Risk and Assurance Committee Agenda

NOTICE IS GIVEN that the next meeting of the Risk and Assurance Committee will be held in Council Chambers, Regional House, 1 Elizabeth Street, Tauranga on:

Thursday 7 December 2023 COMMENCING AT 9.30 am

This meeting will be livestreamed and recorded.

The Public section of this meeting will be livestreamed and recorded and uploaded to Bay of Plenty Regional Council’s website.  Further details on this can be found after the Terms of Reference within the Agenda. Bay of Plenty Regional Council - YouTube

 

Fiona McTavish

Chief Executive, Bay of Plenty Regional Council Toi Moana

29 November 2023

 


 

Risk and Assurance Committee

Membership

Chairperson

Cr Stuart Crosby

Deputy Chairperson (Independent)

Bruce Robertson

Members

Cr Ron Scott

Cr Andrew von Dadelszen

Cr Te Taru White

Cr Kevin Winters

Ex Officio

Chairman Doug Leeder

Quorum

Three members, consisting of half the number of members

Meeting frequency

Quarterly

Purpose

Monitor the effectiveness of Council’s funding and financial policies and frameworks to ensure the Council is managing its finances in an appropriate manner.

Monitor the effectiveness of Council's performance monitoring framework.

Ensure that Council is delivering on agreed outcomes.

Role

·                Monitor the effectiveness of Council’s funding and financial policies and Council’s performance monitoring framework (financial and non-financial).

·                Review Council’s draft Annual Report prior to Council’s adoption.

·                Receive and review external audit letters and management reports.

·                Approve and review the internal audit plan and review the annual programme report.

·                Approve, review and monitor Council’s risk framework and policy.

·                Review the risk register.

·                Monitor Council’s legislative compliance and receive reporting on non-compliance matters as part of risk management reporting.

Power to Act

To make all decisions necessary to fulfil the role and scope of the committee subject to the limitations imposed.

Power to Recommend

To Council and/or any standing committee as it deems appropriate.

The Risk and Assurance Committee is not delegated authority to:

·                Develop, review or approve strategic policy and strategy.

·                Develop, review or approve Council’s Financial Strategy, funding and financial policies and non-financial operational policies and plans.

The Risk and Assurance Committee reports directly to the Regional Council.


 

Recording of Meetings

Please note the Public section of this meeting is being recorded and streamed live on Bay of Plenty Regional Council’s website in accordance with Council's Live Streaming and Recording of Meetings Protocols which can be viewed on Council’s website. The recording will be archived and made publicly available on Council's website within two working days after the meeting on www.boprc.govt.nz for a period of three years (or as otherwise agreed to by Council).

All care is taken to maintain your privacy; however, as a visitor in the public gallery or as a participant at the meeting, your presence may be recorded. By remaining in the public gallery, it is understood your consent is given if your image is inadvertently broadcast.

Opinions expressed or statements made by individual persons during a meeting are not the opinions or statements of the Bay of Plenty Regional Council. Council accepts no liability for any opinions or statements made during a meeting.

 


Bay of Plenty Regional Council - Toi Moana

Governance Commitment

mō te taiao, mō ngā tāngata - our environment and our people go hand-in-hand.

 

 

We provide excellent governance when, individually and collectively, we:

·        Trust and respect each other

·        Stay strategic and focused

·        Are courageous and challenge the status quo in all we do

·        Listen to our stakeholders and value their input

·        Listen to each other to understand various perspectives

·        Act as a team who can challenge, change and add value

·        Continually evaluate what we do

 

 

TREAD LIGHTLY, THINK DEEPLY,
ACT WISELY, SPEAK KINDLY, JOURNEY TOGETHER.


Risk and Assurance Committee                                                                                  7 December 2023

Recommendations in reports are not to be construed as Council policy until adopted by Council.

Agenda

1.       Apologies

2.       Public Forum

3.       Items not on the Agenda

4.       Order of Business

5.       Declaration of Conflicts of Interest

6.       Public Excluded Business to be Transferred into the Open

7.       Minutes

Minutes to be Confirmed

7.1      Risk and Assurance Committee Minutes - 5 October 2023                  2

8.       Reports

8.1      Chairperson's Report                                                                               2

Attachment 1 - Risk and Assurance Work Programme March 2024 - September 2024                                                                                                                                                 2

Attachment 2 - Risk and Assurance Completed Work Programme  March 2023 to October 2023                                                                                                                         2

8.2      Assessment of Bay of Plenty Regional Council's practice in relation to the Ombudsman's "Open for Business" report on the use of workshops                                                                                                                   2

Attachment 1 - Ombudsman's Report Actions                                                                2

8.3      Audit Engagement Letter: Audit of the Consultation Document on Long-Term Plan for the period commencing 1 July 2024

This item will be distributed under a separate cover.

8.4      Artificial Intelligence Update                                                                  2

8.5      Rates Risk Report - Implementation of the Rates Assessment and Collection Process                                                                                   2

8.6      Internal Audit Status Update                                                                  2

9.       Public Excluded Section

Resolution to exclude the public

Excludes the public from the following parts of the proceedings of this meeting as set out below:

The general subject of each matter to be considered while the public is excluded, the reason for passing this resolution in relation to each matter, and the specific grounds under section 48(1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are as follows:

Item No.

Subject of each matter to be considered

Reason for passing this resolution in relation to each matter

Grounds under Section 48(1) for the passing of this resolution

When the item can be released into the public

9.1

Public Excluded Risk and Assurance Committee Minutes - 5 October 2023

As noted in the relevant Minutes.

As noted in the relevant Minutes.

To remain in public excluded.

9.2

Completed Internal Audit Reviews & Overdue Actions Update

Withholding the information is necessary to protect information which is subject to an obligation of confidence or which any person has been or could be compelled to provide under the authority of any enactment, where the making available of the information would be likely to prejudice the supply of similar information, or information from the same source, and it is in the public interest that such information should continue to be supplied.

48(1)(a)(i) Section 7 (2)(c)(i).

On the Chief Executive's approval.

9.3

Key Risk Register

Withholding the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage.

48(1)(a)(i) Section 7 (2)(j).

On the Chief Executive's approval.

9.4

Flood Implications Work Programme

Withholding the information is necessary to maintain legal professional privilege.

48(1)(a)(i) Section 7 (2)(g).

To remain in public excluded.

