The Audit and Risk Management Committee were scheduled to meet to discuss external audit progress, internal audit and fraud, the internal audit plan, the counter fraud and corruption framework, and risk management.

Counter Fraud and Corruption Framework

The committee were scheduled to consider a revised suite of counter fraud and corruption policies. These policies were due for review in November 2024, but the review was delayed to take into account Home Office guidance on the new offence of 'failure to prevent fraud'. This offence was introduced in the Economic Crime and Corporate Transparency Act 2023 and became law on 1 September 2025. The report pack stated that the Council could be prosecuted if an 'associated person' commits fraud which is intended to benefit the Council, and the Council did not have 'reasonable procedures' in place to prevent this. The policies included for consideration were:

• Counter Fraud and Corruption Strategy
• Whistleblowing Policy
• Anti-Bribery Policy
• Anti-Money Laundering Policy

The Counter Fraud and Corruption Strategy sets out the Council's commitment and approach to managing the risk of fraud and corruption. The aims of the strategy are to:

• ensure high ethical standards in the delivery of the Council's services
• encourage a strong counter fraud culture
• improve the Council's resilience to fraud and corruption through effective prevention and detection of fraud
• reinforce the Council's zero-tolerance attitude to fraud
• provide a framework for a robust fraud response, including the application of sanctions
• ensure that continual improvement is applied to lessons learnt from fraud
• explore opportunities for financial savings through enhanced detection and prevention
• protect the Council's resources.

The Whistleblowing Policy was updated in light of recent best practice and research from Protect, the Whistleblowing charity¹. The Anti-Bribery Policy and the Anti-Money Laundering Policy and Procedure were updated to provide clarity on procedures and expectations and to align with legislation, including the Procurement Act 2023.

Risk Management

The committee were scheduled to review the Corporate Risk Register and departmental risk registers. The Corporate Risk Register is owned by the Chief Officer Executive and the Corporate Leadership Team as a collective, and each risk has an accountable owner. The Corporate Risk Management Group meets three times per year to discuss cross-cutting risk areas.

Key changes to the Corporate Risk Register from the last review included:

• The removal of the high risk relating to Homes for Ukraine and other Refugee Programmes, as the Service considers that this is now managed as 'business as usual'.
• A reduction in the net risk score on the 'Health and Safety Fire and First Aid' from 15 (High) to 12 (Significant).

Internal Audit and Fraud Progress Report

The Audit and Risk Management Committee were scheduled to receive an update on internal audit and counter fraud activity and outcomes to date in the 2025/26 financial year. The Internal Audit and Counter Fraud Progress Report included a summary of progress against recommendations arising from internal audit work.

The report pack noted that since the last report to the committee, 41 recommendations had been raised, with the associated risk ratings broken down as follows:

• High Risk: 0
• Medium Risk: 28
• Low Risk: 13
• Total: 41

The report also provided an update on the Council's arrangements to comply with the Economic Crime and Corporate Transparency Act 2023. The Council's suite of Counter Fraud and Corruption Policies have all been updated to reflect the new legislation. The key gaps in the Council's arrangements were identified as provision of training / awareness and production of a fraud risk assessment.

In terms of proactive counter fraud work, the report pack stated that a proactive exercise was being undertaken, in conjunction with the Housing Service, to identify Temporary Accommodation properties that are not being occupied by the intended client. Two batches have so far been processed and completed, with 14 tenancies ended, leading to an in-year saving of £142,461.

The report pack also included summaries of completed audits, which are also available in Appendix A - Audit Summaries. These included:

• Personalised Education
• Learning and Development
• Equality, Diversity and Inclusion
• Deprivation of Liberty Safeguards
• Direct Payments
• 0-19 Public Health Nursing Service
• Food Safety
• Coroners Service
• Trading Standards
• Provision of Homelessness Reviews Service
• Adult Social Care Transformation and Improvement
• Dedicated Schools Grant (DSG) – Deficit Recovery Plan

The Appendix C - Recommendation Follow Up report listed all recommendations that were due to be followed up in this cycle.

Internal Audit Plan: November 2025 - March 2026

The committee were scheduled to approve the Internal Audit Plan November 2025 - March 2026. The objectives of the Plan are to:

• Provide assurance on a sufficiently broad range of risks to ensure that the Head of Audit can provide an overall opinion on systems of risk management, governance and control at the end of the financial year
• Align to the strategic objectives of the Council, providing assurance on the mitigation of risks to the delivery of these objectives
• Provide assurance on the mitigation of key corporate and departmental risks
• Meet the needs of stakeholders including Members, Chief Officers and senior managers
• Provide an appropriate balance of assurance and consultancy work

The draft plan included the following proposed audit areas:

• Council Tax
• Financial Management Code
• Payroll Deductions: Salary Sacrifice and Pensions
• Violence at Work
• Arboricultural Contracts
• Commercial Properties
• Planning System - Post Implementation Review
• Weight Management Service
• In House Foster Care
• Schools Rolling Programme
• Legal Expenditure
• Procurement

The committee were also asked to approve the deferral of the SEND Transport audit to the 2026/27 financial year.

2024/25 External Audit Progress Update

The Audit and Risk Management Committee were scheduled to receive an update on the external audit of the Pension Fund and main Council annual accounts for 2024/25.

The 2024/25 External Audit Progress Update report stated that Ernst & Young LLP (EY) commenced the audit of the accounts in early October 2025, which is currently expected to continue through to December, with the final results report being presented to the February meeting of this Committee prior to the statutory backstop date of 27th February.

The report pack noted that the Council's Draft Statement of Accounts for 2024/25 was published by the statutory deadline of 30th June 2025, with the Public Inspection period running from 1st July to 11th August. This is the first set of draft accounts to be published by the statutory deadline since the 2019/20 accounts.

Enc. 1 for 202425 EXTERNAL AUDIT PROGRESS UPDATE stated that the audit started on 6 October 2025 and that the Statement of Accounts which includes the Council and Pension Fund accounts was published by the statutory deadline of 30 June 2025.

The report stated that Ernst & Young experienced some challenges during the commencement of their audit with the quality of the working papers provided for audit. In particular, the quality of transaction listings for debtors, creditors, income and expenditure was poor. The report stated that the audit team had to perform a degree of manual work on the transaction listings prior to sampling and that they had still not been able to select samples in all areas at the date of the report.