HAWKE’S BAY REGIONAL
COUNCIL
Risk
and Audit Committee
Wednesday
6 August 2025
Subject: Treasury Compliance Report
for the period 1 April - 30 June 2025
Reason for report
1. This item provides
compliance monitoring of Hawke’s Bay Regional Council’s (HBRC)
Treasury activity and reports the performance of Council’s investment
portfolio for the quarter ended 30 June 2025.
Overview of the quarter ending 30 June 2025
2. On 30 June 2025 HBRC was
compliant with all measures in its Treasury Policy.
3. The impact of Cyclone
Gabrielle continues to affect cash balances and borrowing needs. Additional
borrowing to support recovery and resilience efforts will persist over the next
two to three years, while projects and insurance claim proceeds are being received
more slowly than initially expected.
4. Council has increased its
external debt to fund working capital and has repaid the maturing HBRIC loan
originally advanced in 2020.
5. An additional $10m standby
facility was established to support the increased level of liquidity
requirements associated with the higher debt levels Council will carry during
the NIWE project.
6. A further $25m in interest
swaps were executed in April to maintain compliance and mitigate interest rate
risk associated with current debt levels.
7. Fitch affirmed Councils AA
credit rating for a further 12 months. This was underpinned by a
combination of revenue and liquidity policy robustness and flexibility, balance
by moderate expenditure pressure due to cyclone recovery efforts.
Background
8. Council’s Treasury
Policy requires the Risk and Audit Committee to discuss treasury matters on a
quarterly basis.
9. In addition to the Treasury
Policy, Council has a Statement of Investment Policy and Objectives (SIPO)
document setting out the parameters required for all HBRC Group funds under
management.
10. Since 2018, HBRC has
procured treasury advice and services from PricewaterhouseCoopers (PwC) who
provide quarterly treasury reporting for internal monitoring purposes.
Treasury
exceptions report and policy compliance
11. HBRC was compliant with the
counterparty risk policy with all banks during the quarter to 30 June
2025.
12. Council staff continue to
maintain the view that management of Recovery Funding held on behalf of others
sits outside HBRC’s Treasury Policy for normal operations and is excluded
from treasury reporting. At 30 June this was $3.829m.
13. Funds held on behalf of the
Silt & Debris programme were fully utilised by 30 June, while funds held
for HBRRA and Crown Managers remain to fund activities until their contract
expiry on 31 March 2026. Any unspent funds will be returned to the Crown.
Funding
and liquidity
14. To ensure HBRC can
adequately fund its operations, current policy requires us to maintain a liquid
balance of ‘greater than 10% of existing total external debt’.
Current liquidity ratio is 24.65% and therefore
meets policy.
15. The following table reports
the cash and cash equivalents on 30 June 2025.
16. To manage liquidity risk,
HBRC currently maintains two Standby Facilities, $10m each with ANZ and LGFA.
Once the NIWE project is completed we anticipate reducing this back to only one
$10m facility.
17. The OCR is currently
sitting at 3.25% with reviews due in August, October and November.
Markets are anticipating a decrease between 0.25% and 0.50% before the end of
the year, giving weight to continue borrowing at floating rather than fixed
rates. Current returns for on-call funds are aligned
with the OCR for Jarden and ANZ, while BNZ is offering returns 5 basis points
below OCR.
18. Council holds a $4m term
deposit with Rabo (via Jarden) to pre-fund the next LGFA debt maturing April
2026. This attracts a rate of 4.2%.
Debt
management
19. On 30 June 2025 the
external debt for the Council group was $117.6m.
20. At quarter end, Council
repaid the $16.663m loan from HBRIC, utilising a non-cash dividend issued by
HBRIC.
21. During the quarter Council
borrowed a further $18m from LGFA, $14m to repay maturing LGFA loans and $4m to
fund working capital.
22. The following summarises
the year-to-date movements in Council’s debt position.
