On Tuesday, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) released an updated version of its Internal Control—Integrated Framework. COSO was formed in 1985 by the AAA, AICPA, FEI, IIA, and IMA to provide thought leadership in three areas: enterprise risk management, internal controls, and fraud deterrence. The organization released its original internal controls framework in 1992. This week’s update is the first revision to that document, and it represents two and a half years of work by COSO and by PwC, which authored the new framework under the direction of the COSO board.
The COSO Framework is designed to be applied companywide, and it can help managers maintain controls over a wide swath of treasury and finance functions. “When people think of controls, they think of general ledgers and external financial reporting, but the Framework is intended to be applied broadly,” says David Landsittel, chairman of COSO. “We articulate three overall objectives that companies can apply controls to—reporting, compliance, and operations objectives—and there’s overlap between them. In the treasury function, certainly there needs to be control over hedging or trading. Depending on the nature of the organization, that might be an operational control, but it might have financial reporting implications as well.”
An organization that abides by the following 17 principles can conclude that the five key components of its internal controls structure are functioning effectively: