Search results

The purpose of this paper is to form a new framework for preventing money laundering by mapping COBIT (Control for Information and Related Technology) processes to COSO (Committee of Sponsoring Organisation) components.

First, a new framework for preventing money laundering in banks is formed by mapping COBIT to COSO. Further, the potential of the mapped framework to comply with the Bank Secrecy Act requirements is analysed.

The mapped framework effectively supports all the activities of financial sectors through defining efficient information technology‐based processes and control methods. Information systems play a key role for financial sectors in producing financial statements, managing customer databases, detecting frauds, etc.

Case studies of banks of different sizes, and in different countries are needed. It is necessary to improve the mapped framework by considering Basel III regulations.

COBIT‐mapped‐COSO framework is useful for banks to fight money laundering. While adopting the new framework, an organisation should apply the best practices that suit its operations rather than all the control objectives.

The new framework can help banks fight money laundering.

For preventing money laundering through banks, a number of policies and intelligence systems are in place. However, there is no efficient framework that could guide banks to follow these policies and use information technologies. This paper proposes a new framework to target these gaps.

Islamic financial institutions (IFIs) are required to establish a Shariīʿah Governance Framework (SGF) to strengthen their Sharīʿah-compliance mechanism and ensure that all relevant IFI regulations are in line with Sharīʿah rules and principles. Effective implementation of the Shariīʿah-compliance function will further promote stakeholder confidence, as well as the integrity of IFIs, by reducing Shariīʿah non-compliance risks. This study aims to examine the internal control framework developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and explore the extent to which it can be incorporated in the Sharīʿah-compliance function of IFIs.

This study adopts a qualitative method of inquiry, utilizing the inductive method and content analysis to build comprehensive knowledge that will assist in exploring the framework of COSO methodology and the extent to which it can be adopted by IFIs.

The findings indicate that the existing frameworks of Sharīʿah governance, whether that of the Accounting and Auditing Organization for Islamic Financial Institutions (AAOIFI) or Bank Negara Malaysia (BNM), need to be further developed. Therefore, the adoption of COSO methodology in the internal Sharīʿah audit of IFIs, as suggested by AAOIFI, is not only possible but desirable. The study also finds that the COSO framework places the highest priority on risk management in that it makes it an integral part of the decision-making process in all the institution's activities. As a result, incorporating the comprehensive COSO risk management structure within the Sharīʿah-compliance function will enhance risk management in IFIs.

This study highlights the importance of the COSO internal control framework and examines its components, principles and the possibility of its adoption by IFIs. The findings of this study are expected to contribute to enhancing the Sharīʿah-compliance function of IFIs.

This paper builds on the Committee of Sponsoring Organizations (COSO) Report, which examined US Accounting and Auditing Enforcement Releases (AAERs). The purpose of this paper is to provide valuable insights into the characteristics and realities of financial statement fraud in the post‐Enron regulatory environment.

This paper analyses a sample of AAERs from 2002 to 2005. It also provides case studies of an additional five high‐profile case studies from that period.

This paper finds evidence of changes in Securities and Exchange Commission (SEC) enforcement activities since the COSO Report. Specifically, it is found that enforcement activities have increased substantially post‐Enron and the companies subject to AAERs are, on average, much larger, more profitable and the frauds are more substantial than those exhibited in the COSO Report. These findings suggest that the SEC has become more aggressive at pursuing larger companies for financial statement fraud in the post‐Enron environment.

This paper relies on AAERs as the source of analysis of financial statement fraud, its findings must be viewed in light of the limitations of using these documents. Specifically, the prevailing prosecutions agenda of the US SEC may be reflected in these results.

The study findings are of great practical relevance to accounting regulators and practitioners as they provide valuable insights into the nature and characteristics of financial statement fraud.

The paper provides empirical evidence concerning the changing face of financial statement fraud enforcement and provides a more in‐depth comparison of fraud than possible with most previous studies that have tended to focus on quantitative measures. This is possible because the present investigation utilises qualitative data from AAERs to supplement quantitative findings. Its originality is also due to the use of institutional theory which is not commonly applied in the corporate governance field.

There have been new interests in internal control and the COSO report represents a milestone in the evolution of internal control. The business community and accounting profession reactions to the COSO report have been positive in the USA. The provisions of the COSO report help organizations to understand and appreciate better the value and importance of internal control; they also expand the elements and components of internal control, and provide guidelines for establishing criteria against which all entities can assess the adequacy and effectiveness of their internal control systems. The COSO report should provide a great implication for organizations′ internal audit functions and have a significant positive impact on the better recognition of the proactive role of internal auditors.

