Internal controls are a mandatory part of SOX. They must be designed to ensure the accuracy of financial statements and protect investors from fraud and misrepresentation of the financial statements. Internal control principles help to design and maintain an adequate internal control system to protect the goals of internal control.
Accounting internal control is the methods and procedures used to ensure the accuracy and validity of the financial statements, as well as to protect against abuse and fraud, making sure information is delivered in an accurate and timely manner. (Griffin) Internal controls consist of information systems and physical controls that are carried out in the line of job duty. The two primary goals of internal control is to ensure that financial information is delivered accurately and free of material misstatements, as well as to protect investors and the company from fraud and theft. Without internal controls, investors are damaged with losses and the company's financial condition is damaged, which can cause bankruptcy, or even closing of the company with huge losses.
Prior to the implementation of Sarbanes-Oxley Act of 2002, huge accounting scandals erupted that cost investors their money, employees their jobs, and caused companies huge losses of assets and bankruptcies. Auditors were not held to independency rules and law had a lot of loopholes in the GAAP rules. There were open doors for fraud. Company management and auditors were manipulating the rules without breaking them to achieve financial targets.
To protect investors by improving the accuracy and reliability of corporate disclosures, SOX was implemented and introduced the Public Company Accounting Oversight Board (PCAOB). The PCAOB oversees the audit of public companies that are subject to securities laws, and related matters, to protect the interests of investors and further public interest in the preparation of informative, accurate, and dependent audit reports. (Public Law 107-204, 2002) Auditors are now required to follow auditing standards set forth by the AICPA and have a rotation requirement of five years. Public accounting firms now undergo inspections by the PCAOB. Auditors are prohibited from activities of bookkeeping, design and implementation of information systems, appraisal or valuation services, fairness opinions, or contribution-in-kind activities, actuarial services, internal audit outsourcing, management functions or human resources, broker dealer, investment advice or investment banking, or legal and expert services on companies they audit.
SOX implemented greater corporate responsibilities on public companies. Corporate officers are now required to provide quarterly and annual signed reports that state they reviewed financial statements, the financial statements contain no material misrepresentation or omissions, and the financial statements are fair presented in all material aspects of the organization's financial condition. They are now required to establish and maintain internal controls. They are held to a higher accountability for the financial conditions and statements of the organization. SOX also implemented the forfeiture of bonuses for those in noncompliance of the law.
When a company announces deficiencies in the internal controls, they automatically experience a drop in the organization's stock price. Deficiencies in internal controls send huge red flags to investors due to the history of accounting scandals. Internal control deficiencies automatically are open doors for fraud and abuse. Some investors will immediately sell stock at the mention of any deficiency.
There are limitations in internal controls, including performance of controls, collusion, and procedure deterioration. Errors of misunderstanding of instructions, mistakes in judgment, and other personal factors can affect the performance of internal controls. (Internal Controls, 2006) Procedures that require segregation of duties can be avoided by fraudulent acts. Over time with changing conditions, control procedures can deteriorate. When audits are performed on individual accounts, mistakes in the judgment of materiality can lead to materiality in the financial statements, as well as fraudulent activities being overlooked. If an employee is segregated to accounts payable and is absent from work a particular day, someone else, including management, can step in and write checks that are not authorized. If a company expands operations and control procedures are not expanded as well, the control procedures can become inadequate in respect to the overall operations of the company. Carelessness is one of the biggest limitations to internal control. All it takes is getting lax with auditing of accounts, or verification of transactions, and fraud can occur.
You’re 76% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.