In the continuing battle against fraud and restatements, a public company’s best allies are strong accounting policies and well-documented internal controls, according to conclusions reached at a workshop conducted by a group of accounting and auditing associations.
Dozens of leaders in the financial reporting supply chain, such as corporate executives, directors, auditors, audit committee members, and regulators attended workshops in 2016 organized by the Anti-Fraud Collaboration to compare notes on best practices for deterring fraud and improving financial reporting. The report offers a number of recommendations regarding accounting policies and internal controls that the group considers important to make an organization resilient to fraud and misstatements in financial reporting.
Accounting policies, for example, must adhere to technical accounting requirements, yet be clear and understandable to non-accountants, the report says. Supervisors and managers must be held accountable for implementation, but non-accountants who are not conversant in the nuances of technical accounting must understand well enough to be on board.
Processes and procedures must be tied back to accounting policies, the group finds, and policies must be reviewed at regular intervals, addressing how to uncover and monitor changes in activities that affect accounting. Policies also must be field-tested before implemented and monitored for compliance after implementation.
With massive change taking place in how companies account for revenue beginning in 2018, companies should be paying special attention to how accounting policies are written. This is an area where granularity and specificity is warranted, given how small changes in contract terms can lead to big differences in how revenue is recognized.
With respect to internal control over financial reporting, tone at the top is the essential starting part for effectiveness, the group agreed, coupled with a risk-based approach to evaluating and remediating controls to assure efficiency. Internal controls over unusual or one-off transactions need special attention to produce an effective control regime.
Fraud risk is not mitigated by any one group acting alone, says Richard Chambers, president and CEO of the Institute of Internal Auditors, one of the groups participating in the Anti-Fraud Collaboration. “Successfully battling fraud in financial reporting requires strong collaboration among all the principal players,” he said in a statement. “This report is built on such collaboration and offers valuable direction and insight on improving accounting policies and internal control over financial reporting.”