Agenda and minutes

None received.

Members are asked to consider any pecuniary and non-pecuniary interests they may have to disclose to the meeting in relation to matters under consideration on the agenda.

None received.

RESOLVED: - That the Minutes of the last meeting held on 05 July 2022 be confirmed as a correct record and signed by the Chair.

As part of the year-end process the Authority was required to sign a letter of representation. This letter confirmed that the Authority had disclosed all relevant information in its accounts for the year in question and that all issues which should have been brought to the attention of the auditors had been.

The Treasurer confirmed he would sign the letter, as there were no issues which he felt required disclosure.

RESOLVED: - That the Audit Committee authorised the signing of the letter by the Chair of the Committee.

Georgia Jones, Key Audit Partner presented the Audit Findings report to the Committee.

Under the statutory Code of Audit Practice for Local Government bodies the Authority’s external auditors, Grant Thornton were required to issue a report to those charged with governance summarising the conclusions from their audit work.

Georgia Jones advised that at the time of writing the report the audit work was substantially complete and there were no matters of which they were aware that would require modification of the audit opinion or material change to the financial statements, subject to outstanding matters listed below:-

·        responses from the pension fund auditor to gain assurance on underpinning controls and supporting data for the pension fund net liability;

·        receipt of management representation letter;

·        review of the final set of financial statements; and

·        final quality procedures.

There were two recommendations relating to Oracle password configuration set out on page 20 of the report (page 38 of the agenda pack), and the Self-authorisation of journals set out on page 21 of the report (page 39 of the agenda pack: -

1.     “We identified a weakness in Oracle password configuration. The password length is set to 6 characters and does not include a minimum password length of 8 characters as per leading practices.”

Members were informed that it related to the existing finance system which was being replaced in December and, as such it was not proposed to amend this within the existing system.

2.     “Our risk assessment of journal controls noted that there are no automated controls on the finance system to prevent members of finance staff approving their own journals. Whilst our audit work on journals so far has not identified any significant issues as a result of this weakness in internal controls, we recommend the authority establishes an authorisation control to reduce the risk of financial reporting fraud and /or error in future."

The response to this was consistent with previous responses “We have considered the recommendation. We believe our financial monitoring processes are sufficient to identify if such an instance occurred. Neither ourselves, nor internal and external audit, have discovered any instances of error or reporting fraud that the implementation of this would have prevented. Hence, given the size of our finance team, we do not feel that introducing further controls is practical or proportionate to the risk.”

There were several disclosures and misclassification changes required, as set out on page 22 (page 40 of the agenda pack), and three adjusted misstatements, as set out on page 23 (page 41 of the agenda pack), the majority of which were identified by the Authority during the audit process.

There was one adjusted misstatement as set out on page 23 (page 41 of the agenda pack), which related to the treatment of potential future costs of claims relating to pensionable allowances, and specifically treating it as a creditor as opposed to a provision. Given it was below the Service’s materiality threshold, the Treasurer had not amended the accounts to reflect that.

Georgia  ...  view the full minutes text for item 15/22

The Internal Auditors produced a summary of progress against the annual plan for each Audit Committee meeting, setting out progress to date and any significant findings. The report for the period up to 09 November 2022 was presented by Laura Rix.

To date, 18.25 days had been spent this financial year on completion of the 2022/23 plan, equating to 26% of the total planned audit activity of 70 days. The table in the report showed the current status of all audit work.

No areas of concern came to attention in conducting the assurance work to date that required bringing to the attention of committee members.

RESOLVED: - That the Committee noted and endorsed the report.

The Chair welcomed the Service’s new Head of Finance, Jacquie Meadows to the meeting.

The Director of Corporate Services presented the report to the meeting. The report presented the Statement of accounts for the financial year ended 31 March 2022 which included the Authority’s 25% share of the North West Fire Control accounts. The Committee considered the Statement of Accounts as presented.

The following sections summarised the details contained within the core statements:-

Narrative Report

The report set out the financial context in which the Combined Fire Authority operated and provided an overview of the financial year 2021/22 as well as details of future plans.

Comprehensive Income & Expenditure Account

The statement confirmed the accounting cost in the year of providing services. It was a summary of the resources that had been generated and consumed in providing services and managing the Authority during the last year. It included all day-to-day expenses and related income on an accrual’s basis, as well as transactions measuring the value of fixed assets actually consumed and the real projected value of retirement benefits earned by employees in the year.

