Professional Documents
Culture Documents
Executive Summary
Executive Summary 3
Background
General Background 6
Appendices
This report provides management with information about the condition of risks and internal controls at one point in time.
Future changes in environmental factors and actions by personnel may significantly and adversely impact these risks and
controls in ways that this report did not and cannot anticipate.
The following is a summary of the issues and observations noted during this review. Each issue/observation has been
prioritized based upon its business impact to the company. For each issue, a page reference and agreed upon area
management implementation plan to address each issue for corrective action have been noted.
5. The use of non-standard electronic funds transfer forms should be limited for exceptions. 11
6. The wire transfer/ACH repetitive template setup and change approval process should be segregated. 11
A list of specimen signatures and approval limits is not maintained in treasury to verify proper
7. authorization of wire transfer, ACH and special check requests. Overall, disbursement procedures are 12
not documented. Checks held overnight for pickup are not adequately safeguarded.
Scope
• Cash management
• Disbursements (focus on electronic fund transfers)
• Investments
• Foreign exchange hedging
• Bank relationship management
6. Repetitive Wires: The wire transfer/ACH repetitive A. Segregate the authority to approve payment • List responsible parties
template setup and change approval process should be instructions, including instructions to set-up and
• Estimated date or
segregated. change repetitive wire/ACH templates, from the
month/quarter of completion
authority to approve and send wires or ACH
The senior treasurer initiates instructions to setup or change
transactions. • May include need for
repetitive wire transfer/ACH templates (e.g., hedging
immediate action or list as
settlements, investment settlements) and is typically the B. Develop and maintain a segregation of duties
completed if corrected prior
person who approves transactions using the repetitive matrix that details authority, initiation, approval,
to report issuance
templates. Repetitive wire/ACH templates should be execution, recording and release duties, including
approved independently of the person who approves and manual and system processing (access/application
releases outgoing wires using the templates. functions).
Business Impact: Improper segregation of duties that could
lead to inappropriate activities
Increased fraudulent exposure
12. Bank Account Structure: Bank account structure and A. Establish a formal procedure for regularly • List responsible parties
services should be documented and reviewed for evaluating bank accounts and service fees to
• Estimated date or
improved process and cost savings. determine whether the accounts are still necessary
month/quarter of completion
or the fees can be negotiated lower. Inactive
Although company enforces centralized control over bank
accounts should be closed in order to reduce • May include need for
accounts, treasury does not document and periodically
banking fees and internal costs. immediate action or list as
review the bank structure and services. The number of bank
completed if corrected prior
accounts should be evaluated regularly in order to
to report issuance
continuously improve the control and management of cash.
Additionally, each account requires overhead in the form of
bank costs, funding costs, and costs to reconcile and
monitor.
Business Impact: Increased risk of fraudulent activities
Increased bank cost
Duplication of bank services
Loss of control
Inefficient cash management
16 Source: www.knowledgeleader.com Sample Audit Report - Treasury Review
Appendix I: Internal Control Assessment
The matrix below and on the following pages lists process controls that should be present within a well controlled business
environment. An evaluation of the company’s process is noted in each instance. Controls were evaluated as follows:
Good Controls – controls are present to mitigate process/business risk, and are operating effectively and efficiently.
Moderate Controls – controls are present to mitigate most process/business risk, but management should evaluate opportunities to
enhance existing controls.
Limited Controls – Existing controls may not mitigate process/business risk, and management should consider implementing a stronger
control structure.
Where possible improvement can be made in the control structure, a reference has been made to the Issues and
Observations sections, where management’s change implementation plan is described along with the responsible party and
estimated implementation timing.
Ensure all debt and investment transactions are accurately processed and recorded on a
1. #8
timely basis.
Ensure investing, borrowing, disbursement and other financial transactions are properly
2. # 5, 7, 10
authorized.
Maintain lines of credit that are adequate to meet recurring and unexpected funding
3.
requirements.
5. Safeguard cash, investments and other financial assets and segregate duties. #10
2. Risk management activity and derivatives transactions are properly authorized #11