Agenda of Risk and Audit Committee - Wednesday, 18 October 2023

HAWKE’S BAY REGIONAL COUNCIL

Risk and Audit Committee

Wednesday 18 October 2023

Subject: Risk Management Policy Renewal

Reason for Report

1. This item seeks Risk and Audit Committee endorsement for the revised Council Risk Management Policy (CD0023) in the form of a recommendation to Council that it approve the policy.

Officers’ Recommendation

2. Staff recommend that the Risk and Audit Committee considers Council’s revised Risk Management Policy (CD0023) and recommends to Council it approves the Policy.

Background /Discussion

3. On 30 August 2023 Council adopted a Terms of Reference for the newly formed Risk and Audit Committee. Section one of the Terms of Reference states; the purpose of the Committee is to provide advice and recommend actions, responses, and changes to Council about risk management, assurance activities, governance oversight and internal control matters, including external reporting and audit matters. Section 1.1 stated this specifically and includes the robustness of Council’s risk management systems, policies, practice, and assurance processes.

4. Council’s Risk Management Policy sets out the boundaries for establishing a Council-specific risk management framework. As part of risk management maturity and under the newly formed Risk and Audit Committee improvements to Council’s risk management practices and processes (framework) were identified. Therefore, Council’s current Risk Management Policy was reviewed to ensure alignment between Council’s new framework. And, also to confirm that under the new Terms of Reference Council’s Risk Management Policy would ensure that the Risk and Audit Committee would fulfil certain obligations.

5. The review of Council’s Risk Management Policy (CD0023) against Council’s new risk management framework did not highlight any material differences.

6. The main changes to Council’s Risk Management Policy (CD0023) relate to the:

6.1. frequency of risk review and reporting

6.2. the inclusion of Councillor’s and Executive Leadership’s requirement to undertake regular sentiment surveys, and

6.3. the removal of the Risk Champion role that is no longer required under the new risk practices.

7. Council’s Risk Management Policy (CD0023) and therefore Council’s new risk management framework continue to be benchmarked and aligned to the principles of ISO 31000:2018 Risk Management Standard and the All of Government Risk Maturity Model.

8. Council’s Risk Management Policy (CD0023) when approved by Council will be published, managed, and maintained through Council’s controlled document system.

Significance and Engagement Policy Assessment

9. The significance of this decision is very low according to Council’s policy.

Financial and Resource Implications

10. Any financial impact in relation to changes to the Risk Management Policy will be managed within budget.

Decision Making Process

11. Council and its committees are required to make every decision in accordance with the requirements of the Local Government Act 2002 (the Act). Staff have assessed the requirements in relation to this item and have concluded:

11.1. The decision does not significantly alter the service provision or affect a strategic asset, nor is it inconsistent with an existing policy or plan.

11.2. The use of the special consultative procedure is not prescribed by legislation.

11.3. The decision is not significant under the criteria contained in Council’s adopted Significance and Engagement Policy.

11.4. The persons affected by this decision are staff and Councillors.

11.5. Given the nature and significance of the issue to be considered and decided, and also the persons likely to be affected by, or have an interest in the decisions made, Council can exercise its discretion and make a decision without consulting directly with the community or others having an interest in the decision.

Recommendations

That Hawke’s Bay Regional Council:

1. Receives and considers the risk management policy renewal staff report.

2. Agrees that the decisions to be made are not significant under the criteria contained in Council’s adopted Significance and Engagement Policy, and that Council can exercise its discretion and make decisions on this issue without conferring directly with the community or persons likely to have an interest in the decision.

3. Adopt and approve the revised Risk Management Policy (CD0023).

Authored by:

Helen Marsden

Risk & Corporate Compliance Manager

Approved by:

Susie Young

General Manager Corporate Services

Attachment/s

1 ⇩

Risk Management Policy (CD0023)

HAWKE’S BAY REGIONAL COUNCIL

Risk and Audit Committee

Wednesday 18 October 2023

Subject: Treasury Compliance Report

Reason for Report

1. This item provides compliance monitoring of Hawke’s Bay Regional Council (HBRC) treasury activity and reports the performance of Council’s investment portfolio for the quarter ended 30 June 2023.

Overview of the Quarter – ending 30 June 2023

2. At the end of the quarter to 30 June 2023, HBRC was compliant with all measures in its Treasury Policy, however during the period it breached the counterparty risk policy.

3. In June 2023 HBRC received a dividend of $1.87m from HBRIC following their receipt of the Napier Port dividend of the same value.

