Internal Control Procedures to Safeguard Resources Against Theft and Fraud
What are Internal Controls?
Internal controls are the policies and procedures implemented by a business to protect its assets, ensure the accuracy of its accounting records, promote operational efficiency, and encourage adherence to company policies. They are crucial for safeguarding resources against theft and fraud.
KEY TAKEAWAY: Internal controls are the backbone of financial security and reliability within a business.
Objectives of Internal Controls:
- Safeguarding Assets: Protecting assets from theft, misuse, and damage.
- Ensuring Accuracy and Reliability of Accounting Data: Maintaining accurate and reliable financial records.
- Promoting Operational Efficiency: Optimizing the use of resources.
- Encouraging Adherence to Company Policies: Ensuring employees follow established procedures.
Types of Internal Control Procedures
1. Physical Controls
These controls involve physical security measures to protect assets.
- Securing Inventory: Storing inventory in locked rooms or cages with limited access.
- Cash Handling Procedures: Using cash registers, limiting access to cash drawers, and regularly reconciling cash balances.
- Security Systems: Installing alarm systems, surveillance cameras, and security personnel.
- Restricting Access: Implementing access codes, passwords, and security badges to limit entry to authorized personnel only.
2. Segregation of Duties
Dividing responsibilities among different employees to prevent fraud and errors.
- Authorization, Custody, and Recording: Separating the functions of authorizing transactions, having custody of assets, and recording transactions. For example:
- One employee orders inventory (authorization).
- Another employee receives and stores the inventory (custody).
- A third employee records the inventory purchase in the accounting system (recording).
COMMON MISTAKE: Failing to segregate duties, which creates opportunities for fraud and errors to go undetected.
3. Documentation Controls
Maintaining proper documentation to provide a trail of evidence for all transactions.
- Prenumbered Documents: Using prenumbered invoices, purchase orders, and checks to ensure all transactions are accounted for.
- Supporting Documentation: Requiring supporting documents (e.g., receipts, invoices) for all transactions.
- Regular Reconciliation: Regularly reconciling bank statements, inventory records, and other accounts.
- Audit Trails: Maintaining a clear audit trail of all transactions, allowing for easy tracing of transactions.
4. Authorisation Controls
Ensuring that all transactions are properly authorized before they are processed.
- Approval Limits: Setting approval limits for different levels of management.
- Signatures: Requiring signatures on checks and other important documents.
- Verification: Verifying the accuracy and completeness of transactions before approval.
5. Independent Verification
Regularly checking the work of others to ensure accuracy and detect errors.
- Internal Audits: Conducting periodic internal audits to review the effectiveness of internal controls.
- External Audits: Hiring external auditors to provide an independent assessment of the company’s financial statements.
- Management Review: Regularly reviewing financial reports and performance metrics.
Internal Controls Specific to Cash
Cash is particularly vulnerable to theft and fraud, so robust controls are essential.
- Daily Banking: Depositing cash receipts daily to minimize the amount of cash on hand.
- Cash Registers: Using cash registers to record all cash sales and reconcile cash drawers at the end of each day.
- Lockbox System: Using a lockbox system where customers mail payments directly to the bank.
- Petty Cash Fund: Establishing a petty cash fund for small expenses, with a designated custodian and strict rules for reimbursements.
- Bank Reconciliations: Regularly reconciling bank statements with the company’s cash records.
Internal Controls Specific to Inventory
Inventory is another asset that requires careful control.
- Physical Inventory Counts: Conducting regular physical inventory counts to verify the accuracy of inventory records.
- Inventory Management System: Using an inventory management system to track inventory levels and movements.
- Secure Storage: Storing inventory in a secure location with limited access.
- Purchase Orders: Using purchase orders to authorize all inventory purchases.
- Receiving Reports: Preparing receiving reports to document the receipt of inventory.
The Importance of Ethical Behavior
Internal controls are more effective when employees act ethically.
- Code of Ethics: Establishing a code of ethics to guide employee behavior.
- Training: Providing ethics training to employees.
- Whistleblower Policy: Implementing a whistleblower policy to encourage employees to report suspected fraud or misconduct.
- Tone at the Top: Management setting a strong ethical tone at the top of the organization.
VCAA FOCUS: VCAA often assesses the effectiveness of different internal controls in preventing theft and fraud, and the ethical considerations related to implementing and maintaining these controls.
Limitations of Internal Controls
- Cost: Implementing and maintaining internal controls can be costly.
- Human Error: Internal controls can be circumvented by human error or collusion.
- Management Override: Management can override internal controls for personal gain.
- Changing Conditions: Internal controls may become ineffective as business conditions change.
EXAM TIP: When evaluating internal controls, consider their costs and benefits, and recognize that no system is foolproof.
Examples of Internal Controls in Action
| Control Procedure |
Example |
Purpose |
| Segregation of Duties |
Different employees handle ordering, receiving, and paying for inventory. |
Prevents one person from stealing inventory and covering it up. |
| Physical Controls |
Storing valuable inventory in a locked room with surveillance cameras. |
Deters theft and provides evidence if theft occurs. |
| Documentation Controls |
Using prenumbered invoices and purchase orders. |
Ensures all transactions are recorded and accounted for. |
| Authorisation Controls |
Requiring management approval for all purchases over a certain amount. |
Prevents unauthorized purchases. |
| Independent Verification |
Conducting regular internal audits to review financial records and internal controls. |
Identifies weaknesses in internal controls and detects errors or fraud. |
| Cash Handling Procedures |
Daily reconciliation of cash register totals with actual cash on hand. |
Detects and prevents cash theft. |
| Ethical Behavior |
Implementing a whistleblower policy to encourage employees to report suspected fraud. |
Creates a culture of honesty and accountability. |
STUDY HINT: Create a table like the one above with different internal control procedures and examples to help you understand how they work in practice.
Impact of Technology on Internal Controls
Technology has significantly impacted internal controls.
- Accounting Software: Automated accounting software can improve the accuracy and efficiency of financial record-keeping.
- Data Analytics: Data analytics can be used to identify unusual patterns and potential fraud.
- Cybersecurity: Cybersecurity measures are essential to protect financial data from cyberattacks.
- Cloud Computing: Cloud computing can improve data accessibility and security, but it also requires careful management of access controls.
APPLICATION: Many businesses use accounting software with built-in internal controls, such as automated segregation of duties and audit trails.
In summary, effective internal controls are essential for safeguarding resources against theft and fraud. By implementing a combination of physical controls, segregation of duties, documentation controls, authorisation controls, independent verification, and promoting ethical behavior, businesses can minimize their risk of financial loss and maintain the integrity of their financial records.
