Agenda and minutes

Hybrid Meeting - Council Offices, Llangefni/Virtually via Zoom, Governance and Audit Committee - Tuesday, 7th February, 2023 2.00 pm

A number of council meetings are live-streamed.

All meetings are also uploaded after the event onto the our webcasting site.

Venue: Committee Room 1 - Council Offices/Virtually via Zoom

Contact: Ann Holmes 01248 752518 

Items
No. Item

The Chair welcomed everyone present to this meeting of the Governance and Audit Committee and he extended a particular welcome to Councillor Aled M. Jones as a new member of the Committee.

 

1.

Declaration of interest

To receive any declaration of interest by any Member or Officer in respect of any item of business.

Minutes:

No declaration of interest was received.

 

2.

Minutes of the Previous Meeting pdf icon PDF 255 KB

To present the minutes of the previous meeting of the Governance and Audit Committee held on 18 January, 2023.

Minutes:

The minutes of the previous meeting of the Governance and Audit Committee held on 18 January, 2023 were presented and were confirmed as correct subject to amending the reference to “30 November, 2021” in the paragraph following the first bullet point under item 3 to read “30 November, 2022.”

 

In response to a request by the Chair for an update on the accounts position, the Director of Function (Resources)/Section 151 Officer confirmed that the Authority’s accounts were formally signed off by Audit Wales on 31 January, 2023 and that there had been no material changes to the accounts nor the ISA 260 report.

 

3.

Annual Information Governance in Schools Report 2021/22 pdf icon PDF 630 KB

To present the report of the Director of Education, Skills and Young People.

Minutes:

The report of the Schools Data Protection Officer setting out the key information governance issues in schools for the period November, 2021 to January, 2023 along with current priorities was presented for the Committee’s consideration. The report provided the Schools Data Protection Officer’s statement and overview of Anglesey primary, secondary and special schools’ compliance with legal requirements in handling information during the period including compliance with the United Kingdom’s General Data Protection Regulations (UK GDPR), the Data Protection Act 2018 and relevant codes of practice.

 

The Schools Data Protection Officer in presenting her analysis of the position confirmed that since the last report was issued in November, 2021 significant progress had been made in ensuring that schools have the necessary policies and procedures in place to be compliant with requirements under data protection legislation. The day-to-day information management practices within the schools have continued to improve and schools now show that they understand their responsibilities and implications as the data controller and the legal expectations that come as a result. Most school staff have received data protection training in the past year which has supported schools in improving their practices, and twenty school governing bodies have also received a data protection presentation.  Schools have formally adopted the majority of policies and are in the process of adopting the final policies package which should ensure they are able to address the accountability requirements of GDPR. Whilst based on her assessment, the School’s Data Protection Officer is able to provide a Reasonable assurance opinion with regard to school compliance with data protection legislation and requirements, further work needs to be done as detailed within the report specifically in relation to managing the data protection risks arising from the use of different systems and reviewing arrangements with data processors including ensuring that agreements by providers meet requirements.

 

The Committee welcomed the report as comprehensive and informative, and the following issues were raised during the ensuing discussion –

 

·      That the inclusion of a glossary of acronyms/terms in future annual reports would be most helpful

·      The timescale for the completion of the further work identified and whether all the Island’s schools have now been assessed and are signed up to receive support and guidance via a Service Level Agreement.

 

The Schools Data Protection Officer confirmed that the 45 schools to which reference is made in the report covers all Anglesey primary and secondary schools along with Canolfan Addysg y Bont with the exception of Ysgol Caergeiliog Foundation School. She advised that the schedule contained in the Anglesey Schools Data Protection Development Strategy in Appendix B sets out the target completion dates for the activities outlined with the aim being that all the main elements will have been completed by the end of the current school year.

 

·      What the further work with schools entails in order to ensure they are fully compliant with data protection regulations and requirements.

 

The Schools Data Protection Officer advised that part of her role involves conducting an annual data protection audit  ...  view the full minutes text for item 3.

4.

Treasury Management Strategy Statement 2023/24 pdf icon PDF 907 KB

To present the report of the Director of Function (Resources)/Section 151 Officer.

Minutes:

The report of the Director of Function (Resources)/Section 151 Officer incorporating the Treasury Management Strategy Statement for 2023/24 was presented for the Committee’s consideration. The report was presented to ensure that the Council is implementing best practice in accordance with CIPFA’s Code of Practice on Treasury Management and included the Annual Investment Strategy, the annual MRP Policy Statement, the annual Treasury Management Policy Statement and the Treasury Management Scheme of Delegation.

