At present, the issues of organization and implementation of internal control are of particular relevance. So, in Art. 19 " Internal control» federal law dated December 6, 2011 No. 402-FZ "On Accounting" states that:
An economic entity is obliged to organize and exercise internal control over the facts of economic life.
An economic entity whose accounting (financial) statements are subject to mandatory audit is obliged to organize and exercise internal control over the conduct of accounting and preparation of accounting (financial) statements (except for cases when its head has assumed the responsibility for accounting).
We also note the list of cases of mandatory audit, since the Federal Law of December 30, 2008 No. 307-FZ “On audit activity” emphasizes that it is these organizations that are obliged to carry out control of accounting and reporting. Cases of mandatory audit are noted, first of all, in Art. 5 307-FZ, according to which a mandatory audit is carried out in the following cases:
Therefore, these organizations are required to internal control of accounting and reporting.
It is also necessary for an economic entity to carry out internal control over the effectiveness of long-term decisions, the basis of which is the calculation and evaluation of static and dynamic indicators. At the same time, the most relevant are methods that take into account the time value of money - dynamic (discounted) methods (Table 1).
Table 1. Static and dynamic methods for evaluating investment projects
To organize internal control of achieving operational and financial indicators it is necessary to compare with the planned indicators of the budget of the organization in the context of the operational and financial budgets(Fig. 4).
Figure 4. System of budgets for internal control of achievement of indicators
The analysis must be carried out by the methods of comparison listed above, as well as by the methods factor analysis by searching for the reasons for the identified deviations from the planned indicators.
The general sequence of internal control of accounting, reporting, according to the author, "technically" and methodologically does not differ from the principles of implementation external control and can be represented by the sequence shown in Figure 5.
Figure 5. Internal control of accounting, reporting
As in the case of an external audit, an internal audit must be carefully planned, an array of information to be verified should be formed (it is not economically feasible to carry out an audit in a continuous manner). For different purposes, it is necessary to form the maximum allowable error for different user groups in the form of materiality.
The audit should test internal controls and substantive procedures for each assertion. financial reporting.
Formation of reports (composition, structure, frequency of presentation) should be regulated by internal documents economic entity. We will dwell on the formation of control procedures in more detail when describing the elements of the internal control system.
Internal control of compliance with the law, which consists in monitoring compliance with regulatory legal acts, cannot be considered separately from the control of accounting of an economic entity, since almost all business transactions are reflected in it.
Therefore, when exercising this area of control, it is necessary to check whether the organization complies with the four-level system of accounting and reporting of an economic entity, laws, codes, PBU, chart of accounts, guidelines, clarifications, local regulations legal acts.
Bibliography:
DEPARTMENT OF FINANCE OF THE CITY OF MOSCOW
On approval of the Regulations for the organization and implementation of internal control
Revoked due to
order of the Department of Finance of the city of Moscow
dated December 27, 2019 N 396
____________________________________________________________________
In order to improve the activities for the implementation of internal control in the Department of Finance of the city of Moscow, organized in accordance with Article 270_1 of the Budget Code of the Russian Federation,
I order:
1. Approve the Regulations for the organization and implementation of internal control (annex to this order).
2. I reserve control over the implementation of this order.
Head of department
finance of the city of Moscow
V.E.Chistova
Application
to the Order of the Department of Finance
Moscow city
Regulations for the organization and implementation of internal control
1.1. This Regulation establishes general principles organization and implementation of internal control over the activities structural divisions, including FKU JSC of the Department of Finance of the City of Moscow (hereinafter referred to as structural subdivisions of the Department).
1.2. The regulation was developed in accordance with the Budget Code of the Russian Federation, the Regulations on the Department of Finance of the City of Moscow, approved by Decree of the Government of Moscow dated February 22, 2011 N 43-PP, and other legal acts of the Russian Federation and the city of Moscow regulating legal relations in the field of control measures, taking appropriate measures based on their results, provided for by the legislation of the Russian Federation and the city of Moscow.
Internal control - control over the compliance of the activities of the structural divisions of the Execution Department state functions and powers to the requirements of the legislation of the Russian Federation, the city of Moscow and legal acts of the Department of Finance of the city of Moscow (hereinafter referred to as the Department).
Control event - a set of control actions of specialists (specialist) of the Department, related to the inspection of compliance with the structural subdivisions of the Department of the requirements of legislation and regulatory legal acts in the course of their activities.
Control group - specialists of the Department, authorized by the order of the head of the Department to carry out a control measure.
Inspection - a form of control, representing a single control action to study the state of affairs in one or more areas of activity of the inspected structural unit of the Department on the basis of managerial, financial, primary accounting documents, accounting registers and reports.
The verification program is a documented plan for conducting a control event.
Order of the Department to conduct an inspection - a document on the right to conduct a control group (specialist of the Department) control measures.
Inspection act - a document drawn up by the control group (specialist of the Department) in the form established by these Regulations, based on the results of the inspection.
Order of the head of the Department - a document drawn up based on the results of the audit in the form established by these Regulations (Annex to these Regulations).
3.1. Control activities of the Department are carried out on the basis of the Control Activity Plan.
3.2. The control activity plan is drawn up for half a year and is a list of control activities planned for implementation.
The Plan of control activities for each control measure establishes: the object of control, the period under review, the period for carrying out the control measure, responsible executors.
3.3. The control activity plan is formed by the Internal Control Department on the basis of an analysis of the problems of the internal standards and procedures implemented by the Department.
The plan of control activity is coordinated with the heads of structural divisions, whose specialists are planned to be involved in the conduct of inspections.
By the 20th day of the month preceding the planned period, the Internal Control Department submits the draft Control Plan for approval to the Head of the Department.
3.4. The basis for conducting inspections not included in the Control Activity Plan is the instruction of the head of the Department.
3.5. In relation to one subdivision, a scheduled inspection can be carried out no more than once a year.
Corrective action checks are carried out as needed.
4.1. Inspections are carried out by specialists of the Internal Control Division and structural subdivisions of the Department, specified in the Control Activity Plan, on the basis of an order of the head of the Department (hereinafter referred to as the order).
The inspection order states:
Surnames, initials, positions of the head and members of the control group;
Full name of the audited structural unit;
Subject of the audit: planned - in accordance with the wording of the Plan of control activities for the six months, approved by the head of the Department; unscheduled - in accordance with the grounds provided for in clause 3.4 of these Regulations.
4.2. Proposals on specific dates for the audit, the personnel of the control group and its head are formed by the head of the Internal Control Department, taking into account the volume and complexity of the upcoming control actions, the specifics of the activities of the audited unit and other circumstances.
4.3. The duration of the audit should not exceed 30 calendar days.
4.4. In exceptional cases, associated with a significant volume and complexity of control measures, on the basis of a memo from the head of the Internal Control Department, the period for conducting an audit may be extended by the head of the Department, but not more than 5 working days, without making changes to the order.
Decisions on extending the terms of inspections for a period exceeding 5 working days or moving from six months to six months, as well as on the postponement of inspections in the plan, are made by the head of the Department on the basis of an internal memo from the head of the Internal Control Department and executed by an appropriate order.
4.5. For each individual inspection, an inspection program is drawn up, approved by the head of the Department and being an annex to the order.
The audit program is drawn up by the structural subdivisions of the Department participating in the audit.
Amendments and additions to the approved audit program are made on the basis of a memo from the head of the Internal Control Department and are approved by the head of the Department.
4.6. The audit should be preceded by a preparatory period, during which the specialists conducting the audits are required to study:
Current legislative and legal acts on the verification program;
Materials of previous inspections and information on the elimination of violations identified by inspections.
4.7. The head of the control group determines the scope and composition of the control actions for each issue of the verification program and distributes the questions among the members of the control group.
4.8. Control actions are carried out using continuous and (or) selective methods:
Documentary study of management, financial, primary accounting documents, accounting registers, accounting and statistical reporting, including by analyzing and evaluating the information obtained from them;
According to the actual study - by inspection, inventory, recalculation of the volume of work actually performed (services rendered), expressed in physical terms, etc.
4.9. The head of the control group (specialist conducting the audit) has the right to demand, if necessary, an inventory of financial and non-financial assets, calculations, strict reporting forms, the date and objects of which must be agreed with the head of the audited unit.
An inventory of financial and non-financial assets, settlements, strict reporting forms is carried out by representatives of the audited unit on the basis of the relevant order of the head in the presence of members of the control group (specialist performing the audit). The inventory lists, drawn up in accordance with the established requirements for the inventory procedure, are annexes to the inspection report.
5.1. Based on the results of the inspections, an Inspection Report is issued. The audit report is signed by the head of the Internal Control Department, the head of the control group (the specialist who carried out the audit) and transferred to the audited unit for familiarization with the obligatory indication of the date of familiarization with the report.
The head of the internal control department endorses each page of the audit report.
5.2. The audit report is drawn up in two copies.
5.3. Inspection acts are registered in the Internal Control Department in accordance with the established nomenclature of cases.
5.4. If violations are detected during the inspection, measured in monetary terms and (or) in physical terms, recalculation statements are drawn up wages, volumes and cost of the work performed, the calculations contained in them must be complete and clear.
Each page of the statement is endorsed by the members of the control group who compiled it, as well as by the specialist responsible for the audited area of activity.
The final page of the statement is signed by the members of the control group, the head (a person authorized by him).
The text of the audit report contains only the summary data and the content of homogeneous violations with reference to the relevant annexes to the report, the names, dates and numbers of the violated legislative and other regulatory legal acts (indicating paragraphs, articles).