 

Minutes to be Confirmed

9.1      Public Excluded Risk and Assurance Committee Minutes - 5 October 2023

Reports

9.2      Completed Internal Audit Reviews & Overdue Actions Update

Attachment 1 - Executive Summary - Rates Process Internal Audit

9.3      Key Risk Register

Attachment 1 - Key risk register - September 2023

Attachment 2 - KRR - Heat Map September 2023

9.4      Flood Implications Work Programme

Attachment 1 - Flood Implications Programme Structure PDF

10.     Public Excluded Business to be Transferred into the Open

11.     Readmit the Public

12.     Consideration of Items not on the Agenda


Risk and Assurance Committee Minutes

5 October 2023

 

Risk and Assurance Committee

Open Minutes

Commencing:             Thursday 5 October 2023, 9.30am

Venue:                         Council Chambers, Regional House, 1 Elizabeth Street, Tauranga

Chairperson:               Cr Stuart Crosby

Deputy Chairperson:  Bruce Robertson (Independent Member)

Members:                    Cr Ron Scott

Cr Andrew von Dadelszen

Cr Te Taru White (via Zoom)

Cr Kevin Winters

Chairman Doug Leader (Ex Officio)

In Attendance:            Councillors: Cr Kat Macmillan

Staff: Fiona McTavish – Chief Executive; Mat Taylor – General Manager Corporate; Chris Ingle – General Manager, Integrated Catchments; Reuben Fraser – General Manager, Regulatory Services (via Zoom); Kumaren Perumal – Chief Financial Officer; Nolene Naude – Financial Accounting Team Lead; Steven Slack – Risk & Assurance Manager; Aaron Huggins – Principal Internal Auditor; Monique Brooks - (Acting) Legal and Commercial Manager; Jenny Teeuwen – Committee Advisor

External: Leon Pieterse and Warren Goslett - Audit New Zealand; Jessica Easton – in capacity as former Bay of Plenty Regional Council Toi Moana (Regional Council) Legal and Commercial Manager.

 

Committee members and the public were reminded that the public section of the meeting was being livestreamed and recorded and that the recording would be available on the Bay of Plenty Regional Council YouTube channel following the meeting.

Recording link:  Risk and Assurance Committee - 5 October 2023 - YouTube

1.     Declaration of Conflicts of Interest

·        Bruce Robertson (Independent Member) declared an interest in Item 8.3 – Progress update on the Draft Annual Report for the year ended 30 June 2023, as an Independent Director of Regional Software Holdings Limited (RSHL), and Public Excluded Item 9.5 – Key Risk Register, as Chair of the Ministry for Primary Industries (MPI) Risk and Assurance Committee.

·        Cr Stuart Crosby and Cr Te Taru White also declared a conflict of interest in Item 8.3 – Progress update on the Draft Annual Report for the year ended 30 June 2023, as Directors of Quayside Holdings Limited (Quayside).

 

2.     Minutes

Minutes to be Confirmed

2.1

Risk and Assurance Committee Minutes - 14 June 2023

 

Resolved

That the Risk and Assurance Committee:

1        Confirms the Risk and Assurance Committee Minutes - 14 June 2023 as a true and correct record.

Crosby/Robertson

CARRIED

 

3.     Reports

3.1

Chairperson's Report

Presented by:     Mat Taylor – General Manager, Corporate

Key Points

·       Highlighted the updated Risk and Assurance Committee work programme for the year ahead and the updated completed programme.

 

 

Resolved

That the Risk and Assurance Committee:

1        Receives the report, Chairperson's Report.

von Dadelszen/Winters

CARRIED

 

3.2

Audit New Zealand Report on the interim audit of the Bay of Plenty Regional Council for the year ended 30 June 2023

Presented by:     Kumaren Perumal – Chief Financial Officer

Nolene Naude – Financial Accounting Team Lead

Leon Pieterse – Audit New Zealand

Warren Goslett – Audit New Zealand

Key Points

·       Provided overview of the findings arising from the interim audit performed over the period June to July 2023.

In response to Questions

·        In reference to management being updated about the review of the procurement manual, the term “management” included governance.

·        Audit NZ was comfortable with the outcomes from the interim audit.

 

 

Resolved

That the Risk and Assurance Committee:

          Receives the report, Audit New Zealand Report on the interim audit of the Bay of Plenty Regional Council for the year ended 30 June 2023.

Robertson/von Dadelszen

CARRIED

 

3.3

Progress update on the Draft Annual Report for the year ended 30 June 2023

Presented by:     Kumaren Perumal – Chief Financial Officer

Nolene Naude – Financial Accounting Team Lead

Leon Pieterse – Audit New Zealand

Warren Goslett – Audit New Zealand

Bruce Robertson (Independent Member) declared an interest in this item, as an Independent Director of Regional Software Holdings Limited (RSHL).

Cr Stuart Crosby and Cr Te Taru White declared a conflict of interest during this item as Directors of Quayside Holdings Limited (Quayside), as questions regarding Quayside were raised.

Key Points

·       The audit process for the draft Annual Report was around 70% completed.

In response to Questions

·        The valuation of the Council Controlled Organisations (CCOs) had been completed and was currently with Audit NZ for review.

·        Audit NZ were comfortable that all was on track for Regional Council’s adoption of the Annual Report 2022/23 at their meeting on 26 October 2023.

·        The calculation of net debt at $10.2 million excluded the price per share (PPS) but included Toi Moana Trust, as those shares were considered quite liquid.  The explanation provided in the Annual Report would be adjusted/amended to explain the net debt position more clearly.

·        The purchase price of $23 million for the acquisition of 44.43% of PF Olsen Group Holdings Limited (PF Olsen) by Quayside was extracted directly from the signed Quayside Annual Report.  Quayside’s director appointment to PF Olsen would be reported to Regional Council.

·        As the remuneration for Port of Tauranga directors was included in Quayside’s Annual Report, this information was also disclosed in the Regional Council’s Annual Report.

 

 

Resolved

That the Risk and Assurance Committee:

1        Receives the report, Progress update on the Draft Annual Report for the year ended 30 June 2023.

Crosby/Scott

CARRIED

 

 

3.4

Expenditure and Koha report for the year ended 30 June 2023

Presented by:     Kumaren Perumal – Chief Financial Officer

Nolene Naude – Financial Accounting Team Lead

Key Points

·       Clarified the rationale behind Attachments 3 and 5 to this report being public excluded.

 

 

Resolved

That the Risk and Assurance Committee:

1        Receives the report, Expenditure and Koha report for the year ended 30 June 2023.

2        Confirms the public be excluded on the grounds set out in the Local Government Official Information and Meetings Act 1987 from consideration of the following report attachments:

(a)  Koha for the twelve months ended 30 June 2023 - UNREDACTED under Section 48(1)(a)(i) Section 7 (2)(a) as withholding the information is necessary to protect the privacy of natural persons, including that of deceased natural persons and that this attachment remain in Public Excluded.

(b)  Supplier Payments Reports for Year Ended 30 June 2023 - UNREDACTED under Section 48(1)(a)(i) Section 7 (2)(a) as withholding the information is necessary to protect the privacy of natural persons, including that of deceased natural persons and that this attachment remain in Public Excluded.

Crosby/Robertson

CARRIED

 

3.5

Chairman's Discretionary Fund 2022/23

Presented by:     Mat Taylor – General Manager, Corporate

Key Points

·       A video had been received from Tauranga Intermediate students about their experience at the Future Problem Solving International Conference in the United States.  The school had received $5,000 from the Chairman’s Discretionary Fund towards travel and registration.  A link to the video would be provided to Councillors.

 

 

Resolved

That the Risk and Assurance Committee:

1        Receives the report, Chairman's Discretionary Fund 2022/23.

Winters/Scott

CARRIED

 

 

 

 

3.6

Local Government Official Information & Meetings Act 1987 – Annual Report 2022/23

Presented by:     Monique Brooks – (Acting) Legal and Commercial Manager

In response to Questions

·        The Ombudsman’s report from the inquiry into concerns regarding councils’ use of public excluded workshops had not yet been released.

·        Regional Council’s default position was that they did not charge for information requests; however, charging was considered on a case by case basis considering a number of factors including the volume of information requested and the public interest in the information.

