
to a question around patching and whether the Council used a
physical server, rather than a cloud-based server, officers advised
that the issue in question was server based. Officers clarified
that the auditors had conducted testing on all of the IT
infrastructure and had identified some areas where the patching
needed to be updated/improved. The Chair requested that a report be
brought back to the next meeting which provided an update on IT
security and the management action taken to date to rectify the
issues raised. (Action: Minesh).
- The Committee
were advised that during Q3, 6 properties were recovered in
relation to tenancy fraud, which brought the YTD total up to 16. It
was noted that this was significantly behind the annual target and
that this was due to Covid impacting the service’s ability to
undertake site visits.
- In relation
to Right-to-Buy fraud, the service had prevented 15 properties
proceeding to sale in Q3 and 53 for the year. Officers advised that
the service was unlikely to reach its target of 80 for the
year.
- The Committee
was advised that the Council had successfully won a court case
earlier in the day around a tenant who was found to be illegally
subletting their property and it was estimated that they had made
around £19k from doing so. The Court awarded £21k in
fines plus costs and the Head of Audit and Risk Management assured
the Committee that the service would continue to prosecute similar
cases where there was evidence of fraud. The Chair requested that
members of the Committee be provided with a briefing on this court
case and that it was also promoted through the Council’s
communications channels. (Action: Minesh).
- In the YTD to
December there had been 43 referrals under NRPF.
- In relation
to the National Fraud
Initiative, officers advised that they had received a number of
‘matches’ and were working through these. A table would
be included in the next report which provided an update on work
done around the National Fraud Initiative. (Action:
Minesh).
- In relation
to a question around when audit reports issued in this quarter
would be coming to the Committee, officers advised that these
reports were due to be finished in this quarter. A summary of the
outcomes of the audit report would be included in the next
quarterly update coming to the Committee and the recommendations
raised in those reports would also be issued once
completed.
- The Chair
requested that once completed, all audit reports would be sent to
the relevant Cabinet Member, Chairs of relevant committees and the
Chair of OSC. The Head of Audit and Risk Management agreed to take
this forward. (Action: Minesh).
RESOLVED
That the Corporate Committee noted the activities of
the team during quarter three 2020/21.