4. Cyclone Gabrielle has impacted both cash balances and borrowing requirements, with ongoing additional borrowing required to fund the recovery. Insurance proceeds when received will soften the effects of additional borrowing. The full impact of the cyclone on long-term funding is yet to be determined.

5. Additional borrowing has implications on the liquidity ratio and credit rate risks.

Background

6. Council’s Treasury Policy requires a quarterly Treasury Report to be presented to the Audit and Risk Sub-committee. The policy states that the Treasury Report is to include:

6.1. Treasury Exceptions report

6.2. Policy compliance

6.3. Borrowing Limit report

6.4. Funding and liquidity report

6.5. Debt maturity profile Interest rate report

6.6. Investment management report**

6.7. Treasury investments*

6.8. Cost of funds report Cash flow and debt forecast report

6.9. Debt and interest rate strategy and commentary

6.10. Counterparty credit report

6.11. Loan advances.

7. The Investment Management report has specific requirements outlined in the Treasury Policy. This requires quarterly reporting on all treasury investments plus annual reporting on all equities and property investments.

8. In addition to the Treasury Policy, Council has a Statement of Investment Policy and Objectives (SIPO) document setting out the parameters required for funds under management for the HBRC Long Term Investment Fund.

9. Since 2018, HBRC has procured treasury advice and services from PricewaterhouseCoopers (PwC) and their quarterly Treasury Report containing the reports noted in paragraph 8 is attached.

Treasury exceptions report & policy compliance

10. During the quarter to 30 June 2023, there were 4 instances of noncompliance with the HBRC counterparty risk policy. These arose due to the lumpy receipt of disaster recovery funds and the need to hold additional funds to pay third parties at short notice. The breaches were corrected as soon as practical. HBRC was compliant with all other measures in its Treasury policy.

11. The maximum breach was $23.49m which is $8.49m over the counterparty credit limit of $15m. The remaining 3 breaches were all under $20m and therefore within $5m of the credit limit.

12. This remains an on-going issue while the Council works through the cyclone recovery.

Funding & Liquidity

13. To ensure HBRC has the ability to adequately fund its operations, current policy requires HBRC to maintain a liquid balance of “greater than 10% of existing total external debt”. Current liquidity ratio is 14.4% and therefore meets policy.

14. The following table reports the cash and cash equivalents on 30 June 2023.

30 June 2023	$000
Cash on Call	7,186
Short-term bank deposits	-
Total Cash & and Deposits	7,186

15. To manage HBRC liquidity risk, HBRC retains a Standby Facility with BNZ. This facility provides HBRC with a same day draw down option, to any amount between $0.3-$10.0m, and with a 7 day minimum draw period.

Debt Management

16. On 30 June 2023 the current external debt for the Council group was $84.2m which includes $1m of pre-funded debt ($100.863m including the loan from HBRIC).

17. Since the March quarter an additional $25m in borrowings were received to assist with increased cash requirements following Cyclone Gabrielle. $15m of this funding is short-term, with the remaining $10m is medium term.

18. The following summarises the year-to-date movements in Council’s debt position.

Summary of HBRC Debt

	HBRC only $000	HBRC Group $000
Opening Debt – 1 July 2022 – excl HBRIC Loan	46,725	46,725
New Loans raised	43,850	43,850
Less amounts repaid	(6,375)	(6,375)
Closing Debt 30 June 2023 (excluding HBRIC loan)	84,200*	84,200
Plus opening balance - loan from HBRIC	16,663	-
Total Borrowing as at 30 June 2023	100,863	84,200

*Includes pre-funding debt of $1m.

19. Council debt maturity profile remains compliant, however short term drawdowns have pushed the policy limit in the 0-3 year bucket. This will remain high while we work through the cyclone funding. The below infographic includes our $10m BNZ overdraft in total debt.

20. We have borrowed a further $15m on in the quarter to 30 September 2023 and are currently forecasting further drawdowns being required in Q3 between 1 January 2024 and 31 March 2024. However, the amounts required and timing is yet to be confirmed and will depend on the execution of the capital programme planned between now and then.

21. Any insurance or NEMA proceeds will be used to repay the short-term debt which is currently c$30m.

22. We are continuing to assess the interest rate risk as this is also impacting maturity profiles, putting pressure on the short-term buckets.

23. Our action to rectify this is to confirm our new debt forecast and monitor our swap options.

Managed Funds

24. Total Investment Fund portfolios capital, adjusted for inflation at 30 June 2023 was $9.532m below the inflation-adjusted contribution target. Based on results to date and the value of the protected amount of funds, funds held are not sufficient to deliver the returns required to meet Council’s requirement. No divestments have been made from managed funds this year.

