A person stands at a shelf in a warehouse while holding a clipboard to take inventory and gesturing to an item on the shelf.

5 internal controls you should have implemented yesterday

March 16, 2022

March is Fraud Prevention Month across Canada, and as we enter the busiest stretch of tax season there’s no better time to consider the internal controls you might be overlooking that are crucial to the security, transparency and integrity of your business’s financial statements.

For those who can’t keep up with all the CPA lingo (who can?), internal controls are mechanisms to identify, control, and reduce the risks to your business which may arise from a failure to comply properly with laws, regulations and best practices in your accounting and financial reporting. In other words, they’re important systems to have in place to protect your business’s operational efficiency and diminish the potential for fraud to occur under your watch.

Now that we’re on the same page, let’s take a look at some of the most important internal controls that you should implement and enhance in your business ASAP:

Preventative controls

Physical control and security of assets

This control is likely the most obvious—but also sometimes the most difficult to enforce. Limiting physical access to equipment, inventory, cash, cheques and other assets that are critical to your business to only the people who are responsible for their application is an important step in protecting these assets against theft and misuse. Such assets should also be counted and compared to control records periodically to verify accuracy.

Segregation of duties

While some of the people you employ might wear different hats when it comes to their responsibilities and skillsets, it’s important that they’re only wearing one when handling transactions or operations. This is crucial for two reasons: it ensures that common and innocent errors will be found and remedied before any critical or irreversible processes are executed, and; it also makes deliberate fraud more difficult because it requires collusion of two or more people.

Verification, review and documentation

Important to both the above controls, verification, review and documentation are distinct and ongoing mechanisms which share an underlying purpose that we have all known since grade school: double-checking your work. Simple yet significant, these procedures, when carried out with due diligence, help identify errors and omissions in your business operations and ensure there are no irregularities, inaccuracies or incomplete information in your funds, accounts and statements before they are relied upon for any form of reporting.

Detective controls


Similar in purpose to verification, review and documentation, but different in scope, reconciliation activities provide you with regular opportunities to examine your business’s transactions and operations and correct errors on a timely basis. Keeping in mind our first internal control above, these procedures should be reviewed, approved and recorded by someone outside the reconciliation process. Many businesses choose to perform reconciliations on a monthly basis at the least, but this will depend on several factors, including your business’s size, industry and products/services.

Internal audits

The word audit can send shivers down the spine of any business owner, but that shouldn’t always be the case. Regular audits, much like your yearly physical at the doctor’s office, help to keep your business healthy and functioning smoothly by identifying any problems or errors that may be missed in day-to-day accounting and governance processes.

It’s never too late to implement and enhance your business’s internal controls, but doing so sooner rather than later could be the difference between smooth sailing or tumultuous storms ahead. Make time now to implement the above controls to protect your business, and if you need help, our advisors are here to provide the attention you need and the expertise you deserve.