41. Njanike, K., Mutengezanwa, M., Gombarume, F.B., (2011). Internal Controls in Ensuring Good Corporate Governance in Financial Institutions . Annals of the University of Petrosani, Economics, 11(1), 187-196.
42. N.Klai, (2011). Corporate Governance and Financial Reporting Quality: The Case of Tunisian Firms . International Business Research, Vol.4, No.1:158-166
43. Nunnally & Bernstein (1994). Psychometric Theory . 3rd ed. New York: McGraw-Hill.
44. Ofori W, (2011). Effectiveness of Internal Control System: A perception or Reality . Available at http://ir.knust.edu.gh/bitstream/123456789/4435/1/WILLIAM%20OFORI%20FIN AL%20THESIS202011.pdf [Access on 25.05.2014]
45. Olatunji (2009). Impact of Internal Control System in Banking Sector in Nigeria , Pakistan Journal of Social Sciences, Vol 6, Issue 4, Page No 181-189
46. Peterson, Robert A (1994). A Meta-Analysis of Cronbach's Coefficient Alpha , Journal of Consumer Research, 21 (September), 381-391.
47. Pforsich, H & Kramer, BK P (2008), Establishing an Internal Audit Department: The Case of The Schwan Food Company , Global Perspectives on Accounting Education, 5, 2008, 1-16.
48. Podpiera, R (2006). Progress in China's Banking Sector Reform: Has Bank Behavior Changed? . Journal of Banking & Finance, 30(10), 2605-2634
49. Pricewaterhouse Coopers. (2007, August 28). Internal Control System and Risk Management. Retrieved June 26, 2014, from GRC White Paper:https://www.pwc.ch/user_content/editor/files/publ_adv/ pwc_grc_white_ paper_e.pdf
50. Rae, K. & Subramaniam, N., (2006). The Relationship between Internal Control Procedural Quality , Organizational Justice Perceptions and Employee Fraud
51. Ramos, M., (2004). Evaluate the Control Environment: Documentation Is Only a Start; Now it's All about Asking Questions. Journal of Accounting, Vol. 197, 2004
52. Robert H. Montgomery, (1905). Auditing - Theory and Practice . New York
53. Robert R. Moller (2005). Brink's Modern Internal Auditing , 6th ed ., Hoboken, NJ: John Wiley & Sons
54. Sahabi Ibrahim, Gordon Diibuzie and Mohammed Abubakari, (2017). The Impact of Internal Control Systems on Financial Performance: The Case of Health Institutions in Upper West Region of Ghana , International Journal of Academic Research in Business and Social Science, Vol.7, No.4
55. Socol A (2011). Internal Banking Control and Audit: A Comparative Approach in the Romanian Banking Sector , Annales Universitatis Apulensis Series Oeconomica, 13(2), 396-403
56. Spinger, L.M., (2004). Revisions to OMB Circular A-123, Management's Responsibility for Internal Control. Available at http://www.whitehouse.gov/omb/index.html
57. Slater, S. (1995). Issues in Conducting Marketing Strategy Research ch. Journal of Strategic Marketing, 3(4), 257-270.
58. Steinhoff. J.C., (2001). Internal Control, Management Evaluation and Tool
59. Sultana & Haque, (2011). Evaluation of Internal Control Structure: Evidence from Six Listed Banks in Bangladesh , ASA University Review, 5(1), 69-81. Retrieved from http://www.asaub.edu.bd/data/asaubreview/v5n1sl4.pdf
60. Suzanne Steyn (1997). A Comparison of Internal Controls, with Specific Reference to COBIT, SAC, COSO, AND SÁ 55/78 , Short Dissertation in Computer Auditing, Rand Afrikaans University
61. Varipin Mongkolsamai and Phapruke Ussahawanitchakit, (2012). Impacts of Internal Control Strategy on Efficiency Operation of Organization of Thai Listed Firms , International Journal of Business Strategy, Sep 2012, Vol.12 Issue 3, p22
62. Walker DM, (1999). Standards for Internal Control in Federal Government . Available at www.gao.gov/special.pubs/ai00021p.pdf.[Accessed on May 12, 2013]
63. William and Kwasi (2013). Evaluate The Significance of Internal Control System in Rural Banking Sector
64. Yuan Li, Yi Liu, Yongbin Zhao, (2006). The Role of Market and Entrepreneurship Orientation and Internal Control in the New Product Development Activities of Chinese Firms , Industrial Marketing Managemnet, 35: 336-347
APPENDIX
Appendix 1. Principles for internal control according to COSO and Basel
Element
composition
The principles | ||
According to COSO 2013 | According to Basel | |
(1) Management oversight and control culture | Principle 1: The organization demonstrates a commitment to integrity and adherence to ethical values.” Principle 2: The Board demonstrates independence from management and is responsible for overseeing the development and operation of internal control.” Principle 3: Managers under the supervision of the Board should establish structures, reporting lines, and appropriate authorities and responsibilities to pursue the entity's objectives”. Principle 4: The organization must demonstrate a commitment to attracting, developing, and retaining outstanding individuals who are aligned with the organization's goals. Principle 5: The entity has employees who are accountable to internal control in pursuing its objectives”. | Principle 1: The Board of Directors is responsible for approving and periodically reviewing the overall business strategies and key policies of the bank; understanding the bank's material risks, establishing acceptable levels of tolerance for these risks and ensuring that the Board of Management has taken the necessary steps to identify, measure, monitor and control them; reviewing the organizational structure; ensuring that the Board of Management is monitoring the effectiveness of the internal control system. The Board of Directors will be ultimately responsible for ensuring that an adequate and effective internal control system is established and maintained”. Principle 2: The Board of Management is responsible for implementing the strategies and policies approved by the Board of Directors; establishing processes to identify, measure, monitor and control risks to the bank; maintaining an organizational structure with clearly defined responsibilities, authorities and reporting relationships; ensuring that it performs its duties effectively; establishing appropriate internal control policies; and monitoring the adequacy and effectiveness of the internal control system”. Principle 3: The Board of Directors and the Executive Board are responsible for promoting ethics and integrity, establishing a culture and making All employees see the importance |
