In September 2019, the Office of Local Government (OLG) released a discussion paper, A New Risk management and Internal Audit Framework for Local Councils in NSW.
Contents

In response to the feedback on the discussion paper, the OLG has now refined the proposed model. The new framework will be governed by regulations and Guidelines for Risk Management and Internal Audit for Local Councils in NSW. The proposed Guidelines prescribe the minimum standards for each council’s Audit, Risk and Improvement Committee (ARIC), Risk Management Framework and Internal Audit Function.

Key Changes

  • All councils (including county councils) and joint organisations are required to have an ARIC. Councils and joint organisations are permitted to enter into arrangements with other councils or joint organisations to share ARICs.
  • The OLG will be issuing Guidelines for Risk Management and Internal Audit for Local Councils in NSW to guide the operations of ARICs and to require councils to have a Risk Management Framework and Internal Audit Function to support and inform their operations.
  • The General Manager of a council, or the executive officer of a joint organisation, will be required to publish an attestation statement each year in the council’s or joint organisation’s annual report indicating whether, during the preceding financial year, the council’s or joint organisation’s ARIC, Risk Management Framework and Internal Audit Function complied with the Guidelines.

Next Steps

  • OLG is seeking views and feedback of councils and other stakeholders on the draft Guidelines prior to finalising them.
  • Submissions should be made by email to olg@olg.nsw.gov.au.
  • Submissions to be labelled ‘Draft Risk Management and Internal Audit Guidelines’ and marked to the attention of ‘Council Governance Team’.
  • Submissions should be made before COB 26 November 2021.

Implementation Timeline

  • All councils must appoint an ARIC from 4 June 2022.
  • All councils have until 2024 to establish their Risk Management Framework and Internal Audit Function – attestation commences 2024.
  • Councils have until 2027 to ensure ARIC membership complies with the Guidelines, allowing councils to transition into the new membership requirements as and when membership of existing ARICs expire – attestation commences 2027.

Grant Thornton’s Risk Consulting Team can work with councils to help establish and implement the framework for Risk Management and Internal Audit. Grant Thornton has extensive experience, being one of the leading Internal Audit and Risk Management service providers to the NSW Local Government Sector.

Should you wish to discuss the OLG requirements further or have any questions in regards to establishing a Risk Management Framework or Internal Audit Function, please do not hesitate to get in touch with one of our subject matter experts below.