Agenda and minutes

The Chair welcomed Councillor Paul Ellis to his first meeting of the Governance and Audit Committee. He referred with regret to the death of Mrs Sharon Warnes in May, a valued lay member whose presence on the committee would be missed. He also acknowledged the resignation of Mr Michael Wilson, another lay member who had stepped down due to other commitments and he expressed thanks for his contribution during his time on the committee.

In response to a question regarding the resulting two lay member vacancies, the Director of Function (Resources)/Section 151 Officer confirmed that recruitment arrangements would be made.

To receive any apologies for absence.

Apologies for absence were presented and were noted.

To receive any declaration of interest by any Member or Officer in respect of any item of business.

Councillor Euryn Morris declared a personal interest only with regard to item 5 on the agenda on account of his being seconded to the North Wales Economic Ambition Board.

Councillor Keith Roberts declared a personal interest only with regard to item 6 on the agenda as a member of the Corporate Scrutiny Committee and Education Scrutiny Panel.

To present the minutes of the previous meetings of the Governance and Audit Committee held on the following dates –

·      8 May 2025

·      20 May 2025 (election of Chair/Deputy Chair)

The minutes of the previous meetings of the Governance and Audit Committee held on 8 May 2025 were presented and were confirmed as correct.

Arising thereon – the Director of Function (Resources)/Section 151 Officer confirmed that  initial draft policy guidance on the use of AI within the Council was submitted to the Leadership Team for comment on 17 June 2025. The policy will be subsequently revised and updated for further review by the Leadership Team.

To present the report of the Head of Audit and Risk.

The report of the Head of Audit and Risk incorporating the committee action log was presented for consideration. The report updated the Committee on the status and progress of the actions and decisions it had agreed upon.

The Head of Audit and Risk confirmed that the Quod Anglesey socio-economic analysis and impact report listed as item 10 on the action log and previously requested by the committee,  had been completed but not yet published. The Leadership Team is currently considering how best to communicate and share the report. She also confirmed that items 21, 22 and 24 on the action log have been completed.

It was resolved to note the actions detailed in the action log table and to confirm that the Committee is content that the actions have been implemented to its satisfaction.

To present the report of the Director of Function (Council Business)/ Monitoring Officer.

The report of the Director of Function (Council Business)/Monitoring Officer regarding the nomination of a lay member to the Governance and Audit Committee of the North Wales Corporate Joint-Committee (CJC) was presented for the Committee’s consideration.

The Director of Function (Council Business)/Monitoring Officer reported that the North Wales CJC’s constituent councils were asked if they wished to nominate a lay member to serve on its Governance and Audit Committee. If more than three nominations had been received  then the CJC had determined to appoint based on merit through a formal application process. However, only three of the constituent councils within the Corporate Joint Committee nominated lay members including the Governance and Audit Committee of the  Isle of Anglesey County Council which appointed the late Mrs Sharon Warnes. In light of the unexpected vacancy which has now arisen, the committee has been invited to consider nominating another lay member to the CJC’s Governance and Audit Committee. Invitations will only be extended to the other constituent councils if the Isle of Anglesey does not put forward a nomination.

It was resolved to nominate Mr William Parry to serve as a lay member of the Governance and Audit Committee of the North Wales Corporate Joint- Committee.

To present the report of the Director of Function (Council Business)/ Monitoring Officer.

The report of the Director of Function (Council Business)/Monitoring Officer incorporating the Annual Scrutiny and Overview report for 2024/25 was presented for the committee’s consideration.

The Head of Audit and Risk advised that the committee’s terms of reference requires it to review the governance and assurance arrangements relating to the Council’s significant partnerships and collaborations. To support this function, the annual report of the Partnership and Regeneration Scrutiny Committee is being presented to provide assurance that there is a dedicated body actively scrutinising and securing assurance for the governance of major partnerships and collaborations.

