Internal Controls
Processes and procedures a company implements to ensure the accuracy of financial reporting, prevent fraud, and comply with laws.
What is Internal Controls?
Internal controls are policies, procedures, and mechanisms a company puts in place to safeguard assets, ensure the reliability of financial reporting, promote operational efficiency, and achieve compliance with applicable laws and regulations. The most widely used framework for internal control is COSO (Committee of Sponsoring Organizations of the Treadway Commission), which organizes controls into five components: control environment, risk assessment, control activities, information and communication, and monitoring. Under the Sarbanes-Oxley Act (SOX), US public companies must include management's assessment of internal control over financial reporting (ICFR) in their annual 10-K, and the external auditor must attest to that assessment. A material weakness in internal controls is a serious red flag that can trigger restatements.
Example
In 2015, Toshiba was forced to restate years of financial results after discovering that internal controls failed to prevent systematic earnings inflation by senior management. The scandal illustrated how weak internal controls enable fraud to persist undetected, ultimately destroying shareholder value.
Source: Investopedia — Internal Controls