Items
No. |
Item |
1. |
Minutes PDF 348 KB
To approve as a correct record
the minutes of the Standards and Audit Committeemeeting held on 11 March 2021.
Minutes:
The minutes of the Standards and Audit
Committee held on 11 March 2021 were approved as a correct
record.
|
2. |
Items of Urgent Business
To receive additional items
that the Chair is of the opinion should be considered as a matter
of urgency, in accordance with Section 100B (4) (b) of the Local
Government Act 1972.
Minutes:
There were no items of urgent business.
|
3. |
Declaration of Interests
Minutes:
There were no interests declared.
|
4. |
Regulation of Investigatory Powers Act (RIPA) 2000 - 2020/21 Activity Report PDF 376 KB
Additional documents:
Minutes:
The Strategic Lead for Information Management
introduced the report and stated that it was formed of three parts.
He explained that the first part of the report outlined RIPA
activity for the 2020/21 year, and point 3.11 of the agenda
included how many requests had been received. He stated that
numbers of RIPA requests had decreased in 2020/21, which showed
that Thurrock were using other means of investigation, such as
collaboration with the police and overt surveillance. He described
how the second part of the report, at point 3.2 of the agenda, gave
Members a summary of the recent RIPA inspection. He commented that
the inspection had been positive, with inspectors commenting that
Thurrock took RIPA powers seriously, ethically, and had remained
compliant. He summarised and stated that the third part of the
report, outlined on page 18 of the agenda, summarised
Thurrock’s new RIPA policy based on findings from the
inspection.
Councillor Collins opened the debated and questioned the fifth
paragraph on page 36, which described RIPA requests for
communications data, and asked if RIPA covered offences by gangs,
as well as ‘white collar’ crime. The Strategic Lead for
Information Management responded that point 3.1.3 on page 16 of the
report outlined RIPA requests for communications data, and these
types of requests could include phone owner’s data. The
Assistant Director of Counter-Fraud and Investigations added that
only RIPA requests for communications data could only be allowed
for serious crime, such as organised crime, and for specific
offences. The Strategic Lead for Information Management added that
for a RIPA communications request to be allowed, the crime had to
carry a custodial sentence of over twelve months, compared to
standard RIPA offences that only required a custodial sentence of
over six months.
Councillor Ononaji asked how the Council monitored and enforced
RIPA powers. The Strategic Lead for Information Management replied
that any RIPA requests received had to go be authorised by one of
four authorised RIPA officers in the Council, and the requests had
to pass the necessity test, which ensured the RIPA powers were used
as a last resort, and the proportionality test. He explained that
if the RIPA request met these criteria, it was then passed to the
Senior Responsible Officer for approval before being passed to the
courts. He explained that he was the RIPA point of contact, the
four authorizing RIPA officers were directors within the council,
and the Senior Responsible Officer was the Assistant Director for
Law and Governance and Monitoring Officer.
Councillor Collins then highlighted the second paragraph on page 25
of the agenda and queried if RIPA powers could be used to monitor
riots or other civil disorder. The Strategic Lead for Information
Management responded that RIPA’s main use for cases of fraud
or trading standards breaches. The Assistant Director for
Counter-Fraud and Investigations added that the word
‘disorder’ had been included in RIPA legislation, but
this was mainly used by the police rather than local authorities.
The Corporate Director of Resource and Place ...
view the full minutes text for item 4.
|
5. |
Annual Information Governance Report PDF 897 KB
Minutes:
The Strategic Lead for Information Governance
introduced the report and stated that it provided a high level
summary of information governance in 2020/21. He commented that it
was a positive report as the Council were processing 99% of data
requests and Freedom of Information (FOI) requests within the legal
timeframe. He stated that the data protection work programmes
looked healthy, and officers across the council worked hard to meet
data protection standards. He added that a summary of changes made
since the introduction of new legislation had been included on
pages 57 and 58 of the agenda.
Councillor Collins thanked officers for the good report and
highlighted page 57 of the agenda. He queried if the policy changes
had been made on a Thurrock or national level. The Strategic Lead
for Information Management responded that the policy changes had
been brought in based on changes to the GDPR legislation.
Councillor Carter highlighted page 50 of the agenda and queried why
FOI requests had decreased by 20% in 2020/21. The Strategic Lead
for Information Management responded that the service had seen a
dip in both FOI requests and data protection requests in the first
half of the year due to COVID, but these requests had recently
started to rise. He clarified that 84 requests was still a large
number, and 99% had been responded too within target time. Ms.
Laybourn queried if the Council was a
data controller or data processer under GDPR legislation, and if
the Council retained any special category data. The Strategic Lead
for Information Management replied that Thurrock Council was a data
controller for personal data, as many services contained data sets
relating to residents. He explained that some of these datasets
would include special category data.
The Vice-Chair highlighted page 55 of the agenda and queried why
some FOI requests had been refused. He queried what the cost
threshold was for FOI requests. The Strategic Lead for Information
Management explained that if Thurrock Council deemed an FOI
response to take longer than 18 hours to gather all of the
necessary information, then it could be refused due to the cost
threshold. The Vice-Chair queried if people could choose to pay the
fee, if the request was above the cost threshold. The Strategic
Lead for Information Management confirmed that this had been the
case, but the policy had changed as no one had ever offered to pay
the fee.
Ms. Laybourn queried page 59 of the
agenda, and asked if the physical records contained offsite were
regularly disposed of when out of retention. The Strategic Lead for
Information Management replied that a piece of work was currently
ongoing to monitor, call-back and destroy physical data when out of
retention.
