The need to organize internal financial control is stipulated in Article 19 of the Federal Law of December 6, 2011 No. 402. Control concerns transactions related to the activities of the enterprise. The procedure for its implementation is specified in the accounting policy.

Purposes of control

Let's consider the goals of local financial control:

• Control over compliance with the law in the field of local budgeting and financial operations.
• Increased quality and accuracy of budget reports.
• Increasing the return on investment of federal budget funds.
• Improving the quality of preparation of documents related to accounting.
• Timely and accurate filling financial statements.
• Ensuring the implementation of orders from company management.
• Execution of created business plans.
• Ensuring the safety of company property.

Internal control allows you to detect errors in a timely manner and correct them yourself. In the future, this will help the company avoid fines and sanctions.

Objectives and principles

Let's consider the main tasks of financial control:

• Analysis of compliance of transactions with documents and reporting.
• Analysis of compliance of activities with regulations and job descriptions.
• Analysis of compliance of activities with technological processes.
• Study of a local control system to discover elements that ensure its effectiveness.

Control is based on these principles:

• Legitimacy. Correspondence control activities laws of the country.
• Independence. Performers of control activities must be independent of the objects being inspected. Only in this case is objectivity of the results possible.
• Objectivity. During the control process, reliable data must be obtained. Therefore, activities must be based on factual information.
• Responsibility. All specialists involved in control activities must be responsible for their activities. This is the only way its quality can be ensured.
• Systematicity. Control must be comprehensive. In its process, all aspects are analyzed financial activities companies, existing relationships.

Compliance with all these principles is mandatory.

Subject of inspection

During the control activities, these aspects are checked:

1. Compliance with laws.
2. Correct filling of documents.
3. Correct filling of accounting registers.
4. Preservation of the organization's assets.

Checks for errors in documents. Once detected, they are promptly corrected.

Features of the organization of internal control

The procedure for conducting internal control in mandatory is prescribed in the accounting policy of the enterprise. You can fix the order in the documents at the stage of creating a company. An alternative option is the publication of separate acts. The procedure for implementing control can be recorded in a separate order.

Control measures are carried out in various ways:

• Formation of a structural department or hiring an employee to the position of auditor. Employees carrying out control activities report to the head of the organization.
• Organization of a commission that will work on a regular basis.
• Assigning responsibilities for monitoring to representatives of already formed structural units.

The choice of a specific path is determined by the expected scale of work, the capabilities of organizations, the presence of structural divisions, and the availability of specialists.

Levels of internal control

Internal control is carried out at these levels:

• Employee level. The employee exercises control within the scope of his official powers.
• Structural department level. Responsibility for control is assigned to department employees and department heads.

The procedure for carrying out control is regulated by the regulations on the work of the control measures department. The work of the auditor will also be regulated by this provision. The document must be approved by order leader. The work is based on it structural unit.

IMPORTANT! If Internal Control is carried out by different employees and departments, responsibility is delimited on the basis of local acts and job descriptions.

Features of internal control

In the process of carrying out control activities, the following tools are used:

• General scientific methods: analysis, deduction, etc.
• Empirical methods: inventory, surveys, measurements.
• Specific tools: probability theory, etc.

Financial control can be entrusted to a special commission or third-party companies.

Types of internal control

Comprehensive control includes these forms of verification activities:

1. Preliminary control. Performed until the business transaction is completed. This tool provides the formation of a forecast regarding the outcome of the operation. It allows you to decide whether to take one step or another.
2. Current control. Includes analysis of measures to implement the budget, generation of financial statements, analysis of the efficiency of use of funds. The compliance of the company's expenses with its goals is checked.
3. Subsequent control. Carried out based on the results of implemented business transactions. At the same time, accounting documentation is checked. The results of the inventory are monitored.

IMPORTANT! Current and preliminary control can be included in current activities employees. It makes sense to entrust subsequent control to an employee who specializes in control activities.

ATTENTION! It is advisable to carry out all types of control measures. For this purpose, departments, individual employees, and a special commission are involved in the work. However, this is only possible if the company has the appropriate resources.

Preliminary control

Preliminary control is needed to make a decision about the operation. It is dealt with by company managers, deputies, chief accountants, and representatives of the legal department. As part of preliminary control, the following activities are carried out:

• Checking the completion of financial planning papers.
• Approval and approval of documentation.
• Checking contracts.
• Examination of papers on the expenditure of company resources.

Preliminary control includes an analysis of the agreements’ compliance with the activity plan, checking all forms of reporting (budgetary, statistical, etc.) until the documents are signed.

Current control

Current control includes daily research into the expenditure of funds and filling out accounting documentation. Consists of activities such as:

• Analysis of expenditure documentation.
• Checking the amount of funds in the cash register.
• Control over the completeness of the posting of funds issued by a banking institution.
• Control over the debts of debtors and the debts of the company itself.
• Compliance check analytical accounting with synthetic accounting.
• Establishing the actual existence of company property.

Current monitoring is carried out regularly. It is carried out by representatives of accounting departments.

Subsequent control

It is carried out after the completion of a particular operation. Involves checking all related documents. Let's consider methods of subsequent control:

• Inventory.
• Audit of the cash register without prior preparation.
• Checking the ways in which funds are used.
• Analysis of available documents.

Follow-up control is the final stage of internal audit. It is advisable to entrust it to a special commission. Its composition is indicated in the appropriate provision. If required, the composition can be changed. In the future, control is carried out through scheduled and unscheduled inspections.

DEPARTMENT OF FINANCE OF THE CITY OF MOSCOW

On approval of the Regulations for the organization and implementation of internal control

Revoked based on
order of the Department of Finance of the city of Moscow
dated December 27, 2019 N 396
____________________________________________________________________

In order to improve the activities of internal control in the Department of Finance of the city of Moscow, organized in accordance with Article 270_1 of the Budget Code of the Russian Federation,

I order:

1. Approve the Regulations for the organization and implementation of internal control (appendix to this order).

2. I reserve control over the implementation of this order.

Head of department

finance of the city of Moscow

V.E. Chistova

Application. Regulations for the organization and implementation of internal control

Application

to the Order of the Department of Finance

Moscow cities

Regulations for the organization and implementation of internal control

1. General Provisions

1.1. This Regulation establishes general principles organization and implementation of internal control over the activities of structural divisions, including FKU JSC of the Department of Finance of the City of Moscow (hereinafter referred to as the structural divisions of the Department).