25. Council budgets separately for revenue from directly-held managed funds and those held by HBRIC. HBRIC is required to deliver an overall portfolio return by way of an annual dividend agreed through an annual Statement of Intent. The composition between revenues from managed funds and other sources such as port dividends, is up to the HBRIC board. While the Council has budgeted to receive $10.5m in dividends from HBRIC within the FY 2022-2023, the Council has only received $6.87m due to significant downgrading of the port dividend.

26. The following table summarises the fund balances at the end of each period and the graph illustrates the asset allocations within each fund at 30 June 2023.

	30 Jun 2022	31 Dec 2022	30 June 2023
Fund Balances HBRC	$000	$000	$000
Fund Balance HBRC	104,449	104,421	110,828
Capital Protected Amount HBRC (2% compounded since inception)	114,239	115,384	115,895
Current HBRC value above/(below) capital protected amount	(9,790)	(10,963)	(5,067)
Funds Balances (Group + HBRIC)
Long-Term Investment Fund (HBRC)	45,679	45,713	48,400
Future Investment Fund (HBRC)	58,770	58,708	62,428
Total HBRC	104,449	104,421	110,828
Plus HBRIC	43,226	43,315	45,638
Total Group Managed Funds	147,675	147,736	156,466
Capital Protected Amount (2% compound inflation)	162,720	164,350	164,798
Current group value above/(below) protected amount	(15,045)	(16,614)	(8,332)

27. Fund performances have been steady this year with all cash returns reinvested.

Cost of funds

28. For the last financial year to 30 June 2023, Gross Cost of Funds (COF) was 3.72% and Net COF was 3.55%

HBRIC Ltd

29. In accordance with Council Policy, HBRIC provides separate quarterly updates to the Corporate and Strategic Committee. However, given the missed meeting due to the cyclone the December 2022 quarterly update was provided to Council on 29 March 2023.

Decision Making Process

30. Staff have assessed the requirements of the Local Government Act 2002 in relation to this item and have concluded that, as this report is for information only, the decision-making provisions do not apply.

Recommendations

That the Risk and Audit Committee receives and considers the Treasury Compliance Report.

Authored by:

Jess Bennett

Senior Manager - Finance Recovery

Tracey O'Shaughnessy

Treasury & Investments Accountant

Approved by:

Susie Young

General Manager Corporate Services

Attachment/s

There are no attachments for this report.

HAWKE’S BAY REGIONAL COUNCIL

Risk and Audit Committee

Wednesday 18 October 2023

Subject: Insurance – annual review and update

Reason for Report

1. This item provides the Committee with an update on the levels of insurance cover that are operating across HBRC and to ensure that Councillors are aware of the cover in place and where risk exists in obtaining further limits.

2. The TOR for the Risk and Audit Committee is for this committee to review and recommend to Council the approach to insurance strategy and placements as part of its risk management practices.

Officers’ Recommendations

1. Councillors acknowledge the level of insurance cover in place across Hawkes Bay Regional Council and support staff to maintain levels of cover already in place.

2. Council officers support a further $200m group policy being entered into by HBRC (along with MWLASS participants).

Executive Summary

3. Our insurance brokers have indicated to HBRC that they expect premiums will increase up to 20% in the coming year upon renegotiation. HBRC currently pay $1.1m per annum for current policies in place.

4. In addition to an increase cost, a proposal to have a further $200m underground cover has been proposed as a group policy through MWLASS. This is over and above our current group policy limit of $300m taking the full cover to $500m(Group).

5. Investigation into self-insurance, or other mechanisms to meet cover and needs of the organisation, needs to be reviewed.

Background /Discussion

3. HBRC has predominantly held insurance for commercial motor vehicles, material damage to commercial and residential assets, infrastructure, contract works, marine and harbour master, employers’ liability and statutory liability, professional indemnity and cyber. HBRC has, to date, had reasonable comfort with the ability to obtain insurance in offshore markets and hase received cover requested.

4. Over the last 12 months, insurers in NZ (through offshore global reinsurers) have indicated the unease of reinsurers to provide cover to specific industries, and global protection gaps caused by the combination of climate change, cyber threats and social and demographic changes are been seen.

5. The National Climate Change Risk Assessment for Aotearoa New Zealand (NCCRA) highlighted recently that “New Zealand’s financial system is highly exposed to climate change through local changes and international markets”. Financial instability could result from a single shock or a series of events (such as cyclones, fires, or floods) which trigger a revaluation of assets in Aotearoa New Zealand or indirectly via international markets. Additionally, the pricing of ongoing, gradual changes (such as sea-level rise) might precipitate sudden reappraisals, such as insurance retreat from coastal assets, new debt limits, or interest rate hikes.

