Internal Control: What Those Charged with Governance Should Know
Tempe, October 31, 2017; Technical Staff
This document is a part of The AACI series of anti-corruption resources made available to our CACM members. The contents of this document constitute an integral part of the CACM Review textbook that would be available in countries where the CACM will only be offered by exam.
Those charged with governance should have proper and adequate anti-corruption intelligence to prevent and deter corruption and avoid negligence or gross negligence in performing their duties.
The AACI defines anti-corruption intelligence as:
” the minimum, optimum knowledge a decision maker should have to avoid fraud and corruption intelligently. Such knowledge includes the proper blend of due diligence, internal controls, anti-corruption, governance, decision making, process auditing ( from a management perspective and duties) to avoid anti-corruption and fraud. By avoidance, we emphasize the concept of deterrence and prevention. Corruption prevention is less expensive and better than any cure.”
Internal control is a pillar of anti-corruption intelligence. Regardless of her background, a decision maker should master the concept of internal control. This mastery should include, at the minimum, the executive summary of Internal Control – Integrated Framework.
We issued “Introduction to Internal Control” in October of this year and emphasized the importance of the control environment component of internal control. It is the foundation of other internal control components. It is unfortunate that too many decision makers and board members have misconceptions about internal control.
Delusions of internal control include, but not limited to, the following:
- Internal control is the policies and procedures of an organization.
- Internal control is not directly related to preventing, deterring, and detecting fraud and corruption.
- Internal control is not required in small and medium-sized (SMEs) entities.
- Internal control is not related to business risks.
- Good governance is not related to internal control.
- Strategic management is not related to internal control.
- Internal control is not related to the board responsibilities.
- Accountability, transparency, and responsibility are not related to internal control.
- Compliance is not part of internal control.
- Expenditure on internal control is a waste of resources and expense.
- Internal control is static.
- Internal control prevents and detects every fraud and corruption event.
The more widespread these misconceptions among decision makers of an organization, the higher the corruption risks and business failure.
Why do we call these assertions and beliefs “misunderstandings about internal control”?
A Member may continue reading when she logs in to her account at the membership portal. Click here.