How to Measure the Impact of Your Control Environment Using a Framework for Compliance

Compliance - (Series 7 of 7)

As you have started to understand Trintech’s approach to finance transformation, you have probably understood two key concepts we focus upon:

  • A System of Controls that ensures each client organization has a foundation for their R2R activities to take place. This allows for the place of transformation to exist and is where functions can occur when manually done: either because the exceptions (where automation requires a manual review) OR, automation cannot support the underlying activity without manual intervention yet.
  • A Record to Report Automation Framework that accelerates how your System of Controls is performed. Instituted well, this is where you achieve exponential transformation.

While every company has some form of a compliance framework, the purposes of such is different and also defined in various ways depending on the reason but also the regulators that support those requirements.  This includes companies that have an established framework for public reporting purposes (e.g., SEC) or those that are moving that direction. It can also include private companies that need to ensure confidence in their regulators or finance and capital providers.

One of the most interesting findings we have had in developing our solutions is the ability to combine the operational results of the financial close process with the results of controls testing. Maybe I’ll refer to it as a form of a “sniff test”. The ability to easily see the status of the operational activities such as reconciliations, journals, close tasks when compared to the results of controls testing for SOX. If the business is involved in testing and the test results show everything is working as designed yet there seems to be a high volume of exceptions, lateness or incompleteness, then there is a misalignment within the business that needs to be addressed. This goes to the responsibility of the audit committee and ultimately management that supports a strong and working control environment.

Being able to identify key activities in the financial controls process allows an organization to not only identify where operational improvement opportunities exists but also the impact to the risk of material misstatement. If a reconciliation or journal entry doesn’t occur, we always understand incompleteness. However, how do you measure the impact to the control environment, the risk of misstatement and even worse, the need to restate.

If we have established the “why” and “what”, let’s talk about the “how”.  Trintech focuses on establishing the framework for compliance. This means that multiple frameworks (i.e., SOX, IT-Sec, HIPAA, PCI, NERC or FERC, etc.) can be managed within one platform. First, the supreme benefit of pulling organizations out of using personal productivity tools like Microsoft Excel to manage their controls testing process but secondly, this creates significant efficiency gains as a result. By allowing an organization to share controls across multiple initiatives reduces the amount of testing involved by creating reliance on the test performed for one initiative in a way that satisfies all initiatives that the control supports.

The other area of “how” is in the form of identifying areas of risk which drives a need for targeted testing. We allow a company to load financial results into the application and then focus testing on controls where risk is higher. This now creates the chance for organizations to remove the manual nature of what controls testing can be and drive for mutual support within the finance and business communities to ensure that the compliance environment not only tests positively but is also executed the same way.

Our goal at Trintech is to see organizations achieve efficiency and effectiveness in their financial close process while at the very same time decreasing the cost and risk within those processes. Processes such as reconciliations, journal entries and close all represent where the efficiency gain can also lead to effectiveness. Compliance represents an area where effectiveness can lead to efficiency – not just within the compliance process but also across the whole of Record to Report. It stands to reason that when an organization has architected the full financial close activities and then mapped to the controls framework, all could agree that it would be quite advantageous to then gain the necessarily visibility into the areas of opportunity and risk for the organization.

When an organization takes on concepts within Trintech’s Record to Report Automation Framework, that means it establishes best practices within the System of Controls and then using automation, performs those best practices even faster. This can help create the confidence within the testing process when typically, it can be obstructed by the manual nature of the underlying activities.  By instituting Risk Intelligent RPA™, you remove the amount of manual work involved in performing the work by finance. Leveraging our ERP Connectors or our ERP Bots, connecting the work of finance and IT required during the close process creates a seamlessness that eliminates the areas where data issues arise or manual steps are forgotten. It also means that organizations cannot just look at compliance by itself and solely automate that without looking at the overall Record to Report process. You have to address with full Record to Report with a singular platform that addresses the full R2R process flow.

Take a moment to sit down with those responsible for the control testing activities.  If it is outsourced to a third party, see about building their testing process into an R2R end to end solution so you can still measure the overall quality of the process.  Then allow a, R2R Automation Framework, the accelerators, to help you drive best practices faster with better insight into the overall process. Create confidence within your organization to know that the financials bleed with integrity and that the efficiencies necessary have been squeezed.

Explore the Full 7-Part Series on Trintech’s System of Controls:
Part 1: Don’t Drown in Transaction Data When Closing – Light a Match and See Clearly 
Part 2: Reconciliations: Part of a Global System of Controls to Ensure the Integrity of Your Financial Close 
Part 3: Eliminate 95% of Manual Journal Entries and Reduce Risk at the Same Time – Mission Possible
Part 4: (Intercompany) Prevention Is the Best Medicine
Part 5: How to Reduce Risk and Ensure Control Over Your Intercompany Transactions with Cadency’s Detective Controls 
Part 6: How to Excite An Accountant During Close

Written by: Syril Mathai