Read

A Guide to Improve Internal Control Over Financial Reporting

Mohammed Ridwan
Mohammed Ridwan
October 30, 2023
5 min
A Guide to Improve Internal Control Over Financial Reporting

A Guide to Improve Internal Control Over Financial Reporting

Key Takeaways

Internal control over financial reporting (ICFR) refers to the legal obligation of a company to provide accurate financial statements. It requires you to adopt policies and processes that show the true picture of the company's finances. This involves:

  • Avoiding errors, fraud, or omissions 
  • Meeting deadlines 
  • Reviewing statements regularly.

An example of ICFR is inventory control, which involves maintaining accurate records of the company's goods. This requires adopting practices such as:

  • Maintaining documents, such as receipts, shipments, and adjustments
  • Segregating duties to different individuals or teams for handling, recording, and verifying inventory
  • Matching physical inventory counts with recorded inventory levels
  • Valuing inventory in accordance with generally accepted accounting principles (GAAP) principles, such as FIFO, LIFO, or the weighted average method.

These practices minimize the risk of inventory discrepancies and enhance the accuracy of financial statements.

What is the Purpose of ICFR?

ICFR is mandatory as per the Foreign Corrupt Practices Act (FCPA) of 1977 and the Sarbanes-Oxley Act (SOX) of 2002.

FCPA requires public companies to establish and maintain accounting controls. This reasonably ensures that financial statements comply with GAAP.

SOX takes this a step ahead and mandates public companies to assess the effectiveness of ICFR efforts and share the results with the public. Additionally, it demands large companies to get independent auditors for the evaluation.

Why is Internal Control Over Financial Reporting Important?

ICFR’s purpose is not restricted to being a statutory obligation. Here are five reasons why ICFR should be on your priority list:   

Accurate Financial Statements

ICFR ensures accurate financial statements that reflect the company's financial position and performance. Such reports enable investors, creditors, and internal management to make informed decisions.

Error Reduction

ICFR emphasizes the use of automation, standardized procedures, and clear documentation. This reduces the risk of errors due to human oversight, saving time and resources.

Preventing Fraud and Misconduct

ICFR employs strategies such as segregation of duties, multiple approvals, and regular audits. This reduces the chances of oversight and ensures employees do not engage in fraudulent activities.

Reliability

Stakeholders (including investors and creditors) rely on financial reports to assess a company's performance. Effective ICFR policies build confidence in the company's financial reports. 

Avoiding Costly Errors

ICFR detects errors and discrepancies before they can escalate into expensive matters. This saves significant expenses and protects its long-term viability. For example, identifying accounting errors eliminates the need for financial restatements.

What are the Components of Internal Control Over Financial Reporting? 

There are five main components of internal control over financial reporting. These are defined by the Committee on Sponsoring Organizations (COSO) of the Treadway Commission. 

These five components are also known as the COSO framework.

Control Environment 

The control environment includes the organization's standards, processes, structures, and values. It comprises:

  • Ethical values of the organization
  • Organizational structure and authority workflow
  • Processes to build a competent team
  • Focus on performance measurement, incentives and rewards.

These elements create an environment that fosters internal control in the organization.

Risk Assessment 

Risk assessment is an agile process for identifying and assessing risks. It involves:

  • Identification of potential risks that impact the ICFR efforts. This includes both internal and external risks.
  • Evaluation of the potential impact of identified risks. Some risks have a higher likelihood and a greater impact than others.

For instance, an internal risk could be employees intentionally inflating their expense reports to receive higher reimbursements. The potential impact will be financial misstatements if the risk goes undetected. 

Control Activities 

Control activities refer to the plan of action to address the risks identified during risk assessment. This requires establishing specific policies and procedures, such as:

  • Segregation of duties to prevent fraud and collusion
  • Controls in information security, application development, and system maintenance
  • Implementation of entity-level controls, such as reviewing differences between planned budget and expenditure
  • Employing preventive control, such as limited access to IT systems and automated approvals
  • Using detective control to identify misstatements via reconciliations and management review controls

One such example would be accounts payable automation to eliminate manual data entry. For instance, an OCR-based automation tool will improve receipt retrieval if there are recurring manual errors.

Account payable automation to eliminate manual data entry

Information and Communication 

Information and communication ensure that key stakeholders know their roles and responsibilities. It involves:

  • Defining expectations from each stakeholder in the financial reporting process
  • Educating employees on ICFR policies, procedures, and compliance requirements
  • Providing channels for reporting concerns and issues related to ICFR.

An example would be communicating reimbursement policies to manage company spending. These rules set clear limits and expectations for employees. 

