As originally published in the Times Union, a woman pleaded guilty to illegally using a company credit card to make over half a million dollars in purchases in Albany, New York. She admitted to making $548,993 in personal purchases using a company credit card over the course of five years while working for a tissue manufacturer. The perpetrator used fake, modified or incomplete receipts to claim these were business purchases.
Actual stories like this are repeated over and over in manufacturing businesses. Most often, the victimized organization thought they were immune to crimes committed by employees against the company. While this example includes the abuse of a company credit card, other examples can involve cash receipts, vendor payments and even payroll.
In other instances, a manufacturer may experience a similar fate – but not from malicious intent – rather, human error. Incomplete reconciliations, transposed numbers during data entry or clicking on a predatory email can wreak havoc for a company.
Prevention through internal controls
Fortunately, there is a solution to prevent these situations from happening. The answer? A reliable system of internal controls. Internal controls refer to a set of processes, policies, and procedures implemented to safeguard assets, ensure the accuracy of financial information, promote operational efficiency, and uphold compliance with laws and regulations. Internal controls are designed to minimize the risk of errors, fraud and mismanagement.
Implementing effective internal controls is crucial for the smooth operation and financial integrity of a manufacturing company. The specific controls may vary based on the company’s size, industry and unique circumstances; however, below is a sample list of key internal controls to get any manufacturer started:
- Segregation of Duties: Segregation of duties means separating responsibilities for critical processes, such as inputting transactions, authorizing transactions, recording transactions, and reconciling accounts, to prevent fraud and errors. The separation of these types of tasks should be implemented in all processes of the organization. Other controls that should be assigned to different employees are further explored below.
- Inventory Controls: Implement procedures to track and control inventory levels, conduct regular physical counts, and reconcile discrepancies between your books and physical inventory.
- Purchase Order Approval: Establish a system where purchase orders are authorized before purchases are made, ensuring that only legitimate and approved purchases are processed.
- Vendor Management: Maintain a list of approved vendors, conduct periodic vendor reviews, and verify invoices against purchase orders and receiving reports to prevent fraudulent activities.
- Cash Handling Procedures: Clearly define cash handling processes, including who is responsible for receiving, depositing and reconciling cash. Implement controls to safeguard against theft or misappropriation.
- Bank Reconciliations: Regularly reconcile bank statements with accounting records to identify and resolve discrepancies promptly. This helps ensure accuracy in financial reporting.
- Sales Order Controls: Implement controls over the sales order process, including order approval, invoicing accuracy and verification of sales transactions against shipping records.
- Fixed Asset Management: Maintain an accurate record of fixed assets, including their acquisition cost, depreciation and physical location. Conduct periodic asset audits to ensure their existence.
- Employee Expense Reimbursement: Establish a clear policy for employee expense reimbursement, requiring documentation and approval for all expenses. Regularly review and reconcile employee expense reports.
- Information Technology Controls: Implement IT controls to safeguard sensitive data, prevent unauthorized access and ensure the integrity of financial systems.
- User Access Controls: Ensure that users have appropriate access permissions, preventing unauthorized access and protecting confidentiality, integrity, and availability of critical information. Review user access permissions on a regular basis.
- Documented Policies and Procedures: Develop and maintain documented policies and procedures for key processes to provide guidance to employees and ensure consistency in operations.
Regularly monitor and assess
This is a good starting point for any manufacturer, but it’s important for management to regularly assess and update internal controls based on changes in the business environment, industry regulations, and organizational structure. Involving employees in the internal control processes and promoting a culture of accountability can also greatly contribute to the overall effectiveness of internal controls.
Reach out to our team
While it is impossible to prevent every possible adverse event from impacting your manufacturing company, a baseline of sound internal controls will mitigate most of the risk. Reach out to our team at Sikich if you need assistance customizing or assessing your internal control environment for your business. We will be there to help.
