Internal Control Over Financial Reporting (ICFR) Unique Approach, Superior Results

Similar documents
Internal Financial Controls New perspectives as per Companies Act 2013 and CARO 2016

Internal controls over Financial Reporting Key concepts. Presentation by Jayesh Gandhi at WIRC

B S R & Co. LLP. Reporting on Internal. Reporting An Overview. Sarbanes Oxley Act (SOX) 28 December 2013

IPO Readiness. Sarbanes-Oxley Compliance & Other Considerations. Presented by:

SEMINAR ON INTERNAL FINANCIAL CONTROLS. Oct 31, 2015 at ISACA Pune Chapter Nov 1, 2015 at Pune Branch of WIRC of ICAI

Guidance Note on Audit of Internal Financial Controls Over Financial Reporting

Corporate Governance Update. SOX 404 and Internal Controls

[RELEASE NOS ; ; FR-77; File No. S ]

Internal Financial Controls (IFC) - An Overview

SARBANES-OXLEY COMPLIANCE MANAGING CHANGING EXPECTATIONS January 20, 2017

Internal Financial Controls (IFC) ICAI Seminar October 8, 2016

REPORTING REQUIREMENTS UNDER IFC

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

Audit Training-of-Trainers Workshop, November 2014, Vienna Components of internal control within organization

Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)

Negotiating in a Sarbanes-Oxley World

AUDIT COMMITTEE CHARTER

STARWOOD HOTELS & RESORTS WORLDWIDE, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Present and functioning: Fine-tuning your ICFR using the COSO update

Checklist for Higher Education

SOUTHWEST AIRLINES CO. AUDIT COMMITTEE CHARTER

Evaluating Internal Controls

Increasing External Auditor Reliance

The Audit Committee of the Supervisory Board of CB&I

2013 COSO Internal Control Framework Update. September 5, 2013

SA 402(REVISED) AUDIT CONSIDERATIONS RELATING TO AN ENTITY USING

Report on Inspection of Deloitte LLP (Headquartered in Toronto, Canada) Public Company Accounting Oversight Board

Statement on Risk Management and Internal Control

PRAKKASH MUNI & ASSOCIATES Chartered Accountants FIRM PROFILE

COSO 2013: Updated internal control framework

Chapter 7. Auditing Internal Control over Financial Reporting. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

SMITH & NEPHEW PLC TERMS OF REFERENCE OF THE AUDIT COMMITTEE

Audit Committee Charter ISSUE DATE: 22 JUNE 2017 AUDIT COMMITTEE CHARTER. ISSUE DATE: 22 JUNE 2017 PAGE 01 OF 07

FREQUENTLY ASKED QUESTIONS ABOUT INTERNAL CONTROL OVER FINANCIAL REPORTING

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it?

CGMA Competency Framework

Audit and Advisory Services Integrity, Innovation and Quality. Audit of Internal Controls over Financial Reporting

Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)

AN ASSESSMENT OF THE COSTS AND BENEFITS ASSOCIATED WITH THE IMPLEMENTATION OF SARBANES OXLEY SECTION 404 IN A SOUTH AFRICAN CONTEXT

REPORT 2016/033 INTERNAL AUDIT DIVISION

AMERICAN EXPRESS COMPANY AUDIT AND COMPLIANCE COMMITTEE CHARTER (as amended and restated as of September 26, 2017)

Assessment of the Design Effectiveness of Entity Level Controls. Office of the Chief Audit Executive

AGS 10. Joint Audits AUDIT GUIDANCE STATEMENT

COSO Updates and Expectations. IIA San Diego Chapter January 8, 2014

Types of Systems Audit & Relevance. Presented By: Prasad Pendse, CISA

Report on Inspection of KPMG AG Wirtschaftspruefungsgesellschaft (Headquartered in Berlin, Federal Republic of Germany)

AUDITING. Auditing PAGE 1

Independent Auditor s report

Audit Committee of the Board of Directors Charter CNL HEALTHCARE PROPERTIES II, INC.

Report on Inspection of KAP Purwantono, Sungkoro & Surja (Headquartered in Jakarta, Republic of Indonesia)

In Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015

Quality Assurance and Improvement Program (QAIP)

Proposed Attestation Requirements for FR Y-14A/Q/M reports. Overview and Implications for Banking Institutions

Audit and Risk Committee Charter

The New COSO Framework: Avoiding Deficiencies and Driving Change

AUDIT COMMITTEE CHARTER DATED AS OF AUGUST 5, 2010

BOM/BSD 2/November 1994 BANK OF MAURITIUS. Guideline on Maintenance of Accounting and other Records and Internal Control Systems

Corporate Governance Principles of Auditing: An Introduction to International Standards on Auditing - Ch 14

This charter defines the purpose, authority and responsibility of News Corporation s (the Company ) Corporate Audit Department.

GROUP 1 AUTOMOTIVE, INC. AUDIT COMMITTEE CHARTER

STANDARD ON QUALITY CONTROL (SQC) 1

PART 6 - INTERNAL CONTROL

Reliable Financial Reporting. Evaluating Deficiencies in Internal Control Over Financial Reporting

3. Approval of payment to statutory auditors for any other services rendered by the statutory auditors.

Job Title: Managing Director Department: Job/Salary Scale: Accountable To: Responsible For: Job Purpose: Key Result Areas:

Beyond Compliance. Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404

The New 404 Balancing Act

Quality Assessments what you need to know

BIOSCRIP, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Advanced External Auditing [AU2] Examination Blueprint

Bank of Botswana Internal Audit Charter March 18, 2013 INTERNAL AUDIT CHARTER BANK OF BOTSWANA

GRANITE CONSTRUCTION INCORPORATED AUDIT/COMPLIANCE COMMITTEE CHARTER

Audit Client Briefing

RISK AND AUDIT COMMITTEE TERMS OF REFERENCE

Sarbanes-Oxley Compliance Kit

4. Organic documents. Please provide an English translation of the company s charter, by-laws and other organic documents.

IBL LTD AUDIT AND RISK COMMITTEE TERMS OF REFERENCE

Audit Committee Resource Guide

COSO Internal Control Integrated Framework Proposed Update

Customer Conference IFRS and NI Provided for both IFRS PARTNER and CFO PARTNER for NI /SOX 404 Customers

Effective implementation of COSO s new anti-fraud guidance

Short, engaging headline

Implementing and maintaining ISAE 3402

INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS

Report on Inspection of KPMG Auditores Consultores Ltda. (Headquartered in Santiago, Republic of Chile)

Report on Inspection of Deloitte & Associes (Headquartered in Neuilly-sur-Seine, French Republic) Public Company Accounting Oversight Board

SUNEDISON, INC. AUDIT COMMITTEE CHARTER (Adopted October 29, 2008)

CDK GLOBAL, INC. AUDIT COMMITTEE CHARTER Effective January 20, 2016

Internal Control & Sarbanes-Oxley Act. ERPANET Workshop. Antwerp, April 14, PwC

CITIZENS, INC. AMENDED AND RESTATED AUDIT COMMITTEE CHARTER. Adopted November 5, the integrity of the Company s financial statements;

Terms of Reference of the Audit Committee

MINDEN BANCORP, INC. AUDIT COMMITTEE CHARTER

GAP INC. AUDIT AND FINANCE COMMITTEE CHARTER February 23, 2016

Self Assessment Workbook

AUDIT COMMITTEE CHARTER

Risk Management For and By the BOT. Secured BOT Series

CRESCENT CAPITAL BDC, INC. AUDIT COMMITTEE CHARTER

Internal Audit Policy and Procedures Internal Audit Charter

THE AUDIT COMMITTEE HANDBOOK

AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES

Transcription:

Internal Control Over Financial Reporting (ICFR) Unique Approach, Superior Results

Regulatory Perspective

What is Internal Financial Controls(IFC) As per 134(5)(e) of the Companies Act 2013, Internal Financial Controls (IFC) means the policies and procedures adopted by the company for ensuring the orderly and efficient conduct of its business, including adherence to company s policies, the safeguarding of its assets, the prevention and detection of frauds and errors, the accuracy and completeness of the accounting records, and the timely preparation of reliable financial information. Internal Financial Control = Internal Control over Financial reporting + Operational Controls + Fraud Prevention. Objective of IFC: Primary objective of IFC to identify opportunities for improvement, and to draw up recommendations and good practices that can use as a benchmark to develop or strengthen their internal control systems and enhance the reliability of their financial statements. Efficiency and effectiveness in Operations Prevention and detection of fraud and error Safeguarding of assets Accuracy and completeness of Accounting records Reliability of Financial reporting

