Internal Audit Report

Pension Fund Governance 2022/23

Final

Assignment Lead: Jodie Lulham, Principal Auditor

Assignment Manager: Danny Simpson, Principal Auditor

Prepared for: East Sussex County Council

Date: August 2022

 

Report Distribution List

Draft Report Distribution

Sian Kunert, Head of Pensions

Michael Burton, Pensions Manager Governance and Compliance

 

Final Report Distribution

As per the draft report distribution list, with the inclusion of:

Ros Parker, Chief Operating Officer

Ian Gutsell, Chief Finance Officer

Pension Board

Pension Committee

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

                         

This audit report is written for the officers named in the distribution list. If you would like to share it with anyone else, please consult the Chief Internal Auditor.

East Sussex County Council - Internal Audit Key Contact Information

Chief Internal Auditor: Russell Banks, ( 07824362739, * russell.banks@eastsussex.gov.uk

Audit Manager: Nigel Chilcott, ( 01273 481992, * nigel.chilcott@eastsussex.gov.uk

Anti-Fraud Hotline:  ( 01273 481995, * FraudHotline@eastsussex.gov.uk

 

1.                 Introduction

1.1.           East Sussex County Council (ESCC) administers and manages the East Sussex Pension Fund (the Fund) on behalf of 132 employers.

1.2.           The Fund is responsible for managing assets for the long-term benefit of scheme members in accordance with statutory regulations.  Whilst, the Pension Committee is responsible for making arrangements for the administration and investment of the Fund, they receive advice as appropriate from the Pension Board, which is a statutory requirement to assist the Scheme Manager (ESCC) in securing compliance with all relevant pensions’ law, regulations and directions.  The administration of the Pension Fund is undertaken by East Sussex County Council.

1.3.           This audit assessed the effectiveness of the Fund’s governance arrangements and sought to provide assurance that strategic oversight, risk management, reporting and communication processes are in place to maximise the likelihood that the Fund’s objectives are met. 

1.4.           This report has been issued on an exception basis whereby only weaknesses in the control environment have been highlighted within the main body of the report.

 

2.                 Scope

2.1.           The purpose of the audit was to provide assurance that controls are in place to meet the following objectives:

·                   Governance arrangements are resilient and provide sufficient and effective oversight.

·                   Risk management arrangements are robust.

·                   Communication is efficient and effective.

·                   Reporting arrangements ensure that poor performance is identified and corrected.

 

 

 

3.                 Audit Opinion

3.1.      Substantial Assurance is provided in respect of Pension Fund Governance 2022/23.  This opinion means that controls are in place and are operating as expected to manage key risks to the achievement of system or service objectives.

Appendix A provides a summary of the opinions and what they mean and sets out management responsibilities.

 

4.                 Basis of Opinion

4.1.           Based on the testing undertaken, we have been able to provide an opinion of Substantial Assurance over the controls in place because:

4.2.           There is a Pension Board and a Pension Committee in place, with clearly defined membership and agreed terms of reference setting out their remit. The Board and Committee meet regularly, and minutes of meetings are published online.

4.3.           There is a comprehensive risk management policy in place which is subject to regular review and contains sufficient detail in relation to the risk management process to be followed by Fund officers.

4.4.           The Pension Board and Committee provide scrutiny over the risk register on a regular basis, ensuring that risks are subject to sufficient challenge.

4.5.           The Communication Strategy is up to date and covers communication with members (active, deferred and pensioner), as well as scheme employers, the Pension Committee and Board, and other key stakeholders. The team are complying with the communication strategy and sharing information with stakeholders. There are regular opportunities for communication between the Fund and employers, with support provided where necessary.

4.6.           Investment performance is regularly reported to the Pension Committee, and there are clear processes in place to take action, should an investment not be performing as expected.

4.7.           There is a Breaches Policy in place, which contains clear protocols for the identification and reporting of breaches, which is shared with the Pension Board and Committee on a regular basis to ensure oversight.

