Home > Audit, CorpFin Cafe, Sarbanes Oxley > Small Company Structure vs. Internal Controls….

Small Company Structure vs. Internal Controls….

June 11th, 2009

     During one of my prior engagements I was challenged with a situation in which we had a serious possibility of fraudulent accounting activities. The source was one of our foreign offices, which had only a small operating staff, and even worse, only a few accounting folks. There was not a broad enough staff to implement all the necessary levels of control to have a strong level of comfort to say all was operating perfectly. What triggered the entire situation was the combination of operating expenses that continued to exceed Budget in a very material way, as well as the delay, or cancellation of payments for shipments into their country. What was even more amusing was the fact that the country entity even passed a corporate audit after improprieties were suspected. After I was given the green light for a surprise audit, as a inter-country supplier, we effectively blew the lid off what was happening within that country. I’m actually quite proud of the work that was done on that situation.

     There real question though is how do you put effective controls in place to prevent fraud or other improprieties? In my current engagement, I find myself with a company that has a Finance staff that is much leaner than normal for a company of this size. Fortunately I have a GREAT staff that I am able push hard and we have implemented new documentation, new control procedures, and a level of financial reporting that is consistent with GAAP and fully supported with all the necessary documentation. So what’s the big deal? Try reaching this level with a small entity, where habits are long-lived, and financial disciplines are an afterthought.  To the Company’s credit, we also have great Management team that is both open, and supportive, of the change. They’re also seeing the benefits of the improved financial reporting on their ability to run the business and make informed decision. Great, so we now have solid reporting. What next?

     Next is the task of putting a more rigid control structure in place and implementing regular audit procedures that will prevent the temptation or likelihood that fraud will be perpetrated against the Company. But how do you do this when you don’t have the resources to add additional headcount, engage external resources, or implement new software platforms?  It comes through the diligence and integrity of the existing staff and cross-testing the existing resources. In the most elemental spirits of internal audit and Sarbanes-Oxley, it comes from having an effective control environment, appropriate risk assessments, as well as the necessary monitoring to determine that all controls are effective and that any necessary correction actions are undertaken. 

But our Company doesn’t have it’s financials audited?

-But our Company does not have an Audit Committee?

     Doesn’t matter…create the necessary level of communication with the Shareholders and Executive Team and keep them informed as to how the resources of the company are being protected. Ultimately, the inattention to these areas, will at a minimum, result in funds being diverted from the Company, or worse, could lead to the demise of the Company.  In a positive outcome, the actions taken will lead to a significantly higher level of trust in the financials and a higher valuation as it might relate to any acquisition activities your Company may find itself in. What is your commitment to ensuring that the proper controls are in place?

Thanks for reading . . . .

Jeffrey Ishmael

Comments are closed.