Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internal Controls Will Save You! (Or Save Your Money!)

Published byWillis Carpenter Modified over 9 years ago

Similar presentations

Presentation on theme: "Internal Controls Will Save You! (Or Save Your Money!)"— Presentation transcript:

1 Internal Controls Will Save You! (Or Save Your Money!)
Tiffany R. Winters, Esquire Brustein & Manasevit, PLLC Fall Forum 2013

2 Why Do We Have Internal Controls?
The Federal Managers’ Financial Integrity Act of 1982 Requires the General Accounting Office (GAO) to issue standards for internal controls in the government. GAO: Standards for Internal Controls Management and Evaluation Tool: Chief Financial Officers Act of 1990 Financial Management Systems must comply with internal control standards Federal Financial Management Improvement Act of 1996

3 Lower Audit Threshold MORE INTERNAL CONTROL FINDINGS!
Materiality threshold lowered Old: Material Weaknesses For every compliance requirement selected for audit, the auditor must assess: The likelihood of whether the agency’s internal controls can prevent and detect noncompliance that is “more than inconsequential” from occurring in a timely manner MORE INTERNAL CONTROL FINDINGS!

4 Definition of Internal Controls
OMB Circular A-133 (page 291) Internal control activities are the policies and procedures as well as the daily activities that occur within an agency to ensure effectiveness and efficiency of operations and compliance with laws. Internal controls play an important role in preventing and detecting fraud and protecting resources.

5 The Goals of Internal Controls
Safeguard assets Well designed internal controls protect assets from accidental loss or loss from fraud. Ensure the reliability and integrity of financial information Internal controls ensure that management has accurate, timely and complete information, including accounting records, in order to plan, monitor and report business operations. Ensure compliance Internal controls help to ensure the agency is in compliance with the many federal, State and local laws and regulations affecting the operations of our business.

6 The Goals of Internal Controls (cont.)
Promote efficient and effective operations Internal controls provide an environment in which supervisors and staff can maximize the efficiency and effectiveness of their operations. Accomplishment of goals and objectives of the agency Internal controls provide a mechanism for management to monitor the achievement of operational goals and objectives.

7 The Goals of Internal Controls (cont.)
Internal controls work best when they are applied to multiple divisions and deal with the interactions between the various business departments. No two systems of internal controls are identical, but many core philosophies regarding financial integrity and accounting practices have become standard management practices.

8 Types of Internal Controls
Preventive: Preventive control activities aim to deter the instance of errors or fraud. Preventive activities include thorough documentation and authorization practices. Preventive control activities prevent undesirable "activities" from happening, thus require well thought out processes and risk identification. Detective: Detective control activities identify undesirable "occurrences" after the fact. The most obvious detective control activity is reconciliation.

9 Components of Internal Controls
9

10 Control Environment Allows management and employees to maintain a positive and supporting attitude toward compliance Maintaining a level of competence that allows personnel to accomplish their assigned duties Clearly defined organizational structure Proper amounts of supervision Maintaining a good relationship with oversight agencies (like ED and OIG for example!) 10

11 Control Environment (cont.)
Examples: Well-written policies and procedures manuals Addressing employee responsibilities, limits to authority, performance standards, control procedures, conflict of interests and reporting relationships. Organizational chart Clear job descriptions Adequate training programs and performance evaluations.

12 Risk Assessment You are all at risk for noncompliance
(and probably already are noncompliant!) Determine internal and external risks to obtaining agency objectives: What could go wrong (or has gone wrong)? What assets do we need to protect? How could someone steal or disrupt operations? What information do we rely on?

13 Risk Assessment (cont.)
Examples: New personnel Experienced personnel Lack of personnel Reorganizations Cost Reduction Strategies Risks are not stagnate; they increase and change as laws and operational environments change. More Examples: Change in Laws and Regulations New Technology New Grants Competition Rapid growth

14 Risk Assessment (cont.)
Once risks are identified, conduct risk analysis: Assess the likelihood (or frequency) of risk occurring Estimate the potential impact if the risk were to occur Determine how the risk should be managed Risk High Low Judgment Required Low High Impact Most Control Least

15 Control Activity Examples
Segregating Key Responsibilities Restricting Access to Systems and Records (Authorizations / Passwords) Implementing Clear Written Policies in Key Areas Maintaining Physical Control Over Valuable Assets (Security) Maintaining Appropriate Documentation (Approvals, Record Retention) Accurate and Timely Recording of Information Check for accounting of transactions in numerical sequence

16 Example: Data Security Control Activities
Concern: Internal Controls Access to electronic records: Establish and communicate standards for screensavers and password protected screens. Set up password protected access to electronic records. Physical access to records: Do not allow electronic records to be downloaded to mobile workstations and transported outside of the office. Keep important records in lockable, fireproof storage Employee Turnover: Develop a checklist for removing access to records upon separation of an employee or upon transfer out of the unit. Develop a process and assign a point person the responsibility of administering the process for deleting access to records. Passwords: Have a prescribed standard for departmental passwords. Make them complex and enforce a policy for changing passwords periodically.

