OMBUD COUNCIL ANNUAL REPORT 2024/25

PART C: GOVERNANCE

6. INTERNAL CONTROL, INTERNAL AUDIT AND AUDIT COMMITTEES The Ombud Council developed its own internal control functions after the shared services MoA with the FSCA came to an end at the end of 2023/24 and the Ombud Council implemented them from the start of the 2024/25 financial year. The Ombud Council has appointed internal auditors to perform its internal audits for a five-year period until 31 July 2029. The auditors performed six audits for the year under review. The Table below reflects the summary of the reports presented to the Audit and Risk Committee and the Board.

FSR Act. A register of applicable laws binding the Ombud Council is maintained and reviewed by the Board. A compliance policy and framework were developed during the financial year with a compliance plan to be implemented in the 2025/26 financial year. Various compliance policies applicable to financial management and human resources were developed throughout the course of the year under review. 8. FRAUD AND CORRUPTION As per internal audit recommendations in the previous financial year, the Ombud Council developed a Fraud Prevention Plan which includes measures to combat fraud and a Fraud Response Plan. Other Board-approved policies facilitating compliance with the Fraud Prevention plan include a Whistleblower Policy, Financial Management Policy, Code of Conduct, Disciplinary Policy and an Anti Fraud Statement required to be signed by Board and Committee members, staff members, and contractors. Fraud awareness sessions were incorporated as standing item in the bi-monthly staff meetings. 9. MINIMISING CONFLICT OF INTEREST The Ombud Council’s SCM processes include appropriate controls to minimise conflicts. Where the Ombud Council participates in bid evaluations a declaration of interest is placed on record at the beginning of the process. The Ombud Council also complies with the disclosure of interest provisions in section 193 of the FSR Act. Board and Committee members submit annual declarations of interest, and all Board and Committee meeting agendas require disclosure of any conflicts. 10. CODE OF CONDUCT The Board Charter includes provisions dealing with the conduct and ethics of Board members, to promote professional and ethical behaviour. The Ombud Council has a Disciplinary Procedure Policy in place to manage misconduct. The Board approved a Code of Conduct and Ethics for all staff and board members. No actions for breach of the conduct provisions in the Charter or disciplinary actions were required during the period under review. 11. HEALTH, SAFETY AND ENVIRONMENTAL ISSUES Although the Ombud Council is not materially directly impacted by environmental issues, they have indirect impacts - particularly in relation to the insurance sector. Examples of environmental factors that lead to spikes in insurance claims and thus complaint volumes dealt with by ombud schemes include climate change related

Table 10: Internal Audit Reports

NUMBER OF FINDINGS

NO.

INTERNAL AUDIT REVIEW

1 Performance information management review

2

2 Procurement and contract management

5

3 Internal financial controls

1

4 ICT general controls review

4

5 Human resources and payroll

4

6 Follow up review

0

16

The Council received 16 internal audit findings during the 2024/25 audit review process of which only the Information and Communication Technology (ICT) control related findings were significant, arising primarily from the immaturity of the Council’s ICT governance framework. All action plans relating to the five procurement and contract management findings were implemented and resolved by the end of the financial year. Therefore, the Council tracked only 11 internal audit findings into the 2025/2026 year, with the internal auditors having subsequently confirmed that all of these findings have been resolved. Section 187(5)(a) of the FSR Act read together with Chapter 6 of the PFMA requires the Board of the Ombud Council to establish a Committee to review, monitor and advise the Board on the financial reporting, budget, audit, and risk matters. The Ombud Council’s Audit and Risk Committee performs these functions, in accordance with its Terms of Reference as approved by the Board. Details of the Audit and Risk Committee membership, roles and meeting attendance are included in Table 11 in section 4 above.

7. COMPLIANCE WITH LAWS AND REGULATIONS

The Ombud Council has since its inception complied with all the applicable provisions of its founding legislation, the

47

OMBUD COUNCIL ANNUAL REPORT 2024/25