MAIDSTONE BOROUGH COUNCIL
AUDIT, GOVERNANCE AND STANDARDS COMMITTEE
MINUTES OF THE MEETING HELD ON 19 NOVEMBER 2018
Councillor McLoughlin (Chairman) and
Councillors Bartlett, Cox, Daley, Harvey, Perry, Purle, Round and Webb
Ms Elizabeth Jackson, External Auditor,
It was noted that apologies for absence had been received from Councillors Coulling (Parish Representative) and Garland.
It was noted that Councillor Round was substituting for Councillor Garland.
The Chairman stated that, in his opinion, the Interim and Substantive Procurement and Contracts Structures should be taken as urgent items to inform the Committee’s consideration of the update report of the Head of Commissioning and Business Improvement on contract management (agenda item 14).
There were no Visiting Members.
There were no disclosures by Members or Officers.
There were no disclosures of lobbying.
RESOLVED: That the items on the agenda be taken in public as proposed.
RESOLVED: That the Minutes of the meeting held on 17 September 2018 be approved as a correct record and signed subject to the amendment of the first bullet point in Minute 43 (Budget Strategy – Risk Assessment Update) to read:
· In terms of local government funding the 2019/20 settlement could be more favourable than expected for Maidstone as the government had indicated that they were minded not to levy a negative revenue support grant.
There were no questions from members of the public.
The Committee considered its work programme and whether any changes were required. In response to a question by the Chairman, the Head of Audit Partnership advised the Committee that he would discuss with colleagues whether it would be useful to bring a report to the March meeting of the Committee on the risk management process.
RESOLVED: That the Committee work programme be noted.
Ms Estelle Culligan, Principal Solicitor (Corporate Governance/Contentious) presented her report setting out proposals to address the recommendations set out in the Investigatory Powers Commissioner’s Office Inspection Report. It was noted that:
· The Regulation of Investigatory Powers Act (RIPA) was enacted in 2000 to regulate the manner in which certain public bodies may conduct covert methods of surveillance. The Council very rarely used RIPA, and there had been no RIPA authorisations since 2012. Prior to that date, most authorisations were used to obtain evidence to support allegations of benefit fraud. Evidence gathering activities were now co-ordinated through the National Anti-Fraud Network. This meant that the number of RIPA authorisations across all local authorities was significantly reduced.
· The Council received regular inspections from the Investigatory Powers Commissioner’s Office. The most recent inspection was earlier this year and the Inspector’s Report was issued on 25 June 2018. It was the Inspector’s conclusion that despite the fact that the Council had not used its RIPA powers for some time, it had maintained a good level of preparedness which included maintaining a Central Record and a comprehensive draft policy document, albeit the Central Record still required amendment.
· The Inspector’s Report made three recommendations relating to the provision of refresher training (to include discussion of the use of covert human intelligence sources and the use of the internet and social media during investigations); updating the Central Record to ensure that it contains all of the matters highlighted at paragraph 8.1 of the Covert Surveillance and Property Interference Revised Code of Practice; and making changes to the policy document in line with paragraph 6.2 of the Report.
· It was proposed that the first recommendation should be discharged by the relevant Service departments with input from the Legal Team (possibly by commissioning a firm which specialises in RIPA training). To give effect to recommendation 2, the Council’s RIPA policy would be updated to remove reference to urgent authorisations which are no longer available to Councils and to include the date a request for RIPA approval was authorised by the Court or otherwise. Recommendation 3 would be dealt with as part of the RIPA training covering the use of social media and internet information during investigations. In addition, the social media guidance contained within the RIPA policy would be refreshed to make clear what staff were and were not permitted to do online. The updated policy would then be finalised and published.
In response to questions by Members, Ms Culligan explained that covert surveillance was when information was being recorded by certain public bodies particular to an individual, which they were not aware of, and which that body would then seek to rely on in Court.
1. The report be noted.
2. The proposals to address the recommendations set out in the Investigatory Powers Commissioner’s Office Inspection Report be approved.
Ms Anna Collier, Policy and Information Manager, presented her report setting out the progress of the delivery of the General Data Protection Regulation Action Plan which was first reported to the Committee in November 2017. Ms Collier explained that:
· The General Data Protection Regulation became law on 25 May 2018 as the Data Protection Act 2018. The legislation provided a framework within which personal information must be managed taking into consideration collection, processing, storage, retention period and deletion. It also set out requirements about how this would be communicated to those whose data was processed by the Council.
