Agenda item

This report updates the Committee on the Council’s plan for the audit of the Statement of Accounts for 2024/25, which includes the Collection Fund, Housing Revenue Account and Haringey Pensions Fund.

Mr Kaycee Ikegwu, Head of Finance (Housing & Chief Accountant), Mr Josh Parkinson and Mr Tim Cutler, KPMG, introduced the report.

The Committee heard:

·         In relation to materiality, the plan this time last year had used a similar percentage outlined in the report. A forecast expenditure was used at that point. KPMG used 2% last year and then when the actual expenditure came in at the end of the year, it was noted as being slightly higher than anticipated. The materiality had not been revised. It was kept at what it was initially, which then meant that the percentage came down. The other reason for the increase was that it was linked to expenditure which increased year on year, partly driving the change.

·         The principle of materiality was that the figure was a percentage of the overall expenditure in the account. It would change year on year pegging to that percentage. Although it looked unusual, it was based on forecast expenditure which was why it was a slightly different percentage of prior year final expenditure. However, the principle of how the materiality had been designed was the same. KPMG had aimed for 2% of the actual expenditure.

·         In relation to materiality, KPMG tended to take a very generic approach to the sector on the percentage of gross expenditure. Materiality was meant to look at the profile of the financial statements and the importance placed on the financial statements by external stakeholders. KPMG viewed the financial statements to have lower priority to the budgetary reporting of an authority. Unless there was listed debt highly leveraged loan covenants, auditing standards left KPMG with a range between 0.5% and 3%. At 2%, KPMG recognised some risk in the sector, but 0.5% to 1% was where one would expect FTSE 100 companies to be, where shareholders relied on the accuracy of the financial statements to a precise degree. There was nothing to be read into the figure other than the fact that the expenditure was growing.

·         KPMG would need to set a detailed plan to rebuild assurance and it was important to complete the risk assessment. It was not KPMG’s intention to go back and audit the three disclaimed periods from 2021 through to 2023 due to time constraints and resource capacity. A methodology had been agreed with the NAO and the FRC to attempt to restore assurance based on a series of more efficient procedures, largely to take a risk assessment and then to design specific procedures based on it. KPMG would have further conversations with officers on this and ask for relevant information from those disclaimer periods to allow KPMG to form an assessment of the risk of material misstatement from them. Upon completion, there may be a question around document retention or corporate knowledge, but until that level of inquiry had been completed, it was not possible to guarantee a rebuild of assurance. This was meant to be done over a series of years and it was not expected that a particularly a large complex authority with three years disclaimed like Haringey would be able to do this quickly.

·         Many local authorities had not had audits for minimum of three years or longer. Following a change in the auditors to KPMG, last year was the first year of KPMG coming back to local authority audits and to Haringey. It was important for the Council to meet expectations, but with a different expectation compared to BDO. The Council had worked with BDO over the years and understood how they wanted their papers prepared. At the end of last year's audit, the Council had a ‘lessons learned’ session with KPMG, where they itemised certain requirements. The Council then tried to make sure that working papers aligned to what they wanted to see. It would be inaccurate to suggest that the Council had fully met the expectations of KPMG. The audit was still ongoing, but the Council had made notes of some of the recommendations and had improved on the quality of the working papers.

·         In terms of the rebuttals of the revenue risk, KPMG was not saying that it would not do any work on them. KPMG was simply suggesting they were not significant risks likely to contain material misstatement. KPMG’s duty as external auditors was to make sure financial statements were free of material misstatement. Differing levels of work was done on every single number in the financial statement. Rather than bring the Committee a completely detailed analysis of what KPMG did on every balance, it would aim to alert the Committee on what was a significant risk. Some of the revenue streams highlighted in the report would be ones KPMG would still do a lot of sample testing on. Enough to give the Committee confidence that there was no material misstatement. There would be problems in process and control if there were any. With council tax and business rates, KPMG tended to something more akin to an analytical procedure. KPMG would interrogate systems to look at, say, the numbers of people paying, the average rate, multiply it by the number of properties in different bands to come up with a prediction for the revenue. Predictions were then compared to the amount the authority disclosed and then KPMG would follow up any differences.

·         In relation to statement of accounts, something that seemed to occur every year was the amount of money in terms of debt from occurring from benefit overpayments and parking penalties not being collected. This amount was substantial.

·         The Money for Value State Assessment would be submitted to the Committee possibly at the next meeting or earlier at an informal gathering as it would allow members ask questions before the meeting itself.

·         In relation to the point made on page 34 of the agenda papers which stated that the journal approval control did not meet the auditing standard threshold, the issue was around who approved journals. Currently if someone else raised a journal, someone else reviewed it before signing it off. A few of these did not make it clear who reviewed the journal. This was a journal deficiency that was raised on every local authority and others in the public sector. It largely related to the quality of the financial reporting system that would underpin journals. In order to have a control that KPMG could rely on, it generally had to be a system which enabled segregation of ‘duties control’. In order to rely on that, KPMG needed general IT control assurance which would be tested for access controls and other similar areas. As it was a significant risk, KPMG would not intend to raise it as a recommendation every year, but would have to let the Council acknowledge that the controlled efficiency was present. Plans for the future may include the replacement of a new general ledger system in which case the Council may wish to invest in a specification that supported that control. For auditors, if the control was properly in place, then KPMG would only have to test one journal. However, in the current situation KPMG would have to test the entire journal's population. This would not be something that was rectified until the new system was brought into place. It was important to get the data in a certain format to allow KPMG to do this.

·         Currently to ensure that journals were properly reviewed was that any individual raising a journal would not post it. Another person would review it and then another person would then post it. There were three layers of control currently.

·         In relation to a delay in obtaining detailed transactional breakdowns of debt to debtors and creditors, these comments were really in relation to last year's audit. At the time, KPMG had only started work with the Council and work needed to be done in order to determine what was needed and in what format. Therefore, the lead time was longer than it would likely be in the coming years. This was separate to the work KPMG would do on the prior year disclaimed periods and obtaining information that was needed in relation to that.

·         Management override of controls was a significant risk on every single audit. It was a default. It was not a sign that auditors suspected management of wrongdoing. It was a sign to maintain professional scepticism. In any audit, KPMG had to remain alert to the possibility that management could adjust financial statements. However, there was no indication of such an intention. However, if it was the case, the Committee would be alerted. The significant risks were purely there to look at the risk of material misstatement in the financial statements. They were not a commentary on wider governance and operational issues at the Council. That came through the value for money commentary. In this, it would be possible to comment on what was believed to be management's arrangements for running the Council appropriately and effectively. The reason valuation of land and buildings was at the top of the table outlined in the report was only because it was the biggest number in Council’s account. Management override was there because it was by default something KPMG had to keep an eye on, but there was nothing else to read into it other than the size and the complexity of the balances in the accounts.

·         The way KPMG discharged its work on management override was firstly to have a general awareness. This involved speaking to officers, reviewing minutes and look for any instances of bias. The main form of looking at it was to see how the Council addressed its accounts. In the absence of effective journals control, the entire journals population would be tested by applying high-risk criteria. The Council’s journal's transaction data would be taken via a large download, then screened by sophisticated analytical tools before applying high-risk criteria.

RESOLVED:

That the Committee notes the contents of this cover report, the draft audit plan and any further oral updates given at the meeting by our external auditors, KPMG LLP.