Ethics and internal control under the approach of Cuban legislation

"The problems may be enormous, but our decision to seek them and find a solution is even greater." Fidel Castro Ruz. "First you have to start doing and then think how to continue doing… We are going to think while walking, we are going to learn by creating and also why not say it, making mistakes." Ernesto Ché Guevara.

Issue addressed:

Audit, Supervision and Monitoring of the Internal Control System, based on Resolution 297/03 of the Ministry of Finance and Prices and the ISO 9001: 2000 Standard

Goals:

1. Define the elements and procedures to maintain good internal control in the Company.

2. Establish the bases that allow integrating Resolution 297/03 MFP to a Business Management System.

3. Demonstrate the role of supervision and monitoring within the Integrated Business Management System, as a basis for continuous improvement.

4. Define the benefits of integrating Resolution 297/03 MFP with a Business Management System based on ISO 9001: 2000.

Summary:

A condition of survival for contemporary companies is to establish business management systems aimed at achieving excellence, satisfaction and continuous improvement, as well as promoting necessary control mechanisms.

Internal control is a system integrated into the processes, and not a set of heavy bureaucratic mechanisms added to them. These internal controls are carried out by the board of directors, management and other staff of an entity, in order to provide a reasonable guarantee for the achievement of objectives. Internal control is a process, that is, a means to achieve an end and not an end in itself, it is carried out by people who act at all levels, it is not just about organization manuals and procedures, it can only provide a reasonable degree of security and not total security for driving or achieving objectives. When speaking of internal control as a process, reference is made to a chain of actions extended to all activities,inherent in management and integrated into its other basic processes: planning, execution and supervision. Such actions are incorporated (not added) to the entity's infrastructure, to influence the fulfillment of its objectives and support its quality initiatives.

The Villa Clara Territorial Division, belonging to the COPEXTEL SA Corporation, since 1997, began to implement business management models, endorsed by international and Cuban standards, which made it possible to master and successfully implement Resolution 297/03 of the MFP. A control, quality and prevention system is not a simple campaign, if it were, its effects would end up being lost sooner or later.

When comparing the Business Management System that we have implemented in our entity, with the control components regulated in Resolution 297/03 MFP, we observed coincidences, which were vital for its rapid implementation, a framework in which supervision and monitoring is essential as this is the moment when senior management evaluates qualitatively - quantitatively the effectiveness of its business management seen from the perspective of the effectiveness and efficiency of each of the declared processes, the basis on which the adoption of corrective measures and / or or preventive, but fundamentally, the adoption of continuous improvement actions that allow the company to move to higher levels, in which business management converges with the control of the resources it has, whether they are human,material or financial.

Multiple have been the results obtained by the Villa Clara Territorial Division and that endorse its business management, which go from the absence of shortages to the Corporate Quality Award obtained in its first version. Achieving the implementation of Resolution 297/03 of the MFP on the basis of an Integrated Business Management System, based on International and Cuban Standards, is not a utopia but an achievable goal that allows the company to tend towards excellence and be in constant upward development, making a rational and effective use of resources, depending on our Society.

Development:

I. Internal Control. A responsibility of all members of the business organization.

A condition of survival for contemporary companies is to establish business management systems aimed at achieving excellence, satisfaction and continuous improvement, as well as promoting necessary control mechanisms. This maxim is permeated by the ethical values ​​of the society in which business management is developed, observing, in the face of the same phenomenon, diametrically opposed approaches between capitalist and socialist companies

The importance of having a good internal control system in organizations has increased in recent years, due to the practicality of measuring efficiency and productivity at the time of implementation; especially if it focuses on the basic activities that they carry out, since they depend on it to stay in the market. It is good to highlight that the company that applies internal controls in its operations will lead to know the real situation of the same, that is why, the importance of having a planning that is capable of verifying that the controls are fulfilled to give you a better vision on its management.

In the perspective that we adopt here, we can affirm that a department that does not apply adequate internal controls, may run the risk of having deviations in its operations, and of course the decisions made will not be the most appropriate for its management and could even lead to it. to an operational crisis, therefore, a series of consequences must be assumed that harm the results of its activities.

It is important to note that, for internal control to perform its mission, it must be: timely, clear, simple, agile, flexible, adaptable, effective, objective and realistic. All this taking into account that its classification can be preventive or detective so that it is original

1.1 Internal control system:

The internal control system is the set of all the elements where the main thing is the people, the information systems, the supervision and the procedures. This is of vital importance, since it promotes efficiency, ensures effectiveness, prevents the violation of generally accepted accounting standards and principles.