The main points to note were:-

The report highlighted actions taken in respect of corporate risk since the last Audit Committee meeting.

The latest review of the corporate risk register had identified one new risk which warranted consideration for inclusion on the corporate risk register:-

The Cyber Security

The Cyber Security threat landscape had changed significantly which had been witnessed globally, regionally and across multiple emergency services and local authorities.

Best practice standards set by the National Cyber security Centre (NCSC) had adapted according to the change in the threat landscape, which meant it was far more challenging to remain compliant.

Government organisations were routinely and relentlessly targeted: of the 777 incidents managed by the National Cyber Security Centre between September 2020 and August 2021, around 40% were aimed at the public sector. This upward trend showed no signs of abating.

The Service had achieved the Cyber Essentials Plus certification, which had to be refreshed every 12 months. The next re certification involved the prompt replacement of aging hardware/software as well as bringing in scope remote working, Wi-Fi security as well as several other areas which had previously been out of scope. The e-mail systems had been fully refreshed and the Service would be migrating all mailboxes to 365 for even better security and feature enhancements. 

A Cyber Security Strategy and subsequent options paper had been agreed, identifying areas requiring investment, such as next generation Firewalls. The Service had been aligning with the National Cyber Security Centre best practice security framework and would continue to do so as it developed. It was classed as high-risk due to the scale of attack and the potential impact of such attacks.

An updated corporate risk register was considered by Members with changes summarised in the report. The Director of Corporate Services highlighted the following key areas:-

Risk no. 3 – Insufficient staffing resources

The position regarding the national pay award would continue to be monitored. IMT meetings would continue to be held to review the situation and on-going plans to minimise the risk. The number and location of potential appliances would be identified, and the internal and external communication plans would be developed.

Risk no. 26 – Increase in costs and administration associated with changes to pensions

The Service continued to see extended lead times on the majority of items, as an example LGV fleet vehicle lead times for chassis deliveries was 12-18 months. Costs continued to increase reflecting inflation, with many items increasing at a much higher rate (energy being the most significant of these), where costs had more than doubled.

Risk no. 36 – Increase in pay costs

Pay awards were separately set nationally for green and grey book staff and a 2% award has been estimated in the budget. A pay offer of 5% had been made by the employers in respect of grey book pay. The FBU had recommended that their members reject the offer, and, at the time of writing, the Service was awaiting the outcome of that. A pay offer of £1925 per  ...  view the full minutes text for item 18/22

The Authority was a Contracting Authority for the purpose of the Public Contracts Regulations 2015 (PCR) and was required to comply with the procedures and award of contracts as set out in those regulations.

Under PCR 2015, “contracting authorities” means, “the state, regional or local authorities, bodies governed by public law or associations formed by one or more such authorities or one or more such bodies governed by public law and includes central government authorities”.

Where those regulations did not apply (for contract values below EU thresholds) the Authority had its own procedures in place in the form of Contract Standing Orders. These formed part of the Constitution along with Financial Regulations and the Scheme of Delegation.

These had been reviewed and updated to reflect current practices, align with the Service’s regional partners, enable resources to be better focused, and were reflective of the current financial and economic climate.

Members considered the amended Contract Standing Order thresholds and amendments highlighted in the report relating to goods, services, consultancy and works, which also reflected current external EU thresholds.

Please note ‘Find a Tender’ replaced OJEU for the UK as part of Brexit arrangements as set out within The Public Procurement (Amendments etc). (EU Exit) Regulations 2020.

FOR ALL GOODS & SERVICES & CONSULTANCY 

FOR ALL WORKS

All Contracts above £25,000k must still be published as an opportunity on Contracts Finder and a Contract Award notice still to be completed.

Contracts Finder - GOV.UK (www.gov.uk)

In addition, it was also proposed to: -

• Increase the Member Tender Panel approval level from £100k to £175k.
• Increase  ...  view the full minutes text for item 19/22

The next scheduled meeting of the Committee has been agreed for 10:00 hours on 28 March 2023 in the Main Conference Room, at Lancashire Fire & Rescue Service Headquarters, Fulwood.

Further meetings are:          scheduled for 25 July 2023

                                                proposed for 26 September and 28 November 2023

The next meeting of the Committee would be held on 28 March 2023 at 10:00am hours in the Main Conference Room at Lancashire Fire and Rescue Service Headquarters, Fulwood.

Further meeting dates were noted for 25 July 2023 and 26 September 2023 and agreed for 28 November 2023.