Internal Controls: A Look at Industry Benchmarks

The 2014 Benchmarking the Accounting & Finance Function report, produced by Robert Half and Financial Executives Research Foundation (FERF), surveyed financial executives in the United States and Canada to gauge how their companies are handling key operational areas. Among the areas studied were internal controls.

As processes are tweaked to improve efficiencies, maintaining the proper number of controls is essential for risk management and the integrity of accounting data and financial reports. Adhering to regulatory mandates also helps enterprises avoid the losses, fines and penalties that accompany noncompliance.

Number of internal controls on the rise

Managing controls may become increasingly challenging as their volume grows. Some of the largest companies reported controls numbering between 1,001 and 2,500, higher than any numbers reported in 2013. According to the research, these increases appear to directly correlate with finance departments' efforts to comply with tighter regulations.

The number of internal controls varies by location and company size.


  • 0 to 100 key controls (77 percent)
  • 101 to 500 (18 percent)
  • 501 to 1,000 (4 percent)
  • More than 1,000 (1 percent)


  • 0 to 100 (69 percent)
  • 101 to 500 (26 percent)
  • 501 to 1,000 (4 percent)
  • More than 1,000 (1 percent)


Ownership of internal controls

Ownership of key internal controls falls to the general accounting function in 41 percent of U.S. companies, up from 31 percent last year. Other functions responsible for controls include:

  • Financial reporting (26 percent)
  • Internal audit (22 percent)
  • Finance projects (2 percent)
  • Other (9 percent)

In Canada, ownership falls to financial reporting at 39 percent of companies. Functions that also manage internal controls:

  • Internal audit (23 percent)
  • General accounting (22 percent)
  • Finance projects (3 percent)
  • Other (13 percent)

What you can do

If you’re looking for ways to improve organizational controls and compliance procedures, take the following steps:

  1. Conduct an internal audit of current controls and procedures to pinpoint areas for improvement.
  1. Carefully evaluate current controls using a top-down, risk-based approach to ensure you’re focusing on those that really matter. Unnecessary controls drive up costs and hinder efficiency.
  1. Examine previous audits for errors. Pay particular attention to ineffective control mechanisms and, if you find any, put a plan in place to correct them.
  1. Ensure that proper fraud detection and data back-up procedures are in place. This will help mitigate any existing compliance risk.
  1. Update security procedures to ensure your company is using the latest available technology to protect sensitive information.
  1. Plan ahead and staff for increased compliance demands. Also provide employees training on best practices in regulatory compliance, risk management and fraud detection.
  1. Stay up-to-date on the latest regulations. Monitor business and trade publications for current and emerging trends, and share these resources with your team.

Ticking these off your to-do list goes a long way toward ensuring your organization is compliant and your reporting is accurate.

For insights on how two leading chief financial officers are managing internal controls, check out the video below. Download the report for the full survey results.



Related posts