Modern Economy, 2014, 5, 785-790
Published Online June 2014 in SciRes. Research and Discussing on Internal
Control Auditing
Jianfei Leng, Lingfen Zhang
School of Business, Hohai University, Nanjing, China
Email: , Received 1 May 2014; revised 1 June 2014; accepted 13 June 2014
Copyright 2014 by authors and Scientific Research Publishing Inc.
This work is licensed under the Creative Commons Attribution International License (CC BY). Abstract
In modern China, the development of the economy is rapid; it mainly includes the creation of many companies. However, it is a double edged sword which may lead to economic development, but it also has a lot of problems. This paper mainly regards the corporate internal control system as the research object. Through the Zhong Xin Fu Tai cases, it found problems from specific aspects and the overall level of internal control audit, and identified the problems and then proposed appro- priate recommendations for improvement.
Keywords
Internal Control, Financial Statements, Auditing
1. Introduction
The internal control system is an important activity of enterprises operating smoothly, which is the important measure to achieve the long-term strategic development of the enterprise and which aims to improve the operat- ing efficiency of the effect. The external audit of Internal Control over Financial Reporting (ICFR) is a very ex- pensive and contentious aspect of the Sarbanes-Oxley Act (SOX). Wang Qin, Huang Dan, Ellen Young found that the disclosure of internal control self-assessment report is better; internal control audit report issued by the njmbers is increasing year by yearh bjt the accojnting firm’s internal control ajdit report’s credibility has yet to be verified [1]. The current enterprise faces the problems which come from the aspects such as society, economy, law, foreign culture changes in the environment, which has prompted the development of internal control theory; furthermore, the internal control system mainly experiences five development stages. They include the internal check, internal control, internal control structure, internal control-integrated framework, enterprise risk man- agement-integrated framework. Firms are more likely to be identified with an internal control weakness, if their audit committees have less financial expertise or, more specifically, have less accounting financial expertise and How to cite this paper: Leng, J.F. and Zhang, L.F. (2014) Research and Discussing on Internal Control Auditing. Modern
J. F. Leng, L. F. Zhang
non-accounting financial expertise [2]. The first line of the enterprise internal control defense is to prevent fi- nancial reporting errors and frauds, which make sure that the internal mechanism of enterprises is a complete fi- nancial report. The second line of defense is against the enterprise financial report errors and frauds. The certi- fied public accountants namely put forward the financial statements and express the opinion of the enterprise accounting information quality.
Firms are more likely to be identified with an internal control weakness, if their audit committees have less financial expertise or, more specifically, have less accounting financial expertise and non-accounting financial expertise [3]. In recent years, auditing in China has made remarkable development; in June 2008 and April 2010, the ministry of finance, securities and futures commission, the national audit office, the China banking regulato- ry commission, insurance regulatory commission has jointly issued the enterprise internal control basic norms and three facilities, such as enterprise internal control audit guidelines, which are mainly aiming at the existing problem of Chinese enterprises and establishing internal control system, and for Chinese companies, a sound system of internal control is established ihich provides the basic frameiorkh namely “to establish internal con- trol system is the Chinese enterprises to participate in international competition, gradually accepted and con- scientiously abided by rules of the market economy, perfecting enterprise system and the inherent requirement of fine management”. Based on resojrce dependency theory that stresses entity’s economic needs for internal control over administering federal funding, they select a sample of nonprofit hospitals subject to the Single Au- dit Act in the United States, from 2001 to 2008. Their results show that hospitals that had audit committees and also employed Big 4 auditors were associated with better internal control quality [4].
The internal control goal guarantees enterprise operation and management in accordance with the provisions of the laws and regulations, the safety of the assets, and financial reports and related information and true, and improves the management efficiency and effectiveness, promotes enterprise development strategy—“internal control audit is a control behavior which can understand internal control whether the establishment is effective, can prevent the frajdh at last to provide reasonable assjrance for the realization of the internal control goals” [5]. In Chinese state-owned enterprises occupying the dominant position in the national economy, the number is larger, and the relationship in the state-owned enterprise internal control audit has very important practical signi- ficance. It is beneficial to the state-owned enterprises to speed up the perfect internal control system, which is more advantageous to enhance the enterprise competition. The remaining part is organized as follows:
The second part mainly analyses the internal audit and explains its relationship with the audit of financial statements from the company’s management aspect; the third part describes the main elements of the internal control; the fourth part is about the case description and analysis; the fifth part is the conclusions and recom- mendations.
