Connect with us

Business

Lack of effective audit, internal control precursors to financial crisis – IBDM

Published

on

Institute of Business Diplomacy and Financial Management (IBDFM), has identified lack of effective audit and internal control techniques as catalysts to financial crisis.

IBDFM made this observation Saturday, during her 31st Mandatory Continuing Professional Development (MCPD) Programme, Investiture of Fellowship and Induction of New Members, which took place at Monty Suites, Calabar, Cross River State, South-South Nigeria.

IBDFM 31st programme, though has had a lone member who was upgraded and decorated with Fellow membership, close to one hundred members participated in the MCPD. A very intimidating attendance, if not the largest in 2020 so far.

Mrs. Philomina Obene was the only person conferred with the prestigious Fellowship Award of the Institute. She is an Administrative Officer with the Port Harcourt Zone of the NNPC and has been a Senior Member of the Institute since 2018. She was being admitted by Dcn. Nicholas I. Agbo.

In his welcome address, ably represented by the Registrar and Secretary to Council, Mr. Sukana D. Tusha, the President and Chairman Council of the Institute Prof. Ayuba A. Aminu commended the organisers of the programme and congratulated the old members for the additional knowledge and experience and the new members for the new opportunities opened to be harnessed.

“…As you all know, the Institute of Business Diplomacy and Financial Management is a professional body approved by the Federal Ministry of Education, authorised by the Attorney General of the Federation and Minister of Justice and incorporated under the Companies and Allied Matters Act (CAMA), 1990 and currently pursuing her Chartered status.

“As a professional body, IBDFM is providing quality management training, research and consultancy services in the fields of General Management, Business Management, Banking, Finance, Accountancy and Economics to the Private and Public sectors.

“The Institute’s Mandatory Continuing Professional Development (MCPD) Programme is aimed at improving, renewing and updating the knowledge, skills and ability of all professional members of the Institute and to ensure that they are up to speed with latest developments in the fields of Business Diplomacy and Financial Management for optimal productivity in today’s challenging work environment.

“On the theme chosen for today’s Programme “Effective Audit and Internal Control Techniques”, I must say that this is not just apt but timely as it is one of the surest ways a company or business organization can check fraud and corrupt practices, which have eaten deep into the fabric of most organizations, both public and private.

“I am glad that our Keynote Speaker, Dcn. Nicholas I. Agbo who is a Fellow of the Institute, a Chartered Accountant and the Director of Audit, University of Calabar, is an Expert with hands-on experience not only in Audit but in Finance and Accounting. I strongly believe that he will do justice to the paper within the short time allotted for the presentation.

“Let me seize this opportunity to sincerely appreciate all Certified Professional Members of the Institute who have made out time to participate in this MCPD Programme. I want to assure you that your labour will not be in vain as the credit units earned from MCPD participation will be a major criterion in the executive Chartered conversion when the Institute attains her CHARTERED status soonest.

“For those joining the professional league of our Institute today as Fellows, Senior, Full, Associate and Graduate Members, I must congratulate you and say without mincing words that your admission into the Professional Membership of this Prestigious Professional Institute is an achievement worthy of accolades and celebration.

“Your formal induction today gives you a professional membership certificate that improves your qualification for employment, appointments and promotion purposes and the right to use the following designations or acronyms after your names on your business cards, CVs, email signatures and other personal collaterals: FBDFM, SBDFM, MBDFM, ABDFM and GBDFM for Fellow, Senior, Full, Associate and Graduate Members respectively.

“It also provides you the opportunity to attend both local and international conferences where you meet with world-class scholars and academics, entrepreneurs, professionals, bureaucrats and technocrats from all walks of life to collaborate, find job opportunities, negotiate deals etc.

“The old members of the Institute may recall that the Institute in collaboration with esd Conferences had earlier scheduled an International Conference on the 26th and 27th of March, 2020 at Mohammed V University, Rabat, Morocco prior to the outbreak of the Coronavirus pandemic.

“As I bring my welcome speech to a close, I urge you all to distinguish yourselves and let excellence and professionalism stand you out from the crowd. For those that are being inducted today, ensure that you participate fully in every activity here and finally swear to the Oath of Allegiance and Code of Professional Ethics which is the hallmark of your induction as bona-fide Professional Members of the Institute, and so entitled to all rights and privileges appertaining therein.