Summary of HBRC Debt
|
|
HBRC
only
|
HBRC
Group
|
|
$000
|
$000
|
|
Opening
Debt 1 July 24 - excluding HBRIC Loan
|
113,500
|
113,500
|
|
New Loans Raised (principal only)
|
24,000
|
24,000
|
|
Less amounts paid (principal only)
|
(19,900)
|
(19,900)
|
|
Closing Debt 30 June 2025
|
117,600
|
117,600
|
|
HBRIC
Loan (Related party loan)
|
16,663
|
-
|
|
HBRIC
Loan repayment
|
(16,663)
|
-
|
|
Total Borrowings at 30 June 2025
|
117,600
|
117,600
|
23. Council’s total debt
maturity profile remains compliant.
The table below
includes our current $20m overdraft facilities in total debt and offsets
Councils pre-funding term deposit.
Funding
summary
24. Council’s 0-3 year
funding policy continues to be under pressure as we finance the NIWE projects
during this period. Additional short-term funding is necessary due to
delays in the Crown reimbursing their share of the project costs.
Meanwhile, the Council’s portion will be funded through longer-term
inter-generational debt to match the asset’s lifecycle. Additional
short-term borrowing has commenced in July 2025 as Council works through the
reimbursement process with Crown.
25. Management is continuing to
enhance it’s short-term debt forecast to provide better visibility during
the NIWE project period. Given the pressures on the debt profile, current
forecasts suggest that debt could rise to $200m during the short term, depending
on the timing of the Crown’s reimbursements.
Borrowing
limits
26. Council continues to
monitor and work within the agreed borrowing limits set by both Council and the
LGFA.
27. The ratios below exclude
all HB Recovery cash & cash equivalents held but does include all managed
funds as a liquid asset for assessing net debt. This means that we currently
have negative external debt in the first ratio.
|
Ratio
|
HBRC
Limit
|
LGFA
Limit
|
Actual to
30 June 2025
|
|
Net external debt as a percentage of revenue
|
<250%
|
<285%
|
-17.80%
|
|
Net interest on external debt as a percentage of total revenue
|
<20%
|
<20%
|
1.35%
|
|
Net interest on external debt as a percentage of annual rates
income
|
<30%
|
<30%
|
4.18%
|
|
Liquidity buffer amount comprising liquid assets and available
committed debt facility amounts relative to existing total external debt
|
>110%
|
>110%
|
236.13%
|
Interest
rate risk
28. At 30 June Council held
$78m in fixed rate instruments, hedging 56% of current external debt, and is
compliant with policy, based on the FY2025-2027 Three-Year Plan.
Additional hedging was purchased in April to ensure continued compliance to
policy until February 2026.
29. These hedging instruments
are held at three banks, Westpac, BNZ and ANZ and are below policy limits.
(refer graph at point 9).
Managed
funds
30. Total Group Investment Fund
portfolios at 30 June 2025 were $176.5m, up from $170m in March and $2.9m above
the inflation-adjusted contribution target.
31. The Portfolio’s
delivered a total return of 8.34% for the year, comprising 3.53% ($5.9m) in
fair value gains and 4.81% ($8.0m) in income. During the year $5m was
withdrawn to support Council’s cash dividend requirements.
32. Markets are expected to
continue their volatility and should be viewed through the lens of a long-term
asset, with returns assessed on a rolling 5-year average.
33. The following table summarises the fund balances at the
end of each period and the graph illustrates the asset allocations within each
fund on 30 June 2025.
|
|
30-Jun-24
|
31-Mar-25
|
30-Jun-25
|
|
|
|
|
|
|
Fund Balances HBRC
|
$000
|
$000
|
$000
|
|
Fund Balance HBRC
|
118,722
|
120,449
|
124,804
|
|
Capital Protected Amount HBRC (2% compounded since inception,
increasing to 2.5% from 1 July 2024)
|
118,890
|
121,133
|
121,890
|
|
Current HBRC value above/(below) capital protected amount
|
(168)
|
(684)
|
2,914
|
|
Funds Balances (HBRC + HBRIC)
|
|
Long-Term Investment Fund (HBRC)
|
51,847
|
54,141
|
56,091
|
|
Future Investment Fund (HBRC)
|
66,875
|
66,308
|
68,713
|
|
Total HBRC
|
118,722
|
120,449
|
124,804
|
|
Plus HBRIC Managed Funds (FIF)
|
48,854
|
49,991
|
51,761
|
|
Total Group Managed Funds
|
167,576
|
170,439
|
176,565
|
|
Capital Protected Amount (2%/2.5% from 1 July 2024 compound
inflation)
|
169,343
|
172,539
|
173,617
|
|
Current group value above/(below) protected amount
|
(1,768)
|
(2,099)
|
2,948
|
Cost
of funds
34. For the 12 months to 30
June 2025 gross cost of funds (COF), i.e.: interest spend, was $5.05m which
equates to 4.49% on the average debt over the last 12 months. Net COF after
offsetting interest received was $4.73m equating to 4.22%.
