When the continuous alarm sounds you must evacuate the building by the nearest available fire exit. Members and visitors should proceed to the visitors’ car park at the front of the building and await further instructions (during office hours staff should proceed to their usual assembly point; outside of office hours proceed to the visitors’ car park). Please do not re-enter the building unless instructed to do so.

In the event of a fire any person with a disability should be assisted in leaving the building.  

3.1             The evacuation procedure, as noted on the Agenda, was advised to those present.

To receive apologies for absence and advise of any substitutions. 

4.1             Apologies for absence were received from Councillors D W Gray, H C McLain, P D McLain, J P Mills and H S Munro.  There were no substitutes for the meeting. 

Pursuant to the adoption by the Council on 26 June 2012 of the Tewkesbury Borough Council Code of Conduct, effective from 1 July 2012, as set out in Minute No. CL.34, Members are invited to declare any interest they may have in the business set out on the Agenda to which the approved Code applies.

5.1             The Committee’s attention was drawn to the Tewkesbury Borough Code of Conduct which was adopted by the Council on 26 June 2012 and took effect from 1 July 2012. 

5.2             There were no declarations made on this occasion.

To approve the Minutes of the meetings held on 24 March and 17 May 2022.

6.1             The Minutes of the meetings held on 24 March and 17 May 2022, copies of which had been circulated, were approved as correct records and signed by the Chair. 

To consider the Audit and Governance Committee Work Programme.  

7.1             Attention was drawn to the Audit and Governance Committee Work Programme, circulated at Pages No. 14-21, which Members were asked to consider.

7.2             The Head of Corporate Services advised that, as the Internal Audit team was now operational, an Internal Audit Monitoring Report would be brought to the meeting on 28 September 2022. 

7.3             It was

RESOLVED          That the Audit and Governance Committee Work Programme be NOTED.

To consider the external auditor’s Audit Plan 2021/22.

8.1            Attention was drawn to the external auditor’s audit plan for the year ending 31 March 2022, circulated at Pages No. 22-46.  Members were asked to consider the information provided.

8.2            The representative from Grant Thornton advised that most things within the report would be familiar to Members.  It had been intended for the year end audit to be undertaken in July; however, due to issues with resourcing and a change in staff structure at Grant Thornton, this would now move to September.  He went on to advise that the significant risks identified were revenue fraud and expenditure fraud – both of which had been rebutted - management override of controls - this was a presumed risk every year – valuation of land and buildings assets and valuation of the pension fund net liability.  Page No. 39 of the report set out that two risks of significant weaknesses in the Council’s value for money arrangements had been identified; the first related to the Council’s arrangements for securing financial sustainability in the medium term.  Whilst the Council set a balanced budget in-year, there would be challenges going forward and, although it was recognised there was a lack of uncertainty with regard to financial settlements and funding, there was no updated Medium Term Financial Strategy covering the year 2026/27 as would normally be expected – this played into the risk of significant weakness.  The second risk related to pervasive and significant weaknesses in internal controls and the representative from Grant Thornton explained that, in 2020/21, the Internal Audit function had been redeployed to support other Council functions which had led to a limitation of scope resulting from non-completion of internal audit work and a lack of assurance over the operation of the Council’s internal controls.  The work of Internal Audit during 2021/22 would be reviewed to establish how the position had changed and how the “catch-up” on the intended programme of work for 2020/21 was progressing.  Page No. 40 of the report provided an overview of the external audit team and reflected that the year end audit would now take place during the autumn with the statutory deadline in November.  The audit fee for 2021/22 was set out at Page No. 41 of the report with the proposed fee being £62,565 and a breakdown of that figure was included at Page No. 42.

8.3            With regard to the audit fee breakdown, a Member questioned why £5,000 was included for remote working.  The representative from Grant Thornton advised that, over the last two years during the COVID pandemic, remote working had generally caused the audit to be slower and, in 2021, there were still audits outstanding from the prior year – CIPFA had reported around 9% of audits had been completed by the end of September 2021.  It was anticipated that the team would still be working remotely going forward and there would be an element of things taking longer than they had in previous years, so additional expenditure had been included upfront  ...  view the full minutes text for item 8.

To consider the external auditor’s report on informing the Audit and Governance risk assessment for Tewkesbury Borough Council 2021/22.

9.1            Attention was drawn to the external auditor’s report on Informing the Audit and Governance risk assessment for Tewkesbury Borough Council 2021/22.  Members were asked to consider the information provided.

