Individual

study
writtenCase
report
SecurityIT Sdn Bhd
Prepared by:
Dhaneletcumi Vijayakumar
MC1306BC3361

Introduction
A case is a description of an actual situation or a written record of events occurred in the
firm that often involves decision, challenge, opportunity or problem faced by an individual in
a particular firm. Case studies are often used to provide students with valuable hands-on
experience about a real life scenario. Thus, a good case study should be an integrated case
study comprising various elements in its formation. I have incorporated various knowledge
that I had came across in four years journey of my bachelor life in this case.
In this case study scenario, I have given a role as new Finance Manager, Encik Sulaiman at
SecurityIT Sdn.Bhd. I was hired by Idris, the CFO of SecurityIT Sdn.Bhd. A discussion with
CFO for basic understanding and kick-off was conducted on 1st June 2010. The fieldwork
was conducted from 1 to 15 June 2010 after receiving the documents from the former
Finance Manager.
Prior going through into a deep dive on findings, I would like to touch a bit on good vibrant
that SecurityIT Sdn Bhd do have. Firstly, SecurityIT Sdn. Bhd. is one of the premier licensed
issuer in certification authority which have a good reputation & brand names since February
1998. With the premier status in this area makes SecurityIT easily monopoly the business
as they the only one who were able to perform this services in digital which new to market
itself way back 12 years ago. Secondly, when Government of Malaysia had been
aggressively promoting e-business in Malaysia, SecurityIT took this opportunity to have
relationship with government to transform the organization into one of the government-linked
companies so that the company may have government contracts & tenders. Therefore, they
must eliminate any kind of threat to their integrity and objectivity in security to reflect their
own brands. Moreover, SecurityIT signed an agreement a digital certificate manufacturer

from Finland. Finland is a country which has for years been at the center of the continent's
tech industry and their information techonology system

has been highly ranked in

international comparisons with a tight security.

Observation 1 - Absence of bank reconciliation

"Musa told him, "Actually, we never had to prepare such reconciliation report before
and our 2008 annual report has been audited just fine. I don't know what the fuss is
all about."
A

recurring issue above I have noticed that SecurityIT do not perform any bank

reconciliation previously and Musa felt it's not nessacary to have a bank reconciliation.
Furthermore, cash balances decreased by RM 1,862,000 in 2010 under Current Assets in
Balance Sheet.
However, verification and monitoring of bank reconciliations is a part of an internal controls
system for company's cash and banking operations. There are usually differences between
the bank statement and accounting records (company's books) due to the timing differences
when the data is recorded in the accounting books and at the bank. The purpose of bank
reconciliation is to check whether the differences are due to timing rather than error. It is
important that sufficient verification and monitoring takes place so that immediate action can
be taken on accounting errors or unusual transactions.
Effect or potential risks if don't have a bank reconciliation

Any omssion or human errors in accounting may go undetected and it could be

costly;

Uncashed checks can lead to an overdrawn account;

Removing cash from the organization after it has been entered into the accounting
records (Larceny); and

If SecurityIT does not reconcile every account that pulls to the balance sheet, their
balance sheet account reconciliation will be incorrect or not tally. Un-reconciled
accounts can mean incorrect numbers, over or understated profits.

Rewards on having a bank reconciliation

SecurityIT able to minimize the risk of loss or errors such as thefts and mistakes.

SecurityIT able to make sure that they keeping the right amount of cash in their
accounts to avoid overdrafts.

Recommendations
SecurityIT should perform effective oversight of the bank reconciliation process on daily or
monthly basis review to ensure, to the extent possible, that errors, omissions, and
malfeasance are detected and provide same-day notification of suspicious checks.
Example of the cases that related to this article as below:
- http://www.journalofaccountancy.com/issues/2001/dec/enemieswithin.html
http://smallbusiness.chron.com/benefits-bank-reconciliation-55857.html
http://smallbusiness.chron.com/important-companies-reconcile-bank-statement-month11383.html
https://www.thebalance.com/bank-reconciliation-315188
Observation 2- Controls over bank accounts
" When Sulaiman enquired Musa about the bank accounts of SecuritylT, Musa
explained, "While we maintained two accounts, our main account is Fair Bank and
the Squarebank account is under the sole use of the CFO."
From the conversation above, I have noticed that the two bank accounts of SecurityIT were
under the sole use of the CFO. According to Companies Act 1965, it defines that company is
a legal person and all the accounts should be under company's name. However, SecurityIT
should follow whatever has been stated in Companies Act and Memorandum and Article of
Association (M&A).
Effect or Risk

There are chances of concentrating risk with the potential to produce losses large
enough to threaten the SecurityIT's financial health; and

CFO will be accountable for all the risks, making the funds susceptabilty to theft or
loss.