Therefore, internal control includes the organization plan in all procedures coordinated in a manner consistent with business needs, to protect and safeguard your assets, verify their accuracy and reliability of accounting data, as well as bring efficiency, productivity and custody in operations to stimulate adherence to the requirements ordered by management. From the above, it follows that all the departments that make up a company are important, but there are dependencies that will always be in constant changes, in order to refine their functionality within the organization.

Regardless of the application of control that you want to implement for organizational improvement, there is the possibility of unexpected situations arising. For this it is necessary to apply a preventive control, being these the ones in charge of executing the controls before the start of a process or administrative management. Additionally, there are detection controls which are executed during or after a process, the effectiveness of this type of control will depend mainly on the time interval between the execution of the process and the execution of the control. To evaluate the efficiency of any series of control procedures, it is necessary to define the objectives to be met.

The internal control in an entity is oriented to prevent or detect errors and irregularities, the differences between these two is the intention of the fact; the term error refers to unintentional omissions, and the term irregular refers to intentional errors. The truth is that internal controls must provide reasonable confidence that the financial statements have been prepared under a control scheme that reduces the probability of having substantial errors in them.

Together with this, (Poch, 1992: 17), he expresses "the applied control of the management has as its goal the improvement of the results linked to the objectives." This deduces the importance of the controls and in this sense, (Leonard, 1990: 33), assures "the controls are actually a task of checking to be sure that everything is in order." It is good to highlight that if the controls are applied in an orderly and organized way, then there will be a positive interrelation between them, which would come to constitute an extremely effective control system. It should be noted that the control system tends to give security to the functions that comply with the planned expectations. It also points out the flaws that may exist in order to take measures and thus their repetition.

Once the system is operating, a forecast is required on a test basis to see if the intended controls are operating as planned. For this reason, internal control cannot work in parallel with the system, as these are closely related, that is, they work as a whole, to achieve the objective established by the organization.

Taking into account the different concepts of internal control, they can be divided into two large groups: Administrative and Accounting. As for the administrative, it is the organizational plan, and all the methods that facilitate the planning and control of the company (plans and budgets). Regarding the accounting, it can be said that he understands the methods and procedures related to the authorization of transactions, such is the case of financial and accounting records.

Within this perspective (Catácora, 1996: 238), he points out that: «an internal control system is established under the premise of the concept of cost / benefit. The main postulate when establishing internal control designs control guidelines whose benefit exceeds the cost to implement them ». It is notorious to state that internal control has the mission of helping to achieve the general objectives set by the company, and this in turn to the specific goals that will undoubtedly improve the organization's management, in order to optimize administrative management.

According to (Meigs, W; Larsen, G. 1994: 49), the purpose of internal control is: "To promote the operation, to use said control in the way of moving towards the effective and efficient organization." This can be interpreted as the fulfillment of the company's objectives, which can be disturbed by errors and omissions, appearing in each of the company's daily activities, being affected by the fulfillment of the objectives established by management.

The deficiencies or weaknesses of the internal control system detected through the different supervision procedures must be communicated in order for the corresponding adjustment measures to be adopted. Depending on the impact of the deficiencies, the recipients of the information can be both the persons responsible for the function or activity involved and the higher authorities. The higher authority of the body must seek to promote, disseminate, internalize and monitor the observance of accepted ethical values, which constitute a solid moral foundation for its conduct and operation. Such values ​​must frame the conduct of officials and employees, guiding their integrity and personal commitment.

Legislative Background in Cuba.

In 2003, the Ministry of Audit and Control issued Resolution 13, which establishes the ways in which the plans for measures against corruption, illegalities and indiscipline are drawn up, and Resolution 20 that defines the control mechanisms for those plans.. In the same year, the Ministry of Finance and Prices issued Resolution 297, a legal body that offers a more comprehensive and comprehensive approach to internal control. In 2004, the CECM issued Circular Letter 21 that establishes mechanisms for analysis and information on the subject, followed by Circular Letter 18 of the CECM itself, which establishes the need to analyze the state of ethics and prevention. The Ministry of Audit and Control,In 2006, Resolution 13 was issued where the indications for the preparation and systematic control of the plan of measures for the prevention of indiscipline, illegalities and manifestations of corruption were approved.

1.2 Elements established in our internal control system:

Objectives and goals, both general and specific, well defined.

Policies established as action guides and procedures for the execution of the processes.

Adequate organizational system defined to execute the plans.

Declared authority and levels of responsibility.

Rules for the protection and rational use of resources.

Personnel administration in accordance with an adequate evaluation system.

Evaluation and processing of the recommendations resulting from the supervisions carried out, both external and internal.

Mechanisms that allow organizations to know the opinions that users or clients have on the management developed.

Modern information systems that facilitate management and control.

Reliable methods for the evaluation of integrated business management.

Induction, training and updating programs for managers and other personnel, correctly defined and implemented.

Rules and procedures, adjusted to the practices of each area, duly updated and controlled.

1.2 Procedures that we have used to maintain good internal control in the entity:

• Delimitation of responsibilities Definition of clear, measurable and quantifiable goals and objectives Delimitation of general and specific authorizations Segregation of incompatible functions Selection of suitable, skilled, capable and moral officials Rotation of duties Written instructions Evaluation of systems Computerized systems Avoid the use of cash as much as possible Immediate and intact deposits of funds Order and cleanliness Identification of key control points in each activity, process or sub-process Comparative control charts Frequent physical inspections and inventories Updating of security measures. Proper recording of all information Preservation of documents Use of effectiveness and efficiency indicators Self-monitoring practices Make staff know why they do things

1.3 Some internal control actions instituted in our Division:

Periodic cash checks to verify that the transactions made are correct.

Legal audits that verify, among other issues, compliance with the approved corporate purpose, status of economic contracting, legal status of clients and suppliers, traceability of benefits, etc.

Computer Security Audits

Reviews by Management

Internal Audits of the Management System

Management System Maintenance Audits

Control of workers' attendance.

Verification of the responsibilities acquired with third parties, with the aim that these are made only by authorized persons, also having a logical basis.

Verification of the functions and responsibilities declared for all levels of the entity.

Verification of family ties and compliance with the counterparties

Physical counts made of the assets that actually exist in the company, making a comparison with those that are registered in the accounting books.

Analysis of the work carried out both inside and outside the company to check if it is adequate and if they are doing it effectively.

Control of the access of unauthorized persons to the different departments of the company.

Verification of compliance with both tax, fiscal and civil regulations.

Analysis of financial returns and investments made are giving the expected results.

Analysis of the discipline carried out with all the factors of the center.

Thematic dispatches planned for each of the Managements and areas.

Conducting Economic Councils

Organization of Coordination Meetings

Assemblies for Economic Efficiency

Workshops and other training actions carried out on these topics, which have been aimed at both managers and workers.

There are other internal control actions that we have applied in the company, which give us the possibility of monitoring the operation of our Management System, to which the entire Internal Control System has inevitably been integrated.

1.4 Limitations of the effectiveness of an internal control system:

We can argue that despite the efforts made by the entire group, in terms of internal control, some limitations persist, on which we keep working systematically, as the main achievement achieved with our Integrated Management System, is that it has us allowed to detect possible failures or deviations in a timely manner and with great immediacy, which has given us the possibility to act quickly and effectively on these failures, with a view to avoiding problems of greater magnitude.

In this way, we comply with the assumption that it is much more important and less costly, on a material and even human level, to prevent having to correct attitudes or practices that are not adjusted to our interests and objectives.

We cannot see the Integrated Management System as something static and infallible, as its mobility and constant change require us to give it permanent follow-up, they also oblige us.

It only provides reasonable security.

The cost is linked to the benefit it provides.

It is directed towards non-exceptional repetitive transactions.

Human error can occur due to misunderstanding, carelessness or fatigue.

Potential for collusion to evade controls that depend on segregation of duties.

Violation or omission of the application by senior management.

II. Internal supervision and external supervision

In this work, we have indicated that supervision and monitoring can be conceived in a specific sense such as inspection, evaluation, control, advisory and support services for the improvement of the processes declared in the company, which is managed by the senior management of the entity through the Management Group, and which aim to improve the quality of business management. However, a more comprehensive definition of the term, visualizes supervision and monitoring as any process or system, executed by agents that are part of the company or the environment, and that is aimed at evaluating, monitoring, making decisions, and implementing interventions aimed at to improve the quality of the services provided by the entity.