The Head of Democracy noted that the report had also been presented to the Full Council, providing an additional level of assurance. He highlighted specific parts of the report - page 5 which contains the Chair of the Partnership and Regeneration Scrutiny Committee’s foreword and a summary of the committee’s work during 2024/25, and page 15 which details existing arrangements for the scrutiny of partnerships. Over the past eighteen months, efforts have been made to resume the scrutiny of external partnerships which was disrupted by the pandemic. Examples of this work are provided in the report. Engagement with external partnerships is ongoing with plans in place to scrutinise the work of the North Wales Police and Crime Commissioner and the North Wales Police service at the committee’s next meeting.

The committee raised questions on the Scrutiny and Overview Annual report as follows -

• Whether there are arrangements in place to fill the co-opted member vacancies on the scrutiny committees, one of which has remained vacant for an extended period.
• Given Scrutiny’s heavy workload and full agendas whether it is able to examine issues in sufficient depth.

The Head of Democracy confirmed that an ongoing process to fill both parent governor vacancies has been successful. The newly appointed members will be confirmed at the committees’ meetings in September.

Regarding Scrutiny’s workload, the challenge lies in incorporating as many partnerships as possible within the available time, while balancing the contents of agendas to avoid overload and to ensure there is adequate time for meaningful questions and discussion. Although achieving this balance is not always possible, concerted efforts are being made to do so, with lessons drawn from experience. Additionally, measures have been taken to limit the number of partnerships at meetings. A single meeting each year has been designated to cover the Health Board, recognising it as a broad and significant area. This approach will continue to be monitored to maintain an appropriate balance.

It was resolved to note the report and to confirm that the Governance and Audit Committee takes assurance from the arrangements in place to scrutinise and oversee the Council’s significant partnerships and collaborations.

To present the report of the Chair of the Governance and Audit Committee.

The report of the Head of Audit and Risk incorporating the Annual Report of the Governance and Audit Committee for 2024/25 was presented for the committee’s endorsement. The report documented the committee’s activities during 2024/25 against its terms of reference.

The Chair proposed the report as a comprehensive account of how the committee has fulfilled its responsibilities in 2024/25.

It was resolved to endorse the Annual Report of the Governance and Audit Committee for 2024/25 prior to its submission to the meeting of the County Council on 25 September 2025, subject to amending the percentage of meetings attended figure for Councillor Trefor Lloyd Hughes, MBE.

To present the report of the Head of Audit and Risk.

The report of the Head of Audit and Risk incorporating the Annual Report of Internal Audit for 2024/25 was presented for the committee’s consideration.

The Head of Audit and Risk presented the report as one of the key reports of the year, providing her opinion on the adequacy and effectiveness of the Council’s framework of governance, risk management and controls during the year. She confirmed that in her opinion, for the twelve months ending 31 March 2025, the Council had an adequate and effective framework for these areas. While she did not consider any areas of significant corporate concern, some areas require the introduction or improvement of internal controls to ensure the achievement of objectives and these are the subject of monitoring. There were no qualifications to this opinion.

The Head of Audit and Risk noted that her assessment was based on the work completed in the year, primarily the review of the Council’s strategic risks. Internal Audit met its aim of reviewing 80% of red and amber strategic risks over a two year cycle by covering eight such risks in 2024/25 alongside twelve audits of other areas of the Council’s activities. Internal Audit achieved five of its six annual performance targets including strategic risk coverage. Internal Audit also conformed with the Public Sector Internal Audit Standards (PSIAS) except in the area of assurance mapping. As of 1 April, 2025, the PSIAS were replaced by the Global Internal Audit Standards in the UK Public Sector (GIAS) which will apply to local government organisations including the Council, from 2025/26 onwards.

The committee raised the following issues in relation to the Internal Audit Annual report –

·      The committee noted that in the Head of Audit and Risk’s opinion, the Council has an adequate and effective framework for risk management and internal control. However, it is also recognised that this framework has its limitations and that the ultimate responsibility for maintaining sound internal control lies with management. The system’s effectiveness is therefore dependent on individuals carrying out their responsibilities properly. As such, it was suggested that the organisation is only as strong as its weakest link. The committee asked whether the Head of Audit and Risk is confident that the framework is robust and responsive enough to identify the weakest link before a failure occurs.

The Head of Audit and Risk explained that her opinion was based on the internal audit work completed during the year which included coverage of 80% of the Council’s strategic risks. Subject to the identified improvement activity, which is currently being monitored, she confirmed that she was satisfied in providing reasonable assurance over the Council’s risk management, governance and internal control framework.

·      Reference was made to the recovery of Council Tax, Non Domestic Rates and Sundry debts which was revisited during the year and to Internal Audit’s work with the fraud initiative. It was noted that members were aware of reports of individuals avoiding the second homes premium by falsely claiming their second home as their primary residence.  ...  view the full minutes text for item 8.

To present the report of the Head of Audit and Risk.

The report of the Head of Audit and Risk incorporating the Internal Audit Charter was presented for the committee’s review and approval.

The Head of Audit and Risk reported that the implementation of the new Global Internal Audit Standards (GIAS) on 1 April 2025 necessitated a review of Internal Audit’s  documentation to ensure compliance. While the Isle of Anglesey County Council’s Charter was already broadly compliant with the requirements of the new framework, some revisions were necessary to make the requirements explicit which are summarised at paragraph 1.5 of the introductory report. The Head of Audit and Risk provided an overview of the main sections of the revised charter with emphasis on the safeguards to limit impairments of independence or objectivity at page 10. She advised that the committee must be satisfied that the objectivity of the Head of Audit and Risk is not impaired.

The committee noted that the Internal Audit’s staffing level had decreased to 2.8 FTE in 2024/25 compared to a target of 4.0 FTE in 2023/24, and although the service successfully met its objective of reviewing 80% of strategic risks, this was lower than the 82% achieved the previous year. The committee queried whether the current level of resources might be limiting the service’s capacity and potentially affecting the objectivity of audit work.

The Head of Audit and Risk clarified that while the number of FTEs has reduced, the associated budget has been retained and is being used to commission external subject matter experts. She reported that a value for money exercise had shown this arrangement to be an effective use of resources and she confirmed that she had sufficient resources to carry out the necessary work and provide the committee with an end of year audit opinion.

It was resolved to approve the revised Internal Audit Charter.

To present the report of the Head of Audit and Risk.

The report of the Head of Audit and Risk incorporating the Internal Audit Strategy and Plan for 2025/26 was presented for the committee’s consideration.

The Head of Audit and Risk reported that the Global Internal Audit Standards in the UK Public Sector (GIAS) require the Chief Audit Executive to establish a risk based strategy for determining the priorities of internal audit activity consistent with the Council’s objectives.

In line with the GIAS, Internal Audit has articulated its vision as outlined in paragraph 20 of the report which is directly aligned with the goals set out in the Council Plan. From this vision, the mission of Internal Audit is derived (paragraphs 21 to 24) supported by the three strategic objectives set out in section 25. She confirmed that strategic plan priorities for 2025/26 will continue to address the strategic risks, with a focus on inherent red and amber risks as referenced in Appendix B to the report. IT audit work will also continue, delivered through external commissioning with Salford Council’s IT auditors.

The Head of Audit and Risk highlighted Internal Audit’s performance measures for 2025/26, set out in the table on page 9 of the report. A total of 549 days are available to deliver the planned programme of work, including investigations and the provision of the annual audit assurance opinion.

The Head of Audit and Risk confirmed that in her opinion, there are no inappropriate scope or resources limitations that would affect delivery.

The following matters were discussed by the committee in considering the report –

·      The committee noted that one initiative under Strategic Objective 2 involves improving auditors’ digital literacy to ensure comfortable use of technology including Artificial Intelligence (AI), to improve risk assessment processes, enhance audit quality and improve reporting efficiencies. It was further noted that Internal Audit plans to monitor the implementation of AI as part of its 2025/26 IT audit work. The committee raised questions about a potential conflict of interest as Internal Audit could be examining AI practices before the Council has issued policy guidance on its use.

