Internal controls are a system of policies and procedures organizations put in place to protect assets and improve operating efficiency. Strengthened internal controls are critical to accurate financial reporting. A solid system of controls can help prevent, detect and correct financial misstatements due to errors and fraud.
Basics to strengthen internal controls
Internal and external risk factors evolve over time. So, upon completion of the year-end financial statements, managers and internal auditors should reassess whether internal controls are up to snuff and brainstorm ways to solidify controls. Start your annual assessment with the following three basic controls:
Employees only should have access to those assets necessary to perform their jobs. Locks and alarms are examples of ways to protect valuable tangible assets, including petty cash, inventory and equipment. But intangible assets — such as customer lists, lease agreements, patents and financial data — also require protection with controls including passwords, access logs and appropriate legal paperwork.
Management should confirm and analyze account balances on a regular basis. To illustrate, strong organizations reconcile bank statements and count inventory on a regular basis. Waiting until year-end to complete these basic procedures is a potential red flag of weak oversight.
Interim financial reports, such as weekly operating scorecards and quarterly financial statements, also keep management informed. But reports are only useful if management finds time to analyze them and investigate anomalies. The supervisory review takes on many forms, including observation, test counts, inquiry and task replication.
Another basic control is maintaining detailed, up-to-date job descriptions. This exercise can help you better understand how financial job duties interact with one another. It can also highlight possible conflicts of interest that could lead to improper recordkeeping.
Your policies should call for job segregation, job duplication and mandatory vacations. For example, the person who receives customer payments should not also approve write-offs (job segregation). And two signatures should be required for checks above a prescribed dollar amount (job duplication).
It’s important to confirm during the annual review whether employees are aware of internal control policies and procedures — and whether they’re being strictly followed.
No time like the present to strengthen your internal controls
In times of financial distress may entice some employees to exaggerate financial results or even commit fraud. Our auditors have seen the best (or worst) in internal control practices. We can help you identify potential weaknesses and — regardless of whether your organization is large or small — find cost-effective ways to reinforce your controls. Contact us to start strengthening your internal controls.