Cardiff Internal Audit and Audit Committee Duties

Taxation and Finance Wales 4 Minutes Read · published February 12, 2026 Flag of Wales

Cardiff, Wales relies on an internal audit service and an Audit Committee to provide governance, risk assurance and oversight of financial controls. This guide explains the usual roles, where to find official Cardiff Council statements, how enforcement and review work in practice, and practical steps for reporting concerns, accessing reports and appealing decisions.

Role of Internal Audit and the Audit Committee

The internal audit service provides independent assurance on the council's risk management, control and governance arrangements; the Audit Committee reviews audit outputs, monitors implementation of recommendations and advises the council on financial probity. See the Cardiff Council Internal Audit page for the service description and contact details Cardiff Internal Audit[1] and the Audit Committee terms and remit on the council site Cardiff Audit Committee[2].

Internal audit is advisory and assurance-focused, not an enforcement body.

Penalties & Enforcement

Internal audit itself does not normally impose fines or criminal penalties; enforcement actions relating to breaches of bylaws, fraud, or statutory offences are taken under other council powers or by external bodies. Where the relevant Cardiff Council pages do not list specific penalty amounts or schedules, this is noted below using the cited council pages for reference.

  • Fines and financial penalties: not specified on the cited pages; specific amounts depend on the controlling bylaw or statutory regime cited by the enforcing service [1].
  • Escalation and repeat/continuing offences: not specified on the cited pages; the council’s approach is case-by-case and may be escalated to legal or regulatory action [2].
  • Non-monetary sanctions: orders to comply, injunctions, recovery of property, suspension of licences, and referral to prosecution or civil proceedings are possible where statutory powers apply; specific remedial orders are listed in relevant service regulations (not detailed on the cited internal audit or Audit Committee pages).
  • Enforcer and inspection: responsibility depends on the policy area—corporate governance investigations involve Internal Audit and Legal Services, regulatory breaches involve the relevant operational service; to report concerns contact Cardiff Council corporate governance or Internal Audit via the council pages [1].
  • Appeals and review: routes vary—internal reviews, complaints procedure, or statutory appeal rights; time limits and specific appeal steps are not specified on the cited internal audit/Audit Committee pages and are set out in the procedural documents for the specific service or regulation.
  • Defences and discretion: common defences include having a reasonable excuse, holding a valid permit/authorisation, or compliance steps taken before inspection; availability of mitigations is determined by the enforcing service or tribunal and is not listed in detail on the cited pages.
For precise penalty figures check the specific bylaw or service regulation relevant to the alleged breach.

Applications & Forms

The Cardiff Internal Audit page describes how to contact the service but does not publish a standard 'penalty' form or fixed fee schedule on that page; for whistleblowing and reporting misconduct follow the council’s corporate complaints and whistleblowing procedures as linked from the council site [1]. If a regulatory service is enforcing a specific bylaw, the enforcement service will publish any application or notice form on its service page (not specified on the cited internal audit/Audit Committee pages).

Practical Actions and Common Violations

Typical actions the public or officers may need to take are listed below, followed by common contraventions that lead to enforcement or recovery actions.

  • Request an internal audit report via the Internal Audit contact on the council site; provide dates, subject area and any FOI reference if needed.
  • Report suspected fraud or financial irregularity to Internal Audit and Corporate Anti-Fraud teams, following the council’s reporting routes.
  • For bylaw breaches, contact the relevant enforcement service (e.g., Environmental Health, Licensing, Parking) through the council’s service pages.
  • Appeal or complain using the council’s formal complaints procedure or request a review within the timescales stated by the enforcing service (check the specific service page for deadlines).

Common violations

  • Failure to follow procurement or contract rules (leading to internal investigation).
  • Non-compliance with licensing conditions (managed by Licensing and regulatory teams).
  • Poor record-keeping or control weaknesses identified by audit leading to remedial orders.
Report concerns promptly to preserve evidence and meet any appeal deadlines.

FAQ

Who runs internal audit in Cardiff?
The council’s Internal Audit service provides internal auditing and reports to senior management and the Audit Committee; contact details are on the Cardiff Internal Audit page Cardiff Internal Audit[1].
Can Internal Audit impose fines?
No, Internal Audit provides assurance and recommendations; enforcement and fines are applied under the relevant regulatory service or statutory powers, and specific penalty amounts are not listed on the cited internal audit or Audit Committee pages.
How do I appeal an enforcement decision?
Appeals follow the enforcing service’s procedures or the council complaints process; time limits and exact routes are set by the specific regulatory framework and are not specified on the cited audit committee/internal audit pages.

How-To

  1. Identify the issue (procurement, licensing, environmental, financial irregularity) and gather dates, documents and contacts.
  2. Contact the relevant Cardiff Council service or Internal Audit with your information; use the Internal Audit page for corporate issues Cardiff Internal Audit[1].
  3. If the matter is regulatory, follow the enforcement service’s published complaint or application route; for governance matters, ask Internal Audit to review.
  4. If dissatisfied with the outcome, use the council formal complaints procedure or seek independent review as provided by the enforcing statutory regime.

Key Takeaways

  • Internal Audit offers assurance; it does not generally impose fines.
  • The Audit Committee oversees audit outputs and financial governance.

Help and Support / Resources

  1. [1] Cardiff Internal Audit
  2. [2] Cardiff Audit Committee

Categories

General Governance and Administration Public Safety Public Health and Welfare Land Use and Zoning Housing and Building Standards Transportation Environmental Protection Parks and Public Spaces Business and Consumer Protection Taxation and Finance Labor and Employment Education Civil Rights and Equity Elections and Campaign Finance Events and Special Uses Signs and Advertising Utilities and Infrastructure Technology and Data