4.8.           The Governance Manual for the ACCESS Pool is now in place as a working copy and has been approved by the S151 Officers associated with the group.

4.9.           However, we did identify that skills evaluations have not yet been completed by all members of the Pension Board and Committee, increasing the risk that potential training needs have not been identified, and opportunities for strengthening the effectiveness of the Board and Committee may be missed.

 

 

 

 

5.                 Action Summary

 

5.1.           The table below summarises the actions that have been agreed together with the risk:

 

Risk

Definition

No

Ref

 

 

High

This is a major control weakness requiring attention.

 

 

 

 

Medium

Existing procedures have a negative impact on internal control or the efficient use of resources.

 

 

 

 

Low

This represents good practice; implementation is not fundamental to internal control.

1

1

 

 

Total number of agreed actions

1

 

5.2.           Full details of the audit findings and agreed actions are contained in the detailed findings section below.

5.3.           As part of our quarterly progress reports to Audit Committee we track and report progress made in implementing all high priority actions agreed. Medium and low priority actions will be monitored and re-assessed by Internal Audit at the next audit review or through random sample checks.

6.                 Acknowledgement

6.1.           We would like to thank all staff that provided assistance during the course of this audit.

 

 

Ref

Finding

Potential Risk Implication

Risk

Agreed Action

1

Skills Evaluations for Board and Committee Members

 

 

 

Although it is acknowledged that there have been recent changes to the composition of the Pension Board and Committee, skills analyses have not been completed by all members of these groups, with only two out of seven Board members and four out of five Committee members having completed the evaluation at the time of testing.

 

 

Where all members of the Board and Committee have not undertaken a skills analysis, there is a risk that there any gaps in knowledge are not identified, resulting in reduced oversight and decision-making that is not fully informed.

 

Low

A skills evaluation is conducted once a year and all members of both the Pension Board and Committee are asked to complete this in line with the approved Training policy, with officers chasing those members who have not completed. A training report is provided twice a year where officers advise Board and Committee of non-compliance to complete training requirements.

 

The next evaluation is due to be launched in August and those not completing being actively chased. Officers do not have specific powers to compel Committee and Board members to complete the evaluation but will liaise with the Chairs to encourage completion. There will often be changes in membership across the Board and Committee and due to the specialist nature of Pensions the knowledge and skills analysis can only be completed after some time in post following induction training and exposure to the LGPS, hence this being an annual evaluation with the resulting training plan reported in November.

 

Responsible Officer:

Michael Burton, Pensions Manager – Governance and Compliance

Target Implementation Date:

31 October 2022

Audit Opinions and Definitions

 

Opinion

Definition

Substantial Assurance

Controls are in place and are operating as expected to manage key risks to the achievement of system or service objectives.

Reasonable Assurance

Most controls are in place and are operating as expected to manage key risks to the achievement of system or service objectives.

Partial Assurance

There are weaknesses in the system of control and/or the level of non-compliance is such as to put the achievement of the system or service objectives at risk.

Minimal Assurance

Controls are generally weak or non-existent, leaving the system open to the risk of significant error or fraud.  There is a high risk to the ability of the system/service to meet its objectives.

 

Management Responsibilities

 

The matters raised in this report are only those which came to our attention during our internal audit work and are not necessarily a comprehensive statement of all the weaknesses that exist, or of all the improvements that may be required.

 

Internal control systems, no matter how well designed and operated, are affected by inherent limitations. These include the possibility of poor judgment in decision-making, human error, control processes being deliberately circumvented by employees and others, management overriding controls and the occurrence of unforeseeable circumstances.

 

This report, and our work, should not be taken as a substitute for management’s responsibilities for the application of sound business practices. We emphasise that it is management’s responsibility to develop and maintain sound systems of risk management, internal control and governance and for the prevention and detection of irregularities and fraud. Internal Audit work should not be seen as a substitute for management’s responsibilities for the design and operation of these systems.