Agenda item

Internal Audit Progress Report


That the report be accepted.


The Internal Audit Manager presented the update on progress of the Internal Audit department.  Amongst the reports issued since the last meeting, there was only one with red/limited assurance on Accounts Payable.


The Senior Auditor for the review, Rafaela Rice, advised that the audit focussed on business and system controls.  Whilst some areas were found to be well managed, she provided explanation on the key issues set out in the report.  The controls which had been introduced significantly reduced the risk of future potential duplicate payments and actions completed to date had been validated by Internal Audit.


In acknowledging the seriousness of a red assurance audit report, the Corporate Finance Manager confirmed that the issues identified had been promptly escalated to himself and the Chief Executive.  Officers had worked closely with Internal Audit to understand the issues and put in place preventative controls.  It was noted that the duplicate payments had arisen from some control weaknesses and no evidence had been found of collusion with vendors or fraud.  As set out in the report, a number of actions had been implemented including more robust daily procedures to review transactions to identify potential duplicate payments in advance of the payment run.


The potential gross overpayment of £939K identified during the period included entries where references were similar in nature and these would be investigated.  It was found that the actual duplicate total amount was £373K of which half was a single payment to a specific contractor.  In providing context, it was noted that in 2017/18 the Council dealt with invoices totalling £777M and £943M in 2018/19.  With the exception of an amount of £416.50 which had been written off, all duplicate payments had now been recovered.  The Corporate Finance Manager would shortly take on line manager responsibility for the AP/PR team and would closely monitor progress on the actions.  To show transparency on the issue, the timely payment of invoices would be included as a Key Performance Indicator to be reported as part of the Medium Term Financial Strategy.


The Chief Executive said that the report - which had arisen from a combination of system controls and roles - had been concerning.  He said that the findings raised a question about the ethical behaviour of some contractors in respect of larger duplicate payments.  He gave assurance of the level of work being undertaken on actions on which he would have personal oversight.


Sally Ellis acknowledged the point about ethical behaviour of the contractor in receipt of the significant single duplicate payment.  The Chief Executive agreed that this should be followed up and officers explained that the company had been taken over by another since the payment was made.


Following comments by Councillor Carver, the Corporate Finance Manager spoke about the limitations of the current financial system and said that alternative options were under consideration.  He reiterated the actions in place to identify potential duplicate payments.


The Internal Audit Manager provided an overview of the four amber/red assurance reports issued this year.


Sally Ellis observed that common issues on reports were where services/ systems were undergoing change, uncertainty on IT matters or lack of documented procedures.  The Internal Audit Manager said that policy procedure and operational issues were reflected in the annual report and that the team’s involvement on smaller system changes could be an area for future consideration.


Sally said that transition planning had previously been identified as an area of weakness and could be given more priority, for example including trigger questions within the framework.  The Internal Audit Manager said that this could be progressed with Chief Officers to identify key risks.


The Chief Executive spoke about the limitations on software systems to adapt to future changes.  He said that to give assurance to the Committee, officers would discuss common areas of weakness and learning to build into the process going forward.




That the report be accepted.

Supporting documents: