Minutes of a meeting of the Risk & Audit Committee

 

Date:                                    18 October 2023

Time:                                    9.00am

Venue:

Council Chamber

Hawke's Bay Regional Council

159 Dalton Street

NAPIER

 

Present:                              S Maloy – Chair

Cr X Harding – Deputy Chair

Cr T Hokianga

Cr N Kirton (online)

Cr J Mackintosh

 

In Attendance:                 N Peet – Chief Executive

A Siddles – Acting Group Manager Corporate Services

S Young – Executive Officer Recovery

K Brunton – Group Manager Policy & Regulation

C Comber – Chief Financial Officer

L Hooper – Team Leader Governance

J Bennett – Senior Manager - Finance Recovery

C Spencer – Senior Group Accountant

H Marsden – Risk & Corporate Compliance Manager

O Giraud-Burrell – Quality & Assurance Advisor

K McInnes – Team Leader Health Safety & Wellbeing

D Borrie & A Sofe – Ernst & Young (online)

D Nalder – Efficus Risk Consultant

C Wagner – Team Leader People & Capability Advisory

 

 


1.         Welcome/Karakia /Apologies

The Chair welcomed everyone to the meeting and Xan Harding led the group in opening the meeting with a karakia.

There were no apologies.

 

2.         Conflict of interest declarations

There were no conflicts of interest declared.

Councillor Neil Kirton joined the meeting online at 9.10am.

Councillor Thompson Hokianga left the meeting at 9.10am

 

8.

Ernst & Young Audit Close report on year end 30 June 2023

 

The Chair introduced the item and Chelsea Spencer introduced David Borrie and Ahmed Sofe of Ernst & Young who spoke to the Audit carried out for the 2022-2023 Annual Report. Discussions covered:

·    The Audit Opinion will include 2 non-standard emphasis of matter, one relating to greenhouse gasses which is standard amongst local government and a qualification specific to HBRC relating to the revaluation of infrastructure assets having not been done.

·    Accounting for the funding granted by central government for silt and flood waste removal is passed through by HBRC to individuals and companies on approved application.

·    Control findings and timelines to address recommended improvements will be provided to the next Risk and Audit Committee meeting.

·    As repair and rebuild of stopbanks is completed, staff will look to have those assets revalued at the earliest opportunity.

·    Council is accountable for ensuring funds paid to other organisations are used for the purpose intended and the limited risk is mitigated by Council’s agreements with the Waste Taskforce. If a commercial entity receives funding for silt removal they must use the money for that or return the funds to Council. Auditors will carry out checks on high risk (based on risk matrix assessment) commercial entities that have received funding.

Councillor Thompson Hokianga re-joined the meeting at 9.27am

·    Other services that EY provide are outlined in an attachment to the Agenda and this document will be considered in future as appropriate in relation to EY independence as Auditor.

RAC9/23

Resolution

That the Audit and Risk Committee receives and notes the EY Audit Close Report on Year End 30 June 2023 staff report.

Mackintosh/Harding

CARRIED

 

3.         Confirmation of Minutes of the Risk and Audit Sub-committee meeting held on 10 May 2023

RAC10/23

Resolution

Minutes of the Risk and Audit Sub-committee meeting held on Wednesday, 10 May 2023, a copy having been circulated prior to the meeting, were taken as read and confirmed as a true and correct record.

Harding/Hokianga

CARRIED

 


 

4.

Risk Management Policy Renewal

 

Susie Young introduced the item and Helen Marsden, and discussions covered:

·    The policy references the Risk framework, which is currently being reviewed and the subject of agenda item 10 and it was suggested the framework should be articulated in the Policy.

·    The risk appetite is developed through the development of the new framework.

·    This committee and councillors’ role in risk management during a disaster remains one of governance oversight and operational decisions are made by staff. Subsequent to an incident or event, material incidents and any actions required in response will be discussed at the first available meeting of either the RAC or the Council.

·    Day to day management of risks is operational and the responsibility of the Chief Executive. The Policy is about managing the risks to Council (the organisation).

·    It was suggested that the culture of risk management should be articulated in the Policy’s purpose or goal, and that a link to the community outcomes would create the link between the purpose of the organisation’s management of risk.

·    Staff will incorporate changes requested and bring the policy to a future RAC meeting for the Committee’s approval.

RAC11/23

Resolution

That Risk and Audit Committee receives and considers the Risk management policy renewal staff report.

Harding/Hokianga

CARRIED

The meeting adjourned at 10.08am and reconvened at 10.20am

5.

Treasury Compliance Report

 

Susie Young introduced the item, noting the non-compliance with third party limits that occurred to enable Council to manage the funding received from central government associated with the Cyclone Gabrielle response, particularly silt taskforce funding. Discussions covered:

·    some of the limits set previously will need to be adjusted through the Investment Strategy review and Long Term Plan processes.

·    Exceptions are managed and rectified on a day-to-day basis by the CFO and reported to the Risk and Audit Committee via this compliance report; and managed monthly in liaison with PWC as per Council’s Treasury Policy.

·    Treasury Policy, Investment Strategy and Revenue & Financing Policy are all currently under review and will be progressing through Council in February, so an early look at proposed changes will be provided to the first RAC meeting in 2024.

·    Debt reconciliation figures from PWC don’t include the HBRIC debt due to timing of reporting.

·    CDEM Reserve will not be replenished by insurance paid as those funds are to reimburse expenditure for the cyclone only.

