|
|
AGENDA
Audit and Risk Sub-committee Meeting |
|
I hereby give notice that a Meeting of the Audit and Risk Subcommittee will be held on: |
|
Date: |
Thursday, 3 March 2022 |
Time: |
9.30am |
Location: |
Online via Zoom |
Mark de Haast Group Manager Corporate Services |
Audit and Risk Sub-committee Meeting Agenda |
3 March 2022 |
Kapiti Coast District Council
Notice is hereby given that a meeting of the Audit and Risk Subcommittee will be held in the Online via Zoom, on Thursday 3 March 2022, 9.30am.
Audit and Risk Subcommittee Members
Mr Bryan Jackson |
Chair |
Cr Angela Buswell |
Deputy |
Mayor K Gurunathan |
Member |
Deputy Mayor Janet Holborow |
Member |
Cr Gwynn Compton |
Member |
Mr Gary Simpson |
Independent |
Audit and Risk Sub-committee Meeting Agenda |
3 March 2022 |
4 Declarations of Interest Relating to Items on the Agenda
5 Public Speaking Time for Items Relating to the Agenda
8.2 Ernst & Young Audit Plan for the Year ended 30 June 2022
8.3 Health and Safety Quarterly Report : 1 October 2021 - 31 December 2021
8.5 Quarterly Treasury Compliance
8.6 Progress Update regarding Audit Control Findings 2020/21
10 Confirmation of Public Excluded Minutes
Resolution to Exclude the Public
10.1 Confirmation of Public Excluded Minutes
11.1 Update on Litigation Status, Statutory Compliance Issues and Investigations
1 Welcome
“As we deliberate on the issues before us, we trust that we will reflect positively on the communities we serve. Let us all seek to be effective and just, so that with courage, vision and energy, we provide positive leadership in a spirit of harmony and compassion.”
I a mātou e whiriwhiri ana i ngā take kei mua i ō mātou aroaro, e pono ana mātou ka kaha tonu ki te whakapau mahara huapai mō ngā hapori e mahi nei mātou. Me kaha hoki mātou katoa kia whaihua, kia tōtika tā mātou mahi, ā, mā te māia, te tiro whakamua me te hihiri ka taea te arahi i roto i te kotahitanga me te aroha.
4 Declarations of Interest Relating to Items on the Agenda
Notification from Elected Members of:
4.1 – any interests that may create a conflict with their role as an elected member relating to the items of business for this meeting, and
4.2 – any interests in items in which they have a direct or indirect pecuniary interest as provided for in the Local Authorities (Members’ Interests) Act 1968
5 Public Speaking Time for Items Relating to the Agenda
(a) Public Speaking Time Responses
(b) Leave of Absence
(c) Matters of an Urgent Nature (advice to be provided to the Chair prior to the commencement of the meeting)
3 March 2022 |
Kaituhi | Author: Ian Georgeson, Chief Financial Officer
Kaiwhakamana | Authoriser: Mark de Haast, Group Manager Corporate Services
Te pūtake | Purpose
1 This report summarises 2021 insurance renewals and seeks endorsement of the proposed future direction.
He whakarāpopoto | Executive summary
2 Not required.
Te tuku haepapa | Delegation
3 The Audit and Risk Sub-Committee has delegated authority to consider this report under the following delegation in the Governance Structure, Section C.1.
Ensuring that the Council has in place a current and comprehensive risk management framework and making recommendations to the Council on risk mitigation.
Taunakitanga | Recommendations
A. That the Audit and Risk Sub-Committee:
A.1 notes the insurance renewal outlined in this paper; and
A.2 agrees the Council should commission a feasibility review of alternative self-insurance options, and report back to the Audit and Risk Sub-Committee in due course.
Tūāpapa | Background
4 The Kāpiti Coast District Council’s (Council) Property and Underground Infrastructure insurances, which account for the majority of our insurance cover, renewed on 1 May 2021. Aon are our insurance advisers.
5 The Council, together with Porirua, Hutt City and Upper Hutt City councils (collectively known as the Outer Wellington Shared Services Insurance Group or OWSS) has been purchasing insurance for their respective assets on a combined basis since 2009. This syndicate was established to provide the OWSS with the scale necessary to access wider domestic and off-shore insurers. In July 2016 Greater Wellington Regional Council joined the OWSS to insure their above ground assets through the collective.
6 Over recent years, insurance markets have been firming. New Zealand, and in particular Wellington, is seen as increasingly challenging for underwriters due to the seismic risk. Through the increasing severity and frequency of global natural disaster and weather events insurance capital is increasingly demanding higher returns. The most simple lever insurers have to meet these costs is through increases in premium levels, which has been the recent trend.
7 Insurance is only one method of transferring risk, and Council is exploring how best to appropriately mitigate risks while optimising value to ratepayers. Increasingly, entities are looking to retain greater risk themselves through, for example, self-insuring certain assets or accepting higher deductible levels in exchange for reduced premiums.
8 Through the most recent renewal process, the Council explored reducing purchased insurance of certain lower value, non-critical assets, and eventually opted to exclude general parks equipment and low value structures (replacement cost under $200,000), such as toilet blocks and sheds. These assets were not considered critical to operations, and the risk of incurring a significant loss was considered low given their dispersed nature and relatively low value on an individual basis. The replacement value of these excluded assets totalled around $40 million and self-insuring them is estimated to have reduced premiums by approximately $110,000.
9 To offset the additional risk assumed by the Council by no longer insuring these assets, we continue to build our self-insurance reserve. This is discussed in more detail later in this paper.
10 The Council also explored through the renewal process the possibility of adopting higher deductibles. This was not found to be a viable option, with insurers offering negligible or no premium savings in return. As the Council does not make frequent low-level claims, insurers are primarily concerned about major loss events, in which case a deductible of an additional $1million (for example) makes little difference to their total exposure. It is likely that deductibles would need to be substantially higher (i.e. many millions of dollars), before meaningful premium savings became available, and this was not considered to be an acceptable risk.
Audit and Risk Sub-committee Meeting Agenda |
3 March 2022 |
11 Significant asset insurances, as renewed for the year commencing 1 May 2021, are summarised in the following table:
Type of insurance |
Value of assets insured |
Limit of cover |
Deductible |
|
Infrastructure assets |
Material damage and business interruption in the event of natural catastrophe
|
~$650 million
|
$600 million OWSS combined material damage and business interruption limit for an event involving more than one council for any loss or series of losses arising out of any one event. Limited to a $130 million sub-limit for the Council.
|
The deductible is $1million per event.
|
Property, plant and equipment
|
Material damage and business interruption (MDBI)
|
~$172 million
|
$600 million OWSS combined limit for any one loss or series of losses arising out of any one event and applying to material damage and business interruption combined.
|
The natural disaster deductible is 5% of sum insured, with a minimum deductible of $100,000. For other events the deductible is $50,000 (except for landslip or subsidence which is $250,000).
|
Residential property |
Included within MDBI policy above Earthquake Commission (EQC)
|
~$31 million
|
EQC: First $150,000 for each loss event per property to be recovered from the EQC. All other losses: as per MDBI policy above |
The EQC deductible is 1% of sum insured with a minimum deductible of $200, if claim is for land deductible is 10% with minimum of $500. All other deductibles: as per the MDBI policy above |
Audit and Risk Sub-committee Meeting Agenda |
3 March 2022 |
12 Current government policy allows for central government to reimburse local government up to 60% of the cost of restoring infrastructure (known as the 60:40 cost sharing arrangement). This policy has been in place for over 25 years. Insurance cover has been based on the assumption that government will provide a full contribution of up to 60%, and therefore, insurance has been placed which covers approximately 40% of loss estimates.
13 The Council’s infrastructure has a total replacement value of $650 million. Maximum insurance cover is $130 million for natural catastrophe damage to infrastructure assets, within a combined $600 million limit for OWSS. The $130 million limit is based on assessed Maximum Probable Loss event in Kapiti. Of this $130 million limit, 40% is insured with offshore insurers with Central Government responsible for the remaining 60% of the costs. There is a $1 million deductible per claim per event.
14 The Council has a sum insured value of $172 million for material damage and business interruption (MDBI) insurance to above ground assets, with a deductible of $50,000 per claim per event. Losses suffered to above ground assets by natural catastrophe/s trigger a deductible of 5% of the site sum insured with a minimum $100,000 deductible per claim per event. The total limit of cover available to the OWSS collective group is $600 million. The overall limit will be shared among the five councils following an event.
15 Residential assets have a sum insured of $31 million and are also covered under the MDBI policy. EQC covers up to $150,000 per dwelling, with the balance of any loss covered with the MDBI policy with a deductible of $50,000 per event.
16 In addition to the above key policies, the Council also carries motor vehicle, liability, professional indemnity and construction insurances, which renewed in November 2021.
He kōrerorero | Discussion
premium and budget impacts of renewal
17 Renewal premiums are summarised in the following table:
18 As shown, the total annual cost of 2021 renewals was $1.960 million, an increase of $202,000 or 11.5% over the previous year. This is within the 2021-41 Long-Term Plan (LTP) budget allowance of $2.279m for 2021/22. In finalising the LTP, the Council agreed that the uncommitted balance of the insurance premium budget should be transferred to the self-insurance reserve, to further build that fund.
19 Maintaining a self-insurance fund is one way of offsetting the increased levels of risk being assumed through self-insuring certain assets or accepting higher excess levels. The Council has a self-insurance reserve on its balance sheet, which as at 30 June 2021 stood at $312,000.
20 The LTP contains self-insurance budgets for 2021/22, 2022/23, and 2023/24 of $154,000, $210,000, and $269,000 respectively and as noted above, in finalising the LTP the Council agreed that any uncommitted 2021/22 insurance premium budget should also be transferred to the self-insurance fund. The 2021/22 uncommitted premium budget is estimated at $319,000.
21 In total, assuming no losses are incurred, it is therefore estimated that Council’s self-insurance fund will reach approximately $1.26 million by the end the 2023/24 financial year, as shown in the following table:
|
Estimated contribution in year $000 |
Estimated fund balance $000 |
Balance as at 30 June 2021 |
|
312 |
2021/22: budgeted self-insurance contribution |
154 |
466 |
2021/22: uncommitted premium budget (est.) |
319 |
785 |
2022/23: budgeted self-insurance contribution |
210 |
995 |
2023/24: budgeted self-insurance contribution |
269 |
1,264 |
22 Looking forward, as this fund grows, the Council intends to further explore options to carry higher levels of risk ourselves in return for reduced premiums. If this is achieved and associated premium savings are transferred to the reserve, the fund balance will be correspondingly higher.
23 Aon advise that depending on our longer-term strategy there are more sophisticated self-insurance models that may be beneficial (as opposed to simply a reserve on our balance sheet) which could be explored, specifically a captive or protected cell.
24 A captive is an insurance company owned by a non-insurance company parent (e.g. the Council), which primarily insures the risks of its parent and/or affiliated companies. Captives are usually formed in a specialised regulatory environment - a domicile. At a very basic level a captive is a form of risk retention mechanism (like a deductible) that is used to aggregate premium and loss information for its parent. A captive can retain a portion of the risk and seek co-insurance or reinsurance cover for the full risk amount. A captive can make risk financing more cost effective and ultimately reduce the total cost of risk. A captive will control the budget that is allocated to risk management and will pay for the company’s losses.
