|
Title |
Corporate Risk Register (Corporate Risk Management) |
|
Purpose of the report |
To note |
|
Report Author |
Lee O’Neil, Deputy Chief Executive |
|
Ward(s) Affected |
All Wards |
|
Exempt |
No |
|
Exemption Reason |
N/A |
|
Corporate Priority |
Community Addressing Housing Need Resilience Environment Services |
|
Recommendations
|
Committee is asked to: Consider the significant strategic risks and issues highlighted in this report and present these to the Corporate Policy and Resources Committee, ensuring continued wider reporting of the Corporate Risk Register and actions across other Committees. |
|
Reason for Recommendation |
The Corporate Risk Register must continue to ensure that the Council’s most significant risks in relation to achievement of corporate priorities and objectives are identified, managed, monitored, and reported. Continued visibility and ownership of the risks and issues raised in this report is recommended across the Council due to the significant and wide-reaching implications. This will support improved coordination in implementing risk management strategies. |
1. Summary of the report
|
What is the situation |
Why we want to do something |
|
The Corporate Risk Register continues to ensure that the Council’s most significant strategic level risks in relation to achievement of corporate priorities and objectives are regularly identified, managed, monitored, and reported. The current reporting frequency coincides with the Audit Committee cycle and work programme |
Exposure to wider externalities and other unprecedented pressures continue to present challenges to the Council and to the delivery of its corporate priorities. The approaches being taken to proactively manage identified risks and mitigate their impact are referred to in this report and related appendices. |
|
This is what we want to do about it |
These are the next steps |
|
The Corporate Risk Register and related processes provide a mechanism for regularly reviewing risks to ensure any threats to the Council and its services can be addressed/minimised. |
The corporate management team and lead Committee hold collective ownership and accountability for ensuring these strategic corporate risks are effectively managed. In doing so they are supported by designated lead officers (at Group Head level) who are responsible for overseeing the day-to-day management of these risks and ensuring future risk management strategies are progressed/implemented. |
1.1 This report highlights significant strategic risks in delivering the Council’s priorities (CARES) and objectives, current strategies to manage risks (defined as current controls and current mitigations) as well as any future strategies to manage associated risks.
1.2 The Council continues to encounter some challenges in delivering its corporate priorities due to exposure to wider externalities (including inflationary pressures and demands for housing). The approaches taken to proactively manage identified risks and mitigate their impact are referred to in the appendices to this report.
1.3 The risk register has been updated to reflect the latest developments in the Government’s proposals for Local Government Reorganisation (with Surrey in the first wave of authorities to be involved), the result of which will mean that Spelthorne will no longer exist as a sovereign authority within 2 years.
1.4 The risk register has also been updated to reflect the Council’s response to recent External Audit Reports and Best Value Inspection of the authority, including the development of a detailed Consolidated Action Plan to address the recommendations from these reports and other external reviews. The level of any Commissioner-led intervention planned by the Government in response to the recent publication of the Council’s Best Value Inspection report is yet to be determined. Any risks associated with this will be incorporated into the next update of the register once further information is available.
2. Key issues
2.1 At the last meeting of this Committee, Members supported plans for a range of changes/consolidation of some risk subject areas, in order to slim down the register to 16 subject areas and keep comments current. The revised Corporate Risk Register reflects those changes. The risk scores in the updated Register reflect those adjusted Risk Subject Areas.
2.2 At that Committee Members were also advised of an additional risk category 10, incorporated into the Register to cover the Council’s Response to External Audit Recommendations
2.3 The updated Corporate Risk Register is shown in Appendix A - Identified risks along with current and future risk management strategies are set out in this document, highlighting next steps in managing the risks. The register has been updated to reflect any changes in the risks outlined at the time the report was written. Where the Risk Subject Areas have remained the same since the last meeting of this Committee, the scores have been updated where necessary to reflect any changes in risk impact and/or likelihood. The key headlines and updates to report across the broad risk categories on the register emerging from the current review are set out below.
