Getting a Better Handle on Compliance and Controls
By Isaac Tucker
Accounting organizations are at the center of a broad array of change: global tax regulation, domestic tax
changes, and major revisions to audit reporting. Many also are affected by far-reaching rules that now dictate
how they must treat, recognize, and report revenue, all while having to contend with rapidly shifting business
and operating models.
Given the complex regulatory and operating landscape that most organizations must now navigate, it comes as no surprise
that effectively managing internal controls to support financial reporting is top of mind. Accounting and finance organizations
—including financial professionals like you who keep them humming—are challenged to operate efficiently and still drive
strong comprehensive controls.
As most of you already know, globalization, intercompany trade, and mergers and acquisitions have increased the volume of
transactions that impact every part of the business, including the close. They’ve also created more risk in downstream
financial and regulatory reporting. The regulatory environment itself has also grown, both in scope and in depth, increasing
exposure while placing pressure on precious accounting resources to cover even more bases.
For example, accounting, tax, and treasury teams face increasing intercompany reporting challenges from base erosion and
profit shifting (BEPS) tax rules, which aim to level the playing field for companies that don’t have a substantial presence
globally. These same teams face a widening set of regulatory requirements from new Internal Revenue Service (IRS) tax
rules to new Financial Accounting Standards Board (FASB) revenue recognition standards.
All these factors are competing for often already strained resources that are also required for financial controls, such as
continued compliance with the Sarbanes-Oxley Act of 2002 (SOX).
It’s no wonder that, more than 15 years since the introduction of SOX, improving efficiency is still a top priority for financial
executives. In a survey conducted by the SOX & Internal Controls Professionals Group, which has more than 3,000 members,
study respondents identified improving the efficiency of the SOX function as a top objective, followed by ensuring compliance
with SOX and other regulations and strengthening organizational relationships across SOX owners.
WEAKNESSES ELEVATE FRAUD RISK
Improving efficiency, while at the same time combating fraud, has kept many in the C-suite up at night. Specifically, weak
controls can leave an opening for fraud risk.
A 2017 study by the American Accounting Association found that companies with material weaknesses in their entity-level
controls were 90% more likely to have future fraud disclosures compared to companies with strong controls. In fact, when
evaluating 127 unique fraud cases, researchers found a strong association between entity-level controls and a subsequent
revelation of fraud.
This is forcing accounting and internal audit teams to spend more time reevaluating risks and their mitigating controls to
make sure both are properly designed and effective. They have to walk a line between strong control coverage and an overly
The study concluded that “the issuance by an auditor of an adverse internal control opinion is a ‘red flag,’ indicating a higher
probability that managers are committing (unrevealed) fraud.”
This is an abstract. For the full article, please click here.