May 04

Information Technology Controls and Risk Assessment

By Charles Hall | Risk Assessment

Information technology controls (IT controls) are getting increased attention with the implementation of SAS 145, Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatements.

IT Controls Video

In the following video, I provide an overview of what you need to do regarding IT controls including general and information processing controls. 

YouTube player

 

Consider general controls and transaction processing controls as you plan your financial statement audits. 

General Controls

Examples of general controls include:

  • Passwords
  • Intrusion detection
  • Backup and recovery
  • Logical access to software 
  • Change control
  • Physical protection of IT systems

Transaction Processing Controls

An example of a transaction processing control is a software requirement that information in purchase orders, invoices, and shipping documents agree (known as a three-way match) before processing the payment. 

IT controls

Design and Implementation 

Review the design and implementation of these IT controls, and do so in the planning phase of your audit. Weak IT controls may require you to perform additional audit procedures to lower detection risk. Why? Because weak general controls or transaction processing controls might allow material misstatements to occur without detection. 

Payment fraud tests
Apr 24

Payment Fraud Tests: Five Powerful Ideas

By Charles Hall | Auditing , Fraud

Are you looking for payment fraud tests? Ways to detect fraudulent payments and create unpredictable tests. Here’s your article.

You are leading the audit team discussion concerning disbursements, and a staff member asks, “Why don’t we ever perform fraud tests? It seems like we never introduce elements of unpredictability.”

You respond by saying, “Yes, I know the audit standards require unpredictable tests, but I’m not sure what else to do. Any fresh ideas?”

The staff member sheepishly responds, “I’m not sure.”

And you are thinking, “What can we do?”

Man looking for payment fraud

Five Payment Fraud Tests

Here are five payment fraud tests that you can perform in most any audit.

1. Test for duplicate payments

Why test for duplicate payments?

Theft may occur as the accounts payable clerk generates the same check twice, stealing and converting the second check to cash. The second check may be created in a separate check batch, a week or two later. This threat increases if (1) checks are signed electronically or (2) the check-signer does not normally examine supporting documentation and the payee name.

How can you test for duplicate payments?

Obtain a download of the full check register in Excel. Sort by dollar amount and vendor name. Then investigate same-dollar payments with same-vendor names above a certain threshold (e.g., $25,000).

2. Review the accounts payable vendor file for similar names

Why test for similar vendor names?

Fictitious vendor names may mimic real vendor names (e.g., ABC Company is the real vendor name while the fictitious name is ABC Co.). Additionally, the home address of the accounts payable clerk is assigned to the fake vendor (alternatively, P.O. boxes might be used).

The check-signer will probably not recognize the payee name as fictitious.

How can you test for similar vendor names?

Obtain a download of all vendor names in Excel. Sort by name and visually compare any vendors with similar names. Investigate any near-matches.

3. Check for fictitious vendors

Why test for fictitious vendors?

The accounts payable clerk may add a fictitious vendor. What address will be entered for the fictitious vendor? You guessed it: the payable clerk’s home address (or P.O. Box).

Pay particular attention to new vendors that provide services (e.g., consulting) rather than physical products (e.g., inventory). Physical products leave audit trails; services, less so.

How can you test for fictitious vendors?

Obtain a download in Excel of new vendors and their addresses for a period of time (e.g., month or quarter). Google the business addresses to check for validity. If necessary, call the vendor. Or ask someone familiar with vendors to review the list (preferably someone without vendor set-up capabilities).

YouTube player

4. Compare vendor and payroll addresses

Why compare vendor and payroll addresses?

Those with vendor-setup ability can create fictitious vendors associated with their own home address. If you compare all addresses in the vendor file with addresses in the payroll file, you may find a match. (Careful – sometimes the match is legitimate, such as travel checks being processed through accounts payable.) Investigate any suspicious matches.

How can you test for the same vendor and payroll addresses?

Obtain a download in Excel of (1) vendor names and addresses and (2) payroll names and addresses. Merge the two files; sort the addresses and visually inspect for matches.

5. Scan all checks for proper signatures and payees

Why test checks for proper signatures and payees?

Fraudsters will forge signatures or complete checks with improper payees such as themselves.

How can you test for proper signatures and payees?

Pick a period of time (e.g., two months), obtain the related bank statements, and scan the checks for appropriate signatures and payees. Also, consider scanning endorsements (if available).

Your Payment Fraud Tests

Those are a few of my payment fraud tests. Please share yours.

Need additional ideas regarding how fraud might occur. Check out my post: 25 Ways Fraud Happens.

My fraud book provides more insights into why fraud occurs, how to detect it, and–most importantly–how to prevent it. See The Little Book of Local Government Fraud Prevention. The book focuses on local government fraud, but most of the information is equally applicable to small businesses.

chart of accounts
Mar 21

Understanding the Chart of Accounts: A Fundamental Guide

By Charles Hall | Accounting

What is a chart of accounts? If you are new to accounting, you may not know. But you need to understand this part of bookkeeping and accounting whether you use a manual system or an online one such as QuickBooks. A chart of accounts is helpful whether you are using FASB, GASB, or special purpose frameworks

Below, I explain what a chart of accounts is and how you will use it in bookkeeping and accounting. I also provide thirteen steps to developing a chart of accounts. 

What is a Chart of Accounts?

A chart of accounts (COA) is a structured list of an organization’s financial accounts used to categorize and record financial transactions. It serves as the backbone of an accounting system, providing a framework for organizing financial data in a logical manner. The COA is tailored to an organization’s needs and can vary widely in complexity.

The COA is usually hierarchical, with accounts organized in categories and subcategories. These categories include assets, liabilities, equity, revenue, and expenses. Each account within the COA is typically assigned a unique identifier, usually a numerical code (see examples below), to facilitate data entry and reporting.

chart of accounts

Example Chart of Accounts

Here’s an example of a chart of accounts:

Assets

– 1010: Cash

– 1010.1 Operating Checking

– 1010.2 Payroll Checking

– 1010.3 Special Projects Checking

– 1020: Accounts Receivable

– 1030: Inventory

– 1040: Fixed Assets

– 1040.1: Buildings

– 1040.2: Machinery

Liabilities

– 2010: Accounts Payable

– 2020: Loan Payable

– 2030: Accrued Expenses

Equity

– 3010: Owner’s Capital

– 3020: Retained Earnings

Revenue

– 4010: Sales Revenue

– 4020: Interest Income

Expenses

– 5010: Cost of Goods Sold

– 5020: Rent Expense

– 5030: Utilities Expense

– 5040: Salaries and Wages

Next, I’ll show you how to create account codes. 

Account Coding

The numbers used to identify an account (e.g., 1010 for Cash) vary from entity to entity. Account coding involves several elements, including the following:

  • Length of the code (the number of digits or characters in the account number)
  • Use of spaces, dots, or spaces
  • Hierarchical structure (using general categories and subcategories)
  • Numerical and alphanumeric (numbers and letters; e.g., 1010AA-15)

Here are examples of operating cash accounts for different companies:

Account number for operating cash

Entity

100.01

Joe’s Machine Shop

1000-01

Wonderful Coffee, Inc.

10-100-01

Jet Products Partnership

10-10-1000-01-A

Bose Industrial

C-10-10-1000-01

Johnson Farms, Inc.

As you can see, the account code for each operating cash account can vary significantly from entity to entity. So, why the differences?

Factors Affecting Account Coding

Several factors drive the account coding, including the following:

  • Laws or regulations (e.g., state law can dictate account coding for governments)
  • Industry guidelines
  • Business needs for certain information
  • Software requirements (some software packages require the use of specific account coding, such as the number of characters)

Additionally, some entities use prefixes to identify the type of asset, liability, equity, revenue, or expense. Here are examples:

Prefix

Type

10

Asset

20

Liability

30

Equity

40

Revenue

50

Expense

Using the prefixes, the cash and receivable accounts might appear as follows:

Account Number

Account

10-1000

Operating account

10-1005

Payroll account

10-1010

Capital construction account

10-1020

Accounts receivable

10-1025

Due from employees

chart of accounts

More complex entities may have longer account codes to accommodate the reporting needs of the entity. For example, a company might use prefix numbers for specific accounts, such as cash. Here’s an example with the first 10 representing assets and the second 10 representing cash.

