We’re here to Assure, Explain and Inspire.
The Auditor General is the statutory external auditor of most of the Welsh public sector.
Our key strength is our wide range of skills and knowledge that has arisen from our position as the the statutory external auditor
See our current and previous consultations
This section sets out how you may request information from us and provides some direct links to information of wider public interest.
Governance and oversight at Audit Wales
Our accounts are audited by an independent firm appointed by the Welsh Parliament.
Our Executive Leadership Team is responsible for directing the organisation
The Auditor General is responsible for auditing most of the public money spent in Wales.
See our work around the COVID-19 pandemic
Audit Services has a reach of over 800 public bodies across Wales covering financial and performance audit
Our programme of shared learning events focusses on topics that are common across public services
Having a strategic, dynamic and high quality audit programme is a key focus of our strategy
The NFI matches data across organisations and systems to help public bodies identify fraud and overpayments.
We work with others from across the Welsh public sector and beyond
See our latest news, blogs, events and more
Find out the latest news
See our blogs on many different topics
Access our data tools and useful data sources
View our videos on our YouTube channel
Our events bring together individuals from across the Welsh public sector
Access all the resources from our shared learning events
We have installed ReadSpeaker’s webReader, which allows visitors to instantly convert online content to audio on our website.
Click on the icon above to try this out, and take advantage of the full range of useful webReader features by clicking the link below.
Readspeaker website
This accessibility statement applies to www.audit.wales. This website is run by Audit Wales. We want as many people as possible to be able to use this website.
View accessibility statement
We’re always looking to improve the accessibility of this website. If you find any problems not listed on this page or think we’re not meeting accessibility requirements, contact:
info@audit.wales
As electronic banking becomes more commonplace, Community Councils must have sound cyber security processes in place.
Serious failures in governance and financial management found at Harlech Community Council according to the report in the public interest issued today by the Auditor General for Wales.
Harlech Community Council (the Council) is made up of 12 councillors who are responsible for managing money raised by the Council and spends around £100,000 a year to provide local services. Following routine audit work on annual returns completed by councils, attention was drawn to a report that Harlech Community Council had been the victim of fraud resulting in the loss of £9,000. The fraud followed a breach of the Clerk’s email address that allowed a third party to access her email account. We extended our audit work to identify how the Council’s procedures failed to prevent the loss being incurred.
In December 2022, the Clerk made two payments of £4,500 to a third party without proper authorisation from the Council. The Auditor General’s report found that there was a failure to carry out proper due diligence when making these two payments. This highlights the fact that the Council did not have effective internal controls in place and did not follow its current rules for making payments. The ease in which the fraud was carried out also leads to concern that making payments without proper scrutiny in place may not have been an isolated occurrence.
It is also important that the Council has accurate and accessible records of proceedings and decisions. Harlech Community Council’s minutes do not present an accurate picture of how the loss of £9,000 occurred.
As electronic banking is becoming more widely used, the Council, and other councils across Wales, must have better cybersecurity processes in place to protect against the risk of losses due to online frauds.
The report notes that the Council has taken some steps to address deficiencies in its internal arrangements.
Our report makes five recommendations to Harlech Community Council, some of which are:
It is concerning that we are commenting about weaknesses in financial management and governance on a regular basis. The fraud at Harlech Community Council is another example of this. It’s important the sector takes notice and make improvements on this ongoing issue of poor financial management and cyber security.