Internal Controls - The Joint Accounting Conference

advertisement
Internal Controls
NAPPA FALL DISTRICT MEETING
OCTOBER 24, 2014
LEE RAY – HUNTSVILLE UTILITIES
Internal Controls
Agenda

Internal Controls – Definitions and Overview

Why Have Internal Controls?

Fraud Triangle

Payroll

Cash and Accounts Receivable

Accounts Payable

Financial Reporting

Protect Your Organization
Internal Controls
Sources
Internal Controls – Wikipedia
2012 U.S. Fraud Examiners Manual - ACFE
Fraud Examination – Albrecht, Albrecht, Albrecht, Zimbelman
Fraud Auditing & Forensic Accounting - Dr. Tommie Singleton, A Singleton
Bologna & Lindquist
Internal Controls

Internal control is the process designed to ensure reliable financial reporting,
effective and efficient operations, and compliance with applicable laws and
regulations. Safeguarding assets against theft and unauthorized use, acquisition,
or disposal is also part of internal control.

Control environment. The management style and the expectations of upper‐level
managers, particularly their control policies, determine the control environment.
An effective control environment helps ensure that established policies and
procedures are followed. The control environment includes independent
oversight provided by a board of directors and, in publicly held companies, by
an audit committee; management's integrity, ethical values, and philosophy; a
defined organizational structure with competent and trustworthy employees;
and the assignment of authority and responsibility.
Internal Controls

Control activities. Control activities are the specific policies and procedures
management uses to achieve its objectives. The most important control activities
involve segregation of duties, proper authorization of transactions and activities,
adequate documents and records, physical control over assets and records, and
independent checks on performance.

Segregation of duties requires that different individuals be assigned responsibility for
different elements of related activities, particularly those involving authorization,
custody, or recordkeeping. Having different individuals perform these functions
creates a system of checks and balances.

Proper authorization of transactions and activities helps ensure that all company
activities adhere to established guide lines unless responsible managers authorize
another course of action. An example would be having dollar approval levels for
purchase orders.
Internal Controls

Adequate documents and records provide evidence that financial statements
are accurate. Controls designed to ensure adequate recordkeeping include the
creation of invoices and other documents that are easy to use and sufficiently
informative; the use of pre-numbered, consecutive documents; and the timely
preparation of documents.

Physical control over assets and records helps protect the company's assets.
These control activities may include electronic or mechanical controls (such as a
safe, employee ID cards, fences, cash registers, fireproof files, and locks) or
computer-related controls dealing with access privileges or established backup
and recovery procedures.

Independent checks on performance, which are carried out by employees who
did not do the work being checked, help ensure the reliability of accounting
information and the efficiency of operations.
In order to identify and establish effective controls, management must continually
assess the risk, monitor control implementation, and modify controls as needed.
Internal Controls
Why do Companies have internal controls?

Lack of proper internal controls provides the opportunity for fraud.

Fraud cost the organization money
 Some estimate fraud losses to be 5% of revenue
 Recover of frauds losses is less than 50%

Damage goes beyond dollars and cents
 Reputation
 Loss of public confidence
 Sagging staff morale
 Distraction from the mission
Why do people commit fraud ?
The Fraud Triangle –
Donald R. Cressey
Perceived
opportunity
Perceived
pressure
Rationalization
Payroll
Segregation of duties – No one should have access to the HR employee records
and the payroll records.
Payroll approval – the payroll register/file should be reviewed by the HR Director
and the Controller.
Ghost employees

Added to payroll, posted time and rate data, payroll check produced, and
check delivered.
Manipulated time records – Altering pay rate and time
Tools

Compare the HR employee records to the payroll records.

Review records for duplicate or lack of SSAN’s, bank account numbers,
addresses, phone numbers.

Look for employees without deductions for benefits.

Audit rates of pay by comparing payroll records to source documents in HR.
Cash & Accounts Receivable

Altering bank deposits

Check for currency substitutions

Lapping customer payments

Lapping deposits

Forging checks received

Granting bogus credits or account adjustments
Tools

All bank accounts should be reconciled by an independent party.

Deposits should counted by two employees and made by an independent party.

Employees receiving payments should not post customer accounts.

Watch for cash payments.

Perform surprise cash counts.

Customer credits should be properly apporved
Accounts Payable

Fictitious vendors

Personal bills

Unauthorized use of purchasing cards
Tools

Vet new vendors – Check vendors to yellow pages, online, Google maps, and
require a physical address.

Limit who can add new vendors, should be segregated from invoice approval
and payment processing.

Install positive pay with your bank.

AP check runs should be approved by a senior accountant or controller.

Payment reports should be sent to managers for review.

Wire transfers/ACH should require two person control.

Compare vendor addresses to employee addresses

Review for vendor invoice numbers in sequence or unusual numbers
Purchasing Cards
P-Cards are dangerous - Unauthorized use of P-Cards
Purchase of personal items, taking employees to lunch
Unusual travel expenses
Red Flags
 Unusual or unexplained increases in P-Card purchases
 Purchases of unusual items
 Pattern of purchases just below review or approval
Tools
 Limit and properly authorize the issue of P-Cards
 Place dollar limits by transaction, daily, monthly
 Use approved merchant lists and prohibited merchant lists
 P-Card expense reports should be reviewed and approved by managers.
 Required detailed receipts,
Financial Reporting

All journal entries should be approved and supported.

Use a closing checklist for journal entries and required actions that is signed by
the senior accountant and controller each month.

General ledger accounts should be reconciled to supporting documents each
month.

Ensure proper cut-off for accounts receivable, accounts payable, fixed assets,
and inventory.
Red Flags

Recording expenses as assets.

Unusual or explained increases in assets (inventory, receivables, and fixed assets).

Unreasonable increase in gross margin.

Unusual growth in revenue.
Protect you organization

Set the “Tone at the Top”

Review internal controls at least annually

Accomplish a fraud risk assessment

Hire the right people
Questions ?
Download