2. From the Company’s Management Aspect, It Mainly Analyses the Internal Audit and Explains Its Relationship with the Audit of Financial Statements
In the past, people used to focus on whether the management has the behavior beyond the control. Though we can’t deny that this is still a part of the modern internal control auditing important content, under modern corpo- rate environment, for the audit, the process of management aims to achieve effective utilization of resources. “On the one handh the management is the vital position in the control environment.”
As an example, Shanghai Stock Exchange main board listed companies to disclose Internal 2012 control self- assessment report and the audit report as a sample, follow the COSO internal control report, the five elements of internal control of 650 Shanghai-listed companies drawn from the analysis of defect types: Shanghai-listed companies to disclose Internal control deficiencies small percentage of the company; [6] management ideology, directly affect the whole process of, only we fully understand the intention of the authorities, we can do better to improve the internal control by the ajdit companyh and perfect the processh so as to improve the company’s op- erating purposes. This article combines internal control and information technology, suggesting how internal control plays a positive role in achieving company’s goal and improving enterprise valje [7].
The process ajdit is a kind of more operational ajdit. “In Wang Haibin’s paperh internal control self-assess- ment report is not only a reflection of the effectiveness of corporate financial reporting, it is the business of the whole process of implementation of internal control evaluation, development and implementation of the internal control system has a decisive role [8].” The concept itself also has to ensure the efficiency of the internal control process and to determine the reasonable goal, evaluation of project risk, implementation of control behavior,
J. F. Leng, L. F. Zhang
guarantee the realization of the goal, and then make sure the new goal to adapt to the development of enterprise. “Internal control is a continjojs cycle repeat stepsh so for the evaljation of internal control and ajdith it also should be to this process audit. So the audit of internal control should be a circulation of the audit process [8].” Enterprise internal control operates smoothly and that has important influence on enterprises to prepare finan- cial statements. The following briefly introduces the relation and the distinction between the financial statements and the internal control.
The relationship betieen the internal control and the company’s financial statements:
1) The audit in the same way.
Both took risk oriented audit mode. Audit procedures are same. Financial statements audit must understand the internal control environment of the enterprises, and even take control of the test; the internal control auditing must understand and test the internal control; at the same time the definition of the effectiveness of the internal control and evaluation method, they can be used to ask, examination, observation, through the test, to implement methods and procedures.
2) Focus on the same object.
Both of them need to identify key account, important deal category and so on. In the financial statements au- dit certified public accountant needs to evaluate these key accounts and key to make sure that whether they are the material misstatement category; in the internal control audit, they need to evaluate whether these accounts and transaction are covered by the internal control.
3) Determine the importance of the same level.
They need to check whether there is a material misstatement in the financial report; to determine the level of importance in the internal control audit, they also need to check whether there is a significant internal control defects.
Therefore, only internal control get to formulate and effective implementation, can they guarantee the audit report is issued by officially. But the specific part of the internal control and those content will be namely intro- duced in the next section.
3. Main Components of the Internal Control
First of all, the control environment is the first part of the internal control framework. It sets the tone for the company as a whole and it also affects the execution of its staff awareness. This is an integral part of the internal control components and the basis of internal control procedures provides the tone and organizational structure. In this phase, the company determines the business goals and the overall business philosophy. It is used to iden- tify and analyze and realize the risks associated iith the company’s objectives. Every company is faced iith various risks from internal and external, therefore, to maintain the continuing operations of the enterprise, they must assess the risk. At this stage, the company should find out all kinds of risks and determine the basic meas- ures of risk management; control activities is the third part of the internal control framework, it helps to reduce the risk of company objectives, control activities including account reconciliation, separation of duties, decen- tralization, and uses the serial number of the documents in advance to aim to overcome these activities, such as the company may face the potential risks, and help the company achieve its business goals [10]. So the company must be in the form of appropriate and at the appropriate time determine and communicate relevant information about the internal control so that in the fourth part of the internal control people can perform their duties of communication and information.
It mjst be commjnicated iith the company’s bjsiness objectives, and control activities should control activi- ties so that the staff can find the management information and also need to monitor by monitoring, and control activities over a period of time can be evaluated, as well as the whole internal control, you can determine the ef- fectiveness of the control activities to make sure whether the control activities need to be scaled, or whether it is no longer needed to perform. They also shojld be evaljated at this stage of the company’s bjsiness objectives. The above five aspects is necessary for the enterprise to develop sustainable and healthy which include the control environment, risk assessment and supervision process, and the business process level control include the control activities, further, only iill do the bjsiness floih daily life and from the overall levelh enterprise’s control can continue to operate normally [11]. Today’s enterprise internal control ajdits are almost large enterprise in- ternal. And big enterprise is mainly state-owned enterprises. They can be stated through the specific case below.
J. F. Leng, L. F. Zhang
4. Case Is Introduced and Analyzed
The company is listed in 1886. In the same yearh in Febrjary’s it issjes 270 million nei shares to the China in- ternational trust and investment group (Hong Kong) co. LTD. This make the CITIC group (Hong Kong) hold company’s 64.7% [12] stake. Since then, it had become a subsidiary of CITIC. In Western Australia CITIC Pa- cific’s operated iron oreh in order to reduce the currency risk of the company, since 2007, CITIC Pacific began to bjy foreign cjrrency options contracts to hedge. On December 5h 2008h CITIC Pacific’s shares closed at 5.80 Hong Kong dollars and declined more than HK $21 billion in more than a month’s. On November 12h 2008h CITIC Pacific’s made an annojncement againh iith the parent company of CITIC grojp restrjctjring reaching a preliminary agreement, one of them was to convert the bond manner and to CITIC capital injection of $1.5 bil- lion. At the general meeting, according to leaked CITIC Pacific on December 19, shareholders got 99.94% of the vote. Second is the “sjrgical” iay of the partial derivatives contracts from the listed companyh CITIC grojp iill assist in CITIC Pacific two-step restructuring the existing a $8.7 billion contract. According to the announce- ment, CITIC group hopes to complete restructuring in December 30. The derivatives losses are over periodically. In the second part we introduced the five elements of internal control, now we will explain the cause of the problem from the aspect of the business flow and the overall level in this paper.
4.1. The Business Flow
It mainly includes two parts: control activities and information systems. In CITIC Pacific’s caseh its defects em- bodied in investing heavily, within the scope of a certain amount, there are corresponding level for examination and approval of personnel, but in the actual execution process, because of the amounts involved, numerous and complicated formalities, it finally results in the defect of the control activities; in information systems, because there are specific legal provisions of the state-owned enterprises overseas futures hedging business management method, it clear stipulates the total trading spot trading volume shall be a limited amount, while CITIC Fu Tai chairman Larry Yung and managing director Henry Fan has been aware of this situation. But he did not commu- nicate timely; finally, the circumstance led to the delay of information, as a result, the amount made losses in- crease greatly.
4.2. The Overall Level
It mainly incljdes three parts: control environmenth risk assessment and sjpervision. In this caseh they don’t have a design abojt the necessary risk assessment process; they also don’t make the overall jnderstanding of the overall control environment. Without the approval of the board of directors the company executives make a ma- jor strategic decision which makes the CITIC Pacific exists a huge hole in corporate governance. Standard & poor’sh a rating agencyh at the same time according to the reporth CITIC Pacific’s hjge foreign exchange trading losses reflect that the company lacks proper internal regulation and transparency insufficient which cause huge losses of CITIC Pacific.
For any management decision-making activities of the enterprise, they must consider the basis of the above five aspects, then the company could have much better development.
5. The Conclusions and Recommendations
5.1. To Ensure Effective Implementation of Internal Control
Since 2002 the United States has gradually strengthened the construction of enterprise internal control and su- pervision, and the most representative is issued by the US President George Bush in 2002 Sarbanes Oxley Act which puts forward the effectiveness of internal control self-assessment, hires a certified public accountant audit self-assessment report required and classified according to the type and size of listed companies gradually, and strengthens the supervision of the internal control of listed companies. The enterprise that has investment value needs not only to have a good business performance and developing prospect, but also to have a perfect internal control system; to some extent, the internal control failure faced a greater risk of decline in operating perfor- mance. This may bring fatal harm to the significant internal control defects.
In our country, commodity business has entered the era of meager profit. As an example of the steel industry, according to the survey, in 2009 profit margin of annual sales of large and medium-sized steel mills is only 2.5%,
J. F. Leng, L. F. Zhang
however, capital operation is more risky than the traditional commodity business. Deron, Gelinkeer events and a series of failure cases are being exposure, which show the significance and urgency of the internal control and economic globalization. Enterprises are facing the risk of more complex control and the most important way of avoiding these risks is to establish and implement internal control system, and make the effect about the internal control audit.
The development of our country enterprises is more and more restricted by market and a bjyer’s market has initially formed. The increasingly competitive market focuses more on high quality, many varieties, famous brand, low cost, economies of scale of enterprises and products; this has forced companies to enhance their own brand strength by controlling the cost, improving the management level and finally to ensure the realization of business objectives.
5.2. The Establishment of Independent Internal Control Audit Institutions
“In viei of the state-owned enterprise, internal audit independence is not recognized by the public of the status, I think they should set up internal audit institutions under the highest decision-making and enforcement agencies, and they also should appoint the nomination or specific head to ensure the independence and authority of inter- nal audit institutions; at the same time, we should follow our country enterprise internal control basic norms and the enterprise internal control audit guide specification requirements to make sure that audit content and audit procedures are reasonable and find weak link of enterprise internal control and internal management and at the same time ie shojld pjt foriard opinion to improve the enterprise internal control.”
