Company Policy For Internal Control Should Include All Of The Following Except For Which One?

Fraud, Internal Controls, and Cash

45 Define and Explain Internal Controls and Their Purpose inside an System

Internal controls are the systems used by an system to manage risk and diminish the occurrence of fraud. The internal control structure is made up of the command environment, the bookkeeping system, and procedures called control activities. Several years agone, the Committee of Sponsoring Organizations (COSO), which is an independent, private-sector group whose 5 sponsoring organizations periodically identify and address specific bookkeeping problems or projects, convened to accost the issue of internal control deficiencies in the operations and accounting systems of organizations. They subsequently published a report that is known as COSO's Internal Control-Integrated Framework. The five components that they determined were necessary in an constructive internal control system brand up the components in the internal controls triangle shown in (Figure).

The Internal Control Environment. (attribution: Copyright Rice University, OpenStax, nether CC BY-NC-SA 4.0 license)

Triangle with Internal Controls at the top, then each level going down is: Control of environment, Assessment of risk, Control of operational activities, Monitoring of control processes, and at the base is Accurate communication of information.

Here we address some of the practical aspects of internal control systems. The internal control organisation consists of the formal policies and procedures that do the post-obit:

ensure assets are properly used
ensure that the bookkeeping system is functioning properly
monitor operations of the organization to ensure maximum efficiency
ensure that assets are kept secure
ensure that employees are in compliance with corporate policies

A properly designed and functioning internal control system will not eliminate the risk of loss, but information technology will reduce the adventure.

Different organizations face different types of risk, simply when internal command systems are lacking, the opportunity arises for fraud, misuse of the system'due south assets, and employee or workplace corruption. Part of an accountant's function is to understand and aid in maintaining the internal control in the organization.

Internal control keeps the assets of a company safe and keeps the company from violating any laws, while fairly recording the financial activity of the company in the accounting records. Proper accounting records are used to create the financial statements that the owners apply to evaluate the operations of a company, including all company and employee activities. Internal controls are more than just reviews of how items are recorded in the visitor'south accounting records; they also include comparing the accounting records to the actual operations of the company.

For instance, a cinema earns most of its profits from the auction of popcorn and soda at the concession stand up. The prices of the items sold at the concession stand are typically high, even though the costs of popcorn and soda are low. Internal controls allow the owners to ensure that their employees do not give away the profits by giving away sodas and popcorn.

If you were to go to the concession stand and ask for a cup of water, typically, the employee would give yous a articulate, small plastic cup called a courtesy cup. This internal control, the small plastic cup for nonpaying customers, helps align the accounting system and the theater's operations. A movie theater does not use a system to directly account for the sale of popcorn, soda, or ice used. Instead, it accounts for the containers. A point-of-auction organization compares the number of soda cups used in a shift to the number of sales recorded in the system to ensure that those numbers match. The aforementioned procedure accounts for popcorn buckets and other containers. Providing a courtesy loving cup ensures that customers drinking free water do not use the soda cups that would crave a corresponding sale to appear in the signal-of-sale organization. The cost of the popcorn, soda, and water ice will be recorded in the accounting system as an inventory item, but the internal control is the comparing of the recorded sales to the number of containers used. This is just one blazon of internal control. Equally we hash out the internal controls, nosotros see that the internal controls are used both in bookkeeping, to provide information for direction to properly evaluate the operations of the visitor, and in business operations, to reduce fraud.

It should be clear how important internal control is to all businesses, regardless of size. An effective internal command system allows a business to monitor its employees, merely it also helps a visitor protect sensitive customer information. Consider the 2017 massive information breach at Equifax that compromised information of over 143 million people. With proper internal controls functioning as intended, there would accept been protective measures to ensure that no unauthorized parties had access to the data. Not just would internal controls prevent outside admission to the data, simply proper internal controls would protect the data from corruption, damage, or misuse.

Bank Fraud in Enid, Oklahoma

The retired mayor of Enid, Oklahoma, Ernst Currier, had a job equally a loan officer and then as a senior vice president at Security National Bank. In his depository financial institution job, he allegedly opened 61 fraudulent loans. He used the identities of at to the lowest degree 9 real people besides as eight fictitious people and stole almost $vi.2 million.^one He was sentenced to 13 years in prison on 33 felony counts.

