Agenda and draft minutes

Audit & Governance Committee - Thursday, 11th April, 2024 6.30 pm

Venue: Council Chamber, Town Hall, Katherine Street, Croydon, CR0 1NX

Contact: Hannah Cretney, Democratic Services  Email:

No. Item


Disclosure of Interests

Members are invited to declare any disclosable pecuniary interests (DPIs) they may have in relation to any item(s) of business on today’s agenda.


There were none.



Minutes of the Previous Meeting pdf icon PDF 137 KB

To approve the minutes of the meeting held on 14 March 2024 as an accurate record of the proceedings.


The minutes of the meeting held on 14 March 2024 were approved as an accurate record.


Urgent Business (if any)

To receive notice of any business not on the agenda which in the opinion of the Chair, by reason of special circumstances, be considered as a matter of urgency.


There were none.



Audit & Governance Committee Action Log pdf icon PDF 61 KB

To note the Audit & Governance Committee Action Log.


The Committee requested for longstanding actions to be reviewed, updated with a dated deadline or deleted.



Audit & Governance Committee 2024/25 Work Programme and Assurance Mapping Document pdf icon PDF 110 KB

To review the Audit & Governance Committee Work Programme for 2024-25  alongside the Committee Assurance Mapping Document.

Additional documents:


Democratic Services introduced the 2024/24 Committee work programme. It was advised that the Independent Chair would meet with the Chair of Scrutiny and Overview Committee to discuss the committee’s respective work programmes. It was noted that the work programme illustrated governance improvements which were a key part of the council’s exit strategy from the Improvement and Assurance Panel (IAP).


In response to questions officers confirmed the topics for risk ‘deep dives’ scheduled throughout the year would be sought by the Head of Insurance, Anti-Fraud & Risk when presenting Item 9. Corporate Risk Management Report.


The intention of the Committee to conduct a self-assessment of its effectiveness and impact was discussed. This would form part of the Committee Annual Report 2023/24 and had also been recommended by the External Auditors. Officers advised the assessment of effectiveness would require input from the Committee and that the annual report was the Committee’s own document. The availability of evaluation proformas were noted. The Committee’s development work throughout the year including the risk work with wider members and the committee’s assurance mapping workshop would be captured.


The Independent Chair and Head of Internal Audit agreed to discuss next steps regarding the Committee Annual Report during their one-to-one meeting.



Auditors Annual Report 2022/23

Grant Thornton have issued an Interim External Auditor’s Annual Report for the Council for 2022-23. The report is attached as Appendix A to this report and includes the Council’s response to the report’s recommendations.


The Audit and Governance Committee is recommended to:

1. Note the Interim External Auditor’s Annual Report from Grant Thornton.

2. Agree to monitor the implementation of the recommendations from the report.


Additional documents:


Allister Bannin, Deputy Section 151 Officer introduced the report to the Committee. It was advised the report focussed on Value for Money (VFM) and the council’s challenges regarding financial sustainability, namely the use of capitalisation directions to set its budget were reflected in the findings. There had been improvements in the council’s financial and governance arrangements during 2022/23 and 2023/24. The council’s responses to the External Auditor’s recommendations captured improvement work both in 2022/23 and 2023/24, however the financial sustainability of the council would remain an issue until a long-term solution was in place. 


Paul Dossett, Grant Thorton advised the report covered the arrangements in place in 2022/23. The red RAG rating in all areas appeared problematic however the direction of travel arrows indicated improvements were being made. The financial sustainability was the most difficult area to fix and presented a long-term challenge to the council, the governance improvements were furthest ahead, and Housing improvements were in progress. Within the report there were key and improvement recommendations set out in the action plan, along with the council’s responses and a follow up of previous recommendations.


It was noted there had not yet been any response from the Department for Levelling Up, Housing and Communities (DLUHC) following the consultation on plans to implement a backstop for all local authority accounts.


It was advised that the committee would receive an update on VFM in the external auditor’s annual report in November 2024.  


Councillor Jason Cummings, Cabinet Member for Finance advised the report illustrated the council was still on a journey of improvement and noted the importance of the detailed insight provided by the external auditor reporting. The Improvement and Assurance Panel (IAP) had advised that the council was nearly in a position of business as usual, apart from its unsustainable debt burden. Officers advised the external auditor’s reports ensured continued commitment to improvement and culture change within the council.