9.2            The representative from Grant Thornton advised that the report included a series of questions and the responses received from Tewkesbury Borough Council’s management team which helped Grant Thornton, as external auditors, to understand more about the Council in terms of the financial risk assessment.  The general enquires were set out at Pages No. 52-54 of the report and included questions around the key events that would have a significant impact on the financial statements for 2021/22, the appropriateness of the accounting policies adopted by the Council, use of financial instruments and transactions outside the normal course of business as well as questions around the use of solicitors, service providers and advisors consulted through the year.  Members were informed that the Internal Standard on Auditing (ISO) 240 covered auditors’ responsibilities relating to fraud within financial statements and Grant Thornton was required to consider the arrangements in place with regard to fraud risk so a series of questions had been asked as set out at Pages No. 56-62 of the report.  It was noted there was always a presumption of fraud in terms of expenditure but this was usually rebutted for local government authorities and that was the case for Tewkesbury Borough Council this year supported by the responses from management.  Pages No. 63-65 of the report related to law and regulations and Pages No. 66-67 covered related parties.  In terms of matters related to going concern, set out at Pages No. 68-69, Members were advised that local authorities were assumed to be a going concern in the event of anticipated continuation of provision of services, unless there was clear evidence to the contrary.  Pages No. 70-73 related to the general enquiries of management in respect of accounting estimates with the estimates set out at Appendix A to the report.  The representative from Grant Thornton confirmed that nothing had been identified which was likely to cause an issue in terms of additional risks being identified.

9.3            A Member drew attention to Page No. 60 in relation to fraud risk and she asked whether staff were required to lock their computer screens when they left their desks.  The Head of Corporate Services confirmed that was the case.  In terms of Page 64, a Member noted that question four asked if there were any actual or potential litigation or claims that would affect the financial statements and the response stated that this would be disclosed in the financial statements – she felt this was inadequate and asked for clarification as to where the financial statements could be found and if anything had been identified in this regard.  The Head of Finance and Asset Management advised that the draft statement was on the Council’s website under Budget and Spending.  He stressed that the response in the report had been provided by the Council to  ...  view the full minutes text for item 9.

To consider the adequacy of the Council’s health and safety arrangements.  

10.1          The report of the Environmental Safety Officer, circulated at Pages No. 78-92, summarised the Council’s health and safety performance between 1 April 2021 and 31 March 2022 and the work proposed for the next year.  Members were asked to consider the adequacy of the Council’s health and safety arrangements.

10.2          The Head of Community Services advised that the report aimed to give reassurance that the Council was complying with its responsibilities under health and safety legislation.  The Council’s Health, Safety and Welfare Policy stated that elected Members had a responsibility for ensuring that the Chief Executive and Head of Community Services were adequately resourced and supported in achieving compliance with the requirements of the Health and Safety at Work Act 1974 so the report helped to assist Members to carry out this responsibility.  Progress against the action plan, and the actions planned for the coming year, was set out at Pages No. 87-92 of the report.

10.3          A Member noted there had been no accidents or incidents which required reporting under the Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013 (RIDDOR) and only one accident reported by Tewkesbury Borough Council staff during the period and he asked whether Ubico and Tewkesbury Leisure Centre were included.  The Head of Community Services explained that, whilst the Council did have a responsibility to monitor health and safety compliance of contractors, that was not covered within this report.  In terms of Ubico, he gave assurance that he met with senior management on a quarterly basis and an annual report was provided to the Overview and Scrutiny Committee which included health and safety information so he felt there were adequate arrangements in place for monitoring.  A Member raised concern that the Overview and Scrutiny Committee received this information but the Audit and Governance Committee did not and the Head of Community Services indicated that he could ask internal audit colleagues to discuss this with Ubico’s auditors to ensure they were all satisfied with the arrangements.  In response to a query regarding the Keep Safe Stay Healthy Group, Members were informed that the Group met quarterly, it was chaired by the Head of Community Services and was attended by representatives from all departments along with the Lead Member for Organisational Development.  A Member indicated that he could not recall receiving an induction which covered health and safety, fire, first aid etc. when he had been elected as a Borough Councillor and he asked whether all staff received them and how this was monitored.  The Head of Community Services confirmed that all new members of staff were required to undergo an induction and health and safety information was included within that.  The Corporate Director explained that new Members were subject to a full induction programme in relation to their function as Members and that included various training etc.; however, she was unsure whether health and safety aspects were covered within that.  She pointed out that Members were advised of the evacuation procedure at the  ...  view the full minutes text for item 10.

To consider the risks contained within the Corporate Risk Register and assurance that the risks are being effectively managed. 

11.1          The report of the Head of Finance and Asset Management, circulated at Pages No. 93-118, asked Members to consider the risks contained within the corporate risk register and assurance that the risks were being effectively managed.