Appendix B – Outlines where risk subject areas have been consolidated and any revised scores since the last Committee meeting. This also provides details on how these scores have been calculated from the assessment of the likelihood of a risk occurring against the impact this could have.
2.4 Further changes may be necessary in the future to add new key risks and remove any subject areas where risks are eliminated or reduced to an acceptable level.
Changes in risk scores and other key updates
2.5 The following risk scores have been adjusted to reflect any significant change the risk likelihood and/or impact since the last update to the Committee:
(a) 1a Housing – Local Plan Now Green RAG (previously Amber). The risk score has been reduced from 9 to 4 to reflect the considerable progress made getting the Plan to Examination. Examination hearings were held in January/February 2025 with robust justification for the Plan put forward, alongside some suggested Modifications to overcome any areas of debate. The decision on whether the Plan is sound is now down to the Inspector.
(b) 7 – Corporate Capacity, Resources, Recruitment and Retention – Corporate Capacity – Now Red RAG (previously Amber). The risk score has been increased from 9 to 12 to reflect ongoing pressures on workloads, including:
· Ongoing pressures on resources due to work associated with Local Government Reorganisation,
· Follow up work associated with the Best Value Inspection and external audits,
· Additional work which will be needed following the Government’s confirmation of support for a 3rd runway at Heathrow, and
· Specific service area pressures due to increased workloads, e.g. in Environmental Health.
(c) 7 – Corporate Capacity, Resources, Recruitment and Retention – Recruitment and Retention - Remains Red RAG. The risk score remains 12 reflecting the increased risks of staff becoming unsettled due to the Government’s planned reorganisation of local government. There are already early indications of this starting to affect Borough and District Councils across Surrey.
(d) 9 – Local Government Reorganisation (LGR) – Strategic decisions – Remains Red RAG. The risk scores remain 16 to reflect the Government’s ongoing plans for reorganisation of local government, which would replace the current two-tier (county/district & borough) system in favour of larger unitary authorities. Surrey has been selected in the first wave of areas where new unitary authorities would be formed from April 2027. Spelthorne would therefore no longer exist as a sovereign authority within 2 years, with very limited ability to influence how this is delivered in Surrey.
Work on LGR is moving forwards at a pace in Surrey due to the tight timescales set by the Government. Any risks associated with this work to date have been mitigated as far as possible by close working between Leaders and Chief Executives and by recognising that the Interim Plan submitted could reference more than one proposal, where there was more than one under consideration. There are, however, risks associated with trying to finalise a full proposal by the Government’s 9 May 2025 deadline, particularly if the 12 Councils in Surrey cannot agree on a single joint proposal.
(e) 9 - Working arrangements across LG tiers – Change management
Remains Red RAG – The risk score remains 16 to reflect the challenging change management requirements associated with the Government’s planned local government reorganisation.
Other key updates
2.6 Other risk scores within the register continue to reflect underlying themes around financial risk due to:
· Ongoing funding challenges for local authorities,
· Increased demands on services, particularly in the area of housing,
· Risks associated with managing the accumulated capital costs of £10-15m arising from the suspension of direct delivery of the Council’s Housing Development programme and the significant annual holding costs for Council-owned development sites, and
· Continuing high cost of debt, despite recent reductions in inflation.
2.7 Since the last meeting of the Committee the Council has received the report relating to this authority’s Best Value Inspection. This specifies a wide range of recommendations outlining where the Council needs to make improvements. The report also recommends Commissioner-led intervention but at the time of writing this report it is unclear what form any such intervention will take. This has the potential to significantly affect the risks contained within the Register. Once the details become clearer the Register will be updated accordingly.
Future changes to Risk Categories
2.8 Further adjustments to risk categories/subject areas and associated narratives may be necessary as the full details and implications of Local Government Reorganisation become available and once the Council has been advised of the level of any Commissioner-led intervention planned by the Government in response to the recent publication of the Council’s Best Value Inspection report.
2.9 Similarly, the Committee will need to consider any emerging new risks, or any item currently on the register where the risk is reduced to an acceptable level to remove the item from the register.