6. The period of Insurance Cover is due 31October 2023, and we are anticipating an increase in premiums charges, including possible challenges to obtain full cover at this time.

7. Recently, HBRC encountered issues with obtaining Harbourmaster Insurance. HBRC has an excess layer, which is $75mil over $25mil on Harbourmasters Liability. Our insurer Markel (through Singapore) only offered 50% cover for this, with co-insurance having to be obtained through London via Munich Re.

Current Insurance Cover

8. Attachment 1, outlines all insurance policies currently in place across HBRC. Insights from our current policies are:

8.1. Material Damage - Commercial & Residential – This is a Group Policy with Hawke's Bay Council Group and has a Limit $600m (HBRC sub-limit is $20m). A memorandum of understanding is yet to be put in place across Councils. A follow up has been made with Legal and HDC.

8.2. Standing Timber Insurance Policy (Forestry) – The market damage resulting from past cyclones has meant that insurers are asking for more details around our risk. Some are just not insuring certain types of trees (meaning an increased risk to carbon credits etc (probably requiring more buffer). HBRC are engaging with PF Olsen to understand impacts once we receive new information from AON on this.

8.3. Commercial Marine Hull – All Hydro assets that 'live' on water must be transferred to this policy. This is as a result of the Coastal Monitoring Buoy that was lost at sea back in June 2022. It was noted that these assets should not be on the MDBI policy but on a specific Marine Policy. So far we have roughly identified $2.4m (TBC) of Hydro assets that may need to be transferred. Complexities are some of these assets are groups of individual fixed assets (ie monitoring equipment).

8.4. Contract Works – A formal review is required of this based on contracted works we expect in the coming years for rebuild. Work is required between Asset Management and Works Group to understand the risks to the organisation. In normal conditions HBRC cover Works Group external contracts within the $250k contract limit (i.e this is manly used for small contracts) any other larger contracts are required to have their own contract works insurance.

8.5. Infrastructure Disaster Damage - Per MW LASS. The last full review of this was in 2018. It’s proposed that a third layer of $200m is needed to take the Group limit to $500m. This is covering c$4.48b of sum insured assets across the 9 Councils, with varying sub-limits. The excess layers haven't been reviewed for some years while asset values have continued to increase during this time. Refer to below decision.

Additional MWLASS above ground cover.

1. Selected councils in the lower North Island currently have a group infrastructure policy of $300m for infrastructure assets (Group limit). This is made up of a Primary layer $125m and Secondary layer $175M.

2. HBRC has a principal sub-limit of $65m (HBRC’s loss limit). Of this 40% insured on total limit only with the assumption all other assets are flood critical and therefore covered by NEMA.

9. Other councils within this policy are Hastings District Council, Central Hawkes Bay District Council, Manawatu District Council, Whanganui District Council, Rangitikei District Council, Horizons Regional Council, Ruapehu District Council and Tararua District Council.

10. In 2018 when this policy was last reviewed total assets across the councils was circa $2bn. Assets now held across these councils is double, i.e. upward of $4.4bn.

11. In 2023 Manawatu-Whanganui Local Authority Shared Services and Hawkes Bay Councils (MWLASS+HB) engaged Aon Global Risk Consulting (Aon) to assess the potential damage and loss from a large earthquake event affecting the group portfolio. MWLASS+HB has identified the need to undertake an earthquake loss modelling exercise to evaluate the suitability of their shared natural catastrophe limit, as declared on the group infrastructure policy, prior to the 2023/24 renewal. (refer to attachment 2a AON: Earthquake Loss Analysis for Infrastructure Assets and attachment 3 MWLASS – Infrastructure Insurance Layers and 3a Example of Pooled Insurance).

12. The report has highlighted that in an earthquake, assets located in areas susceptible to liquefaction or landslides can experience greater damage. Hawkes Bay Councils have a high percentage exposure to liquefaction.

13. HBRC has assets worth $340m (cost to fully rebuild all assets). In an event such as an earthquake it could be foreseeable that the damage would be significant compared to the recent flooding.

14. A very large central NZ earthquake is also likely to impact all the 9 councils therefore putting pressure on the available group funds to be allocated. Scenario modelling review was undertaken by Aon Risk Consulting – refer to Attachment 3: Manawatu-Whanganui Local Authority Shared Services and Hawkes Bay Councils (MWLASS+HB) Earthquake Loss Analysis for Infrastructure Assets.