The Committee queried theChartered Institute of Public Finance and Accountancy (CIPFA) checklist recommended for use in the committee’s self-assessment. Grant Thornton advised the CIPFA checklist covered the expectations of an Audit Committee and sought to capture the effectiveness of the committee in eliciting change within the organisation.


It was noted that CIPFA’s guidance had informed the process of reconstituting the Audit and Governance Committee in 2022. The Committee’s self-assessment would include impact measurement, and this would be circulated to members for input.


The Committee asked whether it was possible for the council to save an additional £38 million each year instead of the continued use of capitalisation directions. Councillor Jason Cummings, Cabinet Member for Finance advised this was considered unsafe for the council’s services, a position supported by the IAP. Figures would be reassessed each year to ascertain the level of any request from central government and any future solution may include a combination of options such as further savings and debt restructure. It was noted that the governance of transformation programme presentation (due at the June 2024 meeting) would  ...  view the full minutes text for item 71/24


Anti Fraud Update Report 1 April 2023 - 31 March 2024 pdf icon PDF 119 KB

As part of the Audit & Governance Committee’s role of overseeing anti-fraud and corruption approaches Members are asked to note the activities of the Counter Fraud Shared Service for the year 2023/24.


For the reasons set out in the report and its appendices the Audit & Governance Committee are recommended:

To note the anti-fraud activity of the Counter Fraud Shared Service for the period 1 April 2023 to 31 March 2024.


Additional documents:


Malcolm Davies, Head of Insurance, Anti-Fraud and Risk introduced the report to the Committee. The council’s proactive preventative anti-fraud activities were highlighted, including vetting on housing successions and staff vetting via the Cifas scheme. The data analytic work undertaken as part of the Cabinet Office National Fraud Initiative had subsequently generated £485,000 of savings for the council. The successful use of real time data matching via Fraud Hub and the intention to utilise this further was noted.


Michael O’Reilly, Head of Counter Fraud Shared Service provided the Committee with an overview of the data and details of the work included within the report at Appendix A. It was advised that comparison data on progress, outcomes and performance would be available in the next end of year report.


The Committee noted the inclusion of benchmarking data and proactive prevention work as requested previously. Narrative around the cost benefit relationship and VFM in proactive Anti-Fraud activity was requested for future reporting.   


In response to questions officers advised property recoveries dipped at times, however there had been 3 more since the beginning of April 2024.


Officers advised publicity around successful recoveries and prosecutions could be a useful deterrent and would be considered with the Corporate Director for Housing.


The committee queried the data included in the report in respect of ‘fraud closures by outcome’ where there had been no further action in 24 instances. Officers advised this level of no further action was usual, with all allegations received taken on as cases there were often instances where no fraudulent activity was found.


In response to questions officers advised the council’s dedicated fraud prevention officer oversaw training across the council. There would be an emphasis on training around tenancy fraud for housing officers expected to be an annual requirement.


It was advised the Anti-Fraud Team received referrals directly from officers and fraud concerns could also be identified via Internal Audit or raised via the council’s Whistleblowing process.


The Committee RESOLVED to;  


To note the anti-fraud activity of the Counter Fraud Shared Service for the period 1 April 2023 to 31 March 2024. 



Corporate Risk Management pdf icon PDF 118 KB

As part of the Audit & Governance Committee’s role, the Committee’s terms of reference include monitoring the Council’s risk management arrangements and  providing independent assurance as to their adequacy.


For the reasons set out in the report and its appendices the Audit & Governance Committee are recommended:

To note the contents of the corporate risk register as at April 2024

Additional documents:


Malcolm Davies, Head of Insurance, Anti-Fraud and Risk introduced the report to the Committee and noted it would be receiving the Corporate Risk Register reporting on a quarterly basis going forward. The Corporate Risk Register was received and scrutinised monthly via the council’s Corporate Management Team (CMT) meetings. Future control measures and the articulation of risk improvement plans were areas of weakness within the register. Key risks highlighted in the report which had escalated to Red status since last reviewed by Members were noted.


It was requested for the Committee to consider which area of risk to call in for the Risk ‘Deep Dive’ item at the June meeting of the Committee.


The Committee suggested that any of the risks which had recently become red were prime examples for the risk deep dive call ins. Concerns were noted around the potential impact and need to move quickly to mitigate the potential impacts of Risk CDS0043: Public Switched Telephone Network switch off is happening in December 2025. The Committee requested understanding of the immediate plans around this issue.  


