Stronger internal controls are contributing to fewer reissued financial statements due to errors or omissions by public companies. If you want to reduce your risk of restatement, it is wise to implement some best practices from the authorities on designing and implementing effective internal controls: the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
Drop in restatements
Research firm Audit Analytics found that the total number of restatements dropped to 6.83% (or 671 of 9,831 companies) in 2016. That’s the lowest number of restatements in 15 years. Why? The Audit Analytics study attributes the decrease in restatements, at least partially, to regulatory oversight.
“I believe that the decrease in the number of restatements … is a result, to some extent, of improved internal controls over financial reporting,” said Don Whalen, director of research at Audit Analytics. Companies institute internal controls primarily to deter accounting fraud.
One resource used to improve internal controls is COSO. COSO first published its Internal Control — Integrated Framework in 1992 to help prevent a repeat of the types of accounting frauds that occurred in the 1980s. In 2013, COSO revised its framework to reflect changes to business and financial reporting that have taken place over the last two decades.
The updated COSO framework outlines five basic components of internal controls, including:
- Control environment. A set of standards, processes and structures is needed to provide the basis for carrying out internal controls across the organization.
- Risk assessment. This dynamic, iterative process identifies stumbling blocks to the achievement of the company’s objectives and forms the basis for determining how risks will be managed.
- Control activities. Policies and procedures are necessary to help ensure that management’s directives to mitigate risks to the achievement of objectives are carried out.
- Information and communication. Relevant and quality information supports the internal control process. Management needs to continually obtain and share this information with people inside and outside of the company.
- Management should routinely evaluate whether each of the five components of internal controls is present and functioning.
External auditors generally rely on the framework’s concepts when they assess internal controls. Likewise, business owners and managers can use the framework as a guide to establish, strengthen and assess their company’s controls. Following this framework can help safeguard your operations from inadvertent financial reporting errors and fraud.
Auditors use COSO’s framework with 81 “points of focus” to evaluate their clients’ internal controls. If you have questions about designing effective internal controls or want help implementing the framework’s concepts with actionable items, JLK Rosenberger can help. For more information, call us at (818) 334-8623 or click here to contact us.