“Please note that the rights and privileges can be withdrawn if your conduct is found to be unprofessional and inimical to the well-being of the institute.

“Once again, I warmly welcome and thank you all for your time and the courtesy of your attention.

“God bless the Institute of Business Diplomacy and Financial Management; God bless Cross River State and God bless the Federal Republic of Nigeria,” the President said.

Effective Audit And Internal Control Techniques: A keynote lecture delivered by DCN. Nicholas I Agbo, FBDFM, Director of Audit University of Calabar, was a compelling tour de force, a brave attempt, to redefined sanity, accountability and financial discipline in an organisation sensitising participants on the advantage of effective auditing in checkmating financial leakage; a window of corruption.

The presentation has explained thatbusiness organizations and governmentagencies have over the years suffered colossalfinancial losses through fraudulent practices. Consequently, it became very necessary to havean independent and professional person(s)called ‘Auditor’ to review the reports presentedby management in an objective manner. Thisreview process is ‘Auditing’.

“To prevent errors and fraud, an audit and a systemof rules, which in their aggregate, minimize thelikelihood of fraud occurring, while maximising thepossibility of detecting any fraudulent activity thatmay transpire must be instituted.

“The potential ofbeing caught most often persuades likelyperpetrators not to commit or be involved in the actof fraud; because of these challenges, theexistence of an Audit Department and a thoroughInternal Control System becomes very essential to
appraise, monitor, control and regulate the financialoperations in an organization.

Below is an excerpt of the keynote paper:

What is an Audit?
Audit is an independent examination and expression ofopinion on the financial statements of an enterprise byan appointed Auditor in pursuance of that appointment
and in compliance with relevant laws and regulations.Audit has also been defined as an independentappraisal of activity within an organization for thereview of its operations as a service to Management. Itis a managerial control, which functions by measuringand evaluating the effectiveness of other controls.
Simply put:“it is the Control that Controls other Controls.”

Audit is further used to determine the validity andreliability of accounting information expressed in thefinancial statement, and that the information is freefrom material errors and comply with financial laws.

Classification of Audit:
Audit can be classified majorly into two parts:
(i) External
(ii) Internal

(i) External Audit: This is an audit that is statutorily required by law and is conducted by anindependent auditor appointed in compliance withrelevant laws and regulations. The external auditorshave the responsibility of:
* Assurance Assignment;
* Expressing opinion on financial statement;
* Qualification of opinion where necessary;
* Making management to be consistent;
* Ensuring that Accounts comply with laws and regulations;
* Unwavering independence.

(ii) Internal Audit: Internal Auditing is defined by the Institute of Internal Auditors as “an independent,objective assurance and consulting activity designed toadd value and improve an organisation’s operations. Ithelps an organisation accomplish its objectives by
bringing a systematic, disciplined approach to evaluateand improve the effectiveness of risk management,control and governance processes.”

Internal auditors areappointed by Management and are expected to apply
professional knowledge, skill and experience in thegathering, evaluation and communication of information,which is usually relied upon by Management and externalauditors for decision-making.

Internal Auditors Responsibilities areto review, appraise and report on:

* The soundness, adequacy and application of
internal controls;
* The extent to which the organization’s assets
and interest are accounted for and safeguardedfrom losses of all kinds;
* The suitability and reliability of financial and
other Management data developed within the
organization.

Effective Auditing

In November 2006, the Audit Committee Chair Forum(ACCF) addressed the issue of audit effectiveness andevaluation. The forum considered pertinent questions suchas: What is an Effective Audit?

A lot of the audit fee seems to be about ‘do the financialstatements comply with two thousand two hundredchecklist points?,’ rather than ‘do the assets exist?’

A clear understanding of audit effectiveness is aprerequisite of audit evaluation.Effectiveness has manyaspects relating both to the particular audit and to theaudit firm in general. Furthermore, effectiveness is to someextent in the eye of the beholder – it means different
things to the auditors and to the audit committee chairsand may also differ between companies and over time.

