The Periscope Reporter
Institute of Business Diplomacy and Financial Management IBDFM has identified lack of effective audit and internal control techniques as catalysts to financial crisis.
IBDFM has made this observation Saturday, during her 31st Mandatory Continuing Professional Development (MCPD) Programme, Investiture of Fellowship and Induction of New Members, which was at Monty Suites, Calabar, Cross River State, South-South Nigeria.
IBDFM 31st programme, though has had a lone member who was upgraded and decorated with Fellow membership, close to one hundred members participated in the MCPD. A very intimidating attendance, if not the largest in 2020 so far.
Mrs. Philomina Obene was the only person conferred with the prestigious Fellowship Award of the Institute. She is an Administrative Officer with the Port Harcourt Zone of the NNPC and has been a Senior Member of the Institute since 2018. She was being admitted by Dcn. Nicholas I. Agbo.
In his welcome address, ably represented by the Registrar and Secretary to Council, Mr. Sukana D. Tusha, the President and Chairman Council of the Institute Prof. Ayuba A. Aminu commended the organisers of the programme and congratulated the old members for the additional knowledge and experience and the new members for the new opportunities opened to be harnessed.
“…As you all know, the Institute of Business Diplomacy and Financial Management is a professional body approved by the Federal Ministry of Education, authorised by the Attorney General of the Federation and Minister of Justice and incorporated under the Companies and Allied Matters Act (CAMA), 1990 and currently pursuing her Chartered status.
“As a professional body, IBDFM is providing quality management training, research and consultancy services in the fields of General Management, Business Management, Banking, Finance, Accountancy and Economics to the Private and Public sectors.
“The Institute’s Mandatory Continuing Professional Development (MCPD) Programme is aimed at improving, renewing and updating the knowledge, skills and ability of all professional members of the Institute and to ensure that they are up to speed with latest developments in the fields of Business Diplomacy and Financial Management for optimal productivity in today’s challenging work environment.
“On the theme chosen for today’s Programme “Effective Audit and Internal Control Techniques”, I must say that this is not just apt but timely as it is one of the surest ways a company or business organization can check fraud and corrupt practices, which have eaten deep into the fabric of most organizations, both public and private.
“I am glad that our Keynote Speaker, Dcn. Nicholas I. Agbo who is a Fellow of the Institute, a Chartered Accountant and the Director of Audit, University of Calabar, is an Expert with hands-on experience not only in Audit but in Finance and Accounting. I strongly believe that he will do justice to the paper within the short time allotted for the presentation.
“Let me seize this opportunity to sincerely appreciate all Certified Professional Members of the Institute who have made out time to participate in this MCPD Programme. I want to assure you that your labour will not be in vain as the credit units earned from MCPD participation will be a major criterion in the executive Chartered conversion when the Institute attains her CHARTERED status soonest.
“For those joining the professional league of our Institute today as Fellows, Senior, Full, Associate and Graduate Members, I must congratulate you and say without mincing words that your admission into the Professional Membership of this Prestigious Professional Institute is an achievement worthy of accolades and celebration.
“Your formal induction today gives you a professional membership certificate that improves your qualification for employment, appointments and promotion purposes and the right to use the following designations or acronyms after your names on your business cards, CVs, email signatures and other personal collaterals: FBDFM, SBDFM, MBDFM, ABDFM and GBDFM for Fellow, Senior, Full, Associate and Graduate Members respectively.
“It also provides you the opportunity to attend both local and international conferences where you meet with world-class scholars and academics, entrepreneurs, professionals, bureaucrats and technocrats from all walks of life to collaborate, find job opportunities, negotiate deals, etc.
“The old members of the Institute may recall that the Institute in collaboration with esd Conferences had earlier scheduled an International Conference on the 26th and 27th of March, 2020 at Mohammed V University, Rabat, Morocco prior to the outbreak of the Coronavirus pandemic.
“As I bring my welcome speech to a close, I urge you all to distinguish yourselves and let excellence and professionalism stand you out from the crowd. For those that are being inducted today, ensure that you participate fully in every activity here and finally swear to the Oath of Allegiance and Code of Professional Ethics which is the hallmark of your induction as bona-fide Professional Members of the Institute, and so entitled to all rights and privileges appertaining therein.
“Please note that the rights and privileges can be withdrawn if your conduct is found to be unprofessional and inimical to the well-being of the institute.
“Once again, I warmly welcome and thank you all for your time and the courtesy of your attention.
“God bless the Institute of Business Diplomacy and Financial Management; God bless Cross River State and God bless the Federal Republic of Nigeria,” the President said.
Effective Audit And Internal Control Techniques: A keynote lecture delivered by DCN. Nicholas I Agbo, FBDFM, Director of Audit University of Calabar, was a compelling tour de force, a brave attempt, to redefined sanity, accountability and financial discipline in an organisation sensitising participants on the advantage of effective auditing in checkmating financial leakage; a window of corruption.
The presentation has explained that business organizations and government agencies have over the years suffered colossal financial losses through fraudulent practices. Consequently, it became very necessary to have an independent and professional person(s) called ‘Auditor’ to review the reports presented by management in an objective manner. This review process is ‘Auditing’.
“To prevent errors and fraud, an audit and a system of rules, which in their aggregate, minimize the likelihood of fraud occurring, while maximising the possibility of detecting any fraudulent activity that may transpire must be instituted.
“The potential of being caught most often persuades likely perpetrators not to commit or be involved in the act of fraud; because of these challenges, the existence of an Audit Department and a thorough Internal Control System becomes very essential to appraise, monitor, control and regulate the financial operations in an organization.
Below is an excerpt of the keynote paper:
What is an Audit?
Audit is an independent examination and expression of opinion on the financial statements of an enterprise by an appointed Auditor in pursuance of that appointment and in compliance with relevant laws and regulations. Audit has also been defined as an independent appraisal of activity within an organization for the review of its operations as a service to Management. It is a managerial control, which functions by measuring and evaluating the effectiveness of other controls. Simply put: “it is the Control that Controls other Controls.”
Audit is further used to determine the validity and reliability of accounting information expressed in the financial statement, and that the information is free from material errors and comply with financial laws.
Classification of Audit:
Audit can be classified majorly into two parts:
(i) External Audit: This is an audit that is statutorily required by law and is conducted by an independent auditor appointed in compliance with relevant laws and regulations. The external auditors have the responsibility of:
* Assurance Assignment;
* Expressing opinion on financial statement;
* Qualification of opinion where necessary;
* Making management to be consistent;
* Ensuring that Accounts comply with laws and regulations;
* Unwavering independence.
(ii) Internal Audit: Internal Auditing is defined by the Institute of Internal Auditors as “an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by
bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.”
Internal auditors are appointed by Management and are expected to apply
professional knowledge, skill and experience in the gathering, evaluation and communication of information, which is usually relied upon by Management and external auditors for decision-making.
Internal Auditors Responsibilities are to review, appraise and report on:
* The soundness, adequacy and application of internal controls;
* The extent to which the organization’s assets and interest are accounted for and safeguarded from losses of all kinds;
* The suitability and reliability of financial and other Management data developed within the organization.
In November 2006, the Audit Committee Chair Forum (ACCF) addressed the issue of audit effectiveness and evaluation. The forum considered pertinent questions such as: What is an Effective Audit?
A lot of the audit fee seems to be about ‘do the financial statements comply with two thousand two hundred checklist points?,’ rather than ‘do the assets exist?’
A clear understanding of audit effectiveness is a prerequisite of audit evaluation.Effectiveness has many aspects relating both to the particular audit and to the audit firm in general. Furthermore, effectiveness is to some extent in the eye of the beholder – it means different things to the auditors and to the audit committee chairs and may also differ between companies and over time.
Defining the Effective Audit:
Effectiveness can be regarded as a composite of competence, procedural arrangements, quality control and quality assurance. The procedural arrangements can be regarded as the tools used by the firms and individuals to ensure that audits comply with technical standards, i.e. legal requirements, regulators’
requirements and auditing standards set by the Auditing Practice Board (APB).
“You can answer in the negative. What is not an effective audit? If you know what is not an effective audit, you can see what is. It is not lots of hassles… if something goes wrong you know its not effective… but if there was no underlying wrong, you might never know the audit was not effective.” The above quotation
presents a dilemma in assessing audit effectiveness, but with hindsight, it’s easy to see what was not effective.
Given the difficulty in the absence of detection of a problem, of determining whether the audit was effective, it was suggested by the ACCF that effectiveness might be proxied by examining the characteristics of an effective audit team which includes:
* Knowledge of the industry
* Sound judgment
Characteristics of Effective Audit:
An Audit is said to be effective if and when it achieves its purpose and objectives in the organization, which includes the following characteristics:
* The Financial Statement presents a true and fair view of the organization’s financial position.
* Useful areas of improvement in the organization’s procedure to be highlighted.
* Work to be completed on schedule with minimal disruption to the organization.
* Provide independent, unbiased assessment of the financial statements; that it has been prepared using acceptable and appropriate accounting policies consistently applied and disclosed.
Review the three Es:
* Economy – Least Cost
* Efficiency – Use of Resources
* Effectiveness – Meets Purpose/Specification of financial transactions.
* Assessing compliance with laws, regulations, policies and contracts.
* Review accounting and internal control systems for safeguarding of PPE and other assets.
* Review controls for prevention of errors,
irregularities and fraud.
* Assurance that the financial statements show a true and fair view of the company’s state of affairs and can be relied upon by users of accounting information.
* Vouching for integrity of management.
* Claims and obligations are properly valued and represented.
* Protection of rights and interests of parties/stakeholders in business organizations.
* Follow-up previous audits to assess if remedial actions has been effectively implemented.
Internal Control Techniques:
In the past, it was considered necessary to check a great number of transactions and to vouch numerous documents. But in modern times, the techniques has changed and emphasis now placed upon investigating the system of internal control, hence the System Based Audit.
SYSTEM BASED AUDIT: This is an audit procedure which, investigates the system of internal control and its operations backed by test to substantiate the accuracy and reliability of the records. The Auditor must evaluate the strength and weaknesses of the procedure
and test the effectiveness through compliance test. This will enable the Auditor to know the extent to which he can rely on the internal control system in operation.
Internal Control System:
In accounting and auditing, Internal Control is a means by which an organization’s resources are directed, monitored and measured in order to accomplish specific goals or objectives. They are systems, procedures and processesthat are implemented to minimize the risk to which the organization might otherwise be exposed as a result of fraud, negligence, error or other causes.
(i) Internal Control is defined as “the whole system of controls, financial and otherwise, established by management in order to carry on the business of the organization in an orderly and efficient manner, ensure adherence with management policies, safeguard the assets and secure as far as possible the completeness and accuracy of the records.
(ii) COSO (Committee of Sponsoring Organizations) of the Threadway Commission Framework defined Internal Control as “a process designed and effected by an entity’s Board of Directors and Management and other personnel to provide reasonable assurance regarding the achievement of objectives in the following categories:
* Compliance with applicable laws and regulations.
* Effectiveness and efficiency in operations.
* Reliability of Financial reporting.
Types of Internal Control Techniques:
There are three (3) types of Internal Control Techniques viz:
(i) Preventive Technique: Manual or automated processes that stop something bad from happening before it occurs. This includes:
* Passwords and access codes
* Locking of offices
* Backing up computer data
* Employee screening
* Segregation of duties
* Obtaining approval before processing a transaction
* Arithmetic summation; prepayment audit.
(ii) Detective Technique: These are designed to find out and/or discover the different errors or irregularities which may have occurred.
* Surprise cash counts
* Physical inventory counts
* Review of performance
* Periodic audit
(iii) Corrective Technique: This is meant to correct errors or irregularities that have occurred.
* Set up policies and procedures for reporting errors.
* Organize Training programmes.
* Institute Progressive disciplinary actions.
* Continuous improvement processes: e.g. review of operations manual to prevent future errors or irregularities.
Components of Internal Control:
(i) Control Environment: It sets the moral tone of the organization/business, standards, processes and structures that provide the basis for carrying out internal control across the organization through:
• Establishment of code of ethics for the organization.
• Careful screening of job applicants (background checks, skills, etc).
• Proper assignment of authority and responsibilities and supervision.
• Effective/consistent disciplinary measures and sanctions for all ethical violations.
(ii) Risk Assessment: Understanding the possibility that an event will occur and adversely affect the organization. The three
(3) step process involves:
* Set objectives for the organization: Goals should not be too lofty and all levels of management should be involved.
* Analyze potential risk of violations: Note the internal (personal changes, funding) and external (outsiders, contractors, new technology, new government policies) risks.
* Develop strategies to manage risks: Develop controls tailored at the inherent risks of the organization’s business and establish set policies for dealing with violations.
(iii) Control Activities: The policies and procedures that enforces management directives includes:
• Authorization and approval.
• Security of assets.
• Reconciliation and arithmetical accuracy of records.
• Segregation of duties and supervision.
• Limit physical access to assets to authorized persons.
(iv) Information: Pertinent information must be identified, captured and communicated in a time frame that enable people to carry out their responsibilities.
(v) Monitoring Activities: Reviewing financial information, verifying inventories, supplies, equipment and other assets.
Types of Control System:
There are 3 major types of control system:
* Administrative Control (Personnel Mgt. Discipline, Training)
* Organizational Control (Lines of authority, Rights, Duties, Communication)
* Accounting Control
* Internal Audit
Accounting Controls: These are controls built within and around accounting system.
* Documentation: Transactions and significant events must be clearly documented in writing and easily assessable for examination.
* Recording: All transactions to be promptly recorded and properly classified.
* Execution: Transactions are duly authorized and executed by persons authorized to do so and within the limitation of such authorities.
Internal Audit: Internal audit is a control that controls other control. The control functions to appraise and report on:
* the soundness, adequacy and application of financial and other management controls.
* the extent of compliance with established plans, procedures and policies, etc.
* the extent to which the organization’s assets and interests are accounted for and safeguarded.
* the suitability and reliability of financial and other management data developed within the organization.
Objectives of Controls:
Due to the inherent risk in the management and control of organization’s financial resources, inventories, assets, stores, salaries and wages; audit/control objectives have been standardized to ensure that resources are directed appropriately, monitored effectively and measured correctly. Below are the audit and control objectives on selected and most vulnerable areas:
(i) Cash: (Most liquid asset)
* Audit Objective: Verify the accuracy, existence, ownership and proper representation.
* Separation of functions and duties.
* Reconciliation of accounts.
* Well defined disbursement procedures.
* Use of temporary receipts should be avoided.
* Periodic cash book analysis to be conducted.
* Periodic cash survey.
* Cashbook should be endorsed by high ranking officer other than the cashier.
* Movement of cash should be recorded and balanced daily.
* Cash, cheques and other negotiable assets should be kept in safe, lock and key.
(ii) Purchase Controls: Ensure that:
* All purchases are properly authorized and approved before goods and services are ordered.
* Liability for all purchase is accurately recorded in the books of account.
* All materials purchased are actually received into the stores and services rendered accordingly. Items should be verified as having met specification.
(iii) Stores: Stores are all the moveable materials and equipment, classified as expendable and non-expendable and consumable items.
* Audit Objective:
* To ensure stores ledger and bin cards are maintained.
* Accuracy and existence of stock.
* Reconciliation of ledger and bin cards.
* Different officers handle store ledger and bin card.
* Inspection of items on regular basis.
* Prevention of unauthorized access to stores.
* Good procurement procedure.
* Annual stock-taking and verification of balances.
(iv) Salaries & Wages: Salary is fixed amount of income received by an employee, while wages are paid to workers not on permanent appointment.
* To ensure that only legitimate and bonafide employees are remunerated/paid for services rendered.
* That amounts paid are properly authorized and approved for payment.
* That there is accuracy in all computations; no overpayments.
* That all statutory deductions are correctly made, and paid to relevant authorities.
* Obtain all information relating to salary increment, promotion, transfer, termination, resignation and treat appropriately.
(v) Contracts: Are agreements or set of promises between two parties, which the law will enforce. Government contracts are made in accordance with ordinary law of contracts through offer by one side and acceptance by the other. The Public Procurement Act (2007) provides detailed requirements and guidelines for procurement/contracts in respect of works, goods and consultancy services in the public sector.
* To ensure that rules and regulations governing government contracts are followed.
* That contracts awarded are executed and achieve desired goals.
* Constitution of Tenders Board.
* Approval limits on contract by the Chief
Executives, CEOs and Tenders Board.
* See new policy guidelines for procurement.
* Ensure review and evaluation of process of awards of contract.
* Obtain contract register.
* Review payment made to contractors and service providers.
* Obtain stages of completion certificates/reports relevant to each contract.
(vi) Fixed Assets: These are tangible items that helps in the productivity and profitability of the company.
* Control Objectives:
* To confirm the ownership and physical existence of the assets.
* Adequate maintenance and control of the asset.
* Capital expenditure are properly incurred and recorded.
* Addition and disposal of assets are authorized by appropriate levels of management, properly receipted and documented.
* Ensure that Fixed Asset Register is maintained.
Limitations to Internal Control:
The importance of Internal Control in the operations of an entity cannot be over-emphasized. However, it is expedient to note that the controls in themselves are not full proof and can suffer set backs due to the inherent limitations below:
* Judgment: The effectiveness of internal control is limited by decisions made by human judgment under pressure to conduct business based on information at hand.
* Breakdown: Employees sometime misunderstand instructions or simply make mistakes. Errors may result from new technologies and the complexity of computer information system.
* Management Override: High level personnel may be able to override prescribed policies and procedures for personal gain or advantage.
* Collusion: Control system can be circumvented by employees collusion. Individuals acting collectively can alter financial data or other management information in a manner that cannot be identified.
An audit is a systematic and independent examination of books, accounts, records and vouchers of an organization to ascertain it’s financial performance and position in order to present a true and fair view of that organization. It is a management tool geared towards sound appraisal of the performance of an organization and there cannot be sound appraisal if the business transactions are not conducted in an efficient and orderly manner with strong internal controls and financial regulations.
Effective auditing therefore is dependent on how knowledgeable and skillful the auditing personnel is in using the knowledge and laws to gather audit evidence and carry out compliance test on the internal control system to ascertain its strength, validity and reliability to form positive opinion that will bring profit to stakeholders in the business.
For internal control to be effective, it must be able to highlight and detect fraudulent practices, as well as mismanagement of resources, so that deterrent actions can be taken against erring personnel.
(i) Financial Regulations. (Vol. 96, 2009 Edition).
(ii) Committee of Sponsoring Organizations (COSO) Manual.
(iii) Evaluating your Auditor: Article of Institute of Chartered Accountants of England & Wales. (2003).
(iv) A Manual of Uniform Internal Audit System. (CHIADINU).
(v) Training Manual on Auditing and Investigation by ASCON, 2018.
(vi) Auditing and Investigation. (Ferdinand Olusanya).
(vii) Auditing and Investigation. (Adeniyi A. Adeniji).
(viii) Nigerian Standards on Auditing.
(ix) ICAN Journal of Accounting and Finance.
(x) Institute of Internal Auditors Journal/Manual.