Official Site of The State of New Jersey

Internal controls are the processes and policies that help an organization achieve effective and efficient operations, reliable financial reporting, and compliance with applicable laws, regulations, and policies. It’s a phrase you’ll read a lot if you are familiar with the Office of the State Comptroller (OSC)’s audit reports. The goal of an internal control system is to mitigate risk from fraud, errors, and loss while furthering business objectives. There are three main types of internal controls – detective, preventive, and corrective – and all of these are impacted by human behavior and individual choices.

Everyone in an entity has responsibility for upholding and adhering to internal controls – but roles vary in accountability and level of involvement with each component. Senior management is responsible for the development and implementation of internal control policies and procedures which are then executed by all employees directly involved at a detailed level.

Internal controls are the first line of defense against fraud, waste, and abuse, but unfortunately, no system of internal controls is perfect. Controls are only designed to provide reasonable assurance that an organization will achieve its goals. There is always a way in which the system can fail or be circumvented. Some of the most common limitations of internal control are collusion, human error, improper communication or training, and management override.

Management override of internal controls is the intervention by managers to overrule or circumvent prescribed policies or procedures for unlawful purposes, such as personal gain or an enhanced appearance of a department’s financial condition. With management override, employees are expected to carry out management's instructions and most do so - out of loyalty or fear - even if it means ignoring an internal control procedure. Left unchecked, management override can negate the effectiveness of other internal control measures.

Government entities are not immune to management override. They may find themselves dominated by someone who can override internal controls. It could be a department head or an elected official. It could be somebody with a strong personality or a person who has too many “important things” to do to comply with internal control procedures.

One of the best ways to reduce the risk of management override is to build a culture where integrity is held in high regard and practiced every day. A culture that supports employees who speak up when they suspect something is wrong without fear of retaliation. The message must be clear and sent from the top: internal control policies and procedures apply to every official, department head, and employee. As government employees, it is OUR responsibility to protect OUR tax dollars from fraud, waste, and abuse.

If you are involved in a situation where you are asked to do something you feel is illegal, unethical, or just feels wrong and you don’t feel comfortable talking to your supervisor or management staff, reach out to OSC. OSC’s mission is to make government in New Jersey more efficient, transparent, and accountable. If public employees are doing something wrong or programs are wasting taxpayer funds, OSC wants to know about it. A complaint or tip may be made anonymously through the OSC website, by email at comptrollertips@osc.nj.gov, or by calling our Government Waste and Mismanagement Hotline at 1-855-OSC-TIPS (672-8477).