Internal Financial Control
What is Internal Financial Control?As per 134(5)(e) of the Companies Act 2013, “Internal Financial Controls” (IFC) means
- the policies and procedures adopted by the company for ensuring the orderly and efficient conduct of its business, including adherence to company’s policies,
- the safeguarding of its assets,
- the prevention and detection of frauds and errors,
- the accuracy and completeness of the accounting records,
- and the timely preparation of reliable financial information.
Objective Of IFC
Primary objective of IFC to identify opportunities for improvement, and to draw up recommendations and good practices that can use as a benchmark to develop or strengthen their internal control systems and enhance the reliability of their financial statements.
- Prevention and detection of fraud and error
- Safeguarding of assets
- Accuracy and completeness of Accounting records
- Reliability of Financial reporting’
Value Addition By IFC and IFC-FR
While delivering regulatory benefits, Internal Financial Control may delivery business value in multiple areas:
- Business Process: IFC gives opportunity to get health check on status of business process design by identifying areas of revenue leakage or cost reduction.
- Automation Controls: This gives opportunity to move from manual controls to automated environment.
- Standardization: in multi location or multi-product company, IFC helps in identifying & standardization of Policies & procedures.
- Work Culture: IFC supports in increase of focus from business, as every process is tracked via identified risks & controls.
- Assurance: IFC provides support to CEO or CFO of company in terms of better controlled business operations, resulting wise decision making.
- IFC documentation & controls also work as base to ERP transformation and optimization.
Scoping & AS IS Study
- Agree strategy and approach with management/ external auditor to define materiality and expected coverage.
- Identify significant accounts and processes based on agreed materiality threshold*.
- Define scope of processes including organization wide processes (ELS, ITGC, etc.).
- Finalize scope exclusion and validate with management/ external auditors and align with Board
Design Assessment & Gap Identification
- Focus on Segregation of Duties and Functional MIS
- Prepare Risk & Control matrix with control description, owner, frequency, control evidence, etc.
- Document walkthroughs and identify design gaps
- Identity controls into Manual, Automated, IT dependent, Preventive, Detective, etc
Design Gap Remediation
- Prioritize financial gaps into material/ non-material and review these with the management/ external auditor
- Prepare corrective action plan and update control documentation on closure
- Recommendations to enhance SOP/ MIS/ DOA, etc.
Operating Effectiveness and Reporting
- Develop the overall testing strategy
- Prepare sampling methodology
- Develop the overall testing timelines and responsibilities
- Conduct the testing
- Report results to management