The Audit Committee of Tower Hamlets Council convened on Thursday, 12 March 2026, to review the external auditor's annual report and audit results for the 2024/25 financial year. The committee also discussed the progress of the action plan in response to external recommendations, the corporate risk register, and the internal audit plan and charter for 2026-27. Key decisions included noting the final audit reports and approving the updated Corporate Code of Governance.

Annual Report and Audit Results Reports

The Audit Committee received the final 2024/25 Auditor's Annual Report and Audit Results Reports from EY, the Council's external auditors. These reports highlighted significant challenges in rebuilding assurance over the Council's financial statements, leading to a disclaimed audit opinion for 2024/25. EY noted that while some improvements had been made, the Council's arrangements for statutory financial reporting, risk management, internal control, contract management, procurement, and the effectiveness of internal investigations remained areas of significant weakness. EY issued four statutory recommendations in February 2025 and a further one in December 2025, addressing these concerns.

The reports also detailed changes in assurance ratings for specific account areas. Short-Term Debtors moved from substantial to no assurance, the Collection Fund from substantial to partial, and the Comprehensive Income and Expenditure Statement from partial to no assurance. These shifts were attributed to issues with evidence, unresolved balances, and incomplete audit procedures. EY noted that the Council's progress in rebuilding assurance was behind the indicative timetable set by the NAO's Local Audit Reset and Recovery Implementation Guidance.

EY also highlighted concerns regarding the effectiveness of the Council's internal audit function and the Audit Committee itself. Recommendations included critically assessing the Head of Internal Audit's opinion, commissioning a further independent external review of the internal audit function, and implementing mandatory training for Audit Committee members. The report also stressed the need for the Audit Committee to report annually to Full Council and to strengthen its oversight of recommendations.

Progress Update on Action Plan Delivery in Response to External Recommendations

The committee received an update on the Mobilisation Action Plan, which addresses the ten significant weaknesses and four statutory recommendations identified by EY. The plan is structured around four workstreams: Financial Management & Accountability, Audit, Investigations & Assurance, Procurement & Contract Management, and BVI, Core Services & Capacity. Progress varied across these workstreams, with Financial Management & Accountability at 33% complete, Audit, Investigations & Assurance at 20%, Procurement & Contract Management at 84%, and BVI, Core Services & Capacity at 47%. A key risk identified was securing and sustaining sufficient delivery capacity, with £4.5 million allocated to support mobilisation and implementation.

Internal Audit and Anti-Fraud Progress Report

David Dobbs, Head of Internal Audit, Anti-Fraud and Risk, presented the progress update for 2025-26. The report indicated that 12 Reasonable Assurance opinions and 11 Limited Assurance opinions had been issued. The follow-up exercise on management actions showed implementation rates of 97% for 2023-24, 85% for 2024-25, and 62% for 2025-26. EY's feedback suggested that all recommendations, regardless of assurance level, should be followed up, and that changes to the Internal Audit Plan should be approved by the Audit Committee. Concerns were raised about potential non-compliance with laws and regulations in areas such as IR35 Off Payroll working and GDPR.

Risk Management – Corporate Risk Register & Deep Dive

The committee reviewed the updated Corporate Risk Register, noting that the number of corporate risks remained at 13, with one risk elevated and one relegated within the Housing & Regeneration Directorate. The report also detailed the introduction of the concept of risk appetite, with varying levels set for different risk categories. A significant new risk, HRHOH0002, was added concerning the rapidly increasing cost of temporary accommodation due to demand and market pressures, impacting financial, reputational, and legislative areas. The risk related to dangerous cladding on private sector tower blocks (HRPSRC0001) was relegated to Directorate level due to reduced likelihood.

A deep dive into the Children's Directorate's risk register was also presented. While the overall safeguarding risk (CSD0016) had reduced, concerns were raised about the realism of the target score and the completeness of the narrative. Discussions also touched upon the challenges of managing demand for SEND services amidst budget restraints and the potential impact of government reforms. Members requested a briefing on proposed SEND reforms and a quality assurance exercise on legal challenges related to ECHP plans.

Internal Audit Plan and Charter 2026-27

David Dobbs presented the proposed Internal Audit and Anti-Fraud Plan and Internal Audit Charter for 2026-27. The plan is risk-based and aligned with global internal audit standards. It acknowledges the need for flexibility to address evolving risks and the government's statutory intervention. The plan has been designed around estimated resources, including two new posts funded by a growth bid, which will enhance capacity for reactive work and follow-up actions. The updated Charter defines the purpose, mandate, authority, and responsibilities of the Internal Audit function, including safeguards for independence and objectivity.

Corporate Code of Governance Update

Jonathan Lloyd presented the updated Corporate Code of Governance for 2025/26, which improves upon the previous version by being more explicit about the CIPFA/SOLACE framework. The code has been reviewed annually to reflect changes in governance policies. The committee was invited to comment and approve the updated code for publication. Concerns were raised about the wording in the forward, particularly the phrase robust and well tested continuous improvement plan, which some felt might not be convincing to Whitehall given the ongoing statutory intervention.

Audit Committee Annual Report

David Dobbs presented the draft Annual Report for the Audit Committee for 2025-26. The report aims to demonstrate the committee's compliance with CIPFA position statements, its discharge of responsibilities, and to provide an assessment of its performance. The report noted that while the committee has a clear policy on meeting items and has utilised private sessions with auditors, the membership includes a Cabinet Member, raising concerns about independence. The report also highlighted the need for more consistent senior officer attendance at meetings and the lack of annual reporting to Full Council. EY's 2024-25 Value for Money Report identified significant weaknesses in the Audit Committee's arrangements, leading to an action plan that includes mandatory training for members, a review of committee membership, annual reporting to Full Council, and strengthened oversight of recommendations.

Progress Update on Action Plan Delivery in Response to External Recommendations

Ahsan Khan presented the progress update on the Mobilisation Action Plan, which addresses EY's statutory recommendations and significant weaknesses. The plan is structured around four workstreams: Financial Management & Accountability (33% complete), Audit, Investigations & Assurance (20% complete), Procurement & Contract Management (84% complete), and BVI, Core Services & Capacity (47% complete). The primary delivery risk identified is securing and sustaining sufficient capacity, with £4.5 million allocated to support mobilisation and implementation.

Treasury Management Strategy, MRP Policy Statement and Annual Investment Strategy 2026/27

Paul Audu presented the Treasury Management Strategy, Investment Strategy, and Capital Strategy reports. Concerns were raised about the lack of detail in the Capital Strategy regarding project funding and rationale, particularly given the proposed £1.2 billion expenditure over four years. The committee requested more information linking capital projects to the Treasury Management approach and details on risks and contingencies.

Treasury Management Mid-Year Review 2025/26

Paul Audu presented the mid-year review, noting that while global trade tensions easing was mentioned, the general trend was a decline in interest rates, with pressure on the Bank of England to cut rates. The committee discussed cash balances and the strategy for borrowing at the right time and rate.

Audit Committee Work Plan

The committee noted the work plan for 2025-26 and discussed potential future items.

Exclusion of Press and Public

The committee resolved to exclude the press and public for the remainder of the meeting to discuss exempt information.

The meeting concluded with the Audit Committee noting the final Auditor's Annual Report and Audit Results Reports for 2024/25, approving the updated Corporate Code of Governance, and noting the progress on the action plans. The committee also resolved to note the contents of the treasury management activities and performance, and the Council's investments. The Audit Committee work plan for 2025-26 was also noted.