The Audit and Governance Committee of Waltham Forest Council was scheduled to meet on 15 July 2025 to discuss a range of reports related to the council's financial management, risk, and governance. These included the external audit plan, the draft statement of accounts, contract waivers, risk management, treasury management, anti-fraud measures, and data protection.

External Audit Plan 2024-25

The committee was expected to note the external audit plan for both the council and the pension fund. The audit plan, prepared by KPMG, outlined the planned audit approach and scope for the year ending 31 March 2025. It included a risk assessment, areas of audit focus, and a statement of audit fees. The council's audit timeframe began with risk assessments in April, with year-end fieldwork planned for August to October, and final procedures due to be completed by 27 February 2026. For the pension fund, fieldwork was already underway and due to complete by August 2025, with statutory reporting in late September 2025.

The plan identified significant audit risks including:

• Valuation of land and buildings, where the carrying amount of revalued Land & Buildings differs materially from the fair value. The report pack noted that the council has adopted a rolling revaluation model which sees all land and buildings revalued over a five-year cycle.
• Management override of controls, which professional standards require to be communicated as significant.
• Valuation of post retirement benefit obligations, where an inappropriate amount is estimated and recorded for the defined benefit obligation.
• Adoption of IFRS 16¹ Leases, where an inappropriate amount is estimated and recorded for lease liabilities and right of use assets.
• Accuracy and valuation of PFI liabilities, with risk of error related to the incorrect recording of liabilities arising from assets funded through the private finance initiative.

Draft Statement of Accounts 2024-25

The committee was scheduled to note the contents of the draft statement of accounts for 2024-25, which had been published on the council's website and were subject to a period of public inspection. The statement included the Comprehensive Income and Expenditure Statement (CIES), Movement in Reserves Statement (MiRS), Balance Sheet, and Cash Flow Statement.

Key highlights of the draft statement of accounts included:

• A CIES net expenditure of £280 million, compared to £427 million for 2023-24.
• Earmarked usable reserves closing at £70 million, down from £102 million.
• Recognition of Right of Use Assets of £65 million and Liabilities of £60 million due to the adoption of IFRS 16 Leases.
• Cash and cash equivalents of £60 million, compared to £30 million in the previous year.
• A pension carrying value of £208 million, which is a reduction of £138m from the £346m estimated for 2023-24.

Contract Waiver Monitoring Report - Calendar Year 2024

The committee was expected to note and consider the contract waivers approved between January and December 2024. The report provided an overview of the approved waivers to the council's Contract Procedure Rules (CPR), which are required when it is not practical or possible to procure contracts in accordance with the standard procedures.

A total of 83 waivers were approved, with a total value of £5.1 million. The waivers were primarily related to competition requirements and contract variations exceeding 50% of the original contract value. The justifications for the waivers included continuation of previous contracts, specialist skills or services, urgent requirements, and extensions to facilitate procurement.

Risk Management Update and Strategic Risk Register Quarter 1 2025/26

The committee was scheduled to note and consider the current Strategic Risk Register for Quarter 1 2025/26. The register is reviewed and signed off by the Senior Leadership Team and includes details of the risks presented, their causes and effects, and the controls in place to mitigate them.

New additions to the strategic risk register included:

• Adults Social Care failing to meet statutory duties and safeguard residents.
• Failure to achieve a 'Good' rating following a Care Quality Commission (CQC) assessment.
• Failure to deliver a balanced budget within Adults Social Care.
• Failure of the council and its partners to maintain a safe community environment.
• Failure of the council and its partners to ensure a cohesive and resilient community.

Annual Treasury Management Review 2024/25

The committee was expected to recommend to Full Council the approval of the Annual Treasury Management Review for 2024/25. The report detailed the treasury activities for the year, including capital activity, borrowing needs, prudential indicators, and investment performance.

Key points from the review included:

• Investment income for the year was £2.4 million, and interest payable was £19.9 million.
• The council's average investments for the year were £48.1 million, with an average rate of 5.0%.
• Debts outstanding as of 31 March 2025 were £537.7 million, with an average rate of 4.18%.
• The council executed new PWLB medium-term loans of £70 million and repaid two LOBO loans.

Corporate Anti-Fraud Team Progress Update Report

The committee was scheduled to note the progress of work conducted by the Corporate Anti-Fraud Team (CAFT) in Q1 of 2025-2026. The report provided an update on key fraud prevention and investigation outcomes.

Highlights from the report included:

• Two council employees receiving written warnings following a CAFT investigation.
• Recovery of 15 properties due to illegal subletting and fraudulent succession applications.
• Stopping one Right to Buy application proven to be fraudulent.
• Removal of 1,655 Single Persons Discount claims found to be fraudulent.
• Seizure or cancellation of 75 Blue Badges for misuse.
• Issuance of 48 civil financial penalties to private landlords for failing to meet minimum property standards.

Internal Audit Annual Report and Opinion 2024/25

The committee was expected to note and comment on the contents of the Internal Audit Annual Report and the Head of Internal Audit Opinion for 2024/25. The report provided an opinion on the council's overall internal control environment, risk management arrangements, and governance framework.

The Head of Internal Audit was able to provide reasonable assurance that the council had an adequate and effective framework of governance, risk management, and internal control in place. The report also included details of the work completed on the internal audit plan, changes made to the plan, and summaries of limited assurance reports.

Internal Audit Charter and Strategy Review

The committee was scheduled to approve the new Internal Audit Charter and Strategy, which were aligned with the new Global Internal Audit Standards. The charter and strategy set out the purpose, authority, and responsibilities of the internal audit function within the council.

Compliance with the Data Protection Act 2018 and the UK General Data Protection Regulations (GDPR)

The committee was expected to note a report setting out the authority's undertakings in accordance with the Data Protection Act 2018 and the UK General Data Protection Regulations (GDPR). The report also provided information on suspected data breach incidents reported in the 12-month period.

A total of 173 suspected data breach incidents were logged for investigation, with four incidents meeting reportable requirements to the ICO. The report also highlighted the council's ongoing efforts to develop and implement systems and processes to support data protection compliance.