Agenda item

To receive the report, which asks the Committee to note the progress on delivery of internal audit, counter fraud and information governance work, and the plans for work to be completed.

The Audit Manager, Veritau presented the report which provided the Committee with an update on the delivery of the internal audit work plan for 2022-23, along with an update on the counter fraud and information governance work undertaken to date in 2022-23.  

Member’s attention was drawn to Annex 1 of the agenda pack which detailed the audit work finalised to date, and it was noted that five audit reports had been finalised since the last report to Committee in October 2022.  

In terms of the overdue high priority action Performance Management, the Committee were informed that since the prioritisation of Personal Development Reviews (PDRs) communications had been issued to all managers and staff, and completion rates had been monitored closely by the Leadership Team with the result that at the 9 January 2023, the completion rate for PDRs had risen to 92%.

Members acknowledged the improvement made in the completion rate of PDRs and queried the completion rate for the Information Governance (IG) training, the Chief Finance Officer confirmed that the completion rate for IG training stood at 92%.

The Counter Fraud Manager, Veritau presented the section of the report related to the Council’s counter fraud activity 2022-23, which provided an update on the reports of fraud and investigative activity to date, along with details of recent fraud awareness activities.

As had been highlighted at Committee in October 2022, Members were reminded that an e-learning package for employees had been produced for all the Councils involved in local government reorganisation in North Yorkshire (LGR), this had raised awareness of the increased risk, and focused on threats that may be experienced before and after the new Council was formed.  The package had been available for all staff on the Council’s e-learning portal from September 2022.

The Committee heard that the counter fraud team had delivered a number of fraud awareness campaigns for Council staff, the first campaign in October 2022 was timed during cybersecurity awareness month and focussed on mandate fraud.  This was followed by a general fraud awareness campaign for officers which took place during International Fraud Awareness Week in November 2022, and finally, a campaign to raise awareness of the council’s anti-bribery and anti-money laundering policies took place in December 2022.

Members were informed that data had been submitted from a number of the Council’s services to the newly formed Public Sector Fraud Authority for the National Fraud Initiative exercise for 2022-23; outputs from this national matching exercise would start to be released in February 2023.

In terms of investigative work, Members heard that a total of 88 referrals of suspected fraud had been received from Council staff and members of the public, with a number of cases still ongoing; as a result of this work the Council had achieved savings of £17.1k to date.

The officer highlighted that Covid grant investigations had begun to draw gradually to an end, with the focus now on the recovery of incorrectly obtained grants where debts were still outstanding and required re-paying to the authority. 

The Committee queried if the investigations into the suspected cases of fraud which were still ongoing would have been completed before Selby District Council ceased to exist in April 2023.  The Officer advised Members that some cases would have been concluded, however some investigations would still be ongoing and may require additional work to bring them to a conclusion, however this work would continue past vesting day and into the new North Yorkshire Council therefore there would be no break in the audit services provided. 

A Member queried what length of time in counter fraud man hours were needed for each investigation of suspected fraud, it was confirmed that there were a number of factors which made it very difficult to quantify as some cases were passed to other agencies, some referrals were not investigated, and some cases were not dealt with in consecutive working hours. 

The Information Governance Manager, Veritau drew the Committee’s attention to annex 3 of the report which provided an update on Information Governance matters, developments in the Council’s Information Governance arrangements and compliance with relevant legislation.

Members noted that due to LGR the Corporate Information Governance Group (CIGG) had agreed that no new actions would be included in the 2022-23 IG action plan and instead work would focus on the priority outstanding actions required to make the Council compliant with UK GDPR and the Data Protection Act 2018. Therefore, the key areas of focus were on completing the review of the Council’s Privacy Notices and Information Asset Register, and ensuring all staff completed the Data Protection training.

The Committee were advised that a review of the consistency of district council privacy notices had begun in November 2022 and that once this work had been completed the same process would apply to the Information Asset Registers, this was to ensure alignment across the North Yorkshire district ahead of vesting day on 31 March 2023.

In terms of training, the Committee heard that 92% of Council staff had completed the mandatory Information Governance training and it was highlighted that this was very close to the target as some staff were on maternity leave or long-term sick leave.  Training on Information Incident Management had also been delivered to sixty members of staff over three training sessions in November 2022, and it was noted that the LGR IG workstream were producing a short, recorded webinar of that training which would be available for staff to undertake.

RESOLVED:

To note the progress made on the delivery of internal audit, counter fraud and information governance work.