[BLOG] State of Controls & Risk Oversight in Africa – The Solution
By Adewale Ademokunla
COSO (The Committee of Sponsoring Organizations of the Treadway Commission) defines internal control as a process, affected by an entity’s board of directors, management and other personnel. This process is designed to provide reasonable assurance regarding the achievement of objectives in effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations.
Risk is defined as a probability or threat of a damage, injury, liability, loss, or other negative occurrence that is caused by external or internal vulnerabilities, and that may be neutralized through preemptive action.
Internal controls play a vital role in the risk mitigation process, if applied appropriately. The importance of an effective and efficient internal control structure cannot be over emphasized in a nation’s private and public sustainable development.
There is a need to strengthen our control environment and increase our risk oversight in Africa by implementing the right company policies, a robust internal controls structure, applying a state of art GRC (Governance, Risk & Control) software technology and outsourced internal audit or in-house would go a long way in combating fraud in our society. A fraud risk can be addressed by a simple SOD (Segregation of Duties) strategy, GRC fraud software alert, financial ratio / trend analysis or an appropriate whistleblower compliance hotline operated by an objective independent third party provider.
Resource Result conducted a research recently to know the annual cost of fraud to organizations in Africa; also we wanted to assess corporate knowledge level on control and fraud risk assessment strategies. Furthermore, we conducted a survey on ERM (Enterprise Risk Management) strategy and how to set up internal control design and implementation in mid-size organizations. Feedback from these researches and surveys amongst supposedly qualified and charted professionals shows there is a substantial knowledge gap to be filled in the state of controls and risk oversight in Africa.
However, the responsibility of risk oversight, control and compliance cannot be left in the hands of the private sector alone. The big hand of the government should lend the adequate support through appropriate legislation, by creating the right tone at the top. This would ensure a successful control environment in our continent.
To create an effective and efficient internal control framework, five components need to be present:
1) A control environment driven by good governance and the right tone at the top
2) A vibrant risk assessment capability model
3) Good company / government policies and procedure
4) Effective and efficient internal controls process
5) Continuous monitoring and communication structure for internal controls
A nation without an effective and efficient internal controls structure in both private and public sectors may be prone to waste, fraud and abuse. Such a nation would lack adequate foreign investment and may have slow economic growth moving into the future.
Ade Ademokunla, MBA, CIA, CFE, CSOE, CRMA
Africa managing partner & CEO @ Resource Result Ltd.
Connect with us of LinkedIn, Skype & Twitter