First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image


Fiscal year ends, business continuity, and COVID-19

At the best of times, fiscal year ends are challenging. Organizations with upcoming or recent fiscal year ends will undoubtedly find them particularly challenging. Organizations with robust policies and procedures will likely fare better than those without. Consequently, it will be helpful to start your year end planning as early as you can.


, , , , , , , , , , , , , , , , , , , ,

Phishing losses exceed $224,000.00 after insurer denies coverage

In August 2010, someone called The Brick’s accounts payable (AP) department, pretending to be from Toshiba Canada. The caller said he was new to Toshiba and needed some payment details. The Brick employee faxed the payment information to the number which the caller provided.


, , , , , , , , , , ,

Do you report your EFTs to FINTRAC?

Chances are you’re no stranger to electronic funds transfers. Broadly speaking, an EFT can mean any type of standard non-paper payment, including debit and credit card payments, email or wire money transfers (both domestic and international) and direct payroll deposits. Most organizations handle at least some of these transactions every day. The key question for businesses is: How do you keep track of these electronic transfers and, if necessary, register them with the Financial Transactions and Reports Analysis Centre of Canada?


, , , , , , , , , , , , , ,

Sure you know EFTs, but do you know EFTs?

No doubt you’ve heard that a chain is only as strong as its weakest link. In the world of electronic funds transfers, this maxim holds doubly true. It applies to security systems and the networks they run on (including the Internet) as well as the users of those systems and networks. A security system can only defend a network if it offers sufficient coverage and controls. Absent such controls, users can, intentionally or accidentally, access, change or steal data that they are not authorized to see.


, , , , , , , , , , , , , , ,