 

 

Resolved

That the Risk and Assurance Committee:

1        Receives the report, Local Government Official Information & Meetings Act 1987 – Annual Report 2022/23.

Crosby/Leeder

CARRIED

 

3.7

Internal Audit Annual Report 2022/23 and Status Update

Presented by:     Aaron Huggins – Principal Internal Auditor

 

Resolved

That the Risk and Assurance Committee:

1        Receives the report, Internal Audit Annual Report 2022/23 and Status Update.

Crosby/von Dadelszen

CARRIED

 

Recognition of Jessica Easton

Prior to moving into the Public Excluded Section of the meeting, the Chairperson, Cr Crosby, acknowledged Jessica Easton, Regional Council’s former Legal and Commercial Manager, for her work in transitioning the organisation to having an in-house Legal team.  This transition not only provided the organisation with a valuable skill set but had also been incredibly cost effective.  Her work in the Public Transport contracts space and work/ assistance provided to the Tairawhiti/Hawkes Bay district following cyclone Gabrielle was also acknowledged.

 

4.     Public Excluded Section

Resolved

Resolution to exclude the public

1        Excludes the public from the following parts of the proceedings of this meeting as set out below:

The general subject of each matter to be considered while the public is excluded, the reason for passing this resolution in relation to each matter, and the specific grounds under section 48(1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are as follows:

Item No.

Subject of each matter to be considered

Reason for passing this resolution in relation to each matter

Grounds under Section 48(1) for the passing of this resolution

When the item can be released into the public

8.4

Expenditure and Koha report for the year ended 30 June 2023 - Attachment 3 - Koha for the twelve months ended 30 June 2023 - UNREDACTED - Public Excluded

Withholding the information is necessary to protect the privacy of natural persons, including that of deceased natural persons.

48(1)(a)(i) Section 7 (2)(a).

To remain in public excluded.

8.4

Expenditure and Koha report for the year ended 30 June 2023 - Attachment 5 - Supplier Payments Reports for Year Ended 30 June 2023 - UNREDACTED - Public Excluded

Withholding the information is necessary to protect the privacy of natural persons, including that of deceased natural persons.

48(1)(a)(i) Section 7 (2)(a).

To remain in public excluded.

0.1

Public Excluded Risk and Assurance Committee Minutes - 14 June 2023

As noted in the relevant Minutes.

As noted in the relevant Minutes.

To remain in public excluded.

0.2

Completed Internal Audit Reviews & Overdue Actions Update

Withholding the information is necessary to protect information which is subject to an obligation of confidence or which any person has been or could be compelled to provide under the authority of any enactment, where the making available of the information would be likely to prejudice the supply of similar information, or information from the same source, and it is in the public interest that such information should continue to be supplied.

48(1)(a)(i) Section 7 (2)(c)(i).

On the Chief Executive's approval.

0.3

Legislative Compliance - Annual Report 2022/23

Making the information available would be likely to prejudice the maintenance of the law, including the prevention, investigation, and detection of offences, and the right to a fair trial; Withholding the information is necessary to maintain legal professional privilege.

48(1)(a)(i) Section 6 (a); 48(1)(a)(i) Section 7 (2)(g).

To remain in public excluded.

0.4

Legal Services - Annual Report 2022/23

Making the information available would be likely to prejudice the maintenance of the law, including the prevention, investigation, and detection of offences, and the right to a fair trial; Withholding the information is necessary to maintain legal professional privilege.

48(1)(a)(i) Section 6 (a); 48(1)(a)(i) Section 7 (2)(g).

To remain in public excluded.

0.5

Key Risk Register

Withholding the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage.

48(1)(a)(i) Section 7 (2)(j).

On the Chief Executive's approval.

0.6

Risk and Assurance Committee - Steering Group for Insurance and Related Matters

Withholding the information is necessary to protect information where the making available of the information would be likely to unreasonably prejudice the commercial position of the person who supplied or who is the subject of the information.

48(1)(a)(i) Section 7 (2)(b)(ii).

On the Chief Executive's approval.

2.       That Jessica Easton, as the former Regional Council Legal and Commercial Manager be permitted to stay in the public excluded section of the meeting due to her knowledge of the matters under discussion in Items 9.3 – Legislative Compliance – Annual Report 2022/33 and 9.4 – Legal Services – Annual Report 2022/23.

Crosby/Robertson

CARRIED

 

10.11am – the meeting adjourned.

10.30am – the meeting reconvened in Public Excluded.

11.57am – the meeting closed.

 

 

Confirmed                                                                                                                                          

                                                                                                                                    Cr Stuart Crosby

Chairperson, Risk and Assurance Committee

 


 

 

 

 

Report To:

Risk and Assurance Committee

Meeting Date:

7 December 2023

Report Writer:

Mat Taylor, General Manager, Corporate

Report Authoriser:

Mat Taylor, General Manager, Corporate

Purpose:

Update on Risk and Assurance Committee Activities

 

 

Chairperson's Report

 

Executive Summary

This report provides the Committee with an update on Risk and Assurance Committee activities.

 

Recommendations

That the Risk and Assurance Committee:

1        Receives the report, Chairperson's Report.

 

1.        Introduction

The report shows an updated Risk and Assurance Work Programme for the year ahead, and an updated Risk and Assurance Completed Work Programme.

1.1      Alignment with Strategic Framework

 

The Way We Work

We continually seek opportunities to innovate and improve.

1.1.1    Community Well-beings Assessment

Dominant Well-Beings Affected

¨ Environmental

 

¨ Cultural

 

¨ Social

 

þ Economic

 

 

 

2.        Risk and Assurance Work Programme

Attachment 1 shows the Risk and Assurance Work Programme for 2023/24. This Work Programme sets out the planned and scheduled reporting to the Risk and Assurance Committee.

The appendix is categorised to identify the broad areas of responsibility for the Committee. Other items may be added by councillors and staff should this be required to respond to issues as they occur throughout the year.

3.        Risk and Assurance Completed Work Programme

Attachment 2 shows the Risk and Assurance Completed Work Programme.

4.        Considerations

4.1      Risks and Mitigations

There are no significant risks associated with this matter/subject/project/initiative.

4.2      Climate Change

The matters addressed in this report are of a procedural nature and there is no need to consider climate change impacts.

4.3      Implications for Māori

There are no implications for Māori.

4.4      Financial Implications

This work is being undertaken within the current budget for the Governance Activity of the Long-Term Plan 2021 – 2031.

 

Attachments

Attachment 1 - Risk and Assurance Work Programme March 2024 - September 2024

Attachment 2 - Risk and Assurance Completed Work Programme  March 2023 to October 2023  

 


Risk and Assurance Committee                                                                                          7 December 2023

PDF Creator


Risk and Assurance Committee                                                                                          7 December 2023

PDF Creator

PDF Creator


 

 

 

 

Report To:

Risk and Assurance Committee

Meeting Date:

7 December 2023

Report Writer:

Steve Groom, Governance Manager

Report Authoriser:

Steve Groom, Governance Manager

Purpose:

For information

 

 

Assessment of Bay of Plenty Regional Council's practice in relation to the Ombudsman's "Open for Business" report on the use of workshops

 

Executive Summary

This report provides an assessment of the compliance of Bay of Plenty Regional Council’s practice with the recommendations made by the Ombudsman in his recent report Open for business: A report on the Chief Ombudsman’s investigation into local council meetings and workshops.

