Internal Financial Control Over Financial Reporting

Background

Under Section 143(3)(i) of the Companies Act, 2013 (2013 Act), an auditor of a company is required to state in his/her audit report whether the company has an adequate internal financial controls (IFC) system in place and the operating effectiveness of such controls. Explanation to Section 134(5)(e) of the 2013 Act defines IFC to include policies and procedures adopted by the company for ensuring orderly and efficient conduct of its business, accuracy and completeness of the accounting records, and timely preparation of reliable financial information.

The Institute of Chartered Accountants of India (ICAI) had issued a Guidance Note in November 2014. This Guidance Note has been revised subsequently and the ICAI issued a revised ‘Guidance Note on Audit of Internal Financial Controls Over Financial Reporting’ (Guidance Note) on 14 September 2015.

What is Internal Financial Control Over Financial Reporting?

Internal Controls are to be an integral part of any organization’s financial and business policies and procedures. Internal controls consist of all the measures taken by the organization for the purpose of:

  1. Protecting its resources against waste, fraud, and inefficiency
  2. Ensuring accuracy and reliability in accounting and operating data
  3. Securing compliance with the policies of the organization
  4. Evaluating the level of performance in all organizational units of the organization.

Responsibilities of Monitoring Internal Financial Control

The Responsibility for monitoring the Internal Financial Control rests with the whole organization and not with any one individual. Of course, each individual within a unit should be aware of proper Internal control procedures associated with their specific job responsibilities. Internal control procedures operate at different levels of effectiveness. Effective controls provide reasonable assurance regarding the accomplishment of established objectives.

Elements of Internal Control

Elements of Internal Control

For any Internal Control procedure to be effective, it is essential that the “Internal” as well as “External” risks are adequately managed. Following are some of the Internal and External Risks to be taken care of:

Internal Risks

  • Process weakness (eg. access Control systems)
  • People weakness (eg.no proper training)
  • Technology weakness (eg. Operating system controls)
  • Environmental weakness (eg. Fire control systems)

External Risks

  • Compliance requirements (eg. Various statutory laws)
  • Customer requirements (eg. Protection of customer identity)
  • Service Providers ( eg. Internet providers)

The above list is only indicative and there may be many more risks that need to be assessed depending on the type of item or service they provide.

Process weaknesses can be many since most of the transactions in an organization are automated. These weaknesses cannot come out unless we do an IT audit. To cite an example, recently we did an audit of the travel module of a company and we found out that some of the personal travels of senior people in the organization were paid by the company. On further analysis, we observed that the person is originating the request for travel in the system can also approve the same. Due to this loophole, the employee took advantage of the process weakness and the personal bills were paid by the company.

Risk Assessment

The process of identifying and analyzing risk is an ongoing process and is a critical component of an effective internal control system. Attention must be focused on risks at all levels and necessary actions must be taken to manage them.

Managing change requires a constant assessment of risk and the impact on internal controls. Mechanisms are needed to identify and react to changing conditions.

Monitoring of Internal Controls

Internal controls can be monitored by having proper checks and balances in the workplace.

On the Personnel front, the organization has to ensure proper background verifications are made for all the employees (senior or junior) before being appointed. There should be clearly established lines of authority and responsibility documented in written job descriptions and procedure manuals. Organizational charts provide a visual presentation of lines of authority and periodic updates of job descriptions ensure that employees are aware of the duties they are expected to perform.

Authorization Procedures need to include a thorough review of supporting information to verify the propriety and validity of transactions. Approval authority is to be commensurate with the nature and significance of the transactions and in compliance with Organizational policies.

Segregation of Duties reduces the likelihood of errors and irregularities. An individual is not to have responsibility for more than one of the three transaction components: authorization, custody, and record keeping. When the work of one employee is checked by another, and when the responsibility for custody for assets is separate from the responsibility for maintaining the records relating to those assets, there is appropriate segregation of duties. This helps detect errors in a timely manner and deter improper activities; at the same time, it should ensure operational efficiency and allow for effective communications.

Documentation and Record Retention is another important element under Internal Control to ensure that all information and transactions of value are accurately recorded and retained. Records are to be maintained and controlled in accordance with the established retention period and properly disposed of in accordance with established procedures and documented.

About SBS

SBS Global is an ISO 9001:2015 & ISO 27001:2013 certified company serving since 2007. SBS Global offers a comprehensive range of Outsourced Financial Accounting Services, CFO Services, Compliance (i.e., Company Secretary services) & HR Services catering to the needs of Small & Medium Organizations across industry sectors to meet their changing needs & expectations. Our team includes employees having industry & domain expertise who have insights drawn from years of professional experience.

For more details on outsourced financial accounting advisory services please visit or contact us

Comments

Post a Comment

Popular posts from this blog

How to Implement Accounting Dashboard?

An Accounting Dashboard (AD) is a powerful digital tool for business intelligence on accounting data. The best Accounting Dashboards let accounting and finance professionals save time by tracking key KPIs, reducing massive, real-time data down to vital insights at a glance, and customizing reports for an instant, robust financial understanding. With the right Accounting Dashboards in place, the Finance Manager can see revenue, costs, profit, loss, and many other guiding stars laid out at the fingertips that will help to make accurate decisions for times ahead as well as to change course promptly, if need be. The right dashboards will give the team the power to spot trends, opportunities, and growing problems and effortlessly visualize large datasets. With easy-to-parse graphical representations, the team can deliver crisp, concise C-suite presentations, and quickly analyze business performance, operational statistics, and key metrics with minimal effort. These 5 steps must be followed
Read more

SOP- FINANCIAL ACCOUNTING

Image
Business organizations today are very vast and complex. If keeping track of their daily activities itself is a challenge, managing their daily activities is an even greater challenge. Numerous transactions happen, new clients are acquired, additional engagements with existing clients are commenced, contracts are renewed/terminated as well as payments are received and made, on a daily basis. A large number of employees – having diverse character, age experience, etc.- join; employees leave, take casual leaves and change roles every day. A reputed company cannot afford disruptions in its service or deterioration of its reputation because of the daily changes that take place within the organization. That is where Standard Operating Procedures (SOPs) come into play. SOPs are a set of procedures, relevant to an organization’s domain and composed by the organization itself. They guide the organization on how to carry out its complicated day-to-day activities and what to do in case of an emer
Read more

Chief Financial Officer Top Roles and Responsibilities

Image
  As the roles and Responsibilities of most other corporate positions have changed and evolved with the passage of time and the changing business environment, the role and responsibilities of the Chief Financial Officer have changed and evolved as well. Traditionally, the CFO was considered the ‘head bookkeeper’ of the organization, responsible for collating data, preparing reports, and submitting them to the CEO. However, that is no longer the case. The Chief Financial Officer is now valued almost as much as the Chief Executive Officer of a company. The Chief Financial Officer does a lot for the welfare of the company and plays a vital role in the value creation process of the company. Let us understand the emerging role of a CFO in the current environment and its contribution to the business. read more The Emerging Role of Chief Financial Officer Due to operational difficulties and equitable distribution of workload, the position of CEO was further divided into CFO and COO positions.
Read more