The U.S. Government Accountability Office (“GAO”) recently issued “Management Report: Improvements Are Needed to Enhance the Internal Revenue Service’s Internal Controls”, describing how the Internal Revenue Service (“IRS”) continues to have internal control deficiencies, both new and old. The purpose of the report is to present internal control deficiencies identified during the GAO’s audit of IRS’s fiscal years 2013 and 2012 financial statements.
The report provides 17 recommendations to address these new internal control issues the GAO identified, all of which were agreed to by the IRS. It also presents the 2013 status of the IRS’s corrective actions to address 60 previous recommendations from the 2012 audit. As of September 30, 2013, IRS had completed corrective action on 26 of those 60 recommendations. A more detailed discussion of the internal control failures is described in this related article.
While the deficiencies and recommendations described by the GAO are specific to the government operations investigated, many of the same deficiencies exist at public or private companies. Such entities would similarly benefit from improvement of internal controls over their financial management and accountability for resources. Some of the more universally applicable recommendations by the GAO include:
- Proper oversight of external service providers
- Establishing and implementing written procurement procedures to monitor the receipt and acceptance functions for accuracy and timeliness
- Ensuring the safety of assets by requiring that assets obtained are timely and accurately recorded and asset disposals are approved in advance by those with authority to do so
- Ensuring hard drives of disposed assets are wiped clean of sensitive information prior to their disposition
- Manually reviewing reports for the existence of duplicates, unexpected dates or amounts, or other unusual activity
Implementation and regular review of the adequacy of a system of internal controls is critical to preventing and detecting fraud. Such processes deter fraudulent activity by decreasing the perceived opportunity to commit fraud and provide information to quickly identify if it should it occur. As the problems at the federal level demonstrate, many small fraudulent acts can quickly add up when left unchecked.