 

Recommendations

That the Risk and Assurance Committee:

1        Receives the report, Assessment of Bay of Plenty Regional Council's practice in relation to the Ombudsman's "Open for Business" report on the use of workshops;

2        Endorses the actions identified in section 2.2 of this paper for internal implementation; and

3        Endorses the preparation of a paper for consideration by full Council in February 2024, seeking Council’s endorsement of the proposed ‘Council-owned actions’ in section 2.2 of this paper.

 

1.        Introduction

On 24 October 2023, the Ombudsman released his report Open for business: A report on the Chief Ombudsman’s investigation into local council meetings and workshops (the report). The report was initiated by the Ombudsman in August 2022 to test concerns that councils were using workshops and other informal meetings to make decisions, counter to the LGOIMA requirement that decisions are made only in the context of a properly constituted Council meeting.

The report investigated eight Councils[1], including one regional council (Taranaki Regional Council). It found no evidence that decisions were being made in workshops, however it set a number of ‘expectations’ from the Ombudsman about practice.

Although the catalyst for the investigation was complaints regarding the use of workshops to circumvent decision-making in the open, the expectations outlined by the Ombudsman in this report cover a much broader range of topics, including organisational leadership, the operations of council and committee meetings (as opposed to workshops specifically), accessibility of meetings, and organisational structure and staffing.

In this paper we assess current practice at the Bay of Plenty Regional Council against these expectations, and set out our proposed approach where our existing practice is not aligned with these expectations.

1.1      Legislative Framework

The Ombudsman can investigate ‘any decision or recommendation made or any act done or omitted’ by a local authority’ under section 13 of the Ombudsmen Act 1975.

In his report, the Ombudsman has set out a number of ‘expectations’ regarding practice. While it is not made clear in the report, these ‘expectations’ are not in the form of formal ‘recommendations’ as allowed for under section 22 of the Ombudsmen’s Act.

Section 22 also allows for the Ombudsman to write to any agency seeking a response outlining how they intend to give effect to his recommendations. The Bay of Plenty Regional Council has received no correspondence from the Ombudsman on this matter, however, this is a good opportunity for us to review our practices to ensure they are in line with the Ombudsman’s expectations as appropriate.

1.2      Alignment with Strategic Framework

The matters outlined in this paper support transparent governance, which in turn enables all aspects of the Council’s work.

1.2.1    Community Well-beings Assessment

Dominant Well-Beings Affected

¨ Environmental

 

¨ Cultural

 

þ Social

High - Positive

¨ Economic

 

 

2.        Discussion

2.1      Key findings of the Ombudsman’s report

The Ombudsman noted that workshops play an important and appropriate role in effective and efficient decision-making processes:

This investigation has highlighted to me the important role that workshops play in the decision making process for councils. Provided an actual and effective decision is not made, deliberative discussion may take place in a workshop. Workshops can be an efficient use of time, in order to convey information which may be voluminous and complex to elected members, and for elected members to give council officials advice to focus their efforts on the range of tenable options. This prevents time and energy being wasted on options that aren’t realistic.

Overall, the Ombudsman did not find that Councils were using workshops to inappropriately make formal decisions or resolutions. However, he did indicate concern that processes around determining how workshops operate were not as robust and considered as they could be:

I saw no evidence in my investigation that actual and effective decisions were made in workshops, but I saw some workshop practices that are counter to the principles of openness and could contribute to a public perception that workshops are not being used in the right way.

The report highlights the importance of councils taking steps to ensure the same administrative rigour is applied to workshops as part of the decision-making process as is applied to formal meetings, and sets out some expectations to enable that:

The principles of openness and good administrative practice apply to workshops as much as any other aspect of council business. […] I expect all councils to make sure their policies and practices meet my expectations of good workshop practice. Crucially, this includes opening workshops to the public by default; closing them only where good reason exists.

The report details the Ombudsman’s findings under five themes:

·       Leadership and culture: the Ombudsman found that an average of 81% of internal council staff surveyed perceived their council to be committed to openness, but that this view wasn’t necessarily shared by constituents.

·       Meetings: some council’s practices around publishing agendas did not allow the public sufficient time to adequately consider the materials, some councils were excluding the public from meetings using invalid or poorly explained reasons, minutes and record-keeping at some of the councils investigated were inadequate, and a lack of consistency in considering when publicly excluded information might be able to be made public.

·       Workshops: overall, workshops were not being used inappropriately, but that practices around openness, publicising, and record-keeping were inconsistent.

·       Accessibility: the Ombudsman was broadly pleased with the accessibility measures taken by the councils investigated, but found some room for improvement.

·       Organisation structure, staffing and capability: organisational resilience and capability was highlighted as an issue in the investigation, particularly for smaller councils. The report also found that organisations with larger governance teams tended to have better approaches to openness and transparency.

2.2      The Ombudsman’s expectations and our alignment with them

In total, the Ombudsman set out 25 ‘expectations’ as a result of his investigation on the five themes outlined above. As outlined in the legislative framework section of this paper, these expectations are not legally binding on the Council, however as a matter of good practice, we have assessed our current alignment and proposed improvement actions where we are not already aligned with these expectations.

Overall, Bay of Plenty Regional Council is in full alignment with 16 of the 25 (64%) expectations. We are partially aligned with a further five (20%) and not aligned with four (16%).

Attachment 1. is a detailed outline of our current alignment with each expectation, and a proposed corrective action for each expectation which we are either partially aligned or not aligned with.

In summary, our corrective actions propose that we undertake the following actions:

·       Internal processes and resources:

establish a formal pathway for staff to provide feedback on the operations of meetings and workshops, and promote that pathway to staff

Undertake a review of training and induction material relating to meetings and workshops.

·       Public-facing processes and resources:

include an invitation to our public website users to provide views on potential improvements on our meetings and agenda web-page and content.

revise our wording with regards to notifying an item as public excluded to specifically include our consideration of public interest.

add a message to the "meetings" page of our public website outlining an individual's right to complain to the Ombudsman

·       Council-owned decisions:

Develop a policy on livestreaming and recording of workshops, which we will make publicly available.

develop a process for determining when public excluded material from meetings and workshops can be made public proactively, which we will seek agreement from Council to adopt.

seek Members' guidance on whether we should consider taking a resolution to Council to adopt a policy of recording Elected Members’ names against every vote.

We intend to begin actioning the improvements identified under the ‘internal processes and resources’ and ‘public-facing processes and resources’ headings immediately.

However, the items improvement actions under the ‘Council-owned decisions’ are actions that we believe require (or at least would benefit from) the consideration of full Council. With the agreement of the Risk and Assurance Committee, we will take these decisions through to a meeting of the Council in early 2024.

Of particular note is the expectation of the Ombudsman that meeting minutes should include a record of “how individual elected members voted”. This would represent a significant departure from our current practice, and presents a number of potential issues including:

·       a risk that consensus or consultative decision-making is stifled, with elected members being placed directly in a confrontational process that forces an entrenched position that might not otherwise arise in a process that focusses on a more collaborative approach to decision-making

·       a reduction of efficiency and reduced time in meetings for discussion, with the calling for, tabulating and recording of votes likely to take a significant amount of time, particularly in meetings with a large number of resolutions.