5.5. The verification report must have continuous page numbering, not contain blots and unspecified (unconfirmed) corrections.
The amounts of violations revealed in the course of control measures are reflected in rubles.
The texts of inspection reports are printed with one interval, in Times New Roman font, font size - 14.
References to legislative and other regulatory legal acts should indicate the type of document, the body that adopted it, the date of adoption, the number and name of the document, the date the document was put into effect (if necessary), the revision of the document (if the revision changed the text of a previously valid document).
5.6. The descriptive part of the act should consist of sections in accordance with the approved verification program.
When presenting the results of the audit, objectivity, validity, consistency, clarity, accessibility and conciseness (without prejudice to content) should be ensured. The material presented in the verification report is not limited to the number of sheets, but should not be overloaded with unnecessary information.
The results of the audit are presented on the basis of verified data and facts, confirmed by the documents available in the audited units, explanations of officials and financially responsible persons.
The audit report should not give a legal and moral and ethical assessment of the actions of officials and financially responsible persons of the audited unit, it is impossible to qualify their intentions and goals.
It is not allowed to include in the inspection report various kinds of conclusions, assumptions and facts that are not confirmed by documents or the results of the inspection.
In the absence of violations on the checked questions, the record should be made in the act: "Check or selective check (indicate: the name of the checked questions, the period of check, the names of the checked primary documents, the verified amount of expenses and (or) income) did not reveal violations of the requirements of the current legislation (or regulatory legal documents).
The act reflects all significant circumstances related to the audit, with references to primary accounting and other documents, including information about documents not submitted during the audit. If before the end of the audit the officials of the audited unit took measures to eliminate the identified violations, then the audit report should indicate the date the measures were taken, their essence and the period to which they relate.
Responsibility for the accuracy of the information and conclusions contained in the acts, their compliance with the current legislation, lies with the head and members of the control group (the specialist who carried out the verification).
Responsibility for compliance with the deadlines for conducting inspections, the timeliness of drawing up and submitting inspection reports, the completeness of the implementation of inspection programs, the quality of the materials presented in the inspection reports shall be borne by the head of the Internal Control Department.
5.7. Applications are an integral part of the audit report: duly certified copies of documents, calculation tables, explanations of officials and financially responsible persons and other documents containing factual data, on the basis of which the presence of violations has been established or not established and to which there are links in the text of the act.
Copies of legislative and regulatory legal acts, managerial, financial, primary accounting documents, accounting registers, accounting and statistical reporting are not annexes to the audit report, but can be attached to the audit materials as reference and auxiliary materials.
5.8. The inspection report, drawn up in accordance with these Regulations and registered with the Internal Control Department, is submitted for review:
A cover letter signed by the head of the Department to the head of FKU JSC;
A memo signed by the head of the Internal Control Department, to the head of a structural subdivision of the Department.
In the cover letter (memo) to the act of verification in without fail the term (no more than 3 working days from the date of transfer of the act to the subdivision) is indicated for submission to the Internal Control Department of one copy of the inspection report with a mark of familiarization.
5.9. Simultaneously with the act of inspection with a mark of familiarization, the head of the unit may submit explanations and objections to the act of inspection, as well as inform about the measures taken to eliminate the identified violations.
5.10. The Internal Control Department, within up to 5 working days from the date of receipt from the unit of written explanations and objections to the inspection report, considers their validity and prepares for consideration by the Head of the Department a memo with a summary of the violations and deviations identified by the inspection and proposals for their elimination with the attachment of the draft Order in the address of the checked subdivision, interested deputy heads of the Department in accordance with the distribution of duties, and structural subdivisions.
5.11. The Internal Control Department records Orders based on the results of inspections and ensures control over their implementation and implementation of proposals to eliminate violations.
5.12. The audit materials are drawn up in a separate case in accordance with the nomenclature of cases.
The materials of each check are formed in the Check File in the following sequence:
The basis for the inspection, in accordance with paragraph 4.1 of these Regulations;
Verification program;
Act of verification with applications;
Written explanations on the act of verification of the head of the audited unit;
Copies cover letter(memo) to the head of the audited unit;
A copy of the order of the head of the Department;
Documents confirming the adoption of measures to eliminate the identified violations.
The file is stored in the Internal Control Department until it is transferred to the archive.
You can get acquainted with the case on the basis of a written request, drawn up in any form, addressed to the Internal Control Department.
6.1. Reporting on the results of the control activities of the Department is compiled on the basis of generalization and analysis of the results of the control activities carried out.
6.2. Based on the results of the implementation of the Control Plan for the current period, the Internal Control Department submits to the Head of the Department a Report on the control measures taken and the measures taken as a result of them for the past period by July 20 and January 20 of the year following the reporting one.
Application
to the Regulations
(issued on the order form
Head of Department
finance of the city of Moscow)
N ________________ | ||
As a result of the check | ||
(subject of verification, audited period, name of the audited unit) |
||
(Inspection act dated __ ______ 201__ N ____ copy attached) |
||
Application for _____ l. | ||
Head of department | ||
Electronic text of the document
prepared by JSC "Kodeks" and checked against.
In any normally operating organization, internal control was, is and will be by definition, even if the organization does not have a special local act dedicated to internal control. General direction and control rests with the leader, in job descriptions other employees, it is spelled out who is responsible for what, internal regulations and accounting policy document flow has been established.
However, only from January 1, 2013, the Federal Law on Accounting officially established the obligation of organizations to exercise internal control over the facts of economic life. The Ministry of Finance of Russia has recently prepared recommendations on this issue. How to organize and document internal control based on these recommendations, we will consider in this article.
According to the Law of December 6, 2011 No. 402-FZ "On Accounting" (hereinafter - Law No. 402-FZ), an organization is obliged to organize and exercise internal control over the facts of economic life, and if it is subject to it, then it is obliged to organize and exercise internal control of accounting and preparation of accounting (financial) statements (except for cases when its head has assumed the responsibility for accounting).
It does not describe how and to what extent internal control should be carried out. However, it is clear that it should be sufficient to ensure the reliability of the facts of economic life and the accounting (financial) statements of the organization.
Law No. 402-FZ does not describe how and to what extent internal control should be carried out. However, it is clear that it should be sufficient to ensure the reliability of the facts of economic life ...
For example, issues of internal control in economic entities are regulated by the rules establishing the establishment of audit commissions for the financial and economic activities of the company:
The requirements of these federal laws must be observed.
AT this document the concept of internal control is given as a process aimed at obtaining sufficient confidence that the organization provides:
The main elements of internal control of an economic entity are:
Control environment is a set of principles and standards for the organization's activities that define a common understanding of internal control and requirements for internal control in the organization as a whole. It reflects the management culture of the organization and creates the appropriate attitude of the organization's personnel to exercise this control.
Communication as an element of internal control - this is a way to disseminate information necessary for making management decisions and exercising internal control. For example, each employee of the organization should be aware of the risks related to their area of responsibility, their role and tasks for internal control and informing management.
Setting control behind the facts of economic life is very important for the organization. Control is traditionally divided into preliminary, current and subsequent. It is optimal when these stages are divided between different employees of the organization. If the authorization and control of the commission business transactions will be entrusted to one official, this can lead to errors and possible abuses on his part - after all, he completely controls the economic life, from "a" to "z". If different employees participate in different stages of control, this increases the independence and effectiveness of control measures. For their implementation, it is advisable (not mandatory, but desirable) to create an internal control commission. Its members will be independent auditors.
Risk assessment and management are also an important component of the internal control system. Risk is understood as a combination of the probability and consequences of failure by the economic entity to achieve the goals of the activity. Risks can be grouped into the following types: financial, legal, country and regional, reputational, etc. Information about the risks of economic activities is necessary for an organization to fully understand its financial position, financial results activities and changes in their financial situation.
Note!
Organizations that publish annual reporting for each type of risk in the annual financial statements are required to disclose information about such quality characteristics their business activities, as exposure to risks, and the reasons for their occurrence; concentration of risk (description of specific general characteristics, which distinguishes each concentration (contractors, regions, currency of settlements and payments, etc.); risk management mechanism (objectives, policies, procedures applied in the field of risk management and methods used for risk assessment, etc.); changes compared to the previous reporting year (Information of the Ministry of Finance of Russia No. ПЗ-9/2012).
To achieve its financial stability, an organization can apply the following internal control procedures:
In any case, if the basic procedures for controlling the facts of economic life are not observed formally, but are well developed, then they will ensure high efficiency of internal financial control organization as a whole.
The procedure for organizing and implementing internal control must be documented on paper and (or) in in electronic format. The provisions relating to the organization of internal control are part of the constituent and internal organizational and administrative documents of the organization (orders, orders, regulations, job and other instructions, regulations, methods, accounting standards).
With regard to accounting, including the preparation of accounting (financial) statements, the control environment can be described by the regulation on the accounting service, accounting policy organizations, qualification requirements for accounting personnel and other documents establishing General requirements to the environment in which accounting is organized and maintained, the order of interaction between divisions and personnel of the organization and decision-making on accounting issues.
On a note
Documents establishing the rules of communication may be: regulations, schedules for providing data and reporting, job descriptions.
Documentation on the organization of internal control must be updated regularly. The need to update it should be assessed at least once a year. The basis for updating the documentation may be, for example, the results of continuous monitoring of internal controls, organizational changes, changes in the processes and procedures of the organization.
The procedure for organizing internal control, including the duties and powers of departments and personnel of the organization, are determined depending on the nature and scale of its activities, the characteristics of its management system.
When organizing internal control, it is necessary to proceed from the fact that:
Internal control, as a rule, is carried out by:
When organizing and exercising internal control over the facts of economic life, the organization must be guided by the requirement of rationality.
Elena Antanenkova, head of the expert and consulting department of the First House of Consulting "What to do Consult", for the magazine "Regulatory acts for an accountant"
Looking for a solution to your situation?
"Practical Accounting" is an accounting journal that will simplify your work and help you keep your accounting records without errors. The publication is also available in electronic form.
The organization is obliged to organize and exercise internal control of the committed facts of economic life. And if its reporting is subject to mandatory audit, then it is obliged to conduct internal control of accounting and reporting. Such requirements are established by Article 19 of the Law of December 6, 2011 No. 402-FZ. Question: What regulations Should an organization prescribe internal control? Who should be responsible for internal control? Should there be a separate provision on internal control? How often is the audit carried out and what document is this documented? Is there a model regulation on internal control in accordance with 402-FZ?
1) until 2013, the issue of creating an internal control service was the right of organizations. From January 1, 2013, in accordance with Article 19 of the Law of 06.12.2011 No. 402-FZ, all economic entities must exercise internal control over the facts of economic life, and those that are subject to mandatory audit, also internal control over accounting and preparation of financial statements. However, the Ministry of Finance of Russia has not yet developed recommendations on the organization and implementation of internal control of accounting and financial reporting by organizations. There is no standard provision on internal control in the legislation. Sample Regulation on internal control over financial and economic activity presented in the materials in the full answer;
2) to exercise control over compliance with the procedure for maintaining accounting records and compiling financial statements, an internal control (audit) department may be organized;
3) the organization independently determines the frequency of conducting and reporting the results of inspections (for example, this may be an internal audit report). The legislation of the Russian Federation on accounting does not establish any restrictions on the order, methods, procedures for exercising internal control.
The rationale for this position is given below in the materials of the "Glavbukh System" commercial version.
1. Article:Internal control clause that protects against fraud
IVAN BORODIN, financial director of the Ankor personnel holding
Due to which: an internal control department was created, control procedures and quarterly inspection schedules were developed, complete inventories of fixed assets are regularly carried out.
The RusTorgInvest company specializes in the wholesale of car rims, tires, and auto parts. The company's plans for 2012-2013 include an increase in sales by 30 percent, including through expansion into regional markets. The business owners plan to attract financing for these purposes through the debut issue of bonds or the sale of a stake in the company to a strategic investor.
Top management thought about increasing the transparency and investment attractiveness of the business in advance. In 2011, a reorganization was carried out, a clear and transparent legal structure was built. Within the framework of the financial department, two departments have been created: international accounting and internal control. In addition, an accounting policy and an additional chart of accounts under IFRS were approved.
The next step was the regulation of the work of new departments. In particular, the Regulations on Internal Control over Financial and Economic Activities have been developed, which clearly spell out the basic principles and control procedures, as well as list the duties and powers of employees and the head of the internal control department. *
The main task of the document is to protect the company from fraud and mistakes of its own employees. To this end, a number of control functions have been transferred to the structural divisions of the company, they independently monitor risks in their areas of activity.
In accordance with the main clauses of the provision, control procedures involve not only checking concluded contracts for compliance with the budget and selective control of primary documents, but also analyzing the indicators given in the company's statements for compliance with reality.
Special attention in the document is given to non-standard operations. For example, RusTorgInvest works with all new clients on the terms of the 100th prepayment, deviation from this rule is allowed in exceptional cases. Then the decision to grant a deferred payment is made only after agreement with the head of the internal control department, who analyzes the creditworthiness of a potential buyer.
The implemented control methods allow RusTorgInvest to mitigate existing risks and protect the company from abuse by employees.
comments
Alevtina Yashkina,
financial director of the company "RusTorgInvest"
Regulations on internal control over financial and economic activities (extract)*
You can download the full version of the Regulations on internal control over financial and economic activities developed by RusTorgInvest using the link at the end of the article.
1. General Provisions
1.1. This Regulation on internal control over the financial and economic activities of RusTorgInvest LLC (hereinafter referred to as the Regulation) is approved in accordance with the Civil Code of the Russian Federation, the charter of RusTorgInvest LLC (hereinafter referred to as the Company).
1.2. This Regulation is an internal document of the company that defines the rules and approaches to ensuring internal control over the financial and economic activities of the company (hereinafter referred to as "internal control").
1.3. This provision defines the goals and objectives of the internal control system, the principles of its functioning, the directions and procedures of internal control, the entities responsible for the implementation of internal control procedures, as well as the entities responsible for control over the implementation of internal control procedures.
2. Basic terms and definitions
For the purposes of this provision, the following terms and definitions are used.
“Internal control” is a process designed to provide reasonable guarantees for the achievement of the set goals of the company and the effective use of the company’s resources, the safety of assets, compliance with legal requirements and the presentation reliable reporting, to prevent possible abuse by the company's officials.
Internal control procedures mean not only analysis of financial and economic indicators, but also existing business processes.
"Internal control procedures" - a documented set of measures to ensure effective internal control over the financial and economic activities of the company, identify and perform non-standard transactions, prevent, limit and prevent financial and operational risks and possible abuses by the company's officials, as well as measures on the interaction of subjects of internal control among themselves in the process of implementing internal control procedures.
"Subjects of internal control" - the board of directors, the general director, the division of the company authorized to exercise internal control, as well as other structural divisions and employees of the company responsible for the implementation of the internal control functions assigned to them (internal documents of the company).
4. Functions and powers of the internal control department
4.1. The internal control department is created on the basis of the order of the general director of the company (hereinafter referred to as the "director").
4.2. The department is created to exercise control over:
To determine the reliability of reporting used data on the results of operations for the past period and forecasts for future period provided by finance department and divisions of the company.
In addition, the tasks of the department include:
When necessary for inspections employees of departments or external consultants may be involved.
4.3. The head of the department conducts inspections in accordance with the annual or quarterly plan developed by him - the schedule of inspections, which is subject to agreement with the board of directors of the company and is approved (corrected) by the director of the company (another person on his behalf), as well as unscheduled inspections by decision of the director of the company or a person who authorized by him.
4.4. Organizational support and representation required documents for inspections are carried out by the heads of structural divisions of the company within three working days, at the request of the head of the department or the director of the company.
The inspection report must be accompanied by explanatory notes, as well as copies of documents evidencing the elimination of identified violations, signed by the head of the audited unit.
4.5. The results of inspections carried out by the department are documented in an inspection act, which is signed by the members of the commission being created and the heads of divisions, branches and representative offices of the company whose activities were inspected.
4.5. The head of the department quarterly informs the board of directors of the company about violations in financial and economic activities identified as a result of inspections, including facts of non-fulfillment, improper execution of internal documents approved by the company, and makes proposals for their elimination.
5. Duties and powers of the head of the internal control department
5.1. Head of Internal Control Department:
Before each test a program for its implementation is being developed, which contains the deadlines, procedures and instructions for what and how exactly will be checked.
9. Management bodies and subdivisions of the company responsible for internal control
9.1. The board of directors of the company determines the internal control policy and carries out a general assessment of the effectiveness of internal control procedures, as well as measures taken to eliminate identified violations.
9.2. CEO of the company is responsible for the functioning of the company's internal control procedures.
9.3. Internal control is carried out in the main areas of the financial and economic activities of the company, including:
9.4. The heads of the company's divisions, within the framework of their powers, approved by local regulations, are responsible for the development, documentation, implementation, monitoring and development of internal control in the structural divisions entrusted to them.
9.5. In order to ensure the systemic nature of control over the financial and economic activities of the company, internal control procedures are carried out by the department of the company in cooperation with other bodies and divisions of the company.
2. Information of the Ministry of Finance of Russia No. PZ-10/2012 "On the entry into force on January 1, 2013 of the Federal Law of December 6, 2011 No. 402-FZ "On Accounting"
"INTERNAL CONTROL
In accordance with Article 19 of Federal Law No. 402-FZ, an economic entity is obliged to organize and exercise internal control over the facts of economic life. An economic entity, the accounting (financial) statements of which are subject to mandatory audit, is obliged to organize and exercise internal control over accounting and preparation of accounting (financial) statements (except for cases when the head of the economic entity has assumed the responsibility for accounting).
The legislation of the Russian Federation on accounting does not establish any restrictions on the procedure, methods, procedures for exercising the said internal control.”*
Added to site:
1.1. This regulation on internal control over financial and economic activities of [name of economic entity] (hereinafter, respectively, the Regulation, the Company) has been developed in accordance with the current legislation of the Russian Federation, the charter and internal documents of the Company.
1.2. This Regulation determines the goals, objectives and procedures for internal control over the financial and economic activities of the Company (hereinafter - internal control).
1.3. For the purposes of these Regulations, internal control means a process aimed at obtaining sufficient confidence that the Company ensures:
The efficiency and effectiveness of its activities, including the achievement of financial and operational indicators, the safety of assets;
Reliability and timeliness of accounting (financial) and other reporting;
Compliance with applicable laws, including when committing the facts of economic life and maintaining accounting records.
1.4. Internal control contributes to the achievement by the Company of the goals of its activities, ensures the prevention or detection of deviations from the established rules and procedures, as well as distortions of accounting data, accounting (financial) and other reporting.
2.1. The main elements of the Company's internal control are:
Control environment;
Risk assessment;
Internal control procedures;
Information and Communication;
Assessment of internal control.
2.2. The control environment is a set of principles and standards of the Company's activities that determine the general understanding of internal control and the requirements for internal control at the level of the Company as a whole. The control environment reflects the culture of the Company's management and creates the proper attitude of the personnel towards the organization and implementation of internal control.
2.3. Risk assessment is the process of identifying and analyzing risks. For the purposes of these Regulations, risk is understood as a combination of the probability and consequences of failure by the Company to achieve its business objectives. When risks are identified, the Company makes appropriate decisions to manage them, including by creating the necessary control environment, organizing internal control procedures, informing personnel and evaluating the results of internal control.
With regard to accounting, including the preparation of accounting (financial) statements, risk assessment is designed to identify risks that may affect the reliability of accounting (financial) statements. In the course of such an assessment, the Company considers the likelihood of misrepresentation of accounting and reporting data based on the following assumptions:
Emergence and existence: the facts of economic life, reflected in accounting, took place in reporting period and relate to the activities of the Company;
Completeness: the facts of economic life that took place in the reporting period and are subject to reference to this period are actually reflected in accounting;
Rights and obligations: property, property rights and the obligations of the Company, reflected in the accounting records, actually exist;
Valuation and distribution: assets, liabilities, income and expenses are reflected in the correct value measurement in the relevant accounting accounts and in the relevant accounting registers;
Presentation and disclosure: accounting data is correctly presented and disclosed in the accounting (financial) statements.
2.4. Internal control procedures are actions aimed at minimizing risks affecting the achievement of the Company's goals.
2.4.1. Internal control procedures applied by the Company:
Documenting;
Confirmation of compliance between objects (documents) or their compliance with established requirements;
Data reconciliation;
Separation of powers and rotation of duties;
Procedures for monitoring the actual presence and condition of objects, including physical security, access restriction, inventory;
Supervision, providing an assessment of the achievement of the set goals or indicators;
Procedures related to computer processing of information and information systems, among which, as a rule, there are general computer control procedures and control procedures carried out in relation to individual functional elements of the system (modules, applications).
2.4.2. For the purpose of countering abuses, the most effective internal control procedures are authorization (authorization) of transactions and operations, delimitation of powers and rotation of duties, control of the actual availability and condition of objects.
2.4.3. Depending on the moment of implementation, internal control procedures are divided into preliminary and subsequent ones.
Preliminary internal control procedures are aimed at preventing the occurrence of errors and violations of the established procedure for the Company's activities.
Subsequent internal control procedures are aimed at identifying errors and violations of the established procedure for the Company's activities.
2.4.4. Depending on the degree of automation, internal control procedures are divided into automatic, semi-automatic, manual.
Automatic internal control procedures are performed by the information system without the participation of personnel.
Semi-automated internal control procedures are performed by the information system, but are initiated or completed manually.
Manual internal control procedures are performed by the Company's personnel outside of information systems.
2.5. High-quality and timely information ensures the functioning of internal control and the possibility of achieving its goals. The Company's information systems are the main source of information for decision-making. The quality of the information stored and processed in them can significantly affect the management decisions of the Company, the effectiveness of internal control. Information system The company must ensure the maintenance of accounting records.
Communication is the dissemination of information necessary for making management decisions and exercising internal control.
2.6. The assessment of internal control is carried out in relation to the elements of internal control in order to determine their effectiveness and efficiency, as well as the need to change them. Internal control is assessed at least once a year. The scope of assessment of internal control is determined by the head or internal auditor (internal audit service) of the Company.
The volume and nature of methods and methods for assessing internal control are determined by the head of the relevant division or the head of the Company.
One of the types of assessment of internal control is continuous monitoring of internal control, that is, assessment of internal control carried out by the Company on an ongoing basis in the course of its daily activities. Continuous monitoring can be carried out by the Company's management in the form of regular analysis of the results of the Company's activities, verification of the results of certain business operations, regular assessment and clarification of internal organizational and administrative documentation, and other forms.
3.1. The procedure for organizing and exercising internal control is documented on paper and (or) in electronic form. The provisions relating to the organization of internal control are part of the constituent and internal organizational and administrative documents of the Company: orders, orders, regulations, job and other instructions, regulations, methods, accounting standards of the Company.
3.2. The provisions relating to the control environment of the Company are part of the documents defining:
Strategy, goals and values of the Company, its behavior in the market and methods of its management;
Rules of conduct for the management and other personnel of the Company in the event of various events, procedures for handling complaints (code of corporate governance, code of business ethics);
Organizational structure of the Company, including the place and role of its divisions, levels of decision-making, staffing;
Functions of the divisions of the Company, powers and responsibility of their heads (regulations on individual divisions of the Company);
Rules for making management decisions and carrying out transactions and operations, including the accounting policy of the Company;
Personnel policy that establishes approaches to recruitment, training and development of the Company's personnel, criteria for evaluating performance results, and a remuneration system.
With regard to accounting, including the preparation of accounting (financial) statements, the control environment may be described by the regulation on the accounting service, the accounting policy of the Company, requirements for the qualifications of accounting personnel and other documents that establish general requirements for the environment in which accounting is organized and maintained. accounting, the order of interaction between divisions and personnel of the Company and decision-making on accounting issues.
3.3. Documentation of risks is preceded by a description of business processes and procedures of the Company. A reliable description of the Company's business processes contributes to the identification and assessment of all significant risks, regardless of whether they are currently subject to internal control.
The description of the Company's business processes is carried out in the context of its activities, its legal or organizational structure. Descriptions of the Company's business processes are compiled in textual and graphical form, which ensures completeness and clarity of presentation of the Company's activities.
The description of the risk includes:
An indication of a potential adverse internal and (or) external event (fact, circumstance) that gives rise to a risk;
Cause and likelihood of its occurrence;
Possible negative consequences (damage), their quantitative and (or) qualitative assessment.
Based on the results of the risk assessment, the Company determines the most significant risks and makes decisions to minimize them through the organization and implementation of internal control.
In order to systematize the internal control procedures adopted by the Company related to certain identified risks and recorded in the relevant internal organizational and administrative documents, as well as to assess the completeness of internal control coverage of the identified risks, a matrix of risks and internal control procedures is compiled.
The matrix of risks and internal control procedures contains:
Description of the risk, the consequences of which are minimized by internal control;
The name of the area or process that is at risk;
Name and short description procedures (procedures) of internal control, through the implementation of which (which) minimize the consequences of the risk;
Classification of the internal control procedure, if necessary for structuring information;
The executor of the internal control procedure;
The frequency (periodicity) of the implementation of the internal control procedure;
Incoming documents on the basis of which the internal control procedure is carried out;
outgoing documents.
3.4. The documentation that formalizes the organization of internal control is regularly updated. The Company at least once a year assesses the need to update the documentation. The basis for updating the documentation may be the results of periodic assessment and continuous monitoring of internal control, organizational changes, changes in the processes and procedures of the Company. The documentation is updated within a reasonable time after the identification of its shortcomings or changes in the Company's activities.
3.5. The Company shall ensure the storage of documentation that forms the organization and implementation of internal control within a reasonable time.
4.1. The procedure for organizing internal control, including the duties and powers of the divisions and personnel of the Company, is determined depending on the nature and scale of the Company's activities, the features of its management system.
4.2. When organizing internal control, the Company proceeds from the fact that:
Internal control must be carried out at all levels of the Company's management, in all its divisions;
All personnel of the Company should participate in the implementation of internal control in accordance with its powers and functions;
The usefulness of internal control should be comparable with the costs of its organization and implementation.
4.3. Internal control is carried out by:
Management bodies of the Company;
Audit Commission (Auditor) of the Company;
Chief Accountant Society;
Internal auditor (internal audit service) of the Company;
Other personnel and subdivisions of the Company;
Special officials, a special subdivision of the Company, responsible for compliance with the internal control rules.
4.4. Board of Directors (Supervisory Board) of the Company:
Establishes general principles and requirements for internal control;
Approves the standards, methods of organization and implementation of internal control at the level of the Company as a whole;
Makes decisions to improve the efficiency of internal control.
4.5. Audit Committee of the Board of Directors (Supervisory Board) of the Company:
Monitors the effectiveness of internal control, the independence of the special internal control unit, the process of ensuring compliance with the law and the code of business conduct (ethics) of the Company;
Analyzes the reports of the external and internal auditors on the state of internal control;
Holds regular meetings with the heads of the Company's divisions to review significant risks, internal control issues and related plans;
Analyzes the results and quality of implementation of measures (corrective steps) developed by the heads of the Company's divisions to improve internal control;
Examines cases of abuse and assesses the adequacy of the measures taken by the heads of departments to prevent such cases.
4.6. The General Director (Director) of the Company is responsible for the organization and implementation of internal control of the facts of economic life, accounting and preparation of accounting (financial) statements in general.
4.7. The Chief Accountant of the Company is responsible for the organization and implementation of internal control of accounting and preparation of accounting (financial) statements.
4.8. Internal auditor (internal audit service) of the Company:
Carries out an assessment of internal control;
4.9. Heads of divisions and other personnel of the Company in accordance with their powers and functions:
Conduct a risk assessment;
Compile and update documentation that draws up the organization of internal control;
Carry out internal control in accordance with the established procedure;
Carry out an assessment of internal control.
4.10. Special subdivision of internal control (internal control service) of the Company:
Provides methodological support for the organization and implementation of internal control;
Coordinates the activities of units for the organization and implementation of internal control.
5.1. These Regulations come into force from the date of its approval by the Board of Directors of the Company.
5.2. Introduction of amendments and additions to these Regulations or approval of the Regulations in new edition carried out by decision of the Board of Directors of the company.
5.3. If the provisions of this Regulation are in conflict with the requirements of the current legislation of the Russian Federation, the provisions of the legislation of the Russian Federation shall apply.
