Here is a nightmare scenario that could happen to you if you don’t have effective internal control.
An accounting manager who allegedly embezzled more than $1.5 million from her employer has pleaded guilty to wire fraud.
Stantisha Kemp was a payroll and accounting manager at an Atlanta-based company that developed medical technology from 2007 to 2013, according to the Justice Department. Over that six-year period, she allegedly falsified payroll records that were sent to a payroll processing company and telling the payroll processor to directly deposit the deposit funds in her personal bank accounts every month. She told the payroll company that a doctor with the initials Y.H.J. was an employee of her company. She hid the scheme by creating a set of fabricated internal payroll records that made no mention of Y.H.J., who hadn’t worked for her company since early April 2010. Nevertheless, Y.H.J.’s unauthorized salary payments were deposited in Kemp’s bank account each month until February 2013. Sentencing is scheduled for June.
“Accountants who lie, cheat, and steal threaten the financial solvency of businesses,” said U.S. Attorney Byung J. Pak in a statement. “Businesses must remain vigilant against fraud — all too often the perpetrator is someone they know.”
Internal control, as defined in accounting and auditing, is a process for assuring achievement of an organization’s objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations and policies. Another way of looking at internal controls is that these interlocking set of activities are needed to mitigate the amount and type of risks to which a company is subjected.
Internal control comes at a price because it frequently slows down the natural process flow of a business, which can reduce its overall efficiency. Consequently, the development of a system of internal control requires management to balance risk reduction with efficiency. Therefore, management must be willing to accept a certain amount of risk in order to create a strategic profile that allows a company to compete more effectively, even if it suffers occasional losses because controls have been deliberately reduced.
Internal control comes in many forms. It could include the followings:
- The existence of a board of directors who oversee the entire organization and provides governance over the management team.
- The use of internal auditors to self-test the system for flaws. Internal auditors routinely examine all processes and look for failures that can be corrected.
- Segregate duties to include more than one person in processes so that people can cross-check each other, reducing fraud incidents and the likelihood of errors.
- Restrict access to computer records so that information is only made available to people who need it to conduct specific tasks. Doing so reduces the risk of information theft and the risk of asset theft through the modification of ownership records.
- Safeguard assets, either through electronic control or physical control when not in use, making it more difficult to steal them. This includes the company’s cash, accounts receivable, marketable securities, inventory and other valuable assets.
A key concept that companies must understand is that even the most comprehensive system of internal control will not entirely eliminate the risk of fraud or error. There will always be a few incidents, typically due to unforeseen circumstances or an exceedingly determined effort by someone who wants to commit fraud, e.g. collusion.
A company that operates without internal control is like a vault without a lock. No matter the size of the company, there are always processes that can help safeguard company assets and reduce fraud and error. If you are already operating with internal control that were put in place a few years ago, it is highly recommend that you review the processes to ensure that they still contribute to your organization’s objectives. This is especially crucial if your company has experienced growth since most of the organization’s efforts naturally went towards achieving such result and keeping up with growth.
Have you often wondered about the followings?
- My accounting department consists of just one person. How can I design and implement effective internal control in my company?
- I thought I should be more profitable based on how much we sell and spend but the numbers don’t show it. Are there errors in my financial statements?
- We implemented some internal control in our company a few years ago. Since then, we have expanded our offerings to our customers and hired additional team members. Things get chaotic in our office from time to time and some things fell through the cracks and we upset a few customers. Is it beneficial for us to re-evaluate our internal control?
- We have a certain level of internal control in place but how do I know that they are operating effectively?
Give us a call and we will help you navigate through your world of financial control in a complimentary consultation.
or e-mail us here.