3.        Considerations

3.1      Risks and Mitigations

There are no significant risks presented in this paper. The main risk identified is that the Council may attract criticism if their practices aren’t in alignment with the Ombudsman’s expectations. Completion of the corrective actions identified in this report will largely mitigate this risk.

3.2      Climate Change

The matters addressed in this report are of a procedural nature and there is no need to consider climate change impacts.

3.3      Implications for Māori

There are no direct implications for Māori as this is paper considers matters of a procedural nature. However, we do note that the expectation that each individual elected members’ vote is named and recorded presents a risk to collaborative approaches to decision-making and does not align particularly well with tikanga Māori approaches to decision-making.

3.4      Community Engagement

 

Engagement with the community is not required as the recommended proposal / decision [relates to internal Council matters only].

 

3.5      Financial Implications

There are no material unbudgeted financial implications and this fits within the allocated budget.

4.        Next Steps

Council staff intend to progress the implementation of the corrective actions identified in this report, except for the three actions under the ‘council-owned decisions’ heading above.

With the agreement of the Risk and Assurance Committee, staff will take the actions identified under the ‘council-owned decisions’ heading above to a meeting of the full Council early in the new year for their consideration.

If it would be beneficial to the Risk and Assurance Committee, staff could return to a meeting of the Committee in the new year to update on progress implementing the actions identified in this report.

 

Attachments

Attachment 1 - Ombudsman's Report Actions  

 


Risk and Assurance Committee                                                                                          7 December 2023

PDF Creator

PDF Creator

PDF Creator


 

 

 

 

Report To:

Risk and Assurance Committee

Meeting Date:

7 December 2023

Report Writer:

Evaleigh Rautjoki-Williams, Digital Manager (Chief Digital Officer)

Report Authoriser:

Mat Taylor, General Manager, Corporate

Purpose:

To provide an update about Artificial Intelligence at Bay of Plenty Regional Council, Toi Moana.

 

 

Artificial Intelligence Update

 

Executive Summary

According to industry experts, Artificial Intelligence (AI), specifically Generative Artificial Intelligence (GenAI), is the most disruptive technology to emerge since the advent of smartphones. With readily available tools designed to enhance office productivity, this technology is evolving rapidly.

While it presents significant opportunities for the Council, we are proactively addressing the risks associated with AI by undertaking several initiatives to ensure that our staff can safely and effectively use AI technology.

 

Recommendations

That the Risk and Assurance Committee:

1        Receives the report, Artificial Intelligence Update.

 

 

1.        Introduction

Artificial intelligence (AI) is the field of computer science that studies how machines can perform tasks that usually require human intelligence. AI systems can learn from data, reason about problems, and make decisions based on logic or probabilities.

Since their inception in the 1950s, AI technologies have evolved with the emergence of Machine Learning and Deep Learning. However, recently, AI has been advancing exponentially, fuelled by the availability of vast amounts of data, increased computing power, and the development of more sophisticated algorithmic models.

Generative Artificial Intelligence (GenAI) is the latest iteration of AI technology, becoming one of the fastest-growing technologies in history.

GenAI first rose to fame with the release of Chat Generative Pretrained Transformer (ChatGPT), a chatbot and generative language tool launched by OpenAI in November 2022.

ChatGPT, BingChat, Bard and many other GenAI tools have become popular because they can hold seemingly intelligent conversations with people by appearing to understand what they say. These advancements have transformed the way we interact with technology and have the potential to revolutionise many aspects of our daily lives, including the way we work at BOPRC.

1.1      Alignment with Strategic Framework

 

The Way We Work

We use robust information, science and technology.

Digital technology supports our people to be more effective, efficient, and productive while delivering our services to the community.

Our digital services and robust cybersecurity practices enable the council’s technology to operate efficiently and effectively, aligning with our strategic framework and contributing to all community outcomes.

1.1.1    Community Well-beings Assessment

Dominant Well-Beings Affected

þ Environmental

Medium - Positive

þ Cultural

Medium - Positive

þ Social

Medium - Positive

þ Economic

Medium - Positive

 

2.        Artificial Intelligence at BOPRC

2.1      AI Opportunities

Integrating AI technologies presents numerous opportunities for BOPRC, including increased operational efficiency, enhanced decision-making processes, and improved customer service delivery. Automation of routine tasks, data analysis, and predictive modelling are key areas where AI can significantly benefit our organisation.

Figure 1. Gartner AI Opportunity Radar

 

 

 

 

 

 

 

 

 

 


Gartner, a global leader in technology research, has developed an AI Opportunity Radar (Figure 1.). This model supports organisations like BOPRC in providing a balanced assessment of AI opportunities.

Everyday AI can enhance operational efficiency and productivity by automating and speeding up low-risk opportunities. These opportunities often involve the removal of repeatable and manual tasks to enable people to focus on high-value activities.

Game-changing AI provides opportunities for innovation, creativity and developing new products, services, or business models. These initiatives present the potential for significant efficiencies or value creation. However, they also come at a higher cost and risk.

Initially, we will be concentrating on improving the internal back-office processes in the lower left segment of the AI Opportunity Radar. As we continue to develop our AI capabilities and assure our communities about the safe use of AI, we can shift towards implementing AI for processes that directly impact the customer experience.

Currently, some relatively low-risk examples of GenAI being used at BOPRC include summarising content and data, reducing response time for internal queries, and generating content for internal use. We are also beginning to explore how AI can provide efficiencies in processing notifiable consent submissions and streamlining compliance monitoring activities.

2.2      AI Initiatives

2.2.1    AI Staff Network

In June 2023, a dedicated AI staff network was established to build internal expertise. The network comprises key individuals from various teams, including digital, legal, privacy and security representatives. Its primary focus is collaborating to explore AI opportunities and better understand the associated risks. To achieve this goal, regular expert advice is provided through Gartner analysts who offer best-practice research, including specific guidance for the public sector.

Research has been undertaken by gathering information on how BOPRC staff use GenAI, reviewing Gartner, NZ government, privacy commission and ALGIM advice, and attending local AI events. Regular meetings and knowledge-sharing sessions facilitate cross-departmental collaboration and ensure a holistic approach to AI implementation.

2.2.2    AI Guidelines

The council has taken proactive measures to mitigate the risks associated with AI by developing comprehensive guidelines for staff's safe usage of AI. These guidelines cover ethical considerations, data privacy standards, and responsible use of AI technologies. The AI staff network regularly reviews them to ensure they reflect current best practices and emerging risks. The guidelines serve as a reference for staff to navigate the complexities of AI usage within the organisation and have also been shared with other local government organisations.

2.2.3    Information Sharing

The AI staff network conducts information-sharing sessions to discuss the latest advice on using GenAI, including its value and any limitations to be aware of. The sessions are popular, with the most recent series attended by over 200 staff members. The network also promotes AI tools such as BingChat that are low-risk, cost-effective, and comply with our guidelines for safe and effective AI use. Additionally, internal legal and security risk assessments have been completed on these tools.

Training and support processes have also been developed, including a dedicated area on the staff intranet where staff can view the latest guidance, share information, and ask questions about AI and GenAI. This ongoing dialogue ensures that the council actively engages with responsible AI adoption.

