Minutes:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
68.1. The Board considered a report containing the draft East Sussex Pension Fund Internal Audit Strategy and two recently completed Internal Audit reports on the ESPF.
68.2. Danny Simpson (DS), Principal Auditor, said that the current strategy was three years old and it was felt necessary that a new Internal Audit Strategy for the ESPF needed to be developed that could be applied to the two sovereign organisations in Orbis (East Sussex County Council and Surrey County Council) that are responsible for managing pension funds, subject to the approval of their respective committees. The strategy was currently a draft at the consultation stage. DS said that the main change from the existing strategy was the addition of an audit of the ACCESS pooling process. He said that it was prudent to have this as a separate audit for now but as it became part of business as usual it may be subsumed into the more general governance and investments audit. He confirmed that it was proposed that the other audits would carry on as before.
68.3. The Chair observed that Pensions Regulator requires that pension funds hold 11 common data sets for all scheme members. He said it would be useful for internal audit to carry out an audit of these data sets to confirm whether or not they adhered to the Pensions Regulator’s requirements. Nigel Chilcott (NC), Senior Audit Manager, agreed that Internal Audit would look into including regulatory compliance as an area for audit.
68.4. Councillor Brian Redman (BR) asked whether the internal audit team audited the whole of Orbis and how costs were shard between the two sovereign organisations comprising Orbis. NC said that the Internal Audit Strategy would be for the East Sussex Pension Fund (of which Brighton & Hove City Council is a member) and that there would be a very similar, but separate Strategy for Surrey’s pension fund.
68.5. Ian Gutsell (IG), Chief Finance Officer explained that there is an integrated internal audit team for Orbis. All members of this team work under the Orbis banner but are employed by their sovereign organisations. It is an integrated service that delivers the internal audit function across the three organisations and has an integrated pooled budget; the team then charges respective individual organisations for their internal audit work. This means that there is no additional cost for any of the three organisations for internal audit compared to if internal audit was provided in-house, and the pooled arrangements in fact deliver some efficiency savings. All three organisations’ section 151 officers sign off their respective internal audit strategies.
68.6. BR asked whether there are plans in the future to sell-off Orbis as a business separate from local authority control. IG said there were no plans to do so.
68.7. In introducing the Pension Fund Administration Internal Audit report, NC said that this has received reasonable assurance and that there were no areas of improvement deemed to be high risk. In addition, assurance had been obtained that all required actions from the previous review in this area had been completed by the relevant responsible officers.
68.8. The Chair asked whether Internal Audit checks whether actions have been implemented on an individual basis, or whether they are checked when the next audit is carried out. NC explained that implementation dates for actions for improvement are agreed as part of each audit. For all high priority actions, internal audit will seek confirmation that they have been implemented as part of the ongoing action tracking process. In addition, any audits that receive minimal (and sometimes partial) assurance are subject to a follow-up review in their own right. However, where medium or low priority actions are agreed and the audit opinion is better than partial assurance checks to confirm they have been implemented will be completed as part of the next audit. Failure to implement agreed actions would result in reports to the Pension Board and Audit Committee.
68.9. In relation to the External Control Assurance review which received substantial assurance, the Chair asked whether investment managers are required to provide specific information for this review. NC explained that investment managers are required to obtain and provide external independent assurance on how robust their administrative and accounting control procedures are in accordance with regulations. OO added that some investment managers are also audited by their own internal audit function and all have to report separately to the Financial Conduct Authority (FCA).
68.10. The Board RESOLVED to
1) note the reports; and
2) recommend that internal audit consider an audit of the common data sets provided to the Pensions Regulator
Supporting documents: