The two key roles of financial accounting are to measure business activities and to communicate those activities to external decision makers. For the measurement/communication process to be useful, the financial statements have to be accurate. There have been instances in the past where financial statements published were incorrect. In this chapter, we will explore how this could happen and what can be done to prevent it.
There are two reasons for companies to issue incorrect financial statements—errors and fraud. Errors are accidental errors in recording (or failing to record) transactions or in applying accounting rules. Though these errors are unintentional, they create confusion and could affect investor and creditor confidence.Fraud occurs when a person intentionally deceives another person for personal gain or to damage that person. Occupational fraud is the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employer’s resources.The first source of occupational fraud is misuse of company resources.The second source of occupational fraud involves financial statement manipulation. Here, those in charge of communicating financial accounting information falsify reports.
Three elements are present for every fraud that occurs:Motive (or pressure)—someone feels the need to commit fraud, such as the need for money.Rationalization—justification for the deceptive act by the one committing fraud.Opportunity—the situation allows the fraud to occur.
To minimize fraud, at least one of the three elements of of the fraud triangle must be eliminated. Companies mostly have the greatest ability to eliminate opportunity. To do this, companies implement formal procedures known as internal controls. These controls represent a companies plan to:safeguard the company’s assets improve the accuracy and reliability of accounting informationIn this chapter, we’ll discuss the basic principles and procedures of companies’ internal controls (with a deeper look at cash controls).
Managers are entrusted with the resources of both the company’s lenders (liabilities) and its owners (stockholders’ equity). In this sense, managers of the company act as stewards or caretakers of the company’s assets. However, in recent years some managers shirked their ethical responsibilities and misused or misreported the company’s funds. In many cases, top executives misreported accounting information to cover up their company’s poor operating performance. Such fraudulent activity is costly: The ACFE reports that the median loss caused by fraudulent financial statement schemes, for example, is $2,000,000 per instance.
In response to this, Congress passed the Sarbanes-Oxley Act, also known as the Public Company Accounting Reform and Investor Protection Act of 2002 and commonly referred to as SOX. It applies to all companies required to file financial statements with the SEC. It established various guidelines on internal control procedures and auditor-client relations.
Oversight board: The Public Company Accounting Oversight Board (PCAOB) has the authority to establish standards dealing with auditing, quality control, ethics, independence, and other activities relating to the preparation of audited financial reports. The board consists of five members who are appointed by the Securities and Exchange Commission.Corporate executive accountability: Corporate executives must personally certify the company’s financial statements and financial disclosures. Severe financial penalties and the possibility of imprisonment are consequences of fraudulent misstatement.Nonaudit services: It’s unlawful for the auditors of public companies to also perform certain nonaudit services, such as consulting, for their clients.Retention of work papers: Auditors of public companies must retain all work papers for seven years or face a prison term for willful violation.Auditor rotation: The lead auditor in charge of auditing a particular company, referred to as the audit partner, must rotate off that company within five years and allow a new audit partner to take the lead.Conflicts of interest: Audit firms are not allowed to audit public companies whose chief executives worked for the audit firm and participated in that company’s audit during the preceding year.Hiring of auditor: Audit firms are hired by the audit committee of the board of directors of the company, not by company management.Internal control: Section 404 of the act requires (a) that company management document and assess the effectiveness of all internal control processes that could affect financial reporting and (b) that company auditors express an opinion on whether management’s assessment of the effectiveness ofinternal control is fairly stated. Smaller companies are exempt from requirement (b).
Continual monitoring of internal activities and reporting of deficiencies is required. Monitoring includes formal procedures for reporting control deficiencies.Control activities are the policies and procedures that help ensure that management’s directives are being carried out. These activities include authorizations, reconciliations, and separation of duties.Risk assessment identifies and analyzes internal and external risk factors that could prevent a company’s objectives from being achieved.The control environment sets the overall ethical tone of the company with respect to internal control. It includes formal policies related to management’s philosophy, assignment of responsibilities, and organizational structure.
