Management Override of Controls is bypassing the rules/steps established by the company for achieving its business objectives.
This override of controls can be harmful to the business.
In other words, it’s a part of fraudulent activities.
Lets understand the concept of fraud and its connection with management override of internal controls.
Fraud is a primary risk for any stakeholders of a business. That Deceptive practice is to pump up the financial position or performance.
Whatever is the approach, the result will be detrimental to the company’s interest after its discovery.
So, business needs the following as counter measures to Fraudulent activities
Table of contents
What are the best counter measures for Frauds?
- Strong internal controls,
- Sound policy and procedures for each of the functions and
- Robust compliance system.
Understanding how fraud can occur helps to design improved controls and procedures. So, lets gain the knowledge on this aspect.
Ways of Fraud
The following are the possible ways of occurring such fraud
- Employee Frauds
- Management override of Controls
Fraud directly hits the entity’s reputation first, irrespective of the amount involved therein. It lowers the confidence of the various stakeholders. So, entities and the audit team need to understand these well enough to employ countermeasures.
Let’s uncover these two.
Employee Frauds
Employee Frauds occur due to sheer work pressure or incentives involved.
These Internal Deception methods are carried on by
- Claiming fictitious expenses,
- Embezzlement of cash (which might not be possible in the current digital scenario),
- Creation of unreal vendors and dripping money through recording bogus liability.
The List is never ending because employees find a unique approach to these deceptions everyday.
Another primary method of this fraud is entering into a settlement agreement with vendors, inflating the Material/Supplies prices, and sharing the extra charge made. These kinds of kickbacks are harmful to the financial health of the entity’s business.
Management override of Controls
The Management override of controls is a significant risk for an entity. People holding principal positions will be able to influence all the employees or any other stakeholders.
Standard operating procedures are designed to ensure a smooth flow of business activities in each function. But the Management powers have no boundaries and exploit their authority by overriding all the controls and procedural steps designed within all of the business functions.
How about an example here?
Entities will have a guideline for entering into Contracts. We can call these Contract prerequisites.
Per these Prerequisites, CEO has the highest authority to enter into any contractual arrangement on behalf of the entities. Further, there will only be people who are above the CEO.
CEO decides to do some fraudulent activities by entering into a sales agreement with his friend’s company. The pricing terms are at arms-length, and the products are high quality. There are thousands of invoices received every week. Receipts are issued as and when required, with an average amount of $10,000,000.
CEO issues extra payments to this related party, which is recorded as a miscellaneous expense. These additional expenses are of low amounts and doesn’t happen very often. This approach is to avoid getting caught in internal audits/inspections. As the CEO authorizes the payments, none of the accounting staff have questions.
What are the different ways of occurrence of management override of internal controls?
- Inflating the Revenue through accruals at Year-end and reversing the same at the beginning of the next year
- Misappropriation of Assets
- Entering into contracts that are not at Arms-length price
- Recording Fictitious expenses and routing those payment amounts to personal accounts of people at top Management. For example, creating “Ghosts” Employees and False bills are claimed as business expenditure
- Overstating the Assets
- Arrangements with Vendors for allotting business tenders and receiving commissions or kickbacks
- Theft of Goods or Cash in hand
How do you identify and Curb management override of controls?
- Implementation of Robust Internal Control with due consideration to the COSO Internal Control Framework
- Performing Internal Audits/Inspections to ensure the Internal Controls function as expected. Outsourcing these works to independent and reputed audit firms would be advisable.
- Have a Whistleblower Policy. Let’s try to understand this. Whistleblower Policy is to keep the identity of the person who informs about the fraudulent activities. This ensures the Job Security of the one who uncovers those frauds. This is similar to Witness protection provided by Police Agencies.
- Segregation of Duties in all the areas where there is a chance of significant risk of error or fraud
- Adequate training to all the Employees about how to handle deceptive activities. This training shall have a practical step-by-step guide or FAQs to help the employee with how, where, and when to communicate fraud, if applicable.
- Design a Signature Authority policy that requires Sign Authorization from multiple persons for each payment.
- Promote Good Work Culture
- Ledgers Scrutiny
Business Entities shall have an internal inspection team to perform Ledgers Scrutiny to identify any
- Unusual Transactions
- Transposition errors
- Keep a check on Manual Journal entries recorded
- Performing Analytics over the volume and amount of transactions for GL accounts in comparison with Prior year data
Summary
Management Override of Internal Controls is to bypass the established controls to reduce the risk of fraud or errors. This helps the Management to gain an undue advantage at the cost of others (Especially from the business/entity).
Given any time, money is the biggest motivator for any task or Job. So, it’s the big reason for errors or fraud. Beware of this fact and establish strong internal checks and controls. Supplement those with periodic audits to detect any fraud. Robust Internal control helps businesses elevate their confidence among all the stakeholders, build trust and reduce financial losses in the form of fraud or errors.