5 Internal Control Tips to Avoid Earnings Restatements

Posted by Nancy Johnson on June 28, 2011

internal control over financial reportingThere are serious consequences when public companies publish inaccurate earnings reports and then must restate those earnings at a later date. The corporate entity itself is subject to SEC fines, shareholder lawsuits, and a plummeting stock price, while the individuals who signed off on the original statements (including executives and board members) can be personally sued as well as required to pay back compensation received during the years in question (see our posts on the clawback provision).

How do executives safeguard against false, misleading, or inaccurate financial reports? Start with these five tips, and you will be on your way to protecting your company – and yourself. 

1. Conduct a Risk Assessment

A risk assessment evaluates a company’s relevant financial statements and disclosures to determine risk levels in each business process and develop an action plan to mitigate each of the risks identified. During a risk assessment, executives must identify their company’s materiality threshold--the dollar amount that, in a single instance or aggregated instances, would create a material impact on their reported financial results.  Then, with help from their internal audit staff or a third-party resource, they would consider each business process area and ask the underlying question, “How likely is it that fraud or mistakes can occur in this account for this area of the business?” and “What level of risk – high, medium, or low -- is involved, both in terms of losses and in terms of financial reporting misrepresentation?”

Looking at how each account in your income statement and balance sheet impacts the various areas of your business is an excellent way to identify the high-risk areas for mitigation against financial reporting errors and possible restatements.

2. Develop Internal Controls to Mitigate Your Risks

Internal controls over financial reporting are the rules that dictate the way a company handles and reports on its financial transactions. They help to mitigate risk by providing checkpoints in the day-to-day accounting of a company’s financial assets to ensure that these assets are handled appropriately, as well as accounted for and reported on correctly.

Internal controls operate in the realm of the tangible -- how cash and inventory are handled, for example – as well as in the realm of the intangible, such as how a company’s culture promotes or downplays the importance of financial integrity and accuracy. 

3. Follow Your Internal Control Requirements

Yes, this step seems obvious but still it bears repeating. Internal controls only work if everyone in your organization – including executives and board members – follows them. A few reasons people bypass internal controls include:

  • Someone has made a mistake and is afraid of being found out.
  • Someone is overwhelmed with work or personal issues, and forgets to complete a task according to policy.
  • Someone is not aware of the policies and procedures.
  • Someone is aware of the policies and procedures but does not care to follow them for reasons like laziness or a sense of entitlement.
  • Someone genuinely wants to defraud the company. 

Understand that these reasons could apply to everyone at your company, at any given time in their employment or association with your company. Having internal controls that work in tandem ensures that your company is protecting itself against fraud and mistakes at all times, and across all levels of your company.

4. Test Your Controls Quarterly 

Most companies should be testing their internal controls quarterly, rather than waiting until the end of their fiscal year. This way, you’ll be able to detect and remediate problems before 1) reporting year-end results and 2) your auditor finds the problems.

5. Read What You’re Signing 

Public company executives, board members, and even mid-managers have more personal liability now than ever before. Still, many sign off on public financial statements (including tax forms) without having a deep understanding of what they are reading, or a deep confidence that what they are reading is true. Before you sign off on any company’s financial statements, take the time to read everything, ask questions, and try to validate some of the raw data that went into the reports. 

Tags: financial risk, internal control