Currier was able to circumvent i of the most important internal controls: segregation of duties. The American Institute of Certified Public Accountants (AICPA) states that segregation of duties "is based on shared responsibilities of a primal procedure that disperses the critical functions of that process to more one person or department. Without this separation in key processes, fraud and mistake risks are far less manageable."² Currier used local residents' identities and created simulated documents to open loans for millions of dollars so collect the funds himself, without any oversight by any other employee. Creating these loans allowed him to walk upward to the banking company vault and take cash out of the bank without anyone questioning him. There was no segregation of duties for opening loans, or if there was, he was able to easily override those internal controls.

How could internal controls accept helped preclude Currier'due south bank fraud in Enid, Oklahoma?

Solution

Simply having someone else confirm the beingness of the borrower and make the payment for the loan directly to the borrower would have saved this small bank millions of dollars.

Consider a bank that has to track deposits for thousands of customers. If a fire destroys the building housing the banking company's servers, how can the banking concern find the balances of each customer? Typically, organizations such as banks mirror their servers at several locations around the world as an internal control. The bank might have a principal server in Tennessee merely besides mirror all information in real time to identical servers in Arizona, Montana, and fifty-fifty offshore in Iceland. With multiple copies of a server at multiple locations across the country, or even the world, in the consequence of disaster to one server, a backup server tin can take control of operations, protecting customer information and fugitive any service interruptions.

Internal controls are the bones components of an internal control system, the sum of all internal controls and policies within an arrangement that protect assets and data. A properly designed system of internal controls aims to ensure the integrity of assets, allows for reliable accounting information and financial reporting, enhances efficiency within an system, and provides guidelines and possible consequences for dealing with breaches. Internal controls bulldoze many decisions and overall operational procedures within an organization. A properly designed internal command system volition not prevent all loss from occurring, but it volition significantly reduce the risk of loss and increment the run a risk of identifying the responsible party.

Fraud Controls for Grocery Stores

All businesses are concerned with internal controls over reporting and assets. For the grocery industry this business organisation is even greater, because turn a profit margins on items are so small-scale that whatsoever lost opportunity hurts profitability. How tin an private grocery store develop effective controls?

Consider the two biggest items that a grocery shop needs to command: food (inventory) and cash. Inventory controls are set up to stop shrinkage (theft). While it is non profitable for each aisle to be patrolled by a security guard, cameras throughout the store linked to a primal location allow security staff to observe customers. More than controls are placed on cash registers to prevent employees from stealing cash. Cameras at each register, cash counts at each shift change, and/or a supervisor who observes cashiers are some potential internal control methods. Grocery stores invest more than resources in decision-making cash because they take determined information technology to be the greatest opportunity for fraudulent activeness.

The Role of Internal Controls

The accounting organisation is the backbone of any business organization entity, whether it is profit based or not. It is the responsibility of management to link the accounting system with other functional areas of the concern and ensure that there is advice among employees, managers, customers, suppliers, and all other internal and external users of fiscal information. With a proper understanding of internal controls, management can pattern an internal control organisation that promotes a positive business concern environs that can most effectively serve its customers.

For example, a client enters a retail store to buy a pair of jeans. As the cashier enters the jeans into the point-of-sale arrangement, the post-obit events occur internally:

A sale is recorded in the company's journal, which increases acquirement on the income argument. If the transaction occurred by credit card, the bank typically transfers the funds into the shop's banking concern account in a timely manner.
The pair of jeans is removed from the inventory of the store where the purchase was made.
A new pair of jeans is ordered from the distribution center to supervene upon what was purchased from the store's inventory.
The distribution center orders a new pair of jeans from the factory to replace its inventory.
Marketing professionals tin can monitor over time the trend and book of jeans sold in a specific size. If an increase or decrease in sales volume of a specific size is noted, shop inventory levels can exist adjusted.
The company can see in real time the exact inventory levels of all products in all stores at all times, and this can ensure the all-time customer access to products.

Because many systems are linked through engineering that drives decisions made past many stakeholders inside and outside of the organization, internal controls are needed to protect the integrity and ensure the flow of information. An internal control organization too assists all stakeholders of an system to develop an understanding of the organization and provide assurance that all avails are being used efficiently and accurately.

