Many companies see the Internal Control Systems (ICS)1 as an administrative burden and hardly realize the potential of robust and optimized internal controls. In this article we explore how ICS adds value to the organization by acting as an enabler for Finance Transformation2.
ICS as an inseparable element of a Finance Transformation
Finance Transformation initiatives typically address several dimensions for improvement, such as processes, people, technology, delivery model, insights & data and, very importantly, governance. The ICS is a fundamental risk management instrument that together with security aspects and policies forms the core of a proper finance governance. Without it, the Finance operating model will not have any guardrails, and will therefore not be able to yield sustainable benefits.
ICS as a value enabler
By offering guardrails, the ICS ensures that Finance Transformation initiatives deliver value. Its key contributions include:
- Reduce risks, such as risk of material misstatement in financial statements
- Provide confidence in new finance processes by giving feedback on quality of financial information, security aspects and process execution
- Decrease the administrative burden on finance departments and release time for business-partnering activities thanks to a mature and automated ICS
- Ensure a high quality of financial and non-financial data, positioning finance as the most suitable data owner for both financial and non-financial reporting processes, such as ESG-related (Environmental, Social and Governance)
- Expose gaps in the current technology landscape by automating the ICS, thereby identifying system improvement opportunities, e.g. an ICS assessment may trigger the decision to replace multiple reporting/planning systems with one holistic EPM solution
Transforming the controls landscape
An ICS cannot act as a value enabler if it’s cumbersome, unstandardized and requires extensive manual work. However, there are some key improvement steps that any company can take:
1. Define strategy
- Unreliable: Controls are not designed and/or not implemented; control results are unpredictable
- Informal: Controls are implemented, but there is no adequate documentation in place
- Standardized: Controls are well designed and implemented; there is a proper control documentation
- Monitored: Standardised controls are undergoing periodical assessments and testing for design, implementation, and operational effectiveness
- Optimised: Real time monitoring of the effectiveness of ICS is supplemented by continuous improvement efforts
After successful assessment of current maturity level and alignment on future state ambitions, companies can take the following steps to advance their ICS set-up.