This Paper was prepared for_________ taught by___________
Introduction. Financial management is vital for organizations of any type, size and ownership form. This paper discusses the key areas for an organization financial function and analyzes financial controls to be implemented to ensure sound financial management.
Financial function of the organization. ICAEW (2011) defines financial management as a responsibility for core process activities - accounting, financial information processing, tax management, financial controls and treasury, performance of which contributes to organizational success and meeting short- and long term organization objectives. COSO (2013) distinguishes between three categories of objectives each of which is relevant for all specific finance function and for all organizational types. These are operational (efficiency and effectiveness of operations and safeguarding assets), compliance (adherence to a specific set of rules and regulations) and reporting (timely, transparent and free from bias financial reporting to management, external regulators, donors etc.) objectives (COSO, 2013).These objectives allow the organization focusing on specific aspects of relevant internal controls. Thus the key areas to be analyzed when assessing any entity financial function are accounting, compliance, management and control, strategy and risk, funding and resourcing (ICAEW, 2015). Each area covers a set of activities which can be assigned different weight (higher as e.g.budgeting and forecasting or lower as routine transaction processing) but all together form the financial management framework.
Accounting. The financial management domain covered by accounting function is processing and recording the financial outcomes of the organizational activities (ICAEW, 2015). Its analysis covers transaction processing through double-entry bookkeeping system (debtors, creditors, cash and general ledgers, payroll, travel and expenses management), reporting (aggregation of the transactions into specific reporting formats) and financial control ensuring accuracy, validity and completeness of both individual transactions and financial statements (COSO, 2013; ICAEW, 2015). Units responsible for these activities whose work is analyzed are accounts payable\receivable, cash and payroll, internal control.
Compliance. This domain covers meeting the requirements of various legal and regulatory bodies (e.g. State Exchange Comission (SEC), Sarbanes-Oxley Act (SOX), tax authorities, state legislative acts) and includes analysis of regulatory function and tax management (compliance or tax and legal departments) (ICAEW, 2015). The importance of this area assessment as stipulated by SOX (2002) is so high that a special statement of American Institute of CPAs on compliance audits was issued to prescribe how to conduct the audit and to express audit opinion on the organization compliance (AICPA, 2010).
Management and Control. This area is assigned the greatest significance as the core for all business decisions (ICAEW, 2015). Processes related to both financial and non-financial information - budgeting, forecasting and business planning, sustainability reports, with the latter assigned more weight in light of Global Reporting Initiative (GRI, 2013) and emphasis on the meaning of key non-financial indicators should be assessed. General application of management and control, cash, treasury, investment and sometimes tax management constitute the backbone of the function and thus are also a subject for review (ICAEW, 2015). Another activities assisting in business decision and strategic financial management are internal audit ensuring the proper operations of financial controls (COSO,2013) and management accounting, the cost and quantitative information management used to support planning\decision making in diverse business contexts (ACCA, 2015). Various departments can be responsible for this function and be subject to analysis – controlling, internal audit, financial planning and analysis, business support etc.
Strategy and Risk. This function should be thoroughly analyzed as the key influencer of the organizational strategy and risk management for all companies. Even in smaller companies with low likelihood, vulnerability, impact and speed of the risks onset, risk management policies should be present as outlined by COSO (2004). Strategy process, with mergers, acquisitions and divestments as specific strategic finance operations also fall within the scope of this function (ICAEW, 2015). Risk managers, investment associates or the whole relevant departments’ performance is typically analyzed to evaluate this function.
Funding. The purpose of funding activities is to obtain, to maintain and to handle the funding necessary for organization’s function. This area assessment covers typical treasury activities investors’relations and sources of finance (debt finance, shareholders etc.).Though different for profit and non-for profit sectors, it enables organizational stakeholders to appraise the entity performance, financial viability (profit) or economy, efficiency and effectiveness of operations (non-for profit) (CPAA, 2009; ICAEW, 2015).
Resourcing. Its evaluation covers resources allocation and includes the issues requiring a separate financial control, such as development, implementation and management of finance IT (accounting informational system (AIS), people and shared services. To ensure adequate financial management and control, IT systems have to be able to identify and record all the valid transactions processed by accounting function on timely basis, with properly measurement and presentation in financial statements (AICPA, 2007). Normally financial manager, finance IT department or shared service centres performance should be assessed.
