Control deficiencies and recommendations Flashcards
no log is maintained for petty cash, employees just give receipt to manager. and at any time reciepts and cash should total 400 (petty cash float)
but according to IA, sometimes the float is below 400.
deficiency: no record of petty cash requests is being maintained,
petty cash float is not equal, this can be a result of
1) employees are not giving receipts
2) cash is being stolen or being spent on non business items.
recommendation:
a log should be maintained including date, amount, name of employee and reason for borrowing
when employee returns change and reciept, that shud be recorded in the log
on a weekly basis, manager should reconcile the petty cash and if receipt or cash is missing, inquire with employees.
same password for all cash tills, and any employee can use any till.
these passwords are changed every two weeks
how it impacts business:
All employees having access to all tills increases risk of fraud and error.
in a case where there is cash disrepency in the tills, it will be difficult to identify who is responsible as there is no way of tracking who used which till.
recommendation:
each employee should have a unique login code. (think HBL tellers)
each employee should be allocated a specific till for their shift
Employees should be checked for criminal record and credit checks before hiring.
when disrepancies arise, they shud be double checked for error, then responsible employee should be identified and investigated
the tills are closed by the manager, he counts the cash, the sum of the credit card vouchers, and reconciles them with the sales reading from each till. any discrepencies are noted in daily sales sheet (they include daily sales, cash, credit card vouchers and any disrepencies) he scans and emails these sheets to head office.
deficiency:
there is no segregation of duties, too much responsibility lies with one individual. there is a risk of fraud and error.
the manager could steal cash and record it as a discrepancy or just remove a sales sheet from the record.
recommendation:
this process should be undertaken by 2 ppl, ideally an assistant manager shud be hired.
one should count, other should record.
the sheets are scanned and emailed to head office weekly
deficiency:
there is a possibility that some sheets are misplaced by the manager, resulting in incomplete data of sales and cash being recorded in the system.
recommendation:
sheets should be sequentially numbered so if any sheet is missing, manager can be inquired about it.
at head office, a sequence check shud be performed on a regular basis to identify gaps.
cash is stored in a safe and the manager has the key , its in his desk when not being used.
defeciency:
there is a risk of cash being stolen if key is not secured
recommendation:
key safe should be replaced with digital safe, only authorised ppl shud have the code and it should be changed on a regular basis.
management doesnt analyse difference between budgeted and actual wages, as no overtime is worked.
variance could be a result of other things, like extra employees hired, or increased rates.
so management needs to know if there is a major variance and why, becuz this is a significant expense.
if they are too high, this would affect profitability of company
rec:
variances shud be analysed
these shud be broken down to each relevant department as well.
It is not possible for a store
to order goods from other
local stores for customers
who request them. Instead,
customers are told to contact
the other stores or use the
company website.
deficiency, recommendation, TOC?
Deficiency:
this could lead to a loss of sales as customers are less likely to contact another store or visit website
Control rec:
inter-branch transfer system should be established. inter branch inventory forms should be completed. this will result in maximisation of sales.
Test of control:
Pose as customer and ask
during interim audit, visit a number of stores, and ENQUIRE a manager if possible to order from other branches.
also INSPECT a sample of inter branch inventory forms to confirm if control is being operated
oliver the purchase order clerk processes purchases below $1000 and is also responsible for processing invoices.
DEFICIENCY, REC, TOC?
def:
lack of segregation of duties, this could result in fraud or non business related purchases by oliver upto $1000 which is a signifcant amount
REC:
all purchase orders should be authorised by a responsible official.
an authorised signatories list should be made (who can approve)
TOC:
select a sample of purchase orders and INSPECT that they are signed,
agree the sign with the sign on the approved signatories list.
good received note are completed by warehouse guys and sent to accounts department every two weeks
give 2 def, rec, TOC?
1) def: this can result in delay in payment of supplier, as purchase invoices could not be agreed to a GRN. also liabilities are understated.
REC:
send them on a more regular basis, like daily.
acc dept should do a sequence check to ensure no GRN is missing
TOC:
Inquire with accounts department how often they are sent GRNs to assess if they are being sent on time.
observe them doing a sequence check and discuss any missing items with accounts clerk
2) GRNs are only sent to the accounts department. they shud also be sent to the ordering deprtment, or it could result in orders being unfulfilled, resulting in loss of sales.
rec:
send a copy of GRNS to purchase order clerk and he should agree with order and mark the order as completed.
then on a regular basis he should review any unfulfilled orders and chase them with relevant supplier
TOC:
inspect the file of GRNs held by oliver and inspect that they are matched to orders and flagged as complete
review the file of unfulfilled orders and inquire their status from oliver
supplier statement reconciliations are no longer performed
DEF REC TOC
DEF:
this could result in errors not being identified in a timely basis
rec: should be performed on a monthly basis and should be reviewed by a responsible official
TOC: review reconciliations to ensure they are being perfomed
inspect for evidence of review by responsible official
reperform recons to make sure they are being carried out appropriately
IA has started to physically verify assets with non current asset register. To date only 15% of assets have had their existence confirmed because there is a staff shortage and several members of IA are new to the company.
def rec
def 1)
verification should be done regularly otherwise There is a possibility that non current assets have been misappropriated by staff, or misplaced.
rec: company should hire more people and train the new staff asap, and verify all the assets in the register.
after this on a monthly basis sample should be verified.
def2) there is a significant staff shortage and new ppl
Maintaining an IA department is an important control as it enables senior management to test whether controls are
operating effectively within the company. If the team has staff shortages or lack of experience, this reduces the effectiveness of
this monitoring control.
rec: consider hiring new ppl, in the meanwhile consider seconding other dept ppl like finance to help with audits, ensuring tho that audit is not being done of the controls of their own department.
