Agenda and minutes

To receive any declarations of interest.

The minutes of the Audit Committee meeting held 10 July 2025 were submitted and approved as a correct record.

The minutes of the Audit Committee meeting held 24 July 2025 were submitted and approved as a correct record.

The minutes of the Audit Committee meeting held 31 July 2025 were submitted and approved as a correct record.

The Committee considered the annual report on complaints and compliments for the period April 2024 to March 2025.  The report summarised complaint statistics and trends, lessons learned, and actions planned to strengthen complaints management over the next 12 months.

It was highlighted that lessons learned from complaints were a key driver for continuous improvement, with planned actions identified to further strengthen processes during 2025/26.

In discussion, a Member questioned whether the data was proportionate to population size, noting that without such context the figures could be difficult to interpret.  The Head of Policy, Governance and Information advised that future reports would seek to provide additional context, and reminded Members that local authorities vary in size, culture and approach.

Members asked for assurance around the recording of complaints.  They were advised that the Council had a comprehensive complaint recording process, however there would be circumstances where someone with a complaint may contact a department who would resolve the matter for them quickly and that might not be logged, however all qualifying complaints received by the Corporate Complaints Team were logged.

AGREED that Audit Committee:

1.     Noted the complaints statistics and trends, including the outcomes the lessons learned from these.

2.     Noted the planned actions to further strengthen the management of complaints over the next 12 months.

3.     Considered the information presented and was satisfied that it provided sufficient assurance regarding the robustness of the Council’s approach to managing complaints.

4.     Requested additional contextual information, such as population size and differences in authority culture/approach, be incorporated into the next annual complaints/compliments report 2025/26.

The Committee considered its first Annual Report, to be presented to Full Council in October 2025.  The report summarised compliance with the CIPFA 2022 position statement, the results of the LGA effectiveness review, and the Committee’s work programme.

Members confirmed the report reflected the Committee’s activities, including scrutiny of risk management, treasury, counter fraud, external and internal audit, and Best Value Notice updates.

The report outlined how the Committee had sought and received assurance on major risks, including community cohesion, children’s social care costs, town centre financial sustainability, and corporate governance.

It also set out the impact of Counter fraud work which had delivered significant savings and increased referrals.  Internal Audit gave an overall Reasonable Assurance opinion, though Members raised concerns on timeliness and capacity, which were being addressed.

The report set out the concerns of the committee in relation to External Auditor’s capacity to complete audits of the Council’s accounts over the previous three years, with disclaimed opinions issued for three years’ accounts.  The Committee formally raised concerns about national audit capacity and rising costs.

Members endorsed the proposed improvement plan, including enhanced training, development of an assurance framework and map, systematic feedback to Senior Officers, and recruitment of independent members.

The Committee concluded that the Annual Report demonstrated a strong commitment to governance, oversight, and continuous improvement.

AGREED that the Audit Committee:

1.        Approved the content of the First Annual Report of the Audit Committee.

2.        Approved the implementation of the recommendations arising from the review of the Audit Committee’s effectiveness, and that progress against the agreed actions be monitored and reported back to future meetings of the Committee.

3.        That the Annual Report and approved recommendations will be submitted to full Council for information.

The Committee received the Risk and Opportunities Annual Assurance Report 2024, which provided an update on the current content of the Strategic Risk Register and outlined progress made in the six months since the register was last presented to the Committee.

The Head of Policy, Governance and Information highlighted key movements within the strategic risk register, including new and emerging risks, risks that had been mitigated, and those requiring further monitoring.  The report also outlined the governance arrangements in place for managing strategic risks, including oversight responsibilities, escalation procedures, and links to the Council’s wider assurance framework.

The Committee was informed of the ongoing work to strengthen reporting processes, improve consistency in how risks are recorded and monitored, and align the Strategic Risk Register with organisational priorities.

During consideration of the report, the following points were raised:

·        Members noted the addition of one new strategic risk (SR-16: Dedicated Schools Grant deficit) and reduction in several existing risk scores reflecting improved control and assurance in those areas.

·        It was noted that 18 mitigating actions had been completed, and that the February 2025 Internal Audit of Risk Management had provided a substantial assurance outcome.