· Implementing the changes had meant an extensive review of service areas and processes across the Council, and the exercise had been extremely complex in terms of the volume and intricacies of the processes.
· Overall significant progress had been made to ensure compliance with the requirements of the legislation. Information lifecycle audits had been completed with all services reviewing all processes. Training, briefings and guidance had been provided for Officers and Members and the range of statutory documents that the Council was required to have in place including a Record of Processing Activity (ROPA) and Privacy Notices had been implemented.
· As might be expected with the introduction of significant legislative changes, there had been and continued to be challenges. For example, whilst the report stated that the volume of Subject Access Requests (SARs) had not increased as might be expected, the number of requests had now started to increase, and this would be monitored as they could be very resource intensive.
· The original Action Plan had been reviewed and revised. The key areas of focus over the next year included:
Revisiting services to ensure actions identified are being implemented;
Implementing a programme of ongoing monitoring of the ROPA and the Retention Schedule;
Ensuring systems are compliant particularly in relation to retention, deletion and security;
Updating the Information Asset Register; and
Implementing cultural changes to ensure that Data Protection Impact Assessments are being considered at the start of all projects; information sharing is being consistently logged; and information is deleted at the end of retention periods.
In response to questions by Members, Ms Collier explained that:
· Whilst the volume of Freedom of Information requests remained high, there had not necessarily been an increase across the board. In terms of SARs, the increase had been more in relation to front facing services where people might wish to challenge the actions of the Council, and also generally because people were exercising their right to make a request.
· Every effort was being made to implement the Action Plan with existing resources within the team plus some additional support because of the volume of work. It was not anticipated that it would be necessary to take on any additional staff permanently at the moment, but if SARs continued to increase in volume, additional administrative support might be needed.
· For consistency, a privacy notice would be put on the website for Members as Data Controllers in their own right to link to if they wished, and Members would be advised accordingly.
1. The progress of the delivery of the General Data Protection Regulation Action Plan and the challenges to date be noted.
2. The next steps and new Action Plan be noted.
Mrs Angela Woodhouse, Head of Policy, Communications and Governance, presented her report which provided a summary of the progress of the Annual Governance Statement Action Plan for 2018/19 which was approved by the Committee at its meeting held on 30 July 2018. Mrs Woodhouse explained that:
· A number of areas had been identified for action including developing a clear and consistent strategic narrative with an agreed vision and priorities; audit reviews with weak assurance; the Stress Survey and corporate risks.
· Progress had been made across all areas since July 2018 as follows:
Work on the development of a new Strategic Plan was continuing and the aim was to agree the new vision, priorities and outcomes at the December Council meeting.
Following the implementation of recommended actions, the audit reviews with weak assurance had now been rated as sound.
Updates on the corporate risks highlighted in the report had been reported to the Policy and Resources Committee in October 2018 and there had been no change to the risk ratings and plan controls in place.
A number of actions had been implemented in response to the Stress Survey, including the introduction of Mental Health First Aiders (Mental Health First Aider training would also be offered to Members).
In response to questions by Members, Mrs Woodhouse explained that:
· The vision, priorities and outcomes for the new Strategic Plan would be reported to the Policy and Resources Committee on 28 November 2018. It was identified during the development of the new vision that it should go beyond the five years of the Strategic Plan to ensure that it leads all policies and strategies of the Council and sets out where the Council wants to be in the future. As such it was proposed that the Strategic Plan should cover the period to 2045.
· Once the vision, priorities and outcomes were approved, the next steps would include the development of an action plan. It was anticipated that the action plan would cover a five year period. The full Strategic Plan document would be reported to Council in March 2019 alongside the Medium Term Financial Strategy.
· The Annual Governance Statement Action Plan for 2018/19 would be amended to reflect the fact that the new vision would lead to not just the Local Plan, but other important documents such as the Medium Term Financial Strategy coming forward.
RESOLVED: That the report be noted.
Mrs Georgia Hawkes, Head of Commissioning and Business Improvement, presented her report providing an update on the Council’s position with regard to contract management, including the key findings of a recent Internal Audit report. Mrs Hawkes explained that:
· Since her last report to the Committee in September 2017, progress had been made, but more work was required.
· With regard to the Council’s largest contracts, the news was good. Management of the Hazlitt Theatre and Park and Ride, which had both originally received a weak level of assurance in 2016/17, had been revisited and the level of assurance had improved to sound in each case because of improvements put in place in terms of the management of the contracts. There had been further improvements in the management of leisure and culture contracts under the current Contracts and Compliance Officer (Leisure and Culture). However, more work was required in relation to the corporate understanding and control of contracts and contract management and ensuring that all contracts across the Council are well managed.
· Some improvements had been made after the new procurement processes were put in place earlier in the year, but a recent Internal Audit of contract management controls across the organisation resulted in a weak level of assurance rating. To improve the situation, the whole of the Commissioning and Business Improvement portfolio had been restructured, including the creation of a Procurement and Contracts Manager with responsibility for ensuring good contract management across the organisation. Unfortunately, the newly appointed Procurement and Contracts Manager left the Council after only three weeks, and alternative temporary arrangements had been put in place.
· Details of the improvements planned to address the recommendations arising from the Internal Audit were set out in the report. Currently, there were insufficient corporate contract management resources in the organisation so, in the short term, temporary external expertise would be sought to help implement the improvements in a timely manner. In the longer term, the team structure would also be considered to ensure that there was sufficient staff resource devoted to ensuring good contract management practice across the Council going forward.
In response to questions by Members, the Officers explained that:
· There was no single underlying reason for the turnover of staff in the Procurement and Contracts Team. It was difficult to recruit as people could earn more elsewhere. Every effort would be made to ensure that there were sufficient staff resources. The situation was not unique to Maidstone.
· In terms of contract end dates, the Park and Ride Contract had been extended to May 2019; the Parking Enforcement contract had been re-let; and the CCTV Monitoring contract was still being carried out by Medway Council.
RESOLVED: That the update report on contract management and the proposed actions to improve contract management across the Council be noted.
Miss Ellie Dunnet, Head of Finance, introduced her report providing an overview of the governance arrangements in place for the Council’s property company, Maidstone Property Holdings Ltd. Miss Dunnet explained that:
· The report was intended to assist Members with their responsibilities in relation to corporate governance and risk management.
· An Internal Audit review of subsidiary company governance was undertaken last year, and identified a number of areas for improvement within the company’s governance structure and assurance mechanisms. The report set out how the Officers had responded to these recommendations.
· The report also made reference to a review of the current governance arrangements which was due to commence shortly in light of developments in the role of the property company, and it was recommended that a report on the outcomes of this exercise be brought back to a future meeting of the Committee.
In response to a question, Miss Dunnet confirmed that based on advice received, there was no obligation to register the name of the Company Secretary at Companies House.
1. The governance arrangements currently in place for Maidstone Property Holdings Ltd. be noted.
2. A report detailing the outcomes of the review to be undertaken of the current governance arrangements in place for the Company be submitted for consideration at a future meeting of the Committee.
Mr Rich Clarke, Head of Audit Partnership, introduced his report providing a summary of progress against the 2018/19 Internal Audit and Assurance Plan. Mr Clarke explained that:
· The report included a number of declarations he was required to make in accordance with audit standards, including confirmation that the Internal Audit Service had continued to act with appropriate levels of independence and free from undue influence from senior managers and others; details of risks taken by management that, in his judgement, might be unacceptable to the authority; and his satisfaction that the Internal Audit Service had sufficient resources to complete the rest of the audit plan and deliver a robust opinion.
· Reference was made in the report to the findings of individual pieces of audit work throughout the year, highlighting in particular the two audit reports with weak assurance ratings (Animal Welfare Control and Contract Management). A critical issue recommendation had been issued arising from the audit review of Animal Welfare and Control; specifically, the concern was that the Council was operating a statutory function through a third party without any sound legal basis. The Officers had acted swiftly in response to the recommendation and a meeting had been arranged with the provider to address the concerns.
· In general, the Internal Audit Service was satisfied with the progress being made by the Officers in implementing the recommendations arising from audit projects.
· The report detailed other audit service work carried out throughout the year to date, including an update on risk management, counter fraud, whistleblowing, the National Fraud Initiative and data matches, together with details of the operation of the service, information about the new audit software and an update on developments in the Internal Audit Team.