Hence, if the policy says entry-level employees can't claim travel expenses, they should not submit such expenses for reimbursement.

Monitoring Activities

Monitoring activities involve regular review of financial controls and processes to identify and rectify issues. It includes the following steps:

  • Review expense reports, receipts, and other data to verify the accuracy.
  • Test sample data to ensure that controls are operating as intended.
  • Detect unusual patterns or anomalies in the data.
  • Verify that employees are following established policies and procedures.

One such example would be reviewing travel expense reports as a part of expense management. It involves verifying receipts and approval compliance. Any detected exceptions trigger investigations and corrective actions.

A Better Way to Manage Internal Control Over Financial Reporting

Setting effective policies for ICFR requires financial data visibility and proper reconciliation processes. Hence, achieving this demands more than policies and procedures. 

You need software to support operational efficiency transformation. Here is how Pluto offers a helping hand to get better control over your ICFR efforts: 

Seamless Financial Reporting 

Real time financial reporting with Pluto

Pluto generates detailed financial reports, providing more accurate and effective financial reporting. You can automate the process of data entry with OCR-based receipt capture. This reduces the manual errors and ensures accuracy. 

A multi-layer approval workflow ensures that financial transactions are reviewed and authorized on time. This helps you comply with company policies, enhancing control and accuracy.

The seamless integration with accounting software provides real-time data sync. This keeps the data up-to-date, enabling faster report generation.  

Simplify Financial Audit 

Simplify financial audit with Pluto

Pluto centralizes financial data, enhancing auditing capabilities.

Document management becomes simple with the easy uploading and retrieving of financial records. You can bulk download all audit logs and supporting files in a single click. This eliminates the time-consuming task of searching for and gathering individual paperwork. 

Pluto's automated systems keep expense records for all financial transactions. As a result, auditors can trace every step of the transaction, ensuring transparency and accuracy.

With end-to-end encryption, Pluto meets bank-grade security standards to safeguard sensitive financial information. This ensures the safety and easy accessibility of financial data. 

Accounts Payable Automations 

Automate your accounts payable

Pluto automates the accounts payable (AP) process to simplify procurement and payments. From purchase request (PR) to goods received notes (GRN) matching, you can streamline the entire AP process. 

Multi-layer approval workflows accelerate purchase requests and approvals. The purchase order (PO) process becomes faster with custom workflows and ERP integration. 

Pluto automates the entire invoice management process. OCR technology makes it easy to capture and auto-fill invoice details, ensuring accuracy and speed.

Pluto's cash flow management features provide alerts for upcoming payments. This enables you to schedule payments and avoid penalties. 

Budget Control 

Advanced budget control with Pluto

Pluto enables budget control by facilitating spending limits and approval workflows. 

Not only can you decide the limit for corporate cards, but also reject an expense if it goes against company policies. In contrast, you can also approve the spending limit for legitimate expenses.  

This ensures that employees adhere to predefined budgets. Moreover, this gives your finance teams immediate visibility into spending against budgeted amounts. 

ERP Integration  

Integrate your ERP with Pluto

Pluto's ERP integration streamlines vendor management and fosters an efficient control environment.

It imports vendor lists from your ERP and exports them back. This reduces data discrepancies and duplicates, leading to data consistency.  

Pluto's dashboard further makes tracking invoices and payments straightforward. This simplifies the payment and reconciliation process, preventing any errors. 

Expense Management  

Expense management with Pluto

Pluto automates and simplifies expense management processes. 

Each expense prompts a WhatsApp notification for employees to upload receipts. Administrators and managers also receive notifications to approve expenses. Approved expenses get reimbursed immediately to employees' bank accounts.

This seamless approval workflow ensures proper control and accurate financial reporting. 

Go Beyond Statutory Obligations

ICFR is not just a legal compliance. It is a practice to ensure financial visibility and control. While implementing policies and procedures is the main focus, finding the right tools to support your journey will make the process easier.

Pluto automates your financial processes to reduce manual errors and accelerate reconciliation. You close books 10X faster with more confidence. 

Book a demo today, and see how Pluto gives you better control and visibility from day one!

Find out how much your business can save with Pluto

Discover your savings with Pluto's Cost Saving Calculator and take control of your expenses. Unlock cost-efficiency now!

Calculate Now

Learn how Pluto is helping Keyper        to eliminate petty cash spending and optimize spend management

Read More

At Pluto Card, our mission is to assist businesses of all scales make well-informed choices. To uphold our standards, we follow editorial guidelines to guarantee that our content consistently aligns with our high-quality benchmarks.