Is your business in good health? Here's how you can perform a health check-up.
Internal controls are an essential part of keeping a business fighting fit. They help maintain productivity and efficiency, and optimise resources and capital.
Businesses without controls risk slow leakage of financial resources that can bleed them dry. They increase their vulnerability to sudden failure from shocks, such as running out of money due to inadequate monitoring of cash, misappropriation of assets or outright fraud. The likelihood of errors in the financial statements increases, and this damages shareholder and investor/lender confidence. For companies that intend to make a public share listing in the future, tight controls are essential to get the best price.
Some of the warning signs that internal controls may need tightening include:
- the business does not conduct regular reconciliation of cash at its bank
- staff who maintain cashbooks are also responsible for approving accounts payable
- the business suffers from cash shortages
- sales are expanding rapidly and administration is struggling to keep up
- accounting systems have not been reviewed for three years or more
- a new accounting system has been installed or an old system modified
- the business has a large number of suppliers
- bad debts or write offs are a constant problem
- capital expenditure is not planned and monitored
Many of these warning signs are most acute in fast-growing businesses. Smaller businesses with few employees tend to rely on their close-knit employee relationships for internal controls. The CEO or financial controller probably knows most staff personally and is in close contact with all commercial activities. However, rapid growth may leave these businesses exposed.
There are a number of things you can introduce to your business in order to tighten control and advance along the path to greater business health. As a starting point you should consider the adoption of the following policies:
Segregate duties
As a guiding principle, many errors and frauds can be prevented by separating the responsibility for monitoring and accounting for transactions, from the responsibility for entering transaction data and authorising payments. This includes ensuring staff involved in making or receiving payments are not responsible for accounting for the payments, or for reconciling bank and cash accounts. Also ensure that responsibilities for adding staff to the payroll and new suppliers to the purchasing system are separate from payment authorisation roles.
Review accounting systems
Executives finding that they can’t get satisfactory answers to questions about financial items in reports is a classic sign of deeper problems within business accounting systems. In this case, perform a ‘nuts & bolts’ review to ensure all relevant financial information is being captured and that the system is providing the information that executives need in order to run the business. Also consider a review if accounting systems have not been evaluated for some time, or have recently been modified or upgraded. The review should evaluate whether different systems that have been bolted together are passing information to each other without errors, and whether there is any duplication of transactions.
Consider outsourcing
Outsourcing some accounting and payment functions such as payroll management, can be a cost-effective way of implementing internal controls swiftly. As an added benefit, this hands the responsibility for ensuring that controls meet best practice standards to the provider.
Establish and document processes and key controls
Financial leakage is less likely to occur if there are established and documented processes about who has the authority to do what, and when, that are widely understood by employees. An essential part of the process documentation will be the identification and recording of key internal controls. This also helps job succession and the creation of role descriptions. Consider appointing a chief operating officer to keep tabs on day-to-day business activities if the company employs many staff. Establish clearly who is permitted to authorise different transactions (and thresholds) and provide staff with clear reporting lines. Authorisation procedures are particularly important for businesses that have grown quickly and opened regional offices that have been left to develop their own methods of dealing with transactions. Centralising certain decisions, such as authorising new suppliers, can go a long way towards preventing unnecessary wastage and can enable head office to make best use of bulk purchase discounts.
Set clear milestones for managing projects
By our estimate, nearly 80% of all projects fail to deliver all their expected benefits, or become a significant drain on business resources - we’ve seen large projects sink New Zealand businesses. Get the most out of projects by setting clear milestones for project time, cost and quality. Evaluate and address risks to project success before starting and monitor progress carefully over the course of the project.
Conduct a risk management review
Large organisations are increasingly implementing formal processes to identify and monitor potential risks faced by their businesses. While the scale and nature of these types of process are less appropriate for mid-sized businesses, the principle that executives should periodically evaluate business risks is relevant for all. Consider conducting a risk evaluation every year that covers both external threats like market changes and labour shortages and internal risks like fraud or the failure of large projects. Use management meetings to monitor those risks on a regular basis and ensure actions identified to mitigate the risk are on track.
Manage your people
Employees are the best resource in preventing financial leakage. Developing a workplace culture where employees are rewarded for helping maintain internal controls and are given a clear understanding of the ethical standards they are expected to follow is a highly effective safeguard. This includes encouraging openness – small mistakes are less likely to snowball if staff are not punished for revealing errors. Building a cohesive workforce where employees know each other well is also an excellent way of preventing fraud, which often occurs when staff members have personal financial difficulties that are concealed from their colleagues.
The best system of internal control is one that combines all of the above policies in an integrated package that is stitched into the body of a business.
To find out more, or to undertake an in-depth financial health check-up, please talk to your local PwC contact.
