New CFO? Make Reviewing the Control Framework a Priority

Starting a new CFO role presents a unique opportunity to shape the future of the finance function—and, by extension, the organisation as a whole. You’re expected to bring strategic insight, operational discipline, and leadership clarity. But before diving into transformation initiatives or performance improvements, there’s one essential step that sets the foundation for everything else:

The Control Framework

The Control Framework is not just a compliance exercise; it is a strategic foundation that enables trust in financial reporting, understanding of risks, and effective leadership. This framework ensures that the data driving critical business decisions is both accurate and reliable.

Finding Functional Fit

Before assessing controls, it’s critical to understand your functional fit—what exactly falls under your scope as CFO. Scope can vary widely across organisations. Some CFOs oversee IT, procurement, or ESG; others focus strictly on Finance and reporting.

As part of the Loughridge Transformations Nine Steps to Finance Transformation, we developed a five-part functional model to help you do that. To further explain, our blog article walks through each part of the model and some real-life applications.

Health Check the Function

Once you’ve established your Functional Fit, it’s vital to proactively conduct a health check of the organisation you’ve just joined. This task should be completed as soon as you’re up and running, with activities addressed by the 90-day mark. This proactive approach ensures you’re fully aware of the organisation’s financial health and can take necessary actions.

Evaluating the health of the finance function goes beyond financial results—it’s about the integrity of the processes that produce those results.

Key considerations include fraud and error prevention, ensuring the accuracy of financial statements, maintaining segregation of duties, and establishing effective financial controls. After all, how can you trust the reported profit or loss if the underlying processes that generate these figures are unreliable?

The Importance of a Risk-Based Control Framework

Financial Controls safeguard the organisation’s assets and ensure that Management Information reporting used to make business decisions is correct and valid. They form part of our five-part PROTECT model.

Whether your organisation is publicly listed, privately owned, or has charitable status, a good starting point is to examine the financial control framework closely. A risk-based control framework is not just for publicly listed companies with regulatory requirements, such as SOx404. It’s a cost-effective way to manage the risk of error or fraud. The procedures should be thoroughly documented and readily accessible for all staff as part of your working documentation.

Control Framework – Design AND Operating Effectiveness

Furthermore, it’s essential to design effective control procedures and ensure that they are adhered to by your team. Leadership support is crucial in fostering a culture of compliance and accountability. If the organisation lacks this cultural norm, introducing new controls may prove to be more challenging than identifying the necessary procedures.

To mitigate the risk of staff failing to follow financial control procedures, consider implementing a testing regime for these controls. This regime ensures (and assures management) that the financial controls are design-effective and operating-effective. Any operational control failure needs mitigation. This mitigation could involve further training for control operators, change management, and updating control documentation and procedures.

Control Framework – The Worst-Case Scenario?

Imagine stepping into your new role only to discover that meaningful financial controls are absent. Where do you start?

Segregation of Duties (SoD) is a fundamental principle rather than a specific control measure. It focuses on minimising the risk of errors or fraud when individuals are involved in purchasing goods or services or receiving payments. SoD nsures that no single person has complete control over entire processes. For instance, allowing one person to manage all steps of a transaction could lead to situations where company funds are used for personal expenses. We’ve all heard stories over the years of that sort!

These reconciliations are a regular task that ensures the movements you have recorded in your books (for example, the ERP) match the bank statements. Therefore, they are valuable reconciliations, allowing you to check against external records (bank statements).

You might not immediately see this as a control activity. However, the monthly or quarterly review of actuals versus budget is critical and requires meaningful analysis, explanations, and commentaries. It is also one of the gateways to discovering errors in your accounts. For example, income is allocated to the wrong project; someone keyed in the wrong amount or used an incorrect currency conversion. The list can go on and on.

You need to ensure that your staff know which commitments they can make on behalf of the organisation. Far too often, we have witnessed staff being unaware of their personal authority limits or those of others. Therefore, they cannot perform a meaningful check and control the validity of purchases, sales, manual journals, and other relevant transactions.

How Do I Get Started with the Control Framework?

At Loughridge Transformations, we have developed a five-page guide on critical risks and controls, along with the immediate follow-up actions that a CFO or Finance Manager should address in their first days in a new role. Of course, our inventory is not exhaustive; however, it gives a good flavour of what we expect to see in a healthy, well-functioning finance department.

Need More Support?

If you need support, we can provide as much or as little as you need to get started or dig deeper. We can process the findings and improve your processes and controls, including fit-for-purpose design, testing and implementation. So don’t hesitate to get in touch!

Alternatively, take a look at our most popular blog posts:

Or are you looking for something else? Here’s what we have been blogging about recently:

Agile Analytics Associates Automation Behaviours Building Trust Business-Partnering CFO Remit Change Management Coaching Collaboration Continuous Improvement Control Design Control Framework Corporate Governance Data Deployment Digital ERP ESG Finance Function Finance Transformation Implementation Migration Off-Shoring Organisation Organisation Design Process Process Design Process Improvement Process Performance Productivity Project Management Readiness Regulatory Compliance Risk & Controls Skills sponsorship Standard Organisational Model Strategy Systems Systems Design Technology Transformation Virtual Working