The Importance of Internal Controls

SMU Associate Professor Goh Beng Wee investigates the benefits and consequences of internal controls
to corporate organisations.

SMU Office of Research In 2001, a scandal involving former US energy giant Enron Corporation broke
out and shocked the world with sordid tales of how its management had exploited the companys lack of
robust internal controls to conceal staggering amounts of debt. Enrons mismanagement not only led to
its collapse but also that of its auditor Arthur Andersen, which until then had been one of the Big Five
accounting firms.

The saga highlighted the importance of internal controls processes that organisations put in place to
ensure that corporate objectives are met under the conditions of reliable financial reporting and
compliance to laws in companies. According to Associate Professor Goh Beng Wee from the Singapore
Management University (SMU) School of Accountancy, such controls range from segregation of duties,
authorisation of transactions, retention of records to physical safeguards.

In 2002, the Sarbanes-Oxley Act was passed in the US to curb poor internal control systems. However,
the Act was met by fierce resistance from companies that were reluctant to be saddled with additional
processes.

Demonstrating the worth of internal controls

In one of his studies conducted with Professor Dan Li from Tsinghua University, Professor Goh examined
how internal controls correlate with accounting conservatism. The latter was argued to increase the
usefulness of financial statements by imposing stronger verification requirements for economic gains
than for economic losses, thereby reducing the likelihood that firms overstate net income.

According to Professor Goh, firms with a strong internal control environment (e.g., strong tone-at-the-top
and/or good internal control culture) are more likely to understand the role of conservatism in contracting
and in reducing agency conflicts. Conversely, to the extent that firms are committed to produce
conservative reports, strong internal controls can facilitate this process. This is because by emphasising
verifiable outcomes, the financial reporting system supplies a rich set of variables that can be used for
contracting purposes. By reducing unintentional errors in the reporting of book value or accounting
earnings, strong internal controls thus provide more comfort to the board of directors, such that
conservatism has been used effectively for contracting purposes and in monitoring managers.

We found that firms which exhibited internal control weaknesses tend to be less conservative with their
financial reporting. However, when they remediate their internal control weaknesses, accounting
conservatism appeared to have increased, shares Professor Goh who specialises in research on the
value of internal controls to companies, investors and policy makers. Our finding that strong internal
controls incentivise firms to be conservative in their financial reporting, instead of overstating accounting
numbers to look good, should be of high relevance to investors.

In another study, Professor Goh found that internal controls had implications beyond simply improving a
firms financial reporting. Although such controls were expensive to put in place, he found that they
benefitted operational efficiency.

Many critics have questioned whether the perceived benefits commensurate with the high costs of
implementing stringent internal reporting requirements, he notes. Surveys and anecdotal evidence have
indicated that such measures would place heavy burdens on companies, particularly small firms, as they
would struggle to cope with the increased costs of compliance, implementation and auditing.
In consideration of these concerns, Professor Goh, together with fellow colleagues Professor Qiang
Cheng and Professor Jae Bum Kim, use a method known as frontier analysis to investigate the
relationship between internal controls and operational efficiency. Although less commonly applied to
accounting research, this methodology has been used extensively in operational management to
evaluate the organisational efficiency of firms.

We found that effective controls also improved operational efficiency, notes Professor Goh. In fact,
smaller companies and those that have more uncertain and poorer information environments are likely
to benefit more from effective internal controls, at least in terms of improving their operational efficiency.

Internal controls in Singapore

So far, Professor Gohs work on internal controls has focused on firms based in the US. While he is
interested to extend his research focus to Singapore, he is constrained by a lack of data in the local
context because firms here are not required to report on internal controls systems. External auditors are
also not required to audit these mechanisms or provide opinions on them.

Although auditors in Singapore do look at internal controls as part of the regular audit process, the
purpose is to determine how much substantive testing (i.e., procedures used for checking a random
sample of transactions for errors and comparing account balances to find discrepancies) will be needed
in the audit. Any internal control weakness that is detected by the auditors will have to be communicated
in writing to the firms management or the audit committee. However, it is not compulsory for the firm to
report this weakness in its financial reports or to follow up on it, says Professor Goh.

The main reason for the lack of internal controls provisions in Singapore is due to cost issues, he notes.
It is very costly for firms to apply strong internal measures and for time-constrained auditors to conduct
checks.

He thinks that the absence of Enron-like sagas in Singapore indicates the presence of effective self-
regulating mechanisms here. However, there remains a risk that internal controls within firms are not
robust and this may put investors or shareholders at a disadvantage, he cautions.

Creating value with integrated reporting

Even if Singapore does not go the way of regulating internal controls, there is a new area of quality
assurance called integrated reporting, which Professor Goh would like to investigate in the future.

According to the International Integrated Reporting Council (IIRC), an integrated report communicates
how an organisations strategy, governance, performance and prospects create value in the short,
medium and long terms in the context of its external environment.

Integrated reporting is broader than financial reporting and value creation is a key feature. An integrated
report includes aspects such as sustainability; for example, how a company contributes to social
responsibility as well as its workers health and well-being, says Professor Goh.

