Apologies noted as above.

None.

To determine whether there are any additional items of business which by reason of special circumstances the Chair is of the opinion should be considered at the meeting; the reason(s) for such urgency to be stated.

None.

To identify items where resolutions may be moved to exclude the public and press.  (For items marked * the public and press may be excluded from the meeting.)

None.

None.

RESOLVED: That the minutes of the meeting held on 19 September 2024 be agreed as a true record.

The Head of Corporate Assurance presented the report to provide a summary of the Corporate Assurance Team’s internal audit activity completed, and the key issues arising from it, for the period 1st September 2024 to 17th November 2024.

Members noted that there were not many action points as a result of the audit and asked for clarity on whether this was related to the work areas assessed or as a result of an overall positive assessment.

The Head of Corporate Assurance explained that this audit had looked predominantly at core financial systems and that there were very few actions therefore providing assurance that appropriate controls were in place.

Members noted that staff levels of absence due to illness fluctuated and asked what was considered reasonable.

The Head of Corporate Assurance explained that absence due to illness tends to fluctuate seasonally and has been affected by the resurgence of Covid-19 but that all absence is monitored and managed through the SYPA Attendance Policy and that, according to Quarter 3 KPIs, delivery of services had not been affected.

RESOLVED: Members considered the report and as necessary request further information and/ or explanations from the Corporate Assurance Team or Management.

The Head of Corporate Assurance presented the report to set out the annual internal audit planning process and to consult with the Audit and Governance Committee with regard to potential projects for inclusion in the draft internal audit plan for 2025/26.

Members noted that previous projects covered in the internal audit plan were weighted towards the area of finance and resources and asked for clarity on plans to cover IT and cyber risk.

The Head of Corporate Assurance agreed explaining that this was expected in the pensions sector but that to give an accurate assurance opinion, all aspects of the Authority needed to be considered. The Head of Corporate Assurance explained that an allocation of days to assess IT and cyber risk and liaise with the appropriate SYPA officer had been made and that it would be considered in depth as part of the plan.

The Chair queried whether risk regarding pooling would be part of the plan.

The Head of Corporate Assurance responded that risk regarding the performance and management of Border to Coast Pensions Partnership would require consideration. The Director added that the Government’s Pensions Investment Review and any subsequent changes would also create new risks for consideration.

RESOLVED: Members

i) Considered the proposed planning process and were satisfied that it was sufficiently robust and that it would determine a value-

adding internal audit plan, informed by risk and through consultation with appropriate senior management.

ii) Considered potential projects for consideration in the Internal Audit Annual Plan for 2025/26, all nominations to be passed through the Chair for notification to the Head of Corporate Assurance.

iii) Acknowledged the professional responsibility of the Head of Corporate Assurance to ultimately determine the plan of internal audit work.

Richard Lee, the external auditor from KPMG, presented the Auditors Annual Report providing a summary of the findings and any key issues arising from the external auditor’s work on the Authority’s 2023/24 statement of accounts and value for money assessment.

RESOLVED: Members received and noted the Auditor’s Annual Report attached at Appendix A in the report.

Richard Lee, the external auditor from KPMG, presented the External Auditor’s Year End Report on the key findings from the audit work carried out in relation to the financial statements of the Authority for 2023/24.

RESOLVED: Members received and noted the External Auditor’s Year End Report for the Pensions Authority attached at Appendix A in the report.

Richard Lee, the external auditor from KPMG, presented the external auditor’s year-end report on the key findings from the audit work carried out in relation to the financial statements of the Pension Fund for 2023/24.

Members asked for confirmation that there were no major changes made to the Authority or Fund Year End Reports. The external auditor confirmed that this was the case and the reports had not varied significantly from the drafts already seen by the committee. It was explained that the reports were held to new standards brought in in 2024 before they were completed, namely The Pensions Regular General code of practice and the Accounts and Audit Regulation (2024), meaning they met the latest statutory standards.

Members asked if the reports took the volatility of economic markets into account. The external auditor explained that the reports focussed on performance over a year of the Fund and the Authority up to March 2024 but that consideration was also given to financial sustainability, risk management and expectations for the future to ensure the Fund and the Authority are in a strong position to face any market volatility.

Members asked for further detail on the changes that were made to the reports and the plans to produce the 2024-2025 reports. The external auditor explained that the changes related to utilising the updated statutory guidance and formatting the presentation of the report. The external auditor added that there was now a period of

reflection on the experience of producing the reports for SYPA for the first time and that areas for improving the process had been identified to inform the planning for producing the 2024-2025 reports. It was expressed that KMPG want to build on the positive working relationship they now have with SYPA to improve on the delivery and quality of any reports.

RESOLVED: Members received and noted the External Auditor’s Year End Report for the Pension Fund attached at Appendix A

The Assistant Director - Resources presented the annual review of the Risk Management Framework for the Committee to consider.

RESOLVED: Members

a. Consider whether any additions or changes are required to the Risk Management Framework presented at Appendix A; and

b. Approve the updated Risk Management Framework for publication

The Assistant Director - Resources presented the report to the Committee and asked them to consider and comment on the Antifraud, Bribery and Corruption Policy and the Whistleblowing Policy and to recommend them for approval to the Authority.

Members asked whether there had been any instances of whistle blowing and the Assistant Director – Resources explained that there had not been any instances since she had been in position (5 years) but that it was important the policy remained in place.

The Director drew attention to the difference between the two policies and explained how measures in the broader sector, such as the Government’s Tell Us Once service, had contributed to the reduction of fraud cases needing to be dealt with by SYPA.

The Chair noted the policies had been overdue for update and approval and asked how this could be managed going forward. The Assistant Director – Resources explained that there was now a robust policy tracker system in place to ensure all policies are approved and reviewed within the agreed deadlines.

Members queried whether cyber security was considered separately from internal fraud. The Assistant Director – Resources responded that there was a separate Cyber Security policy but that there was potential crossover between policies, such as a cyber attack involving attempts to defraud, and in such cases, all relevant policies would be considered.

RESOLVED: Members considered and recommended the Anti-Fraud, Bribery and Corruption Policy and the Whistleblowing Policy for approval to the Authority.

The Team Leader – Governance presented the report to update Members on the actions being taken in response to audit review findings during the current financial year and in previous financial years drawing attention to the remaining two actions; updating a written policy for Records Management and a Document Retention Schedule and their progress.

RESOLVED: Members

a. Noted the progress being made on implementing agreed management actions; and

b. Considered if any further information or explanation was required from officers.