The function of an accounting department is to provide timely and accurate financial reports. Internal controls of accounting are put into place to ensure accurate financial records and protect a business from fraud and other abuses. Every size business should have them in place. Small businesses are extremely susceptible to fraud because they typically have fewer employees who wear many hats.
Features of Internal Controls
Internal controls focus on two areas: standard operating procedures and segregation of duties. Standard operating procedures define how each process is to be done. Internal controls bring accountability and oversight into all of the accounting processes of a business. Segregation of duties help keep everyone accountable by not allowing one employee to be able to complete a process without any supervision or review.
Real Life Example of Poor Internal Controls
Embezzlement and fraud happen all too often in the business world. People normally start out small and then work their way up until they have stolen hundreds of thousands of dollars, which can have a crippling effect on the business. My current employer was a victim of embezzlement about a year before I started. They had purchased another company a few years before. They did not put into place proper internal controls, and were out hundreds of thousands of dollars before the person was finally caught. The employee had the ability to apply cash receipts, enter accounts payable, and cut accounts payable checks without anyone else having to get involved in the process. They ended up having to shut the company they had purchased down, causing many innocent people to lose their jobs. I cannot stress enough that internal controls are extremely important.
How to Implement Internal Controls
The first step in the process is to identify and group the major functions of accounting into specific buckets, such as general ledger, accounts payable, revenue, human resources/payroll, bank and cash, capital expenditures, and inventory. Your company may have need of more or less of these buckets, but they are a good place to start.
The second step in implementing internal controls of accounting is to review your current processes. The goal is to identify who does what and who, if anyone is a check or balance on that process. It is a good idea to explain to your employees the purpose of the process review. Do not worry about fixing any gaps in controls that you find at this point. Keep focused on identifying the current processes. You may want to purchase an internal control template to walk you through this process. The image to the right is the table of contents of the template that I use.
The third step is to identify controls that will protect the business from fraud or other abuses. Remember the goal is to make sure one or more people are involved as oversight in every process.
Example: Accounts Payable Internal Controls
Let us look at what accounts payable internal controls could look like. The standard operating procedures could be as following:
- Supplier’s invoices are dated and entered upon receipt.
Invoices are only approved for payment once the goods have been received.
Invoices must be matched against receiving documentation.
All invoices must be approved based on dollar amount by the defined overseer.
All changes to the vendor master file should be done by employees who are not involved in the approval process.
All EFTs must be approved by two senior business personnel.
This was just a brief list of what would be included in the standard operating procedure internal controls. It is up to management to ensure that they procedures are being completed for every occurrence. In addition, outside auditors will review the internal controls during an annual audit to verify compliance.
The segregation of duties internal controls could include the following:
- Who initiates purchase requisitions?
Who approves purchase requisitions?
Who is responsible for receiving the goods purchased?
Who reviews receiving reports to verify their accuracy?
Who approves access to the accounts payable program?
Who enters in A/P invoices?
Who approves them?
Who issues checks?
Who can sign the checks?
Segregation of duties for accounts payable is critical. Someone who can enter an invoice, cut a check, and sign it, can easily commit fraud. It is vital to have a different approver and a different person who issues checks, along with another person with the authority to sign them.
Internal controls are enacted as insurance against fraud and other misconduct. A company should put them into place sooner rather than later.