Defining the Effective Audit:
Effectiveness can be regarded as a composite ofcompetence, procedural arrangements, quality controland quality assurance.The procedural arrangements can be regarded asthe tools used by the firms and individuals toensure that audits comply with technical
standards, i.e. legal requirements, regulators’
requirements and auditing standards set by theAuditing Practice Board (APB).

“You can answer in the negative. What is not aneffective audit? If you know what is not an effectiveaudit, you can see what is. It is not lots of hassles… ifsomething goes wrong you know its not effective… butif there was no underlying wrong, you might neverknow the audit was not effective.” The above quotation
presents a dilemma in assessing audit effectiveness,but with hindsight, it’s easy to see what was noteffective.

Given the difficulty in the absence of detection of aproblem, of determining whether the audit waseffective, it was suggested by the ACCF thateffectiveness might be proxied by examining thecharacteristics of an effective audit team whichincludes:
* Competence
* Knowledge of the industry
* Sound judgment
* Objectivity
* Integrity

Characteristics of Effective Audit:
An Audit is said to be effective if and when it achieves itspurpose and objectives in the organization, whichincludes the following characteristics:

* The Financial Statement presents a true and fairview of the organization’s financial position.
* Useful areas of improvement in the organization’sprocedure to be highlighted.
* Work to be completed on schedule with minimaldisruption to the organization.
* Provide independent, unbiased assessment of thefinancial statements; that it has been preparedusing acceptable and appropriate accountingpolicies consistently applied and disclosed.

 Review the three Es:
* Economy – Least Cost
* Efficiency – Use of Resources
* Effectiveness – Meets Purpose/Specificationof financial transactions.

* Assessing compliance with laws, regulations,policies and contracts.
* Review accounting and internal control systemsfor safeguarding of PPE and other assets.
* Review controls for prevention of errors,
irregularities and fraud.
* Assurance that the financial statements show atrue and fair view of the company’s state ofaffairs and can be relied upon by users ofaccounting information.
* Vouching for integrity of management.
* Claims and obligations are properly valued
and represented.
* Protection of rights and interests of parties/stakeholders in business organizations.
* Follow-up previous audits to assess if remedialactions has been effectively implemented.

Internal Control Techniques:
In the past, it was considered necessary to check a greatnumber of transactions and to vouch numerous documents.But in modern times, the techniques has changed and
emphasis now placed upon investigating the system ofinternal control, hence the System Based Audit.

SYSTEM BASED AUDIT: This is an audit procedure which,investigates the system of internal control and itsoperations backed by test to substantiate the accuracyand reliability of the records. The Auditor mustevaluate the strength and weaknesses of the procedure
and test the effectiveness through compliance test.This will enable the Auditor to know the extent to which hecan rely on the internal control system in operation.

Internal Control System:
In accounting and auditing, Internal Control is a means bywhich an organization’s resources are directed, monitoredand measured in order to accomplish specific goals orobjectives. They are systems, procedures and processes
that are implemented to minimize the risk to which theorganization might otherwise be exposed as a result offraud, negligence, error or other causes.

Definition:
(i) Internal Control is defined as “the whole system ofcontrols, financial and otherwise, established bymanagement in order to carry on the business of theorganization in an orderly and efficient manner, ensureadherence with management policies, safeguard the assetsand secure as far as possible the completeness andaccuracy of the records.
(ii) COSO (Committee of Sponsoring Organizations) ofthe Threadway Commission Framework defined InternalControl as “a process designed and effected by anentity’s Board of Directors and Management and other
personnel to provide reasonable assurance regarding theachievement of objectives in the following categories:

* Compliance with applicable laws and regulations.
* Effectiveness and efficiency in operations.
* Reliability of Financial reporting.

Types of Internal Control Techniques:
There are three (3) types of Internal Control Techniques viz:
(i) Preventive
(ii) Detective
(iii) Corrective
(i) Preventive Technique: Manual or automated processesthat stop something bad from happening before it occurs. Thisincludes:
* Passwords and access codes
* Locking of offices
* Backing up computer data
* Employee screening
* Segregation of duties
* Obtaining approval before processing a transaction
* Arithmetic summation; prepayment audit.

