Internal control objectives and weaknesses at Goodner’s Brothers

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Goodner Brothers Case

  1. List five internal control objectives for Goodner’s Huntington Sales office.

1. Safeguard the assets: Goodner used padlocks to provide security for its tire inventory.

2. Human Resource Policies: Goodner’s hiring process relied on honesty and integrity. It also, relies on its internal hiring system of requiring all applicants to provide three strong references from individuals who may work or have some type of connection with Goodner Brothers. Goodner also requires a thorough background check for all applicants for future employment from a replicable background agency. 3. Documentation and records: Goodner sales outlet consists of a computerized accounting system. The system is typically used for small retail businesses, which is an “off the shelf” general ledger package that consists of assorted accounting documents, which gives unrestricted access to the sales manager and chosen sales representatives. Sales representatives frequently entered transactions into the system because of large volume of sales and purchase transactions which could swamp the bookkeeper. With the system the sales reps were able to view and update the customer accounts, by jotting the details of a transaction on a piece of scrap paper which could be entered directly into the accounting system.

4. Transaction Authorization: Sales reps and sales managers were responsible for the credit function for each sales outlet. Goodner’s new customer sales required the approval of the sales manager, while existing customers was monitored by the sales rep.

5. Physical inventory: Each sales office was responsible for a year-end physical inventory to make sure its perpetual inventory system was in agreement with the inventory actually on hand. This physical inventory used by management was used to monitor inventory shrinkage.

  1. List the key internal control weaknesses that were evident in the Huntington unit’s operations.
  1. Accuracy of and controls over accounting records: Goodner’s accounting records are extremely sloppy. The Huntington outlet had a computerized accounting system that was supposed to be maintained by the bookkeeper; however, the bookkeeper was often busy. As such, sales representatives frequently entered accounting transactions themselves, as well as routinely accessed, reviewed, and updated their customers’ accounts. Furthermore, transaction details were frequently written on scratch paper, providing ample opportunity for fraud.
  2. Proper record keeping – accounting and inventory:
    • Accounting: Goodner lacks a standard form that would be used to enter transaction information into the accounting system. The source documents used were often little more than notes written down on a piece of paper, as opposed to the industry standard of creating a purchase order, sales order, credit memo, or other document. These pieces of scratch paper were then eventually handed into the bookkeeper or used to enter transaction data into the accounting system. The lack of a standard form and timely method of entering data is in need of significant improvement.
    • Inventory: Goodner also lacks an appropriate form of maintaining proper record of inventory on hand. A yearly count of inventory in order to balance what is on the books versus what is physically in the warehouse and one intra-year inventory count for each sales office is not appropriate. Inventory must be monitored much more closely in order to prevent fraud.
  3. Response to and tracking of complaints: Goodner lacks a formal procedure for following up on and tracking complaints related to their sales representatives. Without any sort of tracking mechanism, Goodner is unable to identify trends in complaints from customers about employees. Had Goodner had an appropriate tracking mechanism in place, management would have been able to identify a trend in customer complaints as related to Woody’s overcharging and perhaps prevented the fraud before it escalated.
  4. Separation of duties: Goodner is in immediate need of separation of duties. Sales representatives should not be responsible for taking annual inventory, nor should they be able to transport results of inventory audit to upper level management. The sales representatives also should not have direct access to inventory storage sites. Furthermore, sales representatives should not be able to load and deliver customer orders themselves, as they are presently able to do during heavy sales periods at Goodner.
  5. Physical security / control over inventory: Goodner has extremely lax physical security and control over their inventory. Currently, padlocks serve as the only control over inventory, to which all sales representatives have access. Significant security mechanisms must be put in place to protect the company’s tangible assets. It is not appropriate to rely solely on the honesty and integrity of Goodner’s employees.
  1. For each of the control weaknesses you have identified, develop a control policy/procedure that would prevent or detect the risk of misstatement. Indicate whether the control you recommend is preventive or detective.
  1. In an effort to both prevent and detect a significant amount of risk to which Goodner is currently vulnerable, it is recommended that the company implement an Enterprise Resource Planning system / software. This software will offer Goodner an integrated, common database that will operate in (or near) real time. The ERP will provide end-to-end controls, matching sales orders, inventory shipments, and cash receipts. Fundamentally, the ERP will provide a chronological history of every transaction that has occurred as related to Goodner, including order tracking and revenue tracking. As such, the ERP will prevent risk as related to the following identified weaknesses:
    • Accuracy of and controls over accounting records: an ERP would in its nature streamline Goodner’s accounting controls and records. It is recommended that the ERP become the sole database in which to record sales. This will allow sales to be tracked throughout the process, with sales orders to be matched against inventory shipments, which would both in turn be matched to monetary receipts. The appropriate accounting entries would be recorded through every step of the way. More importantly, the employee entering the information would have to log in with his or her own, unique username and password. Those without the appropriate access would not be permitted to record certain entries. Each record would be associated with a timestamp, allowing for seamless tracking, recording, and reporting.
    • Proper record keeping – Accounting: In order for the ERP to be effective in enforcing proper accounting record keeping, Goodner must forbid sales representatives or any other employees from recording transactions on scratch paper. The ERP will allow for an official, traceable method of data entry that is standard and timely. Furthermore, the entry of the sales order will trigger the entire process while providing detailed records of transactions, lessening the opportunity for fraud and providing ample reporting information to assist with the detection of fraud.
    • Proper record keeping – Inventory: It is recommended that the ERP be fully integrated with Goodner’s business processes, including management of inventory. Any purchase or sale of inventory is to be tracked and executed using the ERP tool, allowing for real-time visibility into the company’s inventory counts at any given moment. The inventory management module of the ERP will link to all other modules, connecting Goodner’s business processes in a comprehensive and streamlined manner. This close management of inventory will lessen the opportunity of fraud as it pertains to off-the-books sales and provide a mechanism for better detecting such activity in the future.
    • Separation of duties: Through requiring each user to have a unique username and password, the ERP will allow Goodner to specifically separate duties from a system perspective. Only those with specific system authorizations may access certain functionalities (only appropriate personnel may maintain accounting records, only sales manager may approve sales to new clients whose creditworthiness has not yet been established, etc.). Separation of duties is crucial in preventing fraudulent activities; no one user should have access to all functionalities in the overall end-to-end process, as Woody currently does at Goodner.
  2. It is also recommended that Goodner adopt additional strategies outside of the ERP system to address the following weaknesses:
    • Respond to and track complaints: It is imperative that Goodner implement a new, formal process in order to monitor and respond to customer complaints. While complaints may be collected by any member of the organization, all complaints should be funneled and formally submitted into one central location where they will be stored in an effort to build a valid database of complaints. It is important that customers have the ability to easily submit complaints and that they are aware of the formal policy.

It is recommended that the sales manager hold the responsibility of monitoring complaints, and that complaints are categorized according to process type (billing, delivery, quality of goods ordered, etc.). Complaints should be further sub-categorized by sales representative, where appropriate. Categorizing complaints in such a way allows for better analysis of data, providing appropriate information for management to identify trends and patterns in an effort to detect any possible fraudulent activity.

Goodner must also develop a process for resolving complaints, along with a set of roles and responsibilities for each category in order to hold certain individuals accountable. It is recommended that Goodner continue to allow their sales representatives to resolve customer complaints, but that the resolution be monitored and evaluated by management. It is also recommended that management conduct periodic audits of customer complaint resolutions, wherein management reaches out to the customer to ensure a situation was resolved to their satisfaction. Not only will this provide a method for both preventing and detecting fraudulent activity, but it will also reinforce the importance of satisfying Goodner’s customers.

  • Maintain physical security and control over inventory: With inventory ranging in value from $300,000 to $700,000 for each sales unit, it is imperative that Goodner establish a means of physical security over their tangible assets in sales outlets. While the padlocks currently in place are important, Goodner should consider implementing additional security measures such as physically locking the sales outlets and installing alarm systems in order to prevent theft. It is important that only a few key personnel, such as the warehouse and order fulfillment staff, have access to said keys and alarm codes. Separation of duties is crucial for maintaining security, and those who are placing the orders or selling the inventory should never have access to fulfill the orders or deliver the goods. Such measures to physically protect Goodner’s inventory are necessary to prevent theft.
  • Separation of duties - order fulfillment & deliveries: As previously mentioned, it is important that duties of various job functions are separate. Those who are selling the goods to customers should not have the ability to physically fulfill the orders, nor should they have the ability to deliver the goods. Specifically to the case, Woody, as a sales representative, should not be permitted to retrieve tires from the sales outlet in order to fulfill the order. Similarly, he should not be able to deliver the goods personally to the customer. Separation of duties prevents employees from stealing inventory and from conducting unauthorized transactions.
  • Physical inventory counts / audits: Finally, it is important that Goodner updates their policy on physical inventory counts and audits. It is recommended that Goodner maintain their yearly physical inventory audit requirement; however, it is imperative that those conducting the audit are unbiased and objective. Those conducting the audits should not have access to alter sales orders, accounting documents, or inventory. The count should be conducted in an organized, manageable fashion using a tagging and/or barcode system to prevent miscounts or data tampering. Furthermore, it is important that the audit results are conveyed to management directly by those conducting the audit, eliminating the opportunity for a sales representative to alter the findings. It is also recommended that periodic audits occur at random throughout the year. While the new policy of these “spot” audits should be announced, their occurrences should be random and without notice. This will allow Goodner not only to prevent suspicious activity, but will also allow the company to detect any major discrepancies between the book value and the physical count of inventory on hand.
  1. Consider the fraud triangle covered earlier in the course, identify and analyze the fraud triangle components in this case.

The fraud triangle consists of three factors that cause an individual to commit occupational fraud: Incentive, opportunity, and rationalization.

  1. Incentive: The first component represents the pressure that motivates an individual to commit fraud. Woody had a gambling addiction that caused him $50,000 in debt. He was falling behind on his mortgage payments, maxed out various credit cards, and was being pressured for payment from the people whom he owed money to. The pressure from creditors and lack of alternatives propelled Woody to steal from the company.
  2. Opportunity: The second component represents the method by which a crime can be committed. The lack of controls within the company served as the opportunity to alleviate Woody’s debt. Multiple employees had access to the company’s accounting system, including the manager, two sales reps (one of which was Woody), and the secretary/bookkeeper. The sales reps entered transactions into the system because the secretary was often swamped. Woody was able to charge large clients for more items than were ordered and pocket voided customer transactions because he held direct access to the system and no general authority validated transactions before they were recorded. The main warehouse, from which Woody stole, was secluded from the manager’s office. All sales reps had direct access to the warehouses. Being understaffed, the sales reps often sold, delivered, and recorded transactions themselves. There was a lack of separation of duties and a lack of restricted access to inventory, creating the perfect opportunity for Woody. Lastly, Woody saw opportunity in manipulating physical inventory counts during year-end because management was not required to confirm the accuracy of those claims.
  3. Rationalization: The last component represents the means by which Woody justified the fraud. Woody rationalized his actions by believing he had no other reasonable alternatives. Between losing his home and falling deeper into debt, the act of stealing served as a lesser of the evils.
  1. a. What responsibility does the auditor of a public company have if he or she discovers illegal acts by the client?

b. Although not an issue in this case, many audit clients are multinationals and must comply with the Foreign Corrupt Practices Act of 1977. Do you believe the auditor has a responsibility to apply procedures to determine whether their client has complied with the FCPA? Provide support for your answer.

  1. Auditors must first gain an understanding of the nature and circumstances of the illegal or non-compliant act and then evaluate the possible effect on the financial statements. The illegality should be discussed with management at a level above the person responsible for the act. If the act is considered to have an effect on the financial statements, the suspected illegal activity should be reported to those charged with governance, such as an audit committee, and the financial statements should contain adequate disclosures about the organization’s activities. Discussion with the client’s legal council may also be necessary. If management and directors do not take satisfactory action under the circumstances, the external auditors always have the option to withdraw from an engagement.
  1. Yes, I think that that is what the audits job is anyway; they have to determine whether or not a company is following the accounting rules and regulations. They are there to make sure that everything is reported in an accurate and timely manner. An auditor should always check everything, for example what if a company identifies itself as national, but they are secretly doing business multi-nationally? By checking those types of records, an auditor can determine whether or not a company is committing some type of criminal activity. Also this helps determine that a multinational company is also doing business overseas ethically or not, whether they are taking bribes, or subsidies, which are not ethical, sometimes these things can get spotted if an auditor checks that the company is following the FCPA or not. One of requirements of the FCPA is that entities must develop and maintain effective internal controls. Because the FCPA became codified as an amendment to the SEC in 1988, auditors may be liable for violations of this act if they should have identified these violations in their examination.