Editor’s Note: “Internal Controls Are for Everybody!—Part One” appeared in the previous issue of Court Manager.
Internal control…is a process for assuring an organization’s objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations and policies. A broad concept, internal control involves everything that controls risks to an organization. It is a means by which an organization’s resources are directed, monitored, and measured. It plays an important role in detecting and preventing fraud and protecting the organization’s resources, both physical (e.g., machinery and property) and intangible (e.g., reputation or intellectual property such as trademarks).
See Internal control—Wikipedia.
When internal controls are considered, we often automatically think of financial management. Considering that, let us walk through the five main internal control components using Financial Controls as an example to show, in a practical way, the broad scope of internal control.
Risk Assessment in the following areas is essential:
- Budget (the entire cycle)
- Procurement of goods and accountable property
- Receipt of cash and other financial instruments
- Banking (cash, funds held in trust)
- Case-related management/financial orders/obligations
- Payments and disbursements (to litigants, jurors, vendors, travel reimbursements, etc.)
- Financial accounting and reporting
- Payroll (including time and attendance)
A detailed analysis and awareness of the organization’s vulnerabilities in each area should be part of the overall internal control environment. One great way to do this is to use a checklist or questionnaire to guide the analysis. The goal is to identify possible exposures to loss, waste, abuse, and even criminal activity (such as theft). To realize the importance of this step, go back and read the list of internal control failures from part one this article in the winter 2023 issue of Court Manager. None of us wants these things to happen in our organizations! Once vulnerabilities are identified, the next step is to design and implement steps to prevent them from occurring.
Control Activities is the label given to efforts to eliminate vulnerabilities and prevent failures. There are a wide range of daily to periodic actions involving manual and automated systems. These actions involve internal and external actors. Examples include:
- Robust backup of functions and data, whether conducted by staff or automated systems.
- Daily, weekly, monthly, quarterly, and annual reports on activities and the status of funds.
- Linkage of case and financial system records; this not only is efficient, but also improves data accuracy.
- Separation of duties so that no person has control over related financial functions. For example, the same person must not be involved in cash receipting and bank deposits or the ordering and receiving of accountable property.
- Physical security of the premises, offices, and individual records.
- A Continuity of Operations Plan (COOP), which thoroughly covers financial functions.
- Routine internal and external financial audits.
It is very important to document all control activities in a financial controls manual. Such a manual provides a reference guide and should be used to train staff. The manual needs to be reviewed and updated annually to ensure currency. The table of contents from one court’s Internal Controls Manual is provided at the end of this article. The scope of such a manual is very wide and quite detailed.
Information and Communication about the organization’s financial controls ensures that everyone is aware of their obligations and responsibilities for sound financial management. Again, training of staff is essential. Reports and data outputs must be routinely generated, reviewed, and acted upon as necessary. A transparent and accountable organization also makes nonconfidential information available to the public, funding authorities, etc. A sound records system that documents financial activity also prepares the organization for audits, as well as for substantiating and defending management decisions.
Monitoring is the final main internal control component. It is critical to measure how well the organization’s financial controls are working. Baseline standards must be set to enable an evaluation of the effectiveness of the design and operation of financial controls. If a gap between actual performance and baseline standards is found, corrective action needs to be taken to remedy the situation. This can be done by resetting the financial system design or taking action to improve operational effectiveness. Monitoring also extends to the individual performance appraisals of staff members whose reviews include financial-system-related duties.
Monitoring must be timely to enable prompt analysis and follow-up. This often means the real-time collection of data and report publication. Automated systems should be set up to provide staff and management with such information as needed. Organizations should not wait until formal audits are performed to monitor financial system performance.
As we have seen, financial controls are quite complex and span almost every aspect of operations. This description of financial controls is a great example of only one main area of internal control. The same principles and components apply across all control areas (see part one of “Internal Controls Are for Everybody” in the previous Court Manager).
These articles have:
- defined what is meant by internal control systems;
- shown how such systems define and mitigate organizational risks as part of a strategic planning program;
- outlined the specific features of a comprehensive internal control system; and
- given a detailed example of financial internal controls.
The definition of internal controls is worth repeating:
Internal controls are systematic safeguards that are a continuous built-in component of operations, reviews, and reports. Collectively, internal controls are the policies, actions and activities that provide reasonable assurance that assets and resources are protected from loss, waste or abuse; operations are efficient and effective; financial reports are accurate and reliable; and business practices are in compliance with applicable laws, regulations, and judiciary policies.
Every organization has risks—the challenge is to manage these risks and ensure that you are doing everything you can to reduce them to an acceptable level (ideally, to eliminate them). It is my hope that readers now have a heightened awareness of the critical importance of internal controls and, further, are motivated to reexamine and improve what is being done in their own organizations. As the title of this article states, “Internal Controls Are for Everybody!”
Appendix
Table of Contents from a Court Financial Controls Manual:
- Introduction
- Reporting Allegations of Fraud, Waste, Abuse or Mismanagement of Resources
- Periodic Evaluation of Internal Control Procedures
- Budget Management Organization and Plan
- Management Authority and Fiduciary Responsibility
- Assumption of Responsibility for Duties of Clerk
- Chief Judge
- Delegations, Appointments and Assignments
- Cashier Appointment, Restrictions and Requirements
- Appointment
- Restrictions
- Requirements
- Monies Received; Cashier Responsibilities
- Remittances
- Mail Remittances
- Electronic Remittances Paid Using Pay.gov
- Customer Service Counter Remittances
- Acceptance Determination
- Checks
- Currency
- Credit Card Payments
- Cashier Action on Funds Determined to Be Unacceptable
- Contact Customer for Same-day Resolution of Problem
- Counterfeit Currency
- Suspicious Credit Cards
- Funds Collection Safeguards
- Safeguarding of Collections
- Emergency After-hours Filings
- Checks Not Cashed; No Change Made
- Cash Collections in Excess of $1,000
- Emergency Storage of Un-Receipted Funds
- Shortages and Overages
- Restricted Access to Cashiers Individual Closeout Audit Report
- Responsibility for Daily Receipt Reports
- Receipts and Collection Transactions
- Preparation of Receipts, Generally
- Processing Transactions Separately
- Receipts for Mail Remittances
- Installment Payments
- Fee Waivers
- Voids
- Void Documentation
- Adjustment of Remittance List
- Remittances
- Monies Received; Financial Section Responsibilities
- Collection Reconciliation
- Shortages
- Overages
- Reconciliation Recordkeeping
- Securing Collections After Reconciliation
- Verification of Mail Remittances
- Accounting for Installment Payments
- Record of Payments
- Monitoring Payments and Follow-Through
- Credit Card Chargebacks
- Deposit of Collections
- Data Uploaded to Financial System
- Checks Copied; Funds Deposited
- Deposit Verified
- Agreement of Totals Confirmed
- Combination Safe
- Access
- Maintained Locked; Contents
- Receipt of Funds Deposited with Court
- Collateral Requirements
- Recordkeeping for Funds Deposited with the Court
- Maintenance of Documents for Funds Deposited with the Court
- Monies Due the Court from Employees
- Financial Reports
- Daily Receipt Report and Cash Receipts Journal
- Trustee and Deposit Fund Control Balance Verification
- Unclaimed Funds Balance Verification
- Deposits Verification
- Statement of Accountability
- Adjustments Between Funds
- Monthly AO Reports
- Maintenance and Disposal of Financial Records and Documents
- Collection Reconciliation
- Decentralized Budget and Control of Appropriated Funds
- Fund Control
- Chief Judge/Unit Executive Quarterly Budget Review
- Budget Committee
- Reprogramming Actions
- Monies Disbursed
- Disbursement of Funds Deposited with the Court
- Disbursement Authority
- Disbursement of Appropriated Funds
- Preparation and Processing of Payments
- Maintenance of Payment Documents and Invoices
- Examination of Payment Documents
- Issuance of Interim Salary Checks
- Notices Sent Electronically
- Weekly Reconciliation
- Monthly Reconciliation
- Travel
- Travel in General
- Reimbursable Expenses
- Government-Issued Travel Credit Cards
- Centrally Billed Account (CB
- Procurement of Goods and Services
- Contracting Officer Certification Program (COCP)
- Acquisition of Goods and Services
- Solicitation of Bids
- Documentation of Bids
- Documentation of Purchases
- Authority to Sign Purchase Orders
- Certification Requirements for Reimbursable Work Authorizations (RWAs)
- Government Purchase Cards
- Receipt of Property
- Property Management
- Acquisition of Property
- Identification of Property
- Maintenance of Property
- Physical Sightings
- Property Passes
- Disposal of Property
- Documentation of Disposal
- Verification of Documentation and Property
- Inventory Update
- Case Records Management
- Filings Pre-2004
- Filings in 2004 and Later
- Paper Documents and Audio Files Ordered Sealed
- Electronic Records
- Electronic Documents Ordered Sealed
- Payroll Reporting and Other Personnel Matters
- Maintenance of and Access to Payroll, Time and Attendance, and Personnel Records
- Retention of Paper Records
- Pay Via Electronic Funds Transfer
- Payroll Certifying Officer and Designation of Alternate; Revocation of Designation
- Responsibilities of Leave-approving Officials, Timekeeper and Employees
- Leave Policies
- Leave Request and Time and Attendance Documentation
- Automated Leave Accounting System
- Record of Attendance and Leave; Approval
- Leave Use Audit
- Payroll Certification Control List
- Reporting Absences Affecting Pay
- Tracking Hours in Non-Pay Status
- Authority to Electronically Approve Personnel Documents
- Revocation of Authority to Electronically Approve Personnel Documents
- Hiring Security Practices
- Maintenance of and Access to Payroll, Time and Attendance, and Personnel Records
- Physical Security
- Building
- Masters of Keys
- Loan of Keys and Issuance of Temporary Building Badges to Non-Court Personnel
- Postage Meter
- Court-controlled Space
- Court-controlled Space Access Building Badges
- Building
ABOUT THE AUTHOR
Norman H. Meyer, Jr., previously served as clerk of court, United States Bankruptcy Court, for the District of New Mexico and Eastern District of Virginia. He is a past president of NACM and a recipient of NACM’s Award of Merit.
