Internal control involves a collection of processes and systems established within an organization to ensure the smooth running of the organization. It has a couple of objectives such as ensuring that the resources of the organization are appropriately utilized; without occurrences of fraud, waste and inefficiency, ensuring that the operations of the business are conducted in accordance with set policies, ensuring that manipulations made on data, accounting or otherwise, are accurate and it also helps in collecting of information that helps the organization in evaluation of performance. The quality of internal controls within an organization is a key determinant of the profitability and goodwill of the organization (Trenery, 1999, p. 7). The internal controls are thus of utmost importance to the shareholders of a company.
Internal controls are achieved by employing a variety of strategies. One of the strategies that can be used to achieve internal control is the segregation of duties. For instance, in the collection of debts, a control system could be put such that the person who collects money is not the one who deposits it, elsewhere in material requisitions, the person authorizing the giving out of materials should not be the one with the custody of the materials. Such systems will ensure accountability since each person has his/her role in the internal control system. A variety of controls should be put in place for sensitive operations of the company to ensure that these operations hardly encounter inefficiencies and frauds. An example is controls for cash. In this case, cash should be kept in a place that is physically safe. This can be ensured by keeping it under lock and ensuring that the keys to the lock are kept by only one person. The physical control should be backed up by electronic and mechanical controls that ensure that any frauds and burglary cannot go unnoticed. Such controls would include the use of information systems in the management of cash to ensure that all transactions on the cash are properly authorized. A good internal control system should also have an appraisal subsystem (Trenery, 1999, p. 11). Operations performed by one employee should be subject to a number of verifications before they are deemed to accurate and non-fraudulent. It is of essence, however to maintain the independence of the people who perform the appraisals in order to avoid problems of collusions. This is achieved by selecting verifying officers of higher ranks and contracting outsiders to perform the verifications. An area that needs this kind of verification is the payroll to prevent the inclusion of ghost workers and double payments.
The Sarbanes-Oxley Act includes a number of provisions for internal controls that have greatly influenced internal control in companies. The Act addresses issues related to the disclosure of status of the internal controls in a company. The Act requires both the signing officers and the issuers of financial statement to disclose information related to internal controls in their financial statements. According to the Act, issuers of financial statements should include in their reports the adequacy of their use of internal controls in operations and also state the extent to which they use the same. On the other hand, signing officers are required to periodically review internal controls for proper reporting at the end of the year. They are thus required to give information relating to the loopholes in internal controls and also report frauds resulting from weaknesses in the internal control system. The Act also provides that material changes in internal controls should also be reported (Trenery, 1999, p. 4).
As stated earlier, information related to internal controls is very important to the shareholders of a company. However, companies should be very careful about the information they give to their shareholders about internal controls. As companies try to comply with the provisions of the Sarbanes-Oxley Act, they should not give information that will jeopardize the value of their stocks. Thus truthful information about internal controls should be given but it should also be appropriately censored to mitigate its effect on share value. If sensitive internal controls information is released, the stocks of a company may be adversely affected. This is because the state of internal controls in any organization determines efficiency with which an organization carries out their operations, prevents of fraud, maximizes resource utilization, etc (Graham, 2004, p. 15). These are aspects that determine the profitability of a company and thus they either attract or discourage investors.
Despite the advantages that internal control offers to a company, it has a couple of limitations. One of the most difficult challenges faced in the development and implementation of internal controls is incapable and/or unreliable staff. For example, if an employee is supposed to examine a bank reconciliation statement and determine its accuracy, he/she has to be qualified. If this employee is unqualified, fraudulent entries may go unnoticed. On the other hand, employees may collude to weaken the internal control system (Graham, 2004, p. 19). It is thus evident that most of the limitations of internal control are personnel-based.
Although internal control has a couple of limitations, its use in organizations is very important and it significantly reduces fraud and errors. Due to this fact, it builds the goodwill of the company and consequently attracts investors. Without internal controls, most companies will be run to debt due to frauds and errors.
Graham, L. (2004). Internal Controls: Guidance for Private, Government, and Nonprofit Entities. New York. Barnes & Noble.
Trenery, A. (1999). Principles of Internal Control. California. Bell & Bain.