MPC(24)88.02 Annual Risk Management Review

Agendas & PapersFull Council Uploaded on June 6, 2024




Since the financial year 2018/19 the annual turnover of Melton Parish Council has exceeded £200k. Therefore, the Council automatically meets the requirements for an intermediate level audit review by the External Auditor. For 2018/19, as part of that, the Council was required to provide the relevant minutes and agenda papers from the meeting at which the annual review of risk management arrangements during 2018/19 was discussed. Whilst that has not been a specific requirement in the years since, there is an expectation that the Council maintains an annual review of risk management arrangements, as implied by Assertion 5 of the Annual Governance Statement (see below) and the new Financial Regulations (section 2.2). Councillors confirmed the assertions contained in the Annual Governance Statement for 2023/24 at the Annual General Meeting held on 15 May 2024 (see Minute MPC(24)70.02).

The annual review of risk management arrangements is expected to be an overview, demonstrating a culture of positive risk management across the Council, rather than evidence of individual risk assessments in place.


Assertion 5 in the Annual Governance Statement states that: “We carried out an assessment of the risks facing this authority and took appropriate steps to manage those risks, including the introduction of internal controls and/or external insurance cover where required.”

The Practitioners’ Guide (Governance and Accountability for Smaller Authorities in England) issued in March 2023, states that in order to warrant a positive response to that assertion, the authority needs to have the following arrangements in place:

1.32 Identifying and assessing risks — The authority needs to identify, assess and record risks associated with actions and decisions it has taken or considered taking during the year that could have financial or reputational consequences.

1.33 Addressing risks — Having identified, assessed and recorded the risks, the authority needs to address them by ensuring that appropriate measures are in place to mitigate and manage risk. This might include the introduction of internal controls and/or appropriate use of insurance cover.

It is accepted in a larger Council, that risk management may be delegated to a Working Group or Committee, in which case the minutes of a Committee should be available to Full Council, which in turn should have the latest summary of risk management arrangements as an Agenda paper to support the Annual Governance Statement response. Where such evidence is available, the auditor will accept a “Yes” response.

Within Melton Parish Council, responsibility for managing risk normally lies with Finance, Employment and Risk Management (FERM) Working Group but ultimately it lies with Full Council. All specific risks identified are recorded, assessed as High, Medium or Low risks; and actions for management / mitigation of those risks are identified and monitored on a regular basis until either they no longer exist, or the level of risk is reduced to a residual and manageable level. Emerging or potential risks are flagged up for monitoring as well. Reports on risk are provided both to FERM Working Group and to Full Council, with the result that risk issues are always put before Members at least ten times a year rather than annual basis as required by the Practitioner’s Guide. Matters discussed by FERM are presented to Full Council for discussion where necessary and the minutes of Full Council are published on the Council’s website.

A separate risk matrix is kept under six monthly review for risks associated with data protection compliance.

The Practitioners’ Guide treats as identifiable risks many issues which it identifies as insurable, and in practice Melton addresses these separately by reviewing insurance cover and ensuring that it is up to date.

Full Council (as well as FERM) considers insurance issues at least annually when the renewal/payment is due, and additionally on major changes to income/assets such as the acquisition of additional land and property and/or increases in income due to eg. Community Infrastructure Levy (CIL) income.

Exposure to risk in relation to:

  • Financial loss (in particular fraud/theft/fidelity guarantee matters)
  • Damage to property via fire etc.
  • Legal risks (in particular public liability)
  • Reputational risks
  • Loss of key staff

is addressed via having adequate comprehensive insurance in place, and, in relation to financial systems, an up to date set of financial regulations which are legally compliant and fit for the needs of the organisation, and its ways of working – which are continuously evolving – both with embracing new technology (eg internet banking) and doing new and additional activities (eg being a commercial landlord). Full Council reviews its Financial Regulations and Standing Orders at least annually and also receives an annual report setting out the Council’s Internal Control Policy.

The current position

Elsewhere on the Agenda for this meeting is to be found the updated Risk Register for June 2024. All the high and medium level risks identified have active strategies for mitigation/resolution, or where the risk is anticipated or contingent, the Register provides a focus for regular monitoring. Key risks over the last 12 months have related to the Pavilion Project, ASB, managing financial risks and staffing. The Council has continued to risk assess all aspects of its activities to ensure as far as possible, both the health and safety of Councillors and staff, and users of its facilities. The next twelve months will see challenging times with the continued rise in the cost of living, pressure on local government services and any unexpected loss of income (Pavilion or tenant). The Council has raised the Precept for 2024/25 and has increased the Budget Risk EMR. In addition, it reviews costs and finds savings where it can to mitigate some of these rises but careful budgeting will be required.


Melton Parish Council already adopts a comprehensive approach in relation to risk management. There is no reason to change these arrangements which have not attracted any negative comment from auditors. Indeed in section 6 of the Internal Audit report dated 28 May 2024, it stated that the Council demonstrates ‘a culture of positive risk management across the Council’ and that “The Council has a standing agenda item for Financial and Internal Control matters which provides the opportunity for the Clerk/RFO to present reports on current issues and Councillors to bring forward emerging issues and risks.” This practice continues at each Council meeting. It is considered that Councillors are able to assert with complete honesty that:

  • The Council both assesses all risks facing the Authority and takes appropriate steps to manage them, via a combination of management arrangements, internal controls and insurance
  • It has in place appropriate robust mechanisms to identify new and potential risks
  • It has a business strategy which aims to optimise and protect income and provide the most cost effective and efficient services to serve and protect its community via a combination of service contracts and direct labour.

Full Council is recommended to comment on this report, and either confirm the current approach to risk management, or with any additional steps added to strengthen further the arrangements already in place.   

Pip Alder

Clerk and Executive Officer to the Council

June 2024