Incorporating Internal Financial Controls over Financial Reporting Empirically Series 2 –P2P (Listed Companies Call)
As I already stated in my introductory part of this topic, any process will be parted into static and strategic meaning thereby one which is in as it is form and the other requires professional skepticism. Above that, static facts w.r.t. terminologies are also tuned here. Let us sail beyond statutory sections sight u/s 134, 143,177 of Companies Act, 2013 by carving into crux of Procurement to Pay Process.
Draft design depicted as:-
- Radical round
- Strata-static sphere
- System Substance
- Pack up
♦ Radical Round
‘Request you to please process as per prevailing demands’ really sounds non- systematic. Superseding process budget is the first focus for any forecasts. Only when entity level controls are equitable, subsequent controls follow the flow. Riding through radical round with non-routine example of precious purchase.
“Request is made to mom first as jewelry selected has surpassed proposed budget from dad. Market demand for dancing diamond already evaluated and competitive coupons/ offers understood before selection. Sources are pre-fixed for prestigious purchases. Required rate fixing needs required payment. In the meantime, approval is sought from dad and finally process paves path towards payment. Pack opened with delegacy of diamond loaded with loyalty points and e- smileJ
Strata- Static Sphere
1. SOP
I am repetitively saying that this is not just a static step; it seeks a sea sight. P2P SOP’s should depict pic of entire process from method of evaluation drawn to forecast market demand, raise requisition, set standards/parameters from selected source , define payment and delivery terms till making payment.
2. DOA & SOD
Delegation of authority and segregation of duties wherever applies, sprinkle it as part of stagnant strokes.
3. Approval matrix and control owners
As process involves wholesale of departments, clarity on control owners, departments and hierarchy of approvals arrives at accuracy of assurance.
4. Five footsteps
Riding our road with 1st step of “request”. Generally group of departments get together to raise this request for demand. External factors like market trends, competitors, etc. correlates with internal factors like past trend, capacity and human/ manpower and mix mingle merge to make request ready.
2nd step for “source”. Sample shortlisting or service satisfaction, selection and so on are the factors to be considered. One can think of sub process like on- boarding of vendor till its evaluation.
3rd track towards taking delivery (“receipt”). Goods/ services supplied should be in accordance with standards agreed; any shift be assessed for acceptance or rejection. AS-115 aspects to be adhered to.
4th and 5th for “process to pay”; may be part payment or as advance or full payment. Process to pay itself is a pack of all AS from posting journal entries till reflection in balance sheet/ P& L items falling in featured categories. Any step slipped here, will slide down from 99 number snake bite to no 3 in snack and ladders game.
5. Basic blocks
There are various basic aspects in P2P which serves as separate controls in drawing RACMs.
A. Registrations
Categorization of vendor on boarded with complete KYC chunk be calculated cautiously. PAN, GST , MSME, Co., LLP, OPC, foreign vendors, E- mail ID’s , bank details, etc.
B. Process
There ought to be set of sittings a product needs to pass from factory gate to books of accounts. Let it be any industry, a defined mechanism is must to match receipt of goods/ services to payment from corporate office. Puncture in process paves way for faulty payment.
C. Reconciliation
Yes, for major creditors carried out seasonally by statutory auditors in form of balance confirmations. As we are doing IFC, left out is company’s “internal process “for vendor reco. How effective it is, type of vendor, category if it, frequency and follow ups, etc. deals with definite view. What is that? It is a list of standard acceptable reasons like invoice subsequently accounted, booked but not accounted, accounted in vendor book, debit/ credit note issue, TDS, GST differences, payments not appearing in either side, etc.
D. Ageing
Creditors ageing in terms of settlement cycle to be evaluated. Competent view can be called for creditworthiness of company.
E. Blacklisting
Brainstorming among departments to build a business block that vendor will be blacklisted based on below mentioned musts to be graded granularly till ticking timeline to review the same.
F. Bank finance
Term loans, working capital loans or nay type of finance availed will find its way in schedules, consortium papers, QIS/ FFR, etc. Any breach or charges are commonly captured concerns. It also includes non- fund based limits.
G. Suspense Spector
Is it the balancing figure we used to put to tally balance sheet while solving sums? Yes, it happens in practical scenario also, let’s see in what sense:-
E.g. “ In meeting one question is asked to internal auditors by those charge with governance (TCWG) that how do I assure I am not paying anything from my system to ghost employee? The answer draws the dots to depict the depth of controls established and verified; thus discarded doubt.”
It is only the internal controls that count out suspense spector in any areas where payment is affected (vendors, employee, dummy desks,etc)
♦ System Substance
There were many areas above which lacked some sight, as they were awaiting system substance. Starting with system flow inside, i.e. noting down of T-codes- customized or standard in case of SAP or any software sight should be sought for areas affecting P2P controls. Broadly any system can be stacked in three sacs:-
Creation
Maker/checker is a must to mould in mind. Any access to T-codes/system rights must commensurate with class of transaction, position of employee as per approval matrix made.
Alteration
Live example that lists our names in living creature rather than machine madeJ! This aspect is aligned with authority.
Deletion
Wherever possible, we have double entry dose to knock off/reverse transactions. Deletion desk required for blacklisting, avoiding that particular GL use, once its utilization is over and n no of reasons ranges.
Other points:-
- System storehouse—Big chunks can’t work in isolation. System is the repository for all to access. IT needs to be stacked systematically.
E.g. Approval to process payment considering business urgency is done. Other departments are aware only when variance analysis for excess was sought! It means mail approvals flowed from one department only, while need to update others affected by transaction was not meet. “Dig the well before you are trusty thought thrives here.”
- Trojan horse house –Is it system hacking we are addressing here? Not the only point. Backups and by-pass beneath business requirement. It is actually certain rights in – build to beat business beats.
E.g. Purchase Orders can be backdated provided not more than 60 days, only on approval of respective HOD to meet critical crisis.
♦ Pack up
P2P, being vast process, there are endless aspects to address here. I packed plentiful prospects picturing the process. Pens down desk deal as,” Till payment is paused; pervasive aspects can be prevented, once passed its only postmortem.”