Four Action Internal Control Model


What is it?

Internal control systems make sure that an organization’s financial resources are protected. They protect these assets from misuse and manage internal risks. Internal controls ensure that an organization’s resources are used for the purposes intended and are utilized effectively and efficiently.

An effective internal control system also protects staff involved in financial tasks. If an organization and a project have strong internal controls, it helps remove any suspicion of misuse, and temptation or opportunity to misuse resources.

FMD Pro recommends the four-actions internal control model. This guides a team as it establishes a system of internal control, including policies, procedures, and practices that control fraud, theft and errors before, during and after they occur.

 

The four components of the model – direct, prevent, detect and correct – provide a framework for designing internal controls to minimise the risk of errors, omissions, fraud and theft

·  Direct actions – set clear guidance and expectations for good financial practice in advance of project activities being implemented.

·  Prevent actions – establish systems and processes that will reduce the opportunity for theft and minimize the risk of losses due to errors or incompetence during project implementation.

·  Detect actions – implement processes and procedures to identify where things have gone wrong after an activity or process has taken place

·  Correct actions – update and improve internal control systems as the team learns from experience, correcting errors and providing continuous improvement to reduce risks.

 

How do I use them?

 

The following scenario from UNITAS demonstrates how the four-actions internal control model is used in its Capacity Building Project.

 

UNITAS decided to use the four-actions model to reduce the risk of misuse of its resources. During the project launch, Amira, as Project Manager, leads a team meeting setting out each of the four components of the model and mapping the policies and practices that will be implemented in each of the four action areas.

The results of the meeting are documented below:

 

Once the four-action model internal control activities are identified, they are implemented through the life of the project. The model is revisited on a regular basis to ensure the internal control system remains strong and effective in protecting resources and staff.

 

When do I use them?

The four-actions model sets the policies, procedures and practices that must be followed by the project team throughout the life of the project. These internal control actions are shared with the project team during project launch, setting a firm foundation of internal control for the project.

As the project moves into implementation, the team uses the direct, prevent, detect and correct actions to ensure project resources are protected and utilized efficiently. Results are monitored and the system continues to evolve and improve – building on lessons learned and reinforcing areas of strength.

Who is involved?

The project manager needs to ensure that all members of the project team are familiar with and accountable for the implementation of the internal control policies, procedures and practices. Many of these internal controls are derived from the organization’s Finance Manual.

Related tools

Finance Manual
Delegation of Authority Document
Separation of Duties

Tips

Internal controls are important to pick up errors and omissions in the accounting records, not only to detect fraud or deliberate misuse of resources.  These errors can be addressed with correct actions.