Organization Internal controls
Internal controls are an important part of any organization. Their main purpose is to provide management assurance that financial practices are done with integrity, accountability, and without fraud (Kenton, 2019). These controls must be constantly assessed to make sure that each of the controls are effective and comply with current laws and procedures. For example, once ASC 606 was implemented it was the job of many controllers to review revenue recognition controls to make sure they were compliant with the new standard.
Every type of business can be advantaged by good internal controls. A convenience store like 7-Eleven is a prime place for fraud. Since most of the employees are low wage and are often unsupervised by management during the late hours of the 24/7 open hours; the store lacks proper deterrence for fraud. The best and easiest way to prevent fraud is to maintain segregation of duties (Messier & Glover & Prawitt, 2018). For 7-eleven this means that no one that deals with day to day operations has access to the safe or the general ledger. Another effective internal control for 7-eleven would be weekly if not daily reconciliations of the general ledger having any suspect transactions explained by employees.
For Olive Garden, a good point of sale system is necessary to maintain internal controls. For a company like Olive Garden, the biggest risk with revenue recognition is accurate assessment of what is owed when a customer is asked for a bill. If the customer is charged for the appetizer that the table next to them ordered it is a failure of revenue recognition. Therefore, internal controls must be implemented to ensure this kind of thing does not happen. The easiest way to do this is with a POS system that is designed to prevent incorrect ordering (Messier & Glover & Prawitt, 2018). These systems can be defined a number of ways one of which is the tablets on the tables of large chain restaurants where customers choose exactly what they want and only get what they want.
For a large manufacturer for consumer markets it becomes a little more complicated. Since ASC 606 was implemented manufacturing companies had to redo most of their revenue recognition procedures unlike the 7-Elevens or Olive Gardens of the world. ASC 606 requires companies to review contracts they have which makes revenue recognition internal controls more complicated (FASB, 2014). Let’s say for instance our manufacturing company is Tupperware and they sell their product to target as a middle man. Before 606 revenue was recognized when it was earned, meaning in this instance it was recognized when Target sold the Tupperware. However, under 606 it is earned when the performance obligation is met so it is most likely recognized when target receives the goods (FASB, 2014). Internal controls for the new standard have to be able to recognize when all 5 steps of the new standard are met and be able to recognize the revenue there and then.
Comment # 2 AH
As auditors one of the most important part of the engagement is the engagement letter. This is a contractual document that lays out what an auditor is being hired to do and how much it will cost (Messier & Glover & Prawitt, 2018). This is the key place where breach of contract comes into play, if an auditor does not preform the tasks outlined in the engagement letter the firm can be sued for breach of contact.
Negligence is “a failure to behave with the level of care that someone of ordinary prudence would have exercised under the same circumstances” (Cornell Law). For auditors it means that there is a lack of due care preformed that is required by the FASB. If an audit firm were to mistakenly miss a material misstatement due to not doing the proper procedures laid out by the FASB auditing standards codification the firm could be liable for negligence.
The difference between negligence and gross negligence is recklessness. If we take the above example it would constitute gross negligence if the auditor just didn’t want to comply with the ASC standards and intentionally did not follow procedure which resulted in the oversight of a material misstatement (Cornell Law)
Fraud is intentionally hiding a mistake and benefitting from it cost (Messier & Glover & Prawitt, 2018). If we take the famous case of Enron Ken Lay and Jeff Skilling committed fraud by hiding debt in special purpose entities to fool investors into thinking the company was worth more than it was (Clark, 2002).
For an audit firm to avoid any of the above liability issues they have to educate every member of the firm on the auditing standards code which if followed properly should protect the firm from all liability. Also when I was at PwC we had a Google Drive folder that we called CYA, “cover your ass”, it contained all documents of significant importance. This folder was handed to the firm at the end of the audit so if our audit was ever questioned by management or the PCAOB we can give the lawyers the file that showed that we followed all the steps required to preform an audit with proper due care and resulted in reasonable assurance over the financial statements and managements assumptions.