Risk and Internal Controls - FY2020

After many years as an auditee representing construction project business, I had the opportunity now to sit at the other end of the table as an Independent “Internal Control” Assessor to test the effectiveness of various Internal Controls! It was good experience and from the results, it went well!!

Thank you, RIC management team and rest of the colleagues who supported and made the ICFR FY2020 a success. This would go a long way to ensure the corporate strength, Risk Management and reliability of financial reporting of the organization!

Nevertheless, this seems the first time for us, a fully online and digital assessment was done with collaboration with all parties during the COVID19 Pandemic lock down!

Also, this would be the last combined audit for Siemens LLC before the carveout to Siemens Industrial and Siemens Energy entities!

===============================================================

Now, for a short background, why this is important!

The System of Risk and Internal Control (R/IC/) is designed to provide a degree of Assurance that the organization’s business objectives are being met and key risks are being adequately managed.

In the recent past, Internal Controls was a key element of Foreign Corrupt Practices Act (FCPA) 1977 and the Sarbanes–Oxley Act of 2002 for corporate firms listed in the US.

The Foreign Corrupt Practices Act of 1977 (FCPA) is a United States federal law that prohibits U.S. citizens and entities from bribing foreign government officials to benefit their business interests

The Sarbanes–Oxley Act of 2002 (SOX) specifically was enacted in the US, as a reaction to several major corporate and accounting scandals, including Enron and WorldCom.

The Act was designed to oversee the financial reporting landscape for finance professionals. Its purpose is to review legislative audit requirements and to protect investors by improving the accuracy and reliability of corporate disclosures. Sections of the bill covered the responsibilities of public corporations’ board of directors and officers, added criminal penalties for certain misconduct etc. As a result of SOX, top management must personally certify the accuracy of financial information.

Over a period, the existing processes and from requirements per the new Act, this developed into a robust Risk and Internal Control (RIC) system to make sure that the organization’s assets are safeguarded, financial reporting is reliable, and laws and regulations are complied with.

The risk of misconduct and fraud is dangerous, with exposures like Wirecard, dubbed ‘Enron of Germany’ which could not locate €1.9 Billion from Balance Sheet and various other similar financial scandals!.

Hence the risk is real and needs to be guarded with a thorough and strong internal control system!

=====================================================