2Contents Accounting function Accounting database Recording transactionsOrganization of data within the general ledgerControl and auditInternal controlInternal auditExternal auditCorporate governanceAccounting profession
3Accounting function Financial accounting system: objectives and scope Uniform accounting proceduresFunctional transaction processing systems
4Financial accounting system Objectives:Track all economic transactions of the enterpriseRecord and process them logically in a databaseProvide reporting tools and formats to communicate information useful to decision makersScopeHighly dependent on the size of the company
5Financial accounting system BusinesstransactionsDecisionmakersInformationDataFinancial accounting systemTracking andrecordingof dataProcessingof dataReportingIt is also useful to present ‘Accounting’ as an information system which measures, processes and communicates financial info about a company.Accounting measures activities by recording data on these activities for future use.The data are stored until they are retrieved and used so that they get transformed into useful information.This information will be communicated to decision makers via different kinds of reports.Note: Bookkeeping is normally used for the recording of transactions phase.So, essentially, Accounting is the liaison between corporate activities and decision makers.We could say that the input of the info system are data and the output information useful in making decisions.
6Uniform accounting procedures Uniform accounting systems are central to the coordination and management of an international groupInternal accounting manuals to standardize procedures and interpretation of dataUniform accounting rules (like IFRS) versus national accounting rules
8Functional transaction processing systems Functional systems capture different types of transactions according to their main features, likeSalesPurchasesPayrollTreasuryInvestment in long-term capacityTransaction processing implies interactions between the accounting function and operating departments
9Accounting database General Ledger = central accounting database Primary source of information for internal (management) and external reporting purposes
10Figure 2.2 The financial accounting database Register of amounts owed to suppliersSalaries and social chargesGoods received from suppliersOther business expensesReports to manage-ment and outsidersGeneral LedgerBank account cash in and outFinance from shareholders and banksRegister of debts owed by clientsPurchase of long-term assetsSale of goods to clients
11Recording transactions Information flows into the general ledger through several layers of processingIndividual (daily) transactions are summarized by period and by typeThrough summarization aggregates are buit up for the year’s activities
12Fig. 2.3 Building aggregates (invoices, payments, receipts, expense notes, etc.)Daily transactionsSummariesprepared by week (or month) and by type of transactionGeneral Ledgertotal entered into
13Recording transactions (cont.) ‘Journals’Capture details of individual transactionsUsed to build up periodic summaries and feed aggregated data into the general ledgerMay be organized according to functional transaction processing systems‘General ledger’Collection of summarized, aggregated transaction dataSource for the preparation of periodic income statements and balance sheets
14Recording transactions (cont.) ‘Audit trail’Traces the content of aggregates back to transaction details‘Chart of accounts’Used to categorize and record transactions within the accounting database according to the double-entry accounting logicState-mandated or voluntary‘XBRL’ (eXtensible Business Reporting Language)Automated, flexible reporting toolsUsing specific tags of individual data items, defined and linked through flexible taxonomies
15Organization of data within the general ledger (G/L) In the G/L, data are stored according to the ‘double-entry’ systemThe G/L is organized into a series of ‘accounts’ (cfr. ‘chart of accounts’): data files to record transactions of a particular typeSpecifics of an account:Two columns for figures: debits and creditsNarrative commentaryCross-referencing details
16Control and audit Internal control Internal audit External audit Corporate governance
17Internal control Defining internal control Components of a system of internal controlControl activitiesPreventive controlsDetective controlsCorrective controls
18Defining internal control Definition of COSO (Committee of Sponsoring Organizations)Internal control is a process, established, operated and monitored by those charged with governance and management of a company, to provide reasonable assurance regarding the achievement of objectives in the following categories:a) The effectiveness and efficiency of the company’s operations;b) The reliability of its financial reporting;c) Its compliance with applicable laws and regulations.
