ONLINE CA SERVICES LOGO

Internal Audit Service in Retail Industry- Procedure, Consulting

629382e030fb025780ee2963

Get Free Consultation

Internal Audit Service in Retail Industry- Procedure, Consulting

Standards on Internal Audit (SIA) 110, The essence of assurance when independent assurance demands the publication of an audit opinion on design, implementation, and operational efficiency, not just compliance.

Standards on Internal Audit (SIA) 120, ‘Internal Controls’ as systemic and procedural steps adopted by organisations to mitigate risks, specifically in the fields of financial accounting and reporting, as well as operational processing.

As per Standards on Internal Audit (SIA) 130 ‘Risk Management’, Internal auditors can use the standard to understand important terms, different responsibilities of management and internal auditors, and how to mitigate and manage risk.

Standard on Internal Audit (SIA)140 ‘Governance’,which is the framework for achieving the company’s objectives through a set of relationships between the company and its various stakeholders (both internal and external). This relationship and structure helps to guide the behaviour of individuals and groups in the right direction.

Standard on Internal Audit (SIA) 150 ‘Compliance with Laws and Regulations’,Management and those charged with governance on the compliance framework require independent assurance from internal auditors

ICAI issued a Standard on Internal Audit (SIA) 530, ‘The Third Party Service Providers’ The third-party service providers, which prescribes the key requirements for providing an independent assurance over business operations at TPSP.

Risk Faced by Retail Industry

 

The Internal auditor may make a risk assessment of the entity audit. This is important in order to ensure prevention of any non-compliance or concurrence of undesirable events. The Internal auditor may verify whether sufficient controls are given to the organisation to detect such risks and prevent its occurrence by suggesting suitable methods of action to the organisation.

Business Risk: Business risks include international operations, non-compliance, credit risks, product range changes, fraud, theft, and natural disasters.

Political Risk: Political risk is a concern about changes in the social and governmental environments, which includes government-uncontrolled events like riots and government-controlled events like embargoes.

Inventory management Risk: Inventory management risk includes rapid maturation of inventory, Improper handling of goods, Shipping risks for delicate products, etc.

Brand Reputation Risk: Retail Industry’s reputational risk is high and costly to recover. Brand risk management techniques include script, supervision, audit, training, and feedback. Legal issues arise when customers terminate service, redirect efforts, or adjust pricing due to reputational risk.

Environment Risk: Environmental risk associated with retail industry, generally falls into two categories:

  • Site acquisition, development, and construction: Clean up costs, pollution legal liability, and delayed project completion.
  • Store Operations: Nature of products sold and store maintenance.

Systemic Risk: Systemic risk: Systemic risk affects all contributors in the economic sector and industry. Regulators and governments focus on risks to systems that support local and global economies.

Business Continuity Risk: Improper supply chain management, damage of brand and significant changes in economic situations are more or less major risks affecting the business continuance.

Intellectual Property Risk: IP registration and legal backing cannot prevent the significant threat of IP infringements to businesses. Examples: copyright, trademark, patent infringements, selling counterfeits, international importation of infringing products, infringement on websites and social media, disclosure of trade secrets.

Social Media Risk: Social media can lead to companies’ reputational risk, which can result in decreased sales, share price, and customer loyalty. 

Risk Assessment in the Retail Industry


 

Internal auditors plan their audits with a risk-based approach, paying close attention to the areas and issues that pose the highest risk to the company. Internal auditors evaluate risks independently, taking into account the risks assessed by management and statutory auditors and the auditable units involved in the company’s risk management framework and processes.

Internal Control in the Retail Industry

 

Internal controls are systems and procedures that aim to manage risks, prevent errors and irregularities, and ensure accurate financial reporting. They are available in either manual or automated form.

The risk of financial exposure is mitigated by financial controls (IFCs), while operational risks are mitigated by operational controls (OCs). IT general controls ensure automation system security and application controls check transactions at an application level, while manual controls require human intervention.

The assessment of an entity’s internal controls and control environment by internal auditors leads to the development of an efficient audit approach.

Overview of Compliance in the Retail Industry

 

The objective of internal audit procedures is to ensure compliance with laws and regulations and provide assurance to management and the organisation.

The internal auditor will evaluate the design, implementation, and operational effectiveness of the company’s formal compliance framework in certain instances.

In the event that the company does not have a formal compliance framework, the internal auditor will design and conduct audit procedures to identify any areas of non-compliance and make recommendations to improve compliance.

Overview of Governance in the Retail Industry

 

Internal Audit (IA) is a vital component of organisational governance, ensuring compliance, minimising risks, and improving efficiency. The Institute of Chartered Accountants of India (ICAI) issued SIA 140 on governance to provide a common terminology, clarify the Internal Auditor’s role in providing assurance, and explain the duties of the Board, Management, and Audit Committee.

Internal Auditing (Retail Industry) in an IT Environment

 

To conduct an independent IT risk assessment and determine necessary controls to mitigate risks before starting any IT audit activities, internal auditors must meet certain requirements to gain an understanding of the business operations and IT environment.

Two main components of Information Technology Environment includes:

  • IT Infrastructure (includes hardware, IT architecture, operating systems, communication network storage systems;) and
  • Application software and data (including but not limited to interface, business resource planning, customer relationship management, dealer and channel management system, electronic commerce applications, robotic process automation.)

Performing audit procedures to provide assurance in the areas of:

  • Security and reliability of information
  • Analysing and reporting information
  • Efficiency and effectiveness of information processing
  • Continuous access and availability of information
  • Compliance with IT-related laws and regulations

To conduct an independent IT risk assessment and determine necessary controls to mitigate risks before starting any IT audit activities, internal auditors must meet certain requirements to gain an understanding of the business operations and IT environment.

Data security measures of Retail Industry

 

It is a major risk in the retail industry. Security in a retail industry can be categorised into two components:

IT Security

Data can be at risk from various sources, including the following:

  • Natural Calamity: Equipment and storage devices can suffer damage from fires, floods, earthquakes, and other natural disasters.
  • Theft of Data: Employees can often misuse, steal, copy and/or delete part of the information when they leave the company or while they are still in employment.
  • System Crash: System crash is a condition where a program stops performing its expected function and stops responding to other parts of the system.
  • Computer Fraud: The data can be stolen or misused by hackers, scammers, and other criminals.
  • System Bugs: Errors in code can cause unexpected results and data loss.
  • Telecommunication Failure: Telecommunication failures can freeze the flow of data to and from computing systems, preventing operations.
  • Virus Problem: Viruses are computer programs that can duplicate themselves and infect a computer.
  • Hacking: Hacking can involve stealing passwords, encrypted data, or software packages.

Physical Security

The entity is responsible for protecting its customers, staff, and properties. Physical security, such as surveillance systems and access control, is employed to deter crime and safeguard assets.

It could include the security of the following areas:

  • In store: POS, cash-handling areas, displays, customers, and employees.
  • Back office and warehouse: Equipment, assets, time and attendance, productivity, and safety.
  • Parking and outdoor premises: Entry and exit points, suspicious vehicles, and deliveries.

Operating Cost in the Retail Industry

 

For any entity operating in the retail industry, there are significant operating costs that need to be taken into account:

  • Lease Expenses
    The success of the store can be influenced by the rental charges for office buildings, property, or employee housing. The rental costs can be determined by the store’s location.
  • Advertising and Marketing Expenses
    Branding is one of the key aspects in development of any entity’s reputation and a strong brand name. In an increasingly competitive market, an effective brand strategy can give a significant advantage.

The following are the marketing strategies that the entity may use:

  • Loyalty Programs
    Retail loyalty programs reward customers with discounts and other benefits for repeat business, and program managers are responsible for monitoring customer activity and developing strategies to improve engagement.
  • Multi Channel Marketing
    Multi-channel marketing uses multiple channels to reach customers and requires a well-coordinated supply chain management system to ensure consistency and effectiveness.
  • Penetration Analysis
    Determining stock requirements at a particular location and developing promotion strategies can be improved by managing by analyzing the extent of a commodity’s reach.
  • Store Maintenance Expenses
    Stores must be maintained to ensure customer satisfaction and prevent goods from perishing prematurely. This requires significant maintenance expenditures, which can be reduced through annual maintenance contracts (AMCs) with professional agencies.
  • Finance Charges
    The entity must borrow funds with cost-effectiveness, which may include external commercial borrowings for foreign currency expenses.

Measuring Operational Efficiency

Measurement of operational efficiency can be done by the internal auditor using the following methods:

  • Operational research – based method
  • Data Envelopment Analysis (DEA)

A retail store is considered efficient when it produces the highest amount of output relative to inputs when compared to other similar stores. Internal auditors are responsible for verifying expense capture procedures and controls, ensuring fair allocation of common expenses, and conducting analytical procedures to identify inconsistencies.

  • Total Fixed Cost

    The growth in total fixed cost signals expansion activity. In these cases, an internal auditor may verify the sufficiency of controls with respect to the growth entity.

  • Operating Cost to Revenue (undertaking wise)

    The internal auditor calculates the entity’s operating costs based on revenue in various legal environments, even though there are challenges.

  • Variable cost per man hour per Undertaking

    The total undertaking cost is divided by man hours to calculate the variable cost per man hour. Comparing it across periods can reveal significant changes in expenses and help identify the reasons.

  • Interest Cost to Loans

    Internal auditors can verify if the interest paid on loans is significantly high by comparing it to existing rates, which is the basis for estimating the average cost of borrowing.

Other Crucial areas of Internal Audit in the Retail Industry

 

Visual merchandising

Visual merchandisers create displays using colour, lighting, space, product information, and sensory inputs like smell, touch, and sound. They also incorporate technologies like digital displays and interactive installations.

Managing shrinkages

Retail stores can experience shrinkage due to a variety of factors, including:

  • Process Lapse:Process lapses like this can cause stores to experience shrinkage:
    • Incomplete or inaccurate receipt verification
    • Manual bills not updated in POS
    • Returns not accounted for promptly
    • Consumer promotions not updated in the system
  • System Lapse: Poor quality of scanners or stickers and duplicate SKU Code would force manual intervention at POS. Errors and shrinkage can be caused by manual intervention.
  • Vendor Fraud:The warehouse would likely experience shrinkage due to the vendors’ short supply compared to the quantity in the Goods Received Note (GRN). Moreover, any such malpractice adopted by DSPs (direct supplies to stores) would also amount to shrinkages.
  • Employee Fraud:This is the most common means of fraud causing shrinkages. The followings could be types of malpractices:
    • Improper Invoicing: billing lesser quantity / non-billing of certain products / billing products with lower prices as against actual selling price of products sold.
    • Theft by employees in their own workplace.
    • Fraudulent practice in handling home deliveries.
    • Fraud concerning products exchanged by clients.
  • Customer Shoplifting:Retailers face a significant challenge in preventing the theft of small, high-value items by customers, but corrective measures can mitigate the risk.

Handling of Products and Disposal of Damages and Expiries/ Product nearing expiry/ Obsolescence

  • Handling product – Handling products would be an important part in activities carried by a retail industry. It involves activities such as pushing, pulling, carrying, lifting and holding.

    The internal auditor may perform assessment of each manual task and the following factor may be considered in framing his internal audit procedures:

    • Nature of the objects being handled.
    • Actions and Movements involved in the task.
    • Duration and Frequency of the task.
    • Analysis of relevant injury and statistics.
    • Training and experience of the employees.
    • Age of the employee doing the tasks.
  • Disposal of Damages and Expiries –In case of disposal of damages and expiries/ product nearing expiry/ Obsolescence, the internal auditor would assess the following:
    • Storage systems and manuals of the entity.
    • Periodicity of verification of stock.
    • Controls on disposal of such goods.
    • Methods to prevent damages and its sufficiency.
    • Treatment of identified damages and its disposal.
    • Adequacy of controls to record these losses and disposals.

Financial Accounting and Reporting

 

The internal auditor may verify the sufficiency of controls related to maintenance of accounts by entity. The Internal Auditor also verifies the controls for allocation of costs between different departments in every store and verifies whether it is adequate and trustworthy when it comes to the overall business operations.

A management information system (MIS) that can provide sufficient information for decision making could be the best fit for the entity if the accounting system is comprehensive enough and enable the entity to understand complexities of business, status of implementation of new ideas and status of operations of the entity.

The notification system should be sufficiently comprehensive and capable of providing the following information:

Sales and Collection

  • Daily statements of sales through cash, credit card, coupons, debit card across individual stores.
  • Department wise sales
  • Reconciliation between sales and collection statutes with outstanding debtors.
  • Benefits of ads through additional revenue and customer loyalty.
  • Trends of sales in a particular location.
  • Consumption vs sales analysis.

Inventory management

  • Loss of inventory due to stolen, damaged or lost assets.
  • Inventory at cash store, warehouse and storage centres.
  • Inventory ageing system.

Supplier Analysis

  • Status of all pending orders.
  • Tracking credit period of each distributor.
  • Matrix of orders placed for each product throughout the services.

Others

  • Customer feedback review analysis.
  • Sensitivity analysis for price and discounts, and non-availability of key products.
  • Gross profitability ratio across different products.

 

Mystery Audit in the Retail Industry

 

Mystery shopping is an evaluation conducted by a mystery shopper posing to be a regular customer to experience and inspect the level of customer service being provided by the entity. Mystery audit has an objective to overview the business with the eyes of customers.

Mystery shopping provides management a detailed assessment of employee’s performance and variables that affect a customer’s experience and satisfaction with the business.

Mystery shopping assessments can be completed with tools such as simple questionnaires to complete audio and video recordings. Mystery shopping can be used in any industry, with the most common venues being retail stores, hotels, movie theatres, restaurants, fast food chains, banks, gas stations, car dealerships, healthcare facilities.

Why Taxvilla

g1

Complete Digital

g2

Free Expert Assistance

g3

Best Price Guarantee

g4

4.9/5 Google Rating

g5

Money Back Guarantee

g6

Simple & Fast Process

Scroll to Top