25 A Protected Cell, or Cellular Captive can provide similar risk retention capabilities, with the flexibility of faster entry and exit and reduced governance requirements. A protected cell entity is less onerous to establish and administer than a captive and is likely to be the more suitable form for our Council, should we wish to proceed in this direction.
26 Irrespective of the form adopted, advantages of establishing an independent insurance vehicle include:
a) achieving a degree of formality and separation from the parent, allowing for arms length management of insurances;
b) adopting a level of risk retention separate from the parent;
c) assuming no significant losses, the benefit of retaining some risk (and therefore some of the premium budget) will accumulate in our self-insurance vehicle, rather than being paid away to insurers;
d) fund capital, while being retained to meet potential future losses, could be invested and earn a return, subject to appropriate investment risk and liquidity controls; and
e) the ability to provide insurance cover for uninsurable or hard to insure assets.
27 It is proposed that the Council commissions Aon to conduct a feasibility analysis of establishing a captive or protective cell and reports back to the Audit and Risk Sub-Committee in due course.
He take | Issues
28 This matter has a low level of significance under the Council’s Significance and Engagement Policy.
Ngā kōwhiringa | Options
29 There are no options in addition to those already noted in this report.
Tangata whenua
30 There are no tāngata whenua considerations required with this report.
Panonitanga āhuarangi | Climate change
31 There are no climate change considerations required with this report.
Ahumoni me ngā rawa | Financial and resourcing
32 All financial impacts discussed in this report are within Long-term Plan budget allowances.
Ture me ngā Tūraru | Legal and risk
33 If it is agreed to further explore alternative insurance vehicles, a legal review will be included.
Ngā pānga ki ngā kaupapa here | Policy impact
34 This report has no impact on the Council policies.
Te whakawhiti kōrero me te tūhono | Communications & engagement
Te mahere tūhono | Engagement planning
35 There are no engagement plans required for this report.
Whakatairanga | Publicity
36 No publicity is planned in relation to this report.
Ngā āpitihanga | Attachments
Nil
3 March 2022 |
8.2 Ernst & Young Audit Plan for the Year ended 30 June 2022
Kaituhi | Author: Ian Georgeson, Chief Financial Officer
Kaiwhakamana | Authoriser: Mark de Haast, Group Manager Corporate Services
Te pūtake | Purpose
1 This report provides the Audit and Risk Subcommittee with a summary of the Ernst & Young Audit Plan for the year ending 30 June 2022.
He whakarāpopoto | Executive summary
2 This report does not exceed four pages therefore there is no requirement for an Executive Summary.
Te tuku haepapa | Delegation
3 The Audit and Risk Subcommittee has delegated authority to consider this report under the following delegation in the Governance Structure, Section C.1.
· Confirming the terms of engagement for each audit with a recommendation to the Council; and receiving the external audit reports for recommendation to the Council.
· Obtaining from external auditors any information relevant to the council’s financial statements and assessing whether appropriate action has been taken by management in response to the above.
Taunakitanga | Recommendations
A. That the Audit and Risk Subcommittee receives and notes the Ernst & Young Audit Plan for the year ended 30 June 2022 attached as Appendix 1 to this report.
Tūāpapa | Background
4 The Council’s Auditors, Ernst & Young (Audit) has been engaged to undertake the audit of the Council’s Annual Report, including the Council’s Summary Annual Report and compliance with its Debenture Trust Deed, for the year ended 30 June 2022.
5 The Audit Plan is attached as Appendix 1 to this report. This provides an overview of audit’s focus areas, their risk assessment and their audit approach for the year ended 30 June 2022.
He kōrerorero | Discussion
Audit focus areas and risk assessment
6 The areas of audit focus, which are broadly consistent with the previous year are summarised below:
· Infrastructure assets;
· Rates setting, rates invoicing and collection;
· Non-financial performance reporting;
· Expenditure, procurement and tendering;
· Debt facilities and derivatives
Materiality
7 Audit has set their materiality threshold at $1.9 million, being 2% of forecast expenditure. Materiality is broadly defined as the quantum of any misstatements (through error or otherwise), that would likely mislead users of the financial statements. Any identified misstatements impacting on the Council’s operating result by more than $95,000 will be reported to the Subcommittee by way of Audit’s Closing Report on conclusion of their audit
He take | Issues
8 This matter has a low level of significance under the Council’s Significance and Engagement Policy.
Ngā kōwhiringa | Options
9 There are no options to be considered.
Tangata whenua
10 There are no tāngata whenua considerations arising from this report.
Panonitanga āhuarangi | Climate change
11 There are no climate change considerations within this report.
Ahumoni me ngā rawa | Financial and resourcing
12 The total audit fees payable to Ernst & Young for the year ended 30 June 2022 are estimated to be $196,400 plus disbursements and GST. This fee includes the audit of the 2021/22 Annual Report and the Council’s compliance with its Debenture Trust Deed for the year ended 30 June 2022. Provision for this audit fee has been included in the 2021/22 operating budget.
Ture me ngā Tūraru | Legal and risk
13 There are no legal and risk issues arising from this report.
Ngā pānga ki ngā kaupapa here | Policy impact
14 There are no policy implications arising from this report.
Te whakawhiti kōrero me te tūhono | Communications & engagement
Te mahere tūhono | Engagement planning
15 An engagement plan is not required for this report.
Whakatairanga | Publicity
16 There are no specific publicity considerations arising from this report.
Ngā āpitihanga | Attachments
1. Ernst
and Young Audit Plan for the year ended 30 June 2022 ⇩
3 March 2022 |
8.3 Health and Safety Quarterly Report : 1 October 2021 - 31 December 2021
Kaituhi | Author: Dianne Andrew, Organisational Development Manager
Kaiwhakamana | Authoriser: Wayne Maxwell, Chief Executive
Te pūtake | Purpose
1 This report presents a Health and Safety report for the period 1 October 2021 – 31 December 2021
He whakarāpopoto | Executive summary
2 The Health and Safety Quarterly Report links to the draft Health and Safety Plan 2020-2023 which retains alignment to the WorkSafe NZ SafePlus model of ‘what good looks like’, the framework of which sets out ten performance requirements under the three themes of Leadership, Worker Engagement and Risk Management. The Plan will continue to build on the three high level areas of Leadership, Health and Safety Management Systems, and Contractor Management all with an underlying focus on:
· skill and capability of our people
· managing our critical risks, and
· leadership and engagement.
Te tuku haepapa | Delegation
3 Audit and Risk Sub Committee has delegated authority to consider this report under the following delegation in the Governance Structure, Section C.1:
· Ensuring that the Council has in place a current and comprehensive risk management framework and making recommendations to the Council on risk mitigation;
· Assisting elected members in the discharge of their responsibilities by ensuring compliance procedures are in place for all statutory requirements relating to their role;
· Governance role in regards to the Health and Safety Leadership Charter and Health and Safety Plan.
Taunakitanga | Recommendations
A. That the Audit and Risk Sub Committee notes the Health and Safety Quarterly Report for the period 1 October 2021 – 31 December 2021 attached as Appendix One to this Report.
Tūāpapa | Background
4 The quarterly Health & Safety Performance Report is intended to provide the Council with insight into initiatives and activities and their progress, as part of our Council’s commitment to providing a safe and healthy place to work. The contents and any subsequent discussions arising from this report can support Officers to meet their due diligence obligations under the Health & Safety at Work Act (HSWA) 2015.
5 Between July and September 2017 the Simpson Grierson Health and Safety team were engaged to review how the Council was progressing with changes and planned initiatives following the introduction of the Health and Safety at Work Act (HSWA) 2015. The findings were presented back to the Audit and Risk Committee in November 2017. This review identified areas for improvement, in particular some process improvements to further strengthen Council’s ability to more effectively monitor and verify.
6 The draft Health and Safety Plan period has been extended from two to three years and will cover 2020 – 2023 to enable Covid-19 lockdown delays and interruptions to be included.
7 A draft of the Health and Safety Strategic Plan 2020-2023 has been adopted by the Senior Leadership Team and was to be presented to this sub-committee following a Discussion Forum which was to be scheduled before this meeting. However due to the Covid-19 disruptions to work deliverables, the Discussion Forum has yet to be confirmed. Work is however proceeding based on the deliverables stated in the 2020-2023 plan.
8 Progress on the 2020 – 2023 Health and Safety Plan will continue to be incorporated into quarterly reports going forward
He kōrerorero | Discussion
9 Progress on the initial Health and Safety 2018-2020 Plan initiatives continue to progress however the alert level 4 and alert level 3 restrictions severely disrupted planned health and safety related initiatives and training. Several timelines continue to require extensions and this will be updated through the regular reporting cycle.
10 Disruptions as a result of previous and future Covid-19 alert level resurgence and/or restrictions have been factored into the draft 2020 – 2023 Health and Safety Plan but actions and deliverables are progressing, albeit slower than anticipated.
He take | Issues
11 Training for key competency/qualification requirements for specific roles has been disrupted through Covid-19 restrictions and changes to alert and traffic light systems however this training has been prioritised to ensure compliance where required and where delays are out of the Council’s control, specific measures are being put in place to manage this to minimise any potential for organisational risk.
12 Planning has been in progress this quarter in anticipation of an Omicron outbreak in the community and minimising organisational risk to enable best opportunities to continue a level of service delivery to our community during Covid-19 disruptions. Planning for this contingency includes the health and safety and wellbeing of staff and customers, and members of the community and as such will be contingent on Council’s resource availability and as such some services may be reduced for a period of time.
Ngā kōwhiringa | Options
13 For the delivery of key competency/qualification training, most will be remote delivery for the next few months and where possible, staff in their team ‘bubble’ may gather in their bubble and complete the training. This will be worked through team by team to ensure staff risk management is effective balanced with the practical need to keep staff current in their skill areas as required for their roles. Where roles do not have specific training for compliance reasons, this training will continue to be prioritised and delivered as and when appropriate given the limitations from Covid-19 restrictions at the time.
Tangata whenua
14 There are no tāngata whenua considerations arising from this report.
Panonitanga āhuarangi | Climate change
15 This Report does not impact on the work programmes for climate change.
Ahumoni me ngā rawa | Financial and resourcing
16 Budget has been provided for implementation of the action plan initiatives as part of the 2018-38 Long-term plan.
Ture me ngā Tūraru | Legal and risk
17 There are no legal and risk considerations in addition to those already noted in this report.
Ngā pānga ki ngā kaupapa here | Policy impact
18 There are no policy considerations arising from this report.
Te whakawhiti kōrero me te tūhono | Communications & engagement
19 There are no communication and engagement considerations arising from this report.
Te mahere tūhono | Engagement planning
Whakatairanga | Publicity
21 There are no publicity considerations.
Ngā āpitihanga | Attachments
1. Health
and Safety Quarterly Report 1 October 2021-31 December 2021 ⇩
3 March 2022 |
Kaituhi | Author: Andrew Gillespie, Risk Advisor
Kaiwhakamana | Authoriser: Mark de Haast, Group Manager Corporate Services
Te pūtake | Purpose
1 This report updates the Audit and Risk Subcommittee on the on-going implementation of the Enterprise Risk Management (ERM) framework.
He whakarāpopoto | Executive summary
2 This report does not exceed four pages therefore there is no requirement for an Executive Summary.
Te tuku haepapa | Delegation
3 The Audit and Risk Subcommittee has delegated authority to consider this report under the following delegation in the Governance Structure, Section C.1.
