1. Fraud and Internal Control
1.1 Fraud is an intentional to misappropriate (steal) assets or misstate financial statements.
• Many high-profile collapses of companies due to fraud
• Examples of misstatements:
– Recording expenses as assets
– Overstating useful lives of assets
– Recording revenues that do not exist
1.2 Internal control: consists of all the related methods and measures adopted within a company to help it to
achieve reliable financial reporting, effective and efficient operation, and compliance with relevant laws
A good internal control has 5 primary components:
1. Control environment: it is the responsibility of the management to make it clear that the organization
values integrity and that unethical activity will not be tolerated.
2. Risk Assessment: companies must identify and analyze the various factor that creat risk for the business
and determine how to manage these risks.
3. Control activities: to reduce the occurrence of fraud, management must design policies and procedures to
address the specific risks faced by the company.
4. Information and communication: the system must capture and communicate all pertinent info both down
and up the org and communicate it to its appropriate external parties.
5. Monitoring: the system must be monitored periodically for their adequacy. Significant deficiency must the
reported to management and the board of directors.
1.3 The importance of internal control is recognized by the Canadian Business Corporations Act.
2.1 Authorization of transactions and activities: transactions and activities must be undertaken, and
approved, by the appropriate individuals or departments. Responsibility should be assigned to specific
individuals. Control is most effective when only one person is responsible for a given task, (i.e., cash
2.2 Segregation of duties: the work of one employee should, without a duplication of effort, provide a reliable
basis for evaluating the work of another employee. The responsibility for related transactions should be
assigned to different individuals, and the responsibility for establishing the accountability for an asset
should be separate from the physical custody of that asset.
2.2.1 Related activities: when one individual is responsible for all of the related activities, the potential
for errors and fraud is increased (e.g., activities related to sales (selling, shipping, and billing) and
activities related to purchasing (ordering, receiving, and recording payment)).
2.2.2 Accountability for assets: when one employee maintains the record of the asset that should be on
hand, and a different employee has physical custody of the asset, the custodian of the asset is not
likely to convert the asset to personal use.
Segregation of duties means that responsibilities should be divided up so that one person cannot both commit a
fraud and then cover up. If this cannot be fully achieved, supervision by the owner of the business may be
necessary and work of one employee should be verified by another to ensure the accuracy of accounting records.
2.3 Documentation procedures: documents should provide evidence that transactions and events have
occurred. This control contributes to the accuracy and reliability of the accounting records.
2.3.1 Documents should be prepared when transactions occur.
2.3.2 Prenumbering documents permits all documents in a related series to be sequentially accounted
(transactions are not counted twice nor omitted). 2.3.3 Source documents for accounting entries should be promptly forwarded to the accounting
2.4 Physical Control: Physical, mechanical, and electronic can control access to, and use of, assets and
2.4.1 Physical controls relate primarily to the safeguarding of assets (safes, bank vaults, safety deposit
boxes, fences, and locked warehouses).
2.4.2 Mechanical and electronic controls enhances accuracy and reliability of the accounting records.
Execution of transactions – cash registers, time clocks, etc.
2.5 Independent checks and performance: the review, comparison, and reconciliation of data.
2.5.1 Internal auditors review activities of departments and determine compliance with prescribed
policies and make recommendation for improvements. They are especially useful in comparing
accounting records with existing assets to ensure that nothing has been stolen.
Maximum benefit derived when made on a surprise basis or periodically; made by independent party of
the personal responsible for this info; and exceptions or discrepancies should reported and
2.5.3 External auditors do the same as internal auditors but also attest to the fairness of the financial
statements presentation in accordance with generally accepted accounting principles. They are
professional accountant hired by a company to report on whether or not the company’s financial
statements fairly present its financial position and results of operation.
2.6 Human resource control:
2.6.1 Conducts thorough background checks
2.6.2 Bonding of employees who handle cash: bonding means having insurance protection against
theft of assets by dishonest employees. This insurance is referred to fidelity insurance, where the
insurance company carefully screens all the employee before adding them to the policy and rejects
risky applicants. And bonded employees have the incentive to act honestly because insurance
company will vigiuresly prosecute any offenders
2.6.3 Rotating employees’ duties and requiring employees to take vacations: the purpose of this to
determine any dishonest activities done by the employee by their replacement while they are on
vacation or in another duty.
Limitations of Internal Control
2.7.1 The concept of reasonable assurance rests on the premise that the costs of establishing control
procedures should not exceed their expected benefit.
2.7.2 It should also be recognized that the human element (fatigue, carelessness, and indifference) is an
important factor as is collusion between two or more individuals to circumvent prescribed controls.
2.7.3 The size of the business may also impose limitations on internal control.
• Limitations include:
• Cost / benefit
• Human element
• Size of business
3. Cash controls
3.1 Cash consists of coins, currency (paper or virtual), cheques, money orders, travellers’ cheques, and money
on deposit in a bank. Debit card transactions and bank credit card slips are cash as well.
Importance of cash:
Most important asset
Pervasive impact Vulnerable to theft or misuse
Balancing act needed to ensure sufficient, but not excess, quantity
When a debit card sales occurs the bank automatically pays the sellers by transferring funds from the
customer’s account, but there is an uncertainty that the sellers will receive the money, so they are willing to
pay a bank charge
Debit card expense A
(to record debit card sales)
With a credit card sale, the credit card company pays the seller where customer is lending money from the
credit card company, facing the risk that the customer will not pay the money due promptly so that sellers
are charged a fee.
Credit card expense A
Sales A + B
(to record credit card sale)
Internal Control over Cash Receipts
3.2 Control of over-the-counter receipts is centred on cash registers that are visible to customers. A tape is
locked in the register that accumulates the daily transactions and totals. At the end of the shift, the tape is
compared to the amount of cash in the register. All cash receipts should be deposited daily, intact, into the
bank account or are made by electronic funds transfer. These deposit should be made by authorized
3.3 Mail receipts resulting from billings and credit sales are by far the most common way cash is received. All
mail receipts should be received in the presence of two mail clerks. Cheques received should be stamped
“For Deposit Only” using a company stamp. A list of cheques received should be prepared in duplicate. One
copy should accompany the cheques that are forwarded to the cashier’s department.
3.4 Electronic receipts: electronic fund transfer is a way of transferring money electronically from one bank
account directly to another without any paper money changing hand. Electronic funds transfers normally
results in better internal control since no cash or cheques are handled by company employees.
See illustration 7-2 In page 364
4. Internal Control over Cash payments