Home

Monthly Newsletter

Charter Schools Info

Charter Schools Funding

Affiliate Websites

Referral Services

Site Map

Contact Us

Providence Financial









MONTHLY NEWSLETTER:  JANUARY 2007 ISSUE

INTERNAL CONTROLS—YOU LOCK YOUR DOORS DON’T YOU?
BY RICHARD B. VAN ALFEN, CPA


While most employees are honest, embezzlement and other unlawful activity by an employee is unfortunately not a rare event. When employers are victimized in this way, they often are surprised because they had absolute trust in the responsible individual. Enron and Worldcom may be the most visible examples of employee fraud; but fraudulent acts occur every day on a smaller scale in businesses and other organizations, including schools. These have the potential of being just as devastating to those involved. Consider this recent headline from Utah: “Couple Accused of $4 Million School Scam: Ex-employees of Davis School District Bilked Grant Funds for Years.” In this and many other embezzlement cases the fraud could have been prevented or detected in time to mitigate the damages through appropriate internal controls.

Internal controls are similar to controls we exercise in our everyday lives. When you left the house today, did you lock the doors to your home? If so, that is your own “internal control” to safeguard the assets you own. Do you regularly review your bank and credit card statements? Do you review your cancelled checks? You do this to ensure the accuracy of these financial transactions. When you go to the grocery store, do you use a list? This ensures you stay within your budget.

Internal controls are systems of policies and procedures that protect the assets of an organization, create reliable financial reporting, promote compliance with laws and regulations, and achieve effective and efficient operations. These systems are not only related to accounting and reporting but also relate to the organization’s communication processes, internally and externally, and include procedures for (1) handling funds received and expended by the organization, (2) preparing appropriate and timely financial reporting to board members and officers, (3) conducting the annual audit of the organization’s financial statements, (4) evaluating staff and programs, (5) maintaining inventory records of real and personal property and their whereabouts and (6) implementing personnel and conflicts of interest policies.

Internal controls are systems of policies and procedures that protect the assets of an organization, create reliable financial reporting, promote compliance with laws and regulations, and achieve effective and efficient operations.

Most embezzlement schemes are not elaborate, and they occur when a susceptible employee is tempted by an opportunity (in other words, the lack of effective internal controls). In many cases, basic internal controls, such as the segregation of duties or management’s review of the organization’s bank statements and cancelled checks received directly from the bank, would prevent fraud or detect it early enough to minimize the losses.

There are generally two types of controls:

• Preventative Controls – are designed to prevent errors or fraud.

• Detective Controls – are designed to discover errors or fraud after they occur in time to mitigate the damages.

While internal controls should be customized to specific organizations and situations, following are certain basic internal controls that are broadly applicable:

Implement segregation of duties where duties are divided or segregated among different people to reduce risk of error or inappropriate actions. No one person should have control over all aspects of any financial transaction.

Ensure transactions are authorized by a person with authorized approval authority when the transactions are consistent with policy and funds are available.

Ensure records are routinely reviewed and reconciled, by someone other than the preparer or transactor, to determine that transactions have been properly processed.

Make certain that equipment, inventories, cash and other property are secured physically, counted periodically, and compared with item descriptions shown on control records.

Provide employees with appropriate training and guidance to ensure they have the knowledge necessary to carry out their job duties, and are provided with an appropriate level of direction and supervision, and are aware of the proper channels for reporting suspected improprieties.

Make sure policies and operating procedures are formalized and communicated to employees. Documenting policies and procedures and making them accessible to employees helps provide day-to-day guidance to staff and will promote continuity of activities in the event of prolonged employee absences or turnover.

Who is responsible for the internal controls of an organization? While the board of directors, owners, and management have ultimate responsibility, a well-run organization emphasizes the responsibility all members have in establishing and maintaining effective internal controls.

Resources are widely available to help management assess, develop, and implement an effective internal control structure. A good start would be to search the internet for information and resources, discuss with a Certified Public Accountant, or purchase one of the numerous publications on internal controls. After all, we know that educational resources are scarce enough as it is. And…you lock the doors to your house don’t you?