Audit and Risk Assurance Committee meeting: 25 November 2025

• Mike Usher - Non-Executive Director, Chair - WG ARAC and CS&I ARAC
• Nigel Reader - Independent Member, Chair - HSCEY Assurance Board
• Mel Doel - Independent Member, Chair - EET Assurance Board
• Gareth Pritchard - Independent Member, Chair - ECWL Assurance Board
• Kevin Roberts - Independent Member, Chair - LGHCCRA Assurance Board
• Tracey Burke - Director General, LGHCCRA Group
• Judith Paget - Director General, Strategy
• Emma Williams - Director General, ECWL Group
• Dean Medcraft - Director of Finance
• David Richards - Director of Propriety and Ethics
• Tracey Breheny - Director, HSCEY Strategy and Corporate Business
• Peter Ryland - Chief Executive WEFO
• Kim Jenkins - Deputy Director Accounts, Governance & Grants
• Helen Morris - Deputy Director Audit, Assurance & Counter Fraud
• Clare Thomas - Audit Wales
• Anthony Veale - Audit Wales
• Matthew Mortlock - Audit Wales
• Piers Bisson - Director, Constitution (for Senedd Reform item)
• Will Whiteley - Deputy Director, Senedd Reform (for Senedd Reform Item)
• Cariad Hazard - Deputy Director Corporate Services & Government Business, HSCEY Group

Also present

• Head of Corporate Governance Centre of Excellence
• Head of Financial and Technical Accounting
• Head of Office for Project Delivery (for PPM item)
• ARAC Secretariat

1.1 No declarations of interest were received in relation to agenda items.

2.1 The committee agreed the minutes of the previous meeting as a complete and accurate record. Members noted the progress made in implementing agreed actions and received updates on those not yet complete.

3.1 The committee discussed and approved its terms of reference in line with the annual requirement.

4.1 The committee discussed Audit Wales’ review of Welsh Government’s Consolidated accounts for 2024-2025 and the Auditor General for Wales’ summary report and proposed audit opinions. It noted that a signing date of 15 December was anticipated, subject to the completion of outstanding audit work.

4.2 The committee received a detailed briefing on the student loans valuation and the range of potential conclusions available to Audit Wales and noted that the Auditor General was yet to reach a final audit judgement.

4.3 The committee were pleased to note the various positive assurances Audit Wales were able to draw from their work, including:

• The quinquennial review of the roads network, where external experts had concluded there were no adjustments to be made.
• No significant issues identified with the financial statements for the Welsh Government Group (aside from the discussion ongoing on student loans valuation).
• The significant progress made this year in addressing goods received / invoices received issues which had previously been reported by the Auditor General for Wales.
• No misstatements identified during a review of grants. However, the committee was concerned to note that some recurring governance issues remain and endorsed the remedial measures outlined by management.

4.4 The committee endorsed the effective, flexible and proactive working relationship that was reported by both parties, and thanked colleagues for their work in preparing and reviewing the accounts during such a challenging year that included many complex areas.

5.1 The committee discussed progress made in addressing the recommendations made within the Data Protection Officer’s Annual Report and noted the work underway to develop an action plan for implementation. It was agreed this would remain on the committee’s workplan and updates provided at future meetings.

5.2 The committee discussed the approach to Programme and Project Management within Welsh Government and noted that, whilst progress has been made in improving the control framework, some significant areas of concern still remain. The committee also requested this area remain in its workplan.

5.3 The committee discussed the Corporate Risk Register and the proposed changes outlined by management. An update was received on the new approach to horizon scanning and the Committee endorsed its integration with the Corporate Risk Register and the focus on opportunities as well as threats.

5.4 The committee received an update on the Internal Control Questionnaire process (ICQ) for 2025-2026 and were satisfied it properly reflected learning outcomes from the previous year’s exercise. Members reiterated the importance of effective communications to promote the positive benefits of the ICQ, the ways it adds value and how it has resulted in improvements to the control framework.

5.5 The committee considered and noted the summary reports from Group Assurance Boards.

5.6 The committee discussed and noted the progress made in delivering the 2025-2026 internal audit programme.

The committee received an update on Audit Wales’ value-for-money programme and a summary of published reports.

ARAC Secretariat
Date of Publication – April 2026