In our country, enterprise internal control supporting guidance of certified public accountants audit guidelines demands that the CPA should implement the audit work in accordance with the method of top-down which re- quires the auditor to focus on the level control first, then the big account, and the final focusing on trading or application level in the process of the specific control in the state-owned enterprise internal control audit work; commonly used methods are mainly about the appropriate personnel, observing activities, checking the related documents through testing, and the methods of execution, but the question itself is not enough to obtain suffi- cient and appropriate evidence, and it should be combined with other internal control auditing method together.
5.3. Improve the Quality of the Internal Auditors
Perfecting the internal audit work—“the internal control ajditing practice standard is the internal control ajdit personnel’s professional standard; they need to have a number of highly qualified internal control auditing pro- fessionals”h it is important to strengthen ajdit professionals folloi-jp edjcation. “Throjgh enhancing the ajdi- tor’s professional ethics consciojsnessh strengthening ajdit professional training, strengthening the internal au- ditors of the certification exam and continuing education training, they aim to improve risk analysis of the inter- nal audit staff proactive; they need to meet the requirements of the development of state-owned enterprise inter- nal ajdit in the aspects sjch as personnel strjctjre and qjality.”
5.4. Strengthening the Internal Control Auditing Supervision
At the end of each year, according to the principle of cost and the importance, SASAC available should make spot check about whether the state-owned enterprise internal control is effective; the internal control evaluation report is a true reflection of enterprise internal control; internal control of the auditing reports issued by certified public accountants is real fair. Only when they strengthen the regulation, the state-owned enterprise internal control construction and the effect of the internal control auditing will be strengthened.
References
[1] Wang, Q., Huang, D. and Young, E. (2014) Internal Control Information Disclosure Situation Analysis—Based on Studies of the Shenzhen Stock Exchange from 2008 to 2012. Taxation and Economy, 1, 57-62. (in Chinese) [2] Herda, D.N., Notbohm, M.A. and Dowdell, T.D. (2014) The Effect of External Audits of Internal Control over Finan-
cial Reporting on Financial Reporting for Clients of Big 4, Second-Tier, and Small Audit Firms. Research in Account- ing Regulation, 26, 98-103. [3] Dey, R.M. and Sullivan, M.W. (2012) Was Dodd-Frank Justified in Granting Internal Control Audit Exemption to
J. F. Leng, L. F. Zhang
Small Firms? Managerial Auditing Journal, 27, 666-692. [4] Keane, M.J., Elder, R.J. and Albring, S.M. (2012) The Effect of the Type and Number of Internal Control Weaknesses
and Their Remediation on Audit Fees. Review of Accounting and Finance, 11, 377-399. [5] Pridgen, A. and Wang, K.J. (2012) Audit Committees and Internal Control Quality: Evidence from Nonprofit Hospitals Subject to the Single Audit Act. International Journal of Auditing, 16, 165-183. (in Chinese) [6] Wang, T. (2013) Shanghai Stock Exchange Main Board Listed Companies to Disclose Control Deficiencies. Analysis
Foreign Trade, 12, 105-107. (in Chinese) [7] Li, R.M. and Zhang, S.Q. (2013) Empirical Study on the Correlation between the Internal Control and Enterprise Val-
ue —Based on the Information System. Journal of Computers, 6, 126-129. (in Chinese) [8] Wang, H.B. (2014) Internal Control Self-Assessment Report Literature Review Study. Disclosure of Beijing Technol-
ogy and Business University (Social Science Edition), 1, 89-95. (in Chinese) [9] Chen, L.R. and Huang, Y. (2013) Management Residual Control Rights, Residual Claim and Internal Control Audits Correlation. Chinese CPA, 7, 88-94. (in Chinese) [10] Wang, H.C. and Kim, J.J. (2013) Internal Control over Financial Reporting of Listed Companies Audited Problems.
Green Accounting, 7, 18-20. (in Chinese) [11] Zhu, C.J. and Han, X.W. (2013) Audit of Internal Control over Financial Reporting Audit Opinions Impact Study—
Evidence from China’s A-Share Listed Companies in 2011. Beijing Technology and Business University (Social Science Edition ), 5, 77-82. (in Chinese) [12] Ding, H. (2009) CITIC Pacific for ex Derivatives Investment Losses Case Studies and Inspiration. Southern Finance,
Section 3. (in Chinese)
Modern Economy, 2014, 5, 785-790
Published Online June 2014 in SciRes. Research and Discussing on Internal
Control Auditing
Jianfei Leng, Lingfen Zhang
School of Business, Hohai University, Nanjing, China
Email: , Received 1 May 2014; revised 1 June 2014; accepted 13 June 2014
Copyright 2014 by authors and Scientific Research Publishing Inc.
This work is licensed under the Creative Commons Attribution International License (CC BY). Abstract
In modern China, the development of the economy is rapid; it mainly includes the creation of many companies. However, it is a double edged sword which may lead to economic development, but it also has a lot of problems. This paper mainly regards the corporate internal control system as the research object. Through the Zhong Xin Fu Tai cases, it found problems from specific aspects and the overall level of internal control audit, and identified the problems and then proposed appro- priate recommendations for improvement.
Keywords
Internal Control, Financial Statements, Auditing
1. Introduction
The internal control system is an important activity of enterprises operating smoothly, which is the important measure to achieve the long-term strategic development of the enterprise and which aims to improve the operat- ing efficiency of the effect. The external audit of Internal Control over Financial Reporting (ICFR) is a very ex- pensive and contentious aspect of the Sarbanes-Oxley Act (SOX). Wang Qin, Huang Dan, Ellen Young found that the disclosure of internal control self-assessment report is better; internal control audit report issued by the njmbers is increasing year by yearh bjt the accojnting firm’s internal control ajdit report’s credibility has yet to be verified [1]. The current enterprise faces the problems which come from the aspects such as society, economy, law, foreign culture changes in the environment, which has prompted the development of internal control theory; furthermore, the internal control system mainly experiences five development stages. They include the internal check, internal control, internal control structure, internal control-integrated framework, enterprise risk man- agement-integrated framework. Firms are more likely to be identified with an internal control weakness, if their audit committees have less financial expertise or, more specifically, have less accounting financial expertise and How to cite this paper: Leng, J.F. and Zhang, L.F. (2014) Research and Discussing on Internal Control Auditing. Modern
J. F. Leng, L. F. Zhang
non-accounting financial expertise [2]. The first line of the enterprise internal control defense is to prevent fi- nancial reporting errors and frauds, which make sure that the internal mechanism of enterprises is a complete fi- nancial report. The second line of defense is against the enterprise financial report errors and frauds. The certi- fied public accountants namely put forward the financial statements and express the opinion of the enterprise accounting information quality.
Firms are more likely to be identified with an internal control weakness, if their audit committees have less financial expertise or, more specifically, have less accounting financial expertise and non-accounting financial expertise [3]. In recent years, auditing in China has made remarkable development; in June 2008 and April 2010, the ministry of finance, securities and futures commission, the national audit office, the China banking regulato- ry commission, insurance regulatory commission has jointly issued the enterprise internal control basic norms and three facilities, such as enterprise internal control audit guidelines, which are mainly aiming at the existing problem of Chinese enterprises and establishing internal control system, and for Chinese companies, a sound system of internal control is established ihich provides the basic frameiorkh namely “to establish internal con- trol system is the Chinese enterprises to participate in international competition, gradually accepted and con- scientiously abided by rules of the market economy, perfecting enterprise system and the inherent requirement of fine management”. Based on resojrce dependency theory that stresses entity’s economic needs for internal control over administering federal funding, they select a sample of nonprofit hospitals subject to the Single Au- dit Act in the United States, from 2001 to 2008. Their results show that hospitals that had audit committees and also employed Big 4 auditors were associated with better internal control quality [4].
The internal control goal guarantees enterprise operation and management in accordance with the provisions of the laws and regulations, the safety of the assets, and financial reports and related information and true, and improves the management efficiency and effectiveness, promotes enterprise development strategy—“internal control audit is a control behavior which can understand internal control whether the establishment is effective, can prevent the frajdh at last to provide reasonable assjrance for the realization of the internal control goals” [5]. In Chinese state-owned enterprises occupying the dominant position in the national economy, the number is larger, and the relationship in the state-owned enterprise internal control audit has very important practical signi- ficance. It is beneficial to the state-owned enterprises to speed up the perfect internal control system, which is more advantageous to enhance the enterprise competition. The remaining part is organized as follows:
The second part mainly analyses the internal audit and explains its relationship with the audit of financial statements from the company’s management aspect; the third part describes the main elements of the internal control; the fourth part is about the case description and analysis; the fifth part is the conclusions and recom- mendations.
2. From the Company’s Management Aspect, It Mainly Analyses the Internal Audit and Explains Its Relationship with the Audit of Financial Statements
In the past, people used to focus on whether the management has the behavior beyond the control. Though we can’t deny that this is still a part of the modern internal control auditing important content, under modern corpo- rate environment, for the audit, the process of management aims to achieve effective utilization of resources. “On the one handh the management is the vital position in the control environment.”
As an example, Shanghai Stock Exchange main board listed companies to disclose Internal 2012 control self- assessment report and the audit report as a sample, follow the COSO internal control report, the five elements of internal control of 650 Shanghai-listed companies drawn from the analysis of defect types: Shanghai-listed companies to disclose Internal control deficiencies small percentage of the company; [6] management ideology, directly affect the whole process of, only we fully understand the intention of the authorities, we can do better to improve the internal control by the ajdit companyh and perfect the processh so as to improve the company’s op- erating purposes. This article combines internal control and information technology, suggesting how internal control plays a positive role in achieving company’s goal and improving enterprise valje [7].
The process ajdit is a kind of more operational ajdit. “In Wang Haibin’s paperh internal control self-assess- ment report is not only a reflection of the effectiveness of corporate financial reporting, it is the business of the whole process of implementation of internal control evaluation, development and implementation of the internal control system has a decisive role [8].” The concept itself also has to ensure the efficiency of the internal control process and to determine the reasonable goal, evaluation of project risk, implementation of control behavior,
J. F. Leng, L. F. Zhang
guarantee the realization of the goal, and then make sure the new goal to adapt to the development of enterprise. “Internal control is a continjojs cycle repeat stepsh so for the evaljation of internal control and ajdith it also should be to this process audit. So the audit of internal control should be a circulation of the audit process [8].” Enterprise internal control operates smoothly and that has important influence on enterprises to prepare finan- cial statements. The following briefly introduces the relation and the distinction between the financial statements and the internal control.
The relationship betieen the internal control and the company’s financial statements:
1) The audit in the same way.
Both took risk oriented audit mode. Audit procedures are same. Financial statements audit must understand the internal control environment of the enterprises, and even take control of the test; the internal control auditing must understand and test the internal control; at the same time the definition of the effectiveness of the internal control and evaluation method, they can be used to ask, examination, observation, through the test, to implement methods and procedures.
2) Focus on the same object.
Both of them need to identify key account, important deal category and so on. In the financial statements au- dit certified public accountant needs to evaluate these key accounts and key to make sure that whether they are the material misstatement category; in the internal control audit, they need to evaluate whether these accounts and transaction are covered by the internal control.
3) Determine the importance of the same level.
They need to check whether there is a material misstatement in the financial report; to determine the level of importance in the internal control audit, they also need to check whether there is a significant internal control defects.
Therefore, only internal control get to formulate and effective implementation, can they guarantee the audit report is issued by officially. But the specific part of the internal control and those content will be namely intro- duced in the next section.
3. Main Components of the Internal Control
First of all, the control environment is the first part of the internal control framework. It sets the tone for the company as a whole and it also affects the execution of its staff awareness. This is an integral part of the internal control components and the basis of internal control procedures provides the tone and organizational structure. In this phase, the company determines the business goals and the overall business philosophy. It is used to iden- tify and analyze and realize the risks associated iith the company’s objectives. Every company is faced iith various risks from internal and external, therefore, to maintain the continuing operations of the enterprise, they must assess the risk. At this stage, the company should find out all kinds of risks and determine the basic meas- ures of risk management; control activities is the third part of the internal control framework, it helps to reduce the risk of company objectives, control activities including account reconciliation, separation of duties, decen- tralization, and uses the serial number of the documents in advance to aim to overcome these activities, such as the company may face the potential risks, and help the company achieve its business goals [10]. So the company must be in the form of appropriate and at the appropriate time determine and communicate relevant information about the internal control so that in the fourth part of the internal control people can perform their duties of communication and information.
It mjst be commjnicated iith the company’s bjsiness objectives, and control activities should control activi- ties so that the staff can find the management information and also need to monitor by monitoring, and control activities over a period of time can be evaluated, as well as the whole internal control, you can determine the ef- fectiveness of the control activities to make sure whether the control activities need to be scaled, or whether it is no longer needed to perform. They also shojld be evaljated at this stage of the company’s bjsiness objectives. The above five aspects is necessary for the enterprise to develop sustainable and healthy which include the control environment, risk assessment and supervision process, and the business process level control include the control activities, further, only iill do the bjsiness floih daily life and from the overall levelh enterprise’s control can continue to operate normally [11]. Today’s enterprise internal control ajdits are almost large enterprise in- ternal. And big enterprise is mainly state-owned enterprises. They can be stated through the specific case below.
