Rose Report: Issue 9

The Value of Internal Controls

issue09-pic-story2newThe multibillion-dollar accounting scandals of the first part of the 21st century shattered public confidence, sent government regulators into a panic, and marked a turning point for the accounting profession.

No accountant will forget the collapse of Enron. Executives at the energy company had relied on loopholes, shoddy financial reporting, and complicit auditors at Arthur Andersen to pull off a fraud of historic proportions. Enron’s president landed a 24-year prison sentence and Arthur Andersen—previously one of the largest accounting firms in the world—dissolved. The WorldCom scandal arrived just months later. The story was all too familiar, with the telecom company’s accountants inflating earnings, deceiving shareholders to the tune of billions of dollars, and WorldCom’s CEO ultimately ending up behind bars.

In the immediate aftermath, Congress passed the Sarbanes-Oxley Act mandating that public companies set up internal controls to prevent future fraud. Of course, Enron and WorldCom were extreme cases, and it’s true they were behemoths led by corporate titans. But the lessons learned from their failures are universal to companies of any size with accounting departments.

Internal controls are vital to running a business, whether publicly or privately held. Accounting fraud remains a problem—in 2012, the Securities and Exchange Commission filed 79 accounting fraud and disclosure cases—but just as, if not more significant, internal controls prevent companies from making unintentional errors. Many organizations, particularly smaller ones, recoil at the cost associated with instituting formalized controls. However, the upfront expense can potentially save millions or more down the road. The right internal controls can literally mean the difference between a thriving business and bankruptcy.

“If a business owner doesn’t have accurate, timely, and meaningful financial information, then the information could be worthless.” says Ted Rose, president and CEO of Rose Financial Services. “An internal control structure is designed to ensure financial information is reliable, so the business owner has an accurate picture of how his or her company is performing. As a side benefit, it also makes detecting and deterring fraud easier.”

Among the most important internal controls is the segregating of duties. On a basic level, this means that the employee signing the checks and managing the bank account should not be the same person entering those transactions into the financial record. Dividing up these responsibilities is an important safeguard. Even small errors in the books can add up to a major distortion of an organization’s actual performance. And often, such errors are irreversible.

Companies should identify and maintain “key controls”. Key controls are the controls required to minimize the chance of a material misstatement of the financial statements. Examples include performing bank reconciliations, review of batch reports for cash receipts, invoices, and other financial records. Organizations should also conduct a variance analysis, meaning a routine examination of budgeted versus actual performance, balance sheet reconciliation, and month-to-month financial comparisons.

“The objective is developing an internal control structure that prevents material weakness, but is also cost effective,” says Rose. “That’s the balancing act.”

For some organizations, outsourcing various accounting functions to a company such as RFS will strengthen their internal controls in a more cost effective manner than hiring their own personnel, and spending the money and energy necessary to establish formalized procedures in-house. In most cases, RFS saves companies 25 to 30 percent of the cost required to set up and maintain their own internal accounting functions. Most importantly—even though setting up internal controls requires an upfront investment, the ability to avoid future mistakes can be priceless.