·        Reference was made to cyber security, with Officers confirming ongoing monitoring of arrangements and a commitment to provide further assurance on new ICT systems and disaster recovery plans.

·        Members agreed that a ‘deep dive’ of strategic risk 15 (SR-15: Threats to Social Cohesion and Democratic Resilience) would support better understanding of key external threats and should be placed on the Committee’s work programme for its consideration at its meeting in December 2025.

·        Further updates were requested on the mitigation of external financial risks, including those linked to liquidation.

AGREED that the Audit Committee:

1.     Noted the current content of the Risk and Opportunities Annual Assurance Report 2024 and the Strategic Risk Register, together with the progress made in the six months since it was last shared with the Committee.

2.     Considered the information provided and was satisfied that the management and oversight arrangements of the strategic risk register are appropriate, and that plans to further strengthen those arrangements are sufficient.

3.     Requested a report for the December 2025 Committee meeting in relation to the management of strategic risk 15 (SR-15: Threats to Social Cohesion and Democratic Resilience).

The Committee received the Annual Report of the Senior Information Risk Owner (SIRO), which provided an overview of the Council’s information governance arrangements, including data protection compliance, information security incidents, and the progress made in strengthening controls and assurance over the past year.

The Head of Policy, Governance and Information outlined key developments over the reporting period, explaining that there had been increased organisational focus on information security, asset management and cyber resilience.  Arrangements for data handling, incident reporting and response had been strengthened, and the implementation of audit recommendations was underway alongside planned improvements to governance processes.  In addition, ongoing work was being undertaken to improve Subject Access Request compliance and timeliness across service areas.

The report also highlighted the role of the Senior Information Risk Owner in ensuring effective risk management, accountability and assurance across all information governance activity.

During discussion the following points were raised:

·        Members noted that security incidents had almost doubled, driven primarily by increased reporting of loss and theft of ICT equipment and loss of access cards, rather than increased cyber-attacks.

·        Officers confirmed that access cards are deactivated immediately when reported lost, and that additional security measures were being introduced to better protect Council assets.

·        Members also noted the current Subject Access Request compliance rate of 72%.  The Head of Policy, Governance and Information explained that while no benchmarking with other local authorities was planned, work was ongoing to improve timeliness and response rates.

·        A Member referenced the Redcar and Cleveland Borough Council cyber-attack as a reminder of the ongoing risks to local authorities, and Officers confirmed that lessons learned had been incorporated into local arrangements and disaster recovery planning.

·        Members were satisfied with the information presented and did not request further additional assurances at that stage.

AGREED that the Audit Committee:

1.     Noted the position in respect of information governance as set out in the Annual Report of the Senior Information Risk Owner (SIRO) and the arrangements in place to manage the associated risks.

2.     Considered the information provided and was satisfied that it provided sufficient assurance that information governance arrangements are appropriate.

The Committee received the Audit Progress Report from Forvis Mazars, covering both Middlesbrough Council and the Teesside Pension Fund.

The external auditor confirmed that the Council’s draft accounts for 2024/25 were published on 30 June 2025, with the main audit work scheduled to commence in October 2025 and completion anticipated by February 2026, in line with the national backstop arrangements.

Work on the Value for Money (VFM) assessment was ongoing, with findings expected to be presented to the Committee in December 2025.  At this stage, the auditor reported no significant issues to bring to Members’ attention.

Members noted that the main Council audit would progress towards the February 2026 backstop date, with a further update report to be presented at the next meeting.  No significant issues were reported at this stage.

AGREED that the Audit Committee:

1.     Noted the Audit Progress Report from Forvis Mazars, including the update on the 2024/25 audit timetable, the Value for Money (VFM) assessment, and national publications.

2.     Noted the planned timeline for completion of the main audit in line with the national backstop arrangements and agreed to receive further updates as the audit progresses.

3.     Agreed that the external auditor would provide a further update to the Committee at the December 2025 meeting, including progress towards meeting the February 2026 backstop date for completion of the main Council audit.

4.     Agreed that the findings of the Value for Money (VFM) assessment will be presented to the Committee by the external auditor upon completion.

The Committee received the Internal Audit and Counter Fraud Progress Report, which provided an update on the delivery of the 2024/25 Internal Audit and Counter Fraud Plan.