HBRIC
Ltd
35. In accordance with Council
policy, HBRIC provides separate quarterly updates to the Corporate and
Strategic Committee.
Decision-making process
36. Council and its committees
are required to make every decision in accordance with the requirements of the
Local Government Act 2002 (the Act). Staff have assessed the requirements in
relation to this item and have concluded:
36.1. The decisions of the
Committee are in accordance with the Terms of Reference and decision-making
delegations adopted by Hawke’s Bay Regional Council 30 August 2023,
specifically the Risk and Audit Committee shall have responsibility and
authority to:
36.1.1. Review the Council’s revenue and
expenditure policies, amongst others, and the effectiveness of those policies
in ensuring limited risk is generated. (1.3)
36.2. Because this report is for
information only, the decision-making provisions do not apply.
Recommendation
That
the Risk and Audit Committee receives and notes the Treasury Compliance
Report for the period 1 April – 30 June 2025.
Authored by:
|
Tracey O'Shaughnessy
Treasury & Investments
Accountant
|
|
Approved by:
|
Chris Comber
Chief Financial Officer
|
|
Attachment/s
There are no attachments for this report.
HAWKE’S
BAY REGIONAL COUNCIL
Risk
and Audit Committee
6 August
2025
Subject: August 2025 Risk Management
update
Reason for report
1. This paper provides the
Risk and Audit Committee with an update on the focus of risk management activities
across HBRC and the results from the regular strategic risk assessment process.
Executive Summary
2. Legislative Reform &
Planning Pause: HBRC is navigating RMA replacement legislation and responding
pragmatically to the central government’s directive to halt unnecessary
plan changes, with natural hazard planning and the TANK Plan continuing under
exemptions.
3. Leadership Changes: Key ELT
appointments include Richard Wakelin (GM, Integrated Catchment Management), Pip
O’Connor (Acting GM, Corporate Services), and Mike McGarvey (Acting CIO).
4. Efficiency &
Effectiveness Review: The “Fit for Future” report outlines five
strategic shifts and has been presented to Council. The Action Plan will be
completed by end of August, with implementation to begin in September via a new
virtual desk.
5. Shared Services with NCC: A
new joint Risk, Assurance and Controls Team has been established, supported by
a Service Level Agreement and shared reporting lines.
6. Technology Projects: New
initiatives to address operational risk include contract management system
rollout, rates system replacement, and network resilience upgrades (Starlink
and ISP redundancy).
7. NIWE Programme: Now in
delivery phase with $22.8M spent. Key risks include pump station upgrades and
land access. Assurance activities and procurement are progressing.
8. Independent Flood Review
Response: Priority projects advancing include the Extreme Weather Hub, flood
forecasting, infrastructure bylaws, evacuation planning, and hazard portal
refresh. PwC engaged for assurance.
9. Health, Safety &
Wellbeing: ISO45001 alignment underway. Robyn Ross leads foundational
improvements in risk management, training, and incident reporting. Full
alignment expected in 18–24 months.
10. Strategic Risk Profile:
Councillors express concern over emergency management, Te Tiriti principles,
and external engagement. ELT shows higher confidence overall.
11. Internal Controls &
Assurance: Cyber training, compliance frameworks, and infrastructure reviews
are active. A policy framework review has been completed to strengthen
governance.
Discussion
Wider external context
12. Legislative reform: HBRC is
currently navigating several reform streams, including the Natural Environment
Act and Planning Act, which are set to replace the RMA. These reforms are
creating uncertainty and transitional complexity for councils.
