What is internal scrutiny?

Internal scrutiny provides independent assurances that an academy trust’s financial and other controls, and risk management procedures, are operating effectively.

This work has been a must in the Academies Financial Handbook for all academies for a number of years now, but you may have read in our previous article that one of the key changes to the Academies Financial Handbook is that the ESFA are placing even greater emphasis on internal scrutiny over controls and risks. In previous editions internal scrutiny was given less than a page worth of guidance, there are now four pages dedicated to ensuring effective internal scrutiny.

So why the sudden change?

It’s impossible to pin point exactly why the ESFA have suddenly introduced so much more guidance but there are indications of the cause in their 2018/19 Annual Report.

It states in the 2017/18 financial year auditors reported regularity exceptions in 2019 trust accounts. What this means is there are 209 academy trusts potentially spending public money in ways not intended by Parliament.

Furthermore 45 academy trusts self-reported instances of fraud whilst 12 reported instances of theft, a rise of 63% on the previous year. The total losses to trusts in relation to these reports was in excess of £1.6 million (£695k in the prior year) with only £1.1 million (£495k in the prior year) being recovered.

What all this points to is potentially costly weaknesses in internal controls and management of risks within academy trusts.

What work should be done?

There is no set scope of work as each scrutineer will have to work with executive management and the audit committee to develop a plan based on the trust’s size, the potential risks to the academy trust and the controls in place. The work should then consist of a series of differing tests, which evaluate the suitability of financial and other controls and ensure that these are compliant with the Academies Financial Handbook.

The outcome of the work should then lead to the offering of advice and insight to the board on how to address weaknesses and mitigate against potential risks. After each program of work is completed, the risk register should be updated and reviewed by the audit committee with greater scrutiny then being placed on higher risk areas for the next visit.

Once all reports have been completed for the year an annual summary must be completed outlining the areas reviewed, key findings, recommendations and conclusions made as presented to the audit committee by the person or organisation completing the program of work. This summary must then be submitted to the ESFA by 31 December each year when the audited annual accounts are submitted.

Who should complete the work?

The scrutineer should be a “critical friend” who is independent and is not the academy trust’s own accounting officer, chief financial officer or other member of the finance team. The ESFA give four options to academy trusts on who should complete the work, options include; employing an in-house internal auditor, a bought in internal audit service, a non-employed trustee or a peer review performed by the chief financial officer or member of the finance team from another academy trust. You are required to annually confirm in your governance statement, accompanying the annual account which of the options you have chosen and why. The outcome of the work performed must then also inform the accounting officer’s statement of regularity in the annual accounts.

Whoever you decide to carry out the program of work though should be suitably qualified and or experienced.

If you feel like you would like to talk to us further about internal scrutiny or how we can become your “critical friend” please do not hesitate to contact a member of our specialist education team.