INTERNAL

CONTROL
for Cooperatives
A lecture delivered by Ms. Janirose Z. Fernandez LBP Ilocos
Sur during the 2017 Cooperative Month Celebration
NSCC Plaza, Caoayan Ilocos Sur.
 Internal Control
Comprises the plan of organization and all
coordinated methods and measures
adopted within a business to safeguard its
assets, check the accuracy and reliability of
its accounting data, promote operational
efficiency and encourage adherence to
prescribed managerial policies.

2
 Internal Control
Internal Control – is the systems, policies, procedures
and processes effected by the BOD, management and
other personnel to safeguard the assets, limit or control
risk and achieve the objectives of the entity.

while

Internal Audit – provides an objective, independent

review of the entity’s activities, internal control, and
management information system to help the board and
management monitor and evaluate the adequacy and
effectiveness of internal control. 33
 PURPOSE OF INTERNAL
CONTROL
1. Ensure that the business of
the Coop is conducted in a
prudent manner in accordance
with policies and strategies
established by the board of
directors;
2. That transactions are only
entered into with appropriate
authority
3. That assets are safeguarded
and liabilities controlled;
4
PURPOSE OF INTERNAL
CONTROL
4. That accounting and
other records provide
complete accurate and
timely information
5. That management is
able to identify, assess,
manage and control the
risks of the
business.
5
 PRIMARY AREAS OF
INTERNAL CONTROLS
1. Organizational structures
(definitions of duties and
responsibilities,
discretionary limits for
loan approval, and
decision-making
procedures).
2. Accounting procedures
(reconciliation of account,
control lists, periodic trial
balances, etc.)
6
PRIMARY AREAS OF INTERNAL
CONTROLS
3. The “four eyes”
principles (segregation
of various functions,
cross-checking, dual
control of assets, double
signatures, etc).

4. Physical control over

assets and investments
7
 Internal Audit – What is it?

 A systematic and independent review

of the operations and controls of the
organization
- Systematic: the work is done
according to pre-designed plans and
programs
- Independent: the work is done
independent of management
8
 Internal Audit –
Why do it?
 To fulfill a key link in the risk
management process
 Primary Goals are:
- to ensure that internal policies and
procedures are being followed
- to ensure that financial and operating
information is accurate
- To identify previously unrecognized risks 9
 Internal Audit –

should do it?

 Chief Internal Auditor

- Banking and Accounting Professional usually CPA
with credit background of financial institution
- Maintains membership and/or ties with
professional associations
 Staff
- Qualified candidates from within the Coop or
through recruitment 10
 Personal Qualities
 Focused, well organized
 Attentive to details
 Exercises good judgment – knows what’s
important
 Excellent written and verbal communication
skills
 Trustworthy – will do the right thing
 Pleasant personality – can manage and train
staff
 Creative and independent thinker – can draw
sound conclusions and form relevant
recommendations

11
 Auditor
Independence
 Reports directly to the board
of directors
 Maintains appropriate communication
with the general manager/CEO
 Manages the budget and schedule for
the department
 Works in a separate and secure space
 Direct access to information
12
 Components of Internal
Control
 Control environment
 Risk Assessment
 Control Activities
 Accounting, information
and communication
system
 Self-assessment or
monitoring

13
Assessing the Control Environment
 Control Environment – sets the tone of the
Coop, influencing control consciousness of its
people. It is the foundation for all other
component of internal controls

 Points of Focus
•Organizational structure assignment of authority and
responsibility
•Human resource policies and procedures
•Integrity and ethical values
•Commitment to competence
•Management philosophy and operating style

 An effective Control Environment is one that

establishes and promotes collective positive
attitude toward achieving effective internal
control over the unit’s business
14
 Evaluating Risk Assessment
Process
 Risk Assessment – is the process of identifying
and analyzing relevant risks to the achievement
of the Coop’s objectives and determining the
appropriate response

 Point of Focus
• Risk identification
• Risk analysis and prioritization
• Risk management

 An effective Risk Assessment establishes and

maintains process to identify, analyze, and
manage risk relevant to achieving a unit’s goals
and objectives.

15
 6. Revise
1. Identify
policies
risks

5. Test effectiveness 2. Develop strategies and

and monitor results procedures to prioritize risks

4. Implement policies 3. Design policies

and assign responsibility to mitigate risks

16
 Is the potential
for realization
of the
RISK
unwanted
negative
consequences
of an event
 The possibility of loss,
injury, disadvantage or
destruction
17
 Types of Major Risks
for Coops
 Liquidity Risks
 Operations Risk

 Credit Risk

18
 Assessing Control
Activities
 Control Activities – are the policies and
procedures established and implemented to
address the risks and to achieve the Coop’s
objectives.

 Point of Focus
• Severity and frequency of audit findings, specifically
on the :
 Design of the control
 Operating effectiveness of the control

 An effective Control Activity is one that is

properly designed and implemented to
mitigate the risks
19
Assessing Control Activities
(Attributes)
 Design of the controls
• Existence of Appropriate policies and
procedures necessary with respect to each
of the entity’s activities

 Operating effectiveness of the controls

• Identified control activities in place are being
applied properly

 Examples of Control Activities

• Documentation
• Approval and authorization
• Verification
• Supervision
• Segregation of Duties
• Safeguarding of Asset
• Reporting
• IT Controls 20
 Assessing the Information
and Communication System
 Information and Communication – encompasses the
methods for identifying, capturing, and
communicating pertinent information in a time frame
that enables people to carry out their responsibilities

 Points of Focus
• Information
• Communication

 An effective Information and Communication System

ensures that information relevant to operating the
business and the maintenance of internal control and
records are identifies, captured, and communicated
to appropriate individual on a timely basis
21
  Monitoring – Assessing the
quality of internal control
system performance over
time

 Points of Focus
• Ongoing Monitoring Activities
• Separate Evaluation*
• Reporting Deficiencies
Assessing the
Monitoring
 An effective Monitoring
System detects and
System remedies control deficiencies
throughout the entire
internal control system

22
 Minimum
Internal Control
Standards

23
 Proper Accounting

Records
 Accounting records should satisfy the
needs of a particular financial
intermediary
 These should contain sufficient
details to meet management and
supervisory needs and should be
properly and currently posted.
24
 Division of Duties and
Responsibilities

 Duties must be segregated to allow

the proper functioning of automatic
checks.
 No one person should be in complete
charge of business transactions
 Operating instructions for each
position should be reduced in writing
25
 Signing Authorities
 Different levels of officers to sign for
and in behalf of the institution should
be approved by the Board of
Directors
 Extent of authority should
be clearly defined

26
 Dual  Routine of each
transaction should
Control be so designed
that at least two
or more
individuals are
involved in the
completion of
every transaction

27
 Independent Balancing
 This means that someone runs and
balances records that are normally
posted by another person, or that
someone counts
held by another
person

28
 Joint Custody
 Two or more persons are involved in
the safekeeping of physical
properties including documents

29
Physical Control
 Safeguarding and housing
of assets demand adequate
physical protection. Physical
control includes the vault gate keys
of equipment, alarms and other
physical devices to protect the
premises.