2.2.4    AI Strategic Approach

As BOPRC looks to incorporate AI technology into our operations, we are taking a strategic approach that involves building a framework for generating sustainable value. This framework is based on five key pillars: aligning our AI efforts with our objectives, ensuring technological readiness, adopting customer-centric strategies, fostering a supportive organisational culture, and implementing robust controls.

 

 

 

 

 

 

 

 

 

 

 

 

 

 


3.        Considerations

3.1      Risks and Mitigations

Adopting AI presents unique challenges and risks, just like any other disruptive technology. These risks include ethical concerns, potential algorithm biases, data privacy issues, and the need to upskill our workforce to adapt to the changing technological landscape. To ensure that AI is used responsibly and ethically, it is essential to identify and address these risks. At the Risk and Assurance Committee meeting held on 14 June 2023, we raised ChatGPT as an emerging risk, recognising the importance of developing awareness about this technology and its potential impact. As an organisation, we now have a better understanding of the risks associated with GenAI technologies, which can be broadly categorised as User Input Risks or AI Output Risks.

User Input Risks are a concern where employees might inadvertently input sensitive information into AI software, which can expose confidential or private data. At BOPRC, we mitigate this risk by implementing our AI guidelines and educating our staff on the responsible use of GenAI. We also emphasise the importance of fact-checking to handle sensitive information appropriately.

AI Output Risks include the spread of misinformation, where AI language models can generate seemingly coherent output that contains inaccuracies and even cites non-existent sources. Another risk is that AI algorithms may unintentionally perpetuate biases and discriminatory behaviours. To mitigate these risks, BOPRC aims to continuously monitor and evaluate AI tools and implement technical guardrails wherever possible. An example is promoting secure AI tools like Bing Chat, which follow ethical guidelines and safety protocols and respect privacy, preferences, and values.

Risk Management

We take several measures to ensure that AI technology is developed and used responsibly. Aside from following our guidelines and collaborating through our AI staff network, we conduct regular risk assessments to detect and address potential issues. We also stay up to date with best practices, such as the Artificial Intelligence and the Information Privacy Principles guidance, recently released by the Privacy Commissioner, to ensure we always operate in line with industry standards.

We anticipate that government regulation and controls will soon be implemented, and we are closely monitoring the developments in this area.

Information-sharing sessions and advice will also continue to be shared with staff. As part of our People Plan - Rau Tāngata, Rau Pūkenga, we have identified Future-ready ways of working as an ambition to achieve the vision of our overall People Strategy. This workstream presents an opportunity for us to explore the impact of AI on our workforce and ensure that we build the AI literacy of our staff, ensuring they are equipped to navigate the evolving landscape of AI technologies.

3.2      Climate Change

The matters addressed in this report are of a procedural nature and there is no need to consider climate change impacts.

3.3      Implications for Māori

The matters addressed in this report are of a procedural nature and there are no specific implications for Māori.

3.4      Community Engagement

The matters addressed in this report are of a procedural nature and there are no specific community engagement actions required.

3.5      Financial Implications

There are no material unbudgeted financial implications and this fits within the allocated budget.

4.        Next Steps

Our organisation will continue to seek opportunities to optimise our internal processes by using AI strategically. We will also develop plans to ensure our employees have the necessary skills to use AI effectively and align with our future-ready work initiatives. Our focus extends to exploring the application of AI in customer-facing processes while maintaining strict adherence to established AI guardrails.

 

As we deepen our understanding of AI capabilities, our goal is to leverage this technology to add value to our customers. These strategic initiatives will be outlined in the upcoming iteration of our Digital Strategy.

 

BOPRC is dedicated to continuously monitoring advancements in AI and adjusting our guidelines and initiatives accordingly to safely and effectively leverage the opportunities presented by this technology.

 

 

 

 


 

 

 

 

Report To:

Risk and Assurance Committee

Meeting Date:

7 December 2023

Report Writer:

Jo Pellew, Rates Manager

Report Authoriser:

Mat Taylor, General Manager, Corporate

Purpose:

To update the Risk and Assurance Committee with the measures that are in place to ensure a compliant rates collection function.

 

 

Rates Risk Report - Implementation of the Rates Assessment and Collection Process

 

Executive Summary

Provides Risk and Assurance Committee an overview of the rating function at Toi Moana. The rating function achieves compliance through undertaking key measures.

·           Perform regular audits, and integrity analysis of rating data to ensure accuracy and relevancy.

·           Statutory processes are followed for the setting and adoption of the rates resolution.

·           Invoices and Assessments are issued in accordance with the Local Government (Rating) Act 2002.

·           Active monitoring and reporting on rates information for collection, penalties, and arrears.

·           Explore opportunities for improvement to enhance the customer experience.

 

Recommendations

That the Risk and Assurance Committee:

1        Receives the report, Rates Risk Report - Implementation of the Rates Assessment and Collection Process.

 

 

1.        Introduction

The purpose of this report is to provide a summary and overview of the rating function and process at the Regional Council, as well as relevant steps that have been undertaken since going live with internal rates collection.

Bay of Plenty Regional Council commenced the collection of our own rates on 1 July 2022.

The rates function follows compliance processes to ensure that our rates collection adheres to the legislative framework. This framework includes the Local Government Act 2002 (LGA) and Local Government (Rating) Act 2002 (LGRA).

These legislative requirements regulate how rates are assessed and collected in our region. There are several interconnected and complimentary measures to ensure that the rates function is fully compliant with this through:

·       Conducting regular audits of our rates database to ensure that information is accurate and up to date. We verify the property valuations and rating units used to calculate the rates.

·       Following the statutory processes for setting and adopting the annual rates resolution.

·       Issue rates invoices and assessment notices in accordance with the LGRA, providing clear and timely information to ratepayers on how their rates are calculated, how they can pay, and how they can apply for rates remissions.

·       Monitoring and reporting on rates collection performance. Follow up on rates arrears. Apply penalties for late payments to encourage better payment practices.

·       Review rates policies and practices regularly to ensure that they are consistent with the LGA and LGRA and reflect good practice in the local government sector.

We have achieved a higher level of control over our rates revenue and have removed our dependence on external Councils collecting rates on our behalf. This change has now given us a more complete view of the rates collection process, enabling a more robust analytical ability to support the decision-making process. There has been an improvement in data quality, operational efficiency, cost savings, strategic alignment, and risk management.

We have also gained a higher level of public awareness of the Regional Council, and the services we provide, that we did not have previously. This provides an opportunity to enhance the customer experience through the processes that were created and implemented during the project implementation phase.

1.1      Legislative Framework

The process of setting and collecting rates must comply with the Local Government (Rating) Act 2002 (LGRA), the Local Government Act 2002 (LGA), and the Rating Valuations Act 1988 (RVA).

1.2      Alignment with Strategic Framework

 

A Healthy Environment

Freshwater for Life

Safe and Resilient Communities

A Vibrant Region

We work with and connect the right people to create a prosperous region and economy.

The Way We Work

We deliver value to our ratepayers and our customers.

We provide great customer service.

We continually seek opportunities to innovate and improve.

 

1.2.1    Community Well-beings Assessment

Dominant Well-Beings Affected

¨ Environmental

 

þ Cultural

 

þ Social

 

þ Economic

 

 

Our work has positive benefits for the community and the public. The community can learn more about what we do and interact with us better. We have the power to set rating policies and to maintain an accurate rating information database to inform us in making good decisions that benefit the region as whole.

