Back to Basics!
Are you having the “Right” controls?
In light of regulatory requirements and taxation laws, most organizations, irrespective of their size and complexity of operations, rely on some kind of financial solution or ERP to capture and control their financial transactions and provide management with dependable information for decision making.
Most of these solutions are developed taking into consideration basic financial controls and assuming a particular process flow; however, almost always the original controls and built in process flows get “Bastardized” when they are implemented in organizations diminishing the controls effectiveness.
With this fact being ignored or forgotten by the stakeholders, the perception of maintaining adequate and effective internal financial controls becomes a misled reality, opening the doors wide open for errors and or fraud.
What we are keen achieve in this article is to trigger your inquisitive persona as a stakeholder to question not only the adequacy and effectiveness of controls, but also to dwell into how the control is being carried out.
For example, stakeholders may be content that in order to process a particular transaction, a set of signatures are to be obtained by the preparer, his/her boss then maybe his/her boss etc. till it reaches someone who has no idea about the transaction itself.
Hence, if all these signatures are obtained then there is a level of comfort that the controls are working fine! But are they?
The questions that need to be asked here are:
- What exactly is each of the signatories checking?
- Does each of the signatories know what he/she are supposed to review?
- How value adding these multiple layers of review are?
The ugly truth is that in many instances, each signatory signs due to the fact that he/she found the previous signatory’s signature for reasons like enhancing the efficiency of the processes or trust that the others have conducted the necessary review.
The scary truth is that once that person signed, he/she has assumed responsibility of the accuracy of the transaction so if there was any wrong doing relating to it, he/she should have stopped it as that was the reason they have been entrusted to be authorized signatories or reviewers.
This example applies to all organizational and process controls; hence Risktal Management Consultancies advise you to do the following:
- Rationalize your internal controls including the most basic of them.
- Encourage your internal audit function to rationalize the controls and look beyond the “surface” controls.
- Engage an independent party to assist you rationalize the organizational and process controls.
Bottom line, you can have the most sophisticated system of controls and the best governance practices “on paper” but if the execution is flawed then the whole system will be flawed.
So let Risktal Management Consultancies help you to go “Back to Basics” to enhance the future.
Contact us and let’s start the conversation – Contact Risktal