Environment Leading to the Sarbanes-Oxley Human activity

Internal controls take grown in their importance equally a component of most business decisions. This importance has grown equally many company structures accept grown in complexity. Despite their importance, not all companies take given maintenance of controls top priority. Additionally, many small-scale businesses do not take adequate understanding of internal controls and therefore utilize inferior internal control systems. Many big companies have nonformalized processes, which can lead to systems that are non as efficient as they could be. The failure of the SCICAP Credit Union discussed earlier is a direct result of a small-scale financial institution having a substandard internal control system leading to employee theft. Ane of the largest corporate failures of all time was Enron, and the failure tin can be straight attributed to poor internal controls.

Enron was one of the largest energy companies in the earth in the late twentieth century. However, a decadent management attempted to hibernate weak financial operation past manipulating acquirement recognition, valuation of assets on the balance canvas, and other financial reporting disclosures and so that the company appeared to accept significant growth. When this practise was uncovered, the owners of Enron stock lost $twoscore billion equally the stock toll dropped from $91 per share to less than $1 per share, as shown in (Figure).³ This failure could have been prevented had proper internal controls been in place.

For case, Enron and its accounting firm, Arthur Andersen, did not maintain an adequate caste of independence. Arthur Andersen provided a significant amount of services in both auditing and consulting, which prevented them from approaching the audit of Enron with a proper caste of independence. Too, among many other violations, Enron avoided the proper utilise of several acceptable reporting requirements.

Modify in Enron Stock Price. The Enron scandal was one of the largest frauds in the history of modernistic business concern. Information technology was the main fraud that was responsible for creation of the Sarbanes-Oxley Deed as well as the Public Company Bookkeeping Oversight Board (PCAOB). (attribution: Copyright Rice University, OpenStax, nether CC BY-NC-SA iv.0 license)

Chart showing the price of Enron Stock starting at $91 on August 23, 2000 and going sporadically down to just above $0 by December 23, 2001. It remains at just above $0 until the end of the graph at January 11, 2002.

As a effect of the Enron failure and others that occurred during the same time frame, Congress passed the Sarbanes-Oxley Act (SOX) to regulate practice to manage conflicts of analysts, maintain governance, and impose guidelines for criminal comport equally well as sanctions for violations of behave. It ensures that internal controls are properly documented, tested, and used consistently. The intent of the act was to ensure that corporate financial statements and disclosures are accurate and reliable. It is of import to note that SOX simply applies to public companies. A publicly traded company is one whose stock is traded (bought and sold) on an organized stock exchange. Smaller companies still struggle with internal command development and compliance due to a variety of reasons, such as cost and lack of resources.

Major Accounting Components of the Sarbanes-Oxley Act

As it pertains to internal controls, the SOX requires the certification and documentation of internal controls. Specifically, the human action requires that the auditor practise the following:

Issue an internal control study following the evaluation of internal controls.
Limit nonaudit services, such as consulting, that are provided to a client.
Rotate who can lead the audit. The person in charge of the inspect can serve for a period of no longer than seven years without a interruption of two years.

Additionally, the work conducted by the auditor is to be overseen by the Public Visitor Bookkeeping Oversight Lath (PCAOB). The PCAOB is a congressionally established, nonprofit corporation. Its cosmos was included in the Sarbanes-Oxley Act of 2002 to regulate conflict, control disclosures, and ready sanction guidelines for any violation of regulations. The PCAOB was assigned the responsibilities of ensuring independent, accurate, and informative audit reports, monitoring the audits of securities brokers and dealers, and maintaining oversight of the accountants and accounting firms that audit publicly traded companies.

Any employee found to violate SOX standards can exist subject to very harsh penalties, including $5 meg in fines and up to 20 to 25 years in prison. The penalty is more severe for securities fraud (25 years) than for post or wire fraud (twenty years).

The SOX is relatively long and detailed, with Section 404 having the virtually application to internal controls. Nether Section 404, direction of a company must perform annual audits to assess and document the effectiveness of all internal controls that accept an impact on the financial reporting of the organization. Also, selected executives of the firm under inspect must sign the inspect report and state that they attest that the audit adequately represents the financial records and conditions of the company.

The fiscal reports and internal control system must exist audited annually. The price to comply with this deed is very high, and at that place is debate equally to how effective this regulation is. 2 chief arguments that accept been made confronting the SOX requirements is that complying with their requirements is expensive, both in terms of price and workforce, and the results tend not to be conclusive. Proponents of the SOX requirements do not accept these arguments.