The report outlined progress made to date, including the number of audit reviews completed, work in progress, and the overall assurance levels provided.  The report also included details of counter fraud activity undertaken during the period to 31 August 2025, outcomes of investigations, and work to strengthen control frameworks across service areas.

The Committee noted that overall delivery of the audit plan was on track, with several assignments completed and no critical issues identified to date.  Areas of focus continued to include financial systems, governance, risk management, and key operational areas.

Counter fraud activity to the end of August 2025 included targeted work on Blue Badge misuse and Single Person Discount checks.  Investigations and preventive work had achieved estimated fraud savings of approximately £330,000 during the reporting period.  The team had also undertaken whistleblowing awareness work to encourage reporting and strengthen Council’s counter fraud culture.

Members welcomed the progress update and note the contribution of internal audit to wider assurance.  It was confirmed that assurance outcomes from completed work were being used to strengthen controls, and that all agreed actions would be monitored and followed up.

A specific discussion took place regarding the Burial Services Audit, which had received a moderate assurance rating.  Members sought clarification on the findings and actions being taken to address identified issues.  Officers confirmed that the implementation timescale for the service strategy had been revised to April 2026, and that an update would be provided to the December 2025 Committee meeting, in response to a request from the Chair for a Senior Officer to attend and present the update.

A query was also raised regarding Members’ Allowances and Declarations, focusing on the arrangements for ensuring compliance and transparency.  It was agreed that additional information clarifying the findings and assurance level of the audit would be circulated to Members ahead of the December 2025 meeting.

AGREED that the Audit Committee:

1.     Noted the latest updates on internal audit and counter fraud work as set out in the progress report.

2.     Requested a Burial Services Audit update to be presented at the December 2025 meeting, with a Senior Officer to attend, and to include the revised timescale for the service strategy in April 2026.

3.     Requested additional information clarifying the findings and assurance level of the Members’ Allowances and Declarations audit be circulated to Members ahead of the December 2025 Committee meeting.

The Committee received a report providing an update on the management of the Dedicated Schools Grant risk within the Strategic Risk Register, with a particular focus on the High Needs Review.  The Committee received a report providing an update on the management of the Dedicated Schools Grant risk within the Strategic Risk Register, with a particular focus on the High Needs Block deficit and its implications for the Council’s overall financial position.

Officers outlined the current Dedicated Schools Grant position, including the statutory override arrangements and the cumulative deficit, highlighting the Council’s exposure should the override be withdrawn.  Members were advised that the Dedicated Schools Grant deficit represents a significant financial pressure and had therefore been added to the Strategic Risk Register as SR-16 to ensure enhanced governance and oversight.

Work was underway to develop a recovery plan in line with national guidance, with ongoing engagement with the Department of Education.

Members recognised the scale of the Dedicated Schools Grant financial risk and the importance of effective mitigation.  Clarification was sought on the timing of the recovery plan, the potential implications of changes to funding arrangements, and the Council’s position in the event of changes to the statutory override.

Members also requested further information on benchmarking mainstream funding levels to support comparative analysis and better understand how local pressures aligned with national trends.  Officers agreed to circulate benchmarking information to Members.

It was noted that progress of the Delivering Better Value programme and the Special Educational Needs and Disabilities workforce development network would continue to be monitored, with updates provided to the Committee as appropriate.

A further update on the Dedicated Schools Grant position and the High Needs Review was requested for a future Committee meeting.

AGREED that the Audit Committee:

1.     Noted the work undertaken regarding the management of the high needs’ element of the Dedicated Schools Grant and the current position regarding the statutory override and the cumulative Dedicated Schools Grant deficit.

2.     Requested a further update on the Dedicated Schools Grant position and High Needs Review to be scheduled for a future meeting should the current situation change.

3.     Requested benchmarking information on mainstream funding levels be circulated to Members to support comparative analysis.

The Head of Policy, Governance and Information presented the current Audit Committee Work Programme for 2025/26.  The updated document incorporated changes to align with the newly adopted Terms of Reference.

AGREED that the Audit Committee:

1.     Noted the revised Audit Committee Work Programme for 2025/26.

2.     Requested Member-only meetings with auditors to be scheduled prior to each Pre-Audit meeting.

None.