13. Planning pause: In July
2025, Minister Bishop announced that councils should halt “unnecessary
plan changes” under the Resource Management Act (RMA) as part of the
transition to a new resource management system. HBRC has adopted a targeted and
pragmatic approach to this directive, continuing planning work related to
natural hazards, which is explicitly allowed under the government’s
exemption criteria. HBRC has confirmed that the TANK plan is unaffected by the
directive, as it is in its final stages before the Environment Court and has
legal effect, qualifying it to proceed under the exemption rules.
14. National Policy Statements
(NPS): The Government has scaled back the scope of new and amended NPSs,
recognizing their limited shelf life before the new resource management system
takes effect. Councils are not required to immediately implement these changes,
allowing HBRC to align them with future planning cycles.
15. 2025 Local Elections: HBRC
has issued the Pre-Election Report, which outlines key issues for voters and
candidates, including climate resilience, water security, and financial
sustainability. The report is apolitical and aims to foster informed public discussion.
Internal Council Operating Environment
16. There have been key personnel
changes at the Executive Leadership Team (ELT). Richard Wakelin has been
permanently appointed as the General Manager (GM) of Integrated Catchment
Management. Susie Young has resigned, and Pip O’Connor has been appointed
as Acting GM of Corporate Services from 1 July. Recruitment is underway for a
permanent replacement. In the interim, Mike McGarvey has been contracted as
Acting Chief Information Officer (CIO).
17. The Efficiency and
Effectiveness (E&E) review has delivered its first report, 'Fit for
Future,' which identifies the core issues facing HBRC and outlines five key
shifts to make the organization more effective and sustainable. The next steps
include developing an Action Plan by late August, which will cover resourcing,
timeline, and outcomes. Implementation is set to begin in September, led by
HBRC staff through a new 'Fit for the Future' Virtual Desk.
18. The Shared Services
programme, a collaboration between HBRC and NCC, aims to explore shared service
opportunities to enhance efficiency and effectiveness, driven by financial
pressures and a collective commitment to reducing costs for ratepayers.
18.1. The Risk Management space
is the first area of focus, as vacancies within both the NCC and HBRC Risk
Management teams provided an opportunity to reassess organizational structures
and explore improved ways of working together.
18.2. Through collaborative
efforts, both Councils have developed and agreed upon a change proposal that
establishes a new Shared Service structure. This structure consolidates Risk
Management functions across both organizations to reduce duplication, streamline
operations, and ensure a coordinated approach to risk oversight.
18.3. The confirmed new Shared
Service Structure introduces three new roles operating jointly across both
Councils, each dedicating approximately 50% of their time in a shared
capacity. These positions will be employed by NCC as the Shared Service –
Risk, Assurance and Controls Team and will be supported by a formal Service
Level Agreement between the Councils, providing a dotted reporting line through
to our Chief Legal Advisor, Aimee Sandilands.
19. Three technology projects
have been initiated to address operational risks:
19.1. Contract Management: We are
implementing a new Contract Management technology solution to standardize our
contract management processes, improve performance and workflow management, and
implement advanced tracking and reporting mechanisms to ensure compliance with
regulatory and funding requirements. Work is progressing well, with the
solution expected to be in place from late August/September.
19.2. Rates Replacement: We are
replacing our aging legacy Rates systems with a modern SaaS system. The SaaS
was chosen following a robust selection process, with a focus on reducing risk
and maintaining cost-effective services. This project is in the early initiation
phase and will be in place for the FY26/27 rates season. The current rates
system has been bolstered with extra security and backup controls for the
current FY25/26 rates season.
19.3. Network Resilience: We are
installing a Starlink at 159 Dalton Street and adding a 'redundant' ISP to our
network, with both initiatives creating cost-effective backup internet
infrastructure in case of critical loss of service. Procurement is complete, with
installation underway and due to be completed by the end of August.
20. Security, integrity and
privacy of data and information.
20.1. Significant progress has
been achieved with the 'Record Retention and Disposal' project, aimed at
ensuring compliance with the Public Records Act and enhancing information
management within our SharePoint environment. The work is anticipated to be
completed by October across all SharePoint sites, after which the taxonomy and
tagging will be automatically applied on an ongoing basis.
