Analysis and redesign of the internal control system

In performing these transactions, involuntary errors may arise, as can intentional fraud.

Erroneous or fraudulent transactions entailing financial repercussions may cause unrecoverable capital detriment. Even if this is not the case, the existence of errors or fraud compromises the capacity to smoothly carry out the activity and erodes the prestige and trust placed in the organisation in the long-term on the part of third parties.

Internal control is the organisational instrument that generates trust regarding capacity to avoid and, if applicable, detect in advance errors and/or fraud in transactions stemming from the day-to-day activity of the organisation.

Key issues we address

• Identification of key risks and vulnerabilities implicit in the activity of the organisation. In other words, clearly determining what circumstances we wish to avoid or, alternatively, what we want to assure.
• Assessing the potential risks to conduct a suitable cost/benefit analysis of the scope of control to engage in. There is no point in implementing control systems implying a higher cost than the risk to be avoided.
• Design of the internal control system fulfilling the following basic requirements: integrity (making it possible to ensure no transactions escape our control), maximum transparency (the ideal system should not interfere with or devalue clients when the organisation engages in its day-to-day processes) and ease of interpretation (a complex control system that is difficult to interpret may not provide any help in generating trust concerning the smooth performance of operations).
• Support in implementing the internal control system and integrating it into regular processes of the organisation to ensure compliance and effectiveness.

Certain key issues:

Will a more robust internal control entail more internal bureaucracy and slow down our day-to-day operations?

A premise we use in our approach is to attempt not to overlap additional specific control processes with existing processes. Instead, we seek to understand the processes carried out to attempt to simplify them and make them sturdier.

The aim is for the organisation to benefit from an effective internal control system and swifter, more profitable processes.

In any event, in addition to seeking maximum integration and efficiency in processes, our consultants always seek to strike a balance between the benefits provided by the internal control system and the monetary costs and time it entails. This can be established by means of alarm systems whereby the most expensive control processes are only implemented exceptionally and once an incident has been identified in the regular process.

Does an improvement to my internal control system entail changes to my computer system?

Not necessarily. Although once the control system has been designed it needs to be systematic and, if applied to many transactions, this entails its automation and integration into your computer system, such an integration may be carried out often using the functionalities existing in the programmes without the need for additional programmes or developments.

When is it appropriate to consider strengthening the internal control system?

The detection of errors or fraud after the fact is a compelling reason to review and strengthen internal control systems, although the management should act in a preventive manner when the complexity of the transactions increases gradually entailing greater risks.

The processes of growth, access to new markets or new business opportunities with external operators are times to consider the sturdiness and reliability of our internal control system.