11.2          The Head of Corporate Services advised that the corporate risk register was a strategic document which was brought to each Audit and Governance Committee.  The key updates since the last meeting were set out in the table at Page No. 95 of the report.  As previously discussed, it was proposed to remove Ref. 6 Emergency Planning as, although this remained a risk, the Council could demonstrate effective arrangements to manage it.  With regard to Ref. 9 Asset Management, Members were advised that funds had been redirected to asset management reserves to support need over the medium term – this was essential given the financial support required for the solar canopy project and the likely need for financial support towards the replacement of the heating system.  As had been reported to the Overview and Scrutiny Committee, the production of an updated Asset Management Strategy had been postponed until 2022/23.  In terms of Ref. 11 Brexit, it was proposed to remove this risk from the register as it remained largely outside of the Council’s control.  Any financial impact resulting from Brexit compounded by the COVID pandemic and the Ukrainian crisis would be picked up through the financial sustainability risk.  In relation to Ref 14. COVID-19 Recovery, the COVID-19 recovery plan actions had been transitioned back into the refreshed Council Plan which was due to be considered by Council on 26 July.  Whilst the majority of services were in recovery mode, this had been further impacted by the additional pressures of other activities such as the energy rebate scheme and support to the Ukrainian refugee scheme.  As set out at Page No. 96, Paragraph 3.2 of the report, recruitment and retention of staff had been highlighted as an emerging risk and would be scored and evaluated for inclusion in the corporate risk register going forward.

11.3           The Chair indicated that today marked the 15 year anniversary of the 2007 floods and, since that time, Tewkesbury Borough Council had become extremely proficient with regard to emergency planning and there was an effective command system in place so, whilst it was important to remain vigilant, he was satisfied this risk could be removed from the corporate risk register and he thanked Officers for all of their hard work to get to this point.  The Head of Community Services indicated that a huge amount of work went into emergency planning and it was a real team effort, not just within the Council, but with partners such as the Local Resilience Forum.  He agreed it was right to remove the risk at this stage given the amount of experience of dealing with such events albeit with the recognition that there was always a risk that something unexpected would occur in future.

11.4           A Member drew attention to Page No.  ...  view the full minutes text for item 11.

To consider the Internal Audit work undertaken and the assurance given on the adequacy of internal controls operating in the systems audited.  

12.1           The report of the Chief Audit Executive (Head of Corporate Services) provided an overview of the internal audit work completed during the period.  Members were asked to consider the work undertaken and the assurance given on the adequacy of the internal controls operating in the systems audited.

12.2          The Head of Corporate Services advised that the full details of the work undertaken in the period were attached at Appendix 1 to the report and showed that one limited opinion had been issued in relation to sundry debtor recovery.  Only two recommendations had required follow-up during the quarter – one around project management had been implemented and the other in relation to fraud risk registers was outstanding and would be picked up in the following Agenda item.  In terms of work in progress, as set out at Paragraph 2.2 of the report, audits were currently being undertaken in relation to car parks, test and trace grant declaration and Winchcombe Tourist Information Centre banking procedures and those would be brought to the next Audit and Governance Committee meeting in September.

12.3          In terms of the audit in relation to the contain outbreak management fund, there was a requirement in the grant conditions that the Chief Executive and the Chief Internal Auditor make a declaration that the grant conditions had been complied with.  Tewkesbury Borough Council had been awarded funding of £109,658 and it was necessary to check that had been spent in accordance with those conditions.  The audit had confirmed the conditions had been adhered to and the money had been used for the provision of Community Protection/COVID Protection Officers and a COVID Compliance Events Officer.  The sundry debtors audit related to the process whereby the Council raised invoices for goods or services commissioned and was split across various risk factors.  A recommendation had been made around the findings of the audit being incorporated into the review of the Council’s corporate retention schedule.  The audit had found that invoices were being raised correctly and allocated to the appropriate cost centre.  Of those tested, 80% had been raised promptly; for the remaining 20% the delay in raising the invoice ranged from three to 24 months. This was primarily due to resources being limited or having been reallocated as a result of COVID duties.  Adjustments to debtor accounts were found to have been made with sufficient justification; however, in terms of adjustments where the debt was attributed to a contractually agreed price being reduced e.g. rent reduction during COVID, the appropriate level of authorisation had not been evidenced to Finance prior to the adjustment taking place and a recommendation had been made accordingly.  A limited opinion had been issued in relation to debt recovery due to a disconnect between when action was taken by Finance and when it was passed to services.  Members were advised that £217,934 of the debt currently outstanding had been owed for longer than one year with the majority relating to trade waste and licensing so recommendations had been  ...  view the full minutes text for item 12.

