Global Site
Argentina Aruba Barbados Bolivia Brazil Canada Cayman Islands Chile Colombia Costa Rica Curacao Ecuador El Salvador Guatemala Honduras Mexico Panama Paraguay Peru Puerto Rico Saint Martin Suriname United States Uruguay Venezuela
Afghanistan Australia Cambodia China Hawaii Hong Kong India Indonesia Japan Macau Malaysia Maldives Mongolia Myanmar Nepal New Zealand Pakistan Philippines Singapore South Korea Sri Lanka Taiwan Thailand Vietnam
Albania Andorra Armenia Austria Azerbaijan Belgium Bulgaria Croatia Cyprus Czech Republic Denmark Estonia Finland France Georgia Germany Greece Hungary Ireland Italy Kazakhstan Kosovo Latvia Liechtenstein Lithuania Luxembourg Malta Moldova Montenegro Netherlands Norway Poland Portugal Romania Serbia Slovakia Slovenia Spain Sweden Switzerland Tajikistan Turkey Ukraine United Kingdom Uzbekistan
Algeria Angola Bahrain Côte d’Ivoire Egypt Ghana Iraq Israel Jordan Kenya Kuwait Lebanon Liberia Mauritius Morocco Mozambique Nigeria Oman Qatar Saudi Arabia Senegal Sierra Leone South Africa Syria Tanzania Togo Tunisia Uganda United Arab Emirates Yemen
Contact Us
home News
Internal Control over Financial Reporting

Internal Control over Financial Reporting

Foundation of Financial Transparency

Rakesh Kumar Dhoot
6/24/2026
Internal Control over Financial Reporting

What is ICFR?

ICFR refers to the set of internal controls specifically designed to ensure the reliability of an organization’s financial statements and compliance with applicable accounting standards (such as IFRS). Internal Control over Financial Reporting (ICFR) is more than a compliance checklist, it’s the system that ensures your financial data is accurate, complete and reliable.

It ensures that:

  • Transactions are properly authorized, recorded and reported
  • Financial data is accurate, complete and timely
  • Companies comply with regulatory requirements
  • Fraud and material misstatements are prevented or detected

A strong ICFR framework is a critical pillar of corporate governance and financial integrity.

Why ICFR Matters in the UAE Context?

In recent years, the UAE has made significant strides in strengthening corporate accountability and investor confidence, making ICFR an essential part of this agenda.

Key UAE Developments:

  • SCA requirements for PJSCs: SCA Decision No. 2/RM of 2024 and subsequent circulars have strengthened internal control, risk management and ICFR expectations for SCA-regulated PJSCs. Companies should align implementation, documentation and auditor involvement with the latest SCA circulars.
  • Auditor’s Role: Auditor reporting and ICFR assessment requirements should be confirmed against the latest SCA circulars. SCA’s AGM circular also requires the external auditor engagement contract to expressly include ICFR assessment for the 2026 financial year and subsequent years.
  • Insurance Sector Compliance: UAE insurers should align with CBUAE’s Risk Management and Internal Controls Relation and Standards for Insurance Companies. Insurance groups should also consider the CBUAE Insurance Group Supervision Regulation C4/2025, where applicable.
  • Corporate Tax Impact: With the UAE Corporate Tax Law (Decree-Law No. 47 of 2022) and its amendments, companies must maintain accurate financial records, including transfer pricing documentation—making ICFR critical for compliance.  

Even for private companies, a well-designed ICFR framework enhances investment readiness, access to capital, and financial transparency.

How ICFR Differs from Other Controls?

Feature

ICFR

Other Internal Controls

Focus

Financial reporting accuracy

Operational efficiency, safety and compliance

Scope

Balance sheet, P&L, disclosures

HR, Procurement, IT Security, etc.

Oversight

CFO, Audit Committee, External Auditors

Department heads, Internal Audit

Design Standard

COSO / SOX

Varies (e.g., ISO, company policy)

Examples of ICFR in Action

Control

Description

Purpose

Dual Authorization of Journal Entries

Two-level approval for entries > AED 500,000

Prevents unauthorized adjustments

Monthly Bank Reconciliations

Compare bank and ledger balances

Ensures bank balance accuracy

ERP Access Control

Restricted posting rights in financial modules

Prevents unauthorized entries

Automated Receivables Aging

Tracks overdue balances

Supports provisioning accuracy

How Crowe Can Support Your ICFR Journey

As experts in control design and forensic assurance, we help organizations:

  • Assess ICFR readiness and compliance gaps
  • Map risks and design control matrices
  • Train stakeholders on COSO-based frameworks
  • Prepare for auditor reviews and certification

Coming Next Week:

In Week 2, we’ll explore COSO’s 5 components, key financial reporting risks and how to align your control environment with UAE regulatory expectations.

Let’s start strong - your financial statements depend on it.

Echoes of truth

Wednesday Deep Dive – Echoes of Truth is a weekly thought-leadership series by Crowe’s Risk Advisory – Forensic & Process Excellence Division.

It delivers practical insights on forensic investigations, fraud risk, governance, internal controls and process excellence. Each edition draws from real-world engagements and global best practices to help organizations identify red flags, strengthen controls, optimize processes, and build resilient, transparent and high-performing operations.

Explore articles
Rakesh Kumar
Rakesh Kumar Dhoot
Associate Partner- Risk Advisory, Forensic & Process Excellence Division
009714 447 3951