Meet Rubino & Company

Pam Lin I’m proud that clients trust me with their work, and I do my best to earn their continued respect.

Recent Twitter Updates

Fewer taxpayers will be hit with the AMT, and those who are affected will likely see their AMT liabilities decrease…
2 days ago Follow Us


Are You In Control? Why Having Sound Internal Controls is Good Business

Category: Articles

By Scott Flaherty, CPA 

When Congress passed the Sarbanes-Oxley Act in 2002, it mandated publicly-traded businesses pay more attention to their internal controls.  Many business owners and executives believed this was not only unnecessary, it was a complete waste of time and money. Since then, many detractors have come to the conclusion that not only is an emphasis on internal controls good business, it’s also essential to maximize profits and keep the organization as safe as possible.

The goals of a well-designed control environment include:

  • Promoting operational efficiency and effectiveness
  • Facilitating timely and accurate financial reports
  • Protecting Company assets
  • Ensuring compliance with relevant laws and regulations 

In today’s economic climate, failure to properly address the financial risks associated with each of these goals could potentially put a company out of business.  These goals are met through defining objectives for the company as a whole, key business units within the company, and specific processes within those business units.

Once objectives are established, the risks to achieving those objectives are identified, and strategies to mitigate or manage risks are developed. In essence, management determines what could go wrong with the business in general and the accounting function in particular, and then designs various procedures to address those risks - typically by implementing a mix of preventative and detective internal controls.

How Controls Address Risk

Preventative Controls Mitigate Material Risk From Occurring. Examples Include: 

  • Segregating the ability to execute a transaction from the ability to process a transaction (that is, possess custody of the cash).
  • Performing background and credit checks on employees in sensitive business areas.
  • Establishing, communicating, and reinforcing a culture of ethics.

Detective Controls May Identify If Material Risk Has Occurred. Examples Include:

  • Reviewing the bank statement and corresponding bank reconciliation in detail for unusual adjustments, transactions, or conditions.
  • Reviewing and approving supporting documents for each material disbursement.
  • Examining payroll reports for unauthorized pay increases, bonuses, or unknown employees.

For those that may be unfamiliar with these concepts or unaccustomed to thinking about the topic altogether, designing and implementing a proper set of internal controls can be a daunting exercise; but it is not something you have to do alone.  A good CPA should be able to assist you.

Scott Flaherty, CPA is a shareholder in Rubino & Company, Chartered.  He is responsible for management on recurring attest engagements along with providing periodic consulting services. Scott also helps nonprofit and government contractor clients work through their complicated accounting and regulatory matters to improve performance and efficiency, strengthen internal controls and provide proper accounting and reporting for complex accounting issues.   

View more resources