Embed Size (px)
Citation preview
REGULATORY FILMS
present
Internal Controls Ke
Internal Financial Controls ke
All characters appearing in this work
are fictitious. Any resemblance to
real persons, living or dead, is
purely coincidental.
4
Starring…Hero – Companies Act Heroine - COSO Hero’s friend - SEBI
Gabbar – ICAI GN Thakur - Companies
5
What is
IFC
Why it is
required?
What’s
our Plan?
Is there
any
framework?
6
The Story so far…
What is
IFC
Why it is
required?
What’s
our Plan?
Is there
any
framework?
7
A process effected by an entity’s board of directors, management, and other personnel,
designed to provide reasonable assurance regarding the achievement of objectives
relating to operations, reporting, and compliance
Thus, the key parameters Internal Controls seeks to address are:
• Effectiveness and efficiency of operations
• Reliability of financial reporting
• Compliance with applicable laws and regulations
8
Internal financial controls means
adopted by the company for ensuring
of its business, including
adherence to company’s policies,
safeguarding of assets,
prevention and detection of frauds and errors,
accuracy and completeness of accounting records, and
timely preparation of reliable financial information.
Section 134
9
A process designed to provide reasonable assurance regarding:
• the reliability of financial reporting
• the preparation of financial statements for external purposes
in accordance with generally accepted accounting principles
11
Terminology Coverage
Cos Act IFC Operations and FR
SEBI ICFR FR
ICAI GN IFC over FR FR
COSO Internal Controls Operations, FR and Compliance
12
The Characters
What is IFC
Why it is
required?
What’s
our Plan?
Is there
any
framework?
13
Particulars Companies Act, 2013 (w.e.f. April 1, 2014)
SEBI (Clause 49 - New) (w.e.f. October 1, 2014)
Audit
Committee
Role
177 (4)
Evaluation of internal financial
controls and risk management
systems
III. Reviewing :
• Adequacy of the internal control
systems & Evaluation of internal
financial controls and risk
management systems
• Internal investigations of suspected
fraud/ irregularity or failure of
internal controls & report to BOD
• Letters of internal control
weaknesses issued by the statutory
auditors
• Internal audit reports relating to
internal control weaknesses
Hero Hero’s Friend
14
Particulars Companies Act, 2013(w.e.f. April 1, 2014)
SEBI (Clause 49-New)(w.e.f. October 1, 2014)
Board of
Directors
134 (5e)
Director’s responsibility statement
to state that:
• Internal financial controls are in
place and these are adequate
and operate effectively (Listed
Cos.)
• Proper systems to ensure
compliance with the provisions
of all applicable laws were
devised (All Cos.)
177 (9)
• Vigil mechanism is established
to report genuine concerns
Companies (Accounts) Rules, 2014 -
Rule 8(5)(viii)
Board of Directors’ report to state:
• Details in respect of adequacy
of internal financial controls
with reference to the “financial
statements” (All Cos.)
D. Key functions of the Board - To ensure:
• Integrity of the company’s accounting and financial
reporting systems
• Appropriate systems of control are in place, in
particular, systems for risk management, financial
and operational control
• Compliance with the law and relevant standards
VIII. MDA
• Discussion on Internal Control systems and their
adequacy
IX. CEO/CFO cert states:
• Established and maintained ICFR and evaluated its
effectiveness
• Disclosed to Auditors and Audit Committee about
control deficiencies and actions taken
• Informed Auditors and Audit Committee about
• Significant changes in ICFR, accounting
policies
• Instances of significant fraud and the
involvement, if any, of management or
employee having significant role in
company’s ICFR
II. F. Whistle Blower policy
• Establish a vigil mechanism to report concerns
15
Particulars Companies Act, 2013 SEBI (Clause 49)
Independent
Directors
(w.e.f. April 1, 2014)
Sch IV. Code For Independent Directors
• To satisfy themselves on the integrity of
financial information and that financial
controls and the systems of risk
management are robust and defensible
-
Statutory Auditors
(Recommendatory-
w.e.f. April 1, 2014
Mandatory-
w.e.f. April 1, 2015)
143 (3) Report to State:
• Whether the company has adequate
internal financial controls system in place
and the operating effectiveness of such
controls
-
16
Heroine
Control Environment
Risk Assessment
Control Activities
Information &
Communication
Monitoring Activities
1. Demonstrates commitment to integrity and ethical
values
2. Exercises oversight responsibility
3. Establishes structure, authority and responsibility
4. Demonstrates commitment to competence
5. Enforces accountability
6. Specifies suitable objectives
7. Identifies and analyzes risk
8. Assesses fraud risk
9. Identifies and analyzes significant change
10.Selects and develops control activities
11. Selects and develops general controls over
technology
12.Deploys through policies and procedures
13.Uses relevant information
14.Communicates internally
15.Communicates externally
16.Conducts ongoing and/or separate evaluations
17.Evaluates and communicates deficiencies
17
The Difficult Character
What is IFC
Why it is
required?
What’s
our Plan?
Is there
any
framework?
18
Based on COSO
framework
‘Guidance note for
Auditors on IFC over Financial reporting’
‘Guide to Internal
Controls over Financial
Reporting’
2007 2014
Gabbar
19
Pertain to the maintenance of records
• Accurately and fairly reflect
• transactions
• dispositions of the assets of the company
Provide reasonable assurance regarding -
• Recording of transactions permits preparation of FS according to GAAP
• Receipts and expenditures made only with authorisations of management and directors
• Prevention / timely detection-
• unauthorized acquisition, use, or disposition of the company's assets that could have a material effect on the financial statements
Includes those policies and procedures that:
20
Internal Control framework to be assessed at 2 levels - Entity & Process
Entity level (ELC)
•Assess 5 components of COSO framework
•Control Environment, Risk Assessment, Control Activities, Information & Communication & Monitoring
Process level (PLC)
•Select significant financial accounts based on materiality - qualitative or quantitative considerations
•Drill down to process, sub-process, risks, controls
Testing of Controls
• Design effectiveness - Walkthrough
• Operating effectiveness
Conduct ELC to identify ELCs that are:
• Indirect
• Direct – Not precise enough
• Direct – Precise
Detailed process flow diagrams to include:
• risks based on intensity
• manual vs. automated control
• applications used
• logic of automated controls
New
21
The plot…
What is IFC
Why it is
required?
What’s
our Plan?
Is there
any
framework?
Process level
Identify significant accounts
Identify Process & Sub-process
Identify Risks
Define Control Activities
Map Control Activities in each IC
Walkthrough
Testing
Entity level
Finally a happy ending…
The EndProduced by: Regulatory Films
