The purpose of this paper is to review the existing internal controls in an office setting while determining whether strengthening controls can reduce misstatements or fraudulent activity. Furthermore, the paper will, also, clarify how identifying strengths, limitations, and weaknesses in existing controls can assist to recognize recommendations for Information Technology (IT), Accounting and Entry level controls. In respect to the views of Giles (2013), each business possesses its own exceptional set of risks and circumstances, which influences the development and implementation of the proposed internal controls.
It is always a prudent idea that before establishing which set of controls the businesses requires implementing, officers should be engaged to evaluate the errors or risk of fraud happening and going undiscovered. In fact according to the assertions of Button and Gee (2013), fraud is greater risk than most people perceive it. A lot of growing businesses around the world have to deal with different threats of economic changes, the escalating costs of human resources and/or goods, and competition. However, fraud remains the greatest threat that can deplete the resources of a business in just a short time. It is, therefore, significant that businesses design, develop and implement the kinds of internal controls that can help combat the risk of fraud and any other errors that can create losses to the business.
It is essential that a business whether small or large considers implementing appropriate internal controls. This is because effective internal controls enhance the potential of a business to go public. Internal controls can assist in preventing the occurrence of fraud and therefore, solve problems that would arise out of such activities. Since effective internal controls ensure that only correct financial statements are received, any potential problem related to financial mismanagement can be averted (Moeller, 2013). Internal controls are, also, essential incentives for encouraging outside parties like accounting firms, bankers and investors to work together with the business. The increasing awareness of fraud incidents has influenced investors as well as other companies to be keen on internal control irrespective of whether the business is small, medium or big. Accurate financials, embezzlement detection and prevention of fraud are some of main reasons for following effective practices of internal control.
Existing Internal Controls in an Office Setting
Segregation of Duties
One of the most common approaches, which most business owners embrace in order to detect and fight fraudulent activities is ensuring that employees strictly follow the laid down policies and procedures. Proper implementation of segregation of duties greatly decreases the likelihood that business employees might indulge in questionable practices while performing their normal duties (Giles, 2013). In respect to segregation of duties, most businesses examine duties after classifying them in three main categories:
- Safekeeping of assets
- Authorization transactions that, in one way or another, concerns those assets
- Effective recording of transactions that are related
What most businesses to eliminate risks do is to ensure that no single employee handles responsibilities in more than one of the functions listed above. This internal control, therefore, prevents employees from being accountable for more than one function. However, it is prudent that, in the process of implementing segregation of duties, the concerned officers scrutinize the level of the potential risk with a lot of care. In the financial sector, most businesses consider outsourcing to competent bookkeeping firms (Button & Gee, 2013). Besides, they can engage any other accounting technology expert on a regular basis in order to maintain the effectiveness of segregation of duties. For instance, some of them may consider hiring a part-time employee whose responsibility strictly entails payroll processing. Such an employee can also handle a few other detached tasks like entering bills or creation of invoices.
Monitoring is another existing internal control practice that most businesses prefer embracing. Identification of risks and implementation of control procedures cannot be sufficient enough to provide protection to the assets and result into reliable financial data without employees obeying the established policies and procedures. In the course of pursuing monitoring as an internal control practice, officers in charge of various departments and other supervision activities require conducting reviews of the available accounting and documentation records on a regular basis (Biegelman & Bartow, 2012). This enables such officers to ensure that employees do not deviate from the designed control practices. While implementing internal controls such as monitoring; for instance, it is always advisable to honor the feedback regarding the issues observed by employees. This is because, in some cases, certain control practices may look like appropriate solution to the present risk, but the moment implementation begins, it causes other inefficiencies. On the other hand, some activities may not show any need for control measures, yet intense analytic procedures may pinpoint areas where control should be.
Use of Cash Receipts
Embracing cash receipts is one of the most common internal control measures that most business owners find valuable. However, before officers can implement certain internal controls such as this one, they require having knowledge of the duties that each employee performs. They, also, require having knowledge of where, how and when collection of cash happens. In respect to the use of receipts, business owners and managers prefer centralized collection units for the cash. They ensure that fewer employees collect cash from fewer locations to lessen opportunities for theft occurring and be able to offer better accountability over the collected cash (Biegelman & Bartow, 2012). Another consideration made by business owners in respect to the use of cash receipt is ensuring that employees use separate cash drawers during cash collection. This ensures that every employee in charge of cash collection gets an individual opportunity to account on their own. The reason for this kind of control is that even honest employees can experience the temptation upon seeing huge amounts of money right there with them.
