APPENDIX A

PURPOSE OF THE REPORT

To provide Members of the Council with details of the work carried out by the Audit Committee during the year ended 30 September 2025. The report also details how the Audit Committee has fulfilled its Terms of Reference during this period.

BACKGROUND

The Audit Committee is responsible for overseeing the Council’s corporate governance, audit and risk management arrangements. The Committee is also responsible for approving the Statement of Accounts and the Annual Governance Statement. The Committee’s specific powers and duties are set out in Schedule 1 of the Constitution under the Terms of Reference of the Audit Committee. A copy of the Terms of Reference is attached at Annex 1 for information.

Audit Committees are a key component of corporate governance and provide an important source of assurance about the organisation’s arrangements for managing risk, maintaining an effective control environment, and reporting on financial and other performance.

The Chartered Institute of Public Finance and Accountancy (CIPFA) has issued guidance to local authorities to help ensure that Audit Committees are operating effectively[1]. The guidance recommends that audit committees should report annually on how they have discharged their responsibilities.

WORK UNDERTAKEN

The Audit Committee has met on five occasions during the year. This has enabled the Committee to monitor the adequacy and effectiveness of the Council’s risk management arrangements, control environment and associated counter fraud arrangements through regular reports from officers and the internal auditors, Veritau. The Committee has also received reports from the former and current external auditors, Deloitte and Forvis Mazars.

The Audit Committee is satisfied that adequate and effective controls have been maintained throughout the period covered by this report.

The specific work undertaken by the Committee is set out below.

External Audit

Over the year, the Audit Committee received and considered a range of external audit reports. The Committee noted the external audit findings for the legacy district and borough councils up to and including the 2022/23 financial year. During these discussions, Members drew attention to severance payments made to the Chief Executives and other senior officers at Hambleton District Council, as well as the Whitby Harbour court case.

The Committee reviewed a report from Deloitte summarising the findings of North Yorkshire County Council’s audits for 2021/22 and 2022/23. Unqualified opinions were issued for both years. Two recommendations were made: improving the accuracy of capital budgeting and enhancing responses to Freedom of Information requests.

Key audit risks included the completeness of accrued expenditure and the potential for management override of controls. Minor control recommendations were made, but no material issues were identified. The Council was assessed as financially resilient, with strong reserves, liquidity, and governance arrangements, including robust risk management, internal audit, and scrutiny processes.

The Committee delegated authority to the Chair and the Corporate Director – Resources to sign the North Yorkshire County Council Letter of Representation for 2022/23.

In relation to the Council’s 2023/24 accounts, the Committee reviewed a report from Forvis Mazars outlining the findings of the external audit. Due to legislative changes requiring publication of audited accounts by 28 February 2025, the auditors were unable to complete all necessary procedures, particularly those relating to opening balances following local government reorganisation. Consequently, a disclaimer of opinion was issued. Despite this, the audit identified no significant weaknesses in the Council’s arrangements for securing value for money. Two improvement recommendations were made: enhancing the annual accounts drafting process and improving transparency in the reporting of member complaints. Several internal control deficiencies were noted, and non-material unadjusted misstatements were reported, primarily relating to asset valuations and pension liabilities. No evidence of fraud or non-compliance with laws was found. Authority was given to the Chair and Corporate Director – Resources to sign the Letter of Representation relating to the Council’s 2023/24 accounts. The Committee received a further update from Forvis Mazars, which included two adjusted misstatements and a disclosure correction.

The Committee also noted the findings of the North Yorkshire Pension Fund external audit for 2023/24, conducted by Forvis Mazars. An unqualified opinion was issued, and the financial statements were found to be consistent with those of North Yorkshire Council.

The Committee received the Audit Strategy Memoranda from Forvis Mazars, which outlined the planned approach to the external audits for 2024/25. For the Council, potential risks were identified in areas such as management override of controls, pension liability valuation, property asset valuation, and revenue recognition. For the Pension Fund, potential risks included management override and the valuation of Level 3 investments.

Internal Audit

Over the year, the Audit Committee played an active role in shaping and overseeing the Council’s internal audit and information governance arrangements. It received the annual report from the Head of Internal Audit, which summarised the internal audit activity undertaken during 2024/25. A Reasonable Assurance opinion was issued overall. The report highlighted weaknesses in project governance, documentation, and budgeting, with planned actions including improved guidance, mandatory training, and more effective management of consultants. In relation to information security, this report noted an increase in cyber threats and data breaches, prompting further investment in technical safeguards and staff training. Over 30 audits were completed during the year, with the majority receiving Substantial or Reasonable Assurance ratings.

The Committee also received an annual report on information governance, which provided figures on the number of data breaches and reaffirmed the Council’s continued investment in technical controls and staff development. These actions demonstrate the Committee’s ongoing commitment to strengthening governance, improving resilience, and ensuring the integrity of the Council’s systems and processes.