Maybe you are interested!
-
Reinforce Community Norms and Principles -
Written Exam Theory: History of Badminton Development, Technical Principles, Competition Rules -
Principles and Tools for Problem Solving to Improve Business Efficiency -
Principles for Perfecting the FDI Economic Efficiency Indicator System in Vietnam -
Land Complaint Resolution and Land Complaint Resolution Principles
of KSNB. All bank employees need to clearly understand their role in the KSNB process and be truly involved in the process. that program". | ||
(2) Identify and assess risks | Principle 6: Clear and complete objectives must be set to identify and assess risks arising in achieving the unit's objectives". Principle 7: Identify risks to achieving the organization's objectives and conduct a risk analysis to determine how risks should be managed. Principle 8: Potential types of fraud should be considered when assessing risks to the achievement of an entity's objectives. Principle 9: Changes in the environment should be identified and assessed. affect KSNB. | Principle 4: An effective internal control system requires that significant risks that could affect the bank’s ability to achieve its plans are identified and continually assessed. This assessment should cover all of the bank’s operational risks (credit risk, sovereign risk, market risk, interest rate risk, liquidity risk, operational risk, legal risk, and reputation risk). Internal control should review previously uncontrolled risks as well as emerging risks.” |
(3) Control and assignment activities | Principle 10: Select and develop control activities to limit risks to achieve objectives within acceptable limits”. Principle 11: Select and develop general control activities with modern technology to support the achievement of objectives”. Principle 12: Organize and implement control activities through the content of established policies and implement policies into specific actions. | Principle 5: Control activities are an important part of the day-to-day operations of a bank. An effective internal control system requires the establishment of an appropriate control structure, in which controls are identified at each level of activity. These include checks at the highest level, checks on operations of different departments and divisions, inventories, checks on compliance with regulations and monitoring of non-compliance; an approved system; and a system of checks and balances”. Principle 6: An effective internal control system requires appropriate delegation of duties and that employees' work does not conflict with each other. Conflicts of interest must be |
be identified, minimized and subject to independent and prudent control”. | ||
(4) Information and communication | Principle 13: The entity collects, communicates and uses relevant, quality information to support other parts of internal control”. Principle 14: The entity should communicate internally the necessary information, including objectives and responsibilities for internal control, to support the control function”. Principle 15: The entity should communicate to external parties matters affecting the internal control function”. | Principle 7 : An effective internal control system requires comprehensive and comprehensive data on compliance, performance, financial status, and external market information that may influence decision making. The information must be reliable, timely, usable, and presented in a format that is appropriate. Principle 8: An effective internal control system requires a reliable information system that can meet most of the bank's key activities. The system must store and use data by computer, be secure, be independently monitored and be subject to complete, unscheduled inspections. Principle 9: An effective internal control system requires effective communication channels to ensure that all employees fully understand and comply with the policies and procedures relevant to their responsibilities and duties and to ensure that other necessary information is also disseminated to other employees. relate to". |
(5) Monitoring and error correction | Principle 16: The organization selects, develops and conducts regular and/or periodic assessments to determine whether the components of the internal control system exist and are functioning.” Principle 17: The organization promptly evaluates and communicates internal control deficiencies to responsible parties. responsibility, to carry out repair work, | Principle 10: The overall effectiveness of the internal control system requires continuous monitoring and control. Monitoring of significant risks must be a daily activity of the bank as well as a periodic assessment by the business unit and internal audit. Principle 11: There must be a comprehensive, effective and accountable internal audit function. competent, well-trained people |
including senior management and the Board of Directors”. | appropriate to be able to work independently. The work of internal audit, which is also the monitoring of internal control system, must be reported directly to the Board of Directors or the Supervisory Board and the Executive Board. Principle 12: Internal control system deficiencies discovered by the business unit, internal audit or other personnel must be promptly reported to the appropriate management level and recorded immediately. Material internal control deficiencies must be reported to the Executive Board and the Board of Directors”. Principle 13: Bank inspectors require that all banks have effective internal control systems that are appropriate to the nature, complexity, and risks inherent in banking operations and that are adaptable to changes in the banking environment and conditions. Inspectors will determine whether a bank's internal control systems are effective and adequate, and will then make recommendations. appropriate treatment". |
Source: COSO 2013 and Basel
Appendix 2. Checking card business topics at Agribank
(1) Check the organizational model and arrange staff to do card operations.