RESOLVED:
1. That the Standards and Audit Committee noted the information
governance and records management activity and performance.
|
6. |
Counter Fraud & Investigation Annual Report & Strategy PDF 216 KB
Additional documents:
Minutes:
The Assistant Director of Counter-Fraud and
Investigation introduced the report and stated that it provided a
rear view look on the service in 2020/21 and outlined how the
strategy had been delivered, as well as including future plans at
appendix 1. He explained that the service had moved to emergency
management mode at the beginning of the COVID pandemic, which had
changed how the service operated due to COVID restrictions. He
stated that the team had identified approximately £2.2bn of
fraud across the council, and had undertaken lots of preventative
work, including fraud targeted at government COVID grants. He
stated that appendix 1 outlined work planned in the future,
including the continuation of work to protect government COVID
grants against fraud. He summarised and stated that the value for
money test was also outlined on page 71 of the agenda.
Councillor Collins congratulated officers for their good work
during difficult circumstances, and questioned if backlogs in the
court system were still slowing the teams progress. The Assistant
Director of Counter-Fraud and Investigations responded that
Thurrock Council were part of a working group that included HM
Courts and the police to try and resolve the issue of court
backlog. He explained that the backlog was easing slowly and the
Council were trying to retrieve monies that had been lost due to
the slow system. He mentioned that Thurrock were also working with
banks to ensure that Thurrock Council’s bank accounts were
protected against fraud, and so far this project had helped prevent
£600,000 of fraud. Councillor Collins then highlighted page
69 of the agenda and asked if the CFI inspection was taking place
in July 2021. The Assistant Director of Counter-Fraud and
Investigations answered that the inspection was currently taking
place and outcomes had been good so far. He added that it was a
remote inspection into powers relating to proceeds of crime, and
would continue until the end of the month. Councillor Collins then
queried if the forensic laboratory had been built in the Council
offices. The Assistant Director of Counter-Fraud and Investigations
responded that work had been undertaken to build the lab last year,
and was currently in the process of becoming an accredited lab. Ms.
Laybourn queried page 62 of the agenda
and queried what the star symbol next to money laundering meant.
The Assistant Director of Counter-Fraud and Investigations
clarified that the star symbol meant that the team undertook work
on behalf of other teams in regards to money laundering, and in
this case the work was undertaken on the behalf of the trading
standards team.
RESOLVED:
1. That the Standards and Audit Committee noted the performance of
the Counter-Fraud and Investigation team over the last year.
2. That the Standards and Audit Committee approved the
Counter-Fraud and Investigation strategy and work programme for
2021/22.
|
7. |
Chief Internal Auditor's Annual Report - Year ended 31 March 2021 PDF 236 KB
Additional documents:
Minutes:
The Chief Internal Auditor introduced the
report and stated that updates had been made to internal audit
legislation in 2014 and 2015, and therefore the Chief Internal
Auditor now had to present regularly to the Standards and Audit
Committee and provide Members with his professional opinion. He
stated that although he could give reasonable assurances on the
financial state of the Council, these could never be absolute
guarantees. He added that regular progress reports on the work of
the internal audit team would also be brought back before the
Committee throughout the year. He explained that this year had been
a difficult year due to COVID and this had been taken into account
throughout the report. He added that the internal audit team had
also struggled as some team members had left. The Chief Internal
Auditor then highlighted point 3.1 on page 86 of the agenda and
explained that the team had produced 11 assurance reports
throughout the year, which had all received a green or amber-green
rating, and 4 advisory reports, as well as looking into a variety
of other complaints. He stated that the team had also been busy as
they had needed to sign off numerous government COVID grants.
The Chief Internal Auditor moved on and highlighted point 3.2 on
page 86 of the agenda which explained that specialist consultants
had also been hired in March and April to review two major projects
and improve related governance. He stated that the Committee would
receive regular updates on these projects throughout the year, and
a new project management process had now been implemented. He
summarised and stated that his overall opinion was currently amber,
which had not changed since 2019/20, but his risk management
opinion was currently green. He stated that 3.4 of the report
highlighted recommendations to managers to improve the amber
rating. He added that page 97 of the report showed there had been
good progress made in previous recommendations, and no conflicts of
interest had been found within the team.
Ms. Laybourn queried page 95 of the
agenda and asked what the difference between risk enabled and risk
managed was in terms of the risk register. She felt that there had
been some ‘red’ risks last year that had not been able
to be mitigated. The Chief Internal Auditor responded that the risk
maturity model ranged from naïve to aware to managed to enabled. He clarified risk enabled meant
that on both a strategic and operational level risk management had
been embedded in decisions. He added that risk managed meant that
on a strategic level risk management had been embedded, but not on
an operational level.
Councillor Collins thanked officers for their hard work throughout
the year, particularly when dealing with staff shortages. He
highlighted the last paragraph on page 98 of the agenda and asked
if any there had been any problems with COVID specific funding. The
Chief Internal Auditor responded that although no additional
challenges had presented themselves due to COVID, the workload
...
view the full minutes text for item 7.
|
8. |
Work Programme PDF 124 KB
Minutes:
The Corporate Director of Resources and Place
Delivery stated that two key reports would be coming to the
Committee later in the year, which included the financial statement
and audit reports. He added that reports would also come before
Committee in September outlining work on the major A13 and
Stanford-le-Hope projects. He explained that the Committee’s
role on these projects would be to look into governance, management
and cost overruns, rather than general project updates which would
be provided to the relevant overview and scrutiny committee.
|