C-SOX: RRR Test procedures
Revenue recognition has been the area where the majority of accounting misreporting and restatements have occurred. As a result, RRR business processes (Revenue, Receivables and Receipts) must be carefully reviewed, to ensure that internal controls are fundamentally strong and the key controls exist to prevent and detect errors and irregularities. Highlighted below are some of the controls that should be reviewed as part of the Revenue recognition process.Revenue recognition
Accounting policy – One of the most important components is to understand the company’s choice of accounting policies as it pertains to revenue recognition. For instance, Canadian generally accepted accounting principles (GAAP), require that 3 conditions are met before a for profit company can recognize a sale / revenue in its financial statements; 1) performance has been completed by the company creating a legally binding obligation for the customer, 2) the amount owing is measurable (the financial amount is determinable and agreed), and 3) the collectability of the amount owing can be reasonably assured. Therefore it is important to understand the policies that the company has adopted to ensure they are in accordance with GAAP. The sales / revenue policy should be controlled by the senior financial person in the organization, and only this person should be authorized to make changes. The choice of accounting policy may seem obvious, but it is often the key determining factor involved determining revenue recognition, and consequently my opinion is that the policy should be carefully reviewed, particularly when new products or services are introduced.
Sales Order Processing – It is critical that “segregation of duty” controls are in place to ensure that pricing, shipping and invoice processes are separate from one another. If the organization is small, then adequate oversight and approvals should be in place as mitigating controls. Almost all companies have computerized systems that calculate and record sales and revenues, and therefore another key control pertains to the system access controls (system access restrictions, passwords etc) that ensure only authorized employees can make changes to pricing, release shipping orders, and generate invoices. In general, due to the potential “conflict of interest”, Sales personnel should always be restricted from accessing these files.
There is no “boiler plate” revenue recognition process that covers all situations, so it is important to obtain professional accounting and audit advice.
Please contact Edelkoort Smethurst Schein CPA’s LLP if you have any questions or comments.