Part 10 - Financial Procedure Rules - Appendix C

3.01

All organisations, whether they are in the private or public sectors, face risks to people, property and continued operations. Risk is the chance of this going wrong. It is the chance or possibility of loss, damage, injury or failure to achieve objectives caused by an unwanted or uncertain action or event. Risk management is the planned and systematic approach to the identification, evaluation and control of risk. Its objectives are to secure the assets of the organisation and to ensure the continued financial and organisational well being of the organisation. In essence it is therefore an integral part of good business practice. Risk management is concerned with evaluating the measures an organisation has in place already to manage identified risks and then recommending the action the organisation needs to take to control these risks effectively.

3.02

It is the overall responsibility of the executive to approve the authority's risk management strategy, and to promote a culture of risk management awareness throughout the authority.

3.03

The key controls for risk management are:

• procedures are in place to identify, assess, prevent or contain material known risks, and these procedures are operating effectively throughout the authority;
• a monitoring process is in place to review regularly the effectiveness of risk reduction strategies and the operation of these controls. The risk management process should be conducted on a continuing basis;
• managers know that they are responsible for managing relevant risks and are provided with relevant information on risk management initiatives;
• provision is made for losses that might result from the risks that remain;
• procedures are in place to investigate claims within required timescales ;
• acceptable levels of risk are determined and insured against where appropriate; and
• the authority has identified business continuity plans for implementation in the event of disaster which results in significant loss or damage to its resources.

3.04

To develop risk management controls in conjunction with other service unit heads.

3.05

To include all appropriate employees of the authority in a suitable fidelity guarantee insurance policy.

3.06

To effect corporate insurance cover, through external insurance and internal funding, and negotiate all claims in consultation with other officers where necessary.

3.07

To notify the risk manager immediately of any loss, liability or damage which may lead to a claim against the authority, together with any information or explanation required by the authority's insurers.

3.08

To take responsibility for risk management having regard to advice from the risk manager and other specialist officers (eg Crime Prevention, Fire Prevention, Health and Safety).

3.09

To ensure that there are regular reviews of risk within their service units.

3.10

To notify the risk manager promptly of all new risks, properties or vehicles which require insurance and of any alterations affecting existing insurances.

3.11

To consult the chief finance officer and the head of legal and property services on the terms of any indemnity which the authority is requested to give.

3.12

3.13

The authority requires internal controls to manage and monitor progress towards strategic objectives.

3.14

The authority has statutory obligations to meet, and therefore, requires internal controls to identify, meet and monitor compliance with these obligations.

3.15

The authority faces a wide range of financial, administrative and commercial risks, both from internal and external factors, which threaten the achievement of its objectives. Internal controls are necessary to manage these risks.

3.16

The system of internal controls is established in order to provide measurable achievement of:

• efficient and effective operations;
• reliable financial information and reporting;
• compliance with laws and regulations; and
• risk management.

3.17

Key controls and control objectives for internal control systems are:

• key controls should be reviewed on a regular basis;
• managerial control systems including defining policies, setting objectives and plans, monitoring financial and other performance and taking appropriate anticipatory and remedial action. The key objective of these systems is to promote ownership of the control environment by defining roles and responsibilities;
• financial and operational control systems and procedures, which include physical safeguards for assets, segregation of duties, authorisation and approval procedures and information systems; and
• an effective internal audit function which is properly resourced. It should operate in accordance with the principles contained in the Auditing Practices Board's guideline 'Guidance for Internal Auditors', as interpreted by CIPFA's Code of Practice for Internal Audit in Local Government and with any other statutory obligations and regulations

3.18

To assist the authority to put in place an appropriate control environment and effective internal controls which provide reasonable assurance of effective and efficient operations, financial stewardship, probity and compliance with laws and regulations.

3.19

To manage processes to check that established controls are being adhered to and to evaluate their effectiveness, in order to be confident in the proper use of resources, achievement of objectives and management of risks.

3.20

To review existing controls in the light of changes affecting the authority and establish and implement new ones in line with guidance from the chief finance officer.

3.21

To ensure staff have a clear understanding of the consequences of a lack of control.

3.22

The requirement for an internal audit function for local authorities is implied by Section 151 of the Local Government Act 1972, which requires that authorities "make arrangements for the proper administration of their financial affairs". The Accounts and Audit Regulations 1996, regulation 5, more specifically requires that a "relevant body shall maintain an adequate and effective system of internal audit of their accounting records and control systems".

3.23

Accordingly, internal audit is an independent and objective appraisal function established by the authority for reviewing the system of internal control. It examines, evaluates and reports on the adequacy of internal control as a contribution to the proper, economic, efficient and effective use of resources.

3.24

The key controls for internal audit are:

• that it is independent in its planning and operation;
• the chief internal auditor has direct access to the head of paid service, all levels of management and directly to elected members;
• the internal auditors comply with the Auditing Practices Board's guideline 'Guidance for Internal Auditors', as interpreted by CIPFA's Code of Practice for Internal Audit in Local Government;
• access council premises at reasonable times;
• access all assets, records, documents, correspondence and control systems;
• receive any information and explanation considered necessary concerning any matter under consideration;
• require any employee of the authority to account for cash, stores or any other authority asset under his/her control;
• access records belonging to third parties, such as contractors when required;
• have direct access to the head of paid service, the executive and members;
• the approval of the strategic and annual audit plans which have been prepared by the chief internal auditor and which takes into account the characteristics and relative risks of the activities involved; and
• ensuring that effective procedures are in place to investigate promptly any fraud or irregularity.

3.25

To ensure that internal auditors are given access at all reasonable times to premises, personnel, documents and assets which the auditors consider necessary for the purposes of their work.

3.26

To ensure that auditors are provided with any information and explanations which they seek in the course of their work.

3.27

To consider and respond promptly to recommendations in audit reports.

3.28

To ensure that any agreed actions arising from audit recommendations are carried out in a timely and efficient fashion.

3.29

To notify the chief finance officer immediately of any suspected fraud, theft, irregularity, improper use or misappropriation of the authority's property or resources. Pending investigation and reporting, the service unit head should take all necessary steps to prevent further loss and to secure records and documentation against removal or alteration.

3.30

To ensure that new systems for maintaining financial records, or records of assets, or changes to such systems, are discussed with and agreed by the chief internal auditor, prior to implementation.

3.31

The Local Government Finance Act 1982 set up the Audit Commission which is responsible for appointing external auditors to each local authority in England and Wales. The external auditor has rights of access to all documents and information which are necessary for audit purposes.

3.32

The basic duties of the external auditor are defined in the Audit Commission Act 1998 and the Local Government Act 1999. In particular, section 4 of the 1998 Act requires the Audit Commission to prepare a code of audit practice which external auditors follow when carrying out their duties. The code of audit practice issued in March 2000 sets out the auditor's objectives to review and report upon:

• the financial aspects of the audited body's corporate governance arrangements;
• the audited body's financial statements; and
• aspects of the audited body's arrangements to manage its performance, including the preparation and publication of specified performance information and compliance in respect of the preparation and publication of the BVPP.

3.33

The authority's accounts are scrutinised by external auditors, who must be satisfied that the statement of accounts 'presents fairly' the financial position of the authority and its income and expenditure for the year in question and complies with the legal requirements.

3.34

External auditors are appointed by the Audit Commission normally for a minimum period of five years. The Audit Commission prepares a code of audit practice which external auditors follow when carrying out their audits.

3.35

To ensure that external auditors are given access at all reasonable times to premises, personnel, documents and assets which the external auditors consider necessary for the purposes of their work.

3.36

To ensure there is effective liaison between external and internal audit.

3.37

To work with the external auditor and advise the full council, executive, management team and service units heads on their responsibilities in relation to external audit.

3.38

To ensure that external auditors are given access at all reasonable times to premises, personnel, documents and assets which the external auditors consider necessary for the purposes of their work.

3.39

To ensure that all records and systems are up to date and available for inspection.

3.40

The authority will not tolerate fraud and corruption in the administration of its responsibilities whether from inside or outside the authority.

3.41

The authority's expectation of propriety and accountability is that members and staff at all levels will lead by example in ensuring adherence to legal requirements, rules, procedures and practices.

3.42

The authority also expects that individuals and organisations (eg suppliers, contractors, service providers) that it comes into contact with, will act towards the authority with integrity and without thought or actions involving fraud or corruption.

3.43

Key controls regarding the prevention of financial irregularities are that:

• the authority has an effective anti-fraud and anti-corruption policy and maintains a culture which will not tolerate fraud or corruption;
• all members and staff act with integrity and lead by example;
• senior managers are required to deal swiftly and firmly with those who defraud or attempt to defraud the authority or who are corrupt;
• high standards of conduct are promoted amongst members by the standards committee;
• the maintenance of a register of interests in which any hospitality or gifts accepted must be recorded;
• whistle blowing procedures are in place and operate effectively; and
• legislation including the Public Interest Disclosure Act 1998 is adhered to.

3.44

To maintain adequate and effective internal control arrangements.

3.45

To ensure that all suspected irregularities are reported to the chief internal auditor, head of paid service, the executive and the audit committee.

3.46

To ensure that all suspected irregularities are reported to the chief internal auditor.

3.47

To instigate the authority's disciplinary procedures where the outcome of an audit investigation indicates improper behaviour.

