Vol. 2 ('24.2Q)
The Frontline
HMC Internal Control over Financial Reporting Newsletter
We offer a quarterly newsletter to help you gain an understanding and insight into the ICFR(Internal Control over Financial Reporting).
We hope to provide you with the opportunity to gain familiarity with ICFR through various contents, and your active attention to ICFR is highly appreciated.
- Finance & Accounting Planning Team -
News
[Summary of the articles]
We have summarized articles related to fraud, embezzlement accidents, and ICFR trends that are of issue recently. Through this, we hope to raise the company's awareness on fraudulent accidents and ICFR.
(Please note that the full text of the article inevitably appears as it is in Korean.)
Column
We provide insight for effective and strengthening measures through internal control issues and case analysis.
Control is a burden? Internal Control that add values to Enterprise
Seonghoon Moon, Finance & Accounting Planning Team, HMC
Korean Financial Supervisory Service recently announced six checkpoints that companies must follow to prevent embezzlement: 1)Approval procedures (account opening, withdrawal, transfer, and journal entry), 2)Separation of incompatible positions (ex: treasury & accounting), 3)Periodic job rotation...
Interview
Through the opinions of experts, we consider the direction of effective internal control improvement and derive solutions.
Insights from K-SOX Expert!
The Future Direction of Korea's Accounting System through the Perspective of U.S. System.
Jin-moo You, Partner (Deloitte-Anjin, KICPA)
In the past 2-3 years, many criminal incidents, such as embezzlement of funds, have occurred, and I have been thinking about how to prevent such incidents through 'internal control'. Although it may not be possible to completely prevent planned crimes such as an individual’s intentional forgery...
Knowledge Hub
We will briefly summarize and inform you of the knowledge related to ICFR. We hope it will be an opportunity to understand unfamiliar concepts and terms for ICFR.
[IPE(Information Produced by Entity)]
-
Refers to all information produced by entity
- In internal control, IPE refers to information used in control activity produced from ERP or IT application
- The objective of identification and usage of IPE is to confirm information is complete, accurate, reliable and appropriate for purpose.
- Types of IPE vary and control procedures to verify completeness & accuracy depending on types of information
-
IPE Risk
- Each team need control activity for major IPEs to mitigate risks produced internally or externally
[EUC(End User Computing)]
-
Information produced by user using comprehensive application(e.i. excel) to enter, calculate, analyze, process date
- Refers to mostly spreadsheet
- The objective of identification and usage of IPE is to confirm if the EUC data is complete and accurately entered, calculated, analyzed, and processed
- EUC risks include but not limited to a risk of decision making based on inapproriate dataset and a risk of misstatement on financial statement.
-
EUC Control
- Each team need EUC control activity depending on risk assessment of identified EUC
[MRC(Management Review Control)]
-
MRC refers to a control activity that management reviews the activity performed by process owners
- Applies to areas that base assumption and management judgement to document maangement decision and review items
- By documenting review activity, control can be tested if management performed adequate review procedure over the areas
- Commonly use checklist to document review items with approval
Annual Operation & Schedule
[Contact Us]
Please contact to the email below if you have any questions.
sh.moon@hyundai.com (F&AP Team Seonghoon Moon Manager)
This newsletter has been sent for executives and employees to comply with K-SOX training obligation under the Korean External Audit Act (Enforcement Decree Article 9)
