Internal Control and Cash

Fraud and the Fraud Triangle

Fraud in accounting refers to dishonest acts by employees for personal gain at the expense of the employer. Understanding the fraud triangle helps organizations identify and mitigate risks associated with fraudulent activities.

• Fraud: Any dishonest act by an employee for personal benefit, such as stealing cash, inventory, or creating fake invoices.

• Opportunity: The workplace environment must provide a chance to commit fraud. This is the most critical element of the fraud triangle. Example: Cash registers not counted at the end of the day.

• Incentive (Financial Pressure): The reason an employee wants to commit fraud, such as financial difficulties or desire for a lavish lifestyle.

• Rationalization: The employee must justify the dishonest behavior to themselves. Example: Believing they are underpaid and deserve more money.

To minimize opportunities for fraud, companies implement internal controls to safeguard assets, ensure reliable financial information, and comply with laws.

Five Components of Internal Controls

The COSO framework outlines five essential components for effective internal control systems, which help organizations safeguard assets and ensure accurate financial reporting.

• Control Environment: Management must emphasize integrity and ethical values. This includes organizational structure, management style, and employee code of conduct.

• Risk Assessment: Identifying internal and external risks, such as competitive threats, regulatory changes, or weaknesses in controls.

• Control Activities: Policies and procedures to address risks, including physical controls (safes, locks), documentation procedures (numbered documents), and separation of duties (different people handle related tasks).

• Monitoring: Ongoing evaluation to ensure controls are functioning as intended.

• Information and Communication: Accurate and timely capture and sharing of relevant information within the organization.

Principles of Control Activities

Control activities are the foundation of a company’s efforts to reduce fraud. There are six key principles:

• Establishment of Responsibility: Assigning responsibility for tasks to specific individuals.

• Separation of Duties: Dividing responsibilities among different employees to reduce risk of error or fraud. Example: One employee orders goods, another receives them, and a third pays the supplier.

• Documentation Procedures: Using pre-numbered documents and ensuring all are accounted for.

• Physical Controls: Safeguarding assets with locks, safes, passwords, alarms, and sensors.

• Independent Internal Verification: Having a separate employee periodically review another’s work.

• Human Resource Controls: Practices such as bonding employees, mandatory vacations, and background checks to reduce risk.

Limitations of Internal Controls

No system of internal controls is perfect. Fraud can still occur due to several limitations:

• Human Element: Employees may be careless or indifferent.

• Collusion: Two or more employees may work together to bypass controls.

• Executive Override: High-level executives may override controls for personal gain.

• Size of Business: Small businesses may lack enough employees to segregate duties effectively, and the cost of controls may outweigh the benefits.