15. The report is highlighting that the Hawkes Bay region is susceptible to high risk of liquefaction, including predicted damage from a large quake.

16. The expected cost for this additional cover has been proposed at $800k-$900k. All Councils wishing to be part of this, need to advise MWLASS by the end of October 2023. It is likely not all Councils will chose to be part of this, and cost may be lower/higher dependent on participants.

17. The MWLASS board has requested that MW LASS member councils review the completed report and analysis (scenario modelling) with a request that member councils receive the report provided, and acknowledge whether the member council may wish to participate.

Alternative methods of insurance

6. In response to recent events, reinsurance costs have increased substantially. Insurers have to manage these extra costs by increasing premiums. Recently, insurers have been using an increase in excess to ensure that insurance remains accessible. However, in some situations, the excess may be so high that the cover makes the cost of insurance difficult to justify.

7. Mōhio’s Climate Innovation Lab, at Auckland University, released an options report on financing climate adaptation (Attachment 4: Adaptation Finance – Risks and Opportunities Aotearoa New Zealand - report attached for interest only). Insights from this report identify options and alternative means of mitigating risks, such as environmental, green, social and sustainability bonds.

8. In 2022 Auckland City Council moved to self-insurance fund model. Auckland Council ring-fenced managed funds creating an asset backed self-insurance fund (SIF) and requires the management of the investment fund to be outsourced to an external provider.

9. The MIF was initially seeded with NZD 20 million and is expected to grow over time through future premiums (less claims), investment returns and potentially further capital injections.

9.1. The MIF must maintain a moderate level of liquidity to pay claims, as required and must minimise the correlation of the portfolio to events that might impact Auckland negatively.

Strategic Fit

10. Insurance to cover future climate change events is in the best interest of Hawkes Bay Regional Council to ensure ongoing protection of our above and below ground assets.

11. Protecting our $340m of infrastructure will ensure value is maintained by our ratepayers, that in addition provides vital flood mitigation to our region.

12. However further investigation is required to find alternative cheaper mitigations for insurance risks given the large and continued increases in premiums as shown.

Significance and Engagement Policy Assessment

13. The decisions presented in this paper would not be considered to trigger the significant and engagement policy.

Financial and Resource Implications

14. Our insurance brokers have indicated to HBRC that they expect premiums will increase up to 20% in the coming year upon renegotiation. Increase in premiums must be met by general rates. Any increase will directly impact available funds.

15. In addition, lack of insurance cover for material and critical assets may lead to unrecoverable losses in the future and HBRC having no ability to fund replacements/re-establishment.

Decision Making Process

16. Council and its committees are required to make every decision in accordance with the requirements of the Local Government Act 2002 (the Act). Staff have assessed the requirements in relation to this item and have concluded:

16.1. The decision does not significantly alter the service provision or affect a strategic asset, nor is it inconsistent with an existing policy or plan.

16.2. The use of the special consultative procedure is not prescribed by legislation.

16.3. The decision is not significant under the criteria contained in Council’s adopted Significance and Engagement Policy.

16.4. Given the nature and significance of the issue to be considered and decided, and also the persons likely to be affected by, or have an interest in the decisions made, Council can exercise its discretion and make a decision without consulting directly with the community or others having an interest in the decision.

Recommendations

That the Risk and Audit Committee:

1. Receives and considers the Insurance – annual review and update staff report.

3. Recommends that Hawke’s Bay Regional Council:

3.1. Note the report from the board of MWLASS;

3.2. Progress with participation of excess layer of infrastructure with MWLASS of $200m.

3.3. Review how HBRC may review and look into how alternative means of Insurance may be implemented across our business.

Authored by:

Chris Comber

Chief Financial Officer

Chris Dolley

Group Manager Asset Management

Approved by:

Susie Young

General Manager Corporate Services

Attachment/s

1 ⇨	HBRC Insurance Policy Cover Oct 2023	Under Separate Cover
2 ⇨	AON: Earthquake Loss Analysis for Infrastructure Assets	Under Separate Cover
3 ⇨	MWLASS – Infrastructure Insurance Layers	Under Separate Cover
4 ⇨	Example of Pooled Insurance	Under Separate Cover
5 ⇨	Adaptation Finance – Risks and Opportunities Aotearoa New Zealand	Under Separate Cover

HAWKE’S BAY REGIONAL COUNCIL

Risk and Audit Committee

Wednesday 18 October 2023

Subject: Health, Safety and Wellbeing Management System review

Reason for Report

1. This item provides the Committee with an update on the intended alignment of the HBRC Health, Safety and Wellbeing Management System (HSWMS) with the ISO45001 framework, including ongoing assurance over Health and Safety matters.

Background

ACC Workplace Safety Management Practice (WSMP)

2. From 2001 to 2019 HBRC’s HSWMS was audited and certified under the ACC Workplace Safety Management Practice (WSMP) audit standard.

3. The WSMP audit standard aligned with AS/NZS 4801:2001, the joint Australia/New Zealand Standard for Occupational Health and Safety Management Systems.

4. Audit delivery differed between WSMP and AS/NZS 4801; with AS/NZ 4801 being a higher-level audit process.

5. While organisations may have sought certification under AS/NZ4801 or OHSA 18001, this was generally in response to parent company and/or customer requirements and not common. In terms of market acceptance within NZ, ACC WSMP was the ‘default’ standard.

6. WSMP had three levels of achievement, each attracting a workplace levy discount. To enter and remain in the programme, organisations had to achieve and maintain Primary level (at a minimum) and undertake reaudit every two years. HBRC achieved and maintained Tertiary level.

Level	Workplace Levy Discount
Primary	10%
Secondary	15%
Tertiary	20%

7. ACC ceased the WSMP programme in 2019 and as part of the cessation process extended HBRC’s achievement and discount level for a further 12 months

Crowe Horwath

8. In 2018 Crowe Horwath conducted a review of HBRC’s HSWMS. Their audit programme was based on the key requirements of:

8.1. Health and Safety at Work Act 2015

8.2. ISO0 45001:2018 Occupational health and safety management systems

8.3. Health and Safety Guide: Good Governance for Directors (Institute of Directors & WorkSafe).

9. The review was conducted by applying discussion, observation and review techniques; it included the material requirements of the above ‘good practice’ health and safety management systems and incorporated the following:

9.1. Policy, planning, resources, responsibilities

9.2. Leadership, worker participation & engagement

9.3. Governance

9.4. Hazard and risk management

9.5. Information, training and supervision

9.6. Contractor (PCBU) engagement

9.7. Incident management

9.8. Health and wellness

9.9. Emergency management

9.10. Audit and review.

10. Review outcomes included recommendations related to both Risk and Health & Safety. The (then) GM Group Manager Office of the Chief Executive and Chair and the HBRC HR Manager implemented the update/development of recommendations to be adopted by HBRC as part of the H&S workplan. The (then) HBRC HR Manager also held responsibility for the HBRC HSWMS, and as such began working on the adopted recommendations. After he left, the HR & Safety roles were reconfigured, and the HSW Team Leader picked up the implementation of the recommendations. The HBRC Risk Manager reported back to RAS until completed. Areas that continue to be matured are risk management and contractor management.

2021 to present

11. Despite the impacts of Covid 19 lockdowns of 2020/2021 and the staffing levels within the HSW team, HBRC’s HSWMS was maintained at a level commensurate with WSMP Tertiary. This was verified via an internal review conducted in 2022.

12. HBRC’s HSWMS strategy and work plans covering 2021-2024 have been built around the following health and safety cornerstones. These cornerstones reflect the HSMS system in use at the time of developing the strategy and work plan as well as the items that were reviewed as above in 2018:

12.1. Knowledgeable workplace leadership

12.2. Actively identifying, managing, and monitoring risk

12.3. Managing the pandemic response to Covid-19 and variants

12.4. Improving the management of contractors

12.5. Improving health, safety and wellbeing engagement and culture

12.6. Enabling an effective implementation plan and reviewing annually

12.7. Improving reporting and provision of relevant information.

13. In 2022, HSW and ELT discussed the need to scope a new HS audit programme and the focus was to determine which programme might best suit HBRC.

14. The HSW team sought information from the wider health and safety community, which included other Councils such as Napier City and Horizons about their progression from ACC WSMP into other audit programmes.

15. From the discussions held and evidence observed, the majority had maintained their HSMS, updated as relevant to meet any applicable legislative or industry changes but had not progressed into another certification programme.

16. The objective of the review is to align the Hawkes Bay Regional Council’s health and safety management systems to a recognised and current standard.