(ii) Detective Technique: These aredesigned to find out and/or discover thedifferent errors or irregularities which may haveoccurred.
* Surprise cash counts
* Physical inventory counts
* Review of performance
* Periodic audit
* Reconciliations

(iii) Corrective Technique: This is meant to correcterrors or irregularities that have occurred.
* Set up policies and procedures for reporting
errors.
* Organize Training programmes.
* Institute Progressive disciplinary actions.
* Continuous improvement processes: e.g. reviewof operations manual to prevent future errors orirregularities.

Components of Internal Control:
(i) Control Environment: It sets the moral tone of theorganization/business, standards, processes and structuresthat provide the basis for carrying out internal controlacross the organization through:
• Establishment of code of ethics for the organization.
• Careful screening of job applicants (backgroundchecks, skills, etc).
• Proper assignment of authority and responsibilitiesand supervision.
• Effective/consistent disciplinary measures andsanctions for all ethical violations.

(ii) Risk Assessment: Understanding the possibility that anevent will occur and adversely affect the organization. The three
(3) step process involves:
* Set objectives for the organization: Goals should not betoo lofty and all levels of management should beinvolved.
* Analyze potential risk of violations: Note the internal(personal changes, funding) and external (outsiders,contractors, new technology, new government policies)risks.
* Develop strategies to manage risks: Develop controlstailored at the inherent risks of the organization’sbusiness and establish set policies for dealing withviolations.

(iii) Control Activities: The policies and procedures thatenforces management directives includes:
• Authorization and approval.
• Security of assets.
• Reconciliation and arithmetical accuracy of records.
• Segregation of duties and supervision.
• Limit physical access to assets to authorized persons.

(iv) Information: Pertinent information must be identified,captured and communicated in a time frame that enable peopleto carry out their responsibilities.

(v) Monitoring Activities: Reviewing financial information,verifying inventories, supplies, equipment and other assets.

Types of Control System:
There are 3 major types of control system:
* Administrative Control(Personnel Mgt. Discipline, Training)
* Organizational Control(Lines of authority, Rights, Duties, Communication)
* Accounting Control
* Internal Audit

Accounting Controls: These are controls built
within and around accounting system.
* Documentation: Transactions and significant
events must be clearly documented in writing andeasily assessable for examination.
* Recording: All transactions to be promptly
recorded and properly classified.
* Execution: Transactions are duly authorized andexecuted by persons authorized to do so andwithin the limitation of such authorities.

Internal Audit: Internal audit is a control that
controls other control. The control functions to appraiseand report on:
* the soundness, adequacy and application of
financial and other management controls.
* the extent of compliance with established plans,procedures and policies, etc.
* the extent to which the organization’s assets andinterests are accounted for and safeguarded.
* the suitability and reliability of financial and othermanagement data developed within the
organization.

Objectives of Controls:
Due to the inherent risk in the management and controlof organization’s financial resources, inventories, assets,stores, salaries and wages; audit/control objectives havebeen standardized to ensure that resources are directedappropriately, monitored effectively and measuredcorrectly. Below are the audit and control objectives onselected and most vulnerable areas:
(i) Cash: (Most liquid asset)
* Audit Objective: Verify the accuracy, existence,ownership and proper representation.
* Controls:
* Separation of functions and duties.
* Reconciliation of accounts.
* Well defined disbursement procedures.
* Use of temporary receipts should be avoided.
* Periodic cash book analysis to be conducted.
* Periodic cash survey.
* Cashbook should be endorsed by high rankingofficer other than the cashier.
* Movement of cash should be recorded and
balanced daily.
* Cash, cheques and other negotiable assets shouldbe kept in safe, lock and key.

(ii) Purchase Controls: Ensure that:
* All purchases are properly authorized and approvedbefore goods and services are ordered.
* Liability for all purchase is accurately recorded inthe books of account.
* All materials purchased are actually received intothe stores and services rendered accordingly.Items should be verified as having metspecification.

(iii) Stores: Stores are all the moveable materials andequipment, classified as expendable and non-expendable and consumable items.
* Audit Objective:
* To ensure stores ledger and bin cards are maintained.
* Accuracy and existence of stock.
* Reconciliation of ledger and bin cards.
* Controls:
* Different officers handle store ledger and bin card.
* Inspection of items on regular basis.
* Prevention of unauthorized access to stores.
* Good procurement procedure.
* Annual stock-taking and verification of balances.

