SlideShare a Scribd company logo

Internal Controls – The changing Indian Landscape--By Samit Saraf

K
kirtane&Pandit

Internal controls, consisting of internal policies and procedures, are vital for an organization's efficient functioning, fraud prevention, and compliance with legal requirements. In the current diverse and innovative business landscape, the implementation of robust internal controls is more critical than ever. Recent scandals, such as a major Indian conglomerate facing allegations of misappropriation, highlight the profound impact of fraud on market stability and business conduct. Historical cases like Enron, WorldCom, and Bernie Madoff underscore the necessity for stringent internal controls, leading to legislative responses like the Sarbanes-Oxley Act in 2002. In India, a prominent IT company experienced a Rs. 7,000 crore accounting manipulation in 2009, prompting regulatory changes under the Companies Act 2013, focusing on comprehensive fraud risk management with strict penalties for violations. Corporate fraud, spanning embezzlement, accounting fraud, insider trading, and bribery, inflicts enduring consequences, damaging companies financially, tarnishing brands, and triggering legal and regulatory complications. This not only affects employees, customers, and shareholders but also undermines economic stability by eroding investor trust. Addressing corporate fraud requires significant investments in prevention and detection systems, establishment of effective governance and compliance frameworks, and fostering a culture of honesty and accountability. Strong internal controls, risk management, and ethical corporate cultures are pivotal in preventing fraud. This report underscores the importance of global and Indian regulatory changes concerning internal controls, considering the scams witnessed over the past decades. The ongoing tendency of companies to accentuate positives and downplay negatives highlights the necessity for regulations safeguarding retail investors and other stakeholders.

