Corporate Affairs and Audit Committee Minutes

Corporate Affairs and Audit Committee Minutes

Wednesday 26 September 2018
3:30 p.m.
Mandela Room, Town Hall, Middlesbrough

Attendance Details

Walkington, (Chair), Brady, C Hobson, Rathmell (As Substitute for Hubbard), Storey,
J A Walker (As Substitute for Walters)
Councillors C Rooney, D Rooney
Councillor N J Walker
M Brearley, J Bromiley, J Etherington, S Lightwing, E Scollay, J Shiel, P Stephens
Apologies for absence:
Councillor B A Hubbard, Councillor P Purvis, Councillor M Walters
Declarations of interest:

There were no Declarations of Interest at this point in the meeting.

Item Number Item/Resolution

The minutes of the meeting of the Corporate Affairs and Audit Committee held on 26 July 2018 were taken as read and approved as a correct record.


The Director of Adult Social Care and Health Integration gave a presentation which provided an overview of the cross cutting strategic risk in relation to key partners funding and the work being undertaken by the Council to manage this cross cutting risk.


The risk identified on the Risk Register was key health partners’ reduction in ability to fund statutory and preventative services. This could lead to an increase in costs of services to the Council and result in budget pressures, possible legal disputes, adverse reputational damage and ultimately result in adverse impacts on current and potential future users of the services.


The South Tees Clinical Commissioning Group, which was responsible for commissioning the vast majority of services in the area was in a potentially unsustainable position, having an overspend on its budget. The CCG had to produce a financial recovery plan which was acceptable to NHS England in order to remain continue to facilitate local services.


Middlesbrough Council currently received approximately £30 million income from the CCG, much of which funded health and social care for adults and children. To date, the CCG had indicated an intention to take £1.9 million out of continuing healthcare across south tees, £1 million from mental health services and £1 million from the Better Care Fund. Whilst it was acknowledged that the CCG had to make these financial responses, there was the risk that this would impact on Council Services including adult social care, children’s care, environment and commercial and public health.


The Director provided details of how the risk was being managed which included:

  • Joint Health and Wellbeing Board implemented.
  • Joint Commissioning Board implemented.
  • Regular meetings with Executive Director of Children’s Services and Director of Public Health to review ongoing pressures.
  • Monthly financial review of all public sector debt/outstanding funds.
  • Fortnightly meetings of Health and Wellbeing Board Executives.
  • The Director of Adult Social Care and Health Integration consistently raised the outstanding debt owed to Middlesbrough Council at relevant meetings.
  • Children’s Trust Board implemented.
  • Regular Cross Service meetings to assess impacts.

Plans for future mitigation measures had been identified and included:


  • Developing a Public Sector debt recovery process.
  • Implementation of the Public Service Reform Board.
  • Development of new local accountability and engagement in the new Clinical Commissioning Group arrangements.
  • Review of Change programme commissioning models for support.

The Director of Adult Social Care and Health Integration had a good working relationship with the CCG senior management, who were keen to reduce costs in a sustainable way without a detrimental effect on the public.


AGREED that the information provided was received and noted.


The External Auditor presented the updated Audit Results Report for the Year ended 31 March 2018 confirmed that an unmodified value for money conclusion would be issued for 2017/2018.


When the report was first presented to the Committee on 26 July 2018 the Auditor’s value for money procedures had not been fully concluded as new information had been received relating to other arrangements at the Council. Following a review of this information, the Auditor had identified three recommendations for the Council to implement as follows:


  • That the Council introduce a standard approach to due diligence that detailed the minimum due diligence procedures that the Council was expected to complete, as well as who was required to review and approve the due diligence procedures that have been completed and how these were communicated as part of the formal reporting process.


  • That the Council undertake an Internal Audit of the One Stop process in order to identify improvements in the controls and processes.


  • That an Action Plan was developed to address the cultural and relationship issues that existed in respect of Councillors and Senior Officers. It was suggested this could take the form of externally facilitated sessions with experts in conflict management, where the concerns of both parties could be discussed and resolutions identified.


In response to a query, the External Auditor agreed to provide a breakdown of costs for the additional work carried out in response to the new information received relating to other arrangements at the Council.

AGREED as follows:
1. The report was received and noted.
2. The External Auditor’s recommendations in relation to the value for money conclusion were approved and would be implemented.
3. A breakdown of costs for the additional work carried out in response to the new information received relating to other arrangements at the Council, would be provided to the Committee.


A report of the Strategic Director of Finance, Governance and Support was presented for Members to note and approve the Council’s response to the recommendations made by Ernst Young regarding the unqualified value for money judgement relating to 2017/2018 accounts.


The value for money judgement confirmed that the External Auditor had identified no significant governance or value for money issues in relation to 2017/2018 and had removed their qualified judgement from previous years.

The Strategic Director of Finance, Governance and Support paid tribute to Council Officers for their hard work to enable the qualification to be lifted.


The External Auditor had provided a number of recommendations to strengthen the Council’s governance which the Strategic Director agreed would be implemented fully, in as timely manner as possible.


In respect of the recommendation to improve Member/Officer relationships, the Strategic Director proposed to write to the Leaders of each Group and all Independent Members and suggest that the Local Government Association was invited to provide some form of mediation. The three Statutory Officers - the Chief Executive, the Section 151 Officer and the Monitoring Officer would take part in the mediation in the first instance.


AGREED that the report was received and noted.


A report of the Strategic Director of Finance, Governance and Support was presented for Members to approve a new protocol for raising concerns with auditors. A copy of the protocol was attached as Appendix One to the submitted report.


The protocol set out the approach both Council Members and members of the public should take when they wished to raise concerns regarding governance issues within the Council, by first raising those issues with the Statutory Officers responsible for the governance processes within the Council before raising them with either Internal or External Auditors.


The purpose of the protocol was to provide Auditors with a tool that allowed them to ascertain whether issues had been raised with statutory officers initially and therefore it was appropriate for them to become involved in the issue. It was clarified that the protocol was not aimed at preventing anyone wanting to raise concerns with the auditors, which they had a right to do. The protocol had been shared with both Internal and External Auditors.

Where concerns had been raised with Council Officers and not addressed, it was appropriate for them to be raised with the Auditors. However, it was highlighted that a response which did not meet the expectation of the person raising a concern did not constitute a failure to respond, or make a response false.


Approval of the protocol would enable issues to be resolved quickly and effectively and reduce the time the auditors had to spend considering issues which were then referred back to Council Officers.


AGREED that the Raising Concerns with Auditors Protocol was approved and adopted.


A report of the Strategic Director of Finance, Governance and Support was presented to update Members on the impact of fraud by summarising the main national fraud risks facing the public sector. The report also considered the potential impact of fraud on Middlesbrough Council and its residents, the existing counter fraud arrangements in place and further action that could be taken to safeguard the Council from fraud and loss. Details of the number and type of investigations undertaken by Tees Valley Audit and Assurance (TVAAS) on counter fraud activity since the previous report to Committee was also provided as well as the revised Anti-Fraud, Bribery and Corruption Policy.


The Council’s Anti-Fraud, Bribery and Corruption Policy had been in place a number of years and a revised and updated copy of the Policy was attached at Appendix 1A to the submitted report. Attached at Appendix 1B to the submitted report was the response to the Plan itself which set out how concerns could be raised and how they would be dealt with and responded to.


Attached at Appendix 2 to the submitted report was a copy of the Fraud and Loss Register which summarised the main fraud risks to Local Authorities in general and their impact on the Council. CIPFA’s Fraud and Corruption Tracker Report 2017 identified the main areas of fraud risk to local government as being related to procurement, disabled parking, council tax, adult social care payments and housing. Cyber crime posed an increasing risk as service delivery became more digital. TVAAS maintained a register of the main fraud risks to the Council which had contributed to the content of the annual Audit Plan for each year. There was no evidence to suggest that Middlesbrough Council’s exposure to these risks was any worse than other authorities.


An overview of the Council’s counter fraud framework was set out at paragraph 7 of the submitted report.


The National Fraud Initiative (NFI) was a data matching exercise which compared information held by and between approximately 1300 organisations which helped to identify potentially fraudulent claims, errors and overpayments. The latest data matching results for the Council from the 2016/2017 NFI initiative resulted in 112 reports which recommended 3,120 matches for investigation within a variety of service areas. All matches had been processed resulting in the identification of 11 errors and nil frauds.


During the financial year 2017/2018, the Whistleblowing and Special Investigations Log recorded a number of issues that had been raised with TVAAS during the year. Most concerns did not relate to suspected fraud or corruption but were highlighting alleged process or governance issues. There had been no contact via the whistleblowing hotline.


AGREED as follows:

1.  The information provided was received and noted.

2.  The updated Anti Fraud, Bribery and Corruption Policy was approved.


The Head of Performance and Partnerships gave a presentation to provide an update on the strategic risk around the new data protection reforms - the General Data Protection Regulation (GDPR). Without a detailed and documented approach to the GDPR the Council risked non-compliance, which could result in a breach and monetary penalty, risks to individual safety and significant reputational damage.


The Council’s current risk level was reducing due to the significant work carried out to date and remaining work being well progressed. The current risk level was scored at 15 and the ambition was to move to 10 or lower. This would be achieved when all mitigations were delivered and the risk managed down to acceptable levels. The maximum risk score was 35.


In order to ensure compliance with the GDPR principles, work had been carried out with senior managers across all Council services to document the required evidence. There had been significant investment in training, including Elearning and workshops, as well as business analysis, audits of data, document reviews and provision of advice.


The GDPR came into effect on 25 May 2018, two days after approval of the Data Protection Act 2018. In preparation for implementation, an internal audit had been carried out and all recommendations were addressed by the end of January 2018. A further internal audit review would be undertaken in 2018/2019.


In 2017, 48 information security incidents were reported, including 4 that were reported to the Information Commissioner’s Office (ICO). Breaches included data posted or emailed to the incorrect recipient, loss or theft of paperwork and verbal disclosures. To date in 2018/2019 there had been 38 similar incidents reported, including 9 that had been reported to the ICO. It was noted that breach reporting had increased due to stricter rules under GDPR but also due to better awareness and reporting.


A list of current and future mitigations was included in the report and it was highlighted that a Data Protection Assistant would be appointed in November 2018. It was also noted that the ICO expected a two year implementation plan from May 2018.


AGREED that the information provided was received and noted.


ORDERED that the press and public be excluded from the meeting for the following items on the grounds that, if present, there would be disclosure to them of exempt information as defined in Paragraphs 1 and 2 of Part 1 of Schedule 12A of the Local Government Act 1972 and that the public interest in maintaining the exemption outweighed the public interest in disclosing the information.


A report of the Executive Director of Children's Services was presented regarding vacancies for Local Authority appointed School Governors that had arisen as a result of resignations, the expiry of terms of office or the removal of Governors due to non-attendance and any vacancies deferred from previous meetings of the Corporate Affairs and Audit Committee. The nominations received for the vacancies were outlined in the submitted report.

It was noted that there were currently 3 vacancies out of a total of 19 Governorships for Local Authority representatives. There were no nominations for the vacancies at Newham Bridge Primary School, Beverley School and Holmwood School.

ORDERED that this item was DEFERRED pending receipt of further information in relation to the nominations.

Powered by E-GENDA from Associated Knowledge Systems Ltd