Attachment 01 Croydon Integrated Governance and Audit Committee Minutes Date: Tuesday 20 June, 2013 Time: 9.30-11.30 a.m. Location: Masonic Hall Croydon Present: Members: Helen Pernelet, Lay Member and Chair (Governance and PPI) David Hughes, Lay Member for Finance Amy Page, Lay Member Nursing In Attendance: Paula Swann, (PS) Croydon Accountable Officer Croydon CCG Mike Sexton, (MS) Chief Finance Officer Fouzia Harrington (), Director of Governance and Quality Michael Mulligan (MM) CSU Financial Controller Mike Harling (MH), CSU Counter Fraud Paul Montgomery (PM) Internal Audit Surinder Ahir, (SA) Internal Audit Sue Exton, (SE), External Audit Sarah Ironmonger (SI) External Audit Linda Harmston, (LH) Minutes Richard Bates, CSU Director of Finance Fleur Nieboer, (FN) KPMG 1 Apologies Action Apologies were received from Kevin Limm, (Parkhill Audit Agency) Paul Montgomery attended on his behalf. Rebecca Chappell Mike Harling attended on her behalf. 2. Declarations of Interest There were no declarations of interest. 3 3.1 3.2 Minutes of Last Meeting. The minutes of the last meeting were agreed with the following exception; 5.2. David Hughes was uncomfortable that although Amy Page was attending the Integrated Audit and Governance Committee as Chief Nurse, she was also Executive Lead for Quality and this could cause conflict. He felt A GP should be invited to be a member and Amy Page be in attendance. Paula Swann noted that Amy Page was executive lead for Safeguarding and Fouzia Harrington was the executive lead for quality. She advised that scenario happened across the Board. GPs had special interests and therefore conflicts. Page 1
3.3 3.4 4 4.1 5 5.1 5.2 5.3 5.4 5.5 5.6 5.7 David Hughes requested that the wording be amended to say that 2 lay members and 2 executive members need to be in attendance for the meeting to be quorate. Amy Page asked for it to be noted that she was very clear about her role in each of the meetings she attended, whether it was as an executive member for safeguarding or a lay member for quality. Matters Arising and Action Log All matters arising were included in the agenda. Governance Structure Review Fouzia Harrington advised that the structure (Option C) had been recommended within the circulated paper. However, since drafting the paper a further option had now been put forward which was circulated to the committee (Option E). Option E was similar to the current governance structure in terms of the roles and responsibilities of each of the committees but would enable the committee to maintain an overview of finances while clarifying accountability to the Governing Body for finance and quality issues. The option takes into account the remit of the Integrated Governance and Audit Committee in its wider role enabling scrutiny of Finance Committee. David Hughes agreed this addressed his concerns around his professional accountability and allowed the broader remit for the Integrated Governance and Audit Committee. Paul Montgomery thought the option satisfactory but advised that a report needed to be prepared setting out conclusions of the committee to the Governing Body on a regular basis. The committee agreed to adopt Option E in the future but to keep it open for review. Fouzia Harrington advised that all formal structures had to be agreed with the Governing Body, then the council of members and finally NHSE. The next NHS England gateway for this would be November. Terms of Reference Paula Swann stated that the Terms of Reference (3.1) would need to be agreed for the current governance structure and be subsequently amended to reflect the new structure and consideration would be need to be given to the membership following the previous discussion. David Hughes queried the authority process on tender waivers Paula Swann advised they were approved by the Chief Officer or Chief Financial Officer within delegated limit or by the Chair outside of limits. They were then brought to Integrated Governance and Audit Committee for information and noting. The Integrated Governance and Audit Committee could, if they had concerns, request a review of tender waivers. The committee agreed the Terms of Reference subject to the change Page 2 of 8
in quoracy, outlined earlier and they would be presented to the Governing Body 5.8 5.9 5.10 6 6.1 6.2 6.3 6.4 Integrated Governance and Audit Committee Business Programme David Hughes was concerned that the agenda focused too much on finance and administration and did not give sufficient time to quality. Helen Pernelet felt that the agenda should reflect our Strategic Risks. Paula Swann advised this would come through the Internal Audit reports when issues were picked up. Surinder Ahir advised that Third Party Assurance in relation to commissioning support services also needs to be added to the agenda. Fouzia Harrington/Surinder Ahir would review the internal audit outcomes and highlight when they would be on the Integrated Governance and Audit committee agenda. She would amend the Business Plan and bring back as a regular item. Risk Management: Assurance Framework and Risk Management Update Fouzia Harrington advised that the Governing Body had held a risk appetite and risk management session in May and the paper reflected the outcome. A pictorial mapping of risks would be developed for a future meeting. David Hughes praised the considerable progress made. He queried how risk registers were being maintained throughout the organisation. Fouzia Harrington advised that each directorate had a register and was responsible for identifying risks. The relevant director agreed the level of risk and placed them on the register with actions assigned within the team. There was also a more detailed risk register for QIPP schemes held by the Finance Department. Staff were attending training sessions to ensure all understand the process. She also reflected that it would be reviewed at senior management team. David Hughes requested sight of the Internal Audit plan mapped to the Board Assurance framework. Surinder Ahir would forward this to the committee. David Hughes also requested that the underlying risk registers be brought to the next meeting to give assurance that they were comprehensive. Paula Swann felt that assurance would be achieved from Internal Auditors once they had reviewed the system and were happy with it. Surinder Ahir confirmed they would carry out an early review and have a report for the September meeting. Helen Pernelet agreed with David Hughes that the committee should review the BAF in full at the September meeting. She suggested the committee looked at a couple of risks on the Risk Register to get an overview of the process and suggested the risk registers be brought for background information with a report from the internal auditors. Fouzia Harrington would ensure that the September agenda would /SA SA SA Page 3 of 8