Business
1 of 27
Download to read offline
This paper sheds light on recent modifications to internal control regulations in India and around the world in response to the numerous scams that have been exposed over the last few decades. The Changing Indian Landscape
Contents 01 02 03 04 05 06 07 08 Changing Face of Scams Introduction Financial Shenanigans Impact of Frauds on Corporations Global Regulatory Changes Adopting the new normal in regulatory changes – An Indian Perspective Internal Controls Conclusion
Introduction Internal Controls implemented by an organisation primarily comprises of various policies & procedures implemented internally to ensure efficient conduct of business, prevention or detection of frauds as well as timely adherence to various legal compliances. Though the need of setting up the right policies and procedures always existed, the importance of implementing the internal controls by the companies in its true spirit has never been greater than in the current era of diversified businesses and innovative financial practices. As one of the India’s richest business conglomerates made headlines for all the wrong reasons earlier this year, due to a report by a US bases short selling firm’s report about the possibility of misappropriation in the books, it led to a sudden significant fall in market value of its listed shares. It has since been reported in media reports that many of the alleged issues were given a clearance during SEBI’s independent investigation in this matter. That being said, potentially the colossal impact of frauds / scams or even the possibility of such events on the stability of an organisation and the following disruptions affecting conduct of business make the implementation of internal controls extremely relevant as we see these instances arise across multiple timelines in history. 01
If we were to review some of the largest reported frauds of the financial world over the years- Enron, came to light in October 2001, 15 months after the dotcom bust and a month after 9/11 had pushed the US stock market further into the mire; WorldCom filed for bankruptcy in July 2002 after having allegedly cooked its books frantically in the wake of the dotcom bust; and Bernie Madoff confessed to his sons in December 2008 – three months after Lehman Brothers went under – that his wealth management scheme was a massive Ponzi scheme. Perhaps, the Sarbanes Oxley Act, legislated in July 2002, was an outcome of these breaches in trust post the Enron and WorldCom collapse. Similar incidences can be found on Indian soil as well with manipulation of accounts to the tune of approx. Rs. 7,000 crores in one of the most prominent IT companies in January 2009. This was just four months after the Lehman Brothers bust triggered a liquidity freeze in India. Analysts dubbed the scam as India’s own Enron. Although this happened back in 2009, the Companies Act, 1956, the then applicable law regulating the Indian companies, did not have any separate definition of ‘fraud’. Now under the new Act, there is a very clear definition of the term ‘fraud’. The Companies Act 2013 is a significant development in the evolution of India’s regulatory environment. This law is the first in the country to focus comprehensively on fraud risk management and prescribes stringent punishment upon the violation of its provisions. 02
The Management’s desire to put up a positive front to the financial results more than the reality has been around as long as corporations and investors themselves. Companies with dishonest management have at times used these tricks to prey on unsuspecting investors, and it is unlikely that they will ever cease to do so. As King Solomon observed in the book of Ecclesiastes, “What has been will be again, what has been done will be done again. There is nothing new under the sun” And while investors have become aware of these gimmicks over the years, dishonest companies continue to find new tricks (and recycle old favourites) to deceive investors. Corporate fraud occurs when employees defraud the company and its investors for personal gain. This scam includes embezzlement, accounting fraud, insider trading, and bribery. Business fraud has long-term consequences. Fraud costs the company money, damages its brand, and causes legal and regulatory issues. A fraud damages everyone - employees, customers, shareholders, and the economy at large. Corporate fraud lowers investor trust and impacts economic stability. Due to potentially catastrophic repercussions, firms must take corporate frauds seriously and take as much measures as possible to prevent them. This would involve investing in fraud prevention and detection systems, effective governance and compliance frameworks, and an organization-wide culture of honesty and accountability. Finding and investigating corporate frauds needs specialized expertise and resources. On the other hand, the existence of strong internal controls, risk management, and a culture of ethics and openness usually help in preventing the frauds. This report throws light on recent changes in the regulations relating to internal controls across the world and in India in light of various scams seen by the world over past few decades. A never-ending urge of companies to exaggerate the positives and suppress the negatives, makes a very strong case for giving utmost importance to the regulations protecting the retail investors & other stakeholders. 03
Maleficent top management, even if they do not happen to be promoters, can extract value out of a company and suck shareholders dry. Such narrative resonates through the story of one of the biggest American energy companies of its time based in Houston, Texas which later became synonymous with the term “massive accounting fraud”. Enron ranked number seven in Fortune magazine’s list of the 500 largest companies in 2000 (ranked by total revenue), surpassing then corporate giants such as AT&T and IBM. In just five years, Enron’s revenue miraculously increased by an astounding factor of 10 (rising from $9.2 billion in 1995 to $100.8 billion in 2000). It was later discovered that a staff of executives were able to hide billions of dollars of debt of the Company with the use of accounting loopholes, the misuse of mark-to-market accounting, special purpose entities, and poor financial reporting. This also involved misleading Enron's board of directors and audit committee on high-risk accounting practices and pressuring the auditors to ignore the issues. The price of a share decreased from over $90 to around $1 within a year & half. About 67 executives were charged and subsequently imprisoned as a result of their activities. Many people have described the utility company’s ruse as a cleverly designed fraud involving the use of thousands of off-balance-sheet partnerships to hide massive losses and unimaginable debts from investors. While the outline is essentially correct, the detection of red flags required no special accounting skills or even advanced training in reading financial statements. Perhaps, it simply required the curiosity to notice and question such a vast jump in Enron’s sales revenue in a short span of time without any large acquisitions along the way. Financial Shenanigans The 2000’s 04
The WorldCom scandal was another major accounting scandal that came into light in the summer of 2002 at WorldCom, the USA's second-largest long-distance telephone company at the time. From 1999 to 2002, senior executives at WorldCom orchestrated a scheme to inflate earnings in order to maintain WorldCom's stock price by releasing reserves into income created by creative accounting on acquisitions. When financially struggled, they inflated cash flow, capitalizing what should be expensed. Despite being a fraud much simpler than Enron, it was much bigger in quantum. Amongst the similar scandals in Europe, the cases of reporting of non-existent assets, non-reporting of existing liabilities, cash-flow misrepresentations, off-balance sheet assets and other creative accounting to inflate revenues remained at the forefront. As per reports, the Management at India’s information technology giant Satyam decided to acquire 100% in Maytas and 50% in Maytas Properties for $1.6 billion in 2008 which was controlled by son of Satyam’s then CEO. (The word Maytas is Satyam spelled backward!!). The board of directors hadn’t raised any objection despite the related-party nature of the acquisition and more importantly despite the questionable element of such a large investment of $1.6 billion was being made in a real estate venture at a time when the Company’s core business was already under pressure. While the board agreed to the acquisition in principle, it was aborted the next day after an investor uproar. It was later known that the deal was the last attempt to replace Satyam’s fictitious assets with real ones. The CEO resigned after confessing to inflating the company’s financial position – the company’s cash and bank accounts on the balance sheet were overstated to the tune of INR 5040 crores. Satyam’s obligations were similarly understated on its balance sheet. The scandal brought to light the importance of corporate governance in designing audit committee standards and board member responsibilities. A sign of a healthy and effective board is when a dissenting view overturns a management-driven consensus. That clearly did not happen at Satyam. Fallout continues post 2008-Related party transactions 05
Conflict of Interest Some examples of ‘conflict of interest’ are when the Board members vote for decisions that directly benefit their other businesses. Promoters often make huge chunks of money by cleverly using related party transactions. This is also called self-dealing when a manager accepts a transaction from another firm that enriches the manager but hurts the company or its clients in the process. A similar reported incident took place in one of the largest banks in India - ICICI Bank, where term loans worth ₹1,875 crores were granted to Videocon Group companies between 2009 and 2011, soon after the new managing director and chief executive officer took over the charge. It was alleged that a part of these loans was then invested into companies managed by the spouse of the new MD & CEO. Prima facie there were many red flags in these transactions, including - • How the internal control or standard operating procedures allowed the involvement of the CEO dealing with an individual loan? • Why the related party disclosures were not flagged off during the process of audit, or were they completely missing? • How the eminent independent directors of the Bank didn’t find these transactions suspicious? Ultimately, as discussed above, such frauds / deceitful transactions led to dampening the reputation of both the leading bank of the country as well as the newly appointed MD / CEO. Perhaps better & smarter internal controls & corporate governance practices in place could have alleviated the suffering of the shareholders & other stakeholders related to the bank and economy at large. 06
Financial Impact As evident from the past, in a few months following the announcement of various allegations of fraud and embezzlement, the companies have either declared bankruptcy leading to winding up or have undergone a judicial restructuring where the stakeholders have lost significant amount of wealth. Direct financial loss to all the stakeholders is one of the major risks for any company that falls victim to or commits fraudulent activities. Impact on Employees Employees are among the first victims of the effects of fraud, whether directly involved in such fraud or not. According to numerous studies conducted among companies, employee morale is at its lowest when the company they work for is involved in a fraud case or is under the suspicion of fraud. A drop in productivity and departures can then increase, contributing to the weakening of the core strength of the company. Business Relationships In business, the stakeholders are increasingly committed on dealing with companies that uphold values of integrity, transparency, and honesty. The emergence of a fraud case within a company or even in the group / company with close relations, calls these standards into question and scares away the business partners or potential investors. This results in a loss of business opportunities and competitiveness. Relations with regulatory authorities also deteriorate, thereafter, resulting in “red flagged” treatment from the authorities. Impact of Frauds on Corporations Financial Impact Impact on Employees Business Relationships Reputational Damage 07
08 Reputational Damage According to a World Economic Forum survey of CEOs and leaders of organizations around the world, corporate reputation is a more important measure of success than stock performance, return on investment, and even profitability of the company for measuring sustained success. A strong reputation inspires confidence in investors, potential recruits, customers, and regulators and boosts overall business sentiment. Legal proceedings following the cases of fraud resulting from the uncovering of unreliable internal control systems, among others, can cause irreparable damage to a company’s image and brand. Reputational damage may threaten the very existence of companies.
Global Regulatory Changes In the aftermath of large corporate scandals over the years, the quality of financial statements and the role of auditors and accountants were broadly questioned and remained a bone of contention in corporate governance issues for the past few years now. Sarbanes-Oxley (“SOX”) Act of 2002 was introduced as a response to these scandals to restore investor confidence by ensuring compliance, perhaps also to stabilise the investor sentiments in financial markets. The SOX Act created the Public Company Accounting Oversight Board (PCAOB) with the mission to oversee the audits of public companies and related matters, even in certain foreign companies as they were listed on the U.S. stock exchange market. After the scandals in the 2000’s, an increased number of countries started adopting the International Financial Reporting Standards (IFRS) set by the International Accounting Standard Board (IASB). Despite an initial resistance, European Commission (EC) rules incorporated a part of the Sarbanes-Oxley Act to remodel Corporate Governance standards within European Union. Further improvements led up to a large–but not smooth movement, to broaden the adoption of international standards on accounting (IFRS, IPSAS) and on auditing (ISA). India has also adopted a carved out version of the IFRS known as IND-AS, in recent times. Following the outbreak of 2008 financial crisis, the Dodd-Frank Act of 2010 was drafted to increase prudency in financial markets, but it also had passages that increased incentives for whistleblowing. Primarily it intended to curb the extremely risky lending practices of financial institutes, which caused a housing sector bubble that ultimately burst and drove the global crisis. 09
Adopting the new normal in regulatory changes – An Indian Perspective Corporate scandals and frauds in India are as old as the history would take back. The 1950s witnessed the infamous LIC Mundhra scam, which was the first major financial fraud of the independent India and has played a role in bringing about financial reforms in India. It highlighted the need for better regulatory mechanisms and oversight in the stock market. The incident contributed to the establishment of the Securities and Exchange Board of India (SEBI) in 1988, which was tasked with regulating the securities market and protecting investors' interests. Frauds continued with an alarming regularity thereafter in every decade – the infamous Harshad Mehta, Ketan Parekh, Sahara, and Satyam scams are just a few of them. These frauds were investigated by the law enforcement agencies under the relevant provisions of the Indian Penal Code, 1860 (IPC). The Companies Act, 1956 did not have any separate definition of ‘fraud’. Now under the new Act, there is a very clear definition of the term ‘fraud’. 10
Major corporate scandals of 2007-08 led the Parliamentary Standing Committee to recommend two new legislative changes: • Separate definition of fraud under Section 447 of the Companies Act, 2013 (the Act). • Creation of the Serious Fraud Investigation Office (SFIO) under Section 212 of the Act to investigate those frauds. The Companies Act 2013 is a significant development in the evolution of India’s regulatory environment. This law is the first in the country to focus comprehensively on fraud risk management and prescribes stringent punishment upon the violation of its provisions. The Act includes specific provisions to address the risk of fraud, alongside prescribing greater responsibility and increased accountability for independent directors and auditors. It goes beyond professional liability for fraud and extends to personal liability, prescribing penalties for directors, key management personnel, auditors, and employees. As the punishment for fraud is both imprisonment and fine, it will be a non-compoundable offense, which makes the commission of fraud a more serious affair. 11
