Agenda and draft minutes

Standards and Audit Committee - Thursday, 8th July, 2021 7.00 pm

Venue: Committee Room 1, Civic Offices, New Road, Grays, Essex, RM17 6SL

Contact: Jenny Shade, Senior Democratic Services Officer  Email: Direct.Democracy@thurrock.gov.uk

Items
No. Item

1.

Minutes pdf icon PDF 348 KB

To approve as a correct record the minutes of the Standards and Audit Committeemeeting held on 11 March 2021.

 

Minutes:

The minutes of the Standards and Audit Committee held on 11 March 2021 were approved as a correct record.

2.

Items of Urgent Business

To receive additional items that the Chair is of the opinion should be considered as a matter of urgency, in accordance with Section 100B (4) (b) of the Local Government Act 1972.

Minutes:

There were no items of urgent business.

 

3.

Declaration of Interests

Minutes:

There were no interests declared.

 

4.

Regulation of Investigatory Powers Act (RIPA) 2000 - 2020/21 Activity Report pdf icon PDF 376 KB

Additional documents:

Minutes:

The Strategic Lead for Information Management introduced the report and stated that it was formed of three parts. He explained that the first part of the report outlined RIPA activity for the 2020/21 year, and point 3.11 of the agenda included how many requests had been received. He stated that numbers of RIPA requests had decreased in 2020/21, which showed that Thurrock were using other means of investigation, such as collaboration with the police and overt surveillance. He described how the second part of the report, at point 3.2 of the agenda, gave Members a summary of the recent RIPA inspection. He commented that the inspection had been positive, with inspectors commenting that Thurrock took RIPA powers seriously, ethically, and had remained compliant. He summarised and stated that the third part of the report, outlined on page 18 of the agenda, summarised Thurrock’s new RIPA policy based on findings from the inspection.

Councillor Collins opened the debated and questioned the fifth paragraph on page 36, which described RIPA requests for communications data, and asked if RIPA covered offences by gangs, as well as ‘white collar’ crime. The Strategic Lead for Information Management responded that point 3.1.3 on page 16 of the report outlined RIPA requests for communications data, and these types of requests could include phone owner’s data. The Assistant Director of Counter-Fraud and Investigations added that only RIPA requests for communications data could only be allowed for serious crime, such as organised crime, and for specific offences. The Strategic Lead for Information Management added that for a RIPA communications request to be allowed, the crime had to carry a custodial sentence of over twelve months, compared to standard RIPA offences that only required a custodial sentence of over six months.

Councillor Ononaji asked how the Council monitored and enforced RIPA powers. The Strategic Lead for Information Management replied that any RIPA requests received had to go be authorised by one of four authorised RIPA officers in the Council, and the requests had to pass the necessity test, which ensured the RIPA powers were used as a last resort, and the proportionality test. He explained that if the RIPA request met these criteria, it was then passed to the Senior Responsible Officer for approval before being passed to the courts. He explained that he was the RIPA point of contact, the four authorizing RIPA officers were directors within the council, and the Senior Responsible Officer was the Assistant Director for Law and Governance and Monitoring Officer.


Councillor Collins then highlighted the second paragraph on page 25 of the agenda and queried if RIPA powers could be used to monitor riots or other civil disorder. The Strategic Lead for Information Management responded that RIPA’s main use for cases of fraud or trading standards breaches. The Assistant Director for Counter-Fraud and Investigations added that the word ‘disorder’ had been included in RIPA legislation, but this was mainly used by the police rather than local authorities. The Corporate Director of Resource and Place  ...  view the full minutes text for item 4.

5.

Annual Information Governance Report pdf icon PDF 897 KB

Minutes:

The Strategic Lead for Information Governance introduced the report and stated that it provided a high level summary of information governance in 2020/21. He commented that it was a positive report as the Council were processing 99% of data requests and Freedom of Information (FOI) requests within the legal timeframe. He stated that the data protection work programmes looked healthy, and officers across the council worked hard to meet data protection standards. He added that a summary of changes made since the introduction of new legislation had been included on pages 57 and 58 of the agenda.

Councillor Collins thanked officers for the good report and highlighted page 57 of the agenda. He queried if the policy changes had been made on a Thurrock or national level. The Strategic Lead for Information Management responded that the policy changes had been brought in based on changes to the GDPR legislation. Councillor Carter highlighted page 50 of the agenda and queried why FOI requests had decreased by 20% in 2020/21. The Strategic Lead for Information Management responded that the service had seen a dip in both FOI requests and data protection requests in the first half of the year due to COVID, but these requests had recently started to rise. He clarified that 84 requests was still a large number, and 99% had been responded too within target time. Ms. Laybourn queried if the Council was a data controller or data processer under GDPR legislation, and if the Council retained any special category data. The Strategic Lead for Information Management replied that Thurrock Council was a data controller for personal data, as many services contained data sets relating to residents. He explained that some of these datasets would include special category data.

The Vice-Chair highlighted page 55 of the agenda and queried why some FOI requests had been refused. He queried what the cost threshold was for FOI requests. The Strategic Lead for Information Management explained that if Thurrock Council deemed an FOI response to take longer than 18 hours to gather all of the necessary information, then it could be refused due to the cost threshold. The Vice-Chair queried if people could choose to pay the fee, if the request was above the cost threshold. The Strategic Lead for Information Management confirmed that this had been the case, but the policy had changed as no one had ever offered to pay the fee.

Ms. Laybourn queried page 59 of the agenda, and asked if the physical records contained offsite were regularly disposed of when out of retention. The Strategic Lead for Information Management replied that a piece of work was currently ongoing to monitor, call-back and destroy physical data when out of retention.

 

RESOLVED:


1. That the Standards and Audit Committee noted the information governance and records management activity and performance.

 

6.

Counter Fraud & Investigation Annual Report & Strategy pdf icon PDF 216 KB

Additional documents:

Minutes:

The Assistant Director of Counter-Fraud and Investigation introduced the report and stated that it provided a rear view look on the service in 2020/21 and outlined how the strategy had been delivered, as well as including future plans at appendix 1. He explained that the service had moved to emergency management mode at the beginning of the COVID pandemic, which had changed how the service operated due to COVID restrictions. He stated that the team had identified approximately £2.2bn of fraud across the council, and had undertaken lots of preventative work, including fraud targeted at government COVID grants. He stated that appendix 1 outlined work planned in the future, including the continuation of work to protect government COVID grants against fraud. He summarised and stated that the value for money test was also outlined on page 71 of the agenda.

Councillor Collins congratulated officers for their good work during difficult circumstances, and questioned if backlogs in the court system were still slowing the teams progress. The Assistant Director of Counter-Fraud and Investigations responded that Thurrock Council were part of a working group that included HM Courts and the police to try and resolve the issue of court backlog. He explained that the backlog was easing slowly and the Council were trying to retrieve monies that had been lost due to the slow system. He mentioned that Thurrock were also working with banks to ensure that Thurrock Council’s bank accounts were protected against fraud, and so far this project had helped prevent £600,000 of fraud. Councillor Collins then highlighted page 69 of the agenda and asked if the CFI inspection was taking place in July 2021. The Assistant Director of Counter-Fraud and Investigations answered that the inspection was currently taking place and outcomes had been good so far. He added that it was a remote inspection into powers relating to proceeds of crime, and would continue until the end of the month. Councillor Collins then queried if the forensic laboratory had been built in the Council offices. The Assistant Director of Counter-Fraud and Investigations responded that work had been undertaken to build the lab last year, and was currently in the process of becoming an accredited lab. Ms. Laybourn queried page 62 of the agenda and queried what the star symbol next to money laundering meant. The Assistant Director of Counter-Fraud and Investigations clarified that the star symbol meant that the team undertook work on behalf of other teams in regards to money laundering, and in this case the work was undertaken on the behalf of the trading standards team.

 

RESOLVED:

1. That the Standards and Audit Committee noted the performance of the Counter-Fraud and Investigation team over the last year.

2. That the Standards and Audit Committee approved the Counter-Fraud and Investigation strategy and work programme for 2021/22.

 

7.

Chief Internal Auditor's Annual Report - Year ended 31 March 2021 pdf icon PDF 236 KB

Additional documents:

Minutes:

The Chief Internal Auditor introduced the report and stated that updates had been made to internal audit legislation in 2014 and 2015, and therefore the Chief Internal Auditor now had to present regularly to the Standards and Audit Committee and provide Members with his professional opinion. He stated that although he could give reasonable assurances on the financial state of the Council, these could never be absolute guarantees. He added that regular progress reports on the work of the internal audit team would also be brought back before the Committee throughout the year. He explained that this year had been a difficult year due to COVID and this had been taken into account throughout the report. He added that the internal audit team had also struggled as some team members had left. The Chief Internal Auditor then highlighted point 3.1 on page 86 of the agenda and explained that the team had produced 11 assurance reports throughout the year, which had all received a green or amber-green rating, and 4 advisory reports, as well as looking into a variety of other complaints. He stated that the team had also been busy as they had needed to sign off numerous government COVID grants.

The Chief Internal Auditor moved on and highlighted point 3.2 on page 86 of the agenda which explained that specialist consultants had also been hired in March and April to review two major projects and improve related governance. He stated that the Committee would receive regular updates on these projects throughout the year, and a new project management process had now been implemented. He summarised and stated that his overall opinion was currently amber, which had not changed since 2019/20, but his risk management opinion was currently green. He stated that 3.4 of the report highlighted recommendations to managers to improve the amber rating. He added that page 97 of the report showed there had been good progress made in previous recommendations, and no conflicts of interest had been found within the team.

Ms. Laybourn queried page 95 of the agenda and asked what the difference between risk enabled and risk managed was in terms of the risk register. She felt that there had been some ‘red’ risks last year that had not been able to be mitigated. The Chief Internal Auditor responded that the risk maturity model ranged from naïve to aware to managed to enabled. He clarified risk enabled meant that on both a strategic and operational level risk management had been embedded in decisions. He added that risk managed meant that on a strategic level risk management had been embedded, but not on an operational level.

Councillor Collins thanked officers for their hard work throughout the year, particularly when dealing with staff shortages. He highlighted the last paragraph on page 98 of the agenda and asked if any there had been any problems with COVID specific funding. The Chief Internal Auditor responded that although no additional challenges had presented themselves due to COVID, the workload  ...  view the full minutes text for item 7.

8.

Work Programme pdf icon PDF 124 KB

Minutes:

The Corporate Director of Resources and Place Delivery stated that two key reports would be coming to the Committee later in the year, which included the financial statement and audit reports. He added that reports would also come before Committee in September outlining work on the major A13 and Stanford-le-Hope projects. He explained that the Committee’s role on these projects would be to look into governance, management and cost overruns, rather than general project updates which would be provided to the relevant overview and scrutiny committee.