c. Internal controls
This page is part of the risk services which belongs to the Governance, compliance and risk assessment section of our services that includes: risk assessment, internal controls (you are here), risk management, the risk checklist and why penetration testing fails.
Internal controls (checks and balances) are part of a system and a process established and operated within a company to help it to carry out its operation in a proper and efficient fashion.
Internal controls are part of a comprehensive system for risk monitoring and ensuring compliance (abiding by laws and regulations) as well as trust in financial reporting.
The directors are responsible for the company’s system of internal control, which covers financial, operational and compliance controls together with risk management.
Whilst no system can provide absolute guarantee and protection against material loss, the system is designed to give the directors reasonable assurance that problems can be identified promptly and remedial action taken as appropriate.
| 1 | internal control system |
is linked to the ability of companies to fulfil their business objectives |
| 3 | effective controls |
help monitor identified risks that might affect corporate revenues; it requires to monitor and asses possible changes in the risks, and to take timely and appropriate measures as well as review the internal control structure to respond to environmental changes (e.g., regulation and standards). |
| 3 | internal controls that are left untracked | can cause serious damage to the firm (e.g., funds embezzlement, profit leakage, overpayments, failure in business processes) and its efforts to achieve good risk management (e.g., balancing potential costs against revenues and profits regarding risks taken) |
| 4 | Solution | is to provide a system that offers more than simply creating a checklist in each of the control areas. |
| CyTRAP Labs provides clients with tools and support regarding internal controls that facilitate the: | ||
| A | making better use of controls to map the company’s priorities and develop key risk indicators, as well as | |
| B | the more effective managing of risks under changing market conditions | |
Internal controls against fraud and big accounting problems are important, but there’s another side to internal control that can raise revenues, cut costs, and boost profits month after month.
Internal controls can also help to reduce profit leakage due to overpayment of bills, losses in revenues as well as inefficient operations, accidents and data security breaches.
Finding leaks takes diligence, but is worth the effort when employees, vendors, and customers know you’re perpetually on the lookout for disappearing funds, no matter how small.
A system of internal control helps directors to review and determine if a firm has adequate resources to continue in business for the foreseeable future.
Controls support corporate governance by providing information in cases where the rules have been ignored or misconstrued. In turn, controls are the first indication to management where corrective action might be required to improve efficiency, reduce risk exposure or assure compliance.
Example
When management sets rules and procedures to be legally compliant, internal controls are needed to assure that the regulatory framework is being followed by employees, clients and suppliers alike.
If controls are lacking or not enforced or checked upon, the outcome can be disastrous:
2 – ZKB – A – failure of internal controls – derivatives
Article source: CyTRAP Labs and ComMetrics: Internal controls