The Committee contributed to the development of internal audit priorities for 2025/26, covering eleven key assurance areas: strategic planning, organisational governance, financial governance, risk management, information governance, performance and data quality, procurement and contract management, people management, asset management, programme and project management, and IT governance. The Committee approved the 2025/26 Internal Audit work programme and noted the accompanying Information Governance work programme.

Veritau also supported the Council’s data protection compliance and incident management processes.

Counter Fraud

Throughout the year, the Audit Committee maintained oversight of the Council’s counter fraud activities, receiving a series of reports that demonstrated continued progress in strengthening fraud resilience and governance. The Committee received several Counter Fraud update reports which provided further details on the delivery of the 2024/25 counter fraud work programme. These acknowledged ongoing efforts to address emerging fraud risks and strengthen internal controls. Key areas of focus included governance, procurement, ICT, social care, and financial systems. Targeted training was delivered across departments, with particular emphasis on document fraud and cybersecurity. Multi-agency collaboration continued, involving the Police, Department for Work and Pensions (DWP), and participation in the National Fraud Initiative.

The Committee noted the Annual Counter Fraud Report, which outlined the work undertaken by Veritau on behalf of North Yorkshire Council to prevent, detect, and investigate fraud during 2024/25. This included awareness campaigns, training sessions, and participation in national fraud initiatives, all of which contributed to enhancing the Council’s ability to safeguard public funds and maintain trust in its services. The report emphasised the importance of ongoing vigilance, collaboration, and proactive measures in addressing fraud risks.

The Committee considered the Counter Fraud Framework Report, which set out the Council’s strategic approach to managing fraud risks. The Committee approved the 2025/26 counter fraud work plan, which highlighted high-risk areas such as social care, creditor fraud, cybercrime, and procurement. The report outlined the controls and priorities for both the internal audit and counter fraud teams. Notably, the updated Counter Fraud and Corruption Policy introduced formal cautions as a new sanctioning option. The framework is reviewed annually to ensure it remains responsive to emerging threats and evolving risks.

Financial Statements

As part of its oversight of financial reporting and governance, the Audit Committee continued to support the development and approval of the Council’s Statement of Final Accounts (SOFA) across multiple financial years. The Committee established the Corporate Governance Working Group to review the draft 2022/23 SOFA for North Yorkshire County Council, as well as the outstanding legacy SOFAs from the former district and borough councils up to and including 2022/23. Following an update from the Working Group in December 2024, the Committee recommended that the County Council’s 2022/23 SOFA be signed by the Corporate Director – Resources and the Chair of the Audit Committee. The Working Group also recommended that the same officers sign the legacy council SOFAs, and this was noted by the Committee.

The Committee approved the 2023/24 NYC SOFA and authorised the Corporate Director – Resources, Chief Executive, and Chair to sign the Statement of Accounts.

The Committee also noted the timetable for the preparation of the 2024/25 SOFA, ensuring continued oversight of the Council’s financial reporting processes. In preparation for the completion of the 2024/25 accounts, the Committee noted the draft SOFA and reaffirmed its aim to formally approve the accounts at the meeting scheduled for 29 September 2025, following completion of the external audit.

Risk Management

Over the year, the Audit Committee maintained oversight of the Council’s risk management arrangements, receiving a series of reports across directorates and corporate functions. The Committee noted a progress update on North Yorkshire Council’s corporate risk register, which included the addition of new risks such as the SEND High Needs Budget, Major Schemes, Funding Challenges, and Housing Regulation Compliance. Several risks were reported to have improved in ranking, and an internal audit of the Council’s risk management arrangements received a Substantial Assurance opinion.

The Committee reviewed the Community Development risk register, which identified key risks including workforce restructuring and recruitment, health and safety compliance, financial pressures, integration of legacy systems, development of a new Local Plan, investment and operations at Harrogate Convention Centre, housing regulation compliance, and delivering sustainable economic growth. Improvements were noted in the reduction of agency staff and in health and safety planning, although housing compliance and planning system changes remain high-risk concerns.

The Health and Adult Services risk register was also considered, which highlighted ten key risks. Financial pressures, care market stability, and waiting list management were rated as the highest concerns. The Directorate forecasted a £7.7 million overspend for 2024/25, driven by rising demand, costly care packages, and changes affecting funding.

The Committee noted the risk register for Central Services, where risks associated with Customer Service and the Transformation Programme had increased due to service pressures and complexity. In contrast, risks relating to Information Governance, Cyber Security, and Health and Safety had reduced following successful mitigation efforts. The report also described progress on major projects, including the implementation of a new finance system, convergence of income management systems, and the development of a single revenues and benefits system.

Finally, the Committee reviewed the annual Business Continuity report. Internal audit confirmed that the Council’s arrangements were compliant with statutory requirements and aligned with best practice, providing assurance of the Council’s preparedness to respond to disruptive events.

Corporate Governance

Over the course of the year, the Audit Committee undertook a range of corporate governance activities to support and strengthen the Council’s assurance framework.

