Does Your Business Have Its Internal Controls in Place?

We are approaching mid-year, making it the right time for a company to assess whether it has the proper internal controls. Business owners should put measures in place to protect the company’s financial and management data. Internal controls establish a process for how your business handles receiving and reporting money and administrative and management tasks. Below are the internal controls all companies should have in place.

Segregation of Duties

Segregation of duties is the assignment of work. The responsibilities are divided or segregated among different people to reduce the risk of error or inappropriate actions. Segregation of duties is an essential building block of sustainable risk management and internal controls for a business. The intent behind segregation of duties is to eliminate instances in which someone could engage in theft or other fraudulent activities by having excessive control over a process. An example of segregation of duties is the person receiving and signing checks is different than the person with access to the general ledger to make journal entries.

Physical Controls

Physical controls secure a company’s equipment, inventories, securities, cash, and other assets. This security can occur by using locks, safes, or other environmental controls. Access is restricted to those with the authority to handle them.


Reconciliation is the process of comparing transactions and activities to supporting documentation. Reconciliations are comparisons between similar records maintained by different people to verify that transaction details are accurate and that all transactions are correctly recorded. Specific examples include performing a reconciliation from bank statements to check register/records and balancing/reconciling cash on hand to sales or transaction activity on the cash register totals.

Policies and Procedures

Established policies, procedures, and documentation that provide guidance and training to ensure consistent performance at a required level of quality. These should be available at all levels of the organization.

Transaction and Activity Reviews

Management’s review of the transaction, operating, and summary reports help to monitor performance against goals and objectives, spot problems and identify trends. Specific examples include a monthly review of budget statements to actual expenses, phone call activity reports for personal or non-business-related phone calls, and a review of timecards and overtime hours by employees.

Information Processing Controls

When data is processed, various internal controls are performed to check the accuracy, completeness, and authorization of transactions. Data entered is subject to edit checks or matching approved control files or totals. Numerical sequences of transactions are accounted for, and file totals are controlled and reconciled with prior balances and control accounts. Development of new systems and changes to existing ones are maintained, as is access to data, files, and programs.


Establishing and using internal controls is vital for businesses of any size. While internal controls cannot always prevent fraud, in normal circumstances, they can help detect fraudulent activity. Internal controls can also ensure that financial statements are prepared both timely and accurately while addressing any assertions made in the completed financial statements. Establishing internal controls can set the tone in a business. A business that does not correctly develop internal controls is far more likely to experience multiple issues than a business with strict internal controls.

If you have questions or want to learn more, contact Dane Boeckermann at or send us a message.

“BGM” is the brand name under which BGM CPA, LLC and BGM Group, LLC provide professional services. BGM CPA, LLC and BGM Group, LLC practice as an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations, and professional standards. BGM CPA, LLC is a licensed independent CPA firm that provides attest services to its clients, and BGM Group, LLC and its subsidiary entities provide advisory, and business consulting services to their clients. BGM Group, LLC and its subsidiary entities are not licensed CPA firms. The entities falling under the BGM brand are independently owned and are not liable for the services provided by any other entity providing services under the BGM brand. Our use of the terms “our firm” and “we” and “us” and terms of similar import, denote the alternative practice structure conducted by BGM CPA, LLC and BGM Group, LLC.

BGM WEALTH: Certified Financial Planner Board of Standards Inc. owns the certification marks CFP®, CERTIFIED FINANCIAL PLANNER™, CFP® (with plaque design) and CFP® (with flame design) in the U.S., which it awards to individuals who successfully complete CFP Board’s initial and ongoing certification requirements.