Agenda and draft minutes

Apologies for absence were received from Councillors Lloyd Briscoe, Robert Boyle, Ceara Roopchand, and Tom Wren.

There were no declarations of interest.

To approve as a correct record the minutes of the meeting held on 18 February 2026

The minutes of the Audit Committee held on 18 February 2026 were approved and signed by the Chair.

To consider the proposed Shared Internal Audit Service (SIAS) Internal Audit Plan for 2026/27

The Committee received a report presenting the draft Internal Audit Work Programme for 2026–27. The report outlined the audit planning process, including consideration of internal audit standards, current topical requirements, horizon scanning, discussions with senior managers, and a risk assessment process used to inform the programme.

Members noted that the programme provided coverage across key areas, including financial systems and information technology, and set out the proposed resourcing arrangements. The report also included details of performance management, incorporating a suite of performance indicators reported to both the Committee and senior management.

Appendix A was noted as containing detailed information on each proposed audit, including scope, timing, and identified audit sponsors. A reserve list of audit work was also included to allow flexibility should planned work be cancelled or deferred.

It was highlighted that the programme reflected a business as usual approach for 2026–27 but remained flexible to accommodate changes in circumstances during the year. Members also noted Appendix D, which contained the Internal Audit Strategy and Service Plan, provided for background information and invited member comment.

During discussion, clarification was sought regarding ownership of the risk register. It was confirmed that while responsibility for compiling the register sat with a designated officer, individual risks were owned by relevant Council managers, with oversight provided by this Committee and previously by the Senior Leadership Team. Members were advised that the risk register was included within the Part 2 agenda.

In response to a query, it was confirmed that previous audit findings had informed the development of the work programme. The planning process considered the audit universe of auditable areas, with coverage typically on a three to five year cycle, adjusted according to risk level and previous audit outcomes.

It was RESOLVED that the report be noted.

To consider the Shared Anti-Fraud Service’s proposed Anti-Fraud Plan for 2026/27.

The Committee received an overview of the proposed SAFS 2026/27 plan, including key performance indicators (KPIs), within their committee papers, accompanied by a covering report. A brief overview was provided, and questions were invited.

The report had outlined how the plan aligned with the national fraud context, the allocation of Shared Anti-Fraud Service (SAFS) resources, and the agreed KPIs and service standards. It had also referenced a range of external reports and legislation. The full plan was included at Appendix A, with KPIs at Appendix B.

In response to a question regarding staff awareness of fraud, the officer stated that awareness was both subjective and objective. It was noted that staff were the Council’s strongest asset but could also be vulnerable if unaware of fraud risks. The increasing sophistication of fraud, particularly through accessible artificial intelligence tools, meant that fraudulent communications were now more convincing and harder to detect. Training was therefore considered essential.

The officer advised that awareness training was delivered across all partners, including bespoke sessions for services and wider sessions for all staff. Service leads were expected to ensure staff attendance. While overall awareness among officers was described as high, some gaps remained due to varying levels of experience and engagement. The evolving nature of fraud was emphasised, and members were encouraged to promote attendance at future training sessions, including those provided for councillors.

In response to a further question regarding proactive measures, the officer explained that early intervention was key. Officers actively reviewed referrals from staff where fraud was suspected, enabling timely action and information sharing. Fraud alerts were regularly circulated to partners, highlighting emerging risks identified across the UK; over 20 such alerts had been issued during the year.

Additional proactive work included post-investigation reviews, where risks were identified and reported to senior officers, with recommendations made to improve systems, processes, and policies. Fraud risk assessments were also undertaken across partner organisations, although these were resource-intensive and limited to two or three per year. Findings from this work were shared across the partnership through board meetings and circulated to relevant officers.

The officer concluded that while reactive work remained necessary, significant effort was made to adopt a proactive approach to fraud prevention.

It was RESOLVED that the report be noted.

To consider progress on the SAFS Anti-Fraud Plan 2025/26.

The Committee received a report covering the period from April to December 2025. The report was noted as a summary of relevant updates.

Prevention and Policy Work
Members noted that a review of fraud and associated policies, supported by SAFS, had been ongoing in liaison with the Assistant Director of Finance, with completion anticipated by the end of the financial year.

It was reported that four fraud alerts relating to ID document and email spoofing risks had been circulated since the last update, bringing the total number of fraud threat reports issued during the year to 25. These had been shared with all relevant partners.

The Committee noted that training sessions had been delivered across all levels of the Council up to December 2025. These covered fraud prevention and awareness, ID documents, recruitment fraud, and updates on the Economic Crime and Corporate Transparency Act (ECCTA), including the introduction of the failure to prevent fraud offence in September 2025.

An ECCTA briefing had been provided to senior management, and discussions had taken place regarding compliance and associated risks. In December 2025, a gap analysis and action plan had been implemented alongside a review of the Council’s Anti-Fraud Policy.

Investigations and Internal Control Improvements
Members noted that three executive reports had been issued to senior management and Internal Audit following investigations. Two related to procurement processes and one to declarations of interest. These reports identified system weaknesses and included recommendations to mitigate ongoing fraud risks.

Reactive Work and Investigations
The Committee was informed that 128 referrals had been received during the period, covering areas including housing, council tax, procurement, and blue badge misuse. Of these, 56 referrals had been made by Council officers.

As of December 2025, 37 cases remained under investigation and 17 were at the referral stage, with an estimated total loss of £840,000.

A total of 19 investigations had been closed during the year, with fraud identified in 13 cases.

Council tax discount reviews had identified additional revenue of £48,000. Joint work with the Department for Work and Pensions (DWP) had identified £29,000 in losses relating to national benefit claims, with recovery pending, and several cases had been referred for consideration of criminal prosecution.

Work with Housing Services had resulted in the recovery of three properties that had been misused, which were returned to housing stock and re-let to applicants on the waiting list.

Proactive Work
Members noted that all Right to Buy applications had been subject to a 100% review, with 27 completed during the period. In addition, 38 succession applications had been reviewed to ensure no fraud or money laundering concerns.

At the end of December, three Right to Buy applications required further investigation and one application had been withdrawn, resulting in a saving of £102,000 in discount value.

The National Fraud Initiative (NFI) exercise had concluded. Although some areas received less focus than planned, two cases of fraud were identified, resulting in savings of £6,000.

Following this, work had commenced on the Hertfordshire Fraud Hub (NFI  ...  view the full minutes text for item 5.

To consider any Part 1 business accepted by the Chair as urgent.

There was no Urgent Part 1 Business.

To consider the following motions –

1.  That under Section 100(A) of the Local Government Act 1972, the press and public be excluded from the meeting for the following items of business on the grounds that they involve the likely disclosure of exempt information as described in paragraphs1 – 7 of Part 1 of Schedule 12A of the Act as amended by Local Government (Access to Information) (Variation) Order 2006.

2.  That Members consider the reasons for the following reports being in Part II and determine whether or not maintaining the exemption from disclosure of the information contained therein outweighs the public interest in disclosure.

It was RESOLVED:

1. That, under Section 100(A) of the Local Government Act 1972, the press and public be excluded from the meeting for the following items of business on the grounds that they involved the likely disclosure of exempt information as described in paragraphs 1 to 7 of Part 1 of Schedule 12A of the Act, as amended by SI 2006 No. 88.

2. That having considered the reasons for the following item being in Part II, it be determined that maintaining the exemption from disclosure of the information contained therein outweighed the public interest in disclosure.

To note the latest Strategic Risk Register update for Stevenage Borough Council

The Committee considered a Part II report in respect of the Quarter 3 Corporate Risk Report.

It was RESOLVED that the report be noted.

To consider any Part II business accepted by the Chair as urgent.

There was no Urgent Part II business.