- Ensuring that the Council has in place a current and comprehensive risk management framework and making recommendations to the Council on risk mitigation.
Taunakitanga | Recommendations
A. That the Audit and Risk Subcommittee receives and notes this report, including Appendices 1 and 2 to this report.
Tūāpapa | Background
4 The key elements of the Enterprise Risk Management Framework include; risk management, corporate business continuity management, procurement improvement programme; and business risk and assurance.
5 The main work streams are:
· regular risk discussions with staff and managers and embed the day-to-day management of risks in work streams such as: projects, activity delivery, and asset management.
· communicate and report risk up to Council/Committees.
· have a Business Continuity Management System for effective response to a range of potential business disruptions.
· provide fraud awareness training.
· provide business assurance oversight and complete business assurance work; and
· improve the understanding and tools to support good procurement practices.
6 Risk is defined as the effect of uncertainty on expected results and is managed on a continual basis. The intended outcomes from performing this risk management programme will assure:
· stakeholders, external auditors, the Council and management that the real risks are being identified and managed effectively. Risks can be negative or positive:
o a negative risk is a threat and/or potential problem. It creates concern or uncertainty around our delivery of overall programmes, projects, strategies, or other expectations that can result in major health and safety, financial, fraud, operational and reputational impacts. Identifying negative risks before they occur means that we can take measures to mitigate or remove the threat, so that it does not materialise.
o a positive risk is an opportunity which has a positive impact on our objectives. When these are identified the appropriate action is to make use of the opportunity and leverage them to cause them to occur. For example, ensuring that everything is looked at and actions are put in place to make risks as small as possible might highlight the value of using new technology to increase quality assurance and improve service delivery.
· better decision making throughout the business through greater awareness of the real risks and how these are going to be addressed; and
· clarification and socialisation of the Council’s risk appetite and tolerance.
He kōrerorero | Discussion
Enterprise Risk Management Progress Update
Strategic Risk Profile – Summary Update
7 The strategic risk profile is managed by a risk register and presented in the associated Strategic Risk Summary attached as Appendix 2 to this report. This Summary:
7.1 lists the risk impacts, controls and treatments planned with updates to reach the target risk level, and
7.2 plots each Strategic Risk (SR) on the risk matrix.
8 The risk treatment status is categorised as follows:
9 Engagement on the strategic risk profile is through quarterly conversations with managers. These conversations drive the responses in the update column of the Strategic Risk Register attached as Appendix 2 to this report and are highlighted in yellow to make for easier reading.
10 The focus is on identifying, managing, and communicating the very highest strategic and operational risks that the Council faces. Our approach to how we assess risk is illustrated in diagrams in Appendices 1 and 2 to this report. Important matters to note when reading the diagrams are that:
10.1 Likelihood is how likely the risk is to materialise and is rated as rare, unlikely, possible, likely, and almost certain.
10.2 Consequence is the impact on the Council - not just financial, but also health and safety, fraud, operational and reputational; and
10.3 This assessment tool is subjective and is used as a prompt for a risk comparison and ranking mechanism.
11 The overall risk management culture and practice continues to improve, and the risk conversations widen. The concept of risk acceptance is being further embedded across the organisation, i.e. certain moderate level risks may be tolerated by the business in the context of the costs or impracticalities to further mitigate the risk.
12 In summary, our Strategic Risk Status is healthy. There are 21 strategic risks presented in Appendix 2 to this report, 16 of which have maintained the same status as previously reported to the 12 August 2021 meeting.
13 In the meeting on 12 August 2021, it was agreed that ‘SR8 - Fraudulent activity’ risk level be reduced from ‘High’ to ‘Moderate’. This change has been incorporated in the Strategic Risk Summary attached as Appendix 2 to this report.
14 Seven of the 21 total Strategic Risks are classified as “some concern” (noted below) and the other 14 are classified as “on track”.
Risk # |
Risk Treatment Status |
Risk Treatment Update |
SR2 – Infrastructure service disruption associated with significant Natural Hazards. |
|
Waikanae Wastewater Treatment Plant Clarifier Project - Delays to securing materials and sourcing additional contractors onsite to complete works which will impact on the completion date. |
SR7 - Difficult to recruit and retain staff.
|
|
Due to a number of other Strategic Risks being classified as ‘Some Concerns’ as a result of staffing and recruitment constraints, this risk treatment status has been classified as some concerns itself. |
SR9 - Paraparaumu Wastewater Treatment Plant – difficulties with consent process. |
|
Appeal process delayed, still awaiting the outcome and any changes as a result of the appeal to the Proposed Natural Resources Plan. Awaiting approval of the Draft terms of reference developed for the Paraparaumu Wastewater Treatment Plant process which defines Iwi involvement in the consenting process. |
SR10 – Programme delivery is disrupted. |
|
Delivery of work programme is delayed due to SLT reprioritisation of work programmes to manage Covid-19 disruptions to supply chains and labour markets which are impacting on deliverability of the capex programme as well as the provision of services. |
SR17 – Customer Focus. |
|
The draft Customer Framework and associated work programmes previous timing of Quarter One 2021/22 financial year is delayed due to SLT reprioritisation of work programmes to manage the resilience of staff resources and recruitment constraints. |
SR19 – Emergency response. |
|
A more adaptive approach to retention is being deployed in order to retain critical staff. This risk has been exacerbated by Covid-19. Highly competitive recruitment market and shortage of skilled workers is leaving some areas understaffed. Timelines set by government has increased worker demand in some areas with consultants also working at capacity. Concern about further pandemic impacts on workforce and contractor availability. |
SR21 – Cyber Security – Enterprise Management Replacement |
|
Organisations are doing far more digitally as a result of Covid-19, this in turn increases the risk of a potential Cyber Security attack. |
Procurement Improvement Programme
15 With the Council-wide Procurement Strategy as the foundation, progress towards better procurement maturity is well in hand. Work has continued to uplift procurement capability and provide procurement support across the organisation.