The purpose of this paper is to teach students the fundamental and most critical aspects of performing a financial statement risk assessment, a skill vital to help ensure both auditor and public‐company compliance with guidance found in the Sarbanes‐Oxley Act of 2002 (SOX), the SEC's Interpretative Guidance regarding Management's Report on Internal Control over Financial Reporting, the control deficiency evaluation framework found in Auditing Standard No. 5 (AS5) of the Public Company Accounting Oversight Board (PCAOB), and the Committee of Sponsoring Organizations of the Treadway Commission (COSO).

This instructional case study helps students assess the impact of a set of hypothetical internal control deficiency risks in various industries, including inherent and residual financial statement risk assessment, and concludes with determining which identified internal control weaknesses are significant deficiencies and material weaknesses in internal control. Included in the financial statement residual risk assessment process are example entity‐level and process‐level controls described in COSO. Learning objectives, implementation guidance, and the efficacy of using the case study in the undergraduate or graduate auditing or accounting information systems courses are also provided.

The results of classroom testing of the case study at two universities provides evidence the case study increases student understanding of the implications of internal controls and their impact on the reliability of the financial statements significantly. Students also found the case to be challenging, interesting, relevant, clear, understandable, and a realistic approximation of what they might expect to encounter in the real‐world when performing a financial statement risk assessment.

The case study includes the development of skills important to students in performing financial statement risk assessments, either as an auditor or when working in a private industry environment, including making professional judgments related to risk assessment.

This paper aims to assess the influence of emotional intelligence (EI) on the perceived internal control performance in the Lebanese companies.

The goal of this study is to decide whether there is a connection between “emotional intelligence” and perceived efficacy of “internal control” in Lebanese organizations. For the benefit and purpose of this research, a quantitative methodology will be applied. The data was collected by the use of self-directed and pre-coded questionnaires to test hypotheses made, making it a deductive research.

The findings showed that the personality traits of the members of the audit team play a key role in cultivating a control climate that is more conducive to effective control. Moreover, personality traits were key in boosting trust and openness in communication that can be seen as antecedents to having a system where all key auditing professionals within the organization can cooperate to boost the effectiveness of the internal control framework. These personality traits amplified the impact of the EI of audit manager on the overall effectiveness of the COSO framework, thus leading to improved efficiency of internal controls.

The exploratory aspect of this study have shown results that are general but create a basis for future comprehensive researches. This study was limited to a relatively small sample, due to the small size of Lebanon and due to the Pandemic that has limited our access to more data. This research did not regulate other relevant variables such as gender, experience, educational level and age. Nevertheless, the importance of the findings is they ascertain that internal control is not a rigid technical function that is primarily concerned with accounting and financial disciplines, rather it extends to organizational psychology and behavior.

The practical implication of studying EM and personality in Lebanese organizations is to describe and understand how it affects the effectiveness of the internal control and thus the survival of the organization. When organizations are aware of such a strong impact, they will try to increase their maturity level in this regard and further seeks more efforts in tackling the EI aspect. As a summary, the practical implication of this paper is to understand how all those variables affect the effectiveness of the internal control and thus the survival of the organization.

The subject of this study consists of many human-related aspects such as personality and human behavior. Once these elements are combined with the internal control framework, it will have an added value at the social level by enhancing the behavior of people and their perception of others' emotions and oneself emotions, in addition to improving their performance which reflects on enhancing the overall organizational performance. Studying EI allows to understand and manage emotions in order to create positive social interactions. The benefits of EI are vast in terms of personal, academic and professional success.

Due to the lack of research on this topic, this research will contribute to explore the field. Future studies will benefit from this analysis while using a larger sample. Future work should aim to include not only auditors but all staff of the company. Further research is required to decide whether the results of this analysis are generalized across various positions and industries and to determine whether EI is the only influential aspect involving a significant number of social interactions. In addition, this article can be used as a basis for the implementation of internal control with a COSO framework that involves the EQ of everyone in the organization.

The purpose of this study is to determine whether higher-learning institutions have sufficient internal controls to manage whistle-blowing or similar means when encountering repetitive complaints requiring similar corrective actions. This study attempts to classify complaints as per categories, criteria and components of the COSO framework using a checklist called self-assessment checklist of internal control kits so that complaint activities can be efficiently and effectively managed.

As a case study, one public university in Malaysia was selected, and 740 complaints were examined over a four-year period. Two methods of data collection, namely, document analysis and interviews, were used.