include a review of the BAF. David Hughes suggested that the BAF be included in the Governing Body packs in future for referral purposes only. 7 7.1 7.2 7.3 7.4 7.5 7.6 7.7 Internal Audit Croydon CCG Internal Audit 2013/14 Surinder Ahir advised that a number of actions on the log had been addressed and they were mapping the Audit Plan to the Assurance Framework. He had met with Mike Sexton and Fouzia Harrington to discuss the BAF and Risk Management and other CCG governance structures to help review internal arrangements. Parkhill had attended the CSU Internal Audit Summit hosted by KPMG. They had liaised with RMS Tenon and collated all outstanding internal audit recommendations raised as part of the SW London internal audit reviews. There were no recommendations being carried forward into Croydon CCG in 2013/14. Surinder Ahir confirmed that they had access to the work carried out by PWC in support of the CCGs financial planning, in order to incorporate it into their plan. David Hughes queried the reporting process. Surinder Ahir advised that draft reports were sent to CCG within two weeks of the field work being completed. Management response was required within two weeks after which the report was published. David Hughes requested that the final report be sent to committee members at the same time as management. David Hughes queried the indirect days. He advised that there should be a maximum of 20% with the aim of 10%. He felt that 15 days allotted to management would be too many and, as it was a small plan, not the necessity for 2 people to attend meetings. Paul Montgomery advised that they would analyse this time and give clarification around its use. Internal Audit of CSU Services The CSU had issued a draft consultation paper and initiated a workshop which Mike Sexton and the Internal and External Auditors attended. The contract between the CCG and CSU was in the process of being finalised and included the provision of third party assurance. The key messages were that the CSU needed to strengthen its corporate governance structures for CCGs; KPMG needed to develop an internal audit plan that reflected generic audits and CCG specific audits; and the CCG Audit Committee gain assurance by receiving the Internal Audit plan and individual internal audit reports for information Fleur Nieboer from KPMG advised that since May they had been meeting with all chairs of CCG Audit Committees and CFOs. A draft internal audit plan had been developed which had a combination of 1 and 2 tier reviews. Tier 1 reviews would be reported to CCGs in full SA PM/SA Page 4 of 8
and go on to a shared portal. For shared management there would be appendices for individual CCGs. Tier 2 reporting was for CSU only but a report would be sent to CCGs quarterly which would also be uploaded onto the shared portal. Mike Sexton confirmed that the CSU (Financial Governance and Control) would manage the paper flow to give a summarised version for these reports but this was still work in progress. 7.8 7.9 7.10 7.11 7.12 7.13 8 8.1 8.2 Fleur Nieboer advised that plan would be finalised with the CSU by the end of the month and would be shared with CCGs. The Head of Internal Audit would meet with individual CCGs so that any issues were raised and resolved. KPMG would be giving an annual opinion to the CSU. David Hughes queried how confident Parkhill felt about this. Surinder Ahir advised that Parkhill would give their own opinion and were confident that KPMG had processes in place. However, they would only be able to answer this fully when they had seen the detailed plan. Paula Swann queried how the CCG would obtain third party assurance over payroll etc. Fleur Nieboer advised that KPMG would do further work on this but Shared Business Services issued an annual opinion which in the past had always been clean. Richard Bates advised that NHS England had appointed Deloittes as the Internal Auditors and he would be meeting with them next week to see how third party assurance aligns with this. Fleur advised that KPMG would be unable to look at every system in the first year so it was important that Internal Audit were happy to reflect this in their own opinion for Croydon. David Hughes commented that as Croydon was using CSU more than most other CCGs it was important to ensure that the programme covers all the resources that Croydon needed. KPMG would keep this in mind and discuss with internal audit. Paula Swann advised that a third party assurance mapping to identify systems and who would be assessing them shuld be developed for the CCG External Audit Update Sue Exton advised that they had raised comments about the last years PCT accounts which should not impact on CCG going forward but did have an impact on the audit as there were a set of issues that could not be resolved. The Assets Register had not been updated throughout the year and needed to done in a timely manner throughout the coming year. A further issue was that the system allowed staff to self-authorise journals they had posted. This had not caused an issue but was not good practice. SA Page 5 of 8