To consider the annual update on the work of the Counter Fraud and Enforcement Unit. 

13.1          The report of the Counter Fraud and Enforcement Unit Head of Service, circulated at Pages No. 133-142, provided an annual update on the work of the Counter Fraud and Enforcement Unit.  Members were asked to consider the report.

13.2          The Counter Fraud and Enforcement Unit Head of Service advised that, since the last report to the Committee, the team had assisted with a successful prosecution relating to unauthorised works on a listed building.  In relation to the workstreams detailed at Appendix 1 to the report, a review of the Gifts and Hospitality Procedure had been completed and a revised online form, which focussed on intent, would be introduced and staff awareness raised.  The Counter Fraud and Enforcement Unit had also issued a vetting and recruitment risk report to HR for consideration to ensure they were undertaking the right checks on new staff etc. and the HR and OD Manager had confirmed there were robust practices in place.  The team had also been assisting with verification of the energy rebate payments – people who did not pay their Council Tax by direct debit had to apply for the money so it was important to carry out checks to ensure that the people applying were actually living in the properties etc.  Paragraph 3 of the report contained information regarding the annual update on the Regulation of Investigatory Powers Act 2000 (RIPA) and the Investigatory Powers Act 2016 (IPA) which related to surveillance and communications data.  Paragraph 3.3 of the report stated that the RIPA Surveillance and Covert Human Intelligence Source Policy had recently been updated to reflect minor changes in relation to undercover agents being able to commit crime whilst working undercover which did not apply to the authority.  The Counter Fraud and Enforcement Unit would be delivering refresher training to relevant enforcement staff on the new policies.

13.3          A Member drew attention to Page No. 135, Paragraph 2.1 of the report which stated that the Counter Fraud and Enforcement Unit had received 10 referrals and she asked whether those came from staff or members of the public.  In response, the Counter Fraud and Enforcement Unit Head of Service clarified that this related only to business grants and not the general work of the Counter Fraud and Enforcement Unit so the intel would have come from the staff processing the applications.  It was noted there was a separate referral regime for the Council Tax support scheme.  The Member congratulated the Counter Fraud and Enforcement Unit on the successful prosecution but expressed the view that the £613 costs awarded was a bit light.  The Counter Fraud and Enforcement Unit Head of Service confirmed that the Council had put in for full costs but, unfortunately, could not influence the decision of the Court in terms of what was awarded.  The Member went on to draw attention to the 2022/23 work programme, set out at Page No. 142 of the report, and asked why the review of the housing waiting list would only apply  ...  view the full minutes text for item 13.

To consider the Fraud Risk Strategy and associated work streams. 

14.1          The report of the Counter Fraud and Enforcement Unit Head of Service, circulated at Pages No. 143-173, attached, at Appendix 1, the new Fraud Risk Strategy which had been developed for implementation across the Counter Fraud Partnership.  Members were asked to consider the strategy and its associated workstreams.

14.2          The Counter Fraud and Enforcement Unit Head of Service advised that fraud was the most common crime in the UK and cost many billions of pounds to private companies, individuals and the public sector.  The Counter Fraud and Enforcement Unit had developed a Fraud Risk Strategy, attached at Appendix 1, which set out the definitions and motivations for fraud and the principles of risk management as well as outlining the high risk areas that local government was susceptible to; historically the focus had been on benefit fraud.  Annexed to the strategy, and attached to the report as Appendices 2 and 3, were the Fighting Fraud and Corruption Locally and the Government Functional Standard GovS 013 checklists which set out best practice recommendations – these would be completed by the Counter Fraud and Enforcement Unit in consultation with the Corporate Governance Group to inform areas for improvement or for inclusion on the work plan.  In addition, the Counter Fraud and Enforcement Unit would implement a series of service area reviews to identify specific fraud risks within each Council service area and a service specific risk register would then be developed which could be monitored.  This was quite a big piece of work and it was intended to focus on high risk service areas first i.e. procurement, revenues and benefits and housing.

14.3           A Member drew attention to the Government Functional Standard GovS 013 Checklist, attached at Appendix 3 to the report, which posed a series of questions and she asked if she was right to presume that the answer to these was ‘yes’.  The Counter Fraud and Enforcement Unit Head of Service confirmed that was correct and she explained that the answers would be specific to each authority – she was reluctant to publish them as this would give information on the methods being used to tackle fraud.  She confirmed that a checklist had been completed to give assurance to the Council and if any further action was needed it could be included on the work plan.  The Member drew attention to Page No. 167 of the report which referenced training and asked how many Councillors had attended cyber security training. The Head of Corporate Services indicated that a training session had been run via Teams and he believed around 12 Members had attended.  The Member indicated that when she had looked it appeared that only two Members had completed the training.  The Head of Corporate Services advised that a presentation had also been given to Transform Working Group which would have captured more Members.  It was intended to roll out an e-module on GDPR and cyber security following the Borough Council elections in May 2023 with the aim being 100%  ...  view the full minutes text for item 14.

To recommend to the Executive Committee that the Counter Fraud and Anti-Corruption Policy, attached at Appendix 1, be approved and to delegate authority to the Head of Finance and Asset Management, in consultation with the Counter Fraud and Enforcement Unit, One Legal and the Lead Member for Corporate Governance, to approve future minor amendments to the Policy.

15.1          The report of the Counter Fraud and Enforcement Unit Head of Service, circulated at Pages No. 174-192, attached, at Appendix 1, the Counter Fraud and Corruption Policy.  Members were asked recommend to the Executive Committee that the policy be approved and to delegate authority to the Head of Finance and Asset Management, in consultation with the Counter Fraud and Enforcement Unit, One Legal and the Lead Member for Corporate Governance, to approve future minor amendments to the policy.

15.2          The Counter Fraud and Enforcement Unit Head of Service advised that the policy at Appendix 1 to the report had been amended to ensure it reflected current legislation and aligned with the Council’s procedures.  The proposed changes were highlighted in red.

15.3          Accordingly, it was

RESOLVED           That it be RECOMMENDED TO THE EXECUTIVE COMMITTEE:

1.       That the Counter Fraud and Anti-Corruption Policy, as attached at Appendix 1 to the report, be APPROVED.

2.       That authority be delegated to the Head of Finance and Asset Management, in consultation with the Counter Fraud and Enforcement Unit, One Legal and the Lead Member for Corporate Governance, to approve future minor amendments to the policy.

To consider the limitation of scope regarding independent assurance from internal audit on the adequacy of the Council’s governance, risk management and control environment for 2021/22 and to note that the Internal Audit team is now operational and a meaningful audit opinion will be reached for 2022/23. 

16.1          Attention was drawn to the report of the Chief Audit Executive (Head of Corporate Services), circulated at Pages No. 193-213, in relation to internal audit 2021/22.  Members were asked to consider the limitation of scope regarding independent assurance from internal audit on the adequacy of the Council’s governance, risk management and control environment for 2021/22 and to note that the internal audit team was now operational and a meaningful audit opinion would be reached for 2022/23.

16.2          The Head of Corporate Services advised that a limitation of scope opinion for 2020/21 had been presented at Audit and Governance Committee on 21 July 2021 due to deployment of the Internal Audit team to the business cell to support the administration and payment of business grants - the same opinion was being issued for 2021/22.  As set out in the report, the Internal Audit team was now operational and a meaningful audit opinion would be reached for 2022/23.  Members were well-versed regarding the decision to use internal audit to support the business cell and this was set out at Page No. 196, Paragraph 3.2 of the report.  It was noted that, as a mitigating control, each Head of Service had produced a management assurance statement on the adequacy of the control environment within their service area and these would be brought to the Committee in September.  The Head of Corporate Services advised that the Internal Audit team was operational and undertaking audits and Page No. 197 Paragraph 4.2 of the report provided information on the team’s recovery.  It was noted that all outstanding internal audit recommendations had been reviewed and revised implementation dates had been agreed with relevant managers; an internal audit six month plan covering the period October 2022 to March 2023 would be brought to the September meeting of the Committee; quarterly meetings had commenced with the Chair of the Audit and Governance Committee and the Lead Member for Corporate Governance; a Quality Assurance and Improvement Programme had been approved for 2022/23; and there was a commitment from the Corporate Leadership Team to further invest in the team for the second half of the year with interviews about to take place for an audit apprentice.

16.3          The Chair thanked the Internal Audit team for the brilliant work that had been done in terms of re-training in order to help the community during the pandemic.  It was

RESOLVED           That the Internal Audit Annual Report 2021/22 be NOTED.

To approve the Audit and Governance Committee Annual Report 2021/22. 

17.1          The report of the Chief Audit Executive (Head of Corporate Services), circulated at Pages No. 200-213, attached, at Appendix 1, the Audit and Governance Committee Annual Report 2021/22.   Members were asked to approve the report.

17.2          Accordingly, it was

RESOLVED           That the Audit and Governance Committee Annual Report 2021/22 be APPROVED.