Are You Controlling The Future?

RECENT ARTICLES

Featured

Book Review - 99% Mark E.Thomas

Book Review - 99% Mark E.Thomas

Execution Management vs Performance Management

Execution Management vs Performance Management

Are You Controlling The Future?

Are You Controlling The Future?

Accountants the New Carbon Counters?

Accountants the New Carbon Counters?

Caught in the Middle - The Mediation Experience

Caught in the Middle - The Mediation Experience

Catch Up? Coach Up!

Catch Up? Coach Up!

Why expose an aged, high risk and vulnerable Excel to Covid19 - A reminder of good healthcare practice!

Why expose an aged, high risk and vulnerable Excel to Covid19 - A reminder of good healthcare practice!

Strategy Execution Management - Turning Ideas Into Action

Strategy Execution Management - Turning Ideas Into Action

Your Map to the Future

Your Map to the Future

Welcome.

Jethro- The First Management Consultant!

Jethro- The First Management Consultant!

← BACK TO ARTICLES

The following article was previously published as part of Finance & Management – FM153, by the ICAEW’s Finance and Management Faculty.

Are You Controlling The Future?

20 November 2020

When redesigning strategy and working processes, companies often neglect their internal controls until later. Yet, say Jeff Herman and Mike Almond, such periods of change are the ideal time for simultaneously improving the management of future risk.

controlling the future.png

Managing a response to the forces of change is probably an organisation’s greatest challenge. As well as competition, climate change, credit crunches and regulatory compliance, there is the threat of the simply unknown to be taken into account.

Having opted for a fundamental rethink of the organisation’s strategic direction and ways of working (as opposed to just tinkering at the edges), a new infrastructure of process designs, change managers and war rooms must be established to design the future operating model in a controlled and considered way.

This redesign is rarely easy. With the constant (if clichéd) encouragement to think outside the box, paint the sky blue and challenge everything, the future suddenly looks a lot less controllable ... especially if the operational and financial processes are to be changed.

Further, in the desire to ‘design the future’, internal controls may not be at the forefront of minds. Indeed, despite the official requirement for directors to provide assurances regarding the effectiveness of an organisation’s internal controls, process designers still seem to give them a low priority, even when there are very substantial inherent financial risks.

To give just one example of this, the unbilled gap between purchases and sales in the utilities industry frequently requires write-offs of hundreds of millions of pounds. This can often be the result of a utility being unable to invoice customers, because they may not have the correct address or even any knowledge of them at all.

So although not all of this type of risk can be avoided, the start of a process redesign would appear to be an ideal opportunity to get the management of such risks right.

Why internal controls are neglected

The reasons for not embedding internal controls during process design can be a complex mix of:

● poor understanding of internal control issues;

● the nature of projects;

● lack of process design skills; and

● lack of an appropriate framework within which to consider internal controls.
Below, we take a look at each of these above factors, and suggest (with a sample framework) how management – particularly finance professionals – can work towards a remedy.

Risk management and internal control are usually deferred to the accountants and auditors following completion of the perceived ‘real’ work

Poor understanding of internal control issues

A change management group at a utilities company was recently asked about the internal controls over its reengineered processes. Their reply was: “What have internal controls to do with us?” And at corporate governance workshops within the same company

even those in the finance function provided a poor response to the question: what is internal control?

To understand what we are talking about here, the Treadway Commission’s Committee of Sponsoring Organisations (COSO) (www.coso.org) defines internal control as ‘a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:

● effectiveness and efficiency of operations;

● reliability of financial reporting; and

● compliance with applicable laws and regulations.’

The implication of this definition (used for both Sarbanes-Oxley and Combined Code compliance) is that an organisation must adopt a recognised internal control framework to provide the oversight and processes to manage and embed risk management techniques and controls within the organisation and its operations.

The nature of projects

Business managers and professionals, working in hierarchical organisational structures with a clear career path are often reluctant to be assigned to major change projects. Accountants are typically employed to be focused functionally on activities related to financial planning, budgets, forecasts and other activities enabling effective stewardship, resource management and decision making.

In major change initiatives, accountants will undoubtedly get involved in the financial modelling for the business case, but are not the obvious candidates for envisioning what the future business will look like along with the underlying process designs. They will typically be concerned about the career risk of time spent on a project and the difficulty of reintegrating into the organisation once the project ends.

Also, since any form of change can fail if not managed in a disciplined and sensitive way, relatively new disciplines have evolved around project and change management staffed by in-house teams and external consultants. While these change managers have a very broad range of technical and interpersonal skills, their grasp of the subtle arts of organisational psychology may not be enough to engage with and understand the language of a wide range of professional disciplines within an organisation.

Yet at the same time, there are often preconceptions that accountants, and risk management and internal control experts, are the people who like to say no, rather than a source of quality process design input. Risk management with its focus on managing and minimising potential financial loss, can be viewed as negative and constraining.

Accountants are often untrained in the techniques of process design and not confident in their own abilities to contribute and to take a leadership role

Hence, consideration of risk management and internal controls is usually deferred to the accountants and auditors following completion of the perceived ‘real’ work of designing efficient management and operational processes. Such a response misses the opportunity to ensure efficient, effective and regulatory compliant processes that are aligned with the business objectives and resilient to the shock of future changes.

Lack of process design skills

As technical finance experts, accountants are often untrained in the techniques of process design and not confident in their own abilities to contribute and to take a leadership role (see ‘Case study’ below).

CASE STUDY.png

Risk Management Framework.jpg

Figure 1 (above) illustrates the risk management process needed to build controls into management processes cost effectively.

Conclusion

Clearly, finance and internal control professionals need a range of skills to engage effectively with business and change managers. Understanding the language and process of change may not enable finance professionals to control the future, but they may be better able to influence the outcomes for the business.

Ideas for Action.png

The implementation of internal controls is not a one-off project but must be developed as part of the culture of the organisation and a defined management process. So before embarking on any major change programme, assess your organisation’s approach to risk management and internal controls by considering the above ideas for action. ■

Jeff Herman26 November 2020Blue-plate Consulting Ltdconsulting, mediation, legal, changemanagement