A Publication of WTVP

How strong are the internal controls in your organization?

Three Arrested on Charges of Defrauding City. Employee Accused of Stealing More Than $25K from Company. Former County Deputy Accused of Grand Theft and Money Laundering. Do these headlines sound familiar?

Fraud in the workplace continues to be a hot topic in the news. We’ve heard countless stories involving individuals who have managed to find a loophole, often with their schemes going unnoticed for weeks, months or sometimes even years before being discovered. Have wayward employees learned to better circumvent the system, or have workplace safeguards grown weaker? Whichever the case may be, developing and enforcing strong internal controls is key to better preventing and detecting fraud.

Unfortunately, many employers don’t understand the importance of internal controls or where their corporation may be lacking until it is too late. It’s a far-too-common tale: company management thinks of internal controls as a foreign concept and fraud as an issue out of sight and out of mind—until something goes horribly wrong. By the time the fraud has been discovered, it is already too late—the damage has been done.

Often, internal controls are thought of as something of concern only to auditors. However, company management must understand the importance of having these controls in place and how they are essential to protecting the organization. So what exactly are internal controls?

An excellent metaphor to explain internal controls is a lockbox or a safe. Could someone manage to break into a locked safe? While it’s possible, it would most likely take a great deal of thought and effort to do so. Strong internal controls are very similar. They are safety measures put in place to help protect the organization’s assets, encourage incorruptibility and deter fraudulent activity. The strongest internal control environments are typically comprised of the following components:

Most fraud cases are inside jobs—the result of insufficient controls within the organization. This is why it is essential that management understand the importance of having strong internal controls in place, as well as the risks in circumventing them and the consequences of abusing them.

Poor internal controls can affect multiple areas within an organization. For instance, financial performance can become inaccurate or difficult to track or forecast. Also, lack of attention to security can cause privacy concerns, providing unauthorized access to sensitive information, including financial records or customer data. Without safeguards in place, an organization opens itself up to theft or misappropriation of assets by employees.

By focusing on the effectiveness of internal controls and implementing a comprehensive set of policies and procedures, a company can mitigate its liability to these risks. Employees should be held accountable for ethical behavior and a high level of business conduct to ensure transactions are processed properly and information is reliable. Further, to create additional safeguards, only necessary employees who require access should be allowed rights to valuable client information and/or certain applications. By cultivating a company culture in which there is continual monitoring of controls and in which employees feel comfortable reporting misconduct, the risk of fraud within an organization can be minimized. iBi

Allie Fisher, CPA is a senior accountant in the Audit Services Department at Heinold Banwart, Ltd. She can be reached at (309) 694-4251 or [email protected].