3. Options analysis and proposals
3.1 The revised register and related appendices are an accurate reflection of the high-level significant risks affecting this authority, based on consultation with managers and assessment of risk and controls in operation.
3.2 Option 1 (recommended option) –
To consider the contents of the Corporate Risk Register including any revised/consolidated risk categories, any further risk categories that can be consolidated or removed, residual risks highlighted, current risk management strategies (current control actions, current mitigating actions) and future risk management strategies. (preferred option).
3.3 Option 2 - To recommend amendments to the Corporate Risk Register for consideration by the Corporate Risk Management Group.
4. Financial management comments
4.1 As previously reported, there are major financial implications arising from several corporate risk categories on the register. This is explained further at para 2.6 above.
5. Risk management comments
5.1 The Council’s corporate and strategic risks impacting the effective achievement of corporate priorities, represent the most significant risks facing the authority. The register contains ten broad strategic risk categories, comprising specific risk subject areas that align to the broader category. Risk descriptions and consequences are identified and articulated, as well as the current controls and current mitigation measures in place to manage these risks. Current controls are those actions intended to reduce the likelihood of occurrence of the risk event, whilst current mitigations are those actions intended to reduce the impact of a risk event should it occur. Taken together, current controls and current mitigating actions represent current risk management strategies. Future risk management strategies are also included in the register documentation.
6. Procurement comments
6.1 Any procurement considerations relating to the risk categories on the register should be identified by the respective Risk Owners and lead officers and are likely to form part of separate reporting/communications.
7. Legal comments
7.1 Some corporate risks facing the Council as identified on the register are driven or influenced by statutory requirements. For example, at risk category 8 - Equalities, Diversity and Inclusion refers to the Equality Act 2010.
8. Other considerations
8.1 Whilst not currently referred to as a specific risk category on the Corporate risk register, the challenges facing the external audit sector have continued to present risks across the local government sector in terms of significant ongoing delays and backlogs in external audit assurance provision relating to prior year accounts, and the subsequent limitations regarding audit coverage and opinions. The backlog issues were addressed at an extraordinary meeting of the Audit Committee on 4th December ahead of the national cut-off date of 13th December 2024. The external audit review process relating to 2023/24 for Spelthorne is now well underway.
8.2 It should be noted that there could be further developments under any of the risk categories between the report being drafted and this being reported to the Committee. Any significant changes would therefore be reported verbally at the Committee as necessary.
9. Equality and Diversity
9.1 The Corporate Risk Register incorporates Equality, Diversity and Inclusion as a specific strategic risk category and sets out current controls and current mitigation measures in place, as well as future risk management strategies. There are no further areas of progress to report as part of the September review of the risk register.
10. Sustainability/Climate Change Implications
10.1 There are none separate to those in the revised Corporate Risk Register, and some updates have been made under the broad risk category 6 as part of the September review of the register.
11. Timetable for implementation
11.1 Future risk management strategies show lead Council officers responsible for progressing actions, together with target timescales for implementation. The register content is reviewed and updated three times a year in consultation with the corporate Management Team, Group Heads and managers. It is coordinated, analysed, and reported by the Deputy Chief Executive, which includes identifying new risk descriptions, high level review of relevance of control and mitigation actions being reported in context of risk area, and proposing new risk management strategies in consultation with managers where deemed appropriate.
12. Contact
12.1 Lee O’Neil – Deputy Chief Executive (l.o’neil@spelthorne.gov.uk)
12.2 Please also refer to contact names provided for Risk owners/accountable officers as well as lead Officers who hold responsibility for implementing systems of internal control and mitigating actions to manage and alleviate the risks identified against each broad risk category and risk subject area.
Background papers:
There are none.
Appendices:
Appendix A - Corporate Risk Register – this includes related narrative content as well as (i) level of assessed risk i.e., Red/Amber/Green - RAG status of each risk category (ii) Numerical Risk score and Direction of Travel.
Appendix B – Risk scoring matrix summary (incorporating consolidated Risk Subject Areas) – level of assessed risks in the register.