Account Number

Account

10-10-1000

Operating account

10-10-1005

Payroll account

10-10-1010

Capital construction account

10-20-2000

Accounts receivable

 

So, why would you add these additional layers in the chart of account number? Additional account coding can make it easier to create financial statements. For example, in the preceding table, total cash can be determined by adding all accounts preceded with 10-10.

So, a company can use account coding to generate certain information, such as total cash.

Next, I’ll show you how the chart of accounts is a part of the financial statement building process. 

The Building Blocks of Financial Statements

Key building blocks in the creation of financial statements include:

  1. Chart of accounts
  2. Journal entries
  3. General ledger
  4. Trial balance
  5. Financial statement

First, let’s look at how the chart of accounts and journal entries work together

The relationship between journal entries and the chart of accounts is akin to the relationship between a script and its cast of characters. The COA serves as the cast—a structured list of all accounts where financial transactions can be recorded. Journal entries, on the other hand, are the script— the actual recording of financial transactions as they occur.

Each line in a journal entry uses an account from the COA. The account’s unique identifier (e.g., 1010.1) is used to specify where the debit or credit is to be recorded.

Account Description Debit  Credit
1010.1 Operating Checking 1,000
4010 Sales Revenue 1,000

 

Second, let’s see how the journal entries feed into the general ledger which feeds into the trial balance

The COA helps categorize transactions appropriately. For example, if a company makes a sale, it debits an asset account (like Accounts Receivable or Cash) and credits a revenue account (Sales Revenue), as defined in the COA. The company records each transaction (journal entry or accounting entry) in the general ledger account, and the general ledger totals create the trial balances.

For example, if there are ten checking account transactions in May, those are added or subtracted from the May 1 opening balance in the general ledger to arrive at the May 31 balance (e.g., $125,453 in the table below).

Third, here’s how the trial balance feeds into the financial statements

Now, the trial balance (the summary of all account balances) checking account balance reflects $125,453 at the end of May which is included in the financial statements

Accounting Sequence

So, let me summarize and say once more what the accounting sequence is.

  1. Accounting entries are made to the general ledger
  2. The general ledger feeds into the trial balance
  3. The trial balance feeds into the financial statement. 

Summarizing Accounts for Financial Statements

Here is an example of a company’s cash accounts being combined for presentation in the financial statements. 

Account Number

Account Name Balance
1010.1 Operating Checking  125,453
1010.2 Payroll Checking 55,871
1010.3 Special Projects Checking 144,120
Total Cash

$325,444

 

From here, we use the total cash balance in the balance sheet.

Financial Statements

Here are a few lines in the balance sheet:

ABC Company

Balance Sheet

12/31/20X4

 

Cash

$325,444

Account Receivable

     548,465

Inventory

  2,587,132

Current Assets

$3,461,041

 

In addition to assisting with financial statement creation, there are other advantages to using a chart of accounts. 

Four Advantages to a Chart of Accounts

  1. Consistency and Standardization: The COA provides a standardized framework for recording transactions. This ensures that everyone in the organization uses the same numbering system when making accounting entries, which is crucial for consistency and accuracy.
  2. Budgeting and Analysis: The COA allows for easier budgeting and financial analysis. Management can assess performance against budgets or historical data by reviewing entries in specific accounts (e.g., sales).
  3. Compliance and Regulation: A well-defined COA ensures that journal entries comply with regulatory requirements for financial reporting, especially in sectors like governments and nonprofits.
  4. Error Detection: A well-organized COA can help you quickly identify accounting entry errors. If an entry doesn’t align with the account type (e.g., crediting an asset account when it should be debited), it’s easier to spot. 

In light of the above, you may be wondering, “What steps should I follow to get this done?”

chart of accounts

Thirteen Steps to Set Up Your COA

Here are steps you can use to set up your COA:

  1. Understand the Business Structure: Before you start, understand the nature of the business or organization. Is it a manufacturing company, a service provider, a nonprofit, or a government entity? The type of organization will influence the accounts you need.
  2. Identify Reporting Needs: Determine the financial statements and reports the organization will need. For example, review sample city financial statements to see what is required if your entity is a city government. This will help you structure the COA to align with the financial statements.
  3. Determine the Basis of Accounting: Cash basis accounting, for example, differs from generally accepted accounting principles (GAAP). GAAP requires accrual accounts such as Accounts Receivable, and the cash basis of accounting does not.
  4. Consult Regulatory Guidelines: For certain types of organizations, especially governments and nonprofits, regulatory guidelines might dictate the structure of the COA.
  5. Choose a Numbering System: Decide your account numbering system. A common approach is to use a series of numbers, often in increments of 10 or 100, to allow for future additions.
  6. Create Main Categories: List the main categories of accounts, such as Assets, Liabilities, Equity, Revenue, and Expenses.
  7. Add Subcategories: Within each main category, add subcategories. For example, Assets contain Current Assets and Noncurrent Assets.
  8. Assign Account Numbers: Assign a unique number to each account based on your numbering system.
  9. Provide Descriptions: Briefly describe each account to clarify its purpose (e.g., operating cash). This is especially useful for anyone not involved in setting up the COA.
  10. Implement in Accounting Software: Most accounting software allows you to customize your COA. Input the accounts, numbers, and descriptions into the software. Before creating your COA, ensure your accounting software allows your desired numbering system. For example, the software might limit the account number to ten digits.
  11. Test and Revise: Test the COA by recording sample transactions after initial setup. Make any necessary adjustments.
  12. Train the Team: Ensure that everyone using the COA understands how to use it correctly.
  13. Review Periodically: Business needs change, and your COA should accommodate those changes. Review the COA periodically and make updates as necessary.

Additional Chart of Account Considerations

Here are some things you need to consider as you develop your chart of accounts:

  1. Balance the number of accounts with your reporting needs. Create additional accounts only when necessary. For example, create salary sub-accounts for each department (e.g., operations salaries, logistics salaries, oversight salaries, management salaries) in a large organization, but one salary account might be sufficient in a small entity.
  2. Some industries, such as healthcare, provide sample COAs. (You’ll find healthcare COA examples on the Internet. The same is true of other industries.) Moreover, some sectors have required COAs. For instance, local governments in Georgia must follow a state-mandated COA.
  3. There are competing issues in developing account codes: Desire for short account numbers versus Desire for additional information. Short account numbers take less time to enter, but they may limit the entity’s informational abilities. The result: the company may need to export account numbers and balances to Excel and manually compute the required information. Many entities lengthen their account numbers to automatically generate information without additional steps (such as exporting to Excel). The 10-10 prefix for all cash accounts (see above) is an example.
  4. As you develop the chart of accounts, share it with all stakeholders, those that this will affect (e.g., department heads in your organization). It’s best to get negative feedback as you develop the chart of accounts, not after it is live in your accounting system. 
  5. If you are creating a new account coding system, consider all the information you need (now and in the future) and design the codes accordingly. A common problem for all entities is they outgrow their account codes; when they do, the business may need to revamp the entire account coding—not a pleasant process.

Give Some Love to COA

As I close, let me encourage you to give your chart of account decisions plenty of thought. You’ll be glad you did. If you don’t give your chart of accounts the early love it deserves, you may regret it. Creating a new accounting systems six years out, for example, would be a major headache. 

I wish you well as you create your chart of accounts. 

See my related article, Eight Types of Accounting Journal Entries

Journal Entries Book

Want a JE handbook? Check out my new book, Journal Entries Made Easy, an Introduction to Accounting

Journal Entries made easy

online information for CPAs
Mar 18

Online CPA Resources: Free and Paid Options

By Charles Hall | Accounting and Auditing

Are you looking for online CPA resources? You’ve come to the right place. 

There are plenty of online resources, including audit standards, compilation and review standards, illustrative reports, and fraud prevention information. The AICPA’s audit quality centers also offer resources. Some of them are free, while others require a fee. 

online CPA resources

Online CPA Resources

Here’s a list of online CPA resources that I commonly use (some AICPA documents require an AICPA membership):

AICPA Quality Center Resources

While the following are not free, consider joining audit quality centers if you have a concentration in areas such as governments and benefit plans. Once you join a center, you’ll have online access to their information (e.g., newsletters and alerts). In today’s environment, these memberships are vital. I don’t know how anyone can keep up with all the changes in accounting and auditing standards without resources like these. 

I have found the AICPA Governmental Audit Quality Center (GAQC) particularly helpful. They provide timely information alerts to keep you abreast of evolving changes such as those related to Yellow Book and Single Audits.