Several recent corporate frauds seem to have alarmed the lawmakers and the regulators. • Tightening of Sections 447 and 212 of the Act, coupled with the inclusion of fraud as an offense under the PMLA, has alarmed the Audit Committees and the Corporate Boards. • Stringent conditions for the grant of bail, provisions for disgorgement of assets, claw-back of remuneration and unlimited personal liability of directors have further damaged the frayed nerves of independent directors. • Regulators and the law enforcement agencies are increasingly becoming prosecution focused. • SEBI’s new requirement of reporting to stock exchange, even the commencement of forensic audit, may create further complications every time a whistle blower complaint is received by the Audit Committee. • Independent directors now prefer to undertake comprehensive due diligence of compliance and the governance standards of a company before accepting new board positions. India Inc. is slowly adapting itself to the new normal. 12
Changing Face of Scams The world is experiencing a rise in new frauds which the business community may be largely unaware of. Some of the key frauds uncovered (or yet to be uncovered!) in very recent times in the world are mentioned below- In the current era of globalization & digitization, starting from the manufacturing activity to the distribution to ultimate customer, ERPs are responsible for recording of various activities, including inventory management. Astonishing rise of E-Commerce in recent years brings in risks of following - • Counterfeiting • Fraudulent transactions through stolen data • Lack of adequate security at payment gateways • Leakage and data loss of confidential company information • Redirection of payments to fraudulent accounts for purchase of goods • Incorrect inventory entries • Third-party due diligence for its ecosystem The Government is working closely with e-commerce players and manufacturers to develop legislation that addresses the concerns of doing business online, and even companies should aim to fortify themselves with adequate safeguards to mitigate the risk of fraud and reputation loss. E-commerce Risks 13
With an increasing number of users demanding simultaneous access to data and applications over multiple devices such as desktop PCs, notebook computers, smartphones and now smart watches, cloud computing is gaining appeal for both enterprise and personal use. The current state of technology makes it possible to edit and share various documents and data of varied nature across multiple devices and locations. Some subscriptions also allow users to collaborate and interact in real-time. With the increasing number of cloud-based service providers, importance of risk management relating to systems and intellectual property has also grown over the time. Some of the key risks may include data loss from unauthorized use of low-quality systems, hacking, theft of intellectual property, and theft of confidential customer data. Financial & other losses from cloud computing frauds are difficult to estimate, though the damage could be massive depending on the sensitivity of the data lost. It is therefore important that companies remain aware of such risks and accordingly be proactive in taking appropriate precautions while using cloud computing as part of their business operations. Cloud Computing Frauds 14
Platforms have been an integral part of our lives for years. Social media platforms connect us every day, E-commerce platforms provide access of goods and services to potential buys and enterprise platforms help companies interact with customers, process transactions, and move funds. In the banking industry, for example, organisations have built sophisticated systems over the past two decades to protect assets and customers. But today, as a portion of transaction processing moves away from legacy banks to platforms, the obligation for security is also transferred – except many platforms may not be as well equipped as banks, which results in increased risks of identifying, preventing, and mitigating frauds. Another common limitation is fading of transparency. In far too many instances, platforms do not provide their customers adequate visibility into how they manage consumer data – exposing all involved players to potential fraud. Fraudulent transfers to or from a platform are the most common type of platform frauds, comprising more than three-quarters of all such incidents. Fraudsters’ tactics range from basic unauthorised digital purchases – stealing a credit card number to buy goods and services – to more complex schemes such as identity theft and “triangulation” fraud. These often include intricate plots such as drop-shipping fraudulently purchased items to “legitimate” customers. Other scams involve creating fake buyers and customers (using stolen identities to obtain goods and services on credit or to prepare for future schemes) and fake sellers and merchants (an exhaust channel for stolen cards). Platform Frauds 15
Social networking is an asset helping companies by providing strategic inputs, estimating competitive advantage and brand leverage, and serving as a structured medium to buy and sell goods and receive feedback from users. The most significant fraud related risk concerning corporations is that of data disclosures. These include sharing of confidential information such as client names, financial details, reputation related matters, private employee related matters or forward-looking information such as business plans. The risk of data disclosure can be attributed to the lack of a formal training/ sensitization program for employees. Employees not educated in social-media matters pose the greatest risk when it comes to social business. The use of social networks has, in an unprecedented way, blurred the line between work and personal use of technology by employees. As a result, the ways in which social platforms are used by employees give rise to a host of challenges for employers, including how best to protect confidential information. Social Media Fraud 16
Internal Controls The opportunity to commit fraud arises when controls are absent or even failing. Thus, fraud will be easier to carry out since the purported fraudster will be able to operate without adequate supervisory control within the company. Major corporate global scandals Satyam and Enron, lead to decline in public trust in accounting and reporting. Modification of the Indian regulations in coherence with the western world has led to introduction of Internal Financial Controls (IFC) in the Companies Act 2013. The Act includes specific provisions to address the risk of fraud, alongside prescribing greater responsibility and increased accountability for independent directors and auditors. It goes beyond professional liability for fraud and extends to personal liability, prescribing penalties for directors, key management personnel, auditors, and employees. IFC is applicable to only listed companies and Internal financial controls with respect to financial statements (ICFR) is applicable to all companies other than those exempted by MCA. Internal financial controls are defined in the explanation to Section 134(5)(e) of the companies Act 2013 as the policies and procedures adopted by the company for ensuring • The orderly and efficient conduct of its business, including adherence to company policies safeguarding of its assets. • Prevention & deduction of frauds and errors • Accuracy & completeness of accounting records • Timely preparation of reliable financial information. IFC Vs ICFR 17
On reading of the above definition, the intent of the legislation is to have control framework beyond financial reporting controls. Auditors cannot be expected to comment on the operational conduct of the business, hence Internal financial controls by the auditors are on the Financial reporting aspect only which has led to the birth of the terminology ‘Internal Controls over Financial Reporting’ (ICFR). “Internal financial controls over financial reporting” shall mean A process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A company's internal financial control over financial reporting includes those policies and procedures that • Pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the company; • Provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the company are being made only in accordance with authorisations of management and directors of the company; and • Provide reasonable assurance regarding the prevention or timely detection of unauthorised acquisition, use, or disposition of the company's assets that could have a material effect on the financial statements. Hence to put it in simply IFC as a concept is much wider in scope when compared to ICFR IFC ICFR Operational Controls Anti- Fraud Controls + + = 18
Who all are responsible? Sec 143 Sec 177 Schedule IV Rule 8 of Companies Act Sec 134 ICFR ICFR ICFR ICFR IFC Auditors report Audit Committee Independent Directors Board of Directors Report Directors Responsbility Statement In case of listed company, the Directors’ Responbility states that directors have laid down IFC and such are adequate and working operating effectively All Entities having an audit committee, should evaluate whether the company has adequate IFC systems in place and operating effectiveness of such controls. All Entities having an audit committee, should evaluate IFC and risk management systems. Call on the auditors to comment on IFC. All Entities (Listed/Unlisted), should satisfy themselves on the integrity of financial information and ensure financial controls and systems of risk management are robust and defensible. All Entities (Listed/Unlisted).The details in respect of adequacy of internal financial controls with reference to financial statements 19
Framework Management and Auditors need some set of benchmarks to assess the adequacy and effectiveness of IFC. Without these benchmarks assessment will be subjective without any guiding posts. The bench marks are called as framework. The COSO Framework is a system used to establish internal controls to be integrated into business processes. Collectively, these controls provide reasonable assurance that the organization is operating ethically, transparently and in accordance with established industry standards. 20
Here are the five components of the COSO framework: • Control Environment The control environment seeks to make sure that all business processes are based on the use of industry-standard practices. This can help ensure that the business is run in a responsible way. It may also reduce an organization's legal exposure if the organization is able to prove that its business processes are all based around industry standard practices. Additionally, the control environment can help with making sure that an organization is adhering to regulatory compliance requirements. • Risk Assessment and Management Risk assessment and management -- which is sometimes referred to as enterprise risk management -- is based on the idea that risk is an inherent part of doing business. However, those same risks can sometimes cause a business to suffer adverse consequences. As such, organizations commonly adopt risk management plans that help them to identify risks and either reduce or eliminate risks deemed to pose a threat to the organization's well-being. • Control Activities Control activities are also tied to the concept of risk management. They are essentially internal controls that are put into place to make sure that business processes are performed in a way that helps an organization to meet its business objectives without introducing unnecessary risks into the process. 21
• Information and Communications Communications rules are put in place to make sure that both internal and external communications adhere to legal requirements, ethical values and standard industry practices. For example, private sector organizations commonly adopt privacy policies establishing how customer data can be used. • Monitoring Steps in IFC/ICFR implementation At a minimum, monitoring is performed by an internal auditor who makes sure that employees are adhering to established internal controls. However, in the case of public companies, it is relatively common for an external auditor to evaluate the organization's regulatory compliance. In either case, the audit results are usually reported to the Board of Directors. 22 Start End Identify significant account balances/ disclosure Items Assess the design of controls Plan nature, timing and extent of testing operative effectiveness Assess impact on Audit opinion Form audit opinion on financial statements Perform operative effectiveness testing Assess findings and conclude on operative effectiveness Form opinion on IFC Assess the Implementation of controls Appopriate design & Implementation of controls? Assess audit impact and plan other suitable procedures Plan operative effectiveness testing Identify & understand significant flows of transactions Identify risk of material misstatements Identify controls which address risk of materials misstatements Identify application associated IT environment ITGC Assess and Manage Risk Manage Audit Engagement Prepare and Control Audit Documentation Continuous Focus on Audit Quality 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
Conclusion In conclusion, the effective implementation of internal controls within an organization is paramount for its sustained success and integrity. Through this exploration of internal controls, it becomes evident that these systems play a crucial role in mitigating risks, ensuring financial accuracy, and promoting ethical behaviour. Internal controls provide a structured framework that not only safeguards the organization's assets but also enhances operational efficiency. By establishing checks and balances, organizations can detect and prevent errors, fraud, and other irregularities before they escalate. This not only protects the organization's financial well-being but also fosters a culture of accountability and transparency. Moreover, in an ever-evolving business landscape, where regulatory requirements are becoming more stringent, a robust internal control system not only helps organizations comply with legal mandates but also instills confidence among stakeholders. Investors, customers, and employees are more likely to trust and engage with an organization that demonstrates a commitment to sound financial management and ethical practices. It is crucial for organizations to view internal controls not merely as a compliance necessity but as a strategic tool for long-term sustainability. Continuous monitoring, periodic assessments, and adaptability to changing circumstances are key elements of an effective internal control environment. Organizations that prioritize the development and maintenance of strong internal controls are better positioned to navigate uncertainties, seize opportunities, and build a resilient foundation for future growth. In essence, internal controls serve as the backbone of a well-governed organization, contributing to its overall stability and success. As businesses face increasingly complex challenges, the importance of robust internal controls cannot be overstated. Embracing a proactive and holistic approach to internal controls is an investment in the organization's longevity, reputation, and stakeholder trust. 23
References https://omh.ny.gov/omhweb/resources/internal_control_top_ten.html#:~:text=Protect% 20cash%20and%20check%20collections.&text=Issue%20receipts%20for%20cash%2C%2 0using,Centralize%20cash%20receipts%20whenever%20possible. https://omh.ny.gov/omhweb/resources/internal_control_top_ten.html#:~:text=Protect% 20cash%20and%20check%20collections.&text=Issue%20receipts%20for%20cash%2C%2 0using,Centralize%20cash%20receipts%20whenever%20possible. http://www.lawstreetindia.com/experts/column?sid=488 https://www.intechop0065n.com/chapters/55244 https://blog.ipleaders.in/case-study-satyam-fraud-case/ https://corporate.cyrilamarchandblogs.com/2020/10/corporate-frauds-emerging-legal-a rchitecture-judicial-trends/ https://taxguru.in/corporate-law/corporate-frauds-emergence-issues-analysis-indian-pe rspective.html https://blog.ipleaders.in/top-10-biggest-scams-in-india/#:~:text=14000%20crore%20sca m%20under%20the,the%20Bombay%20stock%20exchange%20company https://www.insightsforprofessionals.com/management/compliance/how-fraud-allegati ons-affect-business https://www.icsi.edu/media/webmodules/companiesact2013/Annexure-B.pdf https://taxguru.in/company-law/internal-financial-controls-introduction.html https://kb.icai.org/pdfs/PDFFile5b276a4c148d73.52290639.pdf https://info.knowledgeleader.com/bid/161685/what-are-the-five-components-of-the-cos o-framework https://www.wirc-icai.org/images/material/WIRC-IFC.pdf
Pune 5th Floor, Wing A, Gopal House, S.No. 127/1B/11, Plot A1, Kothrud, Pune – 411 038, India Contact no : 020 67295100 / 25433104 E -mail : kpca@kirtanepandit.com New Delhi 272, Rajdhani Enclave, Pitampura, Delhi-110034, India Contact no : +91-9911814171 E -mail : kpcadelhi@kirtanepandit.com Nashik Flat No. A- 102, Malpani Saffron, Pathardi Phata, Nashik -422010, India Contact no : +91 253 2386644 E - mail : kpcanashik@kirtanepandit.com Chennai No. 11, 2nd Floor Rosy Tower, 7 Nungambakkam, High Road, Chennai - 600 034, India Contact no : +91 99164 66614 E -mail : kpcachennai@kirtanepandit.com Mumbai 601, 6th Floor, Earth Vintage, Senapati Bapat Marg, Dadar West, Mumbai- 400 028, India Contact no : 022 69328846 / 47 / 48 E -mail : kpcamumbai@kirtanepandit.com Bengaluru No. 63/1, 1st Floor, Makam Plaza, III Main Road, 18th Cross, Malleshwaram, Bengaluru – 560055, India Contact no : 080 23443548 E -mail : kpcabengaluru@kirtanepandit.com Hyderabad 401 to 405, 4th Floor, Sanatana Eternal, 3-6-108/1, Liberty Road, Himayatnagar, Hyderabad - 500 029, India Contact no : 040-40059090 E -mail : kpcahyderabad@kirtanepandit.com Follow Us On: kpca@kirtanepandit.com www.kirtanepandit.com 24 Authored by CA Samit Saraf Co-Authored by The Knowledge Management Team

Recommended

Preventing Financial Fraud UAE.pdf
Preventing Financial Fraud UAE.pdfPreventing Financial Fraud UAE.pdf
Preventing Financial Fraud UAE.pdfFiyona Nourin
 
Preventing financial fraud
Preventing financial fraudPreventing financial fraud
Preventing financial fraudRishalHalid1
 
History Of The Sarbanes-Oxley Act
History Of The Sarbanes-Oxley ActHistory Of The Sarbanes-Oxley Act
History Of The Sarbanes-Oxley ActAngela Weber
 
Financial EthicsLearning ObjectivesAfter completing th.docx
Financial EthicsLearning ObjectivesAfter completing th.docxFinancial EthicsLearning ObjectivesAfter completing th.docx
Financial EthicsLearning ObjectivesAfter completing th.docxvoversbyobersby
 
MAJOR CORPORATE SCAMS eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeePRESENTATION.pptx
MAJOR CORPORATE SCAMS eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeePRESENTATION.pptxMAJOR CORPORATE SCAMS eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeePRESENTATION.pptx
MAJOR CORPORATE SCAMS eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeePRESENTATION.pptxGanesh Panda
 
Financial Fraud Paper
Financial Fraud PaperFinancial Fraud Paper
Financial Fraud PaperMarketa Kreuzinger
 
136,156,173 csr
136,156,173 csr136,156,173 csr
136,156,173 csrHimanshu Choudary
 
Enron and satyam
Enron and satyamEnron and satyam
Enron and satyamMonishaR40
 

Recommended

Preventing Financial Fraud UAE.pdf
Preventing Financial Fraud UAE.pdfPreventing Financial Fraud UAE.pdf
Preventing Financial Fraud UAE.pdfFiyona Nourin
 
Preventing financial fraud
Preventing financial fraudPreventing financial fraud
Preventing financial fraudRishalHalid1
 
History Of The Sarbanes-Oxley Act
History Of The Sarbanes-Oxley ActHistory Of The Sarbanes-Oxley Act
History Of The Sarbanes-Oxley ActAngela Weber
 
Financial EthicsLearning ObjectivesAfter completing th.docx
Financial EthicsLearning ObjectivesAfter completing th.docxFinancial EthicsLearning ObjectivesAfter completing th.docx
Financial EthicsLearning ObjectivesAfter completing th.docxvoversbyobersby
 
MAJOR CORPORATE SCAMS eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeePRESENTATION.pptx
MAJOR CORPORATE SCAMS eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeePRESENTATION.pptxMAJOR CORPORATE SCAMS eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeePRESENTATION.pptx
MAJOR CORPORATE SCAMS eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeePRESENTATION.pptxGanesh Panda
 
Financial Fraud Paper
Financial Fraud PaperFinancial Fraud Paper
Financial Fraud PaperMarketa Kreuzinger
 
136,156,173 csr
136,156,173 csr136,156,173 csr
136,156,173 csrHimanshu Choudary
 
Enron and satyam
Enron and satyamEnron and satyam
Enron and satyamMonishaR40
 
Ba107 11
Ba107 11Ba107 11
Ba107 11jessann12345
 
Berkshire Hathaway
Berkshire HathawayBerkshire Hathaway
Berkshire HathawayAimee Brown
 
PAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docx
PAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docxPAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docx
PAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docxsmile790243
 
International accounting scandals
International accounting scandalsInternational accounting scandals
International accounting scandalsFelix Otoo
 
Lessons on fraud awareness-PART-II
Lessons on fraud awareness-PART-IILessons on fraud awareness-PART-II
Lessons on fraud awareness-PART-IICA.Kolluru Narayanarao
 
Lessons on fraud awareness part-ii
Lessons on fraud awareness part-iiLessons on fraud awareness part-ii
Lessons on fraud awareness part-iiKolluru N Rao
 
12345678
1234567812345678
12345678Angela Weber
 
After Sarbanes Oxley
After Sarbanes OxleyAfter Sarbanes Oxley
After Sarbanes OxleyDwayne Jorgensen
 
Accounting TheoryNight 5 – SatyamBriefly answer the question.docx
Accounting TheoryNight 5 – SatyamBriefly answer the question.docxAccounting TheoryNight 5 – SatyamBriefly answer the question.docx
Accounting TheoryNight 5 – SatyamBriefly answer the question.docxnettletondevon
 
b51b5a400087b29682f63a6a6319ef2f.pptx
b51b5a400087b29682f63a6a6319ef2f.pptxb51b5a400087b29682f63a6a6319ef2f.pptx
b51b5a400087b29682f63a6a6319ef2f.pptxsatyamsk
 
Fraudulent reporting in nigeria
Fraudulent reporting in nigeriaFraudulent reporting in nigeria
Fraudulent reporting in nigeriaAlexander Decker
 
Accounting frauds 1pdf
Accounting frauds 1pdfAccounting frauds 1pdf
Accounting frauds 1pdfSumaira Sultana Talpur (MBA Finance)
 
Enron Accounting Scandal
Enron Accounting ScandalEnron Accounting Scandal
Enron Accounting ScandalRikki Wright
 
