John A. Tracy - Accounting For Dummies

Although Sarbanes-Oxley applies legally only to public companies, the accounting profession has taken the position that requirements of the law are relevant to all businesses. As a matter of fact, independent CPA auditors in their audit report state whether they think the internal controls over financial reporting are adequate for preventing misleading financial statements.

Accounting is characterized by lots of documentation — forms and procedures (digital or hard copy) are plentiful. Most business managers and employees have their enthusiasm under control when it comes to the documentation and procedures that the accounting department requires. One reason for this attitude, in our experience, is that nonaccountants fail to appreciate the need for accounting controls.

These internal controls are designed to minimize errors in bookkeeping that processes a great deal of detailed information and data. Equally important, controls are necessary to deter employee fraud, embezzlement, and theft as well as fraud and dishonest behavior against the business from the outside. Every business is a target for fraud and theft, such as customers who shoplift; suppliers who deliberately ship less than the quantities invoiced to a business and hope that the business won’t notice the difference (called short-counts ); and even dishonest managers themselves, who may pad expense accounts or take kickbacks from suppliers or customers.

For these reasons, a business should take steps to avoid being an easy target for dishonest behavior by its employees, customers, and suppliers. Every business should institute and enforce certain control measures, many of which are integrated into the accounting process. Following are five common examples of internal control procedures:

Requiring a second signature or electronic approval on cash disbursements over a certain dollar amount

Matching up receiving reports based on actual counts and inspections of incoming shipments with purchase orders before approving checks for payment to suppliers

Requiring both a sales manager’s and another high-level manager’s approval for write-offs of customers’ overdue receivable balances (that is, closing the accounts on the assumption that they won’t be collected), including a checklist of collection efforts that were undertaken

Having auditors or employees who do not work in the warehouse take surprise counts of products stored in the company’s warehouse and compare the counts with inventory records

Requiring mandatory vacations by every employee, particularly bookkeepers and accountants, during which time someone else does that person’s job (because a second person may notice irregularities or deviations from company policies)

I (coauthor Tage) have decades of experience working closely with small businesses, and I’ve found that many small-business owners tend to think they’re immune to embezzlement and fraud by their loyal and trusted employees. These are personal friends, after all. Yet many small businesses are hit hard by fraud and can least afford the consequences. Most studies of fraud in small businesses have found that the average loss is well into six figures! You know, even in a friendly game of poker with our buddies, we always cut the deck before dealing the cards around the table. Your business, too, should put checks and balances in place to discourage dishonest practices and to uncover any fraud and theft as soon as possible.

And then there’s the growing specter of hacks into the information databases of businesses. These intrusions are referred to as cyber threats, hacks, and ransomware. Hackers have broken into the computer information systems of many major companies, getting around the inadequate controls the businesses had in place. Interestingly, hackers haven’t shown interest in accounting information per se. Rather, the hackers are after Social Security numbers, credit scores, home addresses, passwords, email addresses — mainly personal and private information. In addition, there’s been a growing trend with ransomware where the perpetrator hacks a computer system to paralyze a company from operating, thus causing significant financial damage (and demanding a ransom payment to restore order).

We don’t know of a computer database break-in for the purpose of manipulating or destroying accounting information — but a hacker could alter accounting information after breaking into a company’s information system. The topic of cybercrime is beyond the scope of this book, other than to warn you about this serious threat that requires a whole new set of internal controls. A new class of forensic professionals has emerged who advise and assist businesses in coming to grips with cyber threats. These specialists include both accountants and IT (information technology) experts.

Businesses and nonprofit entities use double-entry accounting. But we’ve never met an individual who used double-entry accounting in personal bookkeeping. Instead, individuals use single-entry accounting. For example, when you write a check, process an electronic payment, or make a payment on your credit card balance, you undoubtedly make an entry in your checkbook to decrease your bank balance. And that’s it. You make just one entry — to decrease your checking account balance. It wouldn’t occur to you to make a second, companion entry to decrease your credit card liability balance. Why? Because you don’t keep a liability account for what you owe on your credit card. You depend on the credit card company to make an entry to decrease your balance.

Businesses and nonprofit entities have to keep track of their liabilities as well as their assets. And they have to keep track of all sources of their assets. (Some part of their total assets comes from money invested by their owners, for example.) When a business writes a check or processes an ACH payment to pay one of its liabilities, it makes a two-sided (or double) entry — one to decrease its cash balance in the bank and the second to decrease the liability. This is double-entry accounting in action. Double-entry does not mean a transaction is recorded twice; it means both sides of the transaction are recorded at the same time.

The two-sided nature of business accounting is summarized in the accounting equation, which puts assets on one side (almost always on the left) and the sources of assets on the opposite side, as follows:

$Assets = $Liabilities + $Capital + $Retained Earnings

The equal sign means that for every dollar of assets, there’s a dollar from one of the sources of assets on the right side of the accounting equation. Assets do not materialize out of nothing. Assets come from somewhere. There are three fundamental sources of assets: liabilities, capital invested in the business by its owners, and retained earnings (accumulated profit that has been earned but not distributed to its owners by the entity). Combining a business’s capital and retained earnings gives you its owners’ equity, or the net worth of the business.