The Head of Audit and Risk clarified that the initiative applies to Internal Audit’s use of AI as a function to enhance its own operations, specifically using the opportunities that AI offers for research, scoping exercises and compiling working papers. AI is already being widely used in auditing to drive administrative efficiencies, and the Internal Audit team intends to explore its use further, in line with the Council’s policy once it is established.

In a follow-up question, the committee raised concerns about the accuracy and potential biases in AI generated information. Given the absence of formal guidance there were also questions around the ability of staff across the organisation to critically assess this information. The committee asked who is responsible for determining what constitutes acceptable use.

The Director of Function (Resources)/Section 151 Officer advised that when officers use AI to expand their knowledge and inform their judgement, the resulting conclusions remain their own. The key issue arises  ...  view the full minutes text for item 10.

To present the report of Audit Wales.

The report of Audit Wales detailing its audit plan for the 2024/25 audit year was presented for the committee’s consideration.

Rachel Freitag, Audit Wales Financial Audit Manager provided an overview of the proposed audit of the financial statements for 2024/25 including the materiality levels, significant financial audit risks and the planned response. The audit timetable and deliverables were outlined with the aim being to issue the auditors’ opinion and certify the accounts by the end of October 2025, one month earlier than the previous year as part of the ambition to restore the pre-pandemic audit schedule.

Carwyn Rees, Audit Wales Performance Audit Manager outlined the planned performance audit work which focuses on reviewing the Council’s arrangements for securing value for money and compliance with the sustainable development principle under the Well-being of Future Generations (Wales) Act 2015.

The basis of the audit fees covering both financial and performance audit work for 2024/25 was also explained.

The committee raised the following issues on the external audit plan –

·      The audit fee was considered high with suggestions that a more competitive rate could be achieved if the Council were permitted to go out to market. It was recommended that the  Director of Function (Resources)/Section 151 Officer and the Portfolio Member for Finance discuss the fee level with the auditors.

·      The committee questioned whether there is co-ordination between external and internal audit when developing their respective annual plans noting the potential for duplication in relation to IT coverage.

·      Queries were raised regarding the performance audit work around the Council’s compliance with the Well-Being of Future Generations Act. It was noted that the Future Generations Commissioner for Wales has expressed disappointment with the powers available to local authorities in Wales under the Act and has requested a review by Welsh Government. It was therefore suggested that this work may be premature and should be deferred until after the review.

·      Concern was also expressed regarding Welsh Government penalties for failing to meet  recycling targets. It was highlighted that councils having experienced many years of austerity should be able to retain all their resources, particularly if as in the Council’s  case, their recycling rates are near the target. It was suggested that portfolio members consider raising the matter with Welsh Government.

·      The committee noted that none of the assessments with regard to value for money include any measure of productivity.

The auditors responded as follows to the issues raised –

·      That there is an annual opportunity to comment on the audit fee and associated work. Audit Wales benchmarks its fees against counterparts in England where a lack of market capacity has delayed the audit of accounts and has resulted in significant fee increases. The Auditor General has previously commissioned work to private sector firms. Fee levels are overseen by a board  to provide the Auditor General with assurance that value for money is being achieved.

·      Confirmed that external audit has consulted with the Council’s IT department regarding planned work. Some elements of the financial audit such  ...  view the full minutes text for item 11.

To present the report of the Head of Audit and Risk.

The report of the Head of Audit and Risk incorporating the forward work programme for 2025/26 was presented for the committee’s consideration.

The Head of Audit and Risk confirmed one change to the work programme namely the addition to the July meeting of a report on the “Themes for the Panel Performance Assessment to Consider.”

It was resolved to confirm  the Forward Work Programme proposed for 2025/26 as meeting the committee’s responsibilities in accordance with its terms of reference.