Agenda and minutes

Apologies were received from Andrew Ling, Co-Optee.

Any member of the Council who has a disclosable pecuniary interest in a matter to be considered at the meeting is reminded to disclose the interest to the meeting and to leave the Chamber while any discussion or vote on the matter takes place.

Members are also reminded that if they have any other significant interest in a matter to be considered at the meeting, which they feel should be declared in the public interest, such interests should be declared to the meeting. In such circumstances Members should consider whether their continued participation, in the matter relating to the interest, would be reasonable in the circumstances, particularly if the interest may give rise to a perception of a conflict of interests, or whether they should leave the Chamber while any discussion or vote on the matter takes place.

A declaration of interest was received from Liz Murrall, Co-Optee, who declared that she had been appointed to the board of Public Sector Audit Appointments Limited.  The Chair did not deem this to be a disqualifying interest.

The minutes of the Meeting held on 29 September 2025 are submitted for confirmation.

The minutes of the meeting held on 29 September were confirmed as a correct record subject to amendments.

The Strategic Finance Manager presented to the Committee, noting that here had been several updates since the preparation of the report. This included a cut to the Bank Rate, now standing at 3.75%, an inflation rate of 3.4% in December, and an update that Arlingclose now expected two cuts to interest rates, in March and in June.

The Committee was then invited by the Chair to make comments and ask questions to officers. During the discussion, the Committee:

1.    Queried the reason for the £20 million in short?term local authority borrowing. Officers explained that the borrowing had been taken in April 2025 as the Council had already received its full Public Works Loan Board (PWLB) allocation for the year and was in a weaker cash position due to lower investment returns and delayed Council Tax receipts. A two?week loan at a higher interest rate was taken as a short?term alternative to a full?year PWLB loan, with repayment planned once Council Tax and Business Rates income were received.

2.    Asked if the November 2025 cyber incident had affected the Council’s ability to collect Council Tax and other income streams. Officers confirmed this, adding that priority work was ongoing to restore the system. It was not possible to determine if the system would be restored before the new financial year. Once the system was operational, the Council would need to issue new Council Tax and Business Rates bills for the remaining balance of the remaining financial year. There was borrowing capacity within the budget to cover the current gap created by the cyber incident, and officers were considering whether to seek short-term borrowing or to fund the borrowing requirements within the capital programme.

3.    Enquired as to the measures taken to support residents in preparing for newly set bills. Officers responded that residents were informed that bills would be set and that the current rates would be adjusted once the system was restored. There was a recognition that some residents may have struggled and that the Council would need to set individual payment plans with those residents.

4.    Noted that the Council’s capitalisation borrowing stood at £37.16 million as of 30 September 2025 and asked if those capitalisation costs related to the Grenfell Fire were being funded through contributions from other responsible parties. Officers responded that the intention was for capitalisation costs to be covered by contributions from other Grenfell parties. The borrowing strategy was designed to align with those expected contributions and to limit the long?term revenue impact on the Council. Officers explained that short?term borrowing had been used initially and that a separate cost centre was maintained to monitor all principal movements, ensuring clear oversight of both capitalisation costs and other borrowing.

5.    Queried the impact of the December 2025 funding settlement upon the Council’s treasury management. Officers responded that the capital programme would be the most affected and that officers were working with the Lead Member to ensure that borrowing was sought at  ...  view the full minutes text for item 4.

The Director of Social Investment and Property and the Interim Head of Operational Property presented to the Committee and provided an update on the actions taken since the July 2025 report on the Pembroke Road Depot, noting the structural issues previously identified and the subsequent changes made to strengthen property management. Significant personnel changes had taken place, including the appointment of a Health and Safety Manager. Condition surveys were now underway across the estate, with approximately one?third completed, and that surveys were being prioritised on a risk?assessed basis. Health and safety compliance coverage had reached approximately 82%, and a new hard facilities management contract and supporting term contracts were now in place.

The Committee was then invited by the Chair to make comments and ask questions to officers. During the discussion, the Committee:

1.    Sought assurance that there had been a positive culture change within the Social Investment and Property team. Officers responded that there was now a high-calibre, stable team at the core of the service which was learning from past events. The team was now proactive in assessing building safety and had acted to close two unsafe buildings within their portfolio, where previous teams may have allowed them to continue functioning. This included moving a mental health charity from an unsafe building and preventing the use of an asbestos-filled building by a youth club whilst the buildings were made safe by the Council. Officers added that the team had previously been spread across Council departments and had not collaborated as effectively as possible. This was no longer the case, allowing for the pooling of collective knowledge within and without the team.

2.    Asked what made the decision to close an unsafe building ‘difficult’. Officers responded that the public perception of closing a building that provided a valued community service created difficulties for the Council, but confirmed that these decisions were made with the health and safety of residents as the top priority.

3.    Queried what stage of the improvement process Social Investment and Property were currently at. Officers responded that they had appointed a new hard services contractor and that the contract’s procurement was amended to place the first £400 of each repair within the contractor’s responsibility, enabling a more proactive contract arrangement. Officers added that statutory, health and safety, and business critical items across the property portfolio would be included in a capital programme across the next two years which they expected would reduce overall running costs. This would run alongside the ongoing conditions surveys.

4.    Noted the high levels of staff turnover in July 2025 and asked for the size of the current team. Officers replied that there were currently 28 staff members and explained that this high number was to close the staffing gaps that had previously existed across some areas of the property portfolio.

5.    Noted that the Council’s first asset strategy since 2012 was agreed at Leadership Team in February 2025 and enquired as to why there had been no strategy  ...  view the full minutes text for item 5.

The Head of Internal Audit and the Head of the Insurance Service presented and informed the Committee that recent audits had provided satisfactory assurance. The Building Control audit had been removed as it was being reviewed separately by external auditors. The Committee heard that Strategic Procurement activity during the previous year had focused on embedding the Procurement Act and that the service was now concentrating on identifying financial benefits, achieving savings through improved procurement practice. It was also noted that the Utilities Management recommendations at page 42 of the report were now implemented

The Committee was then invited by the Chair to make comments and ask questions to officers. During the discussion, the Committee:

1.    Noted that an update on the Housing Allocations Audit, which received a Limited Assurance rating in papers presented to the meeting of 18 March 2024, had not been included in the current report. Officers confirmed that work on this update had been completed, but that the staff member responsible had left the Council within the last week. It had since been transferred to another member of staff and would be included in the Committee’s next update.

2.    Asked for the assurance status of Equality Impact Assessments. Officers responded that they were planning a follow-up on progress in February 2026 and would report back to the Committee at the March meeting.

3.    Sought clarification regarding the discrepancy on the number of recommendations “not yet implemented”, listed at 6 on page 41 of the agenda, and totalling 14 in the graph at pages 42-25 of the agenda. Officers confirmed that they would bring an update to the Committee.

Action for: Head of Internal Audit

4.    Noted the unimplemented recommendations on pavement licensing at pages 43-44 of the report and asked how this recommendation could be resolved quicker. Officers responded that whilst Audit’s recommendations were intended to address identified weaknesses, departments were required to assess their viability. If they could not be implemented, a discussion between the department and Audit would be held to assess steps taken, their effectiveness and possible future alternatives. This was likely to happen for pavement licenses in March 2026.

5.    Noted that the actions relating to Council’s ‘Safety-First’ commitment at pages 51-52 of the agenda had target dates in October, November and December 2025 and asked for further information on these actions. Officers confirmed that they would bring an update to the Committee.

Action for: Head of Internal Audit

6.    Sought clarification on the implications of Martyn’s Law (Terrorism (Protection of Premises) Act 2025) regarding Council enforcement of protests and large outdoor gatherings within the Borough. Officers confirmed that they would update the Committee.

Action for: Head of Insurance Service

7.    Asked for an update on measures taken to prevent violence, intimidation, abuse and harassment (VIAH) incidents within Council offices and libraries. The Committee also sought clarification on whether it was members of the public committing these incidents and if it was mostly members of the public or council officers who were subject  ...  view the full minutes text for item 6.

The Head of Internal Audit and the Head of the Insurance Service presented and reported that a serious cyber incident was listed as Risk 10 on the Strategic Risks Dashboard at appendix 1 of the report. This had been set at the highest risk score possible, 25, prior to the November 2025 incident, and the planned mitigations were now being fast-tracked.

The Committee was then invited by the Chair to make comments and ask questions to officers. During the discussion, the Committee:

1.    Noted the 481% increase in phishing attacks per month over 18 months to Council email addresses and asked what the Council was doing to mitigate these attacks. Officers responded that the Council ran mock-phishing exercises to test officer responsiveness and that all officers were given cybersecurity training. The increase most likely represented a broader increase in phishing attempts across large organisations rather than a targeted attack against the Council.

2.    Asked for clarity on the different roles served by the Strategic Risks Dashboard at pages 71-72 of the report and the Strategic Risks Heatmap at page 73 of the report and queried if there were any discrepancies between the two tables. Officers explained that the Strategic Risks Dashboard showed the risk score and trend for the last 5 reporting periods. The movement from the last reporting period was represented by a downward, upward or level arrow. The Strategic Risks Heatmap visually set out the current risks in the Strategic Risk Register as it stood in January 2026, with the heatmap for May 2025 included for reference. Officers added that these documents would be updated with feedback from the Committee and other bodies and recirculated to the Committee ahead of its March meeting.

3.    Queried why Risks 8 and 18 had been removed from the Strategic Risks Heatmap for January 2026. Officers responded that Risk 8, Corporate Performance Monitoring, was removed from the corporate risk register in June 2025 because several related actions were completed and that the monitoring could be managed on the departmental risk register. Risk 18, Care Quality Commission (CQC) inspections, was included within Risk 22 regarding regulatory oversight inspections and removed as a standalone risk.

4.    Requested that future Strategic Risks Heatmaps be broken down more effectively to aid the Committee’s understanding of the Risk Register.

Action for: Head of Internal Audit

5.    Expressed that the impact score of 4 for Risk 9 (failure in service continuity/safeguarding arrangements) appeared lower than expected. Officers advised that impact scores were set by the relevant service areas and undertook to discuss the matter with the service and report back on how the score had been determined.

Action for: Head of Insurance Service

6.    Queried the effectiveness of partner working was assessed in the context of Risk 1 regarding working effectively to with partners to support Grenfell bereaved and survivors. The Chair noted that detailed, granular points such as this would be the responsibility of the relevant select committee to scrutinise and that the Audit and Transparency Committee  ...  view the full minutes text for item 7.

The Committee considered the Forward Plan and Action Tracker, noting that action 191 was completed and that an email was circulated on 30 September 2025 and requested that the associated briefing note be recirculated to the Committee.

Action for: Senior Governance Co-ordinator

The Committee noted that several actions arising from the previous meeting would be added to the tracker before the next meeting.

The Committee requested that a report providing an update on the November 2025 cyber attack be brought to the March meeting.

Action for: Senior Governance Co-ordinator