the production supervisors determine the amount to be paid as bonus to deserving employees, and they notify the payroll department
deficiency: supervisor should not be the one to determine the amount of bonus, as they could pay extra to friends and family members. this will result in increased payroll costs.
recommendation:
bonus should be determined by someone more responsible, like production director. and should be based upon a written policy.
if it is a big amount, it shud be agreed by board of directors.
it shud be communicated in writing to payroll department
bank reconcilation is carried out every two months
for a cash based business, bank reconcilation is a key control, if not done regularly enough, fraud and errors may not be identified on a timely basis.
recommendation
perform monthly, and it should be reviewed by a senior (financial controller) and signed as evidence of review.
student loan payments are made directly to govt, until employee informs HR that their loan is complete.
if employee is not monitoring, this could result in overpayment, ( which will then have to be reclaimed, leading to employee dissatisfaction.) or underpayment (meaning non compliance aka fines for both employer and employee)
rec:
payroll should maintain a schedule by employee of payments made to government and the balance owed.
on a yearly basis it should be reconciled with govt loan statement and agreed by employee.
system automatically calculates gross and net pay, and these calculations are not checked.
if there is an error in the system, it would not be identified, this could result in under or overpayment resulting in employee morale taking a hit, or increased payroll costs
recommendation:
a senior shud recalculate the gross/ net pay of a sample of employees and compare with the system.
the calculations should be signed as approved before making payments.
Test of control: inspect a sample of gross net pay calculations for evidence that they are approved and signed
for employees paid via bank transfer, senior payroll manager, on a monthly basis, agrees list of bank payments to payroll records and if any errors are noted, he amends the bank records
impact: there is a lack of segregation of duties.
this can cause fraud, he can increase amounts to be paid, process them and amend payroll records.
rec
he shudnt be able to change payroll records as well as authorise payments.
authorisation of bank transfer listing should be done by someone outisde of payroll department, like finance director.
holiday request forms are required to be approved by managers, however this is not done usually.
this could result in employees all going on holiday at the same time, resulting in the power station being understaffed and therefore, a loss of production
could also result in overpayment of wages
rec:
inform employees they cant take holiday without approved form.
payroll clerks should not approve holiday payments without approved form.
production supervisors distribute pay packets to employees as they know everyone by name
1) supervisor is not independent to give wages. they cud adjust them and give more to their favs while reducing others.
this could result in loss of morale
2) giving wages without proof of identity arises risk of payment being given to incorrect employees
recs:
payroll should directly give packets to workers, after looking at their clock card and photographic ID.
2) if suoervisors must give, they shud be signed by employees to confirm receipts and if absent, return to payroll immediately
During the year, the human resources (HR)
department has been busy; therefore the
payroll department has set up new joiners
to the company.
def
rec
segregation of duties, payroll is resp for payment so risk of fraud and fictitious employees being set up
rec: give other tasks to payroll, but they shud stop setting up new people.
already setup employees shud be reviewed, by checking employee files to confirm these employees are bona fide.
another dept ppl’s could be used, or hire new people.
New customers undergo a credit check, after which a credit limit is proposed by the
sales staff and approved by the sales director, these credit limits are not reviewed after this
def: after a period it may be discovered that credit limit is not appropriate, too high could lead to bad debts, too low could lead to loss of sales. this should be reviewed and changed.
rec:
sales director should regularl review credit limits based on order history and payment record.
High value inventory is stored in a secure
location across all nine warehouses and
access is via a four digit code, which is
common to all sites.
def: lots of ppl will know the code, and could access inventory at any site, increasing risk of fraud
rec:
unique code for each site, only tell to few ppl, change on regular basis.
The wage rate has been increased by the HR
director and notified to the payroll
supervisor by email
1) def: significant exp should be approved by board of directors.
rec: hr should propose but bod should approve, then formal notification written shud be sent to payroll supervisor.
2) payroll supervisor just increased without authorisation, could result in fraud.
rec: new rate shud not go live until approved by payroll director.
Invoices are authorised by the finance
director, but payment is only made 75 days
after receipt of the invoice.
def: could result in missing discounts, supplier goodwill loss and they may not provide goods in future
rec: review this policy, consider if early payment shud be made to avail discounts, if not pay according to supplier’s payment terms.
monthly inventory counts are supposed to performed but aren’t.
deficinecy: in order to rely on inventory records for deciision making, all inventory should be counted, with high value inventory being counted twice.
failure to do this will result in inventory records being incorrect
recommendation: the program of monthly count should be reviewed for ommissions.
lines that have been missed out should be included in the remaining counts
at year end if some lines are identified to be omitted, company should organise an additional count to enure all inventory items are confirmed to inventory records.
The IA department only undertakes cash
control visits to the 20 largest stores as
they feel this is where most issues arise.
total stores are 45
this means more than half stores are not being visited, this increases risk of errors and fraud since there is no check.
rec: IA should have a rolling program to visit all 45 stores. this program can have a bias to visit large and high risk stores, but all stores should be visited on cyclical basis.
Where employees’ friends or family members purchase clothes in store, the employee is able to serve them at the till point.
def:
they could give the goods
away for free or undercharge for goods sold, giving unauthorised discounts.
rec:
make a policy where employee cant serve their friends fam.
they shud req manager to serve them
CCTV cameras should be placed to prevent and detect fraud
carry out regular inventory counts to identify if any goods are given for free.
The daily reading of sales and
reconciliations to the tills is performed in
aggregate rather than for each till.
def:
This means if exceptions arise, it will be difficult to identify which till caused the difference and therefore which employees ar responsible,and may require further till training or have undertaken fraudulent
transactions.
rec:The reconciliations should be undertaken
on an individual till by till basis rather
than in aggregate.