1.2. The regulations were developed in accordance with the Budget Code of the Russian Federation, the Regulations on the Department of Finance of the City of Moscow, approved by Decree of the Moscow Government dated February 22, 2011 N 43-PP, and other legal acts Russian Federation and the city of Moscow, regulating legal relations in the field of control activities, taking appropriate measures based on their results, provided for by law Russian Federation and the city of Moscow.

2. Basic concepts and terms used in these Regulations

Internal control - control over the compliance of the activities of the structural divisions of the Execution Department government functions and powers required by the legislation of the Russian Federation, the city of Moscow and legal acts of the Department of Finance of the city of Moscow (hereinafter referred to as the Department).

A control measure is a set of control actions of specialists (specialists) of the Department related to conducting checks of compliance by structural divisions of the Department with the requirements of legislation and regulatory legal acts when carrying out activities.

Control group - specialists of the Department authorized by order of the head of the Department to carry out control activities.

Inspection is a form of control that represents a single control action to study the state of affairs in one or several areas of activity of the inspected structural unit of the Department on the basis of managerial, financial, primary accounting documents, registers accounting and reports.

The inspection program is a documented plan for conducting a control event.

The Department's order to conduct an inspection is a document authorizing the control group (Department specialist) to carry out a control event.

The inspection report is a document drawn up by the control group (department specialist) in the form established by these Regulations, based on the results of the inspection.

Instruction from the head of the Department is a document drawn up based on the results of the inspection in the form established by these Regulations (appendix to these Regulations).

3. Procedure for planning control activities

3.1. The control activities of the Department are carried out on the basis of the Control Activities Plan.

3.2. The control activity plan is drawn up for six months and represents a list of control activities planned for implementation.

The Control Activities Plan for each control activity establishes: the object of control, the period under review, the period for carrying out the control activity, and the responsible persons.

3.3. The control activity plan is formed by the Internal Control Department based on an analysis of the problems of internal standards and procedures implemented by the Department.

The control activity plan is coordinated with the heads of structural divisions whose specialists are planned to be involved in conducting inspections.

By the 20th day of the month preceding the planned period, the Internal Control Department submits a draft Control Activities Plan for approval to the head of the Department.

3.4. The basis for conducting inspections not included in the Control Activities Plan is an instruction from the head of the Department.

3.5. For one unit scheduled inspection may be carried out no more than once a year.

Inspections to eliminate violations are carried out as necessary.

4. Organization and conduct of inspections

4.1. Inspections are carried out by specialists from the Internal Control Department and structural divisions of the Department specified in the Control Activities Plan, on the basis of an order from the head of the Department (hereinafter referred to as the order).

The inspection order shall indicate:

Last names, initials, positions of the manager and members of the control group;

Full name of the structural unit being inspected;

Subject of inspection: planned - in accordance with the wording of the Control Activities Plan for the six months, approved by the head of the Department; unscheduled - in accordance with the basis provided for in clause 3.4 of these Regulations.

4.2. Proposals for specific dates for the inspection, the personnel of the control group and its leader are formed by the head of the Internal Control Department, taking into account the volume and complexity of the upcoming control actions, the specifics of the activities of the unit being inspected and other circumstances.

4.3. The duration of the inspection should not exceed 30 calendar days.

4.4. In exceptional cases related to the significant volume and complexity of control activities, on the basis of a memo from the head of the Internal Control Department, the period for conducting an audit may be extended by the head of the Department, but no more than 5 working days, without amending the order.

Decisions on extending the timing of inspections for a period exceeding 5 working days or moving from six months to six months, as well as on postponing inspections in the plan, are made by the head of the Department on the basis of a memo from the head of the Internal Control Department and are formalized by an appropriate order.

4.5. To conduct each individual inspection, an inspection program is drawn up, approved by the head of the Department and which is an annex to the order.

The inspection program is drawn up by the structural units of the Department participating in the inspection.

Amendments and additions to the approved audit program are carried out on the basis of a memo from the head of the Internal Control Department and approved by the head of the Department.

4.6. The inspection must be preceded by a preparatory period, during which the specialists conducting the inspections are required to study:

Current legislative and legal acts regarding the verification program;

Materials from previous inspections and information on eliminating violations identified by inspections.

4.7. The head of the control group determines the scope and composition of control actions for each issue of the inspection program and distributes questions among members of the control group.

4.8. Control actions are carried out using continuous and (or) selective methods:

Based on the documentary study of managerial, financial, primary accounting documents, accounting registers, accounting and statistical reporting, including by analyzing and evaluating the information obtained from them;

Based on actual study - by inspection, inventory, recalculation of the actual amount of work performed (services provided), expressed in physical terms, etc.

4.9. The head of the control group (the specialist carrying out the inspection) has the right to demand, in necessary cases, inventory of financial and non-financial assets, calculations, forms strict reporting, the date and objects of which must be agreed upon with the head of the unit being inspected.

An inventory of financial and non-financial assets, settlements, and strict reporting forms is carried out by representatives of the unit being inspected on the basis of a corresponding order from the manager in the presence of members of the control group (the specialist performing the inspection). Inventory lists, drawn up in accordance with the established requirements for the inventory procedure, are appendices to the inspection report.

5. Preparation of materials based on the results of the inspection

5.1. Based on the results of the inspections, an Inspection Report is issued. The inspection report is signed by the head of the Internal Control Department, the head of the control group (the specialist who carried out the inspection) and transferred to the audited unit for review, with the obligatory indication of the date of familiarization with the report.

The head of the internal control department endorses each page of the inspection report.

5.2. The inspection report is drawn up in two copies.

5.3. Inspection reports are registered in the Internal Control Department in accordance with the established nomenclature of cases.

5.4. If violations are detected during the inspection, measured in monetary terms and (or) in physical terms, conversion statements are compiled wages, volumes and costs of work performed, the calculations contained therein must be complete and clear.

Each page of the statement is endorsed by the members of the control group who compiled it, as well as by the specialist responsible for the audited area of ​​activity.

The final page of the statement is signed by the members of the control group, the manager (the person authorized by him).

The text of the inspection report provides only the final data and content of homogeneous violations with reference to the relevant appendices to the act, names, dates and numbers of the violated legislative and other regulatory legal acts (indicating clauses, articles).

5.5. The inspection report must have continuous page numbering and not contain any blots or unspecified (unconfirmed) corrections.

The amounts of violations identified during control activities are reflected in rubles.

The texts of inspection reports are printed single-spaced, in Times New Roman font, font size 14.

References to legislative and other regulatory legal acts must indicate the type of document, the body that adopted it, the date of adoption, the number and name of the document, the date of entry into force of the document (if necessary), the edition of the document (if the edition has changed the text of a previously valid document).

5.6. The descriptive part of the act must consist of sections in accordance with the approved inspection program.

When presenting the results of the audit, objectivity, validity, consistency, clarity, accessibility and conciseness (without compromising the content) must be ensured. The material presented in the inspection report is not limited by the number of sheets, but should not be overloaded with unnecessary information.

The results of the inspection are presented on the basis of verified data and facts, confirmed by documents available in the departments being inspected, explanations of officials and material responsible persons.

The inspection report should not provide a legal, moral and ethical assessment of the actions of officials and financially responsible persons of the unit being inspected; their intentions and goals cannot be qualified.

It is not allowed to include in the inspection report various kinds of conclusions, assumptions and facts that are not confirmed by documents or the results of the inspection.

If there are no violations on the verified issues, the following entry must be made in the act: “Inspection or spot check(indicate: name of verified questions, verification period, names of verified primary documents, verified amount of expenses and (or) income) violations of requirements current legislation(or regulatory legal documents) not found".

The act reflects all significant circumstances related to the audit, with references to primary accounting and other documents, including information about documents not submitted during the audit. If before the end of the inspection officials If the unit being inspected took measures to eliminate the identified violations, then the inspection report should indicate the date the measures were taken, their essence and the period to which they relate.

Responsibility for the reliability of the information and conclusions contained in the acts, their compliance with current legislation, lies with the head and members of the control group (the specialist who carried out the inspection).

The head of the Internal Control Department is responsible for compliance with the deadlines for conducting inspections, the timeliness of drawing up and submitting inspection reports, the complete implementation of inspection programs, and the quality of the materials presented in inspection reports.

5.7. An integral part of the inspection report are attachments: duly certified copies of documents, calculation tables, explanations of officials and financially responsible persons and other documents containing factual data on the basis of which the presence of violations has been established or not established and to which there are references in the text of the act.

Copies of legislative and regulatory legal acts, managerial, financial, primary accounting documents, accounting registers, accounting and statistical reporting are not appendices to the inspection report, but can be attached to the inspection materials as reference and auxiliary materials.

5.8. The inspection report, drawn up in accordance with these Regulations and registered with the Internal Control Department, is presented for review to:

A covering letter signed by the head of the Department to the head of PKU JSC;

A memo signed by the head of the Internal Control Department to the head of the structural unit of the Department.

The covering letter (memorandum) to the inspection report must indicate the deadline (no more than 3 working days from the date of transfer of the act to the unit) for submitting one copy of the inspection report to the Internal Control Department with a note of familiarization.

5.9. The head of the unit, along with the inspection report with a note of familiarization, can submit explanations and objections to the inspection report, as well as inform about the measures taken to eliminate the identified violations.

5.10. The Internal Control Department, within up to 5 working days from the date of receipt of written explanations and objections to the inspection report from the department, considers their validity and prepares a memo for consideration by the head of the Department with summary violations and deviations identified by the inspection and proposals for their elimination, with the attachment of a draft Instruction addressed to the inspected unit, interested deputy heads of the Department in accordance with the distribution of responsibilities, and structural divisions.

5.11. The Internal Control Department records Instructions based on the results of inspections and ensures control over their implementation and implementation of proposals to eliminate violations.

5.12. The inspection materials are filed in a separate file in accordance with the nomenclature of cases.

The materials of each audit are compiled into the Audit File in the following sequence:

The basis for the inspection, in accordance with paragraph 4.1 of these Regulations;

Verification program;

Inspection report with attachments;

Written explanations on the inspection report from the head of the inspected unit;

Copies of the covering letter (memo) to the head of the inspected department;

A copy of the order from the head of the Department;

Documents confirming the adoption of measures to eliminate identified violations.

The file is kept in the Internal Control Department until it is transferred to the archive.

You can get acquainted with the case on the basis of a written request, drawn up in any form, to the Internal Control Department.

6. Reporting on the results of control activities

6.1. Reporting on the results of the control activities of the Department is compiled on the basis of generalization and analysis of the results of control activities carried out.

6.2. Based on the results of the implementation of the Control Activities Plan for the current period, the Internal Control Department submits to the head of the Department a Report on the control activities carried out and measures taken based on their results for the past period by July 20 and January 20 of the year following the reporting year.

Application. Instructions from the Head of the Department

Application
to the Regulations
(issued on the Order form
Head of the Department
finance of the city of Moscow)

N________________
Based on the results of the inspection
(subject of inspection, period inspected, name of inspected unit)
(inspection report dated __ _______ 201__ N ____ copy attached)
Appendix on _____ l.
Head of department finance of the city of Moscow

Electronic document text

prepared by Kodeks JSC and verified against.

Added to the site:

1. General Provisions

1.1. This regulation on internal control over the financial and economic activities of [name of economic entity] (hereinafter referred to as the Regulation, the Company) has been developed in accordance with the current legislation of the Russian Federation, the charter and internal documents Society.

1.2. These Regulations define the goals, objectives and procedures for internal control over the financial and economic activities of the Company (hereinafter referred to as internal control).

1.3. For the purposes of these Regulations, internal control is understood as a process aimed at obtaining sufficient confidence that the Company provides:

Efficiency and effectiveness of its activities, including the achievement of financial and operational indicators, safety of assets;

Reliability and timeliness of accounting (financial) and other reporting;

Compliance with applicable laws, including when performing business transactions and maintaining accounting records.

1.4. Internal control helps the Company achieve the goals of its activities, ensures the prevention or detection of deviations from established rules and procedures, as well as distortions in accounting data, accounting (financial) and other reporting.

2. Elements of internal control

2.1. The main elements of the Company’s internal control are:

Control environment;

Risk assessment;

Internal control procedures;

Information and communication;

Assessment of internal control.

2.2. The control environment is a set of principles and standards of the Company's activities that determine the general understanding of internal control and requirements for internal control at the level of the Company as a whole. The control environment reflects the management culture of the Company and creates an appropriate attitude of personnel towards the organization and implementation of internal control.

2.3. Risk assessment is the process of identifying and analyzing risks. For the purposes of these Regulations, risk is understood as a combination of the probability and consequences of the Company’s failure to achieve its business goals. When risks are identified, the Company makes appropriate decisions to manage them, including by creating the necessary control environment, organizing internal control procedures, informing personnel and assessing the results of internal control.

In relation to accounting, including the preparation of accounting (financial) statements, risk assessment is intended to identify risks that may affect the reliability of accounting (financial) statements. During such an assessment, the Company considers the likelihood of distortion of accounting and reporting data based on the following assumptions:

Emergence and existence: facts of economic life reflected in accounting took place in reporting period and relate to the activities of the Company;

Completeness: the facts of economic life that took place in the reporting period and are to be attributed to this period are actually reflected in the accounting records;

Rights and obligations: property, property rights and the Company’s obligations reflected in the accounting records actually exist;

Valuation and distribution: assets, liabilities, income and expenses are reflected correctly value dimension on the relevant accounting accounts and in the relevant accounting registers;

Presentation and disclosure: accounting data is correctly presented and disclosed in the accounting (financial) statements.

2.4. Internal control procedures represent actions aimed at minimizing risks affecting the achievement of the Company's goals.

2.4.1. Internal control procedures applied by the Company:

Documenting;

Confirmation of correspondence between objects (documents) or their correspondence established requirements;

Data reconciliation;

Division of powers and rotation of responsibilities;

Procedures for monitoring the actual presence and condition of objects, including physical security, access restrictions, inventory;

Supervision that provides assessment of the achievement of set goals or indicators;

Procedures related to computer processing information and information systems, among which, as a rule, there are general computer control procedures and control procedures carried out in relation to individual functional elements of the system (modules, applications).

2.4.2. For the purpose of combating abuse, the most effective internal control procedures are authorization of transactions and operations, delimitation of powers and rotation of responsibilities, control of the actual presence and condition of objects.

2.4.3. Depending on the moment of implementation, internal control procedures are divided into preliminary and subsequent.

Preliminary internal control procedures are aimed at preventing the occurrence of errors and violations of the established procedure for the Company's activities.

Subsequent internal control procedures are aimed at identifying errors and violations of the established procedure for the Company's activities.

2.4.4. Depending on the degree of automation, internal control procedures are divided into automatic, semi-automatic, and manual.

Automatic internal control procedures are performed by the information system without the participation of personnel.

Semi-automated internal control procedures are performed by the information system but are initiated or completed manually.

Manual internal control procedures are performed by the Company’s personnel outside information systems.

2.5. High-quality and timely information ensures the functioning of internal control and the ability to achieve its goals. The main source of information for decision-making is the Company's information systems. The quality of information stored and processed in them can significantly influence the Company’s management decisions and the effectiveness of internal control. The Company's information system must ensure accounting.

Communication is the dissemination of information necessary for making management decisions and implementing internal control.

2.6. The assessment of internal control is carried out in relation to the elements of internal control in order to determine their effectiveness and efficiency, as well as the need to change them. Internal control assessment is carried out at least once a year. The scope of internal control assessment is determined by the manager or internal auditor (service internal audit) Society.

The scope and nature of the methods and methods for assessing internal control are determined by the head of the relevant department or the head of the Company.

One of the types of internal control assessment is continuous monitoring of internal control, that is, an assessment of internal control carried out by the Company on an ongoing basis in the course of its daily activities. Continuous monitoring can be carried out by the management of the Company in the form of regular analysis of the results of the Company’s activities, verification of the results of individual business operations, regular assessment and clarification of internal organizational and administrative documentation and other forms.

3. Documentation of internal controls

3.1. The procedure for organizing and implementing internal control is documented on on paper and/or in in electronic format. The provisions relating to the organization of internal control are part of the constituent and internal organizational and administrative documents of the Company: orders, instructions, regulations, job and other instructions, regulations, methods, accounting standards of the Company.

3.2. The provisions relating to the control environment of the Company are part of the documents defining:

The strategy, goals and values ​​of the Company, its behavior in the market and methods of managing it;

Rules of conduct for the management and other personnel of the Company in the event of various events, procedures for considering complaints (code corporate governance, code of business ethics);

The organizational structure of the Company, including the place and role of its divisions, levels of decision-making, staffing;

Functions of the Company's divisions, powers and responsibilities of their managers (provisions on separate divisions Society);

Rules for making management decisions and carrying out transactions and operations, including the Company’s accounting policy;

Personnel policy establishing approaches to hiring, training and development of the Company’s personnel, criteria for assessing performance results, and a remuneration system.

In relation to accounting, including the preparation of accounting (financial) statements, the control environment can be described by the regulations on the accounting service, accounting policy Companies, qualification requirements for accounting personnel and other documents establishing General requirements to the environment in which accounting is organized and maintained, the procedure for interaction between the divisions and personnel of the Company and decision-making on accounting issues.

3.3. Documentation of risks is preceded by a description of the Company's business processes and operating procedures. A reliable description of the Company’s business processes facilitates the identification and assessment of all significant risks, regardless of whether internal control is currently exercised in relation to them.

The description of the Company's business processes is carried out in the context of the areas of its activities, its legal or organizational structure. Descriptions of the Company's business processes are compiled in text and graphic form, which ensures a complete and clear presentation of the Company's activities.

Risk description includes:

An indication of a potential adverse internal and (or) external event (fact, circumstance) that creates a risk;

The cause and likelihood of its occurrence;

Possible negative consequences (damage), their quantitative and (or) qualitative assessment.

Based on the results of the risk assessment, the Company determines the most significant risks and makes decisions to minimize them through the organization and implementation of internal control.

For the purpose of systematization adopted by the Society internal control procedures related to certain identified risks and recorded in the relevant internal organizational and administrative documents, as well as an assessment of the completeness of internal control coverage of identified risks, a matrix of risks and internal control procedures is compiled.

The matrix of risks and internal control procedures contains:

Description of the risk, the consequences of which internal control is aimed at minimizing;

Name of the area or process that is at risk;

Name and short description internal control procedures (procedures), through the implementation of which (which) the consequences of risk are minimized;

Classification of internal control procedures, if necessary for structuring information;

Performer of the internal control procedure;

Frequency (frequency) of the internal control procedure;

Incoming documents on the basis of which the internal control procedure is carried out;

Outgoing documents.

3.4. Documentation documenting the organization of internal control is regularly updated. The Company assesses the need to update documentation at least once a year. The basis for updating documentation may be the results of periodic assessment and continuous monitoring of internal control, organizational changes, changes in the processes and procedures of the Company. Documentation is updated within a reasonable period of time after its deficiencies or changes in the Company’s activities are identified.

3.5. The Company ensures the storage of documentation documenting the organization and implementation of internal control for a reasonable period of time.

4. Organization of internal control

4.1. The procedure for organizing internal control, including the responsibilities and powers of the Company’s divisions and personnel, is determined depending on the nature and scale of the Company’s activities and the features of its management system.

4.2. When organizing internal control, the Company proceeds from the fact that:

Internal control must be carried out at all levels of management of the Company, in all its divisions;

All personnel of the Company must participate in the implementation of internal control in accordance with their powers and functions;

The usefulness of internal control must be comparable to the costs of its organization and implementation.

4.3. Internal control is carried out by:

Management bodies of the Company;

Audit Commission (auditor) of the Company;

Chief Accountant Societies;

Internal Auditor(internal audit service) of the Company;

Other personnel and divisions of the Company;

Special officials special unit Companies responsible for compliance with internal control rules.

4.4. Board of Directors (Supervisory Board) of the Company:

Establishes general principles and requirements for internal control;

Approves standards, methods for organizing and implementing internal control at the level of the Company as a whole;

Makes decisions to improve the effectiveness of internal control.

4.5. Audit Committee of the Board of Directors (Supervisory Board) of the Company:

Monitors the effectiveness of internal control, the independence of a special internal control unit, the process of ensuring compliance with legislation and the code of business conduct (ethics) of the Company;

Analyzes reports from external and internal auditors on the state of internal control;

Conducts regular meetings with the heads of the Company's divisions to review significant risks, internal control problems and relevant plans;

Analyzes the results and quality of implementation of measures (corrective steps) developed by the heads of the Company's divisions to improve internal control;

Reviews cases of abuse and evaluates the adequacy of measures taken by department heads to prevent such cases.

4.6. CEO(Director) of the Company is responsible for the organization and implementation of internal control of the ongoing facts of economic life, accounting and preparation of accounting (financial) statements in general.

4.7. The Chief Accountant of the Company is responsible for organizing and implementing internal control over accounting and preparation of accounting (financial) statements.

4.8. Internal auditor (internal audit service) of the Company:

Evaluates internal controls;

4.9. Heads of departments and other personnel of the Company in accordance with their powers and functions:

Conduct a risk assessment;

Compile and update documentation formalizing the organization of internal control;

Carry out internal control in accordance with the established procedure;

Assess internal controls.

4.10. Special internal control unit (internal control service) of the Company:

Provides methodological support for organizing and implementing internal control;

Coordinates the activities of departments in organizing and implementing internal control.

5. Final provisions

5.1. These Regulations come into force on the date of its approval by the Board of Directors of the Company.

5.2. Making changes and additions to these Regulations or approving the Regulations in new edition carried out by decision of the Board of Directors of the company.

5.3. If the norms of these Regulations conflict with the requirements of the current legislation of the Russian Federation, the norms of the legislation of the Russian Federation are applied.

In accordance with Art. 19 of the Federal Law of December 6, 2011 N 402-FZ “On Accounting” (hereinafter referred to as Federal Law N 402-FZ), an economic entity is obliged to organize and carry out. An economic entity whose accounting (financial) statements are subject to mandatory audit, must organize and exercise internal control over accounting and preparation of accounting (financial) statements (except for cases where its manager has assumed the responsibility for maintaining accounting records).
Thus, from January 1, 2013, internal control of the facts of economic life is mandatory.
Read about how it can be organized based on the Recommendations of the Ministry of Finance in the proposed material.

The concept of "internal control"

Before organizing anything, we need to decide on the concepts and what we want to get in the end. IN in this case The concept of “internal control” is new for the Accounting Law; it was not in the previous Federal Law of November 21, 1996 N 129-FZ “On Accounting”. But this does not mean that this concept is completely new for subjects economic activity. Here are the norms of current legislative acts that contain similar concepts:

• Art. 85 of the Federal Law of December 26, 1995 N 208-FZ “On joint stock companies": to exercise control over the financial and economic activities of the company, the general meeting of shareholders in accordance with the charter of the company elects an audit commission (auditor) of the company;
• Art. 47 Federal Law dated 02/08/1998 N 14-FZ "On companies with limited liability": the audit commission (auditor) of the company has the right at any time to conduct inspections of the financial and economic activities of the company and have access to all documentation relating to the activities of the company. At the request of the audit commission (auditor) of the company, members of the board of directors (supervisory board) of the company, the person carrying out functions of the sole executive body of the company, members of the collegial executive body of the company, as well as employees of the company are obliged to give the necessary explanations orally or in writing. The audit commission (auditor) of the company must carry out an audit of the annual reports and balance sheets of the company before they are approved by the general meeting of its participants. General meeting members of the company do not have the right to approve annual reports And balance sheets company in the absence of conclusions of the audit commission (auditor).

Thus, LLCs and JSCs must have audit commissions (auditors) to exercise control over the financial and economic activities of organizations. However, this requirement is not always met in practice.

And finally, in Art. 3 of the Federal Law of 07.08.2001 N 115-FZ "On combating the legalization (laundering) of proceeds from crime and the financing of terrorism" gives the concept of internal control - this is the activity of organizations carrying out transactions with in cash or other property, to identify transactions subject to mandatory control, and other transactions with funds or other property related to the legalization (laundering) of proceeds from crime and the financing of terrorism. In this case, a definition of the concept of internal control is given, taking into account very specific goals and objectives.

What is meant by internal control for the purposes of applying Federal Law N 402-FZ? This Law does not define the concept of “internal control”, nor does it establish any requirements or conditions for its organization.

Information of the Ministry of Finance of Russia N PZ-10/2012 “On the entry into force on January 1, 2013 of the Federal Law of December 6, 2011 N 402-FZ “On Accounting” also states that the legislation of the Russian Federation on accounting does not establish which - restrictions on the order, methods, procedures for implementing the specified internal control.

At the same time, according to the Plan of the Ministry of Finance of Russia for 2012 - 2015 for the development of accounting and reporting in the Russian Federation based on International standards financial statements, approved by Order of the Ministry of Finance of Russia dated November 30, 2011 N 440, appropriate recommendations on the organization and implementation of internal control over accounting and accounting must be prepared for business entities. The development of these recommendations should take place with the participation of interested federal bodies executive power, Bank of Russia, professional community. Completion date: 2014

Thus, on the one hand, the legislator does not establish any restrictions on the organization of internal control, and on the other, business entities would like to see certain guidelines for organizing this work. It is clear that large companies have relevant services and divisions that work based on specific business conditions. But it is easier for small and medium-sized businesses to organize internal control based on standard recommendations, taking into account the characteristics of a particular business entity.

In September 2013, the project “Recommendations in the field of accounting “Organization and implementation” appeared on the website of the Ministry of Finance economic entity internal control of the facts of economic life, accounting and preparation of accounting (financial) statements" (hereinafter referred to as the Recommendations). At the time of preparation of this material, this document has not changed its status.

Let us immediately make a reservation that this document contains recommendations on the organization and implementation by an economic entity of internal control provided for in Art. 19 of Federal Law N 402-FZ. Internal controls established by others federal laws, is organized and carried out by an economic entity in accordance with such federal laws (see examples of laws above).

The concept of internal control

The first thing the Ministry of Finance does is to define the concept of “internal control”. It is understood as a process aimed at obtaining sufficient confidence that an economic entity provides:

• efficiency and effectiveness of its activities, including the achievement of financial and operational indicators, safety of assets;
• reliability and timeliness of accounting (financial) reporting;
• compliance with applicable legislation, including when performing business transactions and maintaining accounting records.

Goals and objectives of internal control

Internal control contributes to the achievement by an economic entity of the goals of its activities. What is interesting here is that financiers talk about the limitations of the effectiveness of internal control, despite the fact that internal control does not guarantee the achievement of set goals. The effectiveness of internal control may be limited:

• changes in economic conditions or legislation, the emergence of new circumstances outside the sphere of influence of the management of an economic entity;
• abuse of power by management or personnel of an economic entity, including collusion among personnel;
• the occurrence of errors in the decision-making process, the implementation of economic facts, accounting, including the preparation of accounting (financial) statements.

We can only agree with these restrictions: our legislation is constantly changing, the market situation is also changing (and not always for the better), and no one is immune from mistakes, and a criminal component cannot be ruled out.

Elements of internal control

• control environment;
• risk assessment;
• internal control procedures;
• information and communication;
• assessment of internal control.

Control environment is a set of principles and standards for the activities of an economic entity that define the general understanding of internal control and requirements for it at the level of the economic entity as a whole.

Risk assessment- the process of identifying and analyzing risks, that is, a combination of the probability and consequences of failure by an economic entity to achieve its activity goals.

Under internal control procedures refers to actions aimed at minimizing risks affecting the achievement of the goals of an economic entity.

Main source of information information systems of an economic entity are used for decision making. Communication represents the dissemination of information necessary for making management decisions and implementing internal control.

Evaluation of internal control is carried out in relation to all other other elements of internal control in order to determine their effectiveness and efficiency, as well as the need to change them.

Let's look at these elements in more detail.

Control environment. The control environment is the documents on the basis of which, among other things, internal control is carried out. This may be a statement about the strategy, goals and values ​​of an economic entity, organizational structure economic entity, levels of decision-making, staffing, internal administrative documents, etc.

For accounting, the main documents are the regulations on the accounting service, the accounting policy of the economic entity, and the requirements for the qualifications of accounting personnel. There may be other documents establishing general rules accounting: the procedure for interaction between departments, the procedure for making decisions on accounting issues, etc.

Risk assessment. All activities of an economic entity are associated with risks. Dealing with risks is complex and time-consuming. It can be roughly divided into two stages: identifying risks and managing them. At the same time, risks are assessed, and based on the results of such assessment, the economic entity determines the most significant risks and makes decisions to minimize their consequences through the organization and implementation of internal control.

Working with risks directly depends on the business processes and operating procedures of an economic entity. Only fairly large structures can fully carry out such work. The Recommendations provide the main directions for working with risks.

As for the risks in relation to accounting, including the preparation of accounting (financial) statements, in this case the risk assessment is intended to identify risks that may affect the reliability of accounting (financial) statements. In this case, it is advisable to proceed from the fact that full-fledged, rather than formal, accounting is maintained and, on its basis, correct financial statements are drawn up.

The Recommendations draw attention to another risk factor - abuse and fraud on the part of management and personnel. Grade given risk involves identifying areas (areas, processes) where abuse and fraud may occur, as well as opportunities for their commission, including those related to deficiencies in the control environment and internal control procedures of an economic entity.

Internal control procedures. Such procedures are necessary to minimize risks. Based on this, the Recommendations provide the following internal control procedures (with examples):

• documentation: entries in accounting registers must be made on the basis of primary accounting documents, accounting certificates, calculations;
• confirmation of correspondence between objects (documents) or their compliance with established requirements: when accepting primary accounting documents for accounting, their execution must be checked for compliance with legal requirements;
• authorization (authorization) of business transactions, which confirms the authority to carry out transactions: the employee’s advance report must be approved by the manager or authorization (authorization) of payments can be carried out by managers at different levels depending on the amount of the payment;
• data reconciliation: settlements with suppliers and customers must be reconciled;
• division of powers and rotation of responsibilities: powers to prepare primary accounting documents, authorize (authorize) business transactions and reflect the results of business transactions in accounting should be assigned to different persons for a limited period;
• physical control: security of objects, restriction of access to them, and their inventory must be ensured;
• supervision: an assessment must be made of the correctness of the performance of business and accounting operations, compliance established deadlines preparation of accounting (financial) statements;
• procedures related to computer processing of information and information systems (rules and procedures governing access to information systems, rules for the implementation and support of information systems, data recovery procedures and other procedures that ensure the uninterrupted use of information systems).

Internal control procedures are divided into:

• depending on the moment of implementation - into preliminary and subsequent;
• depending on the degree of automation - automatic, semi-automatic and manual.

Information and communication. High-quality and timely information ensures the functioning of internal control and the ability to achieve set goals. The quality of stored and processed information can significantly influence the management decisions of an economic entity and the effectiveness of internal control. Regardless of whether the accounting (financial) statements of an economic entity are subject to audit, the information system of the economic entity must ensure accounting, including the preparation of accounting (financial) statements.

As for communication, it is impossible to achieve the set goals without interaction between the subject’s divisions. For example, the personnel of an economic entity must be aware of the risks related to their area of ​​responsibility, their assigned role and tasks for implementing internal control and informing management about various facts.

Documents establishing the rules of communication may be policies in the field of external and internal communications, data presentation and reporting schedules, job descriptions.

Assessment of internal controls. The Ministry of Finance recommends that internal controls be assessed at least once a year. The Guidelines provide specific advice on how to conduct such an assessment (in the Appendix). Its purpose is to determine the effectiveness of internal control.

The scope and nature of the methods and methods for assessing internal control are determined by the head of the relevant unit or the head of the economic entity. Whether this is continuous monitoring of internal controls, or periodic evaluation, or a combination of these options depends on various factors.

The results of the internal control assessment must be documented, agreed upon with the executors of internal control procedures and presented to the management of the economic entity. The volume, composition and forms of documentation are determined by the needs of the economic entity.

If deficiencies in the effectiveness of internal control are identified, their causes are analyzed. A plan for eliminating deficiencies is drawn up with a time frame.

Organization of internal control

As a result, we came to the question of how to organize the required internal control in practice.

The procedure for organizing internal control, including the responsibilities and powers of the departments and personnel of an economic entity, is determined by the head of the economic entity, depending on the nature and scale of the activity of the economic entity and the characteristics of its management system.

• internal control must be carried out at all levels of management of an economic entity, in all its divisions;
• all personnel of the economic entity must participate in the implementation of internal control in accordance with its powers and functions;
• the usefulness of internal control must be comparable to the costs of its organization and implementation.

The last principle is especially important for small businesses. I am glad that financiers in this case remembered the requirement of rationality. Apply to in full All the elements given in the Recommendations are simply beyond the capabilities of small and medium-sized enterprises; the costs of organizing such internal control will exceed the effectiveness of its implementation. But it is also impossible to completely abandon internal control. Firstly, this is the responsibility of the economic entity. Secondly, lack of control gives rise to abuse and negligence, which inevitably leads to economic losses.

If any elements of internal control cannot be applied by a small business entity, its manager can organize internal control in any other way that ensures the achievement of the goals of the activity of this economic entity. For example, the head of a small business entity can assume all the functions of organizing and implementing internal control. If the number of personnel of an economic entity does not allow the delineation of powers and rotation of responsibilities, the small business entity can use other internal control procedures that allow covering existing risks (reconciliation, supervision).

IN general case the organization and assessment of internal control can be carried out by an economic entity independently and (or) by an independent consultant (auditor).

To organize and implement internal control, an economic entity can create a special internal control unit (internal audit service, internal control service). This is advisable in two cases: when this is the need of a given economic entity or there are legislative or regulatory requirements financial market about its creation.

The procedure for organizing and implementing internal control is subject to documentation. An economic entity must assess the need to update documentation at least once a year. The basis for this may be, for example, the results of periodic assessment and continuous monitoring of internal control, organizational changes, changes in the processes and procedures of the economic entity. Documentation must be updated within a reasonable period of time after its deficiencies or changes in the activities of the economic entity are identified.

The Recommendations provide an example of the distribution of powers and functions for the organization and implementation of internal control of an economic entity, securities which are admitted to organized trading, which can be taken as a basis by small businesses.

December 2013

In any normally operating organization, internal control was, is and will be by definition, even if the organization does not have a special local act dedicated to internal control. General management and control lie with the manager, in job descriptions for other employees it is written down who is responsible for what, internal regulations And accounting policy the document flow procedure has been determined.

However, only from January 1, 2013, the Federal Law on Accounting officially established the obligation of organizations to exercise internal control over the facts of economic life. Recently, the Russian Ministry of Finance prepared recommendations on this issue. How to organize and document internal control based on these recommendations will be discussed in this article.

Primary requirements

According to the Law of December 6, 2011 No. 402-FZ “On Accounting” (hereinafter referred to as Law No. 402-FZ), the organization is obliged to organize and carry out internal control of the facts of economic life, and if it is subject to it, then it is obliged to organize and carry out internal control of accounting and preparation of accounting (financial) statements (except for cases where its manager has assumed the responsibility for maintaining accounting records).

Does not describe how and to what extent internal control should be carried out. However, it is clear that it must be sufficient to ensure the reliability of the facts of economic life and the accounting (financial) statements of the organization.

Law No. 402-FZ does not describe how and to what extent internal control should be carried out. However, it is clear that it must be sufficient to ensure the reliability of the facts of economic life...

For example, issues of internal control in economic entities are regulated by rules establishing the creation of audit commissions for the financial and economic activities of the company:

• Article 85 of the Federal Law of December 26, 1995 No. 208-FZ “On Joint-Stock Companies”;
• Article 47 of the Federal Law of February 8, 1998 No. 14-FZ “On Limited Liability Companies”.

The requirements stipulated by these federal laws must be observed.

IN this document The concept of internal control is given as a process aimed at obtaining sufficient confidence that the organization provides:

• a) efficiency and effectiveness of its activities, including the achievement of financial and operational indicators, safety of assets;
• b) reliability and timeliness of accounting (financial) and other reporting;
• c) compliance with applicable laws, including when carrying out business activities and maintaining accounting records.

Elements of internal control

The main elements of internal control of an economic entity are:

• control environment;
• risk assessment;
• internal control procedures;
• information and communication;
• internal control assessment

Control environment is a set of principles and standards for the organization's activities that define the general understanding of internal control and requirements for internal control in the organization as a whole. It reflects the management culture of the organization and creates the appropriate attitude of the organization’s personnel to the implementation of this control.

Communication as an element of internal control, it is a way of disseminating information necessary for making management decisions and implementing internal control. For example, each employee of the organization should be aware of the risks related to his area of ​​responsibility, his assigned role and tasks for implementing internal control and informing management.

Setting up control behind the facts of economic life is very important for the organization. Control is traditionally divided into preliminary, current and subsequent. It is optimal when these stages are divided between different employees organizations. If authorization and control over business transactions are entrusted to one official, this can lead to mistakes and possible abuses on his part - after all, he has complete control over economic life, from “a” to “z”. If different employees are involved in different stages of control, this increases the independence and efficiency of control activities. To carry them out, it is advisable (not mandatory, but desirable) to create an internal control commission. It is its members who will be independent auditors.

Risk assessment and management are also an important component of the internal control system. Risk is understood as a combination of the probability and consequences of failure by an economic entity to achieve its activity goals. Risks can be grouped into the following types: financial, legal, country and regional, reputational, etc. Information about the risks of business activities is necessary for an organization to full presentation about your financial situation, financial results activities and changes in your financial position.

For your information!

Organizations publishing annual reporting for each type of risk in the annual financial statements, they are required to disclose information about such qualitative characteristics of their business activities as exposure to risks and the reasons for their occurrence; concentration of risk (description of specific general characteristics, which distinguishes each concentration (counterparties, regions, currency of settlements and payments, etc.); risk management mechanism (goals, policies, procedures applied in the field of risk management, and methods used to assess risk, etc.); changes compared to the previous reporting year (Information of the Ministry of Finance of Russia No. PZ-9/2012).

To achieve its financial stability, an organization can apply the following internal control procedures:

• documentation (for example, making entries in accounting registers based on primary accounting documents, including accounting certificates; including significant estimated values ​​in the accounting (financial) statements solely on the basis of calculations);
• checking the execution of primary accounting documents for compliance with established requirements when accepting them for accounting;
• sanctioning (authorization) of transactions and operations, providing confirmation of the competence to carry them out. As a rule, it is performed by personnel more than high level than the person carrying out the transaction or operation;
• data reconciliation;
• division of powers and rotation of staff duties;
• procedures for monitoring the actual presence and condition of objects, including physical security, access restrictions, inventory;
• supervision over the correctness of transactions and operations, the execution of accounting operations, the accuracy of drawing up budgets (estimates, plans), compliance with established deadlines for the preparation of accounting (financial) statements;
• procedures related to computer processing of information and information systems (rules and procedures governing access to information systems, data and directories, rules for implementing and supporting information systems, data recovery procedures, etc.).

In any case, if the basic procedures for controlling the facts of economic life are not followed formally, but are well developed, then they will ensure high efficiency of the internal financial control of the organization as a whole.

Documenting internal controls

The procedure for organizing and implementing internal control must be documented on paper and (or) electronically. Provisions relating to the organization of internal control are part of the constituent and internal organizational and administrative documents of the organization (orders, instructions, regulations, job and other instructions, regulations, methods, accounting standards).

In relation to accounting, including the preparation of accounting (financial) statements, the control environment can be described by the regulations on the accounting service, the accounting policy of the organization, requirements for the qualifications of accounting personnel and other documents establishing general requirements for the environment in which accounting is organized and maintained. accounting, the procedure for interaction between departments and personnel of the organization and decision-making on accounting issues.

On a note

Documents establishing the rules of communication may be: regulations, schedules for data provision and reporting, job descriptions.

Documentation on the organization of internal control must be regularly updated. The need to update it should be assessed at least once a year. The basis for updating documentation may be, for example, the results of continuous monitoring of internal control, organizational changes, changes in the processes and procedures of the organization.

Organization of internal control

The procedure for organizing internal control, including the responsibilities and powers of the organization’s divisions and personnel, are determined depending on the nature and scale of its activities and the characteristics of its management system.

When organizing internal control, it is necessary to proceed from the fact that:

• internal control must be carried out at all levels of management of the organization, in all its divisions;
• all employees must participate in the implementation of internal control in accordance with their powers and functions;
• the usefulness of internal control must be comparable to the costs of its organization and implementation.

Internal control is usually carried out by:

management bodies of the organization;

audit commission (auditor);

chief accountant or other official of the organization who is responsible for maintaining accounting records;

internal auditor (internal audit service);

special officials, a special division of the organization responsible for compliance with the rules of internal control provided for by other federal laws;

other personnel and departments of the organization.

When organizing and implementing internal control of the facts of economic life, the organization must be guided by the requirement of rationality.

Elena Antanenkova, head of the expert consulting department of the First House of Consulting “What to do Consult”, for the magazine “ Regulatory acts for an accountant"

Looking for a solution to your situation?

“Practical Accounting” is an accounting journal that will simplify your work and help you keep your books without errors. The publication is also available in electronic form.