sponsors this site
DEALING WITH WHITE COLLAR CRIME
INTERNAL CONTROL
PREVENTIVE AND DETECTIVE CONTROLS
Preventive controls and detective controls are designed to discover errors, distinction is based on the timing of application but generally a combination of both elements is used.
- Preventive controls are applied prior to processing because they prevent the errors from occurring. Examples include the custodial aspects of safeguard controls.
- Detective controls are applied at or after the subsequent processing step. Examples include reconciliations, reviews and comparisons by individuals not involved in the activity being controlled.
Reconciliation controls between two independent information streams can detect the occurrence of completeness, existence and accuracy errors at several different control points. Detectives do not prevent errors occurring, nor do they identify the sources of any errors detected.
SEGREGATION OF DUTIES
Segregation of duties prevents individuals within the entity from being in a position to both perpetrate and conceal an error or irregularity.
Examples of different functions which should normally be segregated are:
| Despatch of goods | and | receiving cash |
| Receiving cash | and | updating sales ledger |
| Receiving goods | and | payment of invoices |
| Performance of reconciliations | and | correction of errors |
Segregation of duties may also be necessary over allocations. For example, a credit clerk who has access to cash receipts, should not also be able to issue credit notes to the receivables account or to write off old receivable, otherwise the clerk could misappropriate cash receipts and write off the corresponding invoice as a bad debt.
EXISTENCE AND ACCURACY CONTROLS
Existence controls are designed to ensure that only valid exchanges are recorded by the accounting system. Examples of common existence controls are:
- procedures to ensure that the exchange document is compared to the physical goods either received or shipped to ensure that an exchange occurred;
- independent verification of employees on the payroll.
Accuracy controls are designed to ensure that captured exchanges are recorded accurately by the accounting system and relate to price, quantity, date, party and description. There are various types of accuracy controls:
- reconciliations
- comparisons
- mathematical checks
- review of one individual's work by another
AUTHORISATION CONTROLS
Authorisation controls may be instituted by management to ensure that transactions are executed in accordance with its general or specific instructions. Sound authorisation procedures help ensure that all exchanges executed by the entity have legitimate corporate purposes.
INTERNAL CONTROLS OVER COMPUTERISED PROCESSES
There are two types of internal controls applicable to both the capture and processing of computerised data:
- user controls
- EDP controls
EDP controls are dependent on computer programmes for their operation; user controls are operated independently of the computer processes.
SAFEGUARD CONTROLS
Safeguard controls have two aspects:
- Custodial
designed to prevent unauthorised use of assets during the period that they are in the custody of an individual or a department, also providing assurance that movable assets are not lost or stolen. Custodial controls include access restrictions and procedures to ensure that incoming and outgoing assets are counted, inspected, and received or given up only on the basis of an authorisation. Vaults containing negotiable instruments and shipping and storage departments, for example, should have such internal controls. - Accountability
designed to detect situations inconsistent with those on record and thus prevent the financial statements from being in error because of undetected errors or irregularities. For example, the storeman responsible for safeguarding inventory should not be primarily responsible for carrying out counts of the inventory.