How does a business protect its cash and other assets through internal control, and why is cash the highest-risk asset?
Explain the purpose and principles of internal control, including separation of duties, authorisation and reconciliation, and apply them to safeguarding cash
WACE Year 12 Accounting and Finance Unit 4 on internal control: the purpose and principles of internal control including separation of duties, authorisation, physical controls and reconciliation, applied to safeguarding cash and other assets.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this dot point is asking
SCSA wants you to explain why internal control matters, state its principles, and apply them specifically to protecting cash.
What internal control is for
Why cash needs the strongest controls
Cash is portable, anonymous and universally desired, so it carries the highest risk of theft or misappropriation. Both cash receipts and cash payments need controls, from the point money is received through to its recording and banking.
Applying controls to cash
For receipts: issue pre-numbered receipts, bank takings daily and intact, and have someone other than the cashier record and reconcile them. For payments: pay by traceable means, require authorisation and supporting documents, and keep the person who approves payments separate from the person who records them. The bank reconciliation then independently verifies that the cash book agrees with the bank, after adjusting for timing differences such as unpresented cheques and outstanding deposits.
The bank reconciliation as a control
The bank reconciliation deserves special attention because it is the most important independent check over cash. The business keeps its own cash records, and the bank keeps a separate record in the bank statement. Reconciling the two should explain every difference through legitimate timing items: deposits banked but not yet processed (outstanding deposits), and payments made but not yet cleared (unpresented cheques). Any difference that cannot be explained by such timing items points to an error or, worse, to a misappropriation. Crucially, the reconciliation works as a control only when it is performed by someone independent of those who handle and record the cash, and when it is reviewed by management. If the same person banks the cash and prepares the reconciliation, they could simply hide a theft inside the reconciliation, which is why separation of duties and the bank reconciliation reinforce each other.
Exam-style practice questions
Practice questions written in the style of SCSA exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
WACE 20226 marksA small business currently has one employee who receives cash from customers, records the sales, banks the takings and reconciles the bank account. Identify the internal control weakness, and recommend two specific controls that would reduce the risk, explaining how each works.Show worked answer →
A 6 mark response needs the weakness named and two justified controls.
Weakness. There is no separation of duties: the same person handles the cash, records it, banks it and reconciles it, so they could take cash and conceal it by altering the records, with no independent check. This is the central internal control failure for cash.
Controls. First, separate duties so a different person records and reconciles the cash from the one who receives and banks it; wrongdoing then requires collusion between two people. Second, require pre-numbered receipts and daily intact banking, so every sale is documented and takings cannot be diverted before banking, creating an audit trail. A third option is independent monthly bank reconciliation reviewed by the owner. Markers reward identifying the lack of separation of duties and two controls each with a clear mechanism.
WACE 20235 marksExplain why cash is the asset most in need of internal control, and explain why even strong internal control cannot guarantee that fraud will never occur.Show worked answer →
A 5 mark response needs the cash-risk argument and the limitations.
Why cash. Cash is portable, anonymous and universally desired, so it is easily concealed, transferred and spent without trace. This makes it the highest-risk asset for theft or misappropriation, at both the receipts and payments stages, so it warrants the strongest controls.
Limits of control. Internal control reduces the opportunity and likelihood of error and fraud but cannot eliminate them. Two or more staff can collude to defeat a separation of duties; management can override controls; and the cost of a control may exceed its benefit, so not every risk is fully covered. Internal control manages risk to an acceptable level rather than making a business fraud-proof. Markers reward the portability and anonymity of cash and at least two genuine limitations such as collusion, override or cost-benefit.
