Internal Control – Definition, Dimensions and Responsibilities

Internal Control

It is a process implemented by the management of a company to enable it to control risk operations to be performed by the company. Through better control of its processes and thus achieve the objectives that management has set. For this reason, its resources are measured, directed and supervised so that the company can achieve its objectives. Internal control is a process whose objective is to control all the processes implemented by the company. This is a main concept of business management that will lead in the years to come their restructuring in depth.

Multiple Definitions of Internal Control

There are multiple definitions: see Internal Control System and Accounting and Financial Auditing. One of the oldest is that of B. Fain and V. Faure: “Internal control consists of a rational organization of accounting. The accounting department to prevent, at least to discover without delay, errors and fraud”. It dates from 1948. The one that is currently referred to is that of COSO. In this process that is implemented by the management body. The managers and the organization’s staff, designed to provide reasonable assurance. As to the achievement of the following objectives:

• Realization and optimization of operations
• Reliability of financial information
• Compliance with applicable laws and regulations

This definition is not ideal, but it has the merit of defining internal control. As a process and specifies that it is intended to put the notion of reasonable assurance about operations. On the other hand, it does not take into account. The concept of risk management that has been taken into account in COSO 2. However in particular it does not refer to the state of the practices or the processes of the company.

This definition has been widely adopted. For example in the AMF’s reference framework. “Internal control is a system of society, defined and implemented under its responsibility. It includes a set of means, behaviors, procedures and actions adapted to the specific characteristics of each company which:

• Contributes to the control of its activities, the efficiency of its operations. Also the efficient use of its resources.
• Although shall enable it to take into account, in an appropriate manner. Also significant risks, whether operational, financial or compliance.”

More From Business Study Notes:- Types of Audits

The multiplicity of definitions of this notion is due to the variety of concerns of different stakeholders. It depends on the job, the sector of activity, the crises encountered. It is certain that the vision of the auditor is quite different from that of the internal auditor. As well as the manager or the strategy consultant.

It is important to see that we have gradually moved from the fight against fraud. To a broader approach that is particularly close to governance. However these definitions are not complete. Since they specify the “how” but do not say the “why”.

Internal control can reasonably be considered as a process. That ensure the company’s operations are carried out by applying good practices. Especially those concerning the management and operation of its main processes. 

Dimensions

The notion has several dimensions:

The fight against fraud and this has been one of the driving forces behind the development of this belief. Initially, there was in 1977 the publication in the US of the Foreign Corrupt Practices Act, FCPA. It requires companies to set up internal control programs. The purpose of this text was to detect fraud and protect the resources of the company. This primarily concerns physical assets such as inventories, accounts receivable. However also intangibles such as patents, intellectual property, know-how, trademarks, etc. The sincerity of the accounts of the companies and this desire has been the second driver of the development of internal control.

History of Dimensions

In 1985 the Treadway Commission was born of the awareness of the repetitive errors found in the accounts of a number of companies. It has set itself the objective of being able to fight against the fraud. That is found in the Balance Sheets and Income Statements of certain companies. In 1992 the work of COSO, Committee of Sponsoring Organizations of the Treadway Commission resulted in a first report. Internal Control – Integration Framework which is called in French: The practice of internal control.

It gives a commonly accepted definition of the concept of internal control. Also details a general framework for setting up an internal control system and how it can be strengthened and perfected. Then in 2002 a rigorous American law, the Sarbanes-Oxley Act, reinforced the internal control practices. To reinforce the control of the accounting concerning the companies listed in the USA. It is an investor protection law that imposes new rules on accounting and financial transparency.

The establishment in more efficient and effective manners and the goal of internal control is evolving. The goal of the approach is to have the right information at the right time to make the right decisions. More generally, it is a question of determining strategic objectives, setting up operational systems and respecting laws and regulations. Internal control requires the implementation of procedures that respect all of these objectives while improving the efficiency of the business.

The development of internal control methods has an important influence on the development of information devices because their operation has an impact on the efficiency of the company’s processes. It is therefore essential to put in place appropriate control management systems. These in turn rely on information devices to feed the dashboard monitoring processes.

Need for Internal Control

The development corresponds to three needs:

• The drift of corporate practices (laxity, neglect of control or security rules, internal fraud, etc.),
• The rise of risks linked to globalization, dematerialization, financialization
• Also the development of information devices

It serves to reinforce and systematize audits. We move from one-off operations to permanent controls.

Roles and Responsibilities

In most companies, there is an internal audit department. All employees of the company are responsible for internal control. Management is responsible for putting in place sufficient control systems.