Red Flags for Fraud
Most owners of small businesses have the knowledge that some situations of work result into an environment that can easily provoke a fraudulent activity. They therefore try controlling such working conditions in the attempt to reduce opportunities that can accommodate fraud (Biegelman & Bartow, 2012). These business owners ensure that employees are compensated well. They require employees to have adequate training in line with their duties. They ensure that officials charged with management responsibilities are committed to controls as stipulated in the business policy document. They ensure that all areas of work are well organized. They pay attention to every detail of the business. They also identify key employees, vendors or customers and maintain close association with them. Finally, business owners ensure that their employees’ work is reviewed on a regular basis.
Review and Oversight
This is one of the most common internal control practices that most business owners find essential to embrace. Most of these business owners understand that the environment for doing business keeps on changing from time to time; they, therefore, have to review the internal control policies in order to make necessary adjustments that would prevent mistakes, errors, or fraudulent activities. For instance, some of the changes that such business owners embrace in the course of reviewing and conducting oversight of the internal control procedures as observed by Button an Gee (2013) include: (a) making appropriate changes in the training level of the staff or personnel in charge of accounting; (b) making necessary adjustments in the number of staff charged with accounting responsibilities; (c) making necessary improvement in the existing accounting software and/or embracing the available new technology like online banking to improve and safeguard financial processes.
Safeguarding of Assets
Safeguarding of assets is one of the easiest and most common internal control practices that most business owners and managers do not neglect. In respect to this internal control measure, business owners encourage employees and supervisors to ensure doors are locked to protect or safeguard file cabinets, registers, blank checks, offices and many more. They consider restricting access of employees to certain areas of the business premises. The install firewalls and passwords on computers to protect sensitive information (Button & Gee, 2013). They conduct background inspections for all the hired employees. They encourage the use of security cameras in order to deter criminal and fraudulent activities. They pay a lot of attention to the complaints made by vendors or customers as they could indicate a serious problem. All these internal control practices including the ones highlighted earlier on in this paper are significant tools for providing assistance in reducing and controlling fraudulent activities or misstatements in business.
Strengths in existing internal controls
Internal controls assist business owners, managers and supervisors to construct a comprehensive control environment in their business. Such controls have the capacity to protect business assets from accidents, misuse and theft (Pitt, 2014). Internal controls encourage the implementation of management policies and procedures so that a business can achieve corporate goals. Internal controls can act as sources of factual and correct information that can assist senior management to design effective plans. Internal controls such as segregation of duties improves the ability of business owners to regulate their employees’ work thereby boosting their effectiveness. Internal controls enable business owners and managers to improve the reliability and accuracy of books of account and financial statements (Button & Gee, 2013). Through implementation of internal controls, auditors are able to detect all frauds, errors or misstatements that may have been committed in the accounting books. An additional strength of internal controls is that they enable staffs to have moral pressure; therefore, directing them towards observing policies and procedures while performing their duties.
Limitations and weaknesses in existing internal controls
A business may develop a culture, which does not strengthen the significance of internal controls. In some cases employees may fail to follow the correct procedures and take short-cuts while performing their duties (Pitt, 2014). Lack of knowledge, poor judgment or carelessness by staff may limit the effectiveness of internal controls. In terms of electronic security controls, there is no adequate control accorded to super user accounts. In terms of new financial systems, the process of integrating financial system is still underway. This reduces the effectiveness and efficiency of business operations. Most of the processes of internal controls cannot reflect the changing conditions of business operations and therefore fail to prevent risks that may arise in future (Pitt, 2014). In respect to manual processing controls, there has been inadequate segregation of duties. This enhances the risk of some data values remaining, or errors remaining unchecked.
Recommendations for Information Technology (IT), Accounting and entry level controls
- Management require being responsive enough to any internal control weakness that they identify, and be able to the business owners and other relevant authorities (Moeller, 2013).
- Businesses should have manuals of financial management practice, which should reflect its current practice.
- The management requires conducting regular reviews of likely risks and errors that may create negative impacts on business operations (Moeller, 2013).
- During induction, internal control processes should be included as part of the training for all employees.
- Business owners together with management should conduct reviews on a regular updates and reviews of internal financial, operational and other relevant processes.
It is always a prudent idea that before establishing which set of controls the businesses requires implementing, officers should be engaged to evaluate the errors or risk of fraud happening and going undiscovered. Some of the existing internal controls include segregation of duties, monitoring, and use of cash receipts, red flags for fraud, review and oversight, and safeguarding of assets. Internal controls assist business owners, managers and supervisors to construct a comprehensive control environment in their business. Such controls have the capacity to protect business assets from accidents, misuse and theft. Lack of knowledge, poor judgment or carelessness by staff is one of the weaknesses that may limit the effectiveness of internal controls.