The Powys County Council Governance and Audit Committee met on 10 September 2025, reviewing a range of topics including internal audit activity, risk management, and regulatory compliance. The committee received reports on the first quarter of the 2025/26 financial year, covering treasury management, safeguarding, and fraud prevention. They also discussed changes to the internal audit plan and received a presentation on global internal audit standards.

Strategic Risk Register Update

The committee reviewed the Q1 Strategic Risk Register, which identifies and assesses key risks to the council. As of the end of Q1 2025-2026, there were 12 non-confidential risks on the register. Appendix B of the Q1 Strategic Risk 10-09-2025 Pro Forma visually presented the results of the risk assessment process, highlighting eight residual risks in the top right quadrant, indicating a high level of potential impact and probability.

During the quarter, three risks had their probability or impact rating changed:

• ED0056: The impact of the risk relating to the council's ability to reduce the number of schools in a formal Estyn^1 category was increased from moderate to major, with the rating rising from 12 to 16, because additional schools have gone into Estyn statutory category and the local authority inspection has resulted in a judgement of significant concern.
• FIN0001: The impact of the risk relating to the council's ability to deliver a financially sustainable budget was reduced from severe to major, and the probability was reduced from possible to likely, with the rating decreasing from 20 to 16.
• ASC0064: The probability of the risk relating to the Welsh Community Care Information System (WCCIS) being unfit for purpose was reduced from likely to possible, with the rating decreasing from 20 to 15, because services are reporting a period of stability.

The committee was informed that Audit Wales had conducted an audit of the council's risk management processes in March 2025, and the report was expected to be published at the end of September.

Internal Audit Activity

The committee received the SWAP Internal Audit Activity Draft Report for Q1 2025, which provided an update on the progress of the internal audit plan. By the end of the first quarter, 20% of the audit plan had been completed, with an additional 12% of reports at the draft stage. SWAP is on track to deliver the annual internal audit plan.

The report highlighted two areas of significant concern:

• Catering and Cleaning Oversight
• Adults Commissioning

The council has implemented 94.2% of agreed actions that have become due over the past two years.

Internal Audit Report – Catering & Cleaning (Management & Oversight)

The committee reviewed the Internal Audit Report on Catering & Cleaning Management and Oversight. The audit's objective was to determine if the council and senior managers were informed about the service's performance.

The audit identified significant gaps, weaknesses, or instances of non-compliance, and improvement is required to the system of governance, risk management and control to effectively manage risks to the achievement of objectives in the area audited.

Key findings included:

• The service operated without a cohesive business plan.
• Financial oversight was inconsistent.
• Risk registers overlooked key health and safety concerns.
• Compliance audits remained paper-based, causing delays.

Internal Audit Report – Commissioning- Monitoring & Performance

The committee reviewed the Internal Audit Report on Commissioning- Monitoring & Performance. The audit's objective was to evaluate the current monitoring arrangements in place for commissioning practices, identifying strengths, weaknesses, and areas for improvement.

The audit identified significant gaps, weaknesses or non-compliance, and improvement is required to the system of governance, risk management and control to effectively manage risks to the achievement of objectives in the area audited.

Key findings included:

• The council's contract management framework lacked clear guidance on performance metrics, monitoring processes, and accountability.
• Monitoring methods varied across projects, making it difficult to compare performance and share resources.
• Contractor performance data was fragmented across individual teams, making it difficult for senior managers to gain a clear, timely overview.

Internal Audit Plan Change Management Protocol

The committee considered the SWAP Audit Plan Change Management Protocol 2025, which provides a structured approach for managing changes to the internal audit plan. All requests for changes must be submitted to the Assistant Director SWAP using the Change Request Form included as Appendix A to the Change of Mandate Plan Protocol proforma.

Global Internal Audit Standards Presentation

The committee received a presentation on the Global Internal Audit Standards from Rich Clarke, CEO of SWAP Internal Audit. The presentation covered the new standards landscape, what's different for audit committees, and a checklist for audit committees to ask chief audit executives.

Treasury Management Q1 Report

The committee received the Treasury Management Q1 Report, which provided information on the authority's treasury management activities for the quarter ending 30 June 2025.

Key points included:

• The authority's investment priorities are the security of capital, the liquidity of its investments, and the yield.
• Short-term money market investment rates have stabilised as Bank Rate remained unchanged in the last quarter.
• The 2025/26 Capital Programme was approved by Council on 20 February 2025 and has been updated following the reprofiling of projects and additional grants received from Welsh Government.
• All Treasury Management Prudential Indicators were complied with in the quarter ending 30 June 2025.
• The level of aged debt (over 30 days old) has increased by £1.60 million since the last quarter.
• The in-year collection rates at the end of June 2025 (Quarter 1) for Council tax was 26.69% and NNDR was 28.82%.

Corporate Safeguarding Board Activity Report

The committee received the Corporate Safeguarding Board Activity Report from the 12 June 2025 meeting.

Key discussion points:

• SWAP Auditors attended CSB to discuss the forthcoming audit on safeguarding of volunteers.
• A number of individuals agreed to review and propose amendments to the Corporate Safeguarding Policy, to be completed in September to meet the deadline of scheduled review by December 2025.
• Updates were provided on training, safeguarding reviews, and planning for National Safeguarding Week.
• The annual private fostering report was presented, noting no current private fostering arrangements registered in Powys, and highlighting cases related to the Ukraine settlement scheme.
• Updates were provided on the progress of the JICPA Action Plan, noting significant achievements and ongoing efforts in participation and multi-agency training.
• The discussion covered trends in elective home education, exclusion data, and upcoming consultations on safeguarding policies.
• The report provided outlined the safeguarding awareness training for staff and volunteers, compliance rates across various departments, and the ongoing efforts to enhance training participation.
• The report that was provided, showed data regarding the number of homeless presentations and the current accommodation status among care leavers and young persons at risk of sexual or financial exploitation.
• The report provides a performance briefing for Children's Services in April 2025, reflecting on past performance and outlining future goals.
• This report outlines the performance report for Adult Services in April 2025, highlighting key areas of service delivery and challenges faced by various teams.
• The SUSR monthly bulletin highlighted that there were 8 Child Practice notifications, 2 Adult Practice notifications, 3 Domestic Abuse Related notifications, and 1 notification that was both Adult Practice and Domestic Abuse Related within the region.
• The thematic review of Adult Practice Reviews (APRs) in Wales, covering incidents from 2016 to 2022, provided a detailed analysis of systemic safeguarding challenges, recurring issues, and examples of good practice.

Q1 Regulatory Tracker Update

The committee received the Q1 Regulatory Tracker Update. During Quarter 1, there were 41 recommendations from regulators listed on the Tracker, including both open recommendations and those closed during the quarter.

Eight new recommendations were received:

• Five recommendations were issued by Audit Wales relating to the Review of Scrutiny Arrangements and Arrangements for Commissioning Services.
• Two recommendations were issued by Care Inspectorate Wales relating to the Powys Fostering Inspection.
• One recommendation issued by the Information Commissioner relating to Case IC-372912-T6R7.

Seventeen recommendations were completed.