Examples of preventive controls include:Separation of duties: Activities such as authorizing transactions, recording transactions, and maintaining control of the related assets should be separated among employees.Physical controls: Assets and accounting records must be kept safe and accessible only to authorized personnel.Proper authorization: Only personnel with authorization should be allowed to collect money, process transactions, or make purchases.Employee management: Employees should be trained to carry out their job and must be made aware of any internal control procedures, ethical responsibilities, and channels for reporting irregular activities.E-commerce controls:Only authorized personnel should have passwords to conduct electronic business transactions.Examples of detective controls include:Reconciliations: Physical assets must be verified periodically to see if they match with the accounting records.Performance reviews:Employees’ actual performance must be measured against their expected performance to detect unusual trends.Audits: An expert auditor could be asked to assess internal control procedures to detect any deficiencies or fraudulent behavior of employees.
Everyone in a company has an impact on the operation and effectiveness of internal controls, but the top executives are the ones who must take final responsibility for their establishment and success.The CEO and CFO sign a report each year assessing whether the internal controls are adequate. Section 404 of SOX requires not only that companies document their internal controls and assess their adequacy, but that the company’s auditors provide an opinion on management’s assessment. The Public Company Accounting Oversight Board (PCAOB) further requires the auditor to express its own opinion on whether the company has maintained effective internal control over financial reporting.
Unfortunately, even with the best internal control systems, financial misstatements can occur. While better internal control systems will more likely detect operating and reporting errors, no internal control system can turn a bad employee into a good one. Internal control systems are especially susceptible to collusion. Collusion occurs when two or more people act in coordination to circumvent internal controls.Top-level employees who have the ability to override internal control features also have opportunity to commit fraud. For example, managers may berequired to obtain approval from the chief financial officer (CFO) for all large purchases. However, if the CFO uses the company’s funds to purchase a boat forpersonal use at a lake home, fewer controls are in place to detect this misappropriation. Even if lower-level employees suspect wrongdoing, they may feel intimidated to confront the issue.Finally, because there are natural risks to running any business, effective internal controls and ethical employees alone cannot ensure a company’s success, or even survival.
Of all assets, cash is the one most susceptible to employee fraud. Because of this, companies develop strict procedures to maintain control of cash.
Cash includes not only currency, coins, balances in checking accounts, and checks and money orders received from customers, but also cash equivalents, defined as investments that mature within three months from the date of purchase (such as money market funds, Treasury bills, and certificates of deposit).
Internal controls over cash receipts should include the following:Make a list of checks received, including the amount and payer’s name every day.Have a designated employee deposit checks into the bank each day. This person should be different from the person who receives cash and checksHave another employee record cash receipts in the accounting records as soon as possible. Have cash receipts verified by comparing the bank deposit slip with the accounting records.Accept credit cards or debit cards, to limit the amount of cash handled.Internal controls over cash disbursements should include the following:Make all disbursements by check, debit card, or credit card to provide a record for the transaction.Verify the accuracy of the purchase and authorize all expenditures before purchase. The employee authorizing payment should be different from the person preparing the check.Make sure checks are serially numbered. Require two signatures for larger checks.Check amounts shown in the debit card and credit card statements against purchase receipts.Set maximum purchase limits and require approval from upper-level employees to make purchases above these amounts.Separate duties of cash disbursements from cash receipts.
Another important control used by nearly all companies to help maintain control of cash is a bank reconciliation. A bank reconciliation matches the balance of cash in the bank account with the balance of cash in the company’s own records.
Differences in company’s cash records and bank’s cash records most often occur because of either timing differences or errors. It is the possibility of these errors, or even outright fraudulent activities, that makes the bank reconciliation a useful cash control tool.Timing differences in cash occur when the company records transactions either before or after the bank records the same transactions.Errors can be made either by the company or its bank and may be accidental or intentional.
Notice that bank statements refer to an increase (or deposit) in the cash balance as a credit and a decrease (or withdrawal) as a debit. This terminology is the opposite of that used in financial accounting, where debit refers to an increase in cash and credit refers to a decrease in cash. The reason for the difference in terminology is a difference in perspective. When a company makes a deposit, it views this as an increase to cash, so it records a debit to the Cash account. However, the bank views this same deposit as an increase in the amount owed to the company, or a liability, which is recorded as a credit. Similarly, a withdrawal of cash from the bank is viewed by the company as a decrease to its Cash account, so it is recorded with a credit, but the bank views this withdrawal as a decrease to the amount owed to the company, so it debits its liability.
First, we will consider cash transactions recorded by a company, but not yet recorded by its bank. These include deposits outstanding and checks outstanding. Deposits outstanding are cash receipts of the company that have not been added to the bank’s record of the company’s balance. Checks outstanding are checks the company has written that have not been subtracted from the bank’s record of the company’s balance.