17 Information and Communications
Goal: Ensure personnel receive relevant, reliable and timely information that enables them to carry out their responsibilities. Develop procedures for identifying pertinent information and distributing it in a form and timeframe that permits people to perform their duties efficiently. All personnel must receive a clear message from top down that control responsibilities must be taken seriously. Personnel must understand how they relate to one another in the system.

18 Monitoring Goal: Assess the quality of internal controls over time and ensure any findings are promptly resolved. Ongoing program and fiscal monitoring Regular oversight by supervisors Record reconciliation Formal program reviews/audits OMB Circular A-133 audits Include policies and procedures for correcting any findings in a timely manner

19 Example: Problem with Unallowable Costs – Potential Solutions
Look at Resources/Guidance Create Checklists or Use of Funds Manual Is the cost consistent with federal cost principles? Is the cost allowable under the relevant federal program? Is the cost consistent with program specific fiscal rules? Is the cost consistent with the grant (and any special conditions placed on the grant)? Provide Training to Staff Lists of Allowable/Unallowable Costs

20 Example: Problem with Unallowable Costs – Potential Solutions
Look at the Budget Process Strengthen the application/budget process Link program elements to use of funds Drop down menu with only allowable costs Section to explain how other example costs are allowable

21 Example: Problem with Unallowable Costs – Potential Solutions
Look at Documentation/Record Trail Checklists Review polices and procedures identifying supporting documentation (as well as alternative documentation that will suffice if original is missing/destroyed) Roadmap identifying where documents should be maintained Guidance on how long documentation must be kept

22 Reliability on A-133 Audits
“We have no compliance issues, we have clean Single Audits” A-133 Audits are NOT necessarily reliable regarding compliance Not all programs are covered Depth of Review Problems with Quality Hold Firms Accountable – What did they look at? What standard was used in their determinations? Question findings. Must use Single Audits in monitoring and watch for repeat findings!

23 How To Test Your Internal Controls
Identify significant transactions Document an understanding of internal controls in place Use checklists, flowcharts, narratives or questionnaires to determine the current internal controls Select sample transactions and determine if the sample correctly flows through the internal controls system Note any deviations

24 Internal Controls Test Example
Requisition Requested Requisition approved by Program Director Requisition Approved by Finance Office Purchase Order Created Goods Delivered and Verified Invoice Sent to Accounts Payable Check Sent to Vendor Check Cleared; Money Withdrawn from Account

25 Internal Controls Test Example (cont.)
Requisition Requested Requisition approved by Program Director Requisition Approved by Finance Office Purchase Order Created Goods Delivered and Verified Invoice Sent to Accounts Payable Check Sent to Vendor Check Cleared; Money Withdrawn from Account

26 Weak Internal Controls – What Now?
Document findings Discuss the results of the walkthrough with management and inform them of any deficiencies that need immediate attention. When internal control weaknesses are determined – various options: Increase supervision and monitoring Institute additional or compensating controls Accept risk inherent with the control weakness (assuming management is aware of the weakness)

27 No. 1 Indication there is a Compliance Problem…
“Because we’ve always done it that way.”

28 Internal Control Weaknesses
Problems Magical Letters Unsigned Forms Automatic Signatures Stolen Property Employees in the News

29 If you already have great internal controls in place…
Periodically assess risks and the level of internal control required to protect assets and records related to those risks. Document the process for review, including when it will take place. Management is responsible for making sure that all staff are familiar with policies and changes in those policies.

30 The Ultimate Internal Control ~ The Disclaimer ~
This presentation is intended solely to provide general information and does not constitute legal advice. Attendance at the presentation or later review of these printed materials does not create an attorney-client relationship with Brustein & Manasevit, PLLC. You should not take any action based upon any information in this presentation without first consulting legal counsel familiar with your particular circumstances.

Download ppt "Internal Controls Will Save You! (Or Save Your Money!)"

Similar presentations

Control and Accounting Information Systems

Control and Accounting Information Systems
Agency Risk Management and Internal Control Standards Presentation to the Board of Visitors November 14, 2014.

Agency Risk Management and Internal Control Standards Presentation to the Board of Visitors November 14, 2014.
Internal Control.

Internal Control.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza

The Islamic University of Gaza
OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.

OMB Circular A-123 – Management’s Responsibility for Internal Control Policy Applicability Sources of Information Assessment, Documentation and Reporting.
Anita Hairston DOI Office of Acquisition and Property Management

Anita Hairston DOI Office of Acquisition and Property Management
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.

Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.

INTERNAL CONTROLS. Session Objectives Understand why an organization should have internal controls Understand the key components of internal controls.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.

Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING
SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.

SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.

Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Control environment and control activities. Day II Session III and IV.

Control environment and control activities. Day II Session III and IV.
Developments in High Risk Tiffany R. Winters, Esquire Brustein & Manasevit, PLLC Fall Forum 2011.

Developments in High Risk Tiffany R. Winters, Esquire Brustein & Manasevit, PLLC Fall Forum 2011.
Central Piedmont Community College Internal Audit.

Central Piedmont Community College Internal Audit.
An Educational Computer Based Training Program CBTCBT.

An Educational Computer Based Training Program CBTCBT.

Similar presentations

Ads by Google