One available potential response to mandatory SOX compliance is for a visitor to decertify (remove) its stock for trade on the available stock exchanges. Since SOX affects publicly traded companies, decertifying its stock would eliminate the SOX compliance requirement. All the same, this has not proven to be a viable option, primarily because investors enjoy the protection SOX provides, especially the requirement that the companies in which they invest undergo a certified audit prepared by CPAs employed past national or regional bookkeeping firms. Too, if a company takes its stock off of an organized stock exchange, many investors assume that a visitor is in problem financially and that it wants to avoid an audit that might detect its bug.

The Growing Importance of the Report on Internal Controls

Internal controls have become an important aspect of financial reporting. As part of the financial statements, the auditor has to issue a report with an stance on the fiscal statements, as well every bit internal controls. Utilize the internet and locate the annual report of a company, specifically the study on internal controls. What does this report tell the user of financial information?

Solution

The annual report informs the user near the fiscal results of the company, both in discussion by direction likewise as the financial statements. Part of the financial statements involves an independent auditor's report on the integrity of the financial statements likewise equally the internal controls.

Many companies have their own internal auditors on staff. The part of the internal auditor is to examination and ensure that a company has proper internal controls in identify, and that they are functioning. Read about how the internal audit works from I.Southward. Partners to larn more than.

Primal Concepts and Summary

A system of internal control is the policies combined with procedures created by management to protect the integrity of avails and ensure efficiency of operations.
The organisation prevents losses and helps management maintain an effective means of performance.

(Effigy)Internal control is said to exist the backbone of all businesses. Which of the post-obit is the best description of internal controls?

Internal controls ensure that the financial statements published are correct.
The only role of internal controls is to protect customer data.
Internal controls and company policies are important to protect and safeguard avails and to protect all company information and are designed to protect the visitor from fraud.
Internal controls are designed to keep employees from committing fraud against the company.

(Figure)Why is information technology important to have a very sound and well-developed internal command structure?

(Figure)The it departments of all companies have pregnant and important roles in the internal control systems. Discuss them and their importance.

Protect data from corruption or harm. Have their servers mirrored at various locations around the world. Ensure that no unauthorized parties have access to the data. Ensure that all transactions are entered into the bookkeeping organisation properly and accurately. If fraud or illegal access to information occurs, a skillful internal command will help place the responsible party or parties.

(Effigy)What are the functions of the internal control?

Footnotes

1 Jack Money. "Fraudulent Loans Lead to Enid Banker'due south Abort on Numerous Felony Complaints." The Oklahoman. November 15, 2017. https://newsok.com/commodity/5572195/fraudulent-loans-lead-to-enid-bankers-arrest-on-numerous-felony-complaints
2 American Institute of Certified Public Accountants (AICPA). "Segregation of Duties." n.d. https://www.aicpa.org/interestareas/informationtechnology/resources/value-strategy-through-segregation-of-duties.html
three Douglas O. Linder, ed. "Enron Historical Stock Toll." Famous Trials. n.d. https://www.famous-trials.com/images/ftrials/Enron/documents/enronstockchart.pdf

Glossary

Commission of Sponsoring Organizations (COSO): contained, private-sector group whose 5 sponsoring organizations periodically identify and accost specific accounting issues or projects related to internal controls

internal control system: sum of all internal controls and policies within an organization that protect assets and data

internal controls: systems used by an organization to manage gamble and diminish the occurrence of fraud, consisting of the command environs, the bookkeeping system, and control activities

publicly traded visitor: company whose stock is traded (bought and sold) on an organized stock exchange

Public Company Accounting Oversight Board (PCAOB): organization created under the Sarbanes-Oxley Deed to regulate conflict, control disclosures, and ready sanction guidelines for any violation of regulation

Sarbanes-Oxley Act (SOX): federal law that regulates business practices; intended to protect investors past enhancing the accuracy and reliability of corporate financial statements and disclosures through governance guidelines including sanctions for criminal conduct

Company Policy For Internal Control Should Include All Of The Following Except For Which One?,

Source: https://opentextbc.ca/principlesofaccountingv1openstax/chapter/define-and-explain-internal-controls-and-their-purpose-within-an-organization/

Posted by: bastaracheprostand.blogspot.com