Discussion

17. Organisations who had moved to another certification programme undertook one of the following options.

Programme	Programme Status	Certification availability
AS/NZ4801	Available Superseded until 13 July 2023. Post (July) refer to ISO45001	N/a
OHSA 18001	Withdrawn replaced by ISO45001	N/a
ISO45001	Current	Yes
Safe+	Current	No* outcome defined by 3 performance levels

18. Both Napier City and Horizons councils have undertaken Safe+.

19. While Safe+ is independently audited by approved auditors, it is not based on an accredited audit standard. It is also not recognised outside of NZ and has not been widely adopted by NZ organisations.

20. ISO45001 is an internationally-recognised certification standard. ISO standards provide an overarching management system framework that is recognisable across the suite of certification products, for example ‘Leadership’ includes components of commitment, policy, roles, responsibilities and authorities. These components appear across the various ISO standards, and their implementation is contextualised to the audit standard being undertaken.

21. HBRC holds current ISO9001:2015 certification for several areas of the business. As such, the QMS in the business areas covered by that certification already conform to the general ISO framework. Aligning with that framework, albeit in a health and safety context under ISO45001, provides HBRC with natural QMS / HSWMS synergies.

22. The objective of the review is to align the Hawke’s Bay Regional Council’s health, safety, and wellbeing management system to a recognised and current standard.

23. The table below summarises activity to date

Time period	Activity
2001-2019	HBRC certified under ACC WSMP programme
2018	Crowe Horwath Internal Audit Decision by the Group Manager Office of the Chief Executive and Chair, the HR Manager re recommendations HBRC to adopt HBRC WSMP certification extended to 2019
2019	Work begins to implement recommendations ACC WSMP programme ceases; HBRC certification ends
2020	HSW TL new into role, manages HBRC Covid response; picks up and continues implementation of recommendations as part of HSW workplan
2021	HSW TL continues with recommendations (as part of HSW workplan)
2022	Internal review of HSMS against ACC WSMP standard Investigation into alternative safety standard ‘programmes’ – findings and recommended pathway presented to ELT
2023	ELT approves recommendation to align HSMS with ISO45001 Pathway stages mapped and stage 1 to occur

Financial and resource implications

Programme	Year one (2023)	Year two (2024)	Year three (2025)	Year five (2027)
ISO45001 Programme as recommended by External Auditors	Stage 1 Document review Review processes. Post review 12 months to update/amend (based on recommendations) and collect evidence of any changes in practice as a result of those. ‘In general, 12 months evidence of operational implementation required	Onsite Gap Analysis Review processes alongside updates from previous recommendations and evidence of practice. Conducted onsite.	Onsite Gap Analysis Review processes alongside updates from previous recommendations and evidence of practice. Conducted onsite.	Move to standard 2 yearly review cycle
Cost: excl GST	Approx. $ 2500	Approx. $ 4800	Approx. $4800
Time	1.5 days inc report writing	2 days inc report writing	2 days inc report writing

Next steps

24. External auditor confirmed for desktop document review in November 2023.

25. Document review completed; report received with recommendations.

26. Recommendations and remedial plan of activity provided for ELT and Risk and Audit Committee.

27. Recommendations included into the HSW Strategic Plan and Work Plan for 2024-2026.

Decision-making process

28. Staff have assessed the requirements of the Local Government Act 2002 in relation to this item and have concluded that, as this report is for information only, the decision-making provisions do not apply.

Recommendation

That the Risk and Audit Committee receives and considers the Health, Safety and Wellbeing Management System review staff report.

Authored by:

Kirsty McInnes

Team Leader Health Safety & Wellbeing

Liana Monteith

Manager People & Capability

Approved by:

Susie Young

General Manager Corporate Services

Attachment/s

There are no attachments for this report.

HAWKE’S BAY REGIONAL COUNCIL

Risk and Audit Committee

Wednesday 18 October 2023

Subject: EY Audit Close report on year end 30 June 2023

Reason for Report

1. This report presents the Audit and Risk Committee with the auditor’s preliminary findings from the year ended 30 June 2023 audit.

2. Staff from Ernst & Young will provide their report on Friday 13 October. They will present their findings and be available to answer questions and provide clarification to the committee as required.

Background

3. Each year, following the completion of the audit of HBRC’s Annual Report, the auditor’s report back to the governing body on any findings from the audit. The report provides commentary on areas where the auditors identified control matters during their audit procedures and makes recommendations for improvement.

4. The production of the Annual Report 2022-2023 has been a time-pressured process for staff due to late adoption of the Annual Plan and tightened annual report adoption timeframe. This is the first time in 3 years that the reporting deadline has been 31 October after extensions to 31 December for the previous two years. 31 October is the normal statutory deadline that is expected going forward.