In relation to the above, the literature on the subject tends to distinguish between internal supervision, carried out in the company itself by the different agents involved (internal auditors, advisers, consultants, etc.), and external supervision, carried out by agents. not belonging to the center, but that act in its relevant environment: Certifying Bodies, Auditors and Advisors of the Headquarters, Auditors of the Ministry of Audit and Control or other bodies, etc.

In our case, we see that, among its various functions, supervision exercises an intervention role for improvement at the company (Division) level. This, through advice, training, transfer of methodologies and content within the framework of program execution, assistance in project formulation, etc.

The recommendation that emerges is the need to evaluate the separation of quality supervision systems and activities from those destined for the implementation of improvement programs and technical assistance. No less important, the point involves perfecting and better defining the policies, systems and programs for continuous improvement that the Integrated Business Management System implemented in our Division has.

III. Internal Control evaluation methods.

3.1 Statistical sampling

In the internal control evaluation process, an auditor must review high volumes of documents, which is why the auditor is forced to schedule selective tests to make inferences about the reliability of their operations.

To give certainty about the objectivity of a selective test and its representativeness, the auditor has the resource of statistical sampling, for which the following essential aspects must be taken into account:

The sample must be representative.

The sample size varies inversely with the quality of the internal control.

The examination of the included documents must be exhaustive in order to make an adequate inference.

There will always be a risk that the sample is not representative and therefore that the conclusion is not adequate.

3.2. Questionnaire method

It consists of the evaluation based on questions, which must be answered by those responsible for the different areas under examination. Through the responses given, the auditor will obtain evidence that must be verified with alternative procedures which will help determine if the controls are operating as designed.

The application of questionnaires will help to determine the critical areas in a uniform and reliable way.

3.3. Narrative method

It consists of a detailed description of the most important procedures and the characteristics of the internal control system for the different areas, mentioning the records and forms involved in the system.

3.4. Graphical method

Also called flow charts, it consists of revealing or describing the organic structure of the areas under examination and of the procedures using conventional symbols and explanations that give a complete idea of ​​the entity's procedures.

It has the advantages that:

• Identifies the absence of financial and operational controls Provides an overview of operations or the entity Identifies deviations from procedures Identifies surplus or missing procedures Facilitates understanding of the auditor's recommendations to management on matters subject to control.

3.5 Evaluation Techniques

1. Eye verification techniques

Among these are:

• Comparison, observation, selective review, tracing.

2. Verbal verification techniques

• Inquiry.

3. Written verification techniques

• Analysis, Reconciliation, Confirmation.

4. Documentary verification techniques

• Checking. Computing.

5. Physical verification techniques

• Inspection.

3.6 Evaluation sheet

The evaluation form graphs and quantifies the level of performance of the company, and is based on:

• The criteria or areas to be evaluated The ordering of commitments The sub-areas or units to be evaluated within the respective area Control qualification Deviation marks Compliance with recommendations Improvement plans

IV. Experiences of the Villa Clara Territorial Division

The Villa Clara Division, since 1997, began to implement business management models, endorsed by international and Cuban standards, which allowed it to master and successfully implement Resolution 297/03 of the MFP.

The Villa Clara Division has shown that more than a regulatory and control process, the application of Resolution 297/03 constitutes an effective management tool, a work system that can become a mass phenomenon, possible to carry out and where the results bear fruit.

A control, quality and prevention system is not a simple campaign, if it were, its effects would end up being lost sooner or later.

Understanding and motivation of the staff towards the objectives of the organization; stakeholder confidence in its effectiveness; the possibility of obtaining financial, social, performance and reputational benefits; Customer loyalty, quick and flexible responses to opportunities, as well as risk control and key result areas, are some of the benefits that a Business Management System based on ISO standards brings.

When comparing the Management System with the control components of Resolution 297/03, we observed coincidences, which were vital for its implementation.

The Management System fulfills the 5 components of control: the control environment; risk assessment by processes; the existence of mechanisms for the regulation and organization of the control activity; an information and communication system that we transmit through the levels declared in the Quality Manual, and we supervise and monitor the operation of the system, at the level of areas, based on the declared processes themselves.

4.1 Improvement actions taken from the application of the Integrated Business Management System.

• Establish a customer service area Apply a supplier evaluation and control system Apply a system of indicators to measure efficiency and effectiveness of processes Consolidate the Technical Services Management System in all business lines of the Division.Apply actions to comply with national and international regulations. Enable instruments to measure and manage customer and employee satisfaction. Have management statistics and business results.