3.48

To ensure that where financial impropriety is discovered, the chief finance officer is informed, and where sufficient evidence exists to believe that a criminal offence may have been committed, the police are called in to determine with the Crown Prosecution Service whether any prosecution will take place.

3.49

To maintain a departmental register of interests.

3.50

The authority holds assets in the form of property, vehicles, equipment, furniture and other items worth many millions of pounds. It is important that assets are safeguarded and used efficiently in the delivery of services, and that there are arrangements for the security of both assets and information required for service operations. An up to date asset register is a prerequisite for proper fixed asset accounting and sound asset management.

3.51

The key controls for the security of resources such as land, buildings, fixed plant machinery, equipment, software and information are that:

• resources are used only for the purposes of the authority and properly accounted for;
• resources are available for use when required;
• resources no longer required are disposed of in accordance with the law and the regulations of the authority so as to maximise benefits;
• an asset register is maintained for the authority and assets are recorded when they are acquired by the authority and this record is updated as changes occur with respect to the location and condition of the asset;
• all staff are aware of their responsibilities with regard to safeguarding the authority's assets and information, including the requirements of the Data Protection Act and software copyright legislation; and
• all staff are aware of their responsibilities with regard to safeguarding the security of the authority's computer systems, including maintaining restricted access to the information held on them and compliance with the authority's computer and internet security policies.

3.52

To ensure that an asset register is maintained in accordance with good practice for all fixed assets with a value in excess of £15,000. The function of the asset register is to provide the authority with information about fixed assets so that they are:

• safeguarded;
• used efficiently and effectively; and
• adequately maintained.

3.53

To receive information from each service unit head required for accounting, costing and financial records.

3.54

To ensure that assets are valued in accordance with the Code of Practice on Local Authority Accounting in the United Kingdom: A Statement of Recommended Practice (CIPFA/LASAAC).

3.55

To maintain a property database, for all properties, plant and machinery and moveable assets currently owned or used by the authority. Any use of property by a unit or establishment other than for direct service delivery should be supported by documentation identifying terms, responsibilities and duration of the use.

3.56

To ensure that lessees and other prospective occupiers of council land are not allowed to take possession or enter the land until a lease or agreement has been established, as appropriate.

3.57

To ensure the proper security of all buildings and other assets under their control.

3.58

To ensure that where land or buildings are surplus to requirements, a recommendation for the sale of land is the subject of a joint report by the service unit head, the chief finance officer and head of legal and property services.

3.59

To pass title deeds to the head of legal and property services who is responsible for custody of all title deeds.

3.60

To ensure that no authority asset is subject to personal use by an employee without proper authority.

3.61

To ensure the safe custody of vehicles, equipment, furniture, stock, stores and other property belonging to the authority.

3.62

To ensure assets are identified, their location recorded and that they are appropriately marked and insured.

3.63

To ensure cash holdings on premises are kept to a minimum.

3.64

To ensure that keys to safes and similar receptacles are carried on the person of those responsible at all times.

3.65

To record all disposal or part exchange of assets, which should normally be by competitive tender or public auction, unless following consultation with the chief finance officer, the executive agrees otherwise.

3.66

To arrange for the valuation of assets for accounting purposes to meet requirements specified by the chief finance officer.

3.67

To ensure that all employees are aware that they have a personal responsibility with regard to the protection and confidentiality of information, whether held in manual or computerised records. Information may be sensitive or privileged, or may possess some intrinsic value and its disclosure or loss could result in a cost to the authority in some way.

3.68

To maintain inventories and record an adequate description of furniture, fittings and equipment, plant and machinery.

3.69

To carry out an annual check of all items on the inventory in order to verify location, review, condition and take action in relation to surpluses or deficiencies, annotating the inventory accordingly. Attractive and portable items such as computers, cameras and video recorders should be identified with security markings as belonging to the authority.

3.70

To make sure that property is only used in the course of the authority's business unless the service unit head concerned has given permission otherwise.

3.71

To make arrangements for the care and custody of stocks and stores in the unit.

3.72

To ensure stocks are maintained at reasonable levels and subject to a regular independent physical check. All discrepancies should be investigated and pursued to a satisfactory conclusion.

3.73

To investigate and remove from the authority's records ie 'write-off' discrepancies as necessary or obtain executive approval if they are in excess of £1,000.

3.74

To authorise or write-off disposal of redundant stocks and equipment. Procedures for disposal of such stocks and equipment should be by competitive quotations or auction unless, following consultation with the chief finance officer, the executive decides otherwise in a particular case.

3.75

Intellectual property is a generic term that includes inventions and writings. If these are created by the employee during the course of employment, then as a general rule they belong to the employer, not the employee. Various acts of Parliament cover different types of intellectual property.