Next, we need to reconcile the company’s cash balance for items which have been recorded by the bank but not yet recorded by the company. These include items such as interest earned by the company, collections made by the bank on the company’s behalf, service fees, and charges for NSF checks. NSF checks are customer’s checks written on accounts with nonsufficient funds. These are more commonly known as “bad” checks.
As a final step in the reconciliation process, a company must update the balance in its Cash account, to adjust for the items used to reconcile the company’s cash balance. We record these adjustments once the bank reconciliation is complete. Remember, these are amounts the company didn’t know until it received the bank statement.
Here is an illustration of a bank reconciliation statement.
To pay for these minor purchases, companies keep some minor amount of cash on hand in a petty cash fund. Accounting for the petty cash fund involves recording transactions to (1) establish the fund, (2) recognize expenditures from the fund, and (3) replenish the fund as the cash balance becomes sufficiently low.Management establishes a petty cash fund by writing a check for cash against the company’s checking account and putting that amount of withdrawn cash in the hands of an employee who becomes responsible for it. This employee is often referred to as the petty-cash custodian.
Suppose that at the beginning of May, Starlight Drive-In establishes a petty cash fund of $500 to pay for minor purchases. Starlight establishes the fund by recording this entry.
Assume Starlight has these expenditures from the petty cash fund during May. By the end of May, the petty cash fund has distributed $330, leaving $170 in the fund, along with receipts for $330. However, the company did not record these transactions at the time these expenditures were made. By the end of the period, the expenditures from the petty cash fund must be recorded using this entry.
Also at the end of the period, the petty cash fund may need to be replenished. Management can withdraw cash of $330 from the checking account and give it to the petty-cash custodian so the fund’s physical balance will once again be $500.To maintain the control objective of separation of duties, the petty-cash custodian should not be involved in accounting for, nor in the process of writing or approving, replenishment checks. What if only $150 physically remains in the petty cash fund, when there should be $170? It could be that $20 was stolen from the fund, or the fund could be missing a receipt for $20 to show where it was spent. If the question is not resolved, the firm will likely charge the $20 to Miscellaneous Expense.
Here, we discuss how companies report cash activities to external parties. Cash activities of a business enterprise are the most fundamental events upon which investors and lenders base their decisions: Where does a company get its cash? Where does a company usually spend its cash? These are important issues in determining management’s efficient use of a company’s resources and in predicting future performance. Therefore, beyond understanding the internal controls over cash, it is also important to briefly understand how cash is reported. Companies report cash in two financial statements—in the balance sheet and in the statement of cash flows.BALANCE SHEET: As we discussed in Chapter 3, companies report cash as an asset in the balance sheet. The amount is typically reported as a current asset and represents cash available for spending at the end of the reporting period. The balance sheet provides only the final balance for cash. It does not provide any details regarding cash receipts and payments during the period.STATEMENT OF CASH FLOWS: Companies report information about cash receipts and payments during the period in a statement of cash flows.
The three fundamental types of business activities relating to cash are:Operating activities include cash transactions involving revenue and expense events during the period. In other words, operating activities include the cash effect of the same activities that are reported in the income statement to calculate net income.Investing activities, as the name implies, include cash investments in long-term assets and investment securities. When the firm later sells those assets, we consider those transactions investing activities also. So, investing activities tend to involve long-term assets.Financing activities include transactions designed to raise cash or finance the business. There are two ways to do this: borrow cash from lenders or raise cash from stockholders. We also consider cash outflows to repay debt and cash dividends to stockholders to be financing activities. So, financing activities involve liabilities and stockholders’ equity.
Here is an example of the statement of cash flows.
One of the more common techniques used by investors for measuring earnings quality relies on comparing the trend in a company’s reported net income to its trend in free cash flow. A simple way to calculate a company’s free cash flow is to consider its operating cash flows plus investing cash flows during the period. This measure represents the cash that is freeto repay debt and distribute to stockholders. Companies whose free cash flow is decliningrelative to the trend in net income are likely to have lower-quality earnings.
Comparing free cash flow with net income can help in measuring the quality of earnings.How does free cash flow predict a company’s net income?When free cash flow and net income have similar trends, net income is more likely to continue that trend in the future.