Venue:

Council Chamber

Hawke's Bay Regional Council

159 Dalton Street

NAPIER

FIN161/21

Minutes of the Finance Audit & Risk Sub-committee meeting held on Wednesday, 4 August 2021, a copy having been circulated prior to the meeting, were taken as read and confirmed as a true and correct record.

Foss/Kirton

CARRIED

FIN162/21

Minutes of the Extraordinary Finance Audit & Risk Sub-committee meeting held on Wednesday, 18 August 2021, a copy having been circulated prior to the meeting, were taken as read and confirmed as a true and correct record.

Foss/Kirton

CARRIED

4.

Audit NZ Report on Year Ended 30 June 2020

Jessica Ellerm introduced the item, relating to the financial year that ended 30 June 2020, with discussions highlighting:

·    Findings and recommendations from Audit are being addressed by staff, particularly around building capacity in the Finance team and the implementation of the new finance system.

·    Impacts of Covid, changes in personnel and Council’s previous financial system all contributed to a very challenging Audit process and are reflected in the report’s findings.

·    Staff will have conversations with Audit prior to 2021-22 audit about the level of detail contained in commentary.

·    Adjustment made to the ACC liability to account for land value increases, which had not been picked up in previous audits.

·    Non-financial metrics corrected through Audit so are correct in the final Annual Report.

·    Receiving the Audit report on the review of the audit process is consistent with the Terms of Reference for the sub-committee and does not need to be adopted by Council.

FIN163/21

Resolutions

1.       That the Finance, Audit and Risk Sub-committee:

1.1.     receives and accepts the “Audit NZ Report on the Year ended 30 June 2020” and advises the Corporate and Strategic Committee accordingly.

1.2.     notes the consequences of Audit report delays on the organisation.

Foss/Foley

CARRIED

5.

2020-21 Annual Report – Draft Non-Financial Results

James Palmer introduced the item which has been provided in advance of the financial results to alleviate potential delays for adoption of the annual report. Sarah Bell and Mandy Sharpe outlined the process to date and discussions covered:

·    this version of the non-financial results has been updated to reflect feedback on a draft document provided to the Corporate and Strategic Committee

·    some targets not achieved or reported as off track due to overly ambitious targets being set at the outset (2018)

·    LTP sets out what Council is going to do and the associated budgets for the 2021-22, 22-23 and 23-24 financial years and any significant or material changes to activities or budgets has to be subject to an Annual Plan or LTP amendment process which may include public consultation

·    New 2021-31 Long Term Plan is supported by a Corporate Plan that includes adequate organisational resources (e.g. IT, accommodation, staff) to support growth to enable Council to meet the ambitious targets that have been set

·    Impacts on achieving targts that are outside of Council’s control include Covid, inflationary costs and a challenging labour market

·    The non-financial results, incorporated into the Annual Report document, will go to FARS in December for recommending to Council for adoption.

FIN164/21

Resolution

That the Finance, Audit and Risk Sub-committee receives and notes the “2020-21 Annual Report – Draft Non-financial Results” staff report.

Foss/Foley

CARRIED

6.

Roadsafe S17a Review

James Palmer introduced the item and Mary-Anne Baker, who was involved in setting the scope for the review, spoke to the item. Discussions covered:

·    The business as usual approach has not achieved the required results in terms of reducing harm associated with road use.

·    Road Safety programme is a component of Central Government’s ‘Road to Zero’ strategy and part funded by Waka Kotahi.

·    The Regional Transport Committee considered and resolved their agreement to the s17a review at the 17 September 2021 meeting.

·    Section 17a reviews examine the efficiency and effectiveness of the way a service is delivered and recommend improvements.

FIN165/21

Resolutions

That the Finance, Audit and Risk Sub-committee:

1.        Receives and considers the “Roadsafe s17a Review” staff report.

2.        Agrees that the decisions to be made are not significant under the criteria contained in Council’s adopted Significance and Engagement Policy, and that Council can exercise its discretion and make decisions on this issue without conferring directly with the community or persons likely to have an interest in the decision.

3.        Approves the engagement of Morrison Low to undertake a Service Delivery Review of the Hawke’s Bay Regional Council’s Road Safety function.

Kirton/Maloy

CARRIED

7.

Risk Maturity Update

Helen Marsden and Olivia Giraud-Burrell introduced the item and themselves, highlighting:

·    Correction to paragraph 9 – should read “Each Group Manager has dedicated 0.1 of an FTE to assisting the Risk Team implement an embedded risk management system.” This equates to close to 1 FTE total.

