UNIT 1: Investment and Finance Cycle and EFT payment controls
Functions of cycle
Weaknesses: Is a weak internal control environment which will create risk to the company & Recommendations: can be made to fix the weak internal control environment so that the company will face less risks
Investment cycle: Control objectives
General internal controls
Substantive testing
Organisations want to achieve a perfect internal control environment tominimise risks, and thus have objectives they want to achieve. They implementinternal controls to achieve these objectives
Objective
Internal control
The Objective to be achieved by the control that you implement. E.g: Occurrence, Completeness, Authorisation, etc
How the objective will be achieved. (Internal Control that you will implement).
Accuracy: All fixed assets are recorded at the correct amount and totals are arithmetically
correct
Recording: All transactions w.r.t. fixed assets and depreciation are correctly recorded
Completeness: All valid fixed assets are recorded and nothing is left out.
Classification: All transactions w.r.t. fixed assets are correctly classified according to its nature.
Authorisation: All purchases and sales are authorised according to company’s policy
Cut off: All purchases and sales of fixed assets are recorded in the period to which it relates.
Occurrence/Validity: All recorded assets are valid (really exist) and are supported by proper
documentation.
General Controls: Assets are properly safeguarded against theft and physical elements.
The following falls within the business cycle:
Characteristics
Fraud in this cycle
This cycle mainly deals with:
Use of funds
Investments
Raising of funds
Material transactions
Few transactions
Legal requirements (E.g.: Companies Act)
Repayment of interests
Signing a contract with the bank in case of obtaining a loan
Repayment of the installments
Implementing proper controls to ensure that all purchases are authorized.
Omitting long term liabilities (loans) from the financial statements.
Understating the value of long term liabilities (loans)
Overstating assets by including fictitious assets or assets which the company does not own.
Overstating assets by understating depreciation allowances or impairment.
Assertions
Rights and obligations
Valuation
Presentation and disclosure
Completeness
Existence
Disposal of fixed assets
Repairs and improvements
Additions of fixed assets
(1) Inspect the underlying documents of title deeds/contracts/lease agreements for terms and conditions (2) Review minutes of directors/shareholders meetings for approval of fixed asset acquisitions.
Amortisation of intangible assets
Impairment
Depreciation
Accounting estimates
Revaluation of assets
Scrutinise minutes/contracts/lease agreements/invoices to identify any material purchase transactions and follow through to entry in fixed asset register
Select a sample of assets on hand and trace to relevant entries in the fixed asset register
Inspect the financial statements to ensure that amounts are classified and disclosed correctly in terms of IFRS
Authorisation
2 components
Investment Activities
Finance Activities
Types of transactions
Disposal of assets
Purchase/development of assets
Capitalisation of assets
Depreciation on assets
Purchase of assets
Revaluation of assets
Maintenance of assets
Authorisation
Statutory approval from the shareholders
Existence of Capex committee that will prepare and present all requests and
proposals to the BOD
Top management and BOD should authorise any acquisitions/disposals
Different levels of authorisation in the organisation
Inherent Risks
Nature and complexity of the assets acquired leading to errors in accounting,
such as property – stage of completion
Valuation of intangible assets for example goodwill & brands
Management bias and incentive to misstate capital expenditure to achieve
budget and obtain performance bonuses
Determining useful lives of assets or fair market values
Risk of management override of controls through unauthorised acquisitions
Risk of fraud and theft of assets
Errors in the recording of assets
Documents and Records
Minutes of BOD (authorisation for purchases and sales)
Invoices (purchases, sales)
Fixed asset requisition with quote/negotiated prices
Fixed assets register
Capital budget
General ledger accounts
Activities
DISPOSAL of fixed assets
REPAIRS, MAINTENANCE and IMPROVEMENTS
Fixed asset ADDITIONS: AUTHORISATION
Establish whether the control environment supports the control procedures
Rotation of duties
Personnel take leave regularly
Management control
Segregation of duties
Internal audit
Sufficient stationery control
Supervision and review
Internal controls
How the objective will be achieved. (Internal Control that you will implement).
How to test implementation of the control.
• Inspect, Observe, Enquire, Re-calculate, Investigate, Verify.
The Objective to be achieved by the control that you implement. E.g: Occurrence, Completeness, Authorisation, etc
Sources
Equity
Borrowings/loans
Type of transactions
Owner’s Equity
Borrowings
Dividends
Share buy-backs
Share issue
Loans/repayments (e.g.: Bank)
Interest on borrowings
Authorisation
Statutory requirements
requirements for issuing shares and obtaining funding
issuing of shares/loan transactions – Companies Act
has various requirements when it comes to loans
Risks
There should always be comprehensive disclosure requirements in terms of IFRS
for equity and borrowings
For global markets there are laws/regulations in the foreign markets to ensure
proper control
Because it is a highly regulated environment and there are strict controls by
directors over financing activities, the risk is usually low.
Documents
Debenture trust deed
Prospectus & articles of association
Minutes of shareholders/directors
Share certificate & share register
Mortgage bond
Bank statements
EFT payments
There should be proper access controls over the terminal that is used to make the payment
The terminal should shut down after 3 unsuccessful access attempts of logging in
Access to EFT payments should be limited to one computer
To effect the payment 2 passwords of 2 different senior employees should be entered
Multilevel passwords should be used, from two senior employees. These password must be simultaneously entered.
After the payments are made there should be an:
The reconciliation should be reviewed by senior independent official
The reconciliation should be done by a person who is independent of the EFT transactions that were made
The reconciliation should be done by a person who is Independent of the person that writes up the cashbook
All EFT transfers should be limited to a specific day, for example, Payroll should run 25th of each month
Completeness tests should be performed. E.g. If you had to pay 10 employees you have to ensure that 10 salaries were paid
The payment should reflect on the bank statement;
A bank reconciliation should be performed.
Audit trail;