(iv) Salaries & Wages: Salary is fixed amount of incomereceived by an employee, while wages are paid to workers not onpermanent appointment.
* Controls:
* To ensure that only legitimate and bonafide employeesare remunerated/paid for services rendered.
* That amounts paid are properly authorized and approvedfor payment.
* That there is accuracy in all computations; nooverpayments.
* That all statutory deductions are correctly made, and paidto relevant authorities.
* Obtain all information relating to salary increment,promotion, transfer, termination, resignation and treatappropriately.

(v) Contracts: Are agreements or set of promisesbetween two parties, which the law will enforce.Government contracts are made in accordance withordinary law of contracts through offer by one side andacceptance by the other. The Public Procurement Act
(2007) provides detailed requirements and guidelines forprocurement/contracts in respect of works, goods andconsultancy services in the public sector.

Audit Objectives:
* To ensure that rules and regulations governinggovernment contracts are followed.
* That contracts awarded are executed and achievedesired goals.

Controls:
* Constitution of Tenders Board.
* Approval limits on contract by the Chief
Executives, CEOs and Tenders Board.
* See new policy guidelines for procurement.
* Ensure review and evaluation of process of
awards of contract.
* Obtain contract register.
* Review payment made to contractors and serviceproviders.
* Obtain stages of completion certificates/reportsrelevant to each contract.

(vi) Fixed Assets: These are tangible items that helps inthe productivity and profitability of the company.
* Control Objectives:
* To confirm the ownership and physical existence ofthe assets.
* Adequate maintenance and control of the asset.
* Capital expenditure are properly incurred and
recorded.
* Addition and disposal of assets are authorized byappropriate levels of management, properly receiptedand documented.
* Ensure that Fixed Asset Register is maintained.

Limitations to Internal Control:
The importance of Internal Control in the operations ofan entity cannot be over-emphasized. However, it isexpedient to note that the controls in themselves arenot full proof and can suffer set backs due to the
inherent limitations below:

* Judgment: The effectiveness of internal control islimited by decisions made by human judgmentunder pressure to conduct business based oninformation at hand.
* Breakdown: Employees sometime misunderstandinstructions or simply make mistakes. Errors mayresult from new technologies and the complexityof computer information system.
* Management Override: High level personnel
may be able to override prescribed policies andprocedures for personal gain or advantage.
* Collusion: Control system can be circumventedby employees collusion. Individuals actingcollectively can alter financial data or othermanagement information in a manner that cannotbe identified.

Conclusion:
An audit is a systematic and independent examination ofbooks, accounts, records and vouchers of anorganization to ascertain it’s financial performance andposition in order to present a true and fair view of thatorganization.It is a management tool geared towards sound appraisalof the performance of an organization and there cannotbe sound appraisal if the business transactions are not
conducted in an efficient and orderly manner withstrong internal controls and financial regulations.

Effective auditing therefore is dependent on howknowledgeable and skillful the auditing personnel is inusing the knowledge and laws to gather audit evidenceand carry out compliance test on the internal control
system to ascertain its strength, validity and reliability toform positive opinion that will bring profit tostakeholders in the business.
For internal control to be effective, it must be able tohighlight and detect fraudulent practices, as well asmismanagement of resources, so that deterrent actionscan be taken against erring personnel.

References:
(i) Financial Regulations. (Vol. 96, 2009 Edition).
(ii) Committee of Sponsoring Organizations (COSO)Manual.
(iii) Evaluating your Auditor: Article of Institute ofChartered Accountants of England & Wales. (2003).
(iv) A Manual of Uniform Internal Audit System.(CHIADINU).
(v) Training Manual on Auditing and Investigation byASCON, 2018.
(vi) Auditing and Investigation. (Ferdinand Olusanya).
(vii) Auditing and Investigation. (Adeniyi A. Adeniji).
(viii) Nigerian Standards on Auditing.
(ix) ICAN Journal of Accounting and Finance.
(x) Institute of Internal Auditors Journal/Manual.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *