Tweet

5 Compliance Functions Every Accounting System Should Have

Written by: Steve Fanning

Article Overview: At no other point in history has compliance been so important for public and private companies as today. Executives increasingly look to financial management systems, commonly referred to as Enterprise Resources Planning (ERP) systems, to manage their complex compliance needs. So the question becomes, which application is the best fit to support your company’s compliance? Whether you have a system in place or are just starting to look for one there are five important compliance questions you should be asking yourself.

5 Compliance Functions Every Accounting System Should Have

At no other point in history has compliance been so important for public and private companies as today. Executives increasingly look to financial management systems, commonly referred to as Enterprise Resources Planning (ERP) systems, to manage their complex compliance needs.
Companies have also experienced many positive side effects of their compliance efforts. According to the Aberdeen Group smaller, private companies, including mid-size enterprises, are finding financial gains in improving the accuracy and reliability of their financial reporting.
No specific system can be endorsed as the answer to resolving compliance issues. So the question becomes, which application is the best fit to support your company's compliance? Whether you have a system in place or are just starting to look for one, there are several critically important compliance questions you should be asking.

#1 Is Your Financial Information Protected by Role Based Security?

Auditors have long looked to separation of duties to reduce risk. Section 404 of the Sarbanes-Oxley Act (SOX) reinforces the importance of this approach and refers to the segregation of duties as vitally important for the health of a company. Any ERP worth its salt will offer something called role based security or access controls to enforce the separation of duties within your financial management system.

Role based security is able to limit visibility and control, on a per user basis, so that transactions or edits can be made only where authorized. Permissions can be as simple as restricting a user from an operation to security flags in the system when an unauthorized transaction is taking place.

Here are the things you should look for to ensure proper role based security:
- Do all users have assigned roles?
- Do you have control over what records and to which types of changes users have access?
- Are users restricted to accessing information only for their respective departments?
- Do these roles have specific forms associated with them, enabling users to see only the information they need and thereby protecting more sensitive data?
- Can you limit certain types of access to business data from specific locations?
- Are you given the ability to control changes that are made?
- Can you ensure critical business data doesn't leave your company?

#2 Is the Integrity of Data Preserved with an Always On Audit Trail?

One of the advantages of using software to store data is that the history of data changes can be tracked. Should an entry be changed or deleted, accidentally or otherwise, a record is kept of what changed, when it changed, who changed it, and how it was changed. Knowing how critical financial data is backed up and being able to easily access audit information is crucial when evaluating a financial management system.

Some questions to ask as you dig into a systems' audit trail are:
- How easy is it to call up a past revision?
- Can management be alerted if a transaction is tampered with by an unauthorized user?
- Is it always-on?
- Can the audit trail be disabled?
- Is the user who entered or edited the transaction identified?
- Is there a record of when the entry was made?
- Is the latest value of the entry displayed?
- Does an audit-trail of non-transactional records exist?
- Are changes that were made at the individual level identified?
- Is who made the change, when it was made, before/after values of fields highlighted?

#3 Does Complaint Tracking Enable Anonymous Whistle Blower Reports?

SOX 301 states that a forum be created for treatment of "receipt, retention, and treatment of complaints". This article requires "companies to establish hotlines to allow employees a confidential and anonymous method of whistle-blowing if dodgy auditing or accounting practices are discovered."

Like financial data, the handling of whistle blower complaints also requires the same audit trail and controls. Each of these concerns can then be referenced at any time as well as the steps taken to verify and resolve the issue.

When evaluating a system's ability to track complaints, here are some things you should be looking for:
- Does the system allow for anonymous complaints?
- Will all employees have access to the system?
- What controls are in place to ensure all issues are properly treated?
- How are these complaints and resolutions stored?
- Are complaints escalated if no action is taken?

#4 Do Your Controls Ensure Accurate Reporting?

Financial controls are intended to ensure the accuracy, timeliness, and completeness of financial data as well as compliance with policies and regulations. In addition, financial controls help to prevent or detect erroneous or inappropriate transactions.

Virtually all financial processes, like acquisitions, cash receipts handling, and billing, have financial controls. Selecting a financial management system that enforces "best practice" controls and allows real-time visibility to company information and activity provides an ideal platform for managing compliance.

Here are some questions to help you evaluate your system:
- Are you receiving reliable financial data?
- Are your records and assets safeguarded?
- Do you have a mechanism with which to evaluate operational efficiency?
- What process enforces adherence to prescribed policies and regulations?

#5 What Functions Exist for Storing Documents and Emails?

Good internal control procedures require that documents and e-mails be archived in such a way that they can be accessed for future reference and potential investigation. Key functions to confirm in your financial system include:
- Backups
- Encryption
- Security
- Password protected
- Permissions to access
- Indexing and search functions
- Detailed history of who checked out docs and for how long

Extending the same role based security and audit tracking to reports and emails allows a complete compliance view, supporting your company's efforts to ensure adherence to internal and external standards.