RAC12/23

Resolution

That the Risk and Audit Committee receives and considers the Treasury Compliance Report.

Mackintosh/Harding

CARRIED

 

6.

Insurance – annual review and update

 

Susie Young introduced the item, which outlines the current insurance held. Staff are awaiting insurance brokers’ provision of new insurance proposals including costs so the paper is seeking the Committee’s agreement for staff to engage in the process of renewal due in November including participation in the excess layer of infrastructure insurance with MWLASS of $200m. Discussions covered:

·    If ‘new’ insurance agreements are further delayed, Council will seek to extend current policies.

·    MWLASS is price dependent.

·    Harbourmaster insurance is for any incidents resulting from the Harbourmaster’s actions within 12 nautical miles of the Hawke’s Bay Coast.

·    MWLASS primary layer ($1.25M) is the first layer claimed against (highest risk) while the second layer would come in for losses in excess of the $1.25M.

RAC13/23

Resolutions

That the Risk and Audit Committee:

1.      Receives and considers the Insurance – annual review and update staff report.

2.      Agrees that the decisions to be made are not significant under the criteria contained in Council’s adopted Significance and Engagement Policy, and that Council can exercise its discretion and make decisions on this issue without conferring directly with the community or persons likely to have an interest in the decision.

3.      Recommends that Hawke’s Bay Regional Council:

3.1.       Notes the report from the board of MWLASS

3.2.       Progresses with participation in the excess layer of infrastructure asset cover with MWLASS of $200m.

3.3.       Investigates how HBRC might review and assess how alternative means of insurance may be implemented across the business.

Hokianga/Mackintosh

CARRIED

The meeting adjourned at 11.05am and reconvened at 11.10am

7.

Health, Safety and Wellbeing Management System review

 

Kirsty McInnes introduced the item, which was taken as read, and outlined the previous Workplace Safety Management Practice and how Council is transitioning to the joint Australia/New Zealand Standard for Occupational Health and Safety Management Systems. Discussions covered:

·    ACC review in 2017, Crowe review in 2018 against ISO standard and internal HBRC review in 2022

·    Risk management and contractor management is continuing to mature, and is exponentially larger since the cyclone. Contractors must be SiteWise approved before working for Council.

·    In any health and safety system there is a constant maturing and continuous improvement.

·    Recommendations from the desktop review must be implemented within 12 months and will be tracked via the RAC along with incident reporting.

·    The Health & Safety picture at HBRC will be provided to the next RAC meeting.

RAC14/23

Resolution

That the Risk and Audit Committee receives and considers the Health, Safety and Wellbeing Management System review staff report.

Harding/Hokianga

CARRIED

 

9.

Confirmation of 10 May 2023 Risk and Audit Sub-committee Public Excluded Minutes

 

Resolution

That the Risk and Audit Committee excludes the public from this section of the meeting being Confirmation of Public Excluded Minutes Agenda Item 9 with the general subject of the item to be considered while the public is excluded. The reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are:

RAC15/23

 

General subject of the item to be considered

Reason for passing this resolution

Grounds under section 48(1) for the passing of the resolution

Enterprise Risk Report

s7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage

The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

Internal Assurance corrective actions update

s7(2)(f)(ii) The withholding of the information is necessary to maintain the effective conduct of public affairs through the protection of such members, officers, employees, and persons from improper pressure or harassment

The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

Privacy event

s7(2)(e) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to avoid prejudice to measures that prevent or mitigate loss to members of the public

The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

Maloy/Harding

CARRIED

 

10.

Risk Maturity Refresh

 

Resolutions

1.          That the Risk and Audit Committee excludes the public from this section of the meeting, being Agenda Item 10 Risk Maturity Refresh with the general subject of the item to be considered while the public is excluded. The reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are:

RAC16/23

General subject of the item to be considered

Reason for passing this resolution

Grounds under section 48(1) for the passing of the resolution

Risk Maturity Refresh

s7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage.

The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

 

2.          That David Nalder be permitted to remain at the meeting, after the public has been excluded, as a risk management subject matter expert and advisor to Hawke’s Bay Regional Council.

Maloy/Harding

CARRIED

 

11.

Incident report

 

Resolution

That the Risk and Audit Committee excludes the public from this section of the meeting, being Agenda Item 11 Incident report with the general subject of the item to be considered while the public is excluded. The reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are:

RAC17/23

 

General subject of the item to be considered

Reason for passing this resolution

Grounds under section 48(1) for the passing of the resolution

Incident report

s7(2)(f)(ii) The withholding of the information is necessary to maintain the effective conduct of public affairs through the protection of such members, officers, employees, and persons from improper pressure or harassment.

The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

Maloy/Harding

CARRIED

 

12.

Internal assurance dashboards

 

Resolution

That the Risk and Audit Committee excludes the public from this section of the meeting, being Agenda Item 12 Internal assurance dashboards with the general subject of the item to be considered while the public is excluded. The reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are:

RAC18/23

General subject of the item to be considered

Reason for passing this resolution

Grounds under section 48(1) for the passing of the resolution

Internal assurance dashboards

s7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage.

The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

Maloy/Harding

CARRIED

 

The meeting went into public excluded session at 11.32am and out of public excluded session at 12.55pm.

 

Closure:

There being no further business the Chair declared the meeting closed at 12.55pm on Wednesday 18 October 2023.

Signed as a true and correct record.

Date: by Risk & Audit Committee resolution 15 February 2024             Chair: Xan Harding