8.3 8.4 8.5 8.6 8.7 8.8 8.9 9 9.1 9.2 There was still work to done on the opening balance sheet mapping and this would be picked up in the Finance Committee. David Hughes queried what the recurring issues were likely to be. Sarah Ironmonger advised that the strain on staff due to the transfers would not reoccur this year. Meetings would be held with Michael Mulligan monthly to discuss assets, control accounts etc. to ensure that the issue log was closed down monthly. Croydon had hosted the London Specialised Commissioning Unit who had had a number of issues to resolve that impacted on the PCT. Sue Exton confirmed she would meet with CSU to look at key risks and ensure the timetable was deliverable. Audit Fee Letter Paula Swann commented that though the plan was smaller, the fee was not much lower than last year. Sue Exton confirmed that the fee was set by the Audit Commission. It may be possible to renegotiate when a better feel for the work needed was achieved. David Hughes requested to see the detailed plan in order to have a more informed discussion. Sue Exton advised that the Audit cycle showed when the work would be carried out. The accounts were expected to be completed by the end of April and the report ready in June. An opinion would then be given on the accounts and Value for Money. David Hughes felt that the timetable was back-ended and hoped to move to the plan coming out in September or October with a hard close in Month 9. Sue Exton said this was the aspiration but in reality did not work as much of the CCG transactions with providers took place at the end of the year and there was too much movement to close in Month 9. Sue Exton confirmed she was confident about receiving assurance for third parties. This would be looked at during the interim audit and any issues reported back. She confirmed that Grant Thornton would work with the internal auditors for CSU. Similar arrangements had worked well last year. David Hughes requested that any concerns on the scope of work was highlighted early. David Hughes queried whether the contract with CSU gave rights of access. Mike Sexton confirmed the contract had not yet been signed and he would ensure that the CCG had relevant access. Counter Fraud Progress Report Work plan for sign off Mike Harling represented Rebecca Chappell. He advised that NHS Protect recommend that the Risk Assessment tool should be adopted by all as it is vital in highlighting areas of weakness. Updates will be brought to the Committee throughout the year. The Bribery Risk Assessment Tool had been created locally to review current procedures across the CCG. MS SE SE MS Page 6 of 8
9.3 9.4 9.5 The proposed work plan will remain flexible so that time can be spent in the areas of greatest risk. The risk areas were the use of temporary consultants, QIPP, procurement and fraud within the commissioning process. It was agreed that the September meeting would receive a counter fraud report on the key counter fraud risks David Hughes queried what the CCG would get for the 55 counter fraud days and asked for the main 5 risks. He requested a summary of actions. Richard Bates commented that it was it was recognised that the 55 days may be too many. The committee welcomed his suggestion that he arrange a dedicated session around counter fraud up to clarify what is provided. The Policy in relation to Fraud and Fraud Response and the Anti- Bribery Policy were agreed subject to agreeing the lead directors. RC RB 10 10.1 10.2 10.3 11 11.1 11.2 12 12.1 Losses and Compensations Mike Sexton advised that there was nothing to report at this stage. David Hughes queried if there were any losses that would carry over from last year. Mike Sexton advised these were mainly bad debt provisions or write offs relating to Croydon Health Services and GP rents. The only other concern was a possible redundancy payment that may need to be made to three Practice Managers now considered to be the CCGs responsibility. Senior Management Team were exploring the options. Report on Waiver of Standing Orders and Prime Financial Policies Mike Sexton advised there was one Tender Waiver that had been agreed relating to the extension of PWCs engagement in order to drive the QIPP programmes forward. The committee noted the waiver Mike Sexton advised there would be a further waiver coming from CRESS which would cover the review of appropriate GP and Consultant to Consultant referrals. Revised Scheme of Delegation The revised scheme of delegation was discussed. David Hughes queried the requirement of a lay member to countersign in sections 6d and 6e as he felt they would not have sufficient knowledge of the request. Paula Swann advised that this was the format used across the NHS. A short report is provided for all signatories around the process for waiver. She advised that this item could not be taken in isolation as they would reflect on SIs and SOs. Mike Sexton will bring clarification around 6e and 6d to the next meeting. MS 13 Information Governance Page 7 of 8
13.1 13.2 Fouzia Harrington advised there were two elements to the paper, 1) achieving level 2 against the IG tool kit and the risk register around Information Governance. She advised that the RAG rating was mainly green as the CCG was on target for achieving its action plans. There was one amber rating around the changes in the way the CCG is allowed to use information that it patient identifiable. This was an issue for all CCGs but work is being done on this and it would be reflected in the risk register. A report would be brought back to the committee around an Information Governance breach that occurred with the PCT but which the CCG needed to reflect on for learning purposes. 14 Finance Committee Terms of Reference Mike Sexton advised that in the light of earlier discussions around membership he would amend section 4 to reflect this in November when the Information Governance and Audit Committee Terms of Reference were changed. MS 15 Finance Committee Minutes Noted 16 Draft Minutes of the Quality sub Committee Noted. Helen Pernolet stated that she would like to see Quality higher on the agenda in future meetings. 17 Any Other Business None 19 Date of Next meeting 16 September 2013 Page 8 of 8