19Internal control objectives (COSO) Sustaining the company’s business operations (efficiency and effectiveness concerns)Preparing reliable financial reporting (including financial statements)Compliance with applicable laws and regulations
20Components of a system of internal control (COSO) A system of internal control consists of five interrelated components:Control environmentRisk assessmentControl activitiesInformation and communicationMonitoringEach component is relevant for each internal control objective
22IC system components (COSO extracts) Control Environment The control environment sets the tone of an organization, influencing the control consciousness of its people. It is the foundation for all other components of internal control, providing discipline and structure. Control environment factors include the integrity, ethical values and competence of the entity's people; management's philosophy and operating style; the way management assigns authority and responsibility, and organizes and develops its people; and the attention and direction provided by the board of directors.
23IC system components (cont.) Risk Assessment Every entity faces a variety of risks from external and internal sources that must be assessed. A precondition to risk assessment is establishment of objectives, linked at different levels and internally consistent. Risk assessment is the identification and analysis of relevant risks to achievement of the objectives, forming a basis for determining how the risks should be managed. Because economic, industry, regulatory and operating conditions will continue to change, mechanisms are needed to identify and deal with the special risks associated with change.
24IC system components (cont.) Control Activities Control activities are the policies and procedures that help ensure management directives are carried out. They help ensure that necessary actions are taken to address risks to achievement of the entity's objectives. Control activities occur throughout the organization, at all levels and in all functions. They include a range of activities as diverse as approvals, authorizations, verifications, reconciliations, reviews of operating performance, security of assets and segregation of duties.
25IC system components (cont.) Information and Communication Pertinent information must be identified, captured and communicated in a form and timeframe that enables people to carry out their responsibilities. Information systems produce reports, containing operational, financial and compliance-related information, that make it possible to run and control the business. They deal not only with internally generated data, but also information about external events, activities and conditions necessary to informed business decision-making and external reporting. Effective communication also must occur in a broader sense, flowing down, across and up the organization. All personnel must receive a clear message from top management that control responsibilities must be taken seriously. They must understand their own role in the internal control system, as well as how individual activities relate to the work of others. They must have a means of communicating significant information upstream. There also needs to be effective communication with external parties, such as customers, suppliers, regulators and shareholders.
26IC system components (cont.) Monitoring Internal control systems need to be monitored--a process that assesses the quality of the system's performance over time. This is accomplished through ongoing monitoring activities, separate evaluations or a combination of the two. Ongoing monitoring occurs in the course of operations. It includes regular management and supervisory activities, and other actions personnel take in performing their duties. The scope and frequency of separate evaluations will depend primarily on an assessment of risks and the effectiveness of ongoing monitoring procedures. Internal control deficiencies should be reported upstream, with serious matters reported to top management and the board.
27Control activitiesControl activities usually involve a policy component and a procedure componentPolicy: establishes what should be doneProcedure: actions necessary to implement a policyClassification of control activities:Preventive controls: P&P designed to prevent an error or fraud from occurringDetective controls: P&P designed to detect an error or fraud as soon as posibleCorrective controls: P&P to correct problems in a timely manner
28Separation of functions Separation of functions (“segregation of duties”) as a preventive control measureIt calls for the separation of the four basic functions of transaction processingAuthorizing transactionsExecuting transactionsRecording transactionsSafeguarding resources resulting from consummating transactionsThe objective is mainly to provide an environment where fraud becomes difficult
29Defining internal audit “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.”Institute of Internal Auditors
30Internal audit process Primary task:Examine and evaluate the adequacy and effectiveness of the internal control systemEvaluate the quality of performance in carrying out assigned responsibilitiesCan be considered to be part of the monitoring component of a IC systemIts scope potentially covers all activities within the company
31Independence of internal audit Independence with regard to the acitivities they audit, is essential for the internal audit functionIndependence should be assured through:Organizational position and authority within the companyRecognition of professional objectivity
32Internal audit – Hierarchical position (1) De hiërarchische positie van de interne auditor is zeer belangrijk voor zijn onafhankelijkheid . 1° Onder de directeur administratie en financiën-> deontologische problemen!! !! De controlebevoegdheid stopt op het niveau waaraan door de interne auditor wordt gerapporteerd !! Directeur A&F = controleur + gecontroleerde -> conflicten !! Bijvoorbeeld:wanneer er zich een probleem voordoet bij de boekhouding, is het mogelijk dat de directeur een begrijpende, vergoelijkende houding aanneemt !bij problemen bij verantwoordelijken op hetzelfde hiërarchische niveau kan dit leiden tot een vorm van politiek gedrag in functie van doelstellingen die niet noodzakelijk de ondernemingsdoelstellingen zijn.2° Rechtstreeks bij de directeur-generaal->staffunctie bij de directeur-generaal 3° Audit-comité bij de Raad van Bestuur= meerdere leden van de Raad van Bestuur zonder operationele bevoegdheden, eventueel aangevuld met externe auditors!noot: alle ondernemingen genoteerd op de New York Stock Exchange moeten een audit-comité hebben, bestaande uit 'outside directors'.