 

The Treasury Management Strategy sets out the Council’s strategy and approach as regards borrowing and investment, the constraints on borrowing, determines a set of prudential indicators and determines the Council’s risk appetite and strategy in respect of investments. It covers the following two main areas –

 

·      Capital issues including the Council’s capital expenditure plans and prudential indicators along with the Minimum Revenue Policy Provision (MRP) Statement and,

·      Treasury management issues including the Council’s current treasury position, the prospects for interest rates, the Council’s Borrowing and Investment Strategies; the Policy on Borrowing in Advance of Need; Debt Re-scheduling, the Creditworthiness Policy and the arrangements for governance and control over treasury management processes, decisions and performance.

 

The report also included a commentary on the wider economic background and outlook and how these influence treasury management decisions.

 

In providing an overview of the report the Director of Function (Resources)/Section 151 Officer highlighted the following –

 

·      That any surplus cash which the Council has is currently invested in short-term deposit accounts, Call accounts and with other UK local authorities. The balance invested in these accounts was £46.2m as at 31 December, 2022. It is envisaged that this balance will reduce to around £38m and that an investment due to mature in February 2023 will not be reinvested but will instead return to the Council Fund to be used to support cash flow requirements and fund capital expenditure at the end of the financial year.

·      The Council’s capital expenditure plans and how these are to be financed (Table 3 of the report). The borrowing need for capital expenditure for 2023/24 is £26.118m.

·      The impact of the Council’s capital expenditure plans and the MRP charge on the level of external and internal borrowing as set out in Table 4 of the report.

·         A change to the Minimum Revenue Provision Policy. In 2018 the Council revised its MRP policy and adopted the Equal Instalment Asset Life method to calculate its MRP charge for both supported and unsupported borrowing. The revised policy from 1 April, 2022 adopts an annuity method following a similar method to a standard repayment mortgage where the combined repayment sum of principal repayment and interest remains constant and as a result, the amount of principal repaid in the early years is low and increases over time. Therefore, under the annuity method, the MRP charge is low in the initial years and increases over time. Although the actual sum charged remains the same with both methods, when the value of future charges is discounted back to current prices, the Annuity method provides a positive  ...  view the full minutes text for item 4.

5.

Review of the Governance and Audit Committee's Terms of Reference pdf icon PDF 412 KB

To present the report of the Head of Audit and Risk.

Minutes:

The report of the Head of Audit and Risk incorporating the Committee’s current terms of reference was presented for consideration. Good practice suggests that committees should periodically review their terms of reference for appropriateness. The Governance and Audit Committee last approved fully revised terms of reference in April, 2022 following changes made as a result of the Local Government and Elections (Wales) Act 2021.

 

The Head of Audit and Risk confirmed that although the Chartered Institute of Public Finance and Accountancy (CIPFA) issued updated sector-specific guidance in December 2022, it does not contain any changes that affect the Committee’s terms of reference therefore no changes are required.

 

It was resolved to approve the Committee’s existing terms of reference.

 

No further action required.

 

6.

Review of Forward Work Programme pdf icon PDF 262 KB

To present the report of the Head of Audit and Risk.

Minutes:

The report of the Head of Audit and Risk incorporating the Committee’s Forward Work Programme and Training Schedule was presented for the Committee’s consideration.

 

The Head of Audit and Risk advised that the review of the Risk Management Framework had been deferred to the Committee’s April, 2023 meeting pending the implementation of a new Version 2 of the Risk Management software.

 

It was resolved to accept the Forward Work Programme for 2022/23 with the change outlined as meeting the Committee’s responsibilities in accordance with its terms of reference.

 

No further action required.

 

7.

Internal Audit Update pdf icon PDF 538 KB

To present the report of the Head of Audit and Risk.

Minutes:

The report of the Head of Audit and Risk providing an update as at 31 January, 2023 on the audits completed since the previous update to the Committee as at 30 November, 2022 was presented for the Committee’s consideration. The report also set out the current workload of Internal Audit and its priorities for the short to medium term going forward. Members of the Committee were provided with copies of the four pieces of assurance work completed in the period in relation to the UK Community Renewal Fund (Grant Audit) (Reasonable Assurance); IT Vulnerability Management (First Follow-Up) (Reasonable Assurance), Council Tax Direct Debit Error (assurance opinion not applicable) and Galw Gofal (Partnership Governance Arrangements) (Limited Assurance) under separate cover.

 

The Head of Audit and Risk provided an overview of the report including a summary of the outcome of the work completed and the areas of work currently in progress as at the table at paragraph 23 of the report. She referred to the recruitment challenges which the Service was experiencing in seeking to fill two vacant posts at Senior Auditor level and she confirmed that the service is continuing to deliver the Annual Internal Audit Strategy for 2022/23 as approved by the Committee with priority being given to reviewing the red and amber residual risks not yet reviewed or not reviewed in the last two years. Three strategic risks remain to be reviewed before the end of the year.

