The UK auditing firm KPMG’s Audit Committee Institute recently found that the number of auditors with concerns about cyber security and cyber crime, had doubled in the last year.
Despite these concerns, businesses have not made significant improvements to the quality of fraud and theft prevention processes. In order to combat the threat of cyber-crime, businesses also need to tighten their internal financial controls and processes to achieve a more accurate, visibly secure and timelier monthly financial close procedure, leaving less opportunity for fraud and cyber-crime to slip through the Month End Close unnoticed.
How can a poor month-end close procedure lead to crime?
As we reported in our blog last year, the US accounting watchdog, the Public Company Accounting Oversight Board (PCAOB) issued a warning about ‘significant (internal) audit deficiencies’ that may be leading to corporate fraud. The PCAOB’s warning was clear: if you leave the possibility for fraud open then you will likely become a victim.
These ‘deficiencies’ could be down to one or a number of the following:
- Poor segregation of duties – The person approving the reconciliations is the same as the person who completed the reconciliations. This is used by the fraudster to cover up their crime.
- Software does not allow you to track changes – According to the Adra Match financial benchmark report, 63.7% of finance departments still use Excel spreadsheets to complete at least part of their month-end close process. But Excel cannot ensure that changes are tracked to specific employees, making it impossible to tell who made what change to the document. A fraudster knows this, and knows when and how to make changes that cannot be traced back to them.
- Some reconciliations being missed – Pressure to close the end of month accounts on time can lead to some accounts being missed from the monthly reconciliation procedure or completed late. Those accounts not reconciled in time are at a much higher risk of undetected fraud or other financial crime.
Unfortunately, manual process or Excel, falls short on this.
How about if you could do it as you are supposed to do?
We all want to improve our governance, risk and compliance procedures. Just imagine how wonderful it would be if every account could be assigned to dedicated colleagues for preparation and approval, and that, when the accounts were complete, no one else could fiddle with them. Imagine the improvement to your month-end close process if each account was presented with the right reconciliation procedure outlining the relevant steps and checks to be done. Then the preparer could simply acknowledge that the account was prepared according to the right account reconciliation procedure and sign off in such a way that the approval was as safe as a written consent.
The reconciliation would then be approved by a separate member of staff, using the same approval process – no one else but that assigned person could approve it. Every single action taken on every account would be recorded and traced, leaving no question as to who actually did what.
This process would make you compliant with high levels of Governance, Risk and Compliance (GRC) and provide you with a strong defence against crime – whether fraud or if cyber-crime surfaced in the Month End Close reconciliations.
But what about the challenge faced by finance departments in ensuring that the month-end close is timely, accurate, and follows this strict GRC procedure?
Don’t sigh and feel dejected because BALANCER from Adra Match does just that. By requiring a unique log in from each user, the software creates a strong audit trail – any action can be tracked back to the relevant user. What’s more, by automating much of the reconciliation process, BALANCER also provides a quicker and far more accurate month-end close report.