34Internal audit – Hierarchical position (3) General assemblyBoard of directorsAudit committeeManagementcommitteeAGFA: zie passages omtrent Corporate GovernanceBoard of DirectorsBoard of ManagementCEO = Chairman of BoM = Klaus Seeger = CEA of Agfa-Gevaert NVAudit Committee: bestaat uit 2 non-executive directors (Chaffart & Wenning)CEOInternal audit
35Institute of Internal Auditors (IIA) As an international professional body, the IIA provides authoritative guidance“Standards for the Professional Practice of Internal Auditing” establish ethical (attribute standards) and practice (performance standards) guidelinesCertification programme leading to the designation of “Certified Internal Auditor”
36Standards for the Professional Practice of Auditing Attribute standardsPurpose, Authority, and ResponsibilityIndependence and ObjectivityProficiency and Due Professional CareQuality Assurance and Improvement ProgramPerformance Standards2000 Managing the Internal Audit Activity2100 Nature of Work2200 Engagement Planning.2300 Performing the Engagement2400 Communicating Results2500 Monitoring Progress2600 Management's Acceptance of Risks
37External auditExternal audit = independent audit of a company’s financial statements carried out by external auditorsAlso referred to as “statutory audit”The external auditor expresses an opinion on the representational fairness of the financial statements in conformity with generally accepted accounting principlesReassurance for outside stakeholders that the financial statements are a valid representation of the company’s financial position and performance
38External auditorsLargest four international networks of external auditors:PricewaterhouseCoopers (PwC)KPMGErnst & YoungDeloitteThese “Big Four” dominate the audit market for multinational companies
39Basic statutory audit tasks The basic statutory audit consists of two tasks:To check that the accounting database effectively picks up all the company’s activities and is correctTo check that the financial statements are a correct representation of the accounting database, use appropriate accounting policies and are a reasonable representation of the company’s real state
40Report of the external auditor The external auditor signs a public reporta standard attestation regarding the representational fairness of the financial statementsThe public report may be accompanied by a ‘management letter’Directed to company management (not published)Comments on the audit findings, highlights potential areas of weakness and makes recommendations
41Corporate governanceCorporate governance issues arise whenever ownership of a company is separated from its managementCentral concern = how management’s freedom of action may be limited by outside interestsMany countries have specific rules, regulations and guidance on corporate governance
42Corporate governance recommendations Chairman of the Board of Directors (BOD) should not be the CEOAppointment of independent or non-executive directorsBOD committees with independent directors :Compensation committeeAudit committeeNomination committee
43Accounting profession Main categories of accounting professionals:Independent auditorIndependent accountantCompany accountantSpecialists licensed to carry out the independent audit required by company lawUniversity degree + professional examinations + at least three years as a student in a public auditing firmInternational variation in nature of scope of statutory audit and in constraints on auditor/client relationship
44Accounting profession (cont.) Independent accountantExternal professionals offering accounting services to (generally small) companiesMay also provide tax and general consulting services, but not statutory audit servicesCompany accountantInternal accounting specialists, but not necessarily governed by a professional organizationNo formal educational prerequisites