At the same time new guidance has been released by CIPFA of relevance to local authorities: Delivering Good Governance in Local Government Addendum
For internal auditors it’s interesting to compare and contrast these expectations and the challenges of providing assurance in this context.
Contrasting requirements or companies with UK local government
Under the 2024 Code, the board must describe how it has reviewed the effectiveness of its framework. It must also make a declaration of the effectiveness of material controls. Where material controls have not operated effectively, the report must describe the action taken to improve them.
In UK local government, statutory regulations from each of the UK national governments require local authorities to publish an annual statement on internal controls, commonly known as the Annual Governance Statement (AGS) alongside their financial statements. With similar requirements in place since 2003, this is not new territory for the sector. The AGS is underpinned by the CIPFA/Solace framework Delivering Good Governance in Local Government, Framework (2016).
New guidance on the conduct of the annual review and publication of the statement from 2025/26 onwards aims to raise the standard of governance reviews and improve transparency and accountability to the public.
While both the Code and AGS assess internal control and risk management, the AGS goes further. It requires authorities to consider governance across the framework’s seven principles. A weakness in any of these areas, whether in culture, leadership, engagement, or integrity. Can have serious consequences. Local authorities not only deliver services and manage resources, but must also make fair decisions, act in the public interest, and maintain public trust. Unfortunately, there are examples where some local authorities or individuals have not acted in this way. This is damaging for the whole sector.
Fit for purpose (opinion)
In the updated guidance, councils must issue an opinion on whether their governance arrangements are “fit for purpose.” That is, do they operate effectively and support the delivery of the council’s intended outcomes? The guidance emphasises the importance of ‘core arrangements’, the structures and processes that create a culture focused on achieving objectives, managing risk, and fulfilling both statutory duties and best value responsibilities. In making their conclusion on whether governance is fit for purpose, an authority must be satisfied that these are in place.
Identifying opportunities for improvement
A long-standing feature of the AGS is the identification of significant areas for improvement. Authorities must also report progress in the following year’s statement. From 2025/26 onwards, councils will also be expected to look ahead, anticipating governance challenges and considering how their arrangements need to evolve. With structural changes like devolution and local government reorganisation on the horizon, this forward-looking perspective is essential.
The role of internal auditors
Internal auditors play a key role in the annual review process. The head of internal audit’s annual conclusion on governance, risk management and control, (mandatory in the public sector), is a key source of assurance. Most internal audit teams provide assurance on the annual review. External auditors then assess whether the AGS follows the guidance and whether its conclusions are consistent with their understanding of the authority. The AGS also serves as a key source of evidence for auditors’ value-for-money or best value assessments.
Lessons for companies
What lessons can companies draw from local government’s two decades of experience with the AGS? Fundamentally, the AGS process is only as valuable as the seriousness with which it is approached. If governance reviews are treated as box-ticking exercises, they risk becoming compliance burdens rather than opportunities for real improvement. Common pitfalls include:
- Repeating boilerplate language year after year
- Describing processes rather than evaluating effectiveness
- Downplaying weaknesses or failing to address critical assurance reports
- Poorly defined or vague improvement plans
Ultimately, both the AGS and the UK Corporate Governance Code aim to support improvement and accountability. For any organisation, they are tools to reflect, challenge, and evolve not just reports to file.