Internal controls are procedures, mechanisms and rules implemented in a company with an objective to prevent errors, fraud and pilferage to ensure that all transactions are properly recorded in the financial statements of the company.
The objectives of internal control system are:
• To ensure that the business transactions are recorded correctly
• To ensure all transactions are recorded and there is no omissions
• The company’s assets are properly secured from unauthorized assess
• All transactions are properly authorized
• Find the loopholes in accounting system and take corrective actions
• To ensure there is optimum utilization of company’s resources To ensure that the financial statements are prepared in accordance to applicable standards
Inherent risk of weak internal controls is the possibility of incorrect or misleading information in the financial statements of a company. The inherent risk is more prominent where the accountants use a larger amount of judgments and assumptions in reporting accounting figures. One of the examples is in the financial service sectors where the regulations are complex and the transactions are with large related companies with development of derivative products. Another example is where holding company is involved with several subsidiary companies being controlled as special purpose vehicles to practice off balance sheet transactions. Related party transactions are inherently less transparent. When the company has long relationship of years with an auditor of the company, the inherent risk is high as the auditor tends to accept verbal explanations from clients instead of putting independent effort to gather audit evidence. Inherent risk is also higher when approximations and subjective judgments are applied for valuation of an asset recorded in the financial statement. This is an example of inherent risk where the auditor has to use techniques to assess the fair valuation process applied by the company’s management.
The limitations of internal controls system are:
• The effectiveness of internal controls may be limited by decisions made with human judgment.
• Employees may misunderstand instructions or make mistakes resulting in breakdowns of internal control.
• High level management personnel may be able to override or depart from the prescribed policies.
• Employees working collectively can collude to alter financial data such that it may not be identified by the internal control systems