What is Internal Controls over financial Reporting (ICFR) As per Guidance Note issued by ICAI on Guidance Note on Audit of Internal Financial Controls Over Financial Reporting( September, 2015 Internal Financial Controls Over Financial Reporting (ICFR) shall mean: A Process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A Companies internal financial control over financial reporting includes those policies and procedures: Pertain to the maintenance of the records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the company: Provides reasonable assurance that transactions are recorded as necessary to permit preparation of financial statement in accordance with generally accepted accounting principles, and that receipts and expenditures of the company are being made only in accordance with authorisations of management and director of the company. Provide reasonable assurance regarding prevention or timely detection of unauthorised acquisition, use or disposition of the company s assets that could have a material effects of the financial statement.

Requirement & Applicability w.r.t to relevant clauses Listed Companies All Companies All Companies having ID s All Companies having an AC All Companies Director Responsibility u/s 134(5)(e) Director s responsibility statement to state that the directors, have laid down IFC to be followed by the company and that such internal financial controls are adequate and were operating effectively. Board to confirm that IFCs are adequate & Operating effectively. Board Report- Rule 8(5) of companies(accounts) Rules Requires the board report to state the details in respect of the adequacy of Internal Financial Controls with reference to the Financial Statements.. Code for Independent Director s(id)-sec 149(8) & Schedule V ID to satisfy themselves on the integrity of the financial information & that Financial controls and system of risk management are robust and defensible Audit Committee (AC) terms of reference-sec 177 AC requires the auditors to call for the comments about Internal Controls and may also discuss any related issues with the internal auditor and Statutory auditor and the management of the company. Auditor s report u/s 143)(3)(i) Auditor to report if the company has adequate IFC systems in place in relation to Financial statements and the operating effectiveness of such controls.

IFC Comparative Regulatory Requirements Companies Act, 2013 Clause 49 of Listing Agreement Sarbanes Oxley Act Responsibility of the Board and Board Report to contain a statement on adequacy of internal financial controls Audit committee to evaluate internal financial controls Auditor s report to comment on adequacy of internal financial controls system and operating effectiveness of controls Responsibility of the CEO/CFO to maintain ICFR. Evaluate the effectiveness of internal control systems pertaining to financial reporting. Indicate to the auditors and the audit committee significant changes to accounting policies and ICFR. Responsibility of the CEO/CFO to the Annual report to establish and maintain internal controls Annual report to contain management report on internal control over financial reporting Auditor s to report and attest management s assessment of internal control over financial reporting. Board is responsible under the Companies Act, 2013 as against CEO (under Listing Agreement and also SOX Act) In case of listed companies, Internal financial controls reporting covers all controls as against internal control over financial reporting Other companies - Internal financial controls with reference to the Financial Statements.

Global Perspective- COSO framework 17 internal control principles by internal control component as presented in COSO s 2013 Framework: 1. Demonstrates commitment to integrity and ethical values 1. Control Environment 2. BOD demonstrates independence from management and exercises oversight responsibility 3. Management, with board oversight, establishes structure, authority and responsibility 4. The organisation demonstrates commitment to competence 5. The organisation establishes accountability 2. Risk Assessment 3. Control Activities 4. Information & Communication 5. Monitoring 6. Specifies relevant objectives with sufficient clarity to enable identification of risks. 7. Identifies and assesses risk 8. Consider the potential for fraud in assessing risk 9. Identifies and assesses significant change that could impact system of internal control 10. Selects and develops control activities 11. Selects and develops general controls over technology 12. Deploys through policies and procedures 13. Obtains or generates relevant, quality information 14. Communicates internally 15. Communicates externally 16. Selects, develops and performs on-going and separate evaluations 17. Evaluates and communicates deficiencies

Responsibility of Various Stakeholders Create & test the framework of internal Control Company Management Auditor Audit Committee IFC (including operational & Compliance) Control Documentation Focus on internal controls, to the extent these relate to financial reporting (ICFR) Report on Adequacy of IFCs system Report on Operating Effectiveness of such controls. Evaluate IFC systems Would like to see a robust framework that is align to acceptable standards Review Auditors comments / observations with respect to controls before submission to the Board Discuss issues with Management or Internal / Statutory Auditors BOD Independent directors to satisfy themselves on the strength of financial controls. Lay down adequate and effective IFCs and include it in Director s Responsibility Statement Would rely on the assessment and view of the Audit Committee They may ask for additional information.

Value Addition by IFC Beside regulatory compliance Internal financial Control will help in following ways:- Business process redesigning to plug revenue leakages & cost containment opportunities In rationalising the number of control across organisation moving smart and automated controls In standardising policies and procedures for multi-location/multi-business companies. Fosters a control conscious work culture for people behind control Enhance assurance to CEO/CFO certification as well as improve business performance It also serves as blue print of optimal procedures while thinking about SAP.

Approach/Procedure

Flow of audit of ICOFR

Top-Down Approach to ICOFR

Process Road Map:- Identification of significant financial reporting elements (accounts & disclosures) Identification of material financial statement risk associated with these elements Conduct walkthroughs & Evaluate the design effectiveness of entity and process level controls Mapping of entity and process level controls established by the management to address these risks. Test & Evaluate operating effectiveness of controls Identify deficiencies along with recommendations to remediate the same.

Design Assessment: Design assessment involves evaluating whether internal control is suitably designed to prevent or detect material misstatement on a timely basis. Controls will not be designed effectively if there are missing controls, or if implemented controls do not meet the appropriate control objective. Process flow for Design Assessment: Identify the Key Processes of the company. Identify the key Operational & Financial Risk associated with these processes. Identify the entity and process level controls designed to mitigate those risk, Identify Design gaps by performing walk-through. Documentation of the risks and controls and recommend the company to fix them. Deliverable Risk Control Matrix Process Flow Charts Exception report on Design Gaps.

Operating Effectiveness When testing the operating effectiveness of a control, the auditor obtains evidence about whether it is operating as designed. If a control is not designed properly, it cannot operate effectively; therefore, there is no need to test the operating effectiveness of controls that are improperly designed. If the control does not operate effectively (e.g., the auditor is unable to obtain sufficient persuasive evidence that the control is operating as designed), then it is a deficiency in operating effectiveness. A deficiency in operation exists when a properly designed control does not operate as designed, or the person performing the control does not possess the necessary authority or competence to perform the control effectively. Process flow for testing Operating Effectiveness : Assess the risk associated with the control. Plan the nature, timing and Extent of Tests of Operating Effectiveness. Perform tests of Operating effectiveness. Assess Findings and conclude on Operating Effectiveness. Deliverable Exception report on Operating Effectiveness.

Entity Level Controls ELC Component Requirement Business Risk Management Business Risk Management Business Ethics Framework Business Ethics Internal Framework Audit and Financial Integrity Internal Legal Compliance Audit and Financial Framework Integrity Fraud Risk Management Legal Compliance Framework Fraud Risk Management Succession Planning Management Operational Review Whether risk management policy and procedures are in place? Whether formal risk assessment has been carried out or not? Whether whistle-blower policy and Code of conduct exists and implemented? Whether internal audit function is independently reporting to Audit Committee? Whether roles and responsibilities of senior management is defined and documented? And Whether adequate segregation of duties exists? Whether legal compliance framework is documented and compliance health to checked on periodic basis?` Whether Fraud Risk Management Policy exists, detailing structure of fraud deterrence, prevention and investigation, fraud incidence response guidelines. Whether Key controls to mitigate fraud risks are identified and monitored for compliance on regular basis? Detailed assessment of implementation status of Entity Level Controls should be conducted and checklist should be documented for monitoring of Entity Level Controls

IT General Controls IT general Business controls Risk (ITGC) are controls that apply to all systems components, processes, and data for a given organization or information Management technology (IT) environment. The objectives of ITGCs are to ensure the proper development and implementation of applications, as well as the integrity of programs, data files, and computer operations. Business Ethics Framework The most common ITGCs: Internal Audit and Control Financial environment, Integrity or those controls designed to shape the corporate culture or "tone at the top. Change management controls- controls designed to ensure the changes meet business requirements and are authorized. Logical Legal Compliance access controls over infrastructure, applications, and data. Framework System development life cycle controls-controls designed to ensure IT projects are effectively managed. Technical Fraud support Risk policies and procedures - policies to help users perform more efficiently and report problems. Hardware/software Management configuration, Whether installation, legal compliance testing, framework management is standards, documented policies and compliance and procedures. health to checked on Disaster recovery/backup periodic and recovery basis?` procedures, to enable continued processing despite adverse conditions. Data center physical security controls. System and data backup and recovery controls. Succession Planning Computer operation controls Management Operational Review

