Blind trust of the Board and those who are charged with Governance, in the management, coupled with inadequate control functions increases the risk of management override of internal controls.
It is not uncommon for the management to challenge the control function’s recommendation to strengthen the internal controls, as they may think that it weakens the employee empowerment to make decisions.
Little they know, that lack of oversight on management actions may result in high probability to commit fraud.
It is already established that Management of the Company is responsible for designing, implementing and monitoring the internal controls within its various processes and flows. However, the risk of overrides of controls is inherently high to mispresent the financial statements and impress the shareholders or to commit fraud.
Override of internal controls is due to pressures or incentives to meet the business objectives or perhaps an opportunity for the management to engage in fraudulent activities and misuse their authority to cover up in the financial statements.
It has been found that senior management and executives are involved in the override of internal controls and commit fraud.
The oversight of internal controls and management actions rests with the Board of directors and Audit Committee. This is achieved through the formation of a strong and resourceful Audit Committee and Control functions within the Company. Such Control functions may include Compliance and Risk Management functions, along with an independent internal audit department.
The Board sets the tone at the top through the implementation of various policies and procedures, power of attorney, a delegation of authorities, rigorous reporting, independent internal and external audits and training.
I don't think so.
Even with diligent control functions, limitations still exist and the senior management and their subordinates may override the authority and control procedures to commit fraud, which may go undetected, and may result in the frequent override of internal controls.
The roles and responsibilities of the Board and their sub-committees including the Audit Committee shall be clearly defined in their respective charters. Collectively the Board is responsible to assess the following:
The Audit Committee can further perform the following actions to address the risk of management override of internal controls:
Therefore, awareness of the Company’s Code of Conduct with employees, customers, vendors, and third parties is vital and can be created through various onsite and off-site training, seminars, marketing collateral, giving them awareness about the control environment and their role. In addition, the whistleblowing culture will further strengthen the control environment of the Company, therefore minimizing the risk of management override of internal controls.
The first question which comes into the mind after the fraud is exposed, where were the Board, Audit Committee, and control functions?
The risk of management override of internal controls is inherently high; however, if the Board and Audit Committee challenge the senior management and status quo, then internal control weakness may be identified and timely rectified. Perhaps the control functions may adopt an effective risk management approach to identify internal control weaknesses.
Photo by Tobias Tullius on Unsplash
Share your comments and below and share this post.