The Committee established the Corporate Governance Working Group, which played a key role in reviewing the draft 2022/23 Annual Governance Statement (AGS) for North Yorkshire County Council, as well as the outstanding legacy AGSs from the former district and borough councils up to and including 2022/23. Following an update from the Working Group in December 2024, the Audit Committee endorsed the recommendation that the County Council’s AGS be signed by the Chief Executive and Leader, and that the legacy AGSs be signed by the Corporate Director – Resources and the Chair of the Audit Committee.

In February 2025, the Committee approved the 2023/24 AGS and delegated authority to the Leader, Chief Executive, and Chair to sign it on behalf of the Council.

The Committee received a Corporate Governance Report, which included updates to the Local Code of Corporate Governance and the draft NYC AGS for 2024/25. It was confirmed that governance arrangements were operating effectively across the authority. The Committee recommended that the updated Local Code be approved by the Chief Executive and that the draft AGS be approved by the Chair of the Audit Committee. It is anticipated that the final AGS will be approved at the Committee’s meeting on 29 September 2025, following completion of the external audit.

In addition to its work on governance statements, the Committee reviewed its Terms of Reference and concluded that no amendments were necessary.

It also received the annual Partnership Governance report, which confirmed that no partnerships were rated as very high or high risk. One partnership was assessed as medium-high risk, and ten were rated medium risk. Only one partnership reported a governance failure, and this partnership is now subject to a governance review.

The Committee considered the Assessment of Effectiveness of Governance Arrangements for Children and Young People’s Services report, which provided assurance that the Directorate’s governance arrangements align with the Council’s Local Code of Corporate Governance. The review confirmed that there had been no major governance failures in the Directorate and confirmed that arrangements meet expected principles of good governance. External inspections supported this conclusion, with Ofsted rating children’s services as “Outstanding” and other areas receiving “Good” or “Requires Improvement” ratings. Key risks were identified in relation to SEND funding, social care demand, school financial sustainability, and capital investment.

The Committee received an update from the Procurement and Contract Management Service, highlighting a number of planned governance improvements. These included the rollout of contract management training, enhanced supplier engagement, and improved visibility through the Procurement Pipeline. The Council has increased its spend with SMEs and local suppliers, contributing to economic growth and resilience. A Social Value Charter has been introduced to guide suppliers in delivering community benefits, and regional collaboration is strengthening efforts to combat modern slavery. Technology enhancements, including spend analytics and e-tendering systems, are supporting transparency and efficiency. Since local government reorganisation, £10.1 million in procurement-related savings have been achieved.

Staff satisfaction and retention remain high, and training continues to be a priority. The strategy for 2024/25 focuses on sustainability, SME support, and environmental goals.

Financial Management

During the year, the Audit Committee received an update on changes to accounting policies for the 2024/25 financial year. These updates ensured that Members were informed of key developments in financial reporting and the implications for the Council’s year-end processes.

The Committee also reviewed the Treasury Management and Capital Strategies report for 2025/26. The Treasury Management Strategy sets out the Council’s approach to managing cash flow, investments, and borrowing, with the aim of supporting service delivery and capital projects in a financially sustainable manner. The Capital Strategy provided a long-term perspective on capital expenditure and financing, aligning investment decisions with the Council’s strategic priorities. The report included financial forecasts and an update on non-treasury investments, offering assurance on the Council’s financial planning and investment governance.

Other

The Audit Committee received a report titled Audit Committee Review of Effectiveness, which presented the results of a self-assessment survey. The findings indicated a generally positive perception of the Committee’s performance. Most respondents agreed that the Committee’s role is well understood across the Council and that it contributes meaningfully to good governance. Members were recognised for their constructive engagement in meetings, maintaining a non-political approach, and focusing discussions on key governance and risk issues. The Committee was also commended for its effective working relationships with officers and external auditors, and for providing appropriate challenge and oversight of financial statements, treasury management, and internal and external audit reports. While the overall feedback was favourable, the survey identified areas for further development. Although most members felt they had sufficient skills and resources to fulfil their roles, responses suggested that training needs are not always evaluated consistently, and that additional support could be provided more regularly. Due to this, over the course of the year, quarterly training sessions have covered Counter Fraud, the role of the Audit Committee and Teckal Companies (or Vertical Exemption). There was also some variation in views regarding the Committee’s influence over management decision-making and the extent to which its recommendations gain traction with leadership.

During the year, the Committee continued to benefit from the attendance and participation of its two independent co-opted members, David Portlock and David Marsh. I would like to extend my thanks to them for their contribution to the work of the Committee and their diligence, enthusiasm and support during the period. The Committee also recommended the appointment of Vicky Buckley to fill the Independent Co-opted Member vacancy. This followed a formal application and interview process. The recommendation was approved by Full Council on 16 July 2025, and Vicky Buckley was duly appointed as an Independent Co-opted Member of the Audit Committee.

No changes are considered necessary to the Committee’s Terms of Reference at this

time.

Councillor Cliff Lunn

Chair of the Audit Committee

[1] CIPFA – Audit Committees: Practical Guidance for Local Authorities and Police (2022 edition)