The Audit and Governance Committee of Reading Council is scheduled to meet on 25 September 2025 to discuss a range of topics, including an update from the external auditor, traffic regulation orders, information governance, internal audit progress, the committee's annual report, strategic risks, and treasury management. The meeting will cover the council's financial health, risk management, and governance processes.

Traffic Regulation Orders

The committee will receive an update on the implementation of the action plan to rectify irregularities relating to historic Traffic Regulation Orders (TROs). The report pack states that the committee will also consider whether to close the Restitution Scheme, which was set up to refund motorists who were incorrectly fined due to the irregularities.

The report pack notes that on 15 October 2024, a report was presented to the council about irregularities in relation to certain historic Traffic Regulation Orders (TROs). As part of that report, an Action Plan was agreed by the council. The Audit and Governance Committee has been delegated authority to receive reports about the implementation of that Action Plan and to monitor its effectiveness.

The report pack states that the Road Traffic Regulation Act 1984 (RTRA) sets out the legal basis for making TROs, giving local authorities the power to regulate or restrict traffic for various reasons, including:

• Avoiding danger to people or traffic
• Preventing damage to the road or nearby buildings
• Facilitating the passage of traffic
• Preventing unsuitable traffic from using the road
• Preserving the character of the road or area

The report pack also notes that the council has approximately 240 TROs that enforce various highway restrictions in the borough.

The report pack includes a table showing communications activity carried out to date highlighting residents' ability to make a claim.

The report pack states that the Executive Director of Economic Growth and Neighbourhood Services has discussed with the council leadership the remit and process for resident and Sub-Committee requests being presented to the Traffic Management Sub-Committee (TMSC). Officers are working on a new triage process which will be presented to TMSC.

The report pack also notes that a new 'Digital TRO' project has been initiated and is underway. This project seeks to implement a map-based TRO management system that will not only improve the availability, ease of reference and consistency of Highway TROs, but will provide a significant risk mitigation against future TRO inaccuracies. The starting point for this new system is expected to be the creation of three themed Boroughwide TROs, covering all waiting restrictions, moving traffic restrictions and speed limits respectively, with comprehensive overarching TRO Articles applying to each.

The report pack states that the Action Plan is now broadly complete, monitoring at TMSC and Audit and Governance has been effective, remaining actions can be overseen by Audit and Governance, and there is no prejudice to the rights of residents and motorist to claim historic PCNs, it is now proposed that the Restitution Scheme is closed.

External Auditor Update

A representative from KPMG, the council's external auditor, is scheduled to present a progress report on the audit of the 2024/25 Statement of Accounts. The report pack notes that the external audit process includes the approval of the annual Statement of Accounts results and the publication of accurate, transparent financial information which gives a true and fair view of Reading Borough Council's economic performance and financial stability.

The report pack includes a table showing detail of progress by area of the financial statements as at date of writing.

The report pack states that KPMG are required under the Audit Code of Practice to confirm whether they have identified any significant weaknesses in the council's arrangements for securing economy, efficiency and effectiveness in its use of resources. In discharging these responsibilities they include a statement within the opinion on the accounts to confirm whether they have identified any significant weaknesses. They also prepare a commentary on your arrangements that is included within our Auditor's Annual Report, which is required to be published on your website alongside your annual report and accounts.

The report pack notes that as reported in their risk assessment they noted two risks of a significant weakness in the council's arrangements to secure value for money. Their proposed response to this risk was communicated to you at the previous Committee and their finalised detailed response will be communicated at the next Committee in November.

Information Governance Quarterly Update

The committee will receive an update on the actions in progress to improve the council's policies, systems and processes around Information Governance. The report pack states that effective information governance is a key requirement for the council, which has duties to be both open and transparent while protecting confidential information.

The report pack notes that the council must comply with the Data Protection Act, the Freedom of Information Act, the Environmental Information Regulations and the Access to Information Act in relation to its records. Compliance is monitored by the Information Commissioner who has wide ranging powers including the ability to impose considerable financial penalties for breaches of the Data Protection Act.

The report pack includes tables showing Subject Access Requests (SAR) Backlog Data as at 15 September 2025.

The report pack also includes tables showing the total number of Freedom of Information requests (FOI) received by Directorate.

The report pack notes that the Information Governance Board meets monthly and reviews Cyber Security Incidents and possible breaches of the Data Protection Act which may need to be reported to the Information Commissioners Office (ICO). Where any subsequent actions are identified then these are monitored.

The report pack states that Cyber Security and Information Governance training is a mandatory requirement for RBC and BFfC staff. This is available to all staff and members through Learning Pool, the Council's e-learning package.

Internal Audit Quarterly Progress Report

The committee will receive a report providing an update on the key findings from the Internal Audit reports issued for the period 1 April to 30 June 2025 (Quarter 2). The report pack states that the primary objective of each audit is to arrive at an assurance opinion regarding the robustness of the internal controls within the financial or operational system under review. Where weaknesses are found, Internal Audit will propose solutions to improve controls, thus reducing opportunities for error or fraud.

The report pack notes that a total of two audit reviews were finalised in the period between July and September 2025, with 1 receiving a positive opinion and 1 receiving a negative opinion. Two grants were verified in this quarter.

The report pack states that an audit of IT disaster recovery identified that while the Council and BFfC had some strengths in IT disaster recovery and business continuity planning, such as coordinated invocation plans and recovery infrastructure, there were notable weaknesses, particularly within RBC. These included outdated service continuity plans, lack of a formal business impact assessment, insufficient testing documentation, and incomplete third-party recovery plans, with two major suppliers failing to submit theirs.

The report pack notes that a review of the Financial Assessment and Benefit's process found significant challenges in managing demand, maintaining data quality and ensuring timely processing of assessments. The current backlog and staffing constraints highlight the need for improved use of data and prioritisation of cases.

The report pack states that an audit into Fleet Management was initiated following whistleblowing concerns, prompting a series of enquiries and procedures to assess the validity of the issues raised. One concern involved the awarding of a vehicle repair contract and the presence of a technician from the selected provider on-site. It was confirmed that the provider became the sole option after another contractor withdrew late in the process due to fee disputes. The on-site technician was part of the agreed terms to ensure timely repairs.

The report pack notes that from a sample test, the expenditure against the Local Transport Grant was found to have been in accordance with the grant conditions. Spend had been made on key projects, including Reading West Station, South Reading Mass Rapid Transit, construction of the Green Park Station, bridge maintenance works, Reading Station subway and Invest to Save Energy street lighting.

The report pack states that the Bus Service Operators Grant (BSOG) forms part of the 'Bus Grant' it is used to support socially necessary services that are not otherwise commercially viable, namely Buzz 9, Buzz 18 and route 650. The grant was found to have been spent in accordance with the grant conditions.

The report pack includes a revised Internal Audit Plan 2025/2026.

Audit and Governance Committee Annual Report 2024/25

The committee will consider its annual report for the 2024/25 municipal year. The report pack states that the annual report reviews the committee's work over the last 12 months and has been produced by the Audit and Governance Committee, with input from committee members and key officers, including the Chief Auditor.

The report pack notes that Audit & Governance Committee members and key officers were asked to complete a questionnaire reviewing the committee over the last municipal year. Some of the key findings are:

• There was a high awareness among both councillors and officers of the committee's role and purpose.
• There was strong agreement that the committee adequately considered governance, internal control, and audit matters. However, officers indicated a decline in attention to risk management and financial reporting.
• Councillors reported improved escalation of issues, whilst officers observed a decline in the promptness and follow-up of actions.
• There was a marked improvement in councillors' awareness of training evaluations, with both groups perceiving that the committee had appropriate knowledge and skills.
• There was still a lack of clarity as to whether private meetings occurred with either internal or external audit.
• Both groups acknowledged the committee's value in improving governance and risk management.

The report pack states that generally, the Audit and Governance Committee complies with the 2022 CIPFA Position Statement, although it does not have any independent members on the committee and did not review the Annual Governance Statement during the year.

Strategic Risk Register 2025/26

The committee will receive the latest update on the Strategic Risk Register 2025/26. The report pack states that the Corporate Management Team (CMT) and Directorate Management Teams (DMT's) are required to continually review their existing risks, determine if they are still relevant and fit for purpose and determine whether there are new risks that need incorporating into the Risk Registers.

The report pack notes that the Strategic Risk Register provides a concise, focused, high-level overview of strategic risks that can be easily communicated to all staff, councilors, and stakeholders (e.g., Council's Insurers). It should always be supplemented by directorate, service and project risk registers.

The report pack states that the Strategic Risk Register was reviewed by the Corporate Management Team (CMT) on the 2nd September 2024 and consists of 12 risks the same as the previous report.

The report pack notes that there are now 8 red risk cards:

1. Risk of loss from cyber-attack.
2. Lack of local special educational needs and disabilities (SEND) placement provision to meet current and future levels of demand. Insufficient provision impacts on the Dedicated Schools Grant (DSG) High Needs Block (HNB) deficit.
3. Unable to deliver a balanced budget as a result of demand pressures and achieving income targets.
4. Failure to deliver zero carbon commitments (Climate mitigation)
5. Failure to adapt to the impacts of climate change (Climate adaptation)
6. Failure to safeguard vulnerable children.
7. Failure to mitigate risks or manage issues, associated with health & safety, appropriately.
8. Risk to adherence to Care Act Statutory duties as residents are waiting in Adult Social Care.

The report pack states that there are now 4 amber cards:

1. Failure to safeguard vulnerable adults.
2. Failure to retain and recruit staff.
3. Information Governance Failure to protect personal data.
4. Failure to fulfil our obligations under the PREVENT Duty[^2]

Treasury Management Review Quarter 1 2025/26

The committee will receive an update on the activity of the Treasury Management function. The report pack states that the Council adopted a Treasury Management Strategy and an Annual Investment Strategy for 2025/26 at its meeting on 25th February 2025.

The report pack notes that the Bank of England cut its base interest rate from 4.50% to 4.25% on 8th May 2025. This rate was maintained at the Monetary Policy Committee (MPC) meeting on 19th June 2025. Outside of this reporting period, bank rate was cut further to 4.00% on 7th August 2025. The next projected cut to bank rate of 0.25% is forecast to occur in February 2026.

The report pack states that the Council remains significantly under borrowed against its Capital Financing Requirement and is continuing to follow the approved borrowing strategy of deferring any potential long-term borrowing whilst interest rates remain at current levels and is instead utilising short or temporary borrowing from the local authority market as required. No long-term loans (those over one year in duration) have been taken out during the year to date.

The report pack notes that the Council is currently forecasting a positive variance of £0.262m on investment income for the year. Additionally, there is a forecast positive variance of £0.093m on interest payable. These variances were reported to Policy Committee on 17th September 2025 as part of the 2025/26 Quarter 1 Performance and Monitoring Report.

The report pack includes the Council's Borrowing and Investment portfolios as appendices.