4.2 Goals achieved from the application of the Integrated Business Management System.

• 682 new customers have been captured Customer satisfaction rose to 98.35% and complaints decreased to 5 in 2007 Average dispatch time decreased from 34 minutes in 2004 to 7 minutes in 20067 We conduct electronic commerce through We operate in more than 80% of the market sectors in the territory. The response terms in the Audiovisual Program are maintained in 24 hours, in business lines aimed at third parties they have decreased in 6 days, and services to the population were reduced in 2007, to 7 days on average Integration of the main business lines has been achieved, in more than 32 projects executed under the turnkey modality The number of missing files decreased, remaining at zero since 2004 The accounts receivable cycle has decreased from 88 days in 2000,to 12 days at the end of 2007 All managers and workers are prepared with training actions Since 2000, the accident rate has been reduced to zero No criminal acts have been reported since 1997, no crime acts have been reported corruption, executives sanctioned for violations of the Code of Ethics of the Cuban State cadres are not reported.

The complement between the ISO Standard and the Cuban legislation on Ethics and Prevention have made it possible:

• The awareness of the need and importance of the State policy aimed at overcoming and eradicating possible manifestations of corruption, illegalities and indiscipline Maintain, in the COPEXTEL SA Villa Clara Division, a decreasing trend in the commission of crimes, manifestations of corruption or indiscipline and upward control of the risks and vulnerable areas that affect us.

Conclusions

1. We can say that the importance that internal control is acquiring in recent times, due to numerous problems caused by its inefficiency, has made it necessary for the members of the boards of directors to effectively assume a group of responsibilities that Until now they had been relegated to the background, with senior management having to respond administratively for the optimal execution of the internal control system.

2. For this reason, it is necessary for the administration to be clear about what internal control consists of so that it can act at the time of its implementation. Internal control does not have the same meaning for all people, which causes confusion among employers, professionals and legislators. Consequently, communication problems and diversity of expectations arise, which gives rise to problems within companies.

3. In this work we have defined the methods and procedures taken into account by the Villa Clara Territorial Division within its Business Management, with a view to guaranteeing good internal control in the entity, a task that encompasses all of its Managements, areas of work and all its declared processes.

4. Likewise, we have established the main elements that have allowed us to implement Resolution 297/03 of the MFP on the basis of our Quality Management System, complementing each other in an integrative way.

5. Supervision and monitoring, as a component established in Resolution 297/03 of the MFP and as a requirement defined in ISO 90001: 2000 Standards, is the element that gives senior management the possibility of systematically evaluating their Management System..

6. Successfully integrating the Quality Management System with Resolution 297/03 of the MFP has allowed us to stay in an upward spiral of development, drawing up continuous improvement plans always aimed at the client, in order to achieve a Business Management tending to excellence, based on efficiency and effectiveness.

7. It has also been corroborated that any Company that manages to implement Resolution 297/03 as a true integrating system, and not as a mere mandate, may also have the foundation required and required by the ISO 9001: 2000 Standard, Consequently, it will have implemented an Integrated Quality Management System that brings quantitatively superior results.

Recommendations:

1. Give continuity to this study on the basis of being able to count on new elements and experiences reported by other Companies that have managed to integrate the ISO Standard with Resolution 297/03 of the MFP.

2. Extend the experience of the Villa Clara Territorial Division to the business world of our province, with a view to establishing Business Management Systems that are truly inclusive, and that consequently enhance all internal control activity, which will positively affect the decrease in infractions, crimes or other manifestations of corporate corruption.

3. Carry out workshops or other training actions, aimed at managers and officials of the territory, to show them that the integration of the ISO Standard with Resolution 297/03 of the MFP is objective and humanly possible.

Bibliographic references

1. Resolution 297/03 of the Ministry of Finance and Prices.

2. ISO 9001: 2000 Standard

3. Internal Control: A responsibility of all members of the business organization. Geovanis E. Gómez. 2001

4. Reengineering of the internal audit and its impact on the optimal management of services. Domingo Hernández Celis. 2006.

5. Catácora, F. (1996). Systems and Procedures. First edition. Editorial McGraw / Hill. Venezuela

6. Meigs, W. Larsen, J. (1994). Audit Principles. Second edition. Mexico. Editorial Diana.

7. Internal Control Manual. Editorial Gestión 2000. Second Edition. Barcelona, ​​Spain.

8. Leonard, W. (1990). Administrative audit. Evaluation of methods and administrative efficiency. Mexico: Editorial Diana.