5. This is Ernst & Youngs (the auditors) second year completing the HBRC audit.

Discussion

6. The year end audit commenced on 18 September and is ongoing however, HBRC management had a status update with the auditors on Friday 6 October where the following specific matters were covered:

6.1. The auditors have completed or substantially completed the majority of their areas of focus, however, there are still some areas of testing and internal review to be completed.

6.2. Consolidated group accounts are still to be received and reviewed by the auditors in the week beginning 9 October 2023.

6.3. The auditors were complimentary of HBRC staff and their positive engagement and support to perform the audit.

6.4. The auditors also signaled some audit adjustments. These have been summarised by HBRC management below with audit commentary to come in their report.

6.5. The auditors have indicated they will be including some control findings and improvements in their report but have not yet finalised what these are with staff at the time of preparing the paper. These will be included in their report.

6.6. As previously indicated to the Corporate and Strategic committee on 14 June 2023 and HBRC Council workshop on 11 October 2023, the auditors are expecting to issue a modified or qualified audit opinion on the basis that no valuation has been completed for infrastructure.

7. Audit Adjustments

8. Recognition of HBDRT bank account –

This is a bank account held by HBRC on behalf of the Hawkes Bay Disaster Relief Trust as an administrator. As HBRC are deemed to have control of the account (through access and approval rights) the auditors require us to recognise the cash balance asset of $2.5m at 30 June 2023 and an offsetting liability for funds held on behalf of the HBDRT.

9. Adjustment to valuation of HBRC investment in HBRIC –

As part of their audit process, Foodeast (subsidiary of HBRIC) had an audit adjustment to their net assets which we need to reflect in our valuation calculation. This adjustment will increase our investment by $4m.

10. LGFA interest reclassification –

HBRC holds some zero-coupon loans with LGFA. As they are zero coupon the auditors require us to reclassify the interest of $0.63m from accrued interest to the loan principal balance.

11. Insurance proceeds –

In May 2023 HBRC’s co-insurers agreed to paying HBRC $4m as a partial settlement of claims under our policy for losses arising from Cyclone Gabrielle to stopbanks and other specified assets. These funds were not received until July 2023, however, as they were approved before 30 June 2023 the auditors require us to recognise the revenue and receivable.

12. Management agrees with each of these adjustments and intend to correct these within the financial statements.

13. As the audit process is ongoing there may be additional audit adjustments identified.

14. Control Findings –

These will be communicated by the auditors in their report.

Next Steps

15. The 2022-2023 Annual Report will be presented at the Regional Council meeting on 25 October 2023 for adoption.

Decision Making Process

16. Staff have assessed the requirements of the Local Government Act 2002 in relation to this item and have concluded that, as this report is for information only, the decision-making provisions do not apply.

Recommendation

That the Audit and Risk Committee receives and notes the EY Audit Close Report on Year End 30 June 2023 staff report.

Authored by:

Chelsea Spencer

Senior Group Accountant

Sarah Bell

Team Leader Strategy and Performance

Chris Comber

Chief Financial Officer

Approved by:

Susie Young

Executive Officer Recovery

Attachment/s

1 ⇩	Ernst & Young Audit Close Report and Report on Control findings
2 ⇩	2023 HBRC IESBA Approval report

Hawke’s Bay Regional Council

Risk and Audit Committee

Wednesday 18 October 2023

Subject: Confirmation of Public Excluded Minutes

That the Risk and Audit Committee excludes the public from this section of the meeting being Confirmation of Public Excluded Minutes Agenda Item 9 with the general subject of the item to be considered while the public is excluded. The reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are:

General subject of the item to be considered	Reason for passing this resolution	Grounds under section 48(1) for the passing of the resolution
Enterprise Risk Report	7(2)(f)(ii) The withholding of the information is necessary to maintain the effective conduct of public affairs through the protection of such members, officers, employees, and persons from improper pressure or harassment s7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage	The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.
Internal Assurance corrective actions update	7(2)(f)(ii) The withholding of the information is necessary to maintain the effective conduct of public affairs through the protection of such members, officers, employees, and persons from improper pressure or harassment s7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage s7(2)(e) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to avoid prejudice to measures that prevent or mitigate loss to members of the public	The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.
Privacy event	7(2)(f)(ii) The withholding of the information is necessary to maintain the effective conduct of public affairs through the protection of such members, officers, employees, and persons from improper pressure or harassment s7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage s7(2)(e) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to avoid prejudice to measures that prevent or mitigate loss to members of the public	The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

Authored by:

Leeanne Hooper

Team Leader Governance

Approved by:

Desiree Cull

Strategy and Governance Manager