 

In considering the report, the Committee discussed the following matters –

 

·      The audit of the Local Government Pension Scheme which had been prompted by concerns raised during the Teachers’ Pensions audit. Further assurance was sought that the issue of gaps in teachers’ pensionable service had been resolved and errors corrected.

 

The Head of Audit and Risk confirmed that Internal Audit had conducted an audit of Teachers’ Pensions last year which examined what had caused the problem with the administration of teachers’ pensions and whether the arrangements to accurately pay pension contributions and account for teachers’ pensionable service information to the Teachers Pensions Service are effective. The issues/risks raised by the audit were incorporated in an Action Plan the progress of which is due to be followed up by Internal Audit.

 

The Director of Function (Resources)/Section 151 Officer advised that the issue was not isolated to the Isle of Anglesey with widespread problems of inaccuracies/gaps in teachers’ service records having been reported. He explained the arrangement for submitting information to the Teachers’ Pension Service (TPS) which involved the preparation of two data files the one in relation to the monthly service record and the other in relation to employee and employer contributions. Although the TPS validates the information it receives, issues arose with the reporting of discrepancies which meant that errors were not actioned. An additional resource to deal with pension queries and records has since been obtained. The TPS is implementing a new data collection process whereby the information which the Council is required to submit is consolidated into one single  ...  view the full minutes text for item 7.

8.

Exclusion of the Press and Public pdf icon PDF 116 KB

To consider adopting the following:-

 

“Under Section 100(A)(4) of the Local Government Act 1972, to exclude the press and public from the meeting during the discussion on the following item on the grounds that it may involve the disclosure of exempt information as defined in Schedule 12A of the said Act and in the attached Public Interest Test”.

Minutes:

Consideration was given to excluding the press and public for the following item on the grounds that it may involve the disclosure of exempt information as defined in Schedule 12A of the Local Government Act 1972 and in the Public Interest Test as presented.

 

A query was raised on the necessity of excluding the Strategic Risk Register in its entirety from being discussed in open session on the basis that it was deemed there were elements of the Register which were of public interest.

 

The Head of Audit and Risk advised that the Strategic Risk Register contains information about the business affairs of the Council which could prejudice the Council commercially, financially and legally and it is therefore recommended that the matter be discussed privately.

 

While the explanation was accepted for this meeting it was subsequently agreed that the treatment of the Strategic Risk Register for future meetings in terms of whether it should be considered in open or private session or a combination of both be referred to the Chief Executive and Monitoring Officer for further guidance and clarity.

 

It was resolved under Section 100 (A) (4) of the Local Government Act 1972 to exclude the press and public from the meeting during the discussion on the following item on the grounds that it involved the disclosure of exempt information as defined in paragraphs 14 and 16 of Schedule 12A to the said Act and in the Public Interest Test presented.

 

Further action – Head of Audit and Risk to seek the advice of the Chief Executive and Monitoring Officer on the private and/or public status of the Strategic Risk Register.

 

9.

Strategic Risk Register

To present the report of the Head of Audit and Risk.

Minutes:

The report of the Head of Audit and Risk incorporating the Strategic Risk Register was presented for the Committee’s consideration. The report provided an update on the amendments to the Strategic Risk Register since it was last presented to the Committee in September, 2022.

 

The Insurance and Risk Manager reported that all but two of the thirteen risks currently on the strategic risk register are directly aligned to the Council’s corporate priorities. The two risks not directly linked to the corporate priorities - YM1 (funding related) and YM4 (cyber related) have been included because they are considered fundamental to the Council’s ability to deliver services that underpin the corporate priorities. With the exception of YM12 (corporate safeguarding) each of the risks have been reviewed at least once since the last report to this Committee; no new risks have been identified in that time. Since reporting to the Committee in September, 2022 the following changes have been made –

 

·                     Upon review in January, 2023, risk YM6 (Covid related) was closed on the basis that the pressures brought about by the Covid pandemic have now receded and are covered by risk YM7 (changes beyond the Council’s control). Therefore, Covid is still covered by the Strategic Risk Register but not as a risk in its own right.

·                     Following its review in October, 2022 the residual risk rating of risk YM1 (funding related) was uprated to reflect the uncertainty in the UK economy and financial markets at the time.

·                     Following its review in September, 2022, the risk description of risk YM5 (Schools’ Modernisation Project) was amended to more accurately reflect the current situation as there is no longer a schools’ modernisation project and it now refers to the suitability of the Island’s schools in terms of their being able to meet future educational challenges and maintain standards.

 

The Strategic Risk Register will be reviewed in its entirety once the Council adopts its new strategic priorities/Corporate Plan. It was confirmed that the new Council Plan is due to be presented for approval to Full Council in March, 2023.

 

It was resolved to note the amendments made to the Strategy Risk Register and to take assurance that the Leadership Team has recognised and is managing the risks to the achievement of the Council’s priorities.