An organization should carefully define various measures to safeguard its assets, check the reliability and accuracy of accounting information, ensure compliance with management policies, and evaluate operating performance and efficiency. The internal control structure depends on the accounting system, the control environment, and the control procedures. The control environment is the combined effect of a firm’s policies and attitudes toward control implementation.
Control procedures are specifically integrated into the accounting system and relate to the following:
- One important control is limited access to assets. This control feature assures that only authorized and responsible employees can obtain access to key assets. For example, a supplies stock area may be accessible only to department supervisors.
- Separation of duties is another important control. Activities like transaction authorization, transaction recording, and asset custody should be performed by different employees. Separating functions reduces the possibility of errors (because of cross-checking of accounting records to assets on hand, etc.) and fraud (because of the need for collusion among employees).
- A number of accountability procedures can be implemented to improve the degree of internal control:
- Duty authorization is a control feature which requires that certain functions be performed by a specific person (e.g., customer returns of merchandise for credit can be approved only by a sales manager).
- Prenumbered documents allow ready identification of missing items. For example, checks are usually prenumbered so that missing checks can be identified rapidly.
- Independent verification of records is another control procedure. Examples include comparing cash in a point of sale terminal with the sales recorded on that register and periodic reconciliation of bank accounts.
- A company may engage an accounting firm or CPA to provide an independent review of the company’s accounting records and internal controls. The accountant may offer suggestions for improvement and test the established system to determine if it is functioning as planned.
In designing and implementing an internal control system, careful attention should be paid to the costs and benefits of the system. It is folly to develop a system which costs more to establish and maintain than it is worth to the company.
The basic elements of control are common to most businesses. However, the merchandiser must pay special attention to several unique considerations. Foremost is asset control. Obviously, the retailer has a huge investment in inventory, and that inventory is not easily “isolated.” As a result, theft and spoilage are all too common. Retailers should go to great lengths to protect against these costly events.
Think, for a moment, about walking through an electronics retail store. Upon entering the front door, one may first notice “architecturally pleasing” barricades (like planter boxes or posts) to prevent crash entry. Next is a doorman (guard), who perhaps oversees separate entrances and exits, and is responsible for matching receipts to goods leaving the store. An alarm may sound if a hidden inventory sensor has not been deactivated at check out.
A quick glance up may reveal cameras. The most expensive items are display only; to buy these items a claim ticket is presented at a caged area. Only authorized employees can enter that area. At check out, point-of-sale terminals must be accessed with a key that is assigned to an employee. The terminal tracks who processed the sale. In addition, an employee may look inside a box or bag that contains a customer’s purchased items, picture IDs are examined, and so forth. In general, the goal is simple — make sure that only purchased merchandise gets out of the store. Several times daily, the cash drawers in the terminals will be pulled (replaced with another) and their contents audited. Daily bank runs (maybe via armored courier) will occur to make sure that funds are quickly and safely deposited in the bank. These controls are visible at the “front end” of the business.
Purchasing cycle controls are invisible to the customer, but equally as important. And, these purchasing controls are pervasive in other non-merchandising businesses as well. There is no single correct process, but the following concepts should be considered:
- Purchases should be initiated only by appropriate supervisory personnel, in accord with budgets or other authorizing plans.
- The purchasing action should be undertaken by trained purchasing personnel who know how to negotiate the best terms (with full understanding of freight issues, discount issues, and so forth).
- Purchasing departments should have strong procedural rules, including prohibitions against employees receiving “gifts” and limitations on dealings with related parties.
- Large purchases should be preceded by solicitation of bids from multiple vendors.
- A purchase order should be prepared to initiate the actual order.
- When goods are received, the receiving department should not accept them without inspection, including matching the goods to an open purchase order to make sure that what is being delivered was in fact ordered.
- The receiving department should prepare a receiving report, indicating that goods have been received in good order.
- When an invoice (“bill”) is received, it should be carefully matched to the original purchase order and receiving report. The bill should be scheduled for payment in time to take advantage of available discounts. It is important to only pay for goods that were ordered and received. In a large organization, the person preparing the payment has likely never seen the goods; hence the importance of complete documentation.
- Before payment is released, an independent supervisor should make one last review of all the documents.
In an automated environment many of these processes and documents will be generated and preserved electronically. However, the underlying controls are of equal importance.
Accountants spend much of their time dealing with issues that are complex, like designing and testing the control environment. For example, an auditor does not just look at a bunch of transactions to see if the debits and credits are correct. Instead, the control environment will be studied and tested to see if it is working as planned. If it is, then the “system” should be producing correct financial data, and much less time can be devoted to actually focusing on specific transactions.
|Did you learn?|
|Understand the concept and importance of a control structure.|
|Be able to enumerate control features of a well-designed business organization.|
|What controls are unique to the retail environment?|
|What controls are unique to the purchasing cycle?|