Linkedin
Linkedin

Let’s talk Internal Controls!

What exactly are internal controls, how does it work and why is it important? Let’s dive right in.

Internal Controls’ is a term that is used to describe the safeguards that companies put in place to minimise risks, ensure the integrity of their operations, safeguard assets, prevent fraud, and comply with laws and regulations. Controls are put in place in response to ‘what could go wrong’, and in some cases, to ‘what has gone wrong’.

 

Let’s imagine that you had a prized possession…

The value you place on your prized possession causes you to take certain steps to protect it from harm. You place your prized possession inside a box, which has a state-of-the-art lock on it, requiring a combination of a password and biometrics to unlock it.  Other people who can access your prized possession can only do so with a valid password and biometrics. Access to the box is logged by your security system. You monitor the access logs regularly to ensure that there has not been any irregular activity. You separate the tasks and responsibilities of the people who can make additions to the contents of your box from the duties and responsibilities of those who can make subtractions from the contents of your box. All movements into and out of the box are meticulously recorded on a computerised system, together with the identity of the person who accessed the box. Regular checks are performed on the contents of your box, to compare the physical contents of the box with the system, and address discrepancies. The results of the comparison are regularly and independently verified.

The analogy above describes various internal control measures, such as access control (requiring a combination of password and biometrics), monitoring, segregation of incompatible duties (tasks and responsibilities), record keeping, reconciliations (physical to system records), and verification. These are some of the basic internal controls that should be implemented by companies of all sizes, including Small, Medium, and Micro Enterprises, who are serious about safeguarding their assets, maintaining the integrity of their operations, and fostering trust among stakeholders.

 

The two categories of Internal Controls

  • Preventive Controls: these controls are put in place to stop problems before they occur. Examples of preventive controls are access controls and segregation of duties.
  • Detective Controls: these controls are implemented to identify problems that have already occurred. Examples of detective controls are reconciliations and physical inspections of inventory identifying losses that have occurred.

 

Consequences of Inadequate Internal Controls

Failure to implement adequate internal controls could have dire consequences. Let us continue the analogy of the prized possession and imagine that some of the safeguards are removed. Suppose that movements into and out of the box are kept manually on pieces of paper that get lost, or that some, but not all movements are recorded in the computerised system. Furthermore, let’s imagine that comparison of the physical contents of the box with system records is only performed once a year. When you do a check, the physical contents of the box do not tie up with the system records – the contents of the box are much less than what the system records reflect. One of the consequences of not having these safeguards, or internal controls in place, are errors, omissions, and loss of the integrity of your financial data if all movements in and out of the box are not recorded. The lack of proper record-keeping increases the likelihood of discrepancies going unnoticed. Performing physical to system comparisons (reconciliations) of the contents of the box only once a year increases the opportunity for errors or fraudulent activities to go unnoticed, resulting in an accumulation of discrepancies over time. Furthermore, deficiencies in internal controls provide opportunities for fraud and theft to occur without being detected.

 

Why do companies resist implementing Internal Controls?

Here are some of the reasons:

  • Complexity: Internal controls involve creating systems, and developing processes and policies. This complexity can be overwhelming, especially for companies without prior experience or expertise in this area.
  • Burdensome: Some companies may view Internal Controls as an unnecessary burden, and even a hindrance to doing business. Finding the right balance is key.
  • Budget constraints: Implementing Internal Controls may be a costly exercise, putting a strain on budgets.

 

In conclusion

A company operating without sound Internal Controls can be compared to a house being built on a shaky foundation with many gaps and weak supports, that is at risk of collapsing in the face of a storm.  Implementing sound Internal Controls in your Company will provide a solid foundation that will support and sustain future expansion and growth.

Implementing Internal Controls does not have to be a minefield if you have the right partner to walk with you on this journey. Get in touch today and let’s talk Internal Controls.

Contact Optigrow today to find out how we can partner with you.


Click Here

Share:

More Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright 2025 © All Rights Reserved | Designed & Developed By Dutch Ink