·    Last FARS and Corporate and Strategic Committee meetings agreed to reset the baseline timeframes for the project plan

·    Phases 1 through 3 will be completely closed out, including finalising 3 remaining enterprise risk bowties, by Christmas 2021

·    Proposed to split the phase 4 of the roadmap into two separate but concurrent project plans/components – one looking at formalising the risk processes that occur part of the business planning and strategy, and the other taking the risk content developed in phases 1-3 of the roadmap and turning that into operational risk processes helping embed systematic risk management into Council operations

·    Moving past phase 4 Council’s risk vision may consider integration of risk based business management frameworks (e.g. QMS. H&S etc) with common functions being led by experts.  For example, People and Capability team would provide leadership on competency frameworks, culture, etc

FIN166/21

Resolutions

1.        That the Finance, Audit and Risk Sub-committee receives and considers the “Risk Maturity Update” staff report.

2.        The Finance, Audit and Risk Sub-committee reports to the Corporate and Strategic Committee that:

2.1.         Phases I through III of the Risk Maturity Roadmap are nearing completion, and

2.2.         Staff, with full Executive Leadership Team endorsement and commitment, are preparing two discrete project plans to embed risk management processes and risk-based thinking into the business; this being the delivery of phase IV ‘risk intelligence’ of the risk maturity roadmap. The timeframe for implementation of phase IV of the risk maturity roadmap is estimated to be approximately two years.

Foley/Maloy

CARRIED

8.

Annual Enterprise Internal Audit Plan

Helen Marsden introduced the item, which was taken as read. Discussions covered:

·    Staff proposing 2 audits of Council’s fraud management framework and data analytics and to retain the balance of the budget to allow flexibility to undertake other audits if the need arises

·    Operational audits are regularly undertaken within the business and then escalated to Internal Audit if there are high risk or material findings from that internal process

·    Suggestion that an internal audit of Council’s entire “people and capability” management system including Health, Safety and Wellbeing, Recruitment, etc be undertaken next financial year

·    Fraud Management audit will not be a deep dive into financials to investigate whether fraud has happened, but instead an audit of the systems and processes in place to prevent fraud, e.g. financial delegations, purchase approvals.

FIN167/21

Resolutions

That the Finance, Audit and Risk Sub-committee:

1.        Receives and considers the “Annual Enterprise Internal Audit Plan” staff report.

2.        Agrees that the decisions to be made are not significant under the criteria contained in Council’s adopted Significance and Engagement Policy, and that the Sub-committee can exercise its discretion and make decisions on this issue without conferring directly with the community or persons likely to have an interest in the decision in accordance with its Terms of Reference.

3.        Approves the 2021-22 Annual Enterprise Internal Audit Plan as proposed, being:

3.1          Fraud Management Framework

3.2          Data Analytics

3.3          retention of the ability for additional internal audits as the Sub-committee decides are necessary.

4.        Reports to the Corporate and Strategic Committee that the 2021-22 Annual Enterprise Internal Audit Plan has been approved and will be carried out within budget provisions made in the 2021-22 Annual Plan for this purpose.

Foss/Kirton

CARRIED

9.

Internal Assurance Dashboard - Corrective Actions Status Update

Olivia Giraud-Burrell introduced the item, which was taken as read. Queries and discussions covered:

·    Covid 19 response debrief management actions have been completed and the ‘communication’ finding will now be closed

·    The management actions from the Talent Management audit are on track to date and the People and Capability Manager will be invited to attend the next sub-committee meeting to provide a detailed update.

FIN168/21

Resolutions

That the Finance, Audit and Risk Sub-committee:

1.      Receives and notes the ‘Internal Assurance Dashboard - Corrective Actions Status Update’ staff report and accompanying dashboard.

2.      Confirms that management actions undertaken or planned for the future adequately respond to the findings and recommendations of the internal audits.

3.      Confirms that the dashboard reports provide adequate information on the progress of corrective actions and the progress of the approved Annual Internal Audit programme.

4.      Confirms that the management actions from the HBRC Covid-19 Response Debrief Report Communication (Internal & External) finding have been completed and the finding is now closed.

5.      Reports to the Corporate and Strategic Committee, the Sub-committee’s satisfaction that the Internal Assurance Programme Update provides adequate evidence of the adequacy of Council’s internal assurance functions and management actions undertaken or planned respond to findings and recommendations from completed internal audits.

Foss/Kirton

CARRIED

10.

Internal Assurance Dashboard - Cyber Security Corrective Actions Status Update

FIN169/21

Resolution

That the Finance, Audit and Risk Sub-committee excludes the public from this section of the meeting, being Agenda Item 10 Internal Assurance Dashboard - Cyber Security Corrective Actions Status Update with the general subject of the item to be considered while the public is excluded; the reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution being:

Foss/Kirton

CARRIED

11.

Confirmation of 4 August 2021 Public Excluded Minutes

FIN170/21

Resolution

That the Finance, Audit and Risk Sub-committee excludes the public from this section of the meeting being Confirmation of 4 August 2021 Public Excluded Minutes Agenda Item 11 with the general subject of the item to be considered while the public is excluded; the reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution being:

Foss/Kirton

CARRIED

12.

Confirmation of 18 August 2021 Public Excluded Minutes

FIN171/21

Resolution

That the Finance, Audit and Risk Sub-committee excludes the public from this section of the meeting being Confirmation of 18 August 2021 Public Excluded Minutes Agenda Item 11 with the general subject of the item to be considered while the public is excluded; the reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution being:

Foss/Kirton

CARRIED