This study found no internal controls established to oversee the complaints that were received. Hence, repetitive complaints were received for similar areas and functions over a period. The application of COSO framework on complaints and whistle-blowing activities, however, led to more organised and visible problems; therefore, effective corrective and preventive action may be conducted.

This study was conducted on only one organisation with several series of interviews and limited period of document analysis because of privacy and confidentiality of the information. Future research should collect and analyze data from a higher number of organisations with more respondents for interviews and a longer period for document analysis to obtain more accurate results.

This study provides further evidence on the suitability of COSO framework for different types of organisations, either public or private, and has been successfully adopted globally. It is effective not only to manage the operation and financial matters but also to manage complaints and whistle-blowing activities in organisations.

This study is original because it focuses on the current practices of internal control in government entities, particularly for organisations that operate as higher-learning institutions, which is scarce in the literature. In addition, this study analysed the drawbacks of internal control systems, especially in dealing with whistle-blower reports and complaints by referring to the list of complaints made by their stakeholders.

The purpose of this paper is to analyze how the COBIT framework, integrated within the internal control framework, enables improvement in the quality of financial reporting while helping to reduce or eliminate the material weaknesses (MWs) of internal control over financial reporting (ICFR). The Control Objectives for Information and Related Technology (COBIT) model is a framework for information technology (IT) management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. Preliminarily, the analysis in this paper illustrates how the Committee of Sponsoring Organizations (COSO) framework impacts on the MWs, highlighting strengths and weaknesses. This paper shows how these limits can be overcome with the use of the COBIT framework.

This is a conceptual paper that aims to highlight the relationship between COBIT and COSO, by illustrating how the IT processes reduce or eliminate the main MW categories.

The analysis indicates that the implementation of the COBIT framework, or more generally the adoption of effective IT controls, provides important benefits to the entire company or organization. IT control objectives have a direct impact on the IT control weaknesses and indirectly on the other categories of material weaknesses.

The adoption of the framework allows managers to implement effective ICFR. In particular, the COBIT approach provides managers with a more evolved tool in terms of compliance with the Sarbanes–Oxley Act requirements. This framework also improves the reliability of financial reporting in relation to the requirements of Public Company Accounting Oversight Board’s Auditing Standards No. 2 and 5.

The analysis provides an interdisciplinary approach, connecting accounting and information systems themes, and suggest solutions and tools than can help managers to address the internal control weaknesses. This paper addresses an area of relevance to both practitioners and academics and expands existing accounting literature.

This article aims to identify management practices that evidence how internal control have been considered essential, from the edition of the State Constitutional Amendment no. 75 of 2012, within the public administration of the executive branch of the State of Ceará, during the period 2012–2021.

The study relates the identified management practices to COSO (The Committee of Sponsoring Organizations) methodology “Internal Environment” component categories. The research is classified as basic, exploratory and bibliographic, on the theme of internal control in scientific articles published between 2015 and 2021, and documental, carried out through official documents, including the 27 Brazilian constitutions.

Existence of management practices that corroborate the essentiality of internal control in Ceará.

The study is limited to evidencing the control practices implemented in Ceará, not evaluating them as to their quality.

Contributions on control on constitutional-legal bases for other Brazilian Federation States.

Possibility of introducing the research theme into various branches of scientific knowledge, such as political science and contributing to public organizations to implement policies with the proper application of resources for the benefit of society.

The originality of the research is in demonstrating the essentiality of internal control in the State of Ceará, from the edition of management acts performed by the executive branch, based on Constitutional Amendment 75 of 2012, which did not become a dead letter of the law, enabling other states of the federation to do the same.

The purpose of this paper is to illustrate how information technology (IT) governance supports the process of enterprise risk management (ERM). In particular, the paper illustrates how the Control Objectives for Information and related Technology (COBIT) framework helps a company reach its objectives by integrating and supporting the Enterprise Risk Management by the Committee of Sponsoring Organizations (COSO ERM) framework.

This paper explains how the integration between the two frameworks (COSO ERM and COBIT 5) can represent, for any organization, a good way to achieve the objectives of internal control and risk management and, more generally, corporate governance.

The paper identifies some gaps in the COSO ERM and illustrates how the COBIT framework facilitates the implementation of an adequate system of internal control.

The originality of the work presented here is in analyzing the COBIT 5 together with the COSO ERM framework. This paper highlights that is not enough to apply only an internal control framework for achieving the risk management and internal control system objectives. An IT governance framework, such as COBIT 5 is proposed as a tool that support risk management in order to develop an adequate system of internal control.