· In August, Russell Heppleston, the Deputy Head of Audit Partnership, had taken a six month secondment to the Head of Audit role for the existing partnership between Dartford and Sevenoaks Councils. There was satisfaction on both sides with the secondment so far, and consideration was being given to how the services might work together in future.
During Mr Clarke’s presentation, Members welcomed Frankie Smith to her first meeting of the Committee as acting Maidstone Borough Council Audit Manager.
Members congratulated Mr Clarke and his team for their hard work and dedication.
RESOLVED: That the progress against the 2018/19 Internal Audit and Assurance Plan be noted.
Mr John Owen, Finance Manager, introduced his report setting out the activities of the Treasury Management function for the first six months of the financial year 2018/19 in accordance with CIPFA’s Code of Practice on Treasury Management in Local Authorities. Mr Owen explained that:
· The key elements of the Treasury Management Strategy approved by the Council in March 2018 were to (a) utilise cash balances rather than loan debt to finance the capital programme due to low investment returns and reducing counterparty risk and (b) greater use of local authority investments which were deemed as high security lending. The Council had complied with both of these elements in the first six months.
· A full list of the Council’s investments as at 30 September 2018 was set out in Appendix A to the report. Total investments at that time were £27.395m.
· Investment income for the period was £93k against a budget of £50k. The difference was due to a number of issues including a reduction in the budget for investment income because it was assumed that investment rates would be lower for longer. However, the Bank of England had increased bank rate during the year which in turn increased investment rates. There had also been larger sums of money to invest due to slippage in the capital programme.
· The operational limit for external debt, shown as part of the Treasury Indicators, acted as a warning prior to reaching the authorised limit. The operational limit did not take into account temporary cash flow borrowing during the year and was breached for a short period between 25 and 29 May 2018 when the Council borrowed funds from other local authorities to cover its cash flow liabilities. However, it was acceptable to breach this limit for short periods.
1. The position of the Treasury Management Strategy as at 30 September 2018 be noted.
2. No amendments to the current procedures are necessary as a result of the review of activities in 2018/19.
The Chairman introduced Ms Elizabeth Jackson who had replaced Mr Darren Wells as the External Auditor’s Engagement Lead with the Council.
Ms Jackson then presented the report of the External Auditor on the progress to date against the 2018/19 audit plan. The report also provided a summary of emerging national issues and developments of relevance to the local government sector.
In response to a question by the Chairman, Mr Mark Green, the Director of Finance and Business Improvement, said that CIPFA had consulted on its plans to provide an authoritative measure of local authority financial resilience via a new index. This was one of a number of indices that could be used by local authorities, but, in the Officers’ view, it was a useful tool which should be looked at in the context of a district council. Once published, the Financial Resilience Index would be reported to the Committee for consideration.
RESOLVED: That the External Auditor’s progress report, attached as Appendix 1 to the report of the Head of Finance, be noted.
Mr Mark Green, the Director of Finance and Business Improvement, presented his report providing an update on the budget risks facing the Council. Mr Green explained that:
· There were two main issues to be noted. Firstly, as the end of the current four year local government funding settlement approached, there remained uncertainty about what this would mean in practice for the Council. Whilst the government had signalled an “end to austerity”, the focus for growth in public expenditure in the Chancellor’s November 2018 budget was on the NHS, Defence and Social Services. There would be a Spending Review in 2019 which would determine the overall resources devoted to local government. Allocation of resources between local authorities then depended on a Fair Funding Review which was currently being carried out by MHCLG. There were therefore a number of variables that could affect the Council’s financial position.
· Secondly, although there was now a Brexit deal on the table, the financial impact of a disorderly Brexit for the Council would be two-fold. In the short term the Council might face increased costs in delivering services. The Council would look to recoup these costs from central government, but at this stage there was no certainty that they would be underwritten. In addition, there might be adverse longer effects on the economy. If a disorderly Brexit led to a recession, the Council would be impacted in a number of ways including a fall in business rates income and increasing pressure on homelessness budgets.
RESOLVED: That the updated risk assessment of the Budget Strategy, attached as Appendix A to the report of the Director of Finance and Business Improvement, be noted.
6.30 p.m. to 7.45 p.m.