Islamabad Escorts | Call 03274100048 | Escort Service in Islamabad
Islamabad Escorts | Call 03274100048 | Escort Service in IslamabadIslamabad Escorts | Call 03274100048 | Escort Service in Islamabad
Islamabad Escorts | Call 03274100048 | Escort Service in IslamabadAyesha Khan
 
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCRsoniya singh
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… AbridgedLean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… AbridgedKaiNexus
 
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfCatalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfOrient Homes
 
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...lizamodels9
 
KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)Data Analytics Company - 47Billion Inc.
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Timedelhimodelshub1
 
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts ServiceVip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Serviceankitnayak356677
 

More Related Content

Similar to Internal Controls – The changing Indian Landscape--By Samit Saraf

Berkshire Hathaway
Berkshire HathawayBerkshire Hathaway
Berkshire HathawayAimee Brown
 
PAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docx
PAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docxPAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docx
PAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docxsmile790243
 
International accounting scandals
International accounting scandalsInternational accounting scandals
International accounting scandalsFelix Otoo
 
Lessons on fraud awareness part-ii
Lessons on fraud awareness part-iiLessons on fraud awareness part-ii
Lessons on fraud awareness part-iiKolluru N Rao
 
Accounting TheoryNight 5 – SatyamBriefly answer the question.docx
Accounting TheoryNight 5 – SatyamBriefly answer the question.docxAccounting TheoryNight 5 – SatyamBriefly answer the question.docx
Accounting TheoryNight 5 – SatyamBriefly answer the question.docxnettletondevon
 
b51b5a400087b29682f63a6a6319ef2f.pptx
b51b5a400087b29682f63a6a6319ef2f.pptxb51b5a400087b29682f63a6a6319ef2f.pptx
b51b5a400087b29682f63a6a6319ef2f.pptxsatyamsk
 
Fraudulent reporting in nigeria
Fraudulent reporting in nigeriaFraudulent reporting in nigeria
Fraudulent reporting in nigeriaAlexander Decker
 
Enron Accounting Scandal
Enron Accounting ScandalEnron Accounting Scandal
Enron Accounting ScandalRikki Wright
 

Similar to Internal Controls – The changing Indian Landscape--By Samit Saraf (13)

Ba107 11
Ba107 11Ba107 11
Ba107 11
 
Berkshire Hathaway
Berkshire HathawayBerkshire Hathaway
Berkshire Hathaway
 
PAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docx
PAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docxPAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docx
PAGE 280APPLYING THE CONCEPTTRUTH OR CONSEQUENCES PONZI SCHEM.docx
 
International accounting scandals
International accounting scandalsInternational accounting scandals
International accounting scandals
 
Lessons on fraud awareness-PART-II
Lessons on fraud awareness-PART-IILessons on fraud awareness-PART-II
Lessons on fraud awareness-PART-II
 
Lessons on fraud awareness part-ii
Lessons on fraud awareness part-iiLessons on fraud awareness part-ii
Lessons on fraud awareness part-ii
 
12345678
1234567812345678
12345678
 
After Sarbanes Oxley
After Sarbanes OxleyAfter Sarbanes Oxley
After Sarbanes Oxley
 
Accounting TheoryNight 5 – SatyamBriefly answer the question.docx
Accounting TheoryNight 5 – SatyamBriefly answer the question.docxAccounting TheoryNight 5 – SatyamBriefly answer the question.docx
Accounting TheoryNight 5 – SatyamBriefly answer the question.docx
 
b51b5a400087b29682f63a6a6319ef2f.pptx
b51b5a400087b29682f63a6a6319ef2f.pptxb51b5a400087b29682f63a6a6319ef2f.pptx
b51b5a400087b29682f63a6a6319ef2f.pptx
 
Fraudulent reporting in nigeria
Fraudulent reporting in nigeriaFraudulent reporting in nigeria
Fraudulent reporting in nigeria
 
Accounting frauds 1pdf
Accounting frauds 1pdfAccounting frauds 1pdf
Accounting frauds 1pdf
 
Enron Accounting Scandal
Enron Accounting ScandalEnron Accounting Scandal
Enron Accounting Scandal
 

Recently uploaded

Islamabad Escorts | Call 03274100048 | Escort Service in Islamabad
Islamabad Escorts | Call 03274100048 | Escort Service in IslamabadIslamabad Escorts | Call 03274100048 | Escort Service in Islamabad
Islamabad Escorts | Call 03274100048 | Escort Service in IslamabadAyesha Khan
 
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCRsoniya singh
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… AbridgedLean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… AbridgedKaiNexus
 
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfCatalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfOrient Homes
 
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...lizamodels9
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Timedelhimodelshub1
 
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts ServiceVip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Serviceankitnayak356677
 
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service JamshedpurVIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service JamshedpurSuhani Kapoor
 
Pitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deckPitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deckHajeJanKamps
 
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDFCATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDFOrient Homes
 
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In.../:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...lizamodels9
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024christinemoorman
 
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
rishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfrishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfmuskan1121w
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...lizamodels9
 
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / NcrCall Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncrdollysharma2066
 

Recently uploaded (20)

Islamabad Escorts | Call 03274100048 | Escort Service in Islamabad
Islamabad Escorts | Call 03274100048 | Escort Service in IslamabadIslamabad Escorts | Call 03274100048 | Escort Service in Islamabad
Islamabad Escorts | Call 03274100048 | Escort Service in Islamabad
 
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
 
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… AbridgedLean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
 
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfCatalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
 
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
 
KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Time
 
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts ServiceVip Female Escorts Noida 9711199171 Greater Noida Escorts Service
Vip Female Escorts Noida 9711199171 Greater Noida Escorts Service
 
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service JamshedpurVIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
 
Pitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deckPitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deck
 
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDFCATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
 
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In.../:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
/:Call Girls In Indirapuram Ghaziabad ➥9990211544 Independent Best Escorts In...
 
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCREnjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
 
The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024The CMO Survey - Highlights and Insights Report - Spring 2024
The CMO Survey - Highlights and Insights Report - Spring 2024
 
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
rishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfrishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdf
 
Best Practices for Implementing an External Recruiting Partnership
Best Practices for Implementing an External Recruiting PartnershipBest Practices for Implementing an External Recruiting Partnership
Best Practices for Implementing an External Recruiting Partnership
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
 
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / NcrCall Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
 

Internal Controls – The changing Indian Landscape--By Samit Saraf

  • 1. This paper sheds light on recent modifications to internal control regulations in India and around the world in response to the numerous scams that have been exposed over the last few decades. The Changing Indian Landscape
  • 2. Contents 01 02 03 04 05 06 07 08 Changing Face of Scams Introduction Financial Shenanigans Impact of Frauds on Corporations Global Regulatory Changes Adopting the new normal in regulatory changes – An Indian Perspective Internal Controls Conclusion
  • 3. Introduction Internal Controls implemented by an organisation primarily comprises of various policies & procedures implemented internally to ensure efficient conduct of business, prevention or detection of frauds as well as timely adherence to various legal compliances. Though the need of setting up the right policies and procedures always existed, the importance of implementing the internal controls by the companies in its true spirit has never been greater than in the current era of diversified businesses and innovative financial practices. As one of the India’s richest business conglomerates made headlines for all the wrong reasons earlier this year, due to a report by a US bases short selling firm’s report about the possibility of misappropriation in the books, it led to a sudden significant fall in market value of its listed shares. It has since been reported in media reports that many of the alleged issues were given a clearance during SEBI’s independent investigation in this matter. That being said, potentially the colossal impact of frauds / scams or even the possibility of such events on the stability of an organisation and the following disruptions affecting conduct of business make the implementation of internal controls extremely relevant as we see these instances arise across multiple timelines in history. 01
  • 4. If we were to review some of the largest reported frauds of the financial world over the years- Enron, came to light in October 2001, 15 months after the dotcom bust and a month after 9/11 had pushed the US stock market further into the mire; WorldCom filed for bankruptcy in July 2002 after having allegedly cooked its books frantically in the wake of the dotcom bust; and Bernie Madoff confessed to his sons in December 2008 – three months after Lehman Brothers went under – that his wealth management scheme was a massive Ponzi scheme. Perhaps, the Sarbanes Oxley Act, legislated in July 2002, was an outcome of these breaches in trust post the Enron and WorldCom collapse. Similar incidences can be found on Indian soil as well with manipulation of accounts to the tune of approx. Rs. 7,000 crores in one of the most prominent IT companies in January 2009. This was just four months after the Lehman Brothers bust triggered a liquidity freeze in India. Analysts dubbed the scam as India’s own Enron. Although this happened back in 2009, the Companies Act, 1956, the then applicable law regulating the Indian companies, did not have any separate definition of ‘fraud’. Now under the new Act, there is a very clear definition of the term ‘fraud’. The Companies Act 2013 is a significant development in the evolution of India’s regulatory environment. This law is the first in the country to focus comprehensively on fraud risk management and prescribes stringent punishment upon the violation of its provisions. 02
  • 5. The Management’s desire to put up a positive front to the financial results more than the reality has been around as long as corporations and investors themselves. Companies with dishonest management have at times used these tricks to prey on unsuspecting investors, and it is unlikely that they will ever cease to do so. As King Solomon observed in the book of Ecclesiastes, “What has been will be again, what has been done will be done again. There is nothing new under the sun” And while investors have become aware of these gimmicks over the years, dishonest companies continue to find new tricks (and recycle old favourites) to deceive investors. Corporate fraud occurs when employees defraud the company and its investors for personal gain. This scam includes embezzlement, accounting fraud, insider trading, and bribery. Business fraud has long-term consequences. Fraud costs the company money, damages its brand, and causes legal and regulatory issues. A fraud damages everyone - employees, customers, shareholders, and the economy at large. Corporate fraud lowers investor trust and impacts economic stability. Due to potentially catastrophic repercussions, firms must take corporate frauds seriously and take as much measures as possible to prevent them. This would involve investing in fraud prevention and detection systems, effective governance and compliance frameworks, and an organization-wide culture of honesty and accountability. Finding and investigating corporate frauds needs specialized expertise and resources. On the other hand, the existence of strong internal controls, risk management, and a culture of ethics and openness usually help in preventing the frauds. This report throws light on recent changes in the regulations relating to internal controls across the world and in India in light of various scams seen by the world over past few decades. A never-ending urge of companies to exaggerate the positives and suppress the negatives, makes a very strong case for giving utmost importance to the regulations protecting the retail investors & other stakeholders. 03
  • 6. Maleficent top management, even if they do not happen to be promoters, can extract value out of a company and suck shareholders dry. Such narrative resonates through the story of one of the biggest American energy companies of its time based in Houston, Texas which later became synonymous with the term “massive accounting fraud”. Enron ranked number seven in Fortune magazine’s list of the 500 largest companies in 2000 (ranked by total revenue), surpassing then corporate giants such as AT&T and IBM. In just five years, Enron’s revenue miraculously increased by an astounding factor of 10 (rising from $9.2 billion in 1995 to $100.8 billion in 2000). It was later discovered that a staff of executives were able to hide billions of dollars of debt of the Company with the use of accounting loopholes, the misuse of mark-to-market accounting, special purpose entities, and poor financial reporting. This also involved misleading Enron's board of directors and audit committee on high-risk accounting practices and pressuring the auditors to ignore the issues. The price of a share decreased from over $90 to around $1 within a year & half. About 67 executives were charged and subsequently imprisoned as a result of their activities. Many people have described the utility company’s ruse as a cleverly designed fraud involving the use of thousands of off-balance-sheet partnerships to hide massive losses and unimaginable debts from investors. While the outline is essentially correct, the detection of red flags required no special accounting skills or even advanced training in reading financial statements. Perhaps, it simply required the curiosity to notice and question such a vast jump in Enron’s sales revenue in a short span of time without any large acquisitions along the way. Financial Shenanigans The 2000’s 04
  • 7. The WorldCom scandal was another major accounting scandal that came into light in the summer of 2002 at WorldCom, the USA's second-largest long-distance telephone company at the time. From 1999 to 2002, senior executives at WorldCom orchestrated a scheme to inflate earnings in order to maintain WorldCom's stock price by releasing reserves into income created by creative accounting on acquisitions. When financially struggled, they inflated cash flow, capitalizing what should be expensed. Despite being a fraud much simpler than Enron, it was much bigger in quantum. Amongst the similar scandals in Europe, the cases of reporting of non-existent assets, non-reporting of existing liabilities, cash-flow misrepresentations, off-balance sheet assets and other creative accounting to inflate revenues remained at the forefront. As per reports, the Management at India’s information technology giant Satyam decided to acquire 100% in Maytas and 50% in Maytas Properties for $1.6 billion in 2008 which was controlled by son of Satyam’s then CEO. (The word Maytas is Satyam spelled backward!!). The board of directors hadn’t raised any objection despite the related-party nature of the acquisition and more importantly despite the questionable element of such a large investment of $1.6 billion was being made in a real estate venture at a time when the Company’s core business was already under pressure. While the board agreed to the acquisition in principle, it was aborted the next day after an investor uproar. It was later known that the deal was the last attempt to replace Satyam’s fictitious assets with real ones. The CEO resigned after confessing to inflating the company’s financial position – the company’s cash and bank accounts on the balance sheet were overstated to the tune of INR 5040 crores. Satyam’s obligations were similarly understated on its balance sheet. The scandal brought to light the importance of corporate governance in designing audit committee standards and board member responsibilities. A sign of a healthy and effective board is when a dissenting view overturns a management-driven consensus. That clearly did not happen at Satyam. Fallout continues post 2008-Related party transactions 05
  • 8. Conflict of Interest Some examples of ‘conflict of interest’ are when the Board members vote for decisions that directly benefit their other businesses. Promoters often make huge chunks of money by cleverly using related party transactions. This is also called self-dealing when a manager accepts a transaction from another firm that enriches the manager but hurts the company or its clients in the process. A similar reported incident took place in one of the largest banks in India - ICICI Bank, where term loans worth ₹1,875 crores were granted to Videocon Group companies between 2009 and 2011, soon after the new managing director and chief executive officer took over the charge. It was alleged that a part of these loans was then invested into companies managed by the spouse of the new MD & CEO. Prima facie there were many red flags in these transactions, including - • How the internal control or standard operating procedures allowed the involvement of the CEO dealing with an individual loan? • Why the related party disclosures were not flagged off during the process of audit, or were they completely missing? • How the eminent independent directors of the Bank didn’t find these transactions suspicious? Ultimately, as discussed above, such frauds / deceitful transactions led to dampening the reputation of both the leading bank of the country as well as the newly appointed MD / CEO. Perhaps better & smarter internal controls & corporate governance practices in place could have alleviated the suffering of the shareholders & other stakeholders related to the bank and economy at large. 06
