Original article was published on Artificial Intelligence on Medium
Your Control Environment
When developing a control environment, keeping your audit in mind is critical. The audit team should feel comfortable that the control environment is robust enough to catch errors that could produce a material misstatement. Preventive controls are the best, but detective controls can also catch errors, so marrying the two to round out your control environment is essential.
Here, we will focus on pain points that come up specifically as it relates to the revenue process control environment and audit.
Industry best practices for data integrity and completeness include some automated controls such as system change management controls, but still mostly rely on the manual matching of data from multiple sources.
Handling multiple systems
Your business may run on one type of transaction and source. For instance, all transactions could be invoices generated from your core accounting system. However, the reality of most businesses is that they rely on a wide range of systems. You may have credit card transactions coming from multiple sources, invoices from your accounting system, billings out of your subscription management tool, fulfillment confirmations out of a home grown system, and more.
This means that compiling and assessing your transactions on a monthly basis for review and closing of the books could be onerous and manual, and the process to identify transactions that require additional review after closing could be error-prone. Each company has their own way of mitigating these risks by focusing on data integrity and completeness.
The current industry best practice for individual contract review is to mine the data from these multiple systems as the review takes place. However, this process remains time consuming, inconsistent (especially during a time of high volume), and manual. Ideally, one could automate extraction into one record of truth.
Data Integrity and Completeness
You must validate that all of the transactions that happened on the litany of systems used by your company have flowed into your accounting system. This is often validated by pulling reports from each of these systems and comparing them to your ERP. Next, you must ensure that the transactions that flowed through to your system are accurate. Is the dollar value, currency, and revenue waterfall accurate based on the contract with the customer? Finally, when an audit comes around, you may have to prove how you validated the completeness and accuracy of your transaction population. This could be a combination of screenshots of your report parameters (that must be repeatable), reconciliations performed by the team, and other evidence that the system is accurately reporting your company’s activity.
Industry best practices for data integrity and completeness include some automated controls such as system change management controls, but still mostly rely on the manual matching of data from multiple sources. Automated matching for completeness and accuracy of your contract data would relieve much pressure and help you close the books faster.
One Record of Truth
When the audit comes around and the auditors make sample selections of your transactions, you must pull all relevant data from all of the systems involved and compile them in one place for the audit team to review. This usually happens through a file share system or on a secure site owned by the audit team. Manually adding transactional data to these files often leads to information being omitted or placed into the wrong location prompting follow-up by the audit team and delays in the testing process.
The current best practice, file sharing, is not sufficient to solve this challenge. Systematic population of a unique record for each customer contract would take manual file transfer and lack of appropriate support out of the equation.
Formalizing the Process
Even the most organized companies struggle with the areas discussed above, but the best-in-class have a formalized process that is repeatable and streamlined. This leads to a consistent understanding of the process by the audit team (even new audit team members), and smoother, more consistent, and faster audits. Ensuring that these processes are as automated and streamlined as possible is the key to saving time and money!
Hidden Cost of an Audit
Something that often goes unmentioned when discussing costs of an audit are the hidden costs: all of the time spent by a team member to pull relevant documentation and answer follow-up questions from the audit team could be spent on other, more critical initiatives for the team. Your company might have a policy of double checking any analysis that was performed on a transaction before sending it over to the auditors. Consistency is key. Once you can establish what the auditors are looking for, perform tasks within your accounting policy, and develop a streamlined and repeatable process, working with auditors will be a much less painful process. However, even if your process is solid, documented, and repeatable, this process is lengthy and consumes valuable time from your staff members.
Read more about automated contract review for revenue recognition purposes.
* Substantive detailed testing are those activities performed by the auditor to detect material misstatement or fraud at the assertion level.