Internal Financial Control (IFC)

  • Financial Irregularities / Discrepancies whether intentional or erroneous do occur in the entire year
  • Auditor opines on the True and Fair view of the financials only at the end of year. The opinion is based on the review of financials, rectification of errors, valuationsand measurements to ensure that financials are true and fair.
  • However the entire year is away from review of auditor and control failures pose risk of financial losses during the year. A limited review also does not suffice the purpose as it is very limited and no detailed review of the controls in place
  • There is a need to put up a structured framework which demonstrates existence of controls, which the management can rely, the auditor can rely and will result in overall enhanced corporate governance
  • The framework should not be a mere feeling to the management but something which is tangible / producible

IFC is a preventive audit where each process owner validates each control time and again and establishes the faith within the management that he is reasonable in performing his activities and risks are mitigated by him. If not, it gets automatically highlighted rather than waiting for the internal audit or statutory audit to highlight.

  • Section 143(3) of Companies Act 2013 requires the Auditors report to state whether the company has adequate internal financial control system in place and the operating effectiveness of such controls. This is applicable for all companies
  • Rule 8(5)(viii)Companies Accounts Rules 2014 requires the directors to report on the Adequacy of Internal financial controls
  • However for listed companies Section 134(5)(e) of Companies Act 2013 requires the management to report on adequacy a7 operating efficiencies of both financial controls and operating controls as well

IFC is a process designed to provide reasonable assurance regarding:

  • The reliability of financial reporting;
  • The preparation of financial statements for external purposes in accordance with generally accepted accounting principles;
  • Ensuring the orderly and efficient conduct of its business;
  • Adhering to company’s policies;
  • Safeguarding of its assets;
  • Prevention and detection of frauds and errors;
  • Accuracy and completeness of the accounting records

The institute of Chartered Accountants of India has issued a Guidance note on the said matter in September 2015

Components of IFC

Control Environment

  • 1) Entity Level Controls
  • 2)IT General Controls

Risk Assessment

  • 1)Risk Assessment for account balances

Information Systems & Communication

  • 1)Reports
  • 2)Information flow within organization


  • 1) Monitoring of Controls
  • 2)Internal Audits

Control Activities

  • 1)Application and Process Controls
  • 2)SOD

Our Services

Design of IFC Framework
  • Risk Assessment
  • Suggestion of Controls based framework
  • Designing of framework
  • Training and handover of framework of control owners
Initial Testing of Framework
  • Testing of Controls
  • Gap Analysis
  • Recommendations
Sustenance Testing & Other Support Services
  • Periodic Sustenance Audits
  • Internal Audits
  • Support in Gap Mitigation

Ankekshan Methodology

  • Planning the implementation
  • Identification of Items & transactions in Financial Statements
  • Process Walkthrough
  • Risk Assessment
  • Controls identification
  • Discussion with Process owners and consideration of inputs
  • Validating inputs and acceptance of final risks and controls
  • Hand over of controls to respective process owners and Training
  • Testing of controls for GAP analysis
  • Recommendations
  • Periodic Sustenance audits
  • Internal Audits
  • Support in Gap Mitigation

Business Process Re-engineering

Business Process Re-engineering (BPR) examines the efficiency and effectiveness of a company's most critical processes. It is a key enabler to deliver the highest-quality of service, in the most productive way, at the most competitive cost and time to output.

We work with each client to prioritize key processes based on the value at stake. For each priority process we develop a view of the current state based on operational data, using detailed process maps and analysis to help identify major gaps

  • Current State Analysis - Identify areas for improvement and opportunities for process redesign in the current “As-Is” environment
  • Future State Design - Identify the desired future state or the “To-Be” environment; identify the required resources to implement their chosen solution
  • Gap Analysis - Analyze the gap between current and future states, as well as the impact to each level in the organization, forming the basis for Change Management activities
  • Performance Measurement - Evaluate ways to measure and monitor increased process efficiencies

We work very closely with our clients in this type of project, enlisting a team from all the functional areas impacted at the leadership and the solution generation level. This allows us to eliminate waste, unnecessary wait times, reports, handovers and sign-offs, while ensuring the integrity of the process

Contract management Services

Organizations may enter large number of contracts with suppliers, contractors, and or any other contracts. This may be an effective way of managing the resources of the organizations and outsourcing the work / activity to the outsiders who are better equipped to perform the activity / service.

However this cost saving / productivity improving proposal is many a times marred by few problems like no control on the volumes of contract, poor risk management, improper statutory compliances, over reliance on contract copies, revenue leakages, missed opportunities of cost savings and many more to quote.

Similarly an organization may outsource the production / processing work to a contracted manufacturer who is bound to certain terms and conditions – material controls, safety guidelines, regulatory compliances. These conditions are however not reviewed and any possibilities of discrepancies or possibilities of cost savings and profit optimization needs to be done.

Organizations that have reached maturity in the management of contracts have the opportunity to avoid or mitigate many of these challenges. We can help the organizations conduct these contract management Services.

Internal Audit

With the pace at which changes occur globally, with the advent of newer technologies at various domains of business, increased compliance requirements and with the varied cultures in which the company operates, a company is exposed to higher amount of risks than it used to be earlier.

The role of internal audit is to provide independent assurance that an organization’s risk management, governance and internal control processes are operating effectively. Thus it is a professional service offered to add value and improve organizations operations. Internal auditors deal with issues that are fundamentally important to the survival and prosperity of any organization. Unlike external auditors, they look beyond financial risks and statements to consider wider issues such as the organization’s reputation, growth, its impact on the environment and the way it treats its employees. It can help an organization accomplish its strategic objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of risk management, control, and governance processes.