  • 9. Financial Impact As evident from the past, in a few months following the announcement of various allegations of fraud and embezzlement, the companies have either declared bankruptcy leading to winding up or have undergone a judicial restructuring where the stakeholders have lost significant amount of wealth. Direct financial loss to all the stakeholders is one of the major risks for any company that falls victim to or commits fraudulent activities. Impact on Employees Employees are among the first victims of the effects of fraud, whether directly involved in such fraud or not. According to numerous studies conducted among companies, employee morale is at its lowest when the company they work for is involved in a fraud case or is under the suspicion of fraud. A drop in productivity and departures can then increase, contributing to the weakening of the core strength of the company. Business Relationships In business, the stakeholders are increasingly committed on dealing with companies that uphold values of integrity, transparency, and honesty. The emergence of a fraud case within a company or even in the group / company with close relations, calls these standards into question and scares away the business partners or potential investors. This results in a loss of business opportunities and competitiveness. Relations with regulatory authorities also deteriorate, thereafter, resulting in “red flagged” treatment from the authorities. Impact of Frauds on Corporations Financial Impact Impact on Employees Business Relationships Reputational Damage 07
  • 10. 08 Reputational Damage According to a World Economic Forum survey of CEOs and leaders of organizations around the world, corporate reputation is a more important measure of success than stock performance, return on investment, and even profitability of the company for measuring sustained success. A strong reputation inspires confidence in investors, potential recruits, customers, and regulators and boosts overall business sentiment. Legal proceedings following the cases of fraud resulting from the uncovering of unreliable internal control systems, among others, can cause irreparable damage to a company’s image and brand. Reputational damage may threaten the very existence of companies.
  • 11. Global Regulatory Changes In the aftermath of large corporate scandals over the years, the quality of financial statements and the role of auditors and accountants were broadly questioned and remained a bone of contention in corporate governance issues for the past few years now. Sarbanes-Oxley (“SOX”) Act of 2002 was introduced as a response to these scandals to restore investor confidence by ensuring compliance, perhaps also to stabilise the investor sentiments in financial markets. The SOX Act created the Public Company Accounting Oversight Board (PCAOB) with the mission to oversee the audits of public companies and related matters, even in certain foreign companies as they were listed on the U.S. stock exchange market. After the scandals in the 2000’s, an increased number of countries started adopting the International Financial Reporting Standards (IFRS) set by the International Accounting Standard Board (IASB). Despite an initial resistance, European Commission (EC) rules incorporated a part of the Sarbanes-Oxley Act to remodel Corporate Governance standards within European Union. Further improvements led up to a large–but not smooth movement, to broaden the adoption of international standards on accounting (IFRS, IPSAS) and on auditing (ISA). India has also adopted a carved out version of the IFRS known as IND-AS, in recent times. Following the outbreak of 2008 financial crisis, the Dodd-Frank Act of 2010 was drafted to increase prudency in financial markets, but it also had passages that increased incentives for whistleblowing. Primarily it intended to curb the extremely risky lending practices of financial institutes, which caused a housing sector bubble that ultimately burst and drove the global crisis. 09
  • 12. Adopting the new normal in regulatory changes – An Indian Perspective Corporate scandals and frauds in India are as old as the history would take back. The 1950s witnessed the infamous LIC Mundhra scam, which was the first major financial fraud of the independent India and has played a role in bringing about financial reforms in India. It highlighted the need for better regulatory mechanisms and oversight in the stock market. The incident contributed to the establishment of the Securities and Exchange Board of India (SEBI) in 1988, which was tasked with regulating the securities market and protecting investors' interests. Frauds continued with an alarming regularity thereafter in every decade – the infamous Harshad Mehta, Ketan Parekh, Sahara, and Satyam scams are just a few of them. These frauds were investigated by the law enforcement agencies under the relevant provisions of the Indian Penal Code, 1860 (IPC). The Companies Act, 1956 did not have any separate definition of ‘fraud’. Now under the new Act, there is a very clear definition of the term ‘fraud’. 10
  • 13. Major corporate scandals of 2007-08 led the Parliamentary Standing Committee to recommend two new legislative changes: • Separate definition of fraud under Section 447 of the Companies Act, 2013 (the Act). • Creation of the Serious Fraud Investigation Office (SFIO) under Section 212 of the Act to investigate those frauds. The Companies Act 2013 is a significant development in the evolution of India’s regulatory environment. This law is the first in the country to focus comprehensively on fraud risk management and prescribes stringent punishment upon the violation of its provisions. The Act includes specific provisions to address the risk of fraud, alongside prescribing greater responsibility and increased accountability for independent directors and auditors. It goes beyond professional liability for fraud and extends to personal liability, prescribing penalties for directors, key management personnel, auditors, and employees. As the punishment for fraud is both imprisonment and fine, it will be a non-compoundable offense, which makes the commission of fraud a more serious affair. 11
  • 14. Several recent corporate frauds seem to have alarmed the lawmakers and the regulators. • Tightening of Sections 447 and 212 of the Act, coupled with the inclusion of fraud as an offense under the PMLA, has alarmed the Audit Committees and the Corporate Boards. • Stringent conditions for the grant of bail, provisions for disgorgement of assets, claw-back of remuneration and unlimited personal liability of directors have further damaged the frayed nerves of independent directors. • Regulators and the law enforcement agencies are increasingly becoming prosecution focused. • SEBI’s new requirement of reporting to stock exchange, even the commencement of forensic audit, may create further complications every time a whistle blower complaint is received by the Audit Committee. • Independent directors now prefer to undertake comprehensive due diligence of compliance and the governance standards of a company before accepting new board positions. India Inc. is slowly adapting itself to the new normal. 12
  • 15. Changing Face of Scams The world is experiencing a rise in new frauds which the business community may be largely unaware of. Some of the key frauds uncovered (or yet to be uncovered!) in very recent times in the world are mentioned below- In the current era of globalization & digitization, starting from the manufacturing activity to the distribution to ultimate customer, ERPs are responsible for recording of various activities, including inventory management. Astonishing rise of E-Commerce in recent years brings in risks of following - • Counterfeiting • Fraudulent transactions through stolen data • Lack of adequate security at payment gateways • Leakage and data loss of confidential company information • Redirection of payments to fraudulent accounts for purchase of goods • Incorrect inventory entries • Third-party due diligence for its ecosystem The Government is working closely with e-commerce players and manufacturers to develop legislation that addresses the concerns of doing business online, and even companies should aim to fortify themselves with adequate safeguards to mitigate the risk of fraud and reputation loss. E-commerce Risks 13
  • 16. With an increasing number of users demanding simultaneous access to data and applications over multiple devices such as desktop PCs, notebook computers, smartphones and now smart watches, cloud computing is gaining appeal for both enterprise and personal use. The current state of technology makes it possible to edit and share various documents and data of varied nature across multiple devices and locations. Some subscriptions also allow users to collaborate and interact in real-time. With the increasing number of cloud-based service providers, importance of risk management relating to systems and intellectual property has also grown over the time. Some of the key risks may include data loss from unauthorized use of low-quality systems, hacking, theft of intellectual property, and theft of confidential customer data. Financial & other losses from cloud computing frauds are difficult to estimate, though the damage could be massive depending on the sensitivity of the data lost. It is therefore important that companies remain aware of such risks and accordingly be proactive in taking appropriate precautions while using cloud computing as part of their business operations. Cloud Computing Frauds 14
  • 17. Platforms have been an integral part of our lives for years. Social media platforms connect us every day, E-commerce platforms provide access of goods and services to potential buys and enterprise platforms help companies interact with customers, process transactions, and move funds. In the banking industry, for example, organisations have built sophisticated systems over the past two decades to protect assets and customers. But today, as a portion of transaction processing moves away from legacy banks to platforms, the obligation for security is also transferred – except many platforms may not be as well equipped as banks, which results in increased risks of identifying, preventing, and mitigating frauds. Another common limitation is fading of transparency. In far too many instances, platforms do not provide their customers adequate visibility into how they manage consumer data – exposing all involved players to potential fraud. Fraudulent transfers to or from a platform are the most common type of platform frauds, comprising more than three-quarters of all such incidents. Fraudsters’ tactics range from basic unauthorised digital purchases – stealing a credit card number to buy goods and services – to more complex schemes such as identity theft and “triangulation” fraud. These often include intricate plots such as drop-shipping fraudulently purchased items to “legitimate” customers. Other scams involve creating fake buyers and customers (using stolen identities to obtain goods and services on credit or to prepare for future schemes) and fake sellers and merchants (an exhaust channel for stolen cards). Platform Frauds 15
  • 18. Social networking is an asset helping companies by providing strategic inputs, estimating competitive advantage and brand leverage, and serving as a structured medium to buy and sell goods and receive feedback from users. The most significant fraud related risk concerning corporations is that of data disclosures. These include sharing of confidential information such as client names, financial details, reputation related matters, private employee related matters or forward-looking information such as business plans. The risk of data disclosure can be attributed to the lack of a formal training/ sensitization program for employees. Employees not educated in social-media matters pose the greatest risk when it comes to social business. The use of social networks has, in an unprecedented way, blurred the line between work and personal use of technology by employees. As a result, the ways in which social platforms are used by employees give rise to a host of challenges for employers, including how best to protect confidential information. Social Media Fraud 16