Recommendation

All the company account have to be maintained by SecurityIT only.

Observation 3- Improper documentation of payment vouchers

"When Sulaiman enquired about how the payment vouchers are kept, he discovered
that some of them were not complete, not properly authorized and lack verification.
They also have not been properly filed. There were also no documents to record the
money market investment activity by the CFO."
Moving forward, the information mentioned above shall be improper documentation of
payment vouchers.
Payment voucher used in financial transactions to enhanced the company's internal control
over payments to it's vendors and service providers. This provides an information about the
business activity is recorded and the same is approved/ authenticated/ authorized by the
relevant person in the management. Thus voucher is any document that proves that a
particular transaction did happened and the person reponsible for such transactions knew
about it. It is usually accompanies with purchase invoice, goods received note and/or
purchase order when approval for payment is sought.
Effect or Risk

Unauthorized payments made to non-existent vendors;

Erroneous or fraudulent invoices approved for payment;

Improper charges made to in department budgets;

Account payable department will be accountable for the risk of loss or fraud; and

Inconsistent documents can cause items to be overlooked or misinterpreted.

Recommendation

Record keeping requirements exist throughout the payment process. A record of

payment process must be maintained and correctly recorded by the accountable
employee.

SecurityIT could form a standardized documents used in the account payable

department to include pre-numbered, can help to review past records and make

easier to detect the missing documents.

Prior preparing payment voucher, account payable deparment has to do 3-way

matching such as

a vendor's invoice has to be matched with the company's

purchase order and receiving report. In addition to attaching the three items to the
voucher, the following information is also entered on the voucher: payee/vendor
name, discount terms, the amount and date to be paid, the general ledgar account
numbers to be charged, and the authorizing signatures. The voucher is then
recorded in the voucher register. After making payment, a copy of the voucher is
stamped "Paid" and then filed in the paid voucher file in order to prevent a duplicate
payment.
http://www.constructionbusinessowner.com/topics/accounting/acc

HYPERLINK

"http://www.constructionbusinessowner.com/topics/accounting/accountingfinance/identifying-contract-and-procurement-fraud"

HYPERLINK

"http://www.constructionbusinessowner.com/topics/accounting/accountingfinance/identifying-contract-and-procurement-fraud"

HYPERLINK

"http://www.constructionbusinessowner.com/topics/accounting/accountingfinance/identifying-contract-and-procurement-fraud"

HYPERLINK

"http://www.constructionbusinessowner.com/topics/accounting/accountingfinance/identifying-contract-and-procurement-fraud"

HYPERLINK

"http://www.constructionbusinessowner.com/topics/accounting/accountingfinance/identifying-contract-and-procurement-fraud"

HYPERLINK

"http://www.constructionbusinessowner.com/topics/accounting/accountingfinance/identifying-contract-and-procurement-fraud"

HYPERLINK

"http://www.constructionbusinessowner.com/topics/accounting/accountingfinance/identifying-contract-and-procurement-fraud"ounting-finance/identifying-contract-andprocurement-fraud