The ability for the Committee to call in officers with longstanding Red status risks as a separate tool from the deep dive requests was noted.


The Committee queried the improvements to leadership culture, integration and engagement with risk management within the council. Councillor Jason Cummings, Cabinet Member for Finance advised there had been a cultural shift where officers were not fearful to raise issues at the earliest stage. Potential risks were captured on the council’s period monitoring report and were therefore more visible for monitoring and early intervention.  


The council’s risk champions within directorates had boosted management risk engagement and corporate directors were now seeking assurances which illustrated a culture change. It was suggested the Committee could invite risk champions to a future committee meeting. Officers noted risks were also considered thematically via the council’s internal control boards.


The weaknesses in future control measures within the Corporate Risk Register particularly where future control dates were in the past were noted by Members. It was felt there was no clear understanding of the impact of controls on the risk status and any movement in risk status was not illustrated. Officers advised the need for articulation of how future risk ratings would be achieved via a risk management plan was discussed with risk owners.


The Committee queried the inconsistency in compliance cited within the report. It was advised that some officers engaged better than others and the Committee was encouraged to call in risk owners where Corporate Risk Register entries were felt to be insufficient. 


In response to questions, it was advised future controls were usually considered within a 12-month timeframe and the Committee should consider whether future control target dates were realistic to achieve the improvement. It was advised that the council’s management considered whether risks should be higher or lower in status and there was no desire to see risks reducing in status if this was not correct.


The Committee suggested the  ...  view the full minutes text for item 73/24


Oracle Improvement Programme Update pdf icon PDF 89 KB

The Audit and Governance Committee are referred to the Cabinet report at Appendix A.


A presentation will be given to update the committee on the Oracle Improvement Programme business case, slides attached at Appendix B.


For the reasons set out in the report Audit & Governance Committee is recommended to:

Receive the presentation and update.


Additional documents:


Alan Layton, Interim Head of Finance gave a presentation updating the Committee on the Oracle Improvement Programme Business Case as available within the agenda report pack at Appendix B.


In response to questions from the Committee, Officers advised an experienced Change Manager had been appointed and was conducting change impact assessments on all affected business processes and overseeing the strategy. Culture change and compliance would be supported via training and holding officers to account for non-compliance. The programme management was in house and supported by the Croydon Digital Service Team (CDS).


The Committee commented on the scale of the work to be undertaken and asked how the adoption of the systems was being understood by staff, what training and support was available and if the council had engaged with other local authorities to understand their practices. It was advised an external critical friend with experience of Oracle Implementation at other London Boroughs had supported the programme team and the council had engaged with other councils including through Lancashire County council’s workshop on Oracle guided learning. Lessons learned discussions with other local authorities had helped inform decisions around whether to adopt certain modules within Oracle. Engagement workshops with staff had been undertaken to identify issues at the beginning of the project and continued within each workstream. The improvements proposed had been well received by stakeholders and following the Cabinet approval in March, prioritisation of next steps was underway.


Councillor Jason Cummings, Cabinet Member for Finance commented on the data efficiencies Oracle could provide and the benefits of using an industry standard system for staff. The issues at Birmingham City Council due to its non-standard implementation of Oracle were noted.


Members noted their support for the ‘Adopt not adapt’ approach. It was queried how data migration risks would be mitigated and how current control systems would be ensured within Oracle. Officers advised Oracle was already in use as the primary data source for the council’s finances, where data was currently exported for activities, such as forecasting and reconciliations, these activities would now happen within Oracle. Testing resource had been included in the programme to ensure controls were correctly applied and the enhancements included additional audit and control functionality.


In response to questions its was advised the Finance and Procurement elements were working to an 18-month implementation with HR expected in 2 years. Modules would be added incrementally. Teams would be able to provide a demo workshop of the improvements to the Committee in Autumn 2024. Officers noted the finance improvements were part of the IAP Exit Strategy and the Committee would receive further updates via the Revenue and Capital Monitoring Improvements Reports.   


The Committee commended the business case work and noted the importance of user benefits. The need for current performance data to provide for benchmarking in reporting following implementation was highlighted. Officers advised the improvements in Procurement were closely aligned to the Procurement and Contract Management Improvement Plan which had included national benchmarking.   


In response to questions, Officers advised  ...  view the full minutes text for item 74/24