North
Island Weather Events (NIWE) Flood Resilience Programme
21. The NIWE Programme has
transitioned into a construction procurement and delivery phase, with all
Project Delivery Plans (PDPs) approved.
22. Total spend to date across
the programme, to June 2025, is $22.8 million, with claims now being submitted
to NIFF for reimbursement. Project budgets remain a key focus as cost pressures
on most projects continue. The most significant risks sit with Pump Station
Upgrades and Pōrangahau. Mitigation actions include scope reduction,
optimisation of alignment footprints, and reassessment of design.
23. The Whirinaki project,
previously flagged as a red-rated risk, has improved following $9 million in
Crown funding and $3 million from HBRC, reducing financial exposure.
24. Stop bank procurement has
progressed, with 25 responses received and evaluation underway.
25. Consenting is now a
critical path activity. The programme has developed detailed schedules to
ensure timely submissions.
26. Land access remains a key
risk, especially for Wairoa, Ōhiti, and Pōrangahau. These projects
involve multiple whenua Māori blocks and require engagement with the
Māori Land Court and Māori Trustee. A specialist lawyer and the
Wairoa Crown Manager are actively supporting land access negotiations.
27. The comprehensive programme
assurance framework has been reinvigorated to safeguard performance, uphold
quality standards, and strengthen stakeholder confidence throughout the
lifecycle of the NIWE Programme. Additional assurance activities were undertaken
in June, including an Independent Assurance Advisor review of cost management
processes, risk workshops across projects, and ongoing reviews of stage‑gate
checklists and change registers to ensure all documentation aligns with
programme requirements.
Progress
on response to independent review recommendations
28. HBRC continues to make
strong progress in responding to the recommendations of the Hawke’s Bay
Independent Flood Review (HBIFR), with several priority projects advancing and
new assurance mechanisms now in place.
28.1. Extreme Weather Hub: This
is now live, with positive community feedback and engagement with the website.
28.2. Floor Forecasting: This
project is progressing, with upgrades to data models and a public-facing
dashboard in development, which will be displayed on the Extreme Weather Hub
once completed. Design and architecture reviews currently underway.
28.3. Bylaw to Protect Flood
Infrastructure: Work is underway to scope a new bylaw that would give HBRC
additional powers to control activities affecting flood protection and drainage
systems. This is part of a broader review of HBRC’s flood schemes
28.4. Trigger Levels and
Evacuation Planning: HBRC is collaborating with CDEM and community
partners to pilot trigger levels and evacuation plans. These are being tested
at the community level to improve readiness and response
28.5. Reimagining Flood
Resilience: Following the Major Schemes Review, HBRC is engaging with mana
whenua and communities to explore long-term flood resilience strategies. This
includes structural and non-structural options for future-proofing the region.
28.6. Hazard Portal Refresh:
A business case for the Hazard Portal Refresh has been funded for
this financial year. Options are being assessed to improve its functionality
and lifecycle, with the report expected by October.
29. Programme Assurance and
Verification: HBRC has engaged PwC to verify that its actions
appropriately reflect the HBIFR recommendations. The contract has been
agreed and signed and this work will begin, now that funding has commenced in
this financial year.
Health,
Safety and Wellbeing Programme update
30. HBRC’s Health, Safety
and Wellbeing (HSW) team continues to progress alignment of its management
system with the ISO45001 framework, following the independent gap analysis
conducted by ECAAS Certification in late 2023.
31. The
resulting 2024–2027 Work Plan remains the guiding document for
this transformation, with efforts focused on embedding consistent and
sustainable HSW practices across the organisation.
32. In recent
months, Robyn Ross, an Exemplar Global ISO45001 Lead Auditor, has been
contracted as Acting Head of HSW. Robyn has reviewed HBRC’s current
position and identified several areas—such as critical risk
management, employee training, and incident reporting—that
require further development to meet ISO standards.
33. In response, HBRC
has refined its approach to prioritise foundational HSW practices
rather than addressing gaps reactively. This shift is intended to build a
robust and enduring HSW culture that naturally supports ISO alignment.