(2) Check compliance with business procedures:
- User management and usage related to card operations
Statistics of all Users of staff related to card operations: IPCAS User, FIMI User, CSP User, ATM User, POS User.
Check information: Application for granting, changing, and canceling User accounts for each User; Use of Users in case of leave or leave of absence of staff; Handling of inactive Users.
Check the limits of ATM Users and POS bank Users on the IPCAS system: GL/GLAC/GLAC18, especially pay attention to cases where Users are setting high limits.
- Compliance with card issuance procedures
Check the card issuance records, records of issuance, registration/cancellation of overdraft and change of overdraft limit of debit card and records of issuance, registration/cancellation of credit and change of credit limit of international card: Check the use of prescribed forms, ensure that the required information on the form is complete and correct; compare the information on paper records with the information registered on the system (note the time of registration on the system, the approved limit). Particularly for overdraft records, it is necessary to note that there must be confirmation from the salary paying unit through the account requesting overdraft.
Check the card issuance registration process: Compare the cardholder's request approved by the branch regarding the limit, card type, approval time, and compare on the FIMI system.
Check the process for issuing, registering/cancelling overdrafts and changing debit card overdraft limits.
Check the process of granting, registering/canceling credit and changing credit limits of international cards.
Check the process of granting, registering/cancelling Internet (E-commerce)/ MOTO transactions.
Check card delivery, PIN and card activation for customers.
Check the fee collection from card operations: Issuance fee, card unlocking fee, card return fee collected by ATM...
Check the management of ATM keys and codes.
- Procedures for receiving funds, checking funds and handling excess/shortage of ATM funds
Management of ATM keys and codes: Check the storage of ATM keys and codes in use and the backup set, check the assignment of storage and use of ATM keys and codes.
Check ATM fund receiving and checking process: Randomly check ATM fund receiving, checking, closing ATM balance on IPCAS system, closing ATM balance on FIMI system, identify transactions that have not been accounted for at the time of checking.
Procedure for receiving/checking funds and handling excess/shortage of ATM funds: Check the determination of causes and handling excess/shortage of ATM funds.
- Compliance with business procedures in card payment. Checking the development and management of card acceptance units.
Check the application of maximum discount rate regulations for card accepting units.
Check compliance with regulations on processing refund and collection transactions of card accepting units.
Check the card acceptance unit's assessment before signing the contract.
Check the collection and storage of invoices for transactions arising at card accepting units.
Check the monitoring of card acceptance units' performance and transaction turnover.
Check the monitoring of card acceptance units' performance and sales.
transaction.
Check the process of accepting card payments via EDC/POS at the transaction counter and at the card acceptance unit.
- Support, resolve customer inquiries and complaints
Check compliance with business procedures for handling customer inquiries and complaints: Check records of handling inquiries and complaints, time for handling inquiries and complaints; documents responding to inquiries and complaints...; compare information on paper records with information on the CSP system; ...
Implementing business procedures during the process of resolving and handling arising issues: Checking the handling of lost or stolen cards; damaged cards, expired cards, ATMs seizing cards; changing PIN codes for cardholders, ... Checking card cancellation records; Checking card locking, card return, PIN code change and related fee collection; ...
- Preservation and storage of records and documents at the branch: Including card issuance registration records, records related to card accepting units, changes in daily transaction limits, registration/cancellation of Internet (E-commerce)/MOTO transaction registration; renewal of international credit card usage contracts, transaction invoices at card accepting units, ATM paper logs, documents related to fund access, fund checking and handling of excess and shortage funds; storage of paper logs, camera image data and other documents related to card operations.
Source: Agribank's Card Business Subject Inspection Regulations