16 A broader Outcomes Guide was launched to support staff to achieve wider social, economic, cultural and environmental outcomes that go beyond the immediate purchase of goods and services. The existing Council procurement framework was reviewed by independent procurement experts and improvements identified in the review are underway.
17 A procurement technology roadmap was developed, and a contract has been signed with an implementation partner. Deliverables from this work will be an external-facing Supplier Portal that enables effective digital interactions between the Council and suppliers outside a formal tender process and an internal-facing Procurement Hub that provides staff with smarter technology to guide, support and enable good procurement work.
18 Staff are provided with continuing advice and training to lift procurement capability.
Risk and Assurance
19 Development of a Council-wide assurance and business improvement work programme remains on hold due to limited resources and prioritising the Council’s Covid-19 response.
He take | Issues
20 There are no issues to be raised in this report.
Ngā kōwhiringa | Options
21 There are no options to be raised in this report.
Tangata whenua
22 There has been no direct engagement with tāngata whenua regarding this report
Panonitanga āhuarangi | Climate change
The Strategic Risk Summary attached as Appendix 2 to this report includes ‘SR1 - Natural hazards exacerbated due to - global warming, sea level rise / climate change, and earthquakes. This risk is reported on every quarter to the Audit and Risk Subcommittee with updates to the treatments being collated from the Senior Leadership Team. Ahumoni me ngā rawa | Financial and resourcing
24 There are no further financial and resourcing considerations arising from this report.
Ture me ngā Tūraru | Legal and risk
25 There are no further legal considerations arising from this report.
Ngā pānga ki ngā kaupapa here | Policy impact
26 There are no further policy implications arising from this report.
Te whakawhiti kōrero me te tūhono | Communications & engagement
Te mahere tūhono | Engagement planning
27 This matter has a low level of significance under the Council’s Significance and Engagement Policy.
Whakatairanga | Publicity
28 There are no publicity considerations.
Ngā āpitihanga | Attachments
1. Appendix
1 - Strategic Risk Matrix with plotted risks ⇩
2. Appendix
2 - Strategic Risk Summary ⇩
3 March 2022 |
8.5 Quarterly Treasury Compliance
Kaituhi | Author: Ian Georgeson, Chief Financial Officer
Kaiwhakamana | Authoriser: Mark de Haast, Group Manager Corporate Services
Te pūtake | Purpose
1 This report provides confirmation to the Audit and Risk Subcommittee of the Council’s compliance with its Treasury Management Policy (Policy) for the quarter ended 31 December 2021
He whakarāpopoto | Executive summary
2 The Council had net debt of $162.7 million at 31 December 2021, equating to 171% of operating income. This is within the LTP Financial Strategy limit of 280%.
3 The Council’s Treasury policy contains a number of treasury risk management limits or requirements designed to minimise risk. These policy requirements are reported upon in this paper. The Council complied with all policy requirements during the quarter.
Te tuku haepapa | Delegation
4 The Audit and Risk Subcommittee has delegated authority to consider this report under the following delegation in the Governance Structure, Section C.1.
Ensuring that the Council has in place a current and comprehensive risk management framework and making recommendations to the Council on risk mitigation.
Taunakitanga | Recommendations
A. That the Audit and Risk Subcommittee notes the Council’s full compliance with its Treasury Management Policy for the three months ended 31 December 2021.
Tūāpapa | Background
5 The Policy sets out a framework for the Council to manage its borrowing and investment activities in accordance with the Council’s objectives and incorporates legislative requirements.
6 The Policy mandates regular treasury reporting to management and the Strategy and Operations Committee, as well as quarterly compliance reporting to the Audit and Risk Subcommittee.
7 In order to assess the effectiveness of the Council’s treasury management activities and compliance to the Policy, certain performance measures and parameters have been prescribed. These are:
· cash/debt position;
· liquidity/funding control limits;
· interest rate risk control limits;
· counterparty credit risk;
· specific borrowing limits; and
· risk management performance.
He kōrerorero | Discussion
Cash/Debt Position
8 Table 1 below shows the Council’s net debt position as at 31 December 2021 against the 2021/22 full year budget and the prior year closing balance.
9 During the past three months, the Council has issued $10 million of new debt, bringing the total amount of debt drawn during the past six months to $40 million.
10 The $10 million issued this quarter was used to pre-fund the October 2022 ($5 million) and April 2023 ($5 million) debt maturities.
11 In addition, $5 million of 2021/22 capex programme prefunding that was held on term deposit matured in October and was reallocated to pre-fund the October 2022 debt maturity. This took total 2021/22 capex prefunding down from $25 to $20 million, in line with the reduced capex expectation for the year.
12 The table below shows (a) the movement in the Council’s external debt balance and (b) the movement in the Council’s pre-funding programme by debt maturity, for the six months ended 31 December 2021.
13 As at 31 December 2021 the Council had $87.28 million of cash, borrower notes and term deposits on hand. This is broken down as follows:
14 For the three months ended 31 December 2021, the Council has not breached its net debt upper limit, as shown in the chart below:
1
15 The Council targeted through its LTP 2021-41 financial strategy to keep net borrowings below 280% of total operating income with a preferred limit of 250%. As at 31 December 2021, the Council’s net borrowings are 171% of total operating income.
Liquidity/Funding control limits
16 Liquidity and funding management focuses on reducing the concentration of risk at any point so that the overall borrowings cost is not increased unnecessarily and/or the desired maturity profile is not compromised due to market conditions. This risk is managed by spreading and smoothing debt maturities and establishing maturity compliance buckets.