30
 Number
CoNtrol
Sequence number controls
incorporated in the accounting
system serves two purposed: (a) to
control processing and (b) to identify
individual transactions

31
 Knowledge of
Outside Activities
of Employees
 Periodic submission of statement of assets
and liabilities ascertains the financial
status of officers and employees
 Any immediate or sudden change in
appearance or habits of officers and
employees may be indicative of
misconduct, particularly when the change
reflect spending habits that go beyond the
limit of their income
32
 Rotation of Duties

 Rotation reduces the opportunity for

fraud points to the adaptability of an
employee and often results in new
ideas for the organization

33
 This policy is closely related to
rotation of duty as both result to a
forced absence from regular duties.
Vacation for those in position of trust
must be enforced

34
Direct Verification
 This pertains to
confirmation of
accounts or
records by means
of direct
correspondence
with the coop’s
customers

35
 Sound Personnel
Policies
 Recruitment – A formal
procedure must be followed when
employing new people. A check of
their previous employment and
credit references in mandatory in
order to hire individuals of
competence and integrity
 Fair Salary Scale – To attract and
keep honest staff
 Incentive and other Benefits – to
keep employees morale high
36
 Sound Personnel
Policies
 Code of Discipline. This should be a
code of discipline that serves as a guide
for the conduct expected of the officers
and employees in their day-to-day
pursuit of company objectives. Code of
discipline must also spell out what
constitutes violations and their
corresponding penalities.
37
 Internal Audit-
How is it done?
 Develop a comprehensive annual work plan for
board approval, including time schedule, budgets
and scope
 Design a generic audit work programs for each
area of Coop operation
 Design work papers that clearly document the
evidence of work performed, conclusions drawn,
and meets requirements
 Prepare audit report for the board and
management on a timely basis, and provide
status updates at least on a quarterly bases
 Follow up on status of implementing
recommendations 38
SAMPLE AUDIT PROGRAM
Office _________________ Audit Date:__________________
Audit Period ____________ Reviewer: ___________________
Source Code: 1 Document, 2 – Interview, 3 - Observation

TASK Y N N SOURCES COMMENTS

E O F
S A
Verify Petty Cash
Count cash and agree to petty cash

balance
Confirm the cash is counted periodically

by a supervisor
Review paid transactions for appropriate

receipts and approval

Review replenishment vouchers for the

period
Confirm that cashbox is reasonably

safeguarded
Ensure segregation of duties in cash

handling (approval, disbursement, and

accounting)

39
 Audit Report
 Keep it short and to the point
 Report on a timely basis
 Include four parts, at a minimum:

1. Executive summary: bullet list items of

concern that require immediate attention
2. Describe the scope of work (period
covered, business process or funding
source, etc.)
3. List key findings of exception to policy,
risks and recommendations
4. Note any prior recommendations that
have not been implemented
40
 FRAUD TRIANGLE

Incentives/
Opportunity
Pressures

Attitude/Integrity

41
 SITUATIONS THAT
OFFER OPPORTUNITY
FOR FRAUD
 Ineffective internal controls
 Too much trust placed on employees
 Employees have detailed knowledge of
the accounting system and its
weakness
 Management domination can subvert
normal internal controls
 Expected moral behavior is not
communicated to employees (no code
of ethics)
42
 SITUATIONS THAT OFFER
OPPORTUNITY FOR FRAUD

 Unreasonable budgets and expectations

 Related party transactions
 Incomplete or out of date procedural
documentation
 Management sets a bad example
 Conflicts of interest

43
PROFILE OF A FRAUDSTER
 Big spender (expensive hobbies, living beyond
means, high personal debt)
 Under stress (suffering from personal crisis
such as financial problems or bad marriage)
 Has evident financial needs (illness, drugs,
gambling)
 Intelligent (challenged by a secured system,
bored by routines)

44
 PROFILE OF
A FRAUDSTER
 Inquisitive (tempted by the discovery
of a computer vulnerability)
 Risk taker (willing to bend the rules
and take chances)
 Rule breaker (takes short cuts, self-
justifies, infractions of law)
 Hard worker (first to arrive in the
morning and last to leave at night,
never absent)
45
 REMINDERS
ON FRAUD
 Internal auditors are not expected
to be fraud specialists
 Audit procedures, even if done
with due professional care, do not
guarantee fraud detection
 Detection of Fraud is only a by-
product of the audit function, not
its main goal 46
Thank You!