When creating an accounting system, businesses and nonprofit organizations must establish a framework for internal control. The internal control process helps to ensure that the system is working well and that all of the employees involved are performing as expected. Having such an essential business function provides reasonable assurance by decreasing the likelihood of mistakes and safeguarding the organization's assets. Because of its significance, companies do well to consider the fundamental principles of internal control.
Companies must clearly establish responsibilities. Assigning specific responsibilities to individuals ensures they understand what their part is in maintaining internal control. If an internal control responsibility is consistently overlooked, an effective internal control system will make it clear who is not performing an assigned task.
Memory is not an infallible tool, especially when dealing with large amounts of information or transactions. Having correct record-keeping procedures will enable companies to have an accurate history of transactions on hand. Such historical data allows for the company to refer to it later, if a problem is discovered or if clarification is necessary.
Insurance and Bonding
Unfortunately, even the best internal control system may not prevent the loss of an asset. By insuring assets and bonding employees, an organization can rest assured that it will be reimbursed for the value of an asset if the asset is stolen, or otherwise misappropriated.
Asset Records and Custody
In an internal control system, the people who have physical access to cash and other assets are not the same people who keep the records relating to that asset. If, for example, the person responsible for keeping the petty cash records was the same person who had the key to the petty cash box, it would be easy for that person to help themselves to the cash while falsifying the petty cash record. The person who keeps asset records should not be able to physically access the assets he is tracking.
Responsibility for Related Transactions
Sometimes, several tasks must be completed in order to complete a single transaction. In this instance, it is important that different employees each perform the separate tasks making up the transaction. This ensures that more than one person was involved in completing the task, increasing the odds that any mistakes or fraudulent acts are discovered.
Burglar alarms, electronic keypads and other technology-based security features can help organizations protect assets. Technology can often go where people cannot, and can be on the job 24 hours a day without requiring extra pay or breaks. Smart companies augment their internal control systems with appropriate and cost-effective technology.
Companies must review their internal control systems regularly. That should be done by an individual who did not perform any of the work being checked. An independent evaluator can objectively report on the work being done throughout the internal control process and has no reason to cover mistakes or be overly optimistic about the control procedures.