Observation 4- Non-compliance with policy & procedures

"When he browsed through the bank statements, he was quite perplexed when he
saw the high amount of bank charges. He asked Firdaus, one of the accountants and
the following is the conversation:
Firdaus: Oh Sir, that is actually a charge on cash cheque issuance, which is only RM2

per cheque.
Sulaiman : Then how come the total amount is very high if the charge is small?
Firdaus: The charge is small amount but we have been issuing cash cheques
frequently to the vendors.
Sulaiman : Are we allowed to do this?
Firdaus : Actually, such practice is not permitted under the company policy but the
vendors keep insisting that we issue cash cheques. Besides, the top management
knows about this and they didn't say anything."
According to the conversation above, I noticed that the accountant have been issuing cash
cheques frequently to the vendor and bank been charging on cash cheque for RM 2 per
cheque. Furthermore, such practice is not permitted under the company policy and the top
management knew about this matter and didn't not take any futher steps regarding this cash
cheques issues. Moreover, SecurityIT accountant should be issuing crossed cheque rather
than issuing cash cheque due to degree of risk towards the company cause cash cheque is
equivalent to cash and easier to exchange it to cash.

What is Crossed cheque?

For crossed cheque, reduces the danger of unauthorised persons getting possession of a
cheque and cashing it. A crossed cheque can only be cashed through a bank of which the
payee of the cheque is a customer. A cheque crossed generally will be paid to any bank
through which it is presented. A cheque crossed specially will be paid only when it is
presented for collection by the bank named between the parallel lines. Such crossing affords
a greater measure of protection against loss. Crossing is to make sure that the payment is
made or credited to the right person.

Effect or Risk of cash cheque

There is no payee name stated so it may caused other third parties or unknown
person to just exchange it to cash as it may lose trust from the clients instead of
protecting the best interest of the clients by securing the cheques in the best best

possible ways;

Frequent issuing cash cheque will have a huge impact on the company which can
collapse such as one of the oldest mechant banks in England-Barrings Bank
collapse due to frequent issuing cash cheque and eventually it will lead to the same
route; and

If any fraud payment, it is hard to detect the person or party receiving the payment
just by the bank statement.

Recommendation

Avoid issuing cash cheques;

SecurityIT must set out mechanisms for the delegation of authority to the most
appropriate decision-making levels. Requiring cheque signing authorities for large
payments can prevent unscrupulous employees from making large fraudulent
transactions.

Observation 5- Inaccurate information in Balance sheet

Financial Statement-Balance Sheet
i.

Inventories

"One thing that struck him as strange was the inclusion of inventories under the
Current Assets section of the Balance Sheet (refer Appendix I) because SecuritylT
was a fully service company and never got involved in trading activities."
Upon perusal on the balance sheet, I noted that the inclusion of inventories under the
Current Assets of RM2,058 million certificates, which by right they supposed to treat as
revenue to the company since those certificates generate income upon issuance. However,
digital cerificates are non-tangible to be considered as physical inventories. Refer to Table 1
on Accounting treatment (Adjustment Entries) as tabulated below:

ii. Accruals
"Sulaiman found that SecuritylT had always been prompt in terms of payment when
they received invoices from their suppliers. Any invoice issued will be settled
immediately."

Upon my review on the balance sheet, I noted that SecurityIT been prompt in term of
payment as any invoice issued will be settled immediately due to its healthy cash balances
as they are making really good profits but yet why the accruals have tremendous raise from
RM 585,000 (2009) to RM 3,303,000 (2010)? The reason was they recorded in a wrong
entries. Refer to Table 1 on Accounting treatment (Adjustment Entries) as tabulated below:
iii. Trade Receivables
"Another thing that Sulaiman noticed in the Balance Sheet was that trade receivables
had been increasing more than RM1 million from last year and was now the largest
item under Current Assets in the Balance Sheet of the company. When he enquired
from Musa, Sulaiman discovered that more than RM4 millions of the receivables was
overdue for more than one year and there were about 20 debtors accounts involved."
From the above conversation, I found that SecurityIT receivables have drastically gone up
more than RM 4 millions was overdue for more than one year. However, the receivables
keep on increases, it can bring serious problems to SecurityIT if not managed prudently. If
SecurityIT unable to collect payments from customers within 1 year, it should be considered
as bad debt expense. Refer to Table 1 on Accounting treatment (Adjustment Entries) as
tabulated below:

Observation 6-Enhancement on the corporate culture

"the cafeteria is of course the most important room"
After observing, it shows about how the people here on their attitude towards work. It shows
that SecurityIt have a poor corporate culture. This people actually become more relaxed and
comfortable among each other otherwise, they wouldn't be having discussion meeting in the
cafeteria.
Why corporate culture are so importance in every organization?
A healthy corporate culture values each employee in the organization regardless of his job
duties, which results in employees working as a team to meet the companys and their own
personal needs. Healthy corporate culture improves the performance of a business in a
number of areas as follows:
i.