The Employee Benefit Audit Quality Center is also useful. These audit quality centers provide practice aids and CPE classes relevant to governments and benefit plans. 

Another great resource (though not free) is the Center for Plain English Accounting (CPEA). The CPEA provides written responses to your technical questions; the AICPA Technical Hotline listed above is free but they don’t provide written responses, only verbal. The CPEA also provides timely articles about accounting and auditing changes, some of the best I have seen. Their quarterly accounting and auditing CPE update is also quite useful. 

Your Online Resources

What online resources do you use as a CPA? Leave a comment.

Audit mistakes
Feb 09

Audit Mistakes: Seven Deadly Sins

By Charles Hall | Auditing

Seven deadly audit sins can destroy you. These audit mistakes kill your profits and effectiveness.

You just completed an audit project, and you have another significant write-down. Last year’s audit hours came in well over budget, and—at the time—you thought, This will not happen again. But here it is, and it’s driving you insane.

Insanity: doing the same thing year after year but expecting different results.

Are you ready for better results?

Audit Mistakes

Here are seven deadly (audit) sins that cause our engagements to fail.

Audit mistakes

1. We don’t plan

Rolling over the prior year file does not qualify as planning. Using canned audit programs is not planning.

What do I mean? We don’t know what has changed. Why? Because we have not performed real risk assessment such as current year walkthroughs. We have not (really) thought about current year risks of material misstatement.

Each year, audits have new wrinkles.

Are there any fraud rumors? Has the CFO left without explanation? Have cash balances decreased while profits increased? Does the client have a new accounting program or new staff? Can you still obtain the reports you need? Are there any new audit or accounting standards?

Anticipate issues and be ready for them with a real audit plan.

2. SALY lives

Elvis may not be in the house, but SALY is.

Performing the same audit steps is wasteful. Just because we needed the procedure ten years ago does not mean we need it today. Kill SALY. (No, I don’t mean your staff member; SALY stands for Same As Last Year).

I find that audit files are like closets. We allow old thoughts (clothes) to accumulate without purging. It’s high time for a Goodwill visit. After all, this audit mistake has been with you too long. So ask yourself Are all of the prior audit procedures relevant to this year’s engagement?

Will better planning require us to think more in the early phases of the engagement? Yes. Is this hard work? Yes. Will it result in less overall effort? Yes.

Sometimes the Saly issue occurs because of weak staff.

3. We use weak staff

Staffing your engagement is the primary key to project success. Excellent staff makes a challenging engagement pan out well. Poor staff causes your engagement time to balloon–lots of motion, but few results. Maybe you have smart people, but they need training. Consider AuditSense.

Another audit mistake is weak partner involvement.

4. We don’t monitor

Partners must keep an eye on the project. And I don’t mean just asking, “How’s it going?” Look in the audit file. See what is going on. In-charges will usually tell you what you want to hear. They hope to save the job on the final play, but a Hail Mary often results in a lost game.

As Ronald Reagan once said: Trust but verify.

Engagement partners need to lead and monitor. They also need to provide the right technology tools.

5. We use outdated technology

Are you paperless? Using portable scanners and monitors? Are your auditors well versed in Adobe Acrobat? Are you electronically linking your trial balances to Excel documents? Do you use project management software (e.g., Basecamp)? How about conferencing software (e.g., Zoom)? Do you have secure remote access to audit files? Do you store files securely in the cloud (e.g., Box)? Are you using data mining software such as Idea? Do you send electronic confirmations

Do your staff members fear you so much that they don’t give you the bad news?

6. Staff (intentionally) hide problems

Remind your staff that bad news communicated early is always welcome.

Early communication of bad news should be encouraged and rewarded (yes, rewarded, assuming the employee did not cause the problem).

Sometimes leaders unwittingly cause their staff to hide problems. In the past, we may have gone ballistic on them–now they fear the same.

And here’s one last audit mistake: no post-engagement review.

7. No post-engagement review

Once our audit is complete, we should honestly assess the project. Then make a list of inefficiencies or failures for future reference.

If you are a partner, consider a fifteen-minute meeting with staff to go over the list.

Your ideas to overcome audit mistakes

What do you do to keep your audits within budget?

>