  • 19. Internal Controls The opportunity to commit fraud arises when controls are absent or even failing. Thus, fraud will be easier to carry out since the purported fraudster will be able to operate without adequate supervisory control within the company. Major corporate global scandals Satyam and Enron, lead to decline in public trust in accounting and reporting. Modification of the Indian regulations in coherence with the western world has led to introduction of Internal Financial Controls (IFC) in the Companies Act 2013. The Act includes specific provisions to address the risk of fraud, alongside prescribing greater responsibility and increased accountability for independent directors and auditors. It goes beyond professional liability for fraud and extends to personal liability, prescribing penalties for directors, key management personnel, auditors, and employees. IFC is applicable to only listed companies and Internal financial controls with respect to financial statements (ICFR) is applicable to all companies other than those exempted by MCA. Internal financial controls are defined in the explanation to Section 134(5)(e) of the companies Act 2013 as the policies and procedures adopted by the company for ensuring • The orderly and efficient conduct of its business, including adherence to company policies safeguarding of its assets. • Prevention & deduction of frauds and errors • Accuracy & completeness of accounting records • Timely preparation of reliable financial information. IFC Vs ICFR 17
  • 20. On reading of the above definition, the intent of the legislation is to have control framework beyond financial reporting controls. Auditors cannot be expected to comment on the operational conduct of the business, hence Internal financial controls by the auditors are on the Financial reporting aspect only which has led to the birth of the terminology ‘Internal Controls over Financial Reporting’ (ICFR). “Internal financial controls over financial reporting” shall mean A process designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A company's internal financial control over financial reporting includes those policies and procedures that • Pertain to the maintenance of records that, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the company; • Provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the company are being made only in accordance with authorisations of management and directors of the company; and • Provide reasonable assurance regarding the prevention or timely detection of unauthorised acquisition, use, or disposition of the company's assets that could have a material effect on the financial statements. Hence to put it in simply IFC as a concept is much wider in scope when compared to ICFR IFC ICFR Operational Controls Anti- Fraud Controls + + = 18
  • 21. Who all are responsible? Sec 143 Sec 177 Schedule IV Rule 8 of Companies Act Sec 134 ICFR ICFR ICFR ICFR IFC Auditors report Audit Committee Independent Directors Board of Directors Report Directors Responsbility Statement In case of listed company, the Directors’ Responbility states that directors have laid down IFC and such are adequate and working operating effectively All Entities having an audit committee, should evaluate whether the company has adequate IFC systems in place and operating effectiveness of such controls. All Entities having an audit committee, should evaluate IFC and risk management systems. Call on the auditors to comment on IFC. All Entities (Listed/Unlisted), should satisfy themselves on the integrity of financial information and ensure financial controls and systems of risk management are robust and defensible. All Entities (Listed/Unlisted).The details in respect of adequacy of internal financial controls with reference to financial statements 19
  • 22. Framework Management and Auditors need some set of benchmarks to assess the adequacy and effectiveness of IFC. Without these benchmarks assessment will be subjective without any guiding posts. The bench marks are called as framework. The COSO Framework is a system used to establish internal controls to be integrated into business processes. Collectively, these controls provide reasonable assurance that the organization is operating ethically, transparently and in accordance with established industry standards. 20
  • 23. Here are the five components of the COSO framework: • Control Environment The control environment seeks to make sure that all business processes are based on the use of industry-standard practices. This can help ensure that the business is run in a responsible way. It may also reduce an organization's legal exposure if the organization is able to prove that its business processes are all based around industry standard practices. Additionally, the control environment can help with making sure that an organization is adhering to regulatory compliance requirements. • Risk Assessment and Management Risk assessment and management -- which is sometimes referred to as enterprise risk management -- is based on the idea that risk is an inherent part of doing business. However, those same risks can sometimes cause a business to suffer adverse consequences. As such, organizations commonly adopt risk management plans that help them to identify risks and either reduce or eliminate risks deemed to pose a threat to the organization's well-being. • Control Activities Control activities are also tied to the concept of risk management. They are essentially internal controls that are put into place to make sure that business processes are performed in a way that helps an organization to meet its business objectives without introducing unnecessary risks into the process. 21
  • 24. • Information and Communications Communications rules are put in place to make sure that both internal and external communications adhere to legal requirements, ethical values and standard industry practices. For example, private sector organizations commonly adopt privacy policies establishing how customer data can be used. • Monitoring Steps in IFC/ICFR implementation At a minimum, monitoring is performed by an internal auditor who makes sure that employees are adhering to established internal controls. However, in the case of public companies, it is relatively common for an external auditor to evaluate the organization's regulatory compliance. In either case, the audit results are usually reported to the Board of Directors. 22 Start End Identify significant account balances/ disclosure Items Assess the design of controls Plan nature, timing and extent of testing operative effectiveness Assess impact on Audit opinion Form audit opinion on financial statements Perform operative effectiveness testing Assess findings and conclude on operative effectiveness Form opinion on IFC Assess the Implementation of controls Appopriate design & Implementation of controls? Assess audit impact and plan other suitable procedures Plan operative effectiveness testing Identify & understand significant flows of transactions Identify risk of material misstatements Identify controls which address risk of materials misstatements Identify application associated IT environment ITGC Assess and Manage Risk Manage Audit Engagement Prepare and Control Audit Documentation Continuous Focus on Audit Quality 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
  • 25. Conclusion In conclusion, the effective implementation of internal controls within an organization is paramount for its sustained success and integrity. Through this exploration of internal controls, it becomes evident that these systems play a crucial role in mitigating risks, ensuring financial accuracy, and promoting ethical behaviour. Internal controls provide a structured framework that not only safeguards the organization's assets but also enhances operational efficiency. By establishing checks and balances, organizations can detect and prevent errors, fraud, and other irregularities before they escalate. This not only protects the organization's financial well-being but also fosters a culture of accountability and transparency. Moreover, in an ever-evolving business landscape, where regulatory requirements are becoming more stringent, a robust internal control system not only helps organizations comply with legal mandates but also instills confidence among stakeholders. Investors, customers, and employees are more likely to trust and engage with an organization that demonstrates a commitment to sound financial management and ethical practices. It is crucial for organizations to view internal controls not merely as a compliance necessity but as a strategic tool for long-term sustainability. Continuous monitoring, periodic assessments, and adaptability to changing circumstances are key elements of an effective internal control environment. Organizations that prioritize the development and maintenance of strong internal controls are better positioned to navigate uncertainties, seize opportunities, and build a resilient foundation for future growth. In essence, internal controls serve as the backbone of a well-governed organization, contributing to its overall stability and success. As businesses face increasingly complex challenges, the importance of robust internal controls cannot be overstated. Embracing a proactive and holistic approach to internal controls is an investment in the organization's longevity, reputation, and stakeholder trust. 23
  • 26. References https://omh.ny.gov/omhweb/resources/internal_control_top_ten.html#:~:text=Protect% 20cash%20and%20check%20collections.&text=Issue%20receipts%20for%20cash%2C%2 0using,Centralize%20cash%20receipts%20whenever%20possible. https://omh.ny.gov/omhweb/resources/internal_control_top_ten.html#:~:text=Protect% 20cash%20and%20check%20collections.&text=Issue%20receipts%20for%20cash%2C%2 0using,Centralize%20cash%20receipts%20whenever%20possible. http://www.lawstreetindia.com/experts/column?sid=488 https://www.intechop0065n.com/chapters/55244 https://blog.ipleaders.in/case-study-satyam-fraud-case/ https://corporate.cyrilamarchandblogs.com/2020/10/corporate-frauds-emerging-legal-a rchitecture-judicial-trends/ https://taxguru.in/corporate-law/corporate-frauds-emergence-issues-analysis-indian-pe rspective.html https://blog.ipleaders.in/top-10-biggest-scams-in-india/#:~:text=14000%20crore%20sca m%20under%20the,the%20Bombay%20stock%20exchange%20company https://www.insightsforprofessionals.com/management/compliance/how-fraud-allegati ons-affect-business https://www.icsi.edu/media/webmodules/companiesact2013/Annexure-B.pdf https://taxguru.in/company-law/internal-financial-controls-introduction.html https://kb.icai.org/pdfs/PDFFile5b276a4c148d73.52290639.pdf https://info.knowledgeleader.com/bid/161685/what-are-the-five-components-of-the-cos o-framework https://www.wirc-icai.org/images/material/WIRC-IFC.pdf
  • 27. Pune 5th Floor, Wing A, Gopal House, S.No. 127/1B/11, Plot A1, Kothrud, Pune – 411 038, India Contact no : 020 67295100 / 25433104 E -mail : kpca@kirtanepandit.com New Delhi 272, Rajdhani Enclave, Pitampura, Delhi-110034, India Contact no : +91-9911814171 E -mail : kpcadelhi@kirtanepandit.com Nashik Flat No. A- 102, Malpani Saffron, Pathardi Phata, Nashik -422010, India Contact no : +91 253 2386644 E - mail : kpcanashik@kirtanepandit.com Chennai No. 11, 2nd Floor Rosy Tower, 7 Nungambakkam, High Road, Chennai - 600 034, India Contact no : +91 99164 66614 E -mail : kpcachennai@kirtanepandit.com Mumbai 601, 6th Floor, Earth Vintage, Senapati Bapat Marg, Dadar West, Mumbai- 400 028, India Contact no : 022 69328846 / 47 / 48 E -mail : kpcamumbai@kirtanepandit.com Bengaluru No. 63/1, 1st Floor, Makam Plaza, III Main Road, 18th Cross, Malleshwaram, Bengaluru – 560055, India Contact no : 080 23443548 E -mail : kpcabengaluru@kirtanepandit.com Hyderabad 401 to 405, 4th Floor, Sanatana Eternal, 3-6-108/1, Liberty Road, Himayatnagar, Hyderabad - 500 029, India Contact no : 040-40059090 E -mail : kpcahyderabad@kirtanepandit.com Follow Us On: kpca@kirtanepandit.com www.kirtanepandit.com 24 Authored by CA Samit Saraf Co-Authored by The Knowledge Management Team