Financial controlling and compliance in practice

Companies are exposed to increasing finance compliance requirements together with increased demands for transparency, validity and speed in management reporting and a focus on efficiency.

Therefore, financial controlling plays a decisive role in supporting the two fundamental tasks in Finance: to ensure the foundation of and prepare transparent and valid management reporting as well as meet the company’s compliance requirements. But these tasks are not without challenges. So, in this article, you can read about how a holistic financial controlling framework can help you address them.

All companies, and their challenges in Finance, are different. But we often encounter one or more of the below issues:

1. That the accounting effects are clarified reactively as Finance is involved too late when business activities and strategic initiatives are decided.
2. That the internal controls only to a limited extent support the precision needs in the internal decision-making basis.
3. That the control environment reflects a ‘historical’ risk landscape which leads to errors and inefficiency.
4. That unclear roles and responsibilities in the interfaces within Finance and with the rest of the organisation lead to inefficient decision-making processes, tasks either not being completed or completed several times and policies not being adhered to.
5. That finance legislation is difficult to implement in practice considering the materiality level, resulting in over-implementation without value creation.
6. That internal guidelines (e.g. accounting manual) lack updating which results in inconsistent handling, non-standardised processes and inefficiency e.g. based on corrections.
7. That there is an untapped potential from automation and digitalisation that could reduce the risk of errors and increase efficiency.

These seven issues all throw grit into the machinery when Finance needs to deliver on core tasks. But fortunately, advice is available if you can relate to one or more of these issues.

Figure 1: Financial controlling supports numerous tasks centred around reporting and compliance.

The figure illustrates that the basis for a finance organisation that delivers on a high quality and efficiency level is made up by the interaction between the management values and company culture, the technology support, the policies, the employees and the organisation. 

Based on the vital importance of financial controlling (Figure 1), you can follow the plan shown in Figure 2, where you will go through four main steps.

Figure 2: The figure shows the four steps you must go through to strengthen the control environment in your company, and that this work is a continuous and iterative process as the risk landscape is constantly changing.

The compliance-driven risks are often relatively static, unless the company is planning e.g. stock listing, acquisition, divestment etc. On the other hand, they are often characterised by a higher vocational complexity which may, e.g., be addressed with external assistance on an ad hoc basis.

The activity-driven risks, on the other hand, are often more dynamic in relation to the company's strategy and development and are therefore easier to comprehend. Understanding these thus requires Finance's close dialogue with the rest of the organisation.

The two main sources of risks that the control environment must manage thus exist both independently and dependently of each other, as the business activities need to be identified for the company to determine the scope of the relevant legislation.

The external and internal financial reporting have different purposes. Therefore, it may be relevant to differentiate the accounting practice used depending on the company’s activities and complexity.

The policy for external reporting is to a high degree regulated by legislation whereas the internal policy should be established to support your financial governance model (on the strategic, tactical and operational level).

The practice for the internal reporting should be based on the external reporting to ensure a ‘common language’ and to minimize the need for adjustments. But in selected areas, your company should consider differentiated principles to support business-optimal decisions. Among others, this may be cost allocations, pricing of group internal transactions (the legal settling price follows the arm’s length principle), use of indirect production costs, separation of ‘special items’ and segmentation according to business areas, customers, geography etc. independent of the legal structure.

To avoid discussions on the correctness of the internal reporting, you must have established governance for inclusion, measurement and classification. Furthermore, you must establish the materiality level of the internal reporting based on the precision need in the decision-making basis with the respective users, that is, e.g., on another aggregation level, cost/profit centre structure etc.

The basis for the materiality level of external reporting, which will often be higher, is established by legislation, but there may be areas where the external reporting dictates a lower common denominator.

Based on the company’s activities – and thus on its reporting and compliance landscape – follows a series of steps to design an efficient and risk-targeted control environment

• Identify the potential financial, operational, compliance-related and strategic risks.
• Assess the risk profiles in relation to what the risk consists in and qualify likelihood and effect (separately).
• Mirror the control design in the risk profile and decide whether the control should be preventive or discovering, automatic or manual, control frequency, who should be conducting it, and whether the control should be approved (e.g. as a spot check).
• Make design decisions based on risk type, precision needs vs. resource use based on the risk’s likelihood and effect profile.
• Document the linkage between risks and controls in a risk and control matrix to ensure that all risks are efficiently covered.
• Introduce a process for monitoring if the controls are conducted (efficiently) and for reporting of control weaknesses to the decision makers.

Successful implementation involves integrating the controls into your other processes and ensuring buy-in from the organisation. You can achieve this by highlighting the value of the control environment e.g. in the form of increased validity in internal reporting, better quality and efficiency in business controlling and partnering etc. – especially because internal controls may be perceived as additional bureaucracy that hinders agility and efficiency. And, of course, top management's support and communication thereof is also a key factor. In the implementation, you can therefore consider: 

• Integration in business procedures so you can even out the use of resources, e.g. for the purpose of fast close.
• How you communicate roles and responsibilities clearly – to clarify the interfaces within Finance and with the rest of the organisation.
• How you map risks and create a control design that is supported by software solutions to ensure efficiency, quality and cheaper scalability.
• Which requirements are placed on compliance-technical skills so you can conduct upskilling and thereby ensure that the controls are carried out with high quality and consistency.  

The strengthening of the control environment will depend on the company’s activities and complexity – and thereby the derived risks – and fully or partly be an iterative process where the control design is evaluated, adjusted and re-implemented until the anchoring in the organisation is consistent with your risk appetite and allocation of resources.

And the goal is constantly moving – either because the company’s activities and complexity change because legislative requirements or external expectations for external reporting become stricter, the management’s decision-making basis must be adjusted or prepared faster or for an entirely different reason – so that the work on further developing the control environment is a continuous task for Finance and the rest of the organisation.