Back in August 2009 (seems like a long time ago) I posted “It’s the People in the Process Who Matter” on this blog. The general premise of that post was that most business process and internal control failures start and end with people. It starts with people who make decisions to design and implement (or not) proper control systems that ensure that their organization is protected, that its assets are used in efficient and effective ways, and that the organization is not adversely impacted through someone’s fraudulent activities. It then moves to the people responsible for ensuring that the control processes operate and remain effective.

In the last week or so, I have read articles on two rather disparate topics that brought these thoughts back to mind. more

As follow-on to my last Process Points posting, this blog considers the same premise when it comes to the FCPA.

Complying with the requirements of the Foreign Corrupt Practices Act (FCPA) is not an easy task. And while FCPA compliance can be one of those “out of sight, out of mind” tasks, you might want to be sure your organization understands how FCPA might apply.

Why? Well, it seems that FCPA enforcement activity by the U.S. Department of Justice and the SEC has surged recently. Around the globe, other countries also appear to be stepping up how they address issues of corruption. (See “Ungreasing the Wheels” in The Economist.)

And if any of these authorities determines that you are in violation of FCPA regulations or their country’s laws, those violations can lead to hefty fines, prison time, and other fallout (e.g., negative publicity) that most corporations or individuals don’t want!

A quick refresher: The FCPA makes it illegal for a U.S. issuer, domestic concern, or certain foreign issuers of securities to directly or indirectly bribe foreign government officials through payments or gifts of any value to obtain or retain business or to secure an improper business advantage. In addition, the FCPA also requires organizations to keep books and records that accurately reflect all transactions and to maintain adequate internal accounting controls.

Companies often struggle with several aspects of FCPA compliance such as understanding FCPA requirements and obligations, and creating, implementing and enforcing policies and procedures related to FCPA controls. Not only are these aspects a challenge, but so are the expensive and detailed investigations that must take place once possible FCPA violations are surfaced.

So what should you do to address effective FCPA compliance management? more

After recovering from some hand surgery, I am now able to restart my blog postings. Sorry for the short sabbatical.

As the calendar year is rapidly coming to a close, this means that the annual closing and audit process is once again starting to get on our minds. And regardless of whether or not you have to contend with SOX compliance issues, we all want to reduce the risk of control failure in our routine closing processes and in our internal controls over financial reporting.

The monthly (and annual) close process is a critical part of an organization’s internal controls. How well that close process is managed has a direct impact on timely decision-making during the normal course of business and on the level of reporting risks the CFO and controller have to consider. It is not unusual that close processes and account reconciliation management are manually intensive, time-consuming, and error prone. The term “hodgepodge” often comes to mind when talking about the close process. more

Small public companies, also known as “non-accelerated filers,” have been facing for a long time the costs of compliance with Sarbanes-Oxley (SOX) Section 404(b)’s requirement for the external auditor to report on the adequacy of the company’s internal control over financial reporting. Over a year ago, in June 2008, the SEC announced that the 404(b) requirement for small companies was being extended to fiscal years ending on or after Dec. 15, 2009, as a cost-benefit study of compliance costs for small businesses was completed.

In case you missed it … on October 2, 2009, the SEC once again delayed the timing for compliance with 404(b). This time, the delay is only for nine months. And it sounds like this time the SEC means for this to be the last delay. more

Over the last 10 to 15 years, the degree of automation in financial processes has advanced dramatically. And while most companies continue to strive to develop and implement even more automation into their transaction processing and financial closing and reporting processes, there is little doubt that the manual journal entry is going to continue to be a key component in the financial closing and reporting process for the foreseeable future.

This statement is based on my own admittedly non-cientific survey of leading financial personnel who are in my professional network. These people have roles such as CFO, chief internal audit executive, deputy comptroller, SOX team leader, and even partner with a national CPA firm. They work in a wide variety of industries, including manufacturing, medical products and services, telecommunications, state government, and energy, in addition to public accounting.

Since I am working on an article about risk and the manual journal entry process, I have been holding various types of discussions (phone and e-mail) with these outstanding accountants and financial professionals. One of them brought up an intriguing thought about the future importance of the manual journal entry process, given pending changes in accounting standards. more