Internal Control over Financial Reporting

Internal Control over Financial Reporting

Foundation of Financial Transparency

7/16/2025
Internal Control over Financial Reporting

What is ICFR?

ICFR refers to the set of internal controls specifically designed to ensure the reliability of an organization’s financial statements and compliance with applicable accounting standards (such as IFRS). Internal Control over Financial Reporting (ICFR) is more than a compliance checklist, it’s the system that ensures your financial data is accurate, complete and reliable.

It ensures that:

  • Transactions are properly authorized, recorded and reported
  • Financial data is accurate, complete and timely
  • Companies comply with regulatory requirements
  • Fraud and material misstatements are prevented or detected

A strong ICFR framework is a critical pillar of corporate governance and financial integrity.

Why ICFR Matters in the UAE Context?

In recent years, the UAE has made significant strides in strengthening corporate accountability and investor confidence, making ICFR an essential part of this agenda.

Key UAE Developments:

  • Mandatory for PJSCs: As per SCA Decision no. 2/RM of 2024, all Public Joint Stock Companies are required to implement and report on ICFR from 2024 onward.
  • Auditor’s Role: For FY 2024, auditors will issue a private opinion on ICFR. From 2025, a public audit opinion is mandatory, disclosing any deficiencies and corrective actions.
  • Insurance Sector Compliance: All UAE-based insurers must follow the CBUAE’s 2025 Reporting Requirements, which incorporate ICFR elements.
  • Corporate Tax Impact: With the UAE Corporate Tax Law (Decree-Law No. 47 of 2022), companies must maintain accurate financial records, including transfer pricing documentation—making ICFR critical for compliance.

Even for private companies, a well-designed ICFR framework enhances investment readiness, access to capital, and financial transparency.

How ICFR Differs from Other Controls?

Feature

ICFR

Other Internal Controls

Focus

Financial reporting accuracy

Operational efficiency, safety and compliance

Scope

Balance sheet, P&L, disclosures

HR, Procurement, IT Security, etc.

Oversight

CFO, Audit Committee, External Auditors

Department heads, Internal Audit

Design Standard

COSO / SOX

Varies (e.g., ISO, company policy)

Examples of ICFR in Action

Control

Description

Purpose

Dual Authorization of Journal Entries

Two-level approval for entries > AED 500,000

Prevents unauthorized adjustments

Monthly Bank Reconciliations

Compare bank and ledger balances

Ensures bank balance accuracy

ERP Access Control

Restricted posting rights in financial modules

Prevents unauthorized entries

Automated Receivables Aging

Tracks overdue balances

Supports provisioning accuracy

How Crowe Can Support Your ICFR Journey

As experts in control design and forensic assurance, we help organizations:

  • Assess ICFR readiness and compliance gaps
  • Map risks and design control matrices
  • Train stakeholders on COSO-based frameworks
  • Prepare for auditor reviews and certification

Coming Next Week:

In Week 2, we’ll explore COSO’s 5 components, key financial reporting risks and how to align your control environment with UAE regulatory expectations.

Let’s start strong - your financial statements depend on it.

Contact Us


Rakesh Kumar
Rakesh Kumar Dhoot
DirectorInnovation and Transformation