About Proxcel

ProXcel is a specialized corporate advisory firm with a vision to deliver professional excellence in the field of corporate financial and management consultancy. We offer range of integrated professional services to help entrepreneurs set up businesses and constantly grow by leveraging all opportunities smoothly through advising them on the right financial and legal strategies for expansion. Our services include business set up services, project funding, business valuations for M&A, financial reporting, taxation and corporate law advisory and internal and external audit. ` Our team of professionals consists of young and dynamic professionals who possess the acumen and wide experience in the business valuation domain.

Core Team Members Rajendra Prasad Bansal- B.Com, FCA Rajendra Prasad Bansal is a Fellow Chartered Accountant (FCA) and a commerce graduate. He has over twenty years of rich experience in the profession. He has been advising various clients in different areas including internal and external audits, direct and indirect tax consulting, financial planning, legal compliances etc. Naveen Goyal - B.Com, FCA, DISA, LLB, Certificate Course on Valuation by ICAI, Diploma in IFRS by ACCA UK Naveen is a Fellow Chartered Accountant, a bachelor of law and commerce graduate. He also holds certificate on Valuation by ICAI, Diploma in IFRS by ACCA UK and is an Information System Auditor certified by ICAI (DISA). He specializes in the area of internal & external audit and business valuation services. His experience with Grant Thornton has given him wide experience in handling audits of multinational clients. Naveen is an active member in the northern chapter of ICAI and has prepared the study material for the certificate course on valuation of ICAI. In addition, he also drafted the Business Valuation Practice Standards notified by the ICAI as guidelines for valuers in relation to valuation exercises.

Core Team Members Sharul Agarwal-B.Com, FCA Sharul is fellow member of the Institute of Chartered Accountants of India, and has over 7 years of post qualification experience with Grant Thornton and Lakshmi Kumaran & Sridharan. He specializes in the area of Custom advisory, opinion and compliances, SVB assessments, foreign trade policy matters, EOUs, STPIs and other related matters. Manuj Singhal- B. Tech, MBA Manuj Singhal is an engineer as well MBA graduate from Lal Bahadur Shashtri Institute of Management, Delhi and has been trained with one of the leading finance and accounting business process outsourcing company. His core area of specialization is business valuation for Merger & Acquisition, PPA allocation, Regulatory compliance, ESOP valuation etc. He has conducted numerous valuations under Internal Revenue Code (IRC) and US GAAP including 409A Common Stock valuation, 142 Goodwill, 141 Purchase Price Allocation, 133 Derivative etc. Sumit Goyal- B. Com, ACA Sumit Goyal, an Associate member of the Institute of Chartered Accountants of India, specializes in the area of Indirect Taxation & compliance. His tenure with APRA and Associates, a specialized indirect taxation advisory firm has given him deep insight of various indirect tax related issues and advisory services.

Core Team Members Shweta Goyal - B.Com, ACA Shweta is an Associate member of the Institute of Chartered Accountants of India and specializes in the area of external audit, internal audit and regulatory compliance. She has worked with Ernst and Young, a global advisory firm and has wide experience of handling work of MNCs. Rakshit Kochhar - ICWA Rakshit Kochhar is a Cost Accountant and has been trained with pioneer Cost Accountants and Consulting firms. His tenure with a leading cost accountant firm has also given him wide experience in handling cost audits of multinational clients. He has extensive experience in the area of Costing, MIS, Budgeting, cost audits, development of costing system and Maintenances of cost Records. Swati Agarwal- B.Com, ACA Swati, an Associate member of the Institute of Chartered Accountants of India, specializes in the area of internal audits, Indirect Taxation & compliance. Her tenure with APRA and Associates, a specialized indirect taxation advisory firm has given him deep insight of various indirect tax related issues and advisory services.

Select Clienteles Some of our esteemed clients:

Select Clienteles Some of our esteemed clients:

Contact Us ProXcel Advisory Services LLP Contact Person Gurgaon FF04, Block A, Omaxe Gurgaon Mall, Gurgaon-122002 Tel: 0124-4219460 Naveen Goyal M +91 99110 95297 E naveen.goyal@proxcel.co.in

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback