Internal Control Requirements

Internal controls are mechanisms, policies, and procedures used to minimise and monitor operational risks. In order to deter employees and/or members from committing a dishonest or fraudulent act the controls must be thorough and comprehensive. However, internal controls by themselves are not enough. They will be effective only if they are reinforced by the credit union’s culture, policies and procedures, information systems, training, and supervision of staff.

This short note observes that fraud is usually perpetrated by falsifying or altering documents, embezzling funds, omitting the effects of transactions, recording nonexistent transactions, and/or incorrectly using accounting policies and procedures. Weak internal controls not only allow for the perpetration of fraud but allow for errors and unintentional mistakes to go undetected for a long period of time. Usually these errors individually do not represent a large amount of funds. However, the cumulative total can be material and the time needed to correct the error significant.

Furthermore, it is noted that the primary objective of internal controls are to:

  • safeguard assets and member savings;
  • verify the efficiency and effectiveness of the operations;
  • assure the reliability and completeness of financial and management information;
  • prevent fraud and mistakes; and
  • ensure compliance with applicable laws and regulations.
  • This guideline breaks internal controls into two categories – accounting controls and administrative controls – and sets out the main mechanisms for the effective implementation of each type.

Related Resources