17 Since October 2015 the Council’s treasury strategy has included a debt pre-funding programme. The Policy allows pre-funding of the Council debt maturities and Capex programme up to 18 months in advance, including re-financing.
18 The strength of the Council’s debt pre-funding programme was again highlighted by the Council’s independent Credit Rating Agency, S&P Global Ratings (S&P), during their July 2021 review. This has resulted in the Council’s credit rating remaining at AA for the following year.
19 S&P has noted that the
Council’s liquidity coverage remains exceptional but has revised their
outlook on the Council to negative from stable due to the Council’s large
spending plans in the 2021-2041 long-term plan.
20 The following chart presents the Council’s debt maturity dates in relation to the financial year in which the debt was issued. This demonstrates that since 2016/17, the Council has actively reduced risk concentration by spreading debt maturity dates and debt maturity values.
2
21 Debt maturities must fall within maturity compliance buckets. These maturity buckets are as follows:
Maturity Period |
Minimum |
Maximum |
0 to 3 years |
10% |
70% |
3 to 5 years |
10% |
60% |
5 to 10 years |
10% |
50% |
10 years plus |
0% |
20% |
22 For the three months ended 31 December 2021, the Council has been fully compliant with its debt maturity limits, as shown by the chart below. The upper limits, as shown by dashed lines, relate to the bars of the same colour. For example, the 0 to 3 year upper limit of 70% is in blue. Actual maturities in the 03-year bucket are represented by the blue bars. The Council has no long-term debt maturing in ten years’ time or beyond.
Interest rate risk control limits
23 The Council issues all debt on a floating rate basis and uses fixed interest rate swaps (hedges) to minimise exposure at any one time to interest rate fluctuations. This ensures more certainty of interest rate costs when setting our Annual Plan and Long Term Plan budgets.
24 Without such hedging, the Council would have difficulty absorbing adverse interest rate movements. A 1% increase in interest rates on $250 million of external debt would equate to additional interest expense of $2.5 million per annum. Conversely, fixing interest rates does however reduce the Council’s ability to benefit from falling and/or more favourable interest rate movements.
25 The objectives of any treasury strategy are therefore to smooth out the effects of interest rate movements, while being aware of the direction of the market, and to be able to respond accordingly.
26 The Policy sets out the following interest rate limits:
Major control limit where the total notional amount of all interest rate risk management instruments (i.e. interest rate swaps) must not exceed the Council’s total actual debt, and;
Fixed/Floating Risk Control limit, that specifies that at least 55% of the Council’s borrowings must be fixed, up to a maximum of 100%.
27 The Council has been fully compliant for the three months ended 31 December 2021, as shown by the table below.
28 Similar to debt maturities, hedging instrument maturities must also fall within maturity compliance buckets. These maturity compliance buckets are as follows:
Period |
Minimum |
Maximum |
1 to 3 years |
15% |
60% |
3 to 5 years |
15% |
60% |
5 to 10 years |
15% |
60% |
10 years plus |
0% |
20% |
29 The Council has been fully compliant for the three months ended 31 December 2021, as shown by the following chart. Note that maturities falling within 1 year are not included.
Counterparty Credit Risk
30 The policy sets maximum limits on
transactions with counterparties. The purpose of this is to ensure the Council
does not concentrate its investments or risk management instruments with a
single party.
31 The policy sets the gross counterparty limits as follows:
Counterparty/Issuer |
Minimum Standard and Poor’s long term |
Investments maximum per counterparty |
Risk management instruments maximum per counterparty |
Borrowing maximum per counterparty |
NZ Government |
N/A |
Unlimited |
None |
Unlimited |
LGFA |
AA-/A-1 |
$20m |
None |
Unlimited |
NZ Registered Bank |
A+/A-1 |
60% of total investments or $25m; whichever is greater |
50% of total instruments or $80m; whichever is greater |
$50m |
32 The Council was in full compliance with all counterparty credit limits for the three months ended 31 December 2021. The tables below show the Council’s investments and risk management instruments holdings per counterparty for this period.
Term deposits
*Policy Limit: 60% of total investments or $25 million; whichever is greater
Interest rate swaps
*Policy Limit: 50% of total instruments or $80 million; whichever is greater
Specific Borrowing Limits
33 In managing debt, the Council is required to adhere to the specific borrowing limits.
34 The Council fully complied with these limits for the three months ended 31 December 2021 (or a period as otherwise specified) and the results are shown below:
Risk Management Performance
35 The following table shows the Council’s interest income and expense for the period ended 31 December 2021 together with the weighted average cost of borrowing (WACB), compared to year-to-date budget and full year forecast.
36 The following graph shows the year to date average cost of borrowings, for each month of the quarter.
He take | Issues
37 This report has a low level of significance under the Council’s Significance and Engagement Policy).
Ngā kōwhiringa | Options
38 There are no options to be considered.
Tangata whenua
39 There are no tāngata whenua considerations arising directly from this report.
Panonitanga āhuarangi | Climate change
40 There are no climate change considerations within this report.
Ahumoni me ngā rawa | Financial and resourcing
41 There are no financial and resourcing considerations in addition to those already noted in this report.
Ture me ngā Tūraru | Legal and risk
42 There are no legal and risk considerations arising from this report.
Ngā pānga ki ngā kaupapa here | Policy impact
43 There are no policy considerations in addition to those already noted in this report.
Te whakawhiti kōrero me te tūhono | Communications & engagement
Te mahere tūhono | Engagement planning
44 An engagement plan is not required for this report.
Whakatairanga | Publicity
45 There are no publicity considerations arising from this report.
Ngā āpitihanga | Attachments
3 March 2022 |
8.6 Progress Update regarding Audit Control Findings 2020/21
Kaituhi | Author: Andrew Gillespie, Risk Advisor
Kaiwhakamana | Authoriser: Mark de Haast, Group Manager Corporate Services
Te pūtake | Purpose
1 This report provides the Audit and Risk Subcommittee with a progress update regards Ernst & Young’s (Audit) Report on Control Findings for the year ended 30 June 2021.
He whakarāpopoto | Executive summary
2 This report does not exceed four pages therefore there is no requirement for an Executive Summary.
Te tuku haepapa | Delegation
3 The Audit and Risk Subcommittee has delegated authority to consider this report under the following delegation in the Governance Structure, Section B.3.
· Reviewing and maintaining the internal control framework.
· Obtaining from external auditors any information relevant to the Council’s financial statements and assessing whether appropriate action has been taken by management in response to the above.
Taunakitanga | Recommendations
A. That the Audit & Risk Sub-Committee notes:
A.1 the progress update regarding Ernst & Young’s Report on Control Findings for the year ended 30 June 2021, and
A.2 that Ernst & Young will re-assess these as part of their audit for the year ended 30 June 2022.
Tūāpapa | Background
4 In accordance with New Zealand Auditing Standards, Audit performed a review of the design and operating effectiveness of the Council’s significant financial reporting processes as part of their audit for the year ended 30 June 2021.
5 Control risk matters and/or issues are classified as high, moderate, or low. Control risk definitions are as follows:
|
Ernst & Young – Risk Ranking System |
High |
Matters and/or issues considered to be fundamental to the mitigation of material risk, maintenance of internal control or good corporate governance. Action should be taken either immediately or within three months. |
Matters and/or issues considered to be of major importance
to maintenance of internal control, good corporate governance, or best practice
for processes. |
|
Low |
A weakness which does not seriously detract from the internal control framework. If required, action should be taken within 6 -12 months. |
He kōrerorero | Discussion
6 Audit identified six control risk issues in their Report on Control Findings for the year ended 30 June 2021. One of the risk control issues was ranked as moderate and five as low.
7 The table below details the year-to-date progress against these control findings.
Risk Level |
Control Findings year end 30 June 2021 |
As at March 2022 |
||
Status |
Update |
|||
Moderate |
2.1.1 |
Accuracy of response & resolution times |
On track l |
· Work is underway with the Digital Solutions team to simplify all data input fields in MagiQ to ensure timely and accurate reporting against Council’s performance measures. |
Low |
2.2.1 |
Approval of expenditure |
On track l |
· Eight instances were identified where an expense claim was authorised by a person who was not one up from the person benefiting from the expenditure. · Further investigation has identified that the eight instances related to expense claims for (a) the mayor or elected members, which were approved by the CE, or (b) the CE, which were approved by the GM Corporate Services or, in two instances, the Democracy Services Manager. These approvals are consistent with recent council practice which are considered to be good practice, however management accepts this should be clarified in council policy. This will be attended to in the next revision of the Elected Member Expense and Remuneration Policy, and the Delegations policy which is under development. |
2.2.2 |
Purchase orders approved after receiving invoices |
On track l |
· Four instances were identified where purchase orders were approved after invoices were received. Management accepts that it is best practice for purchase orders to be approved prior to work being commissioned and invoices received. This will be reiterated to the budget managers involved with the four identified exceptions. |
|
2.2.3 |
Missing job sheet for water request for service |
On track l |
· EY are engaging an internal IT specialist to determine the best way that they can approach testing service requests at year end, which would include assessing the IT general control environment. |
|
2.3.4 |
Transition to maintenance of records electronically |
On track l |
· This Control Finding relates to both SSP documentation and Payroll documentation that was unable to be supplied to EY while we were in a Covid-19 lockdown last year. · With regards to the SSP documentation, the use of MagiQ ensures that this information is captured electronically and has been clarified with EY. · We are still looking into solutions for the Payroll documentation and will bring a further update to the Subcommittee in the next coming months. |
|
2.3.5 |
Signed contract not available |
On track l
|
· A procurement technology roadmap has been developed, and a contract has been signed with an implementation partner. The implementation of the internally-facing Procurement Hub and the organisation-wide contracts register are included in the deliverables. · Staff are provided with continuing advice and training to lift procurement capability. |
8 In keeping with standard practice, Audit will consider whether these control findings can be closed-out, as part of their audit for the year ended 30 June 2022.
He take | Issues
9 There are no issues to be raised in this report.
Ngā kōwhiringa | Options
10 There are no options to be raised in this report.
Tangata whenua
11 There are no tāngata whenua considerations arising from this report.
Panonitanga āhuarangi | Climate change
There are no Climate Change issues arising from this report. Ahumoni me ngā rawa | Financial and resourcing
13 Financial considerations have been covered as part of this report.
Ture me ngā Tūraru | Legal and risk
14 There are no legal considerations arising from this report.
Ngā pānga ki ngā kaupapa here | Policy impact
15 There are no policy implications arising from this report.
Te whakawhiti kōrero me te tūhono | Communications & engagement
Te mahere tūhono | Engagement planning
16 This matter has a low level of significance under the Council’s Significance and Engagement Policy.
Whakatairanga | Publicity
17 There are no publicity considerations.
Ngā āpitihanga | Attachments
3 March 2022 |
Author: Jayne Nock, Executive Secretary to Group Manager Corporate Services
Authoriser: Mark de Haast, Group Manager Corporate Services
That the minutes of the Audit and Risk Subcommittee meeting on 2 November 2021 be accepted as a true and accurate record of the meeting |
1. Draft
Minutes of the Audit and Risk Sub-Committee of 2 November 2021 ⇩
3 March 2022 |
Resolution to Exclude the Public