We work with Māori landowners to support cultural values and aspirations for their whenua. We also recognise the unique status of Māori land under the Te Ture Whenua Māori Act 1993 and the challenges it poses for rating. Our rating policy aims to provide fair and consistent treatment of Māori land, including options for arrears management, remissions and consolidation of land blocks or dwellings.

2.        Collection of rates

2.1      Rates Function

2.1.1    Rates collection for Bay of Plenty Regional Council

Prior to 1 July 2022, Bay of Plenty Regional Council (BOPRC) had outsourced the rates collection function to the 7 Territorial Local Authorities (TLAs) in the region. The TLAs were responsible for issuing rates invoices, processing payments, managing arrears, providing customer service, and reporting to BOPRC.

In 2020, BOPRC conducted a review of its rates collection function as part of its long-term planning process. The review identified potential benefits and opportunities for bringing the rates collection function in-house, such as:

·       Improving customer satisfaction and trust by providing more responsive and consistent service

·       Enhancing data quality and security by having direct access and control over our rates information

·       Increasing operational efficiency and flexibility by streamlining processes and systems

·       Saving costs and generating revenue by reducing fees associated having rates collected on our behalf and investing early collection of rates revenue which has resulted in additional interest income.

·       Aligning with the strategic direction and values of BOPRC by having more accountability and transparency

Based on the findings of the review, BOPRC decided to collect rates in-house from 1 July 2022.

In November 2021, Council made key decisions in relation to rates collection including having a single annual instalment, the due date for payment of 20 October, a 10% penalty rate for late payment and no early payment discount. Delegations to staff for the administration of rates collection were also approved at this time.

A transition plan was implemented to ensure a smooth and seamless transfer of the rates collection function from the TLAs to BOPRC.

The transition plan included:

·       Establishing a dedicated internal Rates Team with adequate staff and resources, and additional customer services resources.

·       Developing a new rates system, integrated with other BOPRC systems and databases.

·       Communicating with property owners and stakeholders about the change and its implications.

·       Training staff on the new rates system and processes.

·       Testing and validating the new rates system and data.

·       Seeking guidance on high-risk processes from external legal advisors.

2.1.2    The Rates Project Team

A dedicated project team was formed to oversee the planning, execution, and evaluation of the project outcomes.

The Rates Project Team consisted of subject matter experts from across the organisation and had several cross-functional work streams to align with the desired project outcomes.

There were three key goals that underpinned the direction of the Rates Project, these were.

·       Visibility – There was limited visibility of the relationship between rates paid and work undertaken by the Council. This influenced ratepayers’ perception of, and satisfaction with, the Council.

·       Control - Council had limited control over the rating process, information sent to ratepayers, timing of revenue collection and the relationship with ratepayers. The revenue collection and support services relationship between the Council and ratepayers was owned by the TLAs.

·       Efficiency - Council had to pay each TLA commission to administer rates on their behalf. The cost of commission was higher than what would have been incurred than Council choosing to administer rates internally.

The project team carried out extensive research to ensure the rates collection systems, software and processes were customer centric, fit for purpose, legally compliant and aligned with best practice.

The project objectives were identified as.

a)    The customer experience must be at least as good as, or better, than the rates collection service they are currently receiving through the TLAs.

b)   Provide better visibility of the relationship between rates paid and work undertaken by the Council.

c)    Increase the control of rates processes and the relationship with ratepayers.

d)   Reduce the level of debt/cash that Council is required to hold to cover variances due to greater control of rates processes.

e)    Produce cost savings to Council over a 10-year period when compared to the current approach.

f)    Improved opportunity for collaboration amongst the TLAs within the Bay of Plenty region.

There were eight separate workstreams set up to encompass the breadth of the transition requirements, these included.

·       Rate Collection

·       Customer Experience

·       Data and Reporting

·       Finance and Rates setting

·       Legal and compliance

·       Communication and Engagement

·       Information Technology

·       Online Services

2.1.3    Risk Identification

The findings of the Project Team risk identification process, involved identifying, analysing, and evaluating 63 potential risks associated with the change process.

The main risks identified by the Project Team were:

·       Delays or errors in data migration from the TLAs to the new in-house system, which could affect the accuracy and timeliness of rates collection and invoicing. Resistance or lack of motivation to supply or provide information in the timeframes required.

·       Lack of adequate staff training and support for the new in-house system, which could result in operational inefficiencies, customer complaints, and staff dissatisfaction.

·       Failure to have controls in place to observe the requirements of the Privacy Act 2020.

·       Resistance or confusion from ratepayers about the change, which could lead to a lower collection rate, payment disputes, and reputational damage.

·       Technical issues or failures with the new in-house software system, which could disrupt the rates collection and invoicing process and compromise data security and integrity.

·       Legal or regulatory challenges or changes that could affect the validity or enforceability of the rates collection and invoicing process.

Identified risks were mitigated and managed through:

·       A detailed data migration plan that ensured data quality, accuracy, and completeness, and that minimised disruption to the rates collection and invoicing process.

·       Comprehensive staff training and support for the new in-house system.

·       Implemented robust privacy policies and procedures to comply with the Privacy Act 2020 to protect the personal information of the ratepayers.

·       Communication with ratepayers about the change, explaining the benefits, procedures, and changes, addressing any questions or concerns.

·       Regular meetings with the TLAs sharing the transition process, data requirements, and testing outputs. Open and clear communication to ensure that cohesive messaging was maintained.

·       Regular testing and maintenance of the new in-house system, which ensured that it met the performance, reliability, and security standards required for rates collection and invoicing.

·       Monitoring and compliance with the legal requirements associated with the rates collection and invoicing process, and sought legal advice as needed.

2.1.4    Legislative Compliance

The rates setting process is subject to various legislative requirements, such as the Local Government Act 2002, the Local Government (Rating) Act 2002, the Rating Valuations Act 1998. These pieces of legislation establish the principles, criteria, methods, and procedures for setting and collecting rates, as well as the obligations for transparency, accountability, consultation, and reporting.

As part of our regular day to day function, we perform the following processes to ensure that the integrity of the information we provide is compliant, and accurate.

·       Regular reviews to identify any areas for improvement or risk mitigation.

·       Performing regular integrity checks on the rates data and calculations to ensure their accuracy and validity, such as cross-checking with property information, valuation data, geographic information systems, rating databases.

·       Implementing quality assurance measures and controls to prevent errors or discrepancies in the rates setting process or outputs, such as peer reviews, and reconciliations with TechOne.

We have recently completed an internal audit review to assess the effectiveness and efficiency of the rates process.

We ensure that the rates setting process complies with all the legislative requirements by:

·       Regular audits of our rates database to ensure that the information is accurate and up to date. We also verify the property valuations and rating units that are used to calculate the rates.

·       Seeking legal advice on any complex or contentious issues or changes that may affect the rates setting process or outcomes.

·       Follow the statutory processes for setting and adopting the annual rates resolution, which specifies the rates for each financial year. Consult with the public on our proposed rates through the Long-Term Plan and Annual Plan processes.

·       Issuing rates invoices and assessment notices in accordance with the LGRA and provide clear and timely information to ratepayers on how their rates are calculated, how they can pay, and how they can apply for rates remissions.

