# A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Internal Controls

Written By
Paul Tracy
Updated November 4, 2020

What are Internal Controls?

Internal controls are the methods and processes through which a company ensures that the organization is adhering to important policies and obligations. A company's board of directors, management and other executives are responsible for maintaining internal controls.
 

How Do Internal Controls Work?

Internal control has five primary elements, which were developed in 1992 by the Committee of Sponsoring Organizations of the Treadway Commission (COSO):

  1. Control environment. This activity involves ensuring that the company encourages ethical behavior and creates appropriate policies and procedures. It also involves ensuring that the financial statements are prepared according to generally accepted accounting principles (GAAP). Frequently, the management sets the tone for a company's control environment.
  2. Risk assessment. This activity involves detecting threats and weaknesses that could jeopardize the company's ability to detect and prevent fraud, abuse or misdeeds. More specifically, this activity involves considering the consequences of things such as failing to capture or record all transactions, altering transactions retroactively, making math errors in formulas or key calculations, or failing to make reliable estimates.
  3. Control activities. Control activities are activities that ensure a company is protected before a key activity or decision occurs. This might involve requiring authorization from several managers before proceeding with a purchase, action, or decision, for example, or running documentation to in-house attorneys before publication.
  4. Information and communication. This activity involves providing a way for whistle-blowers and outsiders to report, respond to and deal with reports of impropriety, corruption or suspicious activity. It also covers the broader aspects of simply providing a way for employees to access and hear from executives and communicate efficiently.
  5. Monitoring. This activity involves ensuring that everyone is following proper procedures. This may involve implementing approval, authorization, reconciliations, and verification procedures that double-check transactions and decisions.

Auditors are required to report any deficiencies in a company's internal controls. Accordingly, there is a considerable amount of controversy regarding what constitutes an appropriate or deficient control.

Why Do Internal Controls Matter?

Internal controls exist to prevent and detect fraud, abuse, or unethical activity, especially with regard to the collection and presentation of financial information. The goal is to ensure that a company's financial reports are reliable and accurate. For this reason, the CEO and chief financial officer (CFO) of any company subject to the Sarbanes-Oxley Act must certify in writing that the company's financial disclosures comply with the law and fairly represent the company's condition. The CEO and CFO must also certify that they have inspected the company's internal financial controls.

To prevent directors and officers from issuing misleading financial statements for personal gain, the Sarbanes-Oxley Act makes it a federal crime for a company officer to pressure or manipulate an auditor into rendering a company's financial statements misleading. Further, if a company is forced to restate its financials, in most cases the CEO and CFO of the company must give back any bonuses, compensation or profits made on personal trades of the company's securities during the year after the faulty documents were initially disclosed.

Ask an Expert about Internal Controls
At InvestingAnswers, all of our content is verified for accuracy by Paul Tracy and our team of certified financial experts. We pride ourselves on quality, research, and transparency, and we value your feedback. Below you'll find answers to some of the most common reader questions about Internal Controls.
Be the first to ask a question

If you have a question about Internal Controls, then please ask Paul.

Ask a question

Paul has been a respected figure in the financial markets for more than two decades. Prior to starting InvestingAnswers, Paul founded and managed one of the most influential investment research firms in America, with more than 2 million monthly readers.

If you have a question about Internal Controls, then please ask Paul.

Ask a question Read more from Paul

Read this next

Paul Tracy - profile
Ask an Expert about Internal Controls

By submitting this form you agree with our Privacy Policy

Share
close
Don't Know a Financial Term?
Search our library of 4,000+ terms