Given the high cost of producing an integrated report (which in part is due to its broad scope), he thinks
that cost-benefit tradeoffs would be a primary concern to many people. I think local financial regulators
and accounting bodies will be keen to know whether integrated reporting is a worthwhile endeavour for
firms here. This is an area that I would like to conduct research on, he enthuses.
Perceived Adverse Consequences of Quality Threatening Behaviour in
Audit Firms

Research in many countries has consistently shown that audit seniors engage in widespread quality
threatening behaviours (QTB). Regarding the consequences of these behaviours, only audit partners
perceptions of possible consequences have been examined previously. The objective of this study is to
examine audit seniors perceptions of the consequences of QTB for internal and external groups using
semi-structured interviews with 25 audit seniors in Ireland. Findings suggest that detection of the
behaviours is an important factor in determining the consequences for individual auditors, audit firms and
the profession but not for the wider business community. In general, interviewees perceived low risk of
detection and showed little consideration of the ethical implications of their actions. No communication
was perceived to exist between the firms and audit seniors on prohibition of the behaviours or sanctions
against those found guilty of engaging in the behaviours. Although the literature highlights the importance
of personnel controls in complex environments such as audit firms, these findings suggest that the
effectiveness of personnel controls is undermined by a perception that the likelihood of serious
consequences is remote and also by weaknesses in the ethical training of auditors. The use of the term
dysfunctional to describe QTB is open to question given the absence of a perceived link between the
behaviours and consequences for organisational effectiveness found in this study.

Title : Internal auditing practices and internal control system

Author(s): Faudziah Hanim Fadzil (Faculty of Accountancy, Universiti Utara Malaysia, Kedah, Malaysia)
Hasnah Haron (School of Management, Universiti Sains Malaysia, Penang, Malaysia)
Muhamad Jantan (Centre for Policy Research, Universiti Sains Malaysia, Penang, Malaysia)

Abstract:
Purpose
Two main objectives and they are: to determine whether the internal audit department of the companies
listed in the Bursa Malaysia complies with the Standards for the Professional Practice of Internal Auditors
IIA (2000); and, to determine whether compliance to SPPIA will affect the quality of the internal control
system of the company.
Design/methodology/approach
Two sets of questionnaires were used in the study. Internal auditing practices was measured by the
items listed in the SPPIA and the internal control was measured by means of the statement on internal
control: guidance for directors of public listed companies. The population used in this study was all the
companies listed in the Bursa Malaysia in 2001. This study used both descriptive and inferential analyses.
Findings
It was found that management of internal audit department, professional proficiency, objectivity and
review significantly influence the monitoring aspect of the internal control system. Scope of work and
performance of audit work significantly influences the information and communication aspect of the
internal control system while performance of audit work, professional proficiency and objectivity
significantly influence the control environment aspect of the internal control system. The study also shows
that management of internal audit department, performance of audit work, audit program and audit
reporting significantly influences the risk assessment aspect of the internal control system. Lastly,
performance of audit work and audit reporting significantly influences the control activities aspect of the
internal control system.
Research limitations/implications
The research has contributed to the agency theory with respect to the bonding costs that management
has to pay to the internal auditors for the best interest of the principals of the companies. Another
important implication pertains to the extent of the internal auditing practices among internal auditors in
Malaysian public listed companies. Research has also shown that the compliance with internal auditing
practices partially influence certain aspects of the quality of the internal control system.
Originality/value
This is the first empirical study that has linked the compliance of the internal auditing function to the
SPPIA and its effect on the internal control system.

Citation:
Faudziah Hanim Fadzil, Hasnah Haron, Muhamad Jantan, (2005) "Internal auditing practices and internal
control system", Managerial Auditing Journal, Vol. 20 Issue: 8, pp.844-866,
https://doi.org/10.1108/02686900510619683

Title : A Study of the Internal Control Systems Evidence from Offinso

Rural Bank Limited

Author(s):
Richard Nsoh Atuguba Anthony Opoku Nuamah
Cynthia Mac Andoh Esther Owusu Appiah
Anthony Akwasi Boateng

Abstract :
This project work seeks to study the internal control systems of Offinso Rural Bank Limited.
The Offinso Rural Bank limited was incorporated in as a private limited liability company on
4th day of July 2006 under the Companies Code 1963 (Act 179) and commenced Business
on 10th October 2008.
In instances, where companies suddenly collapse, the obvious resounding question is what
went wrong? a breakdown of the internal control systems are usually the causes.
The wide spread global corporate accounting scandals that assumed near epidemic proportion
in recent years and also, taken cognisance of the fact that, the bank is new with a lot financial
constraints has informed this study.
The total population of the employees of the bank comprised of twenty-eight of the three
branches including head office and ten thousand self-employed and salary workers. The
structured interview questionnaires were distributed to twenty staff both at head office and
the branches and one hundred self employed, and two hundred salary workers representing
seventy-one percent (71%) of the total sample size selected from employees and zero point
zero three percent (0.03%) of the total customers population of the bank.
Findings: It was found that procurement committee was in place and all transactions were
duly authorised and approved by the appropriate Officers. The Bank has instituted an
effective mechanism to ensure that, the duties of one person are being checked by another.
However the assets of the bank have not been embossed with its initials and its identification
numbers. The researchers recommended that all the fixed assets must be embossed with
initials of the bank and its identification numbers and also, all fixed assets must be properly
insured against fire, accident, theft, and natural disaster.

Citation :
Richard Nsoh Atuguba, Cynthia Mac Andoh, Anthony Akwasi Boateng, Anthony Opoku Nuamah,
Esther Owusu Appiah, (2012) A Study of the Internal Control Systems Evidence from Offinso Rural
Bank Limited,A Project Work,
http://ir.csuc.edu.gh:8080/xmlui/bitstream/handle/123456789/58/INTERNAL%20CONTROL.pdf?sequen
ce=1
 Title : Research on the Internal Control of Small and Medium
Manufacturing Enterprises under Comprehensive Risk Management

Author(s):
Chen Xiaofang Nie Huili

Abstract :
This paper has combed the research results on internal control of small and medium manufacturing
enterprises of domestic and foreign scholars. Combined with the status analysis of internal control and
risk management of small and medium manufacturing enterprises, this paper built the internal control
framework of small and medium manufacturing enterprises based on comprehensive risk management
in order to improve the system of internal control theory and provide reference to small and medium
manufacturing enterprises in China.

Citation :
Chen Xiaofang, Nie Huili, (n.d.) Research on the Internal Control of Small and Medium Manufacturing
Enterprises under Comprehensive Risk Management, Proceedings of the 8th International Conference
on innovation & Management, pp.680-684,
http://www.pucsp.br/icim/ingles/downloads/papers_2011/part_4/part_4_proc_41.pdf

INTERNAL CONTROL, ENTERPRISE RISK MANAGEMENT, AND

FIRM PERFORMANCE
Chih-Yang Tseng, Ph.D., 2007
Dissertation Directed By: Professor, Lawrence A. Gordon,
Department of Accounting and Information Assurance
Robert H. Smith School of Business
This dissertation investigates two research questions arising from the regulation of internal controls
required by Sarbanes-Oxley Act of 2002 (SOX). The first research question asks whether better internal
controls can enhance firm performance. To address this question, the relation between market-value and
internal control is estimated by a residual income model. Firms with weak internal controls are identified
as those that disclose material weaknesses in internal controls in periodic filings from August 2002 to
March 2006, as required by SOX. The empirical results, based on a sample of 708 firm-years with the
disclosures of material weaknesses, show that firms with weak internal controls have lower market-value.
Building on the efforts for SOX to improve internal controls, more and more firms are starting to adopt
Enterprise Risk Management (ERM), because sound internal control system rests on adequate and
comprehensive analysis of enterprise-wide risks. In light of this trend triggered by SOX, the second
research question in this dissertation asks whether implementation of ERM has an impact on firm
performance. The basic approach to answer this question uses a contingency perspective, since all risks
arise from the firms internal and external environment. More specifically, the basic argument states that
the relation between ERM and firm performance is contingent on the proper match between ERM and
five key contingency variables: environment uncertainty, industry competition, firm size, firm complexity,
and monitoring by the firms board of directors. A sample of 114 firms disclosing the implementation of
ERM in their 2005 10Ks and 10Qs are identified by keyword search in EDGAR database. In developing
the proper match, high performing firms are defined as those with greater than 2% one-year excess return
to develop the proposed proper match. An ERM index (ERMI) is constructed based on the Committee of
Sponsoring Organizations (COSO) ERMs (2004) definition of four objectives: strategy, operation,
reporting, and compliance. The contingency view is supported by the empirical evidence, since the
deviation from the proposed proper match is found negatively related to firm performance.
Literature on Deficiencies in Internal Controls
Research on internal controls is a relatively new but a rapidly growing area in the accounting literature.
The majority of the studies involving internal controls are focused on investigating the characteristics of
firms that disclose material weaknesses in internal control. For example, Ge and McVay (2005) found
that companies with material weaknesses are more complex, smaller, and less profitable than firms that
do not disclose material weaknesses. Doyle et al. (2007b) confirmed Ge and McVays results and also
show that firms disclosing material weaknesses are younger, growing rapidly, or undergoing
restructuring. Similarly, Ashbaugh et al. (2006) document that firms reporting internal control weaknesses
have more complex operations, have experienced recent changes in organizational structure, are at
increased exposure to accounting risks, and have fewer resources to invest in internal control.
Furthermore, Doyle et al. (2005) indicated that firms with material weaknesses have a lower earnings
quality than those that do not report material weaknesses.
Additionally, Hammersley et al. (2007) showed a negative market reaction to firms that had reported
material weaknesses in internal control per the requirement of SOX Section 302. Using a sample of 102
firms that had reported internal control weaknesses without other material news spanning the event
window, De Franco et al. (2005) investigated whether the market reaction to the internal control
weaknesses varied by investor size. Their findings revealed a negative market reaction during the three-
day window relative to the disclosure of material weaknesses. Beneish et al. (2006) investigated whether
the effect of material weaknesses on the cost of capital and on stock prices is associated with audit
quality. They found a negative return during a three-day window during which material weaknesses were
disclosed and also discovered that, when audit quality was lower, the cost of capital and returns were
more negative for firms with 14 material weaknesses. However, Ashbough-Skaife et al. (2006) and Bryan
and Lilien (2005) did not find a negative market reaction to the disclosures of material weaknesses.
Instead of focusing on the market response as in the literature, this study investigates whether market-
value is negatively associated with the disclosures of material weaknesses in internal control
weaknesses. In other words, instead of using the marginal information content approach as adopted in
the current literature related to the value relevance of control deficiencies, this study chooses
incremental association approach. The key distinction between using market-value and market
response in value-relevance studies is that the studies using market-value mainly concern about what is
reflected in firm value, while studies using market response try to capture what is reflected in the changes
in value over a specific period. Past studies on the value relevance of controls deficiencies use market
response to emphasize the timing of the announced control-deficiency information reaching to the market
(Beneish et al, 2006; De Franco et al, 2005; and Hammersley et al, 2007). In contrast to the existing
literature, this research uses market-value because the focus of this study lies on how the disclosures of
weak internal controls are reflected in the firm value, instead of the timing of information being impounded
by the market.

EFFECTIVENESS OF INTERNAL CONTROLS: A PERCEPTION OR

REALITY? THE EVIDENCE OF GHANA POST COMPANY LIMITED
IN ASHANTI REGION

By William Ofori (B.Ed Education)

June, 2011

ABSTRACT
Current business trends have made it imperative for almost all large organizations to maintain effective
internal control systems. Internal control has attracted intense debate and scholarly attention across
industries in accountancy and auditing literature over the past decades. The regulatory and institutional
framework has improved significantly over the years yet still the Ghana Postal Company LIMITED
(GPCC). in particular is faced with lots of challenges including extensive corruption and malpractices. It
is against this background that this study was conducted into the effectiveness of the internal controls of
GPCL. The main objective of the study is to appraise the internal control systems of GPCL. The specific
objectives included; to review the control environment of the company; to examine the effectiveness of
the risk assessment procedure; to assess the adequacy of the established control activities; to review
the information and communication system etc.
Related literature was reviewed. The study adopted the explanatory research design since the study was
a case study type. The study population was staff of Ghana Postal Company Ltd. A sample size of fifty
respondents was used for the study. The purposive sampling technique was adopted. Data was collected
through interview and questionnaire. The data collected were analyzed using tables and graphs and
some finds were made as a result of that. Some of the findings made included: It was revealed from the
study that, the control environment at Ghana Postal service in Ashanti Region is very effective as majority
of the respondents agree to that assertion with a few not being sure of the effectiveness of Control
environment.
In reviewing the risk assessment component of the internal control system at Ghana Post, the study
found that, the risk assessment is also effective. Again the empirical evidence from the study indicated
that, majority of the respondents agree to the assertion that there is an effective control activity functioning
at Ghana Post. With regard to assessing the information and communication system of internal control,
there was evident from the studies that, about many of the respondents are satisfied with that construct
and therefore perceive it to be effective.
The last element of internal control considered by the study was monitoring and this happened to be the
most effective in the company with nearly all respondents showing that, they perceive monitoring to be
effective.
CONTROL ACTIVITIES

Policies and Procedures exist to ensure critical decisions are made with appropriate approval.
Processes exist for independent verification of transactions.
Independent reconciliation of assets and liabilities balances go on.
Processes are in place to ensure that policy overrides are minimal and exceptions are reported
to management.
People in the company have the knowledge, skill and tools to support them in their duties in
order to effectively manage risks and achieve the commissions objectives.
The commission has employed security guards.
The commission uses Close Circuit Television (CCTV) systems to protect physical assets.

INFORMATION AND COMMUNICATION

There are effective reporting procedures in communication a balanced and understandable

account of the commissions position and procedures.
There are established channels of communication for individuals to report suspected violations
of laws, rules or regulations.
All staff understand their role in the control system.
All staff understand how their activities relate to others.
All staff understand that they are accountable for activities they conduct.
Management receives timely, relevant and reliable reports for decision making.

MONITORING

There are ongoing processes within the commissions overall operations and these are
addressed by senior management to monitor effective application of the policies, processes and
activities related to internal control and risk management
There are processes to monitor the commissions ability to re-evaluate risks and adjust controls
in response to changes in its objectives and external environment.
There are effective follow-up procedures to ensure that appropriate change or action occurs in
response to changes in risks and control assessments.
Reports on significant failings or weaknesses are reported to management on a timely basis.
There is an appropriate communication to the management on the effectiveness of the on-going
monitoring processes on risks and control matters.
Management approves the overall scope of review activities.
Management approves personnel reviews results of audit.
Periodically, management reviews audit or internal control systems.

An Auditing Perspective of the Historical Development of Internal Control

It is conceivable that internal control preceded auditing and other elements of the accounting
profession. Internal Control emerged as a common-sense, natural product of the profit motive. As soon
as the first entrepreneurs contrived a method for making a profit, they contrived ways of controlling and
protecting that profit. As soon as it was determined that profits could be expanded by the employment of
others, it was recognized that complete trust was not the most profitable policy and that some form of
control should be established.
 This paper recapitulates the findings of accounting historians who have studied the historical
development of internal control; however, it should be recognized that the history of internal control is still
being researched and documented.
Early Beginnings
Kenneth Most has stated that there is concrete evidence that internal control existed in the
Mesopotamian civilization as early as 3600 B.C. Most points out that the Sumerians recorded commercial
transactions on stone dating back to 3600 B.C. and 400 years later on clay. It was customary for
summaries to be prepared by scribes other than those who had provided the original lists of payments.
Further, the documents of the period reveal tiny marks, dots, ticks, and circles at the side of the figures,
indicating that checking had been performed. Williard Stone noted that in ancient Egypt, in the Pharaoh's
central finance department, the "house of silver of the treasury" internal control and auditing were in use.
Scribes prepared records of receipts and disbursements of silver, corn and other commodities. One
recorded on papyrus the amount brought to the warehouse and another checked the emptying of the
containers on the roof as it was poured into the storage building. An audit was performed by a third scribe
who compared these two records. An official order was required for withdrawals and the scribe in charge
of the storehouse recorded the disbursements and retained the order. His records of receipts,
disbursements and inventory balances were periodically audited by another scribe or his superior. Stone
gives an account of internal control in the Persian civilization of 549 to 330 B.C. He reports that Darius
(521-486 B.C.) used government scribes, called the "King's eyes and ears" to perform an important
function in the control of his extensive empire. For convenience of administration the empire was
sectioned into satrapies each with a "satrap" as the civil administrator and tax collector.
Government of these provincial units was divided; the troops were under a general, and a royal
secretary performed the duties of an internal auditor, reporting to the King's minister on the activities of
the satrap and the general. The royal secretary accounted for taxes collected and remitted to the King.
The "King's eyes and ears" accompanied by a military escort, made surprise audits of the affairs
of the provinces. These traveling government auditors were empowered to examine all records, question
the satrap, the royal secretary, or any other officials and to take immediate corrective action if it was
believed to be necessary.
Extending his historical account, Stone points out that like the Persian Empire before it, the
Roman Empire made effective use of accounting and auditing to control the generals of conquered
territories. The counterpart of the "King's eyes and ears" were the "quaestors" who came into being about
200 B.C. They were financial officers responsible to Rome, who had custody of the treasury, supervised
the scribes in their duties of recording treasury receipts and disbursements, and examined the accounts
of the governors of subjugated countries. The quaestors were required to report periodically to Rome and
to have their records heard by an examiner. The word "auditor" came into use through this practice.
The Roman Empire made use of a complete system of checks and counterchecks. They
separated the duties of collecting revenue, authorizing expenditures, maintaining custody of cash, and
recording financial transactions. Expenditures were required to be supported by documents disclosing
the identity and title of the creditor and attesting the completion of the work or receipt of the goods called
for by the order. Magistrates authorized payment on the basis of these documents and after
disbursement, treasury scribes recorded all transactions. Quaestors supervised and audited all
government financial transactions. Tax examiners also were used in Rome and played a prominent role
in the collection of government revenues.
The Holy Roman Empire under the leadership of Charlemagne followed the example of the
Persian and Roman Empires in using government auditors to control the affairs of state. Missi dominici,
"emissaries of the master" were sent to review the affairs of the various administrators. The emissaries
carried instructions from Charlemagne to local officials, made audits of their records, reviewed their
actions, and reported the results to the King. Unfortunately for the Empire, after the death of Charlemagne
(825 A.D.) no strong organizer appeared to take his place and within one generation the missi dominici
were disbanded, control of the local rulers was lost, and the Empire disintegrated.
In the middle ages, accounting, along with the other arts, suffered a decline because of the
general disorganized condition of government and the economy throughout Europe. Gradually, however,
accounting was reestablished.
R. Gene Brown has pointed out that prior to 1500, accounting was concerned primarily with
governmental and family units. The practice of internal control was evidenced by the use of two scribes
who kept independent records of the same transactions designed to prevent defalcations within the
treasuries of the ancient rulers. A secondary objective was assurance of accuracy in reporting.
Inventories were periodically taken to prove accountability and to establish the accuracy of the accounting
records. During the period 1500-1850, which L. Fitzpatrick, B. F. Foster and William.
Jackson have identified as the period in which a standardized system of double-entry accounting
became regarded as necessary, the recognition of the importance of internal control also gained
acceptance.
1850 to 1940
From 1850 to 1905, the rise of the large corporation to permit exploitation of the technology
produced by the Industrial Revolution was seen. The operation of the principal enterprises passed from
the hands of the owners to those of the managers. To protect the interest of the absentee owners a new
professional class of auditors emerged, the independent auditors.
R. Gene Brown points out that although internal control was recognized as existing in
standardized systems of accounting, little interest was shown in any systems of controls for assets other
than that for cash, and not much attention was paid to internal control by the independent auditors. The
built-in control inherent in double entry accounting was often the only cross-check recognized as
significant for all acounts. Because of this, the audits during the period 1850 to 1905 usually involved
rather complete reviews of transactions and the preparation of corrected accounts and financial
statements. This was inefficient, expensive, and did not satisfactorily provide for strengthening of weak
areas in subsequent periods. The need for changes in the accounting system to improve the accuracy of
reported amounts and reduce the possibilities for fraudulent acts was obvious. As the accounting system
and the organizational structure were strengthened, and as the volume of transactions continued to grow,
the technique of sampling became accepted practice for auditors.
Brown points out that prior to 1905, a natural basis for limiting the amount of testing to be done in
auditing would have been the improvements in accounting systems, and consequently in internal
controls, which existed in the larger corporations. However, it was not until the period 1905 to 1933 that
auditors fully realized the importance of internal controls and the relation of strengths and weaknesses
therein to their testing programs.
During this period the literature began to reflect more fully the importance of internal control and
its relation to the extent of audit testing to be done. Montgomery and other authors including E. V. Spicer,
E. C. Pegler, F. R. Carnegie Steele and De Witt Carl Eggleston referred to the system of internal control
as of primary concern to the independent auditor in accepting the accounting data as being reliable,
subject to the testing process. Brown notes that the literature was far ahead of actual practice.
Practitioners continued to expand use of the technique of testing, but the decision as to the extent of
testing was seldom directly tied to an appraisal of internal controls.
 In 1926, the New York Stock Exchange's special Committee on Stock List campaigned for
improvements in auditing. In 1929, the then American Institute of Accountants (now AICPA) undertook
to revise the 1917 Federal Reserve Bulletin, "Approved Methods for the Preparation of Balance Sheet
Statements." Of special significance in this revision, which was titled Verification of Financial Statements,
was the requirement that the extent of testing used in an audit be based on an evaluation of the
effectiveness of the system of internal control. In 1930, the Institute established a Committee on
Cooperation with Stock Exchanges to formulate methods that would avoid a future repetition of the
misleading financial reporting practices and poor quality of auditing that were a factor in the 1929 stock
market crash.
A subsequent revision of the 1929 AICPA pamphlet by a special Institute Committee, was issued
under the title, Examination of Financial Statements by Independent Public Accountants, in 1936. It
included important sections on the philosophy of financial statements, their significance and limitations,
and broad responsibilities of the auditor and the propriety of reliance on effective systems of internal
control.
However, the great impetus for the development and elaboration of the system of internal control
came from those practicing as independent auditors, spurred by the fear of legal liability. Unlike the
jurisdictions under the British Legal System, the cases decided in the United States held that although
management has primary responsibility for the system of internal control, the auditor has a duty to review
the client's system. This duty was firmly established in the investigation of the Mc Kesson and Robbins
case by the SEC. The Summary of Findings and Conclusions (Accounting Series Release No. 19) stated
in part:
We are convinced by the record that the review of the system of internal checks and controls at
the Bridgeport offices of Mc Kesson and Robbins was carried out in an unsatisfactory manner. The
testimony of the experts leads us to the further conclusion that this vital and basic problem of all audits
for the purpose of certificating financial statements has been treated in entirely too casual a manner by
many accountants. Since in examination of financial statements of corporations whose securities are
publicly owned, the procedures of testing and sampling are employed in most cases, it appears to us that
the necessity for a comprehensive knowledge of the client's system of internal check and control cannot
be overemphasized. The Mc Kesson and Robbins case prompted great disagreement as to the auditor's
responsibility for the detection of fraud and the significance of fraud detection as an audit objective. During
this period of disagreement, the use of testing as an audit procedure became generally universal and
internal control gained wide acceptance as a basis for determining the extent of examination required.
1940 to the Present
The importance of internal control has continued to grow. Some of the contributing factors have
been:
1. The increasing impossibility of a detail audit due to the high volume of transactions
2. The need to reduce the cost of the external audit
3. The increasing complexity and size of business required more sophisticated control
techniques to
a. provide timely feedback on errors and fraud
b. provide special analyses
c. insure internal administrative controls
4. The needs imposed by the multi-plant and branch nature of operations to
a. insure uniformity of accounting procedures and consistency of applications
b. verify interplant transactions and profit center reports
 5. The external audit procedure has shifted from a review of past operations to a review of the
system of internal control. As a result, the reliance on the system of internal control continues
to increase.

Source:
Hackett, Willie (1976). Auditing perspective of the historical development of internal control, Auditing
Symposium III: Proceedings of the 1976 Touche Ross/University of Kansas Symposium on Auditing
Problems (pp. 003-005). University of Kansas, School of Business.

INTERNAL CONTROLS IN ENSURING GOOD CORPORATE

GOVERNANCE IN FINANCIAL INSTITUTIONS

KOSMAS NJANIKE, MARGARET MUTENGEZANWA, FUNGAI B. GOMBARUME *

ABSTRACT:
This paper assessed factors that influence the internal controls in ensuring good corporate
governance in financial institutions in developing economies with special reference to Zimbabwe. The
research paper assessed how lack of internal controls affected good corporate governance and aimed
to bring out elements of good corporate governance. It emerged that failure to effectively implement
internal controls contributed significantly to poor corporate governance. The study discovered that
internal control system overrides and the issue of fact cat directors also contributed to poor corporate
governance. The study recommended that there is need for the board of directors to guarantee an
organizational structure that clearly defines management responsibilities, authority and reporting
relationships. There is also need to ensure that delegated responsibilities are effectively carried out to
ensure compliance with internal controls of the financial institution concerned.
KEY WORDS: internal controls; corporate governance; ethical behaviour.
JEL CLASSIFICATION: G21, G28; G30; G38

LITERATURE REVIEW
According to Harvey and Brown (1998), the major components of internal controls are control
environment, accounting system and control procedures. Smircich (1983) subscribes to the same
sentiments by highlighting that the tone at the tog has implications on the direction taken by employees.
Furthermore, Jansen (1998) pointed out that historically internal controls, has focused conforming
employees actions to the desires of management. An internal control system available to a firm
according to Grieves (1998) consists of: management oversight and the control culture; risk recognition
and assessment; control of activities and segregation of duties; information and communication and
monitoring activities and correcting deficiencies. Control environment reflects the overall attitude,
awareness and actions of the board of directors, management and stockholders. The accounting system
consists of the methods, records and report on entitys transactions to provide complete, accurate and
timely financial information. Finally the control procedures are essentially specific procedures put in place
by management to provide assurance that the companys objectives will be met. They usually come in
the form of authorizations, segregation of duties, design and use of adequate documentation and records,
adequate safeguards or access to assets and independent checks on performance. The control
environment reflects the overall attitude, awareness and actions of the BOD, management and
stockholders. Borerwe (2004) consented to Deal and Kennedy (1982)s views and defined corporate
governance from the banking industry as a manner in which boards of directors govern the business
affairs of individual institutions and senior management, affecting how the banks:
- run the day to day operations of the business;
- align corporate activities and behaviours with the expectation that banks will operate in safe and sound
manner, compliance with laws and regulations; and
- set corporate objectives (including generating economic returns to shareholders and protect the
depositors interests.
Robbins (1992) defines internal control systems as the whole system of controls, financial and otherwise,
established by management in order to carry out the business of the enterprise in an orderly and efficient
manner, ensure adherence to management, safeguard the assets and secure as far as possible the
completeness and accuracy of the records. According to Khan (1994), internal controls are designed to
protect an institution from loss or misuse of its assets. They also ensure that all transactions are properly
authorized and thus guarantee or foster good corporate governance. Corporate governance has been
defined as a manner in which the business of an enterprise is directed and controlled, how the corporate
objectives are set and how corporate activities and expectations of the stakeholders are aligned (Coyle,
2003). Corporate governance involves the combination of the body of directors, management and
controls that guide the firm. Borerwe (2004) reiterated that corporate governance is concerned with
holding goals. The aim is to align as near as possible the interest of individuals, corporate and society
this can be ensured by having effective internal control system. Magaisa (2004) supported this view when
he says that effective internal control is an attempt to encourage employees, managers, board members
to think about and make decisions through the doctrine of shared values.
According to the King Report (2002) the corporate discipline, transparency, independency of board
members and committees, fairness, accountability and social responsibility are the essential pillars of
good corporate governance. For a corporate to achieve good corporate governance it must adopt a clear
stance on the following: Strategy, Stewardship, Corporate culture, Corporate reporting, IT systems and
Board operations. Pheysey (1993) added another dimension to the above definition by defining corporate
governance as the way business is conducted in accordance with the shareholders desire which
generally is to make as much money as possible.
According to the Reserve Bank of Zimbabwe (RBZ) a corporate governance guideline protect the integrity
of the sector and cultivates confidence within investors and deposited, conditions that result in free
circulation of funds thus making it easy for banks to undertake their day to day operations without
difficulties. This entails economic development as a result of free circulation of money within the economy.
Magaisa (2004) substantiated the RBZ governors statement by indicating that poorly governed financial
institutions are a liability to the economy and are a functional equivalent of circulatory problem in human
beings. Harvey and Brown (1998) are of the view that the exclusive focus of corporate governance
should maximize shareholder wealth to the extent that wealth maximization conflicts with the interests of
other stake holders interests. Those interests should be ignored unless management is legally required
to take interests into account. Coyle (2003) added that the main corporate governance problem is rooted
in the Blake and Mouton (1985) paradigm of separation of shareholders ownership and managements
control in institutions. This resulted in the emergence of the agency problem, which is the need of
ensuring that management is always acting in the best interest of the shareholders rather than theirs
(Davis and Militelo, 1994). Buchanan (1975) views the firm as a system of stakeholders operating within
a larger system of a host of society that provide necessary legal and market infrastructure for the firms
activities. Khan (1994) supported this view by stating that the goal of directors and management should
be maximizing total wealth creation by the firm. RBZ (2004) recommended that boards of commercial
banks and building societies must have at least five directors. The major reason for this recommendation
was that large boards are for corporate performance because they have a range of expertise to help
make quality decisions and makes it difficult for powerful CEOs to dominate. Blake and Mouton (1985)
indicated that monitoring by boards could deal with at least some problems of corporate governance.
Johnson (1992) proposed that board of directors could solve agency problems if the company under
performs in a health industry because under this situation boards would find it easier to evaluate
performance of the management. Weibach (1998) tested hypothesis advanced by Fama (1980) and
discovered that outside directors behave differently from inside directors and behave differently from
inside directors and boards dominated by outside directors performed better that firms with boards
dominated by insider directors to remove the chief executive officer. RBZ (2004) critique the concept of
multiple appointments, the reason being directors who hold such appointments are ineffective in
discharging their function to monitor managers. Magaisa (2004) concurred with this view and highlighted
that members who sit on multiple boards do not have enough time to think of ways of improving the
institutions in which they lead and it is very difficult for one to have the level of commitment that is
necessary for effective governance to all companies it on board. King Report (2002) recommended high
frequency of board meetings per annum. This suggests that meeting frequency is critical dimension of
an effective board. French and Bell (1999) found that board meeting time is an important resource in
improving the effectiveness of the board and most widely shared problem directors face is lack of time to
carry out their duties. Green (1997) suggested that the board and senior management of financial
institutions are responsible of financial institutions are responsible for promoting high ethical and integrity
standards and for establishing a culture within the organization that emphasis and demonstrated to all
levels of personnel the importance of internal controls. Khan (1994) suggests that an effective internal
control system requires that there are reliable information systems in place that cover all significant
activities of that bank. The systems must be secured, monitored independently and support adequate
contingency arrangements Deal and Kennedy (1982) argued that effective internal control systems
requires effective communication.

INTERNAL CONTROLS AND OPERATING PERFORMANCE OF

SMALL BUSINESSES IN LAGOS METROPOLIS

James U. Monday*, Godwin E. Inneh, Victoria O. Ojo

Department of Management & Accounting,
Obafemi Awolowo University, Ile-Ife, Nigeria
*Corresponding Author: jumonday@oauife.edu.ng

Abstract
This study investigated the effect of internal controls on the operating performance of small businesses
in Lagos Metropolis. Primary data were employed through structured questionnaire administered to 200
small businesses selected using convenience sampling. Based on Committee of Sponsoring
Organization Treadway Commission (COSO) updated framework, six determinants of internal control
that include control environment, risk assessment, control activities, information and communication,
monitoring, and information technology were examined to determine their influence on the financial and
operational performance of small businesses. Frequency counts, percentage, and multiple regression
were used to analyse the data obtained. The results showed that these determinants have significant
effect on the efficiency of operations of the selected small businesses, which consequently enhanced
their profitability. The study concluded that internal controls, grounded in the COSO Model, have
significantly positive effects on small business profitability and survivability. Thus, this study
recommended that managers/owners of small businesses should be attentive to the issues of internal
control in order to maximise the business potential and minimise the risk of fraud, error and loss.

Source:
https://www.researchgate.net/publication/287331189_INTERNAL_CONTROLS_AND_OPERATING_P
ERFORMANCE_OF_SMALL_BUSINESSES_IN_LAGOS_METROPOLIS [accessed Jul 11, 2017].

The Impact of Internal Control on the Performance of Small and

Medium Enterprise: Malaysian Evidence

Jaya Kumar Shanmugam*, Mohd Hassan Che Haat, Azwadi Ali

Universiti Malaysia Terengganu

Abstract
Small business and entrepreneurship has emerged as an important area of research over the past 40
years. This paper revolves around the impact of internal control implementation on SMEs. Yet to date,
there have been limited studies on internal control explicitly attempting to link with SMEs performance on
Malaysian environment. The level of business failure due to lack on internal control incidence as reported
by owners is still at a very low level and the overall cost incurred is still within expectation. However, there
is a question whether the low reported rate of business failure is due to adequate preventive actions
currently employed by owners, or whether the owners are reluctant to reveal the truth in order to portray
their efficiency and effectiveness in running their businesses. The objective of this paper is to examine
the relationship between internal control on SME performance. For the sampling purpose, a set of
questionnaires is distributed to the owners' of SME and statistical tools will be used to analyze them. The
results of the study indicate that there is an significant relationship between the implementation of internal
control and performance of SMEs. Most of the SMEs in Malaysia are ready to implement internal control
but it is still in primitive stage and they may have lack of awareness on the advantages of internal control
to their businesses.

Source:
https://www.researchgate.net/publication/281478933_The_Impact_of_Internal_Control_on_the_Perfor
mance_of_Small_and_Medium_Enterprise_Malaysian_Evidence [accessed Jul 11, 2017].