Related Articles
  Choosing an Accounts System
  Why Accounting Outsourcing
  Accounting Software- A Business Model
  Outsource Accounting
  Outsourcing Accounting: Easy Accounting Outsourcing to India for Small Businesses in USA

Article Tags: aberdeen group, access controls, best fit, compliance efforts, compliance issues, compliance questions, enterprise resources, erp systems, financial information, financial management system, financial reporting, management systems, mid size, private companies, sarbanes oxley act, section 404, security auditors, segregation of duties, separation of duties, visibility



Related Forum Posts
Book: The System - [quote:3e8ncw28]What was the name of that book -- the high finance murder mystery?[/quote:3e8ncw28] Sorry for the delay in answering this question. The book is: The System: A Story of Intrigue and Market Domination Terry Waghorn Perseus Piblishing 2002 Jacket description: In a world where competitive advantage is temporary at best - and illusory at worst - there is nothing more important to the business enterprise than creating a robust strategy and executing it with Steve. In The System, Terry WAghorn illustrates this universal theme through an action-packed adventure.
Re: HOW TO: Upload Your Picture in 4 Easy Steps - With Ububtu Operating System how can i apply this procedure?? I hope you would give me clarity ... Thanks in advance...
Seek Venture Capital & Funding - Hello, Greetings from India. I am Seeking Venture Capital for Offshore Software Company Start-up. Need advise along with Business Model Sample. I have a basic outline for an offshore company. 1. Technology - like Microsoft Dot Net, Java, LAMP 2. Talent Team - Found Good Technology Developers. 3. Where I can get the leads/potential customers - Leads have been identified who are willing to move forward offshore projects. 4. I do not have resources like funding. It is a very critical factor to me Industries: Manufacturing, Real Estate, Retail, Insurance, Distribution & Logistics, Healthcare, Industry Associations and Software Product Development, Agricultural Industries and Etc. Services: Offshore Software Development Company. Offices to be located: Hyderabad, Andhra Pradesh, India and USA. Products/Services/Applications in areas like POS & Billing, Sales & Distribution, Production Planning, Material Management, Inventory Control, Plant Maintenance, Purchasing, Accounting and Logistics. Dynamic Web Programming with Database Driven Content Management Systems, Online Stores for E-Commerce, B2B Solutions, Community Portals, Website Redesign and Development, Custom ERP with Enterprise Wide Functional Modules such as Marketing, CRM, Accounting, Inventory Control, Sales & Distribution, Production Planning, Purchase & Stores, Logistics and Supply Chain. Seek your further questions and help. Thank you, Best Regards, Jayapratap.
Wearing different hats in Business - I have a business that produces beautiful custom rugs for home and business environments. Different hats that I'm wearing... Rug Fabrication - 10 [i:21cr28m8](partially outsourced to an outfit here in the US)[/i:21cr28m8] Customer Service / Sales - 8-10 Bookkeeping - 1 Marketing - 6 Website development - 5 [i:21cr28m8](mainly outsourced)[/i:21cr28m8] SEO, SEM - 6-8 Accounting - [i:21cr28m8](outsourced)[/i:21cr28m8]
Kevin's Case Study #5 - Different "hats" you wear - To help all entrepreneurs (especially aspiring new ones), I'd like to ask: 1.) What is your small business? 2.) Then list the numerous "hats" you're required to wear in order to succeed. Moreover, go on to rate each job function on a scale of "1 = generalist" to "10 = expert" and even which tasks you outsource. Perhaps this post will act as a decisive factor on whether a person should pursue a specific business idea or not. [i:exdr7mc8]For example, if I owned my own bakery, I'd create my list as follows: 1.) Professional Baker 2.) Different hats I'm required to wear: -Dessert making (8-10) -Customer service/Sales (7) - Job function is outsourced -Accounting (5) - Job function is outsourced -Marketing (4) - Job function is outsourced -etc...[/i:exdr7mc8]


Share this article with your friends. Fund someone's dream.

Leave a comment below or share on the left and you'll help support entrepreneurs in Africa through our partnership with Kiva. Over $50,000 raised and counting - Please keep sharing! Learn more.

Tweet

Newsletter

Get advice & tips from famous business
owners, new articles by entrepreneur
experts, my latest website updates, &
special sneak peaks at what's to come!

Name:
Email:

Popular Articles

How To Improve Your CTA (Call To Action)

RULE YOUR BUSINESS LIKE A SHINE STAR

Resistance to Change and How to Deal With It

Suggestions

Email us your ideas on how to make our
website more valuable! Thank you Sharon
from Toronto Salsa Lessons / Classes for
your suggestions to make the newsletter
look like the website and profile younger
entrepreneurs like Jennifer Lopez.