As a result, public companies have been forced to review and implement controls to help ensure that risks to the financial reporting process are properly managed. Of course, fraud and malicious activities get a lot of trade press and management attention, but the far greater risk to the integrity of financial reporting is human error.
In todays high-speed complex enterprises, errors in the programming of an application, interface or spreadsheet, can lead to mistakes in the financial reports that are disclosed to the public. The dollar amount of the mistake can range from immaterial up to very material with significant repercussions.
Lapses in Logic, Errors in Execution
In order to discuss errors, we need to categorize what we are confronting. We can identify two broad categories of errors logic errors and execution errors.
Errors in logic arise from flawed perceptions, or understandings, that lead to erroneous assumptions and modeling. If an analyst understands that the scrap rate is 25 percent and then creates his/her business model around that, then a developer will create the application with the erroneous logic embedded in it. Later, when someone finds out that the rate is really 53 percent, corrective action will be required and the impacts to the financials reviewed in order to understand the impacts.
Errors in execution arise during the implementation of something in our case above, during the implementation of an application. In the above model, lets assume that the analyst correctly identifies the scrap rate to be 53 percent and correctly documents the required logic. When it reaches the developer though, the developer inadvertently transposes the digits and enters 35 percent due to fatigue. In this case, he executed the instructions incorrectly and has an error in execution.
There are many possible scenarios by which human error can enter into the financial reporting process. Organizations need to design their processes with the recognition that not only must they make reasonable efforts to prevent and detect fraud but they must also address the prevention and detection of human error.