J. F. Leng, L. F. Zhang
4. Case Is Introduced and Analyzed
The company is listed in 1886. In the same yearh in Febrjary’s it issjes 270 million nei shares to the China in- ternational trust and investment group (Hong Kong) co. LTD. This make the CITIC group (Hong Kong) hold company’s 64.7% [12] stake. Since then, it had become a subsidiary of CITIC. In Western Australia CITIC Pa- cific’s operated iron oreh in order to reduce the currency risk of the company, since 2007, CITIC Pacific began to bjy foreign cjrrency options contracts to hedge. On December 5h 2008h CITIC Pacific’s shares closed at 5.80 Hong Kong dollars and declined more than HK $21 billion in more than a month’s. On November 12h 2008h CITIC Pacific’s made an annojncement againh iith the parent company of CITIC grojp restrjctjring reaching a preliminary agreement, one of them was to convert the bond manner and to CITIC capital injection of $1.5 bil- lion. At the general meeting, according to leaked CITIC Pacific on December 19, shareholders got 99.94% of the vote. Second is the “sjrgical” iay of the partial derivatives contracts from the listed companyh CITIC grojp iill assist in CITIC Pacific two-step restructuring the existing a $8.7 billion contract. According to the announce- ment, CITIC group hopes to complete restructuring in December 30. The derivatives losses are over periodically. In the second part we introduced the five elements of internal control, now we will explain the cause of the problem from the aspect of the business flow and the overall level in this paper.
4.1. The Business Flow
It mainly includes two parts: control activities and information systems. In CITIC Pacific’s caseh its defects em- bodied in investing heavily, within the scope of a certain amount, there are corresponding level for examination and approval of personnel, but in the actual execution process, because of the amounts involved, numerous and complicated formalities, it finally results in the defect of the control activities; in information systems, because there are specific legal provisions of the state-owned enterprises overseas futures hedging business management method, it clear stipulates the total trading spot trading volume shall be a limited amount, while CITIC Fu Tai chairman Larry Yung and managing director Henry Fan has been aware of this situation. But he did not commu- nicate timely; finally, the circumstance led to the delay of information, as a result, the amount made losses in- crease greatly.
4.2. The Overall Level
It mainly incljdes three parts: control environmenth risk assessment and sjpervision. In this caseh they don’t have a design abojt the necessary risk assessment process; they also don’t make the overall jnderstanding of the overall control environment. Without the approval of the board of directors the company executives make a ma- jor strategic decision which makes the CITIC Pacific exists a huge hole in corporate governance. Standard & poor’sh a rating agencyh at the same time according to the reporth CITIC Pacific’s hjge foreign exchange trading losses reflect that the company lacks proper internal regulation and transparency insufficient which cause huge losses of CITIC Pacific.
For any management decision-making activities of the enterprise, they must consider the basis of the above five aspects, then the company could have much better development.
5. The Conclusions and Recommendations
5.1. To Ensure Effective Implementation of Internal Control
Since 2002 the United States has gradually strengthened the construction of enterprise internal control and su- pervision, and the most representative is issued by the US President George Bush in 2002 Sarbanes Oxley Act which puts forward the effectiveness of internal control self-assessment, hires a certified public accountant audit self-assessment report required and classified according to the type and size of listed companies gradually, and strengthens the supervision of the internal control of listed companies. The enterprise that has investment value needs not only to have a good business performance and developing prospect, but also to have a perfect internal control system; to some extent, the internal control failure faced a greater risk of decline in operating perfor- mance. This may bring fatal harm to the significant internal control defects.
In our country, commodity business has entered the era of meager profit. As an example of the steel industry, according to the survey, in 2009 profit margin of annual sales of large and medium-sized steel mills is only 2.5%,
J. F. Leng, L. F. Zhang
however, capital operation is more risky than the traditional commodity business. Deron, Gelinkeer events and a series of failure cases are being exposure, which show the significance and urgency of the internal control and economic globalization. Enterprises are facing the risk of more complex control and the most important way of avoiding these risks is to establish and implement internal control system, and make the effect about the internal control audit.
The development of our country enterprises is more and more restricted by market and a bjyer’s market has initially formed. The increasingly competitive market focuses more on high quality, many varieties, famous brand, low cost, economies of scale of enterprises and products; this has forced companies to enhance their own brand strength by controlling the cost, improving the management level and finally to ensure the realization of business objectives.