Financial Controls. SOX (2002) (Section 404) has a special requirement to the listed companies to establish internal control policies, to monitor their effectiveness in all the mentioned areas and to correct any deficiencies arising. However corporate governance standards prescribed by SOX to ensure sound financial controls can be easily adjusted to any organization financial framework where a specific financial controls checklist can be applied to all the areas to define the drawbacks with potential for improvement (AICPA, 2007; CPAA, 2009).This checklist should cover all main subfunctions e.g. payroll processing in accounting, tax filing in compliance, budgets approval in management, debt covenants revision in funding, IT controls in resourcing ensuring validity, accuracy, timeliness, completeness and authorization at all levels. The key points to check are performance reviews availability with analysis of actuals vs.budgets, financial ratios, benchmarking vs. industry performance; IT general and application controls; safeguarding assets (e.g. access levels to AIS, data master files, inventory counts, secured equipment storage etc.) and seggregation of duties clearly documented by control policies and procedures (charts of authority, “four-eyes principle” in documents control and approval) (COSO, 2004; COSO,2013; AICPA,2007). COSO (2013) stipulates that for effective management 5 components of control should be present in each of the finance subfunctions: control environment framework, particular area risk assessment, establishing adequate policies and procedures to manage the risk, communication to ensure these policies are applied and monitoring their application. It should be noted the controls cannot be purely detective i.e. aimed at detecting a violation of the policy. To guarantee effective operations, preventive controls which can prevent the violation of the policies or minimize risk of error (e.g. authorization for transaction processing or purchase request for investment) should be used (COSO, 2013). Each area should be critically evaluated for the presence of all 5 components of control and possible deficiencies, significant deficiencies or material weaknesses in them (AICPA, 2009). The examples of such deficiencies are various and include but are not limited to lack of proper payroll authorization, absence of inventory count, lack of budget reviews, failure to match invoices against goods receipts, unadequate provisions for lawsuits, incorrect control totals in AIS etc. In case of presence of these weaknesses and deficiences, the critical recommendations to ensure sound financial controls should be issued for all the areas where such weaknesses are found, with a detailed description of each deficiency and potential for improvement as prescribed by SAS 109 and SAS 115(AICPA, 2007; AICPA, 2009).
Conclusion. Financial function comprising the core areas of accounting, compliance, management and control, strategy and risk, funding and resourcing, ensures meeting an organization’s operational, compliance and reporting objectives, with financial controls primary purpose to provide achievement of these goals. Financial function effective performance can be ensured by applying 5 internal control components (COSO, 2013) to each of these areas and combination of preventive and detective controls. Critical evaluation of possible deficiencies, significant deficiencies and material weaknesses in financial controls followed by elaboration of specific corrective measures allows providing reasonable assurance that risks related to the achievements of entity objectives are properly managed.
References:
American Institute of CPAs (AICPA) (2007). Understanding the Entity and its Environment and Assessing the Risks of Material Misstatement Statement on Auditing Standard SAS No 109. AU Section 314. Retrieved from: http://www.aicpa.org/Research/Standards/AuditAttest/DownloadableDocuments/AU-00314.pdf
American Institute of CPAs (AICPA) (2009). Communicating Internal Control Related Matters Identified in an Audit. Statement on Auditing Standard SAS No 115. AU Section 325. Retrieved from:
http://www.aicpa.org/research/standards/auditattest/downloadabledocuments/au-00325.pdf
American Institute of CPAs (AICPA) (2010). Compliance Audits. AU-C Section 935. Retrieved from: http://www.aicpa.org/Research/Standards/AuditAttest/DownloadableDocuments/AU-C-00935.pdf
Association of Certified Chartered Accountants (ACCA) (2015). Language of Financial Reporting. Available from: http://www.accaglobal.com/uk/en/student/sa/professional-skills/find-a-way.html
Chartered Professional Accountants Australia (CPAA) (2009). Financial management of non-for-profit organizations. Retrieved from: http://www.ausport.gov.au/__data/assets/pdf_file/0007/354787/financial_management_of_not-for-profits.pdf
Committee of Sponsoring Organizations of Treadway Comission (COSO). (2004). Enterprise Risk Management – Integrated Framework. Retrieved from: http://www.coso.org/
Committee of Sponsoring Organizations of Treadway Comission (COSO). (2013). Internal Control – Integrated Framework. Retrieved from: http://www.coso.org/
Global Reporting Initiative (GRI) (2013). G4 Sustainability Reporting Guidelines.Retrieved from: https://www.globalreporting.org/Pages/default.aspx
The Institute of Chartered Accountants in England and Wales (ICAEW) (2011).The Finance Function: a Framework for Analysis. Retrieved from: www.icaew.com/fmfac
The Sarbanes-Oxley Act (SOX) (2002). Retrieved from: http://www.sox-online.com/act.html