The pace at which the things are changing have a significant impact in Internal audit function. Internal Audit has to help organization address the risks it faces, anticipate risks and mitigate them.

Internal Audit has been mandated in Companies Act 2013 for companies beyond threshold limits. As a result it is prerogative for these companies to lay down a structured internal audit approach and execute the same. However the need for internal audit should be taken as being partners for improvements. Internal Audit function should be drivers or catalysts for change

How can Ankekshan help?

a. Co –Sourcing
  • No internal Audit department is able to have all technical and expert resources it requires on hand, at all times. Therefore attempting to have full time staff available to meet every internal audit need may not be a practical approach.
  • Whether you need to address shortage of traditional internal audit staff or require specialized internal audit professionals, we deliver.
  • We deploy multidisciplinary teams of professionals experienced in financial and operational internal auditing, IT, fraud analytics and risk assessment, to augment and enhance an organizations’ existing internal audit capabilities.
  • We conduct offline testing of SOX controls as a part of offshore activity
b. Full Outsourcing
  • As internal audit needs are unique, we provide a high level of service and expertise under continuous full service outsourcing arrangement.
  • This plan assists the client with managing process and technology risks and efficiently integrating technology with critical business processes. These services can help management better understand and monitor the performance of core operations and support functions, as well as ensures the proper level of control.

Why Ankekshan?

Client First
  • We work closely with our clients who are diverse in nature and leverage our experience in internal audits to achieve their organizational goals of operational effectiveness and risk management
  • We wish ti be business savy- Understand the business, understabnd the requirement of business and audit and deliver only in lines with what is required
Team and Technology
  • We recruit only quality people who share the same vision, mission and valued that the company believes in ensure that the clients’ requirements are not met but exceeded.
  • We use technology to its optimum and help achieve results faster and more accurate
Associate Network
  • We also tie up with various associates to increase our foot prints across India and ensure that the assignments are completed close to its source though with the quality envisaged at company level. This also helps in cost effectiveness
Risk based Audit only
  • The audit scope is designed purely based on the risk parameters.
  • The audit is conducted to pricide assurance to management regarding how risks are managed - meaning whether risks are defined and whether controls exist to mitigate those
Process Audit
  • We belive in providing assurance on the entire process rather than the sub process
  • Significant changes in internal audit practices are weaved in executions and thrust is on providing suggestins that are tailored to business
Data Analytics
  • We work a lot on data mining or data analytics as many patterns, trends, peculiarities are spotted in large volumes of data. Areas that require extra look outs are generally spotted through the data analysis
  • Many a times whole data is analysed using MS Access / MS Excel
  • Possibility of fraud dedtection is large in data analytics
Experience of diverse industries
  • The team has a large and varied experience in Manufacturing and Service Industry
  • We belive in having a 360o view of the process with focus on peculiarities of the industry. Or experience from System implmentation to tax matters helps us nrture this view.

Ankekshan Approach to Internal Audit

Develop Audit Expectations
  • Identify the Audit Committee / management expectations
  • Enhance understanding of business
  • Determine scope of Specific Assignments
Develop Risk Control Matrix
  • Conduct Process Walkthrough
  • Identify risks
  • Prepare Risk COntrol Matrix considering risks and controls
Develop Audit Plans and Procedures
  • Develop Audit Plans and Procedures
  • Develop Audit test procedures
  • Develop data requirements
  • Conduct Pre audit based on data analsys / data maining to unearth pattersn, trends, gain knowledge of priocess, detect frauds if any
Conduct Audit
  • Perform detailed testing
  • Conduct analytical review
  • Validate Observations
Deliver Report
  • Prepare Draft Report and Discuss with auditee
  • Iron out any differences
  • Prepare Draft Report post peer review from within Ankekshan team and release to Auditee
  • Report to Top management / Top management
  • Feedback is key to improvement and we believe we are here to improve.
  • We send a feedback form after each assignment.
  • Responses are evaluated and incorporated in every possible manner

Enterprise Risk Management

Today’s organizations face an increasingly complex set of risks. In the pursuit of a global growth, new technological and competitive forces; increased regulatory scrutiny and complexity; extended business models; increasing reliance on third-parties Risk have increased to a large extent.

As a result, key internal and external stakeholders have increased their scrutiny of and expectations for risk management, raising significant questions around risk and how it is addressed.

Enterprise risk management (ERM) is a structured, consistent, and continuous risk management process applied across an entire organization that allows companies to better understand and address material risks. ERM enhances organizational resiliency by improving decision making, strengthening governance and supporting a risk intelligent culture.

We can help your organization apply an integrated approach to identifying and assessing business-critical risks, evaluating existing risk management infrastructure elements, and constructing continuous, in-depth ERM processes

The cycle of Enterprise risk management looks like following

Risk Governance
Risk Assessment
Risk Measurement
Risk Reporting
Risk Monitoring
Risk & Control Optimization

SOX Readiness Support Services

In July 2002 the U.S. Congress approved the Sarbanes-Oxley Act to establish standards affecting corporate governance, financial disclosure and the practice of public accounting for SEC-registered companies.

Today, public companies and their subsidiaries, as well as management and internal audit functions demand knowledge of the Sarbanes-Oxley (SOX) legislation and of Public Company Accounting Oversight Board (PCAOB) regulations to better understand stakeholder and investor expectations and their business impact.

We help our clients in following ways:-
  • We help Indian Subsidiaries of companies with SOX requirement to test the controls designed by the Global Teams and help complete the testing cycle
  • We can do testing prior to the Testing by the auditors / global testing team so that any discrepancies are identified before the audit and acted upon
  • We can assist with documentation of internal controls and preparation of process flowcharts and narratives
  • We conduct offline testing of SOX controls as a part of offshore activity