5.2. The Establishment of Independent Internal Control Audit Institutions
“In viei of the state-owned enterprise, internal audit independence is not recognized by the public of the status, I think they should set up internal audit institutions under the highest decision-making and enforcement agencies, and they also should appoint the nomination or specific head to ensure the independence and authority of inter- nal audit institutions; at the same time, we should follow our country enterprise internal control basic norms and the enterprise internal control audit guide specification requirements to make sure that audit content and audit procedures are reasonable and find weak link of enterprise internal control and internal management and at the same time ie shojld pjt foriard opinion to improve the enterprise internal control.”
In our country, enterprise internal control supporting guidance of certified public accountants audit guidelines demands that the CPA should implement the audit work in accordance with the method of top-down which re- quires the auditor to focus on the level control first, then the big account, and the final focusing on trading or application level in the process of the specific control in the state-owned enterprise internal control audit work; commonly used methods are mainly about the appropriate personnel, observing activities, checking the related documents through testing, and the methods of execution, but the question itself is not enough to obtain suffi- cient and appropriate evidence, and it should be combined with other internal control auditing method together.
5.3. Improve the Quality of the Internal Auditors
Perfecting the internal audit work—“the internal control ajditing practice standard is the internal control ajdit personnel’s professional standard; they need to have a number of highly qualified internal control auditing pro- fessionals”h it is important to strengthen ajdit professionals folloi-jp edjcation. “Throjgh enhancing the ajdi- tor’s professional ethics consciojsnessh strengthening ajdit professional training, strengthening the internal au- ditors of the certification exam and continuing education training, they aim to improve risk analysis of the inter- nal audit staff proactive; they need to meet the requirements of the development of state-owned enterprise inter- nal ajdit in the aspects sjch as personnel strjctjre and qjality.”
5.4. Strengthening the Internal Control Auditing Supervision
At the end of each year, according to the principle of cost and the importance, SASAC available should make spot check about whether the state-owned enterprise internal control is effective; the internal control evaluation report is a true reflection of enterprise internal control; internal control of the auditing reports issued by certified public accountants is real fair. Only when they strengthen the regulation, the state-owned enterprise internal control construction and the effect of the internal control auditing will be strengthened.
References
[1] Wang, Q., Huang, D. and Young, E. (2014) Internal Control Information Disclosure Situation Analysis—Based on Studies of the Shenzhen Stock Exchange from 2008 to 2012. Taxation and Economy, 1, 57-62. (in Chinese) [2] Herda, D.N., Notbohm, M.A. and Dowdell, T.D. (2014) The Effect of External Audits of Internal Control over Finan-
cial Reporting on Financial Reporting for Clients of Big 4, Second-Tier, and Small Audit Firms. Research in Account- ing Regulation, 26, 98-103. [3] Dey, R.M. and Sullivan, M.W. (2012) Was Dodd-Frank Justified in Granting Internal Control Audit Exemption to
J. F. Leng, L. F. Zhang
Small Firms? Managerial Auditing Journal, 27, 666-692. [4] Keane, M.J., Elder, R.J. and Albring, S.M. (2012) The Effect of the Type and Number of Internal Control Weaknesses
and Their Remediation on Audit Fees. Review of Accounting and Finance, 11, 377-399. [5] Pridgen, A. and Wang, K.J. (2012) Audit Committees and Internal Control Quality: Evidence from Nonprofit Hospitals Subject to the Single Audit Act. International Journal of Auditing, 16, 165-183. (in Chinese) [6] Wang, T. (2013) Shanghai Stock Exchange Main Board Listed Companies to Disclose Control Deficiencies. Analysis
Foreign Trade, 12, 105-107. (in Chinese) [7] Li, R.M. and Zhang, S.Q. (2013) Empirical Study on the Correlation between the Internal Control and Enterprise Val-
ue —Based on the Information System. Journal of Computers, 6, 126-129. (in Chinese) [8] Wang, H.B. (2014) Internal Control Self-Assessment Report Literature Review Study. Disclosure of Beijing Technol-
ogy and Business University (Social Science Edition), 1, 89-95. (in Chinese) [9] Chen, L.R. and Huang, Y. (2013) Management Residual Control Rights, Residual Claim and Internal Control Audits Correlation. Chinese CPA, 7, 88-94. (in Chinese) [10] Wang, H.C. and Kim, J.J. (2013) Internal Control over Financial Reporting of Listed Companies Audited Problems.
Green Accounting, 7, 18-20. (in Chinese) [11] Zhu, C.J. and Han, X.W. (2013) Audit of Internal Control over Financial Reporting Audit Opinions Impact Study—
Evidence from China’s A-Share Listed Companies in 2011. Beijing Technology and Business University (Social Science Edition ), 5, 77-82. (in Chinese) [12] Ding, H. (2009) CITIC Pacific for ex Derivatives Investment Losses Case Studies and Inspiration. Southern Finance,
Section 3. (in Chinese)