Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internal Controls and Best Practice Katarina Bugariu – Associate comptroller AA Roundup February 24, 2016.

Published byJemima Caldwell Modified over 8 years ago

Similar presentations

Presentation on theme: "Internal Controls and Best Practice Katarina Bugariu – Associate comptroller AA Roundup February 24, 2016."— Presentation transcript:

1 Internal Controls and Best Practice Katarina Bugariu – Associate comptroller AA Roundup February 24, 2016

2 Internal Controls Definition  Internal Control is a process designed to provide reasonable assurance regarding the achievement of objectives in the following three categories:  1) Effectiveness and Efficiency of Operations. Process are doing what they are intended to do (i.e. achieving their objectives) and doing so in an efficient manner, i.e. making good use of available resources  2) Compliance with Laws and Regulations. Actions are consistent with all applicable laws and regulations  3) Reliability of Financial Reporting. Accuracy and reliability of Financial Statements

3 Real world Summary Why Internal Controls are Important  Provides management with confidence that the entity is operating according to standards which are monitored-someone is watching.  Indicates to staff that what they are doing is important and that QUALITY is important.  Sends a signal that certain behaviors will not be tolerated.

4 Internal Controls are Common Sense  What do you worry about going wrong?  What steps have you been taken to assure it doesn’t?  How do you know things are under control?

5

6 Risk and Internal Controls  What are risks?  A risk is anything that could jeopardize:  Achieving our goals  Operating effectively and efficiently  Protecting the college’s assets from loss  Providing reliable financial data  Complying with applicable laws, policies and procedures

7 Risks and Internal Controls  Questions to ask yourself:  What can go wrong? How can we fail?  How can someone steal from us?  What policies are we most affected by?  What types of transaction in our area provide the greatest risk?  How can someone bypass the internal controls?  What potential risk areas could cause adverse publicity?

8 Conditions that Increase risk  Lack of segregation of duties  Too much trust  No Follow-up when things appear “questionable” or “not reasonable”  Lack of control over cash/petty cash  Lack of control over purchasing of materials/supplies  Lack of knowledge of policies and procedures

9 Risk and Internal Controls  Assess Risks  What is the likelihood of occurrence  What is potential impact

10

11 Risks and Internal Controls  What can go wrong in your department?  Fire breaks out  Banner/Jagnet goes down  Key employees call in sick  Media becomes aware of P-card fraud  Cash missing from departmental funds  Faculty hires family member inappropriately

12 Key Risk Areas  Federal Compliance – All types  Information Technology – Security, privacy and access  Disaster Planning / Recovery  Student / Faculty/ Employment Safety  Facilities and Construction Management

13 Types of Internal Controls  Controls can either be automated or manual  Automated Controls – Incorporated into applications logic/algorithms  Example: System automatically searches for a matching PO before paying an invoice  Manual Controls – Performed by individuals outside of the system or application  Example: Supervisor’s signature on Expense Reports

14 Types of Internal Controls  Controls can either be preventive or detective

15 Types of Internal Controls - Preventive  Preventive Controls: Built into the process or system to avoid or minimize risk. Helps make process more efficient and can reduce cost of corrective actions.  Discourage Fraud  Access controls – Only individuals with approved access can perform transactions in Banner  Access to equipment and inventories are restricted  Segregation of duties for authorizing transactions (approval), recording transactions (accounting) and handling the related access (custody)

16 Types of Internal Controls - Detective  Detective Controls: Provide a process assessment to identify potential issues for further review  Cash counts and bank reconciliations  Review payroll reports (review your payroll statement)  Review actual expenditure against budget  Physical Inventories  Audits

17

18 Types of Internal Controls  Controls – particularly related to information processing – support the following objectives or assertions  CompletenessAll transactions are processed (once and only once)  AccuracyAll transactions are processed correctly  ValidityAll transactions are authorized or approved appropriate person  RestrictivenessAccess to certain functions is restricted to appropriate persons

19 CAVR and Your Checkbook  When are reconcile your checkbook every month, you are going through the CAVR steps:  CompletenessDid the bank process all the checks that I wrote this month?  AccuracyDid the bank process all the checks correctly? The right amount?  ValidityWere all the checks processed by the bank written by me?  RestrictivenessDid someone else have access to my checkbook?

20 CAVR and the Gross Pay Register  CompletenessAll employees that should be in the system, are in the system?  AccuracyThe pay for a new hire starting in the middle of a month is correct?  ValidityAdditional pay was approved by appropriate person?  RestrictivenessPerson making changes to the employee master file is not processing payroll?

21

22

23 Components of Internal Control  To be effective, control activities must be:  Appropriate  Functioning consistently according to plan throughout the period  Cost effective, comprehensive, reasonable; and  Directly relate to the control objective

24 Testing

25 Why controls don’t always work  Inadequate knowledge of policies or governing regulations.  Inadequate segregations of duties.  Inappropriate access to assets.  Form over substance.  Control override.  Inherent limitations.

26 What is Fraud  Fraud – Typically requires 3 elements  Did something bad/wrong – misrepresentation of facts  Done intentionally  Resulted in unauthorized personal gain

27  Personal Debts  Greed  Drug Abuse  Organized Crime Incentive  Inadequate internal controls  Weak / Remote Management Opportunity  Inappropriate values  Job/company dissatisfaction Rationalization  Knowledge of systems  Skills required to undertake Capability Fraud Diamond - Explains why employees commit fraud

28 Character Traits and Mannerisms of people likely to commit fraud  Character Traits and Mannerisms of people likely to commit fraud  Unwillingness to share duties or take vacations  Employees who are overly interested in the personal lives of their co-workers  Refusal to implement internal controls or procedures.  Employees who work excessively yet keep poor accounting records  Chronic shortage of cash  Past legal problems  Addiction problems

29 How does Fraud occur?  Billing – Employee submits invoice for payment to bogus vendor or for personal expenses  Non-cash – Employee steals office supplies, stamps, business services, identity of students/staff, etc.  Expense reimbursement – Employee files expense report claiming personal travel, nonexistent meals, etc.  Skimming – Employee accepts payment from customer but does not record  Payroll – Employee takes unreported annual/sick leave, claims overtime for hours not worked, adds ghost employee to payroll, continued payment of terminated employees  Conflict of Interest (Corruption) – Board or upper level management have financial interest from or with vendors. Misuse of influence for kickbacks.

30 What you can do! When thinking about internal controls, consider the following:  Propriety of transactions  Reliability and integrity of information  Compliance with policies and government regulations  Safeguarding assets

31 What you can do!  Economy and efficiency of operations…is there a better way to do the job?  Make sure you have up-to-date policies and procedures;  Ensure authorization limits are communicated within your department;  Ensure all assets (especially cash) are safeguarded at all times;  Establish document control (especially for spreadsheets);  Ensure approval signatures are visible (legible) on all required documentation;  Make sure data is only accessible by authorized personnel;  Understand your department/function’s risks;  Establish objectives and measures for your department/function and for major programs; and  Track performance to evaluate your success!

32 Too much of a good thing  More is not necessarily better  Controls that do not work together leaving holes  Cost of duplicated or inefficient controls.  Controls that do not align with the importance of the risks  Complex and poorly implemented controls  Not understood or followed  Inconsistently applied  Control effectiveness can degrade over time  No value for money  Controls cost money  Duplication of ineffective controls do not provide benefits When looking at controls

33 Important Concepts  Internal control is a process;  It is a means to an end, not an end itself.  Internal control is effected by people; it’s not merely policy manuals and forms but people at every level of an organization.  Internal control can be expected to only provide reasonable assurance, not absolute assurance.

34 Five Key Control Activities

35 1) Segregation of Duties  Divide responsibilities between different employees so one individual doesn’t control all aspects of a transaction.  Reduce the opportunity for an employee to commit and conceal errors (intentional or unintentional) or perpetrate fraud.

36 2) Documentation Document & preserve evidence to substantiate:  Critical decisions and significant events...typically involving the use, commitment, or transfer of resources.  Transactions…enables a transaction to be traced from its inception to completion.  Policies & Procedures…documents which set forth the fundamental principles and methods that employees rely on to do their jobs.

37 3) Authorization and Approvals  Management documents and communicates which activities require approval, and by whom, based on the level of risk to the organization.  Ensure that transactions are approved and executed only by employees acting within the scope of their authority granted by management.

38 4) Security of Assets  Secure and restrict access to equipment, cash, inventory, confidential information, etc. to reduce the risk of loss or unauthorized use.  Perform periodic physical inventories to verify existence, quantities, location, condition, and utilization.  Base the level of security on the vulnerability of items being secured, the likelihood of loss, and the potential impact should a loss occur.

39 5) Reconciliation and Review  Examine transactions, information, and events to verify accuracy, completeness, appropriateness, and compliance.  Base level of review on materiality, risk, and overall importance to organization’s objectives.  Ensure frequency is adequate enough to detect and act upon questionable activities in a timely manner. Timing of reconciliations and monitoring

40 Today, tomorrow and the next day  Think about CAVR when ever you are providing analysis or developing policies or implementing programs  Beware of the pitfalls – more is not always better, controls must be maintainable  Think about the things that worry you in your job and try to think of how internal controls could help elevate your worry.

41

Download ppt "Internal Controls and Best Practice Katarina Bugariu – Associate comptroller AA Roundup February 24, 2016."

Similar presentations

INTERNAL CONTROLS.

INTERNAL CONTROLS.
Internal Controls What are they? Why should I care?

Internal Controls What are they? Why should I care?
FRAUD EXAMINATION ALBRECHT, ALBRECHT, & ALBRECHT

FRAUD EXAMINATION ALBRECHT, ALBRECHT, & ALBRECHT
Internal Controls What Are They And Why Should I Care? 1.

Internal Controls What Are They And Why Should I Care? 1.
Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Reconciliation Best Practices May 22, 2014 Tricia Cook Budget & Fiscal Director Research and Economic Development Montana State University.

Reconciliation Best Practices May 22, 2014 Tricia Cook Budget & Fiscal Director Research and Economic Development Montana State University.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza

The Islamic University of Gaza
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Accountability and Grants Management:

Accountability and Grants Management:
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.

Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
Chapter 12 Auditing the Human Resource Management Process McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.

Chapter 12 Auditing the Human Resource Management Process McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Presented By: Donna Denker, CPA Donna Denker & Associates.

Presented By: Donna Denker, CPA Donna Denker & Associates.
1 Dept of Finance & Management. 2  In January 2005, the Department of Finance & Management embarked on a statewide initiative to strengthen internal.

1 Dept of Finance & Management. 2  In January 2005, the Department of Finance & Management embarked on a statewide initiative to strengthen internal.
Lets start the day with a quick refresh

Lets start the day with a quick refresh
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.

INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Similar presentations

Ads by Google