·       Monitoring and reporting on our rates collection performance and follow up on any outstanding rates arrears. We have a policy for applying penalties for late payments through the Rates Resolution.

·       Review our rates policies and practices regularly to ensure that they are consistent with the LGA and LGRA and reflect best practice in the local government sector. We also keep abreast of any changes or updates to the legislative framework and implement them as required.

2.1.5    Audit New Zealand review

The rates function underwent a thorough review by Audit New Zealand as part of the assurance process for the 2022/23 Annual Report. As this was a new function, it was required to be comprehensively examined to ensure its proper functioning and compliance with legislation.

The review assessed the migration, integrity, and transactional processes of the rates function, as well as the adherence to the relevant legislation.

It was demonstrated that we had comprehensive and reliable documentation, procedures, and controls to support operations, and establish accountability and transparency.

The Team were able to show that the rates were being calculated accurately and that Council was meeting its legislative obligations. We also demonstrated that Council had implemented appropriate internal controls to manage the rates function.

The rates function had performed satisfactorily, without any issues or errors noted from Audit New Zealand, and we complied with the legislative requirements. The review did not suggest any improvements or findings for the rates team to implement or address at this time.

The outcome of the external audit review of the rates process provided assurance to the organisation on the performance and compliance of the rates collection process.

3.        Considerations

3.1      Risks and Mitigations

There are no identified risks in relation to the content of this report.

3.2      Climate Change

The matters addressed in this report are of a procedural nature and there is no need to consider climate change impacts.

3.3      Implications for Māori

Rating Māori land can be complex. With our engagement and strengthening relationships we can address economic disparity and rebuild trust, forging better relationships with local Iwi, Hapū, Trusts and owner/occupiers.

With greater control over rating policies, Bay of Plenty Regional Council can decide how to rate whenua Māori including decisions on rate’s arrears, remissions and consolidation of whenua Māori land blocks or multiple dwellings for rating purposes.

3.4      Community Engagement

 

Engagement with the community is not required as the recommended proposal / decision [relates to internal Council matters only].

 

3.5      Financial Implications

There are no material unbudgeted financial implications and this fits within the allocated budget.

4.        Next Steps

The rates team are now in a stage two phase, at this time of the rating year. We are completing the rates instalment and collection process for the 2023/24 rates, and we are now preparing for the 2024/25 rating year.

Data integrity checks will commence in early 2024 to support the Long-Term Plan rates budget analysis.

As a result of the internal audit review, we will adopt any suggestions that are made to improve our transactional processes. We are committed to ensuring that our processes are efficient, accurate and compliant.

 


 

 

 

 

Report To:

Risk and Assurance Committee

Meeting Date:

7 December 2023

Report Writer:

Aaron Huggins, Principal Internal Auditor

Report Authoriser:

Mat Taylor, General Manager, Corporate

Purpose:

To provide an update on the internal audit programme and the audit plan.

 

 

Internal Audit Status Update

 

Executive Summary

This report provides an update on the status of internal audit activities as at 30 September 2023 and includes:

·           The status of internal audit reviews in the current year;

·           The status of follow up of internal audit recommendations and management actions to 30 September 2023.

 

Recommendations

That the Risk and Assurance Committee:

1        Receives the report, Internal Audit Status Update.

 

 

1.        Introduction

This report provides an update on internal audit activity undertaken by internal audit staff and external assurance specialists as part of Bay of Plenty Regional Council’s co-sourced internal audit approach.  It includes:

·       The status of internal audit reviews in the current year;

·       The status of follow up of internal audit recommendations and management actions to 30 September 2023.

1.1      Alignment with Strategic Framework

 

The Way We Work

We continually seek opportunities to innovate and improve.

 

 

2.        Internal Audit Work Plan 2023/24 Status

Based on the Internal Audit Work Plan 2023/24 the following table summarises the status of internal audit reviews for 2023/24.

Review

Field work

GM Sponsor

Status

Status of Internal Audit

Planning /Scope

Fieldwork

Draft Report

Mgmt Actions

Final Report

CDEM Administering Authority

(2022/23)

BOPRC

Regulatory Services

In Progress

Complete

In Progress (75%)

 

 

 

Rates process review

(2022/23)

BOPRC

Corporate

Complete

Complete

Complete

Complete

Complete

Complete

External partner project management

BOPRC

Chief Executive

In Progress

In Progress (25%)

 

 

 

 

Focus Catchments

BOPRC

Integrated Catchments

In Progress

Complete

 

 

 

 

Forecasting & budgeting

BOPRC

Corporate

In Progress

In Progress (50%)

 

 

 

 

Freshwater management key risk mitigations

BOPRC

Strategy & Science

In Progress

In Progress (25%)

 

 

 

 

Health & Safety

External

Corporate

In Progress

In Progress (50%)

 

 

 

 

Procurement

BOPRC

Corporate

In Progress

In Progress (50%)

 

 

 

 

Science management framework

BOPRC

Strategy & Science

In Progress

In Progress (25%)

 

 

 

 

Sensitive expenditure

BOPRC

Corporate

In Progress

In Progress (75%)

 

 

 

 

With the completion of the Rates process review, only the CDEM Administering Authority review remains outstanding from the 2022/23 Internal Audit Work Plan; this is nearing completion.

Scoping for the audits on the 2023/24 Internal Audit Work Plan is underway.

Internal audit continues to provide internal assurance and advice to BOPRC teams as required.

3.        Internal Audit Follow Up

3.1      Management actions

Internal Audit has reviewed all open management actions as part of the follow up work in the 2023/24 Work Plan.

The following graph highlights the progress made within BOPRC to address open audit actions during the first quarter of the 2023/24 financial year:

 

Figure 1 Open management actions (1 July 2023 vs 30 September 2023)

The total of actions open as at 30 September 2023 is 72, the majority of these relate to ICT Security (20), RPMP (13), Project Management (7), and BCP (6).

A summary of overdue open management actions is presented in a separate report (‘Completed Internal Audit Reviews & Overdue Actions Update’).

3.2      Improvement actions

At the start of the quarter (1 July 2023) there were 15 open improvement actions (12 Risk Management, and 3 Lab Benefits Realisation).  This reduced to 14 at the end of the quarter (12 Risk Management, and 2 Lab Benefits Realisation).

The following graph highlights the progress made within BOPRC to address open improvement opportunity actions during the first quarter of the 2023/24 financial year:

Figure 2 Open improvement actions (1 July 2023 vs 30 September 2023)

4.        Considerations

4.1      Risks and Mitigations

There are no significant risks associated with this matter/subject/project/initiative.

4.2      Climate Change

The matters addressed in this report are of a procedural nature and there is no need to consider climate change impacts.

4.3      Implications for Māori

No implications identified – matters are of a procedural nature only.

4.4      Community Engagement

 

Engagement with the community is not required as the recommended proposal / decision [relates to internal Council matters only].

4.5      Financial Implications

There are no material unbudgeted financial implications and this fits within the allocated budget.

5.        Next Steps

To note the Internal Audit Status Update.

 

 

 

 



[1] Rotorua Lakes Council, Taranaki Regional Council, Taupō District Council, Palmerston North City Council, Rangitīkei District Council, Waimakariri District Council, Timaru District Council and Clutha District Council.