34. Key initiatives currently
underway include:
34.1. Development of a critical
risk management plan
34.2. Clarification of roles and
responsibilities across the organisation
34.3. Strengthening of incident
reporting systems and training programmes.
35. ISO alignment is expected
to take 18–24 months, based on current resourcing and programme scope.
36. HBRC is also preparing for
a transition in leadership, with a new permanent Head of HSW joining in August.
Robyn Ross will support the handover and continue contributing to the programme
pipeline.
36.1. The Risk and Audit
Committee will receive regular updates on progress, with a proposal to move
towards standalone HSW reporting to better reflect the team’s
forward-looking work.
Internal
Audit services
37. Our annual financial audits
with Ernst & Young have been commissioned and will commence on 1 September
for both HBRC and HBRIC.
38. Details for the Data and Analytics
Review have not been finalised – an update will be provided at the next
committee meeting.
Key
Internal Controls and Assurance
Information Computer Technology
39. We have implemented a new
Cyber training framework, “KnowB4”, which requires more regular
staff training and provides improved monitoring and awareness campaigns.
40. SAM for Compliance (the
Local Government Cyber Security Assurance Framework) is now embedded, with the
team working towards Level 1 compliance this financial year.
41. The network and
infrastructure resilience & optimisation programme is underway, involving a
comprehensive review of our backend technology environment, ensuring it is
cost-effective, fit for purpose, and has sufficient resilience & redundancy
built in. Where appropriate, opportunities to share and align with NCC and HDC
are being explored.
Significant
events
42. This quarter, there were no
notable events.
Strategic
Risk Management approach
43. HBRC continues to adopt an
approach to Risk Management that deliberately reframes ‘risk’
away from a negative focus on ‘things that might go wrong’ to one
that focuses on the major area of ‘uncertainty’ that might
impact on HBRC’s purpose, strategic priorities and operating model.
44. This approach has been
operationalised through the development of:
44.1. A one-page HBRC
Enterprise Dashboard, that reflects the organisation’s strategic risk
profile.
44.2. Supporting One Page
Management Plans for each of these areas of strategic risk/uncertainty.
These provides transparency as to the underlying risk/uncertainty, causes,
consequences, controls, sources of assurance, monitoring metrics, actions and
associated accountabilities.
44.3. Regular Sentiment
Surveys that rate each of these strategic risks on the basis of a
collective assessment of the ELT and Councillors.
45. The purpose of this
approach is to enable the integration of ‘risk management’ with
wider ‘management’ across HBRC, supporting risk aware discussion
and decision making
46. The Risk Management Policy
and Framework sets the expectations of staff and Councillors with respect to
the identification, assessment, management, monitoring and reporting of risk
across HBRC. This policy has recently been updated and was endorsed by
the Risk and Assurance Committee at the 7 May 2025 meeting.
Strategic
Risk Profile
47. The strategic risk profile
is set out in Attachment 1 and has been updated for the results from the
Sentiment Survey completed in July by the Executive Leadership Team and
individual Councillors.
48. In general, there is a
relatively higher level of confidence from the ELT compared to that of
Councillors regarding the strategic risk areas represented within the HBRC
Enterprise
Dashboard.
|
Confidence/Concern
|
Risk Appetite
|
ELT
|
Councillors
|
|
Red - Fundamental concerns,
cannot live with this, intervention required as a matter of priority
|
Outside of risk appetite
|
None
|
None
|
|
Amber - Significant
concerns, uncomfortable to live with this and we need to do something
different
|
None
|
8
|
|
Yellow - Some
concerns, can live with this currently but would like to do more
|
Within risk appetite
|
20
|
18
|
|
Green - Reasonably
well placed, comfortable to live with this
|
7
|
1
|
49. The specific areas where
councillors are concerned relate to:
49.1. In terms of strategic priorities:
49.1.1. Confidence from the
community
49.1.2. Upholding the principles of
Te Tiriti
49.2. In terms of groups of
activities:
49.2.1. Effectiveness of Emergency
Management
49.3. In terms of areas of
uncertainty presenting strategic risk:
49.3.1. Culture, capability and
capacity of people
49.3.2. Coordination and
connectedness of activity and decision making
49.3.3. External change and reform
49.3.4. Effectiveness of external
partner and stakeholder relationships
49.3.5. Effectiveness of
communication and engagement
50. This strategic risk profile
is shown in the attached HBRC Enterprise Risk Dashboard (Attachment 1).
