Introduction to Internal Controls Over Financial Reporting
ICFR (Internal Control Over Financial Reporting) was introduced primarily as a response to major corporate and accounting scandals in the early 2000s, most notably the Enron and WorldCom scandals. Here’s the key background:
Historical Context:
In this comprehensive guide, we’ll explore what ICFR is, why it matters, and how organizations can implement effective control frameworks.
What is ICFR?
Internal controls can be categorized into operational controls, compliance controls, and financial reporting controls. Internal Control Over Financial Reporting (ICFR) is subset of internal controls that specifically focuses on financial reporting accuracy and reliability.
It ensures that financial statements are prepared in accordance with applicable accounting standards (e.g., GAAP, IFRS) and are free from material misstatements due to fraud or error. These controls ensure that transactions are properly authorized, recorded, and reported, while safeguarding assets from unauthorized acquisition, use, or disposition.
Examples of Internal Controls and ICFR Coverage
| Type of Control | Process | Illustrative Internal Controls | Covered under ICFR (Yes/No) |
| Preventive | Revenue Recognition | System restricts revenue booking unless all criteria are met. | Yes |
| Detective | Account Reconciliation | Monthly reconciliation of bank accounts reviewed by management. | Yes |
| IT General Control (ITGC) | User Access Management | Periodic review of access rights to financial systems. | Yes |
| Compliance | Environmental Regulations | Regular audits to ensure adherence to environmental laws. | No |
| Safety Control | Workplace Safety | Mandatory safety training for employees working with heavy machinery. | No |
I. The SCA, the UAE’s financial market regulator, has specific requirements for listed companies. The SCA’s Governance Code (latest version as of May 31, 2024) mandates listed companies to comply with International Financial Reporting Standards (IFRS) and maintain effective internal controls over financial reporting.
I. CBUAE Regulations Circular No. (21) of 2019 regarding “2020 Reporting Requirements for all Insurance Companies Operating in the UAE”
II. IA Circular No. (21) of 2019 states “As part of the year end audit exercise External Auditors are required to obtain an understanding of the internal controls relevant to the audit and to express an opinion on their operational effectiveness.”
I.As per Article (5) of the Standards for Aud iting Financial Statements of Entities Subject to ADAA: The Auditors shall:
II. Test the effectiveness of internal control systems over financial reporting, which covers regulations and procedures relating to key Transactions with a material financial impact.
III. Examine the effectiveness of control procedures related to information systems, applications and software utilized in financial activities
• Identify significant accounts, processes, and locations and perform a risk assessment.
• Define the scope of ICFR based on financial statement impact and inherent risks.
• Map business processes (Order-to-Cash, Procure-to-Pay, Financial Close, etc.) and identify key controls (both entity-level controls and process-level controls).
• Document control activities, policies, and procedures.
• Ensure control design effectiveness (preventive & detective controls)
• Assign ownership of controls and Identify automated and manual controls.
• Conduct walkthroughs to validate control design, perform operating effectiveness testing (sample-based testing), identify control deficiencies and gaps.
• Categorize deficiencies as material weaknesses, significant deficiencies, or control deficiencies.
• Develop a remediation plan, monitor for track corrective actions.
• Conduct regular self-assessments and internal audits.
• Update controls to adapt to business and regulatory changes.
Stay one step ahead in a rapidly changing world and build a sustainable future with us.
Submit your enquiries to MBG Corporate Services. We will respond as soon as possible.
Get A Free Consultation