3.76

Certain activities undertaken within the authority may give rise to items that may be patentable, for example the development of software. These are collectively known as intellectual property.

3.77

In the event that the authority decides to become involved in the commercial exploitation of inventions, the matter should proceed in accordance with the authority's approved intellectual property procedures.  

3.78

To ensure that controls are in place to ensure that staff do not carry out private work in council time and that staff are aware of an employer's rights with regard to intellectual property.

3.79

It would be uneconomic and inefficient for the cost of assets to outweigh their benefits. Obsolete, non-repairable or unnecessary resources should be disposed of in accordance with the law and regulations of the authority.

3.80

Assets for disposal are identified and disposed of at the most appropriate time, and only when it is in the best interests of the authority, and that the best price is obtained, bearing in mind other factors such as environmental issues. Disposal should be by competitive tender or public auction.

3.81

Procedures protect staff involved in the disposal from accusations of personal gain.

3.82

To issue guidelines representing best practice for disposal of assets.

3.83

To ensure appropriate accounting entries are made to remove the value of disposed assets from the authority's records and to include the sale proceeds if appropriate.

3.84

To seek advice from purchasing advisors on the disposal of surplus or obsolete materials, stores or equipment.

3.85

To ensure that income received for disposal of an asset is properly banked and returned to central resources.

3.86

Many millions of pounds pass through the authority's books each year. This has led to the establishment of codes of practice. These aim to provide assurances that the authority's money is properly managed in a way which balances risk with return, but with the overriding consideration being given to the security of the authority's capital sum.

3.87

That the council's borrowings and investments comply with the CIPFA Code of Practice on Treasury Management and with the authority's treasury policy statement.

3.88

To arrange borrowing and investments of the council in such a manner as to comply with the CIPFA Code of Practice on Treasury Management and the authority's treasury management policy statement and strategy.

3.89

To report four times a year on treasury management activities to the executive.

3.90

To operate bank accounts as are considered necessary - opening or closing any bank account shall require the approval of the chief finance officer.

3.91

To ensure that all investments of money are made in the name of the authority or in the name of nominees approved by full council.

3.92

To effect all borrowings in the name of the authority.

3.93

To act as the authority's registrar of stocks, bonds and mortgages, and to maintain records of all borrowing of money by the authority.

3.94

To ensure that loans are not made to third parties and that interests are not acquired in companies, joint ventures, or other enterprises without the approval of full council, following consultation with the chief finance officer.

3.95

To provide employees of the authority with cash or bank imprest accounts to meet minor expenditure on behalf of the authority and to prescribe rules for operating these accounts. Minor items of expenditure should not exceed the prescribed amount.

3.96

To approve the petty cash limit and to maintain a record of all transactions and petty cash advances made, and periodically review the arrangements for the safe custody and control of these advances.

3.97

To reimburse imprest holders as often as necessary to restore the imprests but normally not more than monthly.

3.98

To ensure that emplyees operating an imprest accounts:

• obtain and retain vouchers to support each payment from the imprest account, and where appropriate an official receipted VAT invoice must be obtained;
• make adequate arrangements for the safe custody of the account;
• produce upon demand by the chief finance officer, cash and all vouchers to the total value of the imprest amount;
• record transactions promptly;
• reconcile and balance the account at least monthly and ensure that reconciliation sheets are signed and retained by the imprest holder;
• provide the chief finance officer with a certificate of the value of the account held at 31 March each year;
• ensure that the float is never used to cash personal cheques or to make personal loans and that the only payments into the account are the reimbursement of the float and change relating to purchases where an advance has been made; and
• on leaving the authority's employment or otherwise ceasing to be entitled to hold an imprest advance, an employee shall account to the chief finance officer for the amount advanced to him/her.

3.99

In order to provide the highest level of service, it is crucial that the authority recruits and retains high calibre, knowledgeable staff, qualified to an appropriate level

3.100

Key controls for staffing are that:

• an appropriate staffing strategy and policy exist, in which staffing requirements and budget allocation are matched;
• procedures are in place for forecasting staffing requirements and cost;
• controls are implemented that ensure that staff time is used efficiently and to the benefit the authority; and
• checks are undertaken prior to employing new staff to ensure that they are appropriately qualified, experienced and trustworthy.

3.101

In consultation with the chief finance officer to ensure that budget provision exists for all existing and new employees.

3.102

3.103

To monitor staff activity to ensure adequate control over such costs as sickness, overtime, training and temporary staff.

3.104

To ensure that the staffing budget is not exceeded without due authority and that it is managed to enable the agreed level of service to be provided.

3.105

To ensure that the head of personnel and training and the chief finance officer are immediately informed if the staffing budget is likely to be materially over or under spent.