Internal control environment
51. Internal controls are
‘the process designed, implemented, and maintained by those charged with
governance, management, and other personnel to provide reasonable assurance
about the achievement of an entity's objectives with regard to reliability of
financial reporting, effectiveness and efficiency of operations, and compliance
with applicable laws and regulations.’
52. In effect, internal
controls are the policies, processes, procedures and systems that HBRC has in
place that manages uncertainty (i.e. risk) and ensures the integrity,
efficiency and effectiveness of operations and delivery.
53. The key aspects of
HBRC’s internal control environment broadly includes:
|
|
Examples of critical HBRC
internal controls
|
|
Sets expectations
Ensures staff understand what
is expected of them and that they are clear on their authority to act
|
Critical controls include:
·
Policy framework
·
Delegations of authority
·
Role definition and segregations of duties
·
Strategic and business planning
·
Conflict of interest management
|
|
Delivers on expectations
Supports operational delivery
and ensures work performed is managed appropriately, in line with
expectations set
|
Critical controls include:
·
Stakeholder engagement and communication
·
Funding, budget setting and financial management
·
People management
·
Health, safety and well-being management
·
Procurement and vendor management
·
Project delivery and change management
·
Catchment and flood protection asset management
·
Corporate and fleet asset management
·
Investment management
·
Information, record and data management
·
Technology and communication management
·
Physical security and site access management
·
Logical security and system access management
·
Business continuity and disaster recovery management
|
|
Ensures expectations are met
Checks that actions taken and
work delivered is consistent with the expectations set above
|
Critical controls include:
·
Regulatory compliance management
·
Corporate legislative compliance management
|
54. Central to a strong system
of internal controls is the need for an effective Policy Framework. This
is a structed and consistent approach to develop, approve, implement, monitor
and review organisational Policies that provide staff with a clear set of
expectations to guide activity and behaviour.
55. A review of HBRC’s
Policy Framework has been undertaken, and the results of this review are summarised in Attachment
2.
Decision-making considerations
56. Council and its committees
are required to make every decision in accordance with the requirements of the
Local Government Act 2002 (the Act). Staff have assessed the requirements in
relation to this item and have concluded:
56.1. The decisions of the
Committee are in accordance with the Terms of Reference and decision-making
delegations adopted by Hawke’s Bay Regional Council 30 August 2023,
specifically the Risk and Audit Committee shall have responsibility and authority
to provide advice and recommend actions, responses, and
changes to the Council about risk management, assurance activities, governance
oversight and internal control matters, including external reporting and audit
matters. Specifically, this includes:
56.1.1. The robustness of
Council’s risk management systems, policies, practice and assurance
processes. (1.1)
56.1.2. Review whether Council
management has a current and comprehensive risk management framework and
associated procedures for effective identification and management of the
Council’s significant risks in place. (2.1)
56.1.3. Undertake periodic
monitoring of corporate risk assessment, and the internal controls instituted
in response to such risks. (2.2)
56.2. Because this report is for
information only, the decision-making provisions do not apply.
Recommendation
That
the Risk and Audit Committee receives and considers the August 2025 Risk
Management update staff report.
Authored by:
|
David Nalder
Acting Risk Manager
|
Olivia Giraud-Burrell
Quality & Assurance Advisor
|
|
Jess Bennett
Programme Finance & Controls
Manager
|
|
Approved by:
|
Pip O'Connor
Chief Information Officer
|
Nic Peet
Chief Executive
|
Attachment/s
|
1⇨
|
HBRC - Strategic risk summary July
2025
|
|
Confidential - Under
Separate Cover
|
|
2⇨
|
HBRC - Policy Framework review July
2025
|
|
Confidential - Under
Separate Cover
|
