Journal Entry Controls 764



  • I have a couple of accounting locations who are trying to argue that they do not need up-front review controls over journal entries (JEs are prepared, input and posted without review). They argue that any material adjustments that are incorrect, unauthorized or omitted will be caught during account reconciliation reviews or period-end management review of financial statements. They also argue that the effort to have management review of all JEs is not worth the cost.
    I need some assistance in providing examples to these locations where the existing controls (detective) are not adequate to prevent (material) unauthorized entries or where a material error may not be caught.
    My feeling is that all JEs above a certain threshhold (if not all JEs) should have a second-level review to ensure that the entry is complete, authorized and has appropriate support.
    We all know that most internal control guidance would recommend up-front controls on JEs. How do I get this message across to these teams?



  • is there a segregation of duties when JEs are prepared, input and posted without review? it was hard to tell from your description but i’m suspecting they don’t.
    I’ve seen in some companies they have stated clerks have the responsibility to prepare and input JEs (system access matches) but the manager was the only one that could post them. this implies a review and approval by the manager.
    one other question, how often do they find mistakes? how many? what is the time it takes to correct those? they may not be aware of rework it takes after the fact to get it or even thought about quantifying the this effort.
    do they embrace the quality culture? do it right the first time?



  • No SOD that I am aware of in creating, entering and posting.
    I don’t think that mistakes are identified too often. I don’t think that this should be a consideration in designing controls unless there are always several mistakes every reporting period, in which case stronger controls would be suggested.
    I think that they try to do things right the first time. It’s hard to argue for the standard good controls when few problems arise. It is just that the POTENTIAL for errors / fraud exists with few front-end controls.



  • they are going to get nailed on the lack of SOD. sometimes they don’t get it though until they see the actual test results where a defficiency is spelled out.
    they may be resistent to change their process and implement good controls like many companies. however I’ve also seen that when companies are facing the possibility of being failed by the external auditors (which will be exposed publicly) then they tend to be willing to implement some controls. they just have to be controls that don’t slow them down too much. went through a similar experience last year. the plant manager is suppose to sign off on all JEs. a failure during testing earlier in the year prompted a visit from the CFO to meet with the plant manager. results improved after that because in the next round of testing they passed.
    what does the CFO think? does the CFO understand the ramifications?



  • hI there,
    Yes controls need to be in place, but efficiency too.
    If you have someone reviewing all journals, then at the end he may end up not reviewing them at all but approving anyway (with the risk as if no one reviewed them).
    In our case, all journals that are automatically created by the system (going through a subledger first) are not suject to any pre-approval. The same applies to all Manual Journal Entries below 100,000 EUR.
    We installed this rule - over 100, 000 EUR - for all non recuring journals. But even these, they are approved (in reality) after the facts (after being posted) and this due to the strick and tight timing that locations have to close.
    We need to make sure smart controls are to be in place (Feasible and meaningfull)
    bye



  • I agree with having smart controls. I agree that journals under a specified amount probably do not need to have approval as they could never be material if approval limits are properly set. I will propose to these teams that they take a look at this from an analytical perspective to help set a reasonable approval target.
    Thanks for the input.



  • I have a couple of accounting locations who are trying to argue that they do not need up-front review controls over journal entries (JEs are prepared, input and posted without review).
    Let them argue all they want. They are wrong - get senior management to put them right.
    They argue that any material adjustments that are incorrect, unauthorized or omitted will be caught during account reconciliation reviews or period-end management review of financial statements. They also argue that the effort to have management review of all JEs is not worth the cost.
    I would counter that a) this may not amount to adequate design effectiveness unless the controls are sufficiently detailed and b) it is overly reliant on detect controls.
    In my experience it is people/companies that talk like this that end up needing to do massive clean-up exercises on their balance sheets.
    I need some assistance in providing examples to these locations where the existing controls (detective) are not adequate to prevent (material) unauthorized entries or where a material error may not be caught.
    My feeling is that all JEs above a certain threshhold (if not all JEs) should have a second-level review to ensure that the entry is complete, authorized and has appropriate support.
    We all know that most internal control guidance would recommend up-front controls on JEs. How do I get this message across to these teams?
    Controls i would be looking for over JEs are:

    1. standardised format for JEs
    2. restriction on who can post them - enforced by the system
    3. if the company is big enough - restriction on account codes/cost centres/group companies that an indivdual can post to
    4. approval in line with a delegation of authority[/quote]

Log in to reply