Public Companies
In 2001 the largest case of corporate fraud led to the collapse of Enron, one of the largest public companies in the U.S. Thousands of people including investors, employees and suppliers suffered severe financial losses. The downfall lead to the elimination of one of the "Big 5" auditing firms and resulted in the onerous Sarbanes-Oxley (SOX) act in the U.S.
A demand for accountability from audits and financial reports of businesses big and small arose as increased scrutiny and public cynicism of corporations skyrocketed.
The New Canadian Rules
In Canada, the authorities have implemented rules and regulations similar to those of SOX. The Canadian Securities Administrators' (CSA) Multinational Instrument 52-109, CEO and CFO Certification, requires CEOs and CFOs to include for the first time in their 2006 annual certificates statements about the design of internal control over financial reporting (ICFR) and related disclosure in the Management Discussion and Analysis (MD&A) section of their annual reports. This is in addition to the existing certifications that address disclosure controls and procedures (DC&P). In 2007 CEOs and CFOs will also have to attest to the operating effectiveness of the internal controls. These are indeed scary times to be a CEO or CFO.
The impact on smaller companies has been even harsher due to their limited resources that can be dedicated to implementing effective controls.
The Benefits of Strong Internal Controls
Despite the challenges of getting them in shape, internal controls are vital because they:
- Minimize the opportunity for fraud
- Ensure reliable financial information
- Ensure compliance with government regulations
But does anyone really enjoy the prospect of spending hours and hours poring over lengthy binders of financial process documentation just to find out how to do something? Digging through word documents and spreadsheets to understand processes and pinpoint control issues has proven to be a time consuming and costly process.
There are also the problems related to making changes to address key risk areas that have not been covered, improving controls where needed and making sure employees know about and understand all the rules and regulations. This is time consuming and difficult with traditional internal controls documentation in word documents and spreadsheets.
A Better Solution
While word documentation will always be part of internal control documentation, my firm has found a better solution that is very effective and significantly decreases training time - business graphics and flowcharts. Think of the advantages of having each process documented in a full colour flowchart:
- Quickly find areas where you are susceptible to fraud
- Easily make changes to internal controls to stop fraud and theft
- Reduce expenses by easily communicating your processes to auditors and other key stakeholders
- Reduce training expenses
- Quickly identify where processes don't exist or could be improved
- Obtain companywide buy-in to using and improving internal controls
|
|
|
|
|