There are four significant controls that every compliance program should have in it. They are: 1) DOA; 2) maintenance of the vendor master file; 3) contracts with third parties; and 4) movement of cash/currency.
- Your DOA should reflect the impact of compliance risk including both transactions and geographic location so that a higher level of approval for matters involving third parties, for fund transfers and invoice payments to countries outside the U.S. would be required inside your company.
- Your vendor master file can be one of the most powerful preventative control tools largely because payments to fictitious vendors are one of the most common occupational frauds.
- Your contracts with third parties can be a very effective internal control which works to prevent nefarious conduct rather than simply as a detect control.
- Your controls over the disbursements of funds and movement of should include such methods accounts payable computer checks, manual checks, wire transfers, replenishment of petty cash, loans or advances.
The bottom line is that internal controls are just good financial controls. The internal controls that detail requirements for third-party representatives in the compliance context will help to detect fraud, which could well lead to bribery and corruption.
Three key takeaways:
1. Remember the top four internal controls for an effective compliance program.
2. Effective internal controls should do more than protect but also prevent internal program violations.
3. Effective internal compliance controls are good financial controls.