Reputation

Companies with a healthy corporate culture gain a positive reputation among

potential workers, which may attract talented and skilled workers to the organization.
In addition to attracting high-quality workers, a well-regarded business reputation
allows the company to charge a higher price for products and services and increases
the value of the company in the financial market. Customers may prefer to conduct
business with a business with a solid corporate reputation.
ii. Productivity
The improved morale of workers in a company with a healthy corporate culture
increases productivity. When workers increase productivity, the financial health of the
organization improves, and profits increase. Increases in productivity are a measure
that illustrates efficiencies and effectiveness in the company. Employees benefit from
increases in productivity with higher salaries in employee benefit programs.
iii. Quality
Healthy corporate cultures encourage workers to deliver quality products and services.
Companies with cultures valuing the highest standards create an atmosphere for workers to
deliver products that meet those high standards. The cultural standards for excellence are
an important factor for creating a product or service with a reputation for high quality.
Lu
http://smallbusiness.chron.com/importance-healthy-corporate-culture-20899.html

Risk
In an article for Entrepreneur, Robert McGarvey outlined some warning signs of trouble with
the company culture, including: increased turnover; difficulty in hiring talented people;
employees arriving at work and leaving for home right on time; low attendance at company
events; a lack of honest communication (is being lack of transperency) and understanding of
the company mission; an "us-versus-them" mentality between employees and management;
and declining quality and customer satisfaction. A small business exhibiting one or more of
these warning signs should consider whether the problems stem from the company culture.
If so, the small business owner should take steps to improve the culture, including
reaffirming the company's mission and goals and establishing a more open relationship with
employees.

Relating to the conversation below:

"Musa told him, "Actually, we never had to prepare such reconciliation report before
and our 2008 annual report has been audited just fine. I don't know what the fuss is
all

about."

When I enquiry regarding about the issue, Musa did not disclosed any matters and I noticed
that he wasn't being transparency.
http://www.referenceforbusiness.com/small/Co-Di/Corporate-Culture.html#ixzz4QpWSl5ND

Recommendation

State a clear vision and great communication at all levels

The leader must clearly communicate and contribute the company's vision statement and
serve as a role model for the desired attitudes and behaviors, then consistently reinforce it.

Provide training

Employee training programs present the perfect opportunity to begin inundating the
workplace with core values. With each new employee, a new chance to promote the core
values of the company arises. Successful training programs of this nature create a core of
employees who not only understand but also adhere to the core values of the work place. If
a set of core values is implemented after the hiring of employees, these employees can be
re-trained under the banner of "professional development" so as to not give the impression
that they require additional training and, thus, the implication that their work performances
are subpar.

Opportunities for growth

A company that provides opportunities for growth and development can prevent boredom
and keep its employees engaged. Depending on your organizational structure, you might
provide opportunities for job promotion, additional responsibilities, career development or
increasing financial improvement. By allowing your staff the chance to grow as
professionals, you can keep them from stagnating in their jobs. With new challenges,
employees can find renewed energy and interest to keep them engaged.

Communicate clearly and openly

Communication is an important part of creating a strong corporate culture. When your staff
feels comfortable and safe while expressing their opinions, they are more likely to speak up
instead of letting resentments boil beneath the surface. In turn, management must respect
each staff member by listening, letting them know they are heard, and being transparent in
their own motives and operations. A culture that invites open communication can also
encourage participation, engagement and sharing of innovative ideas.
http://smallbusiness.chron.com/organizational-culture-employee-engagement-10627.html

Conclusion
This report rely on information and representations made available by Management
which comprise inquiries, observations and recommendations, covering the report
objectives. This report highlighted the weakness on SecurityIT financial activities
especially on cash management. There are also management and behavioral
organization issues that might affect the future of the company. SecurityIT should take
immediate action to rectify the all the findings prior it affect next year.