The Adoption and Consequences of COSO 2013

2021 ◽  
Author(s):  
Amanuel F Tadesse ◽  
Gina Cavalier Rosa ◽  
Robert J. Parker
Keyword(s):  
Information Technology ◽  
Internal Control ◽  
Internal Controls ◽  
Lower Probability ◽  
Control Problems ◽  
Timely Manner ◽  
Sarbanes Oxley ◽  
Enterprise Risk ◽  
Control Framework ◽  
Internal Control Weaknesses

COSO has developed frameworks for firms to improve their internal controls with the objective of reducing fraud and managing enterprise risk. The frameworks are widely used by firms and their auditors to comply with the internal control requirements of the Sarbanes-Oxley Act (SOX). We investigate two issues involving the most recent COSO internal control framework (COSO 2013): the determinants of a firm's decision to adopt it in a timely manner; and the consequences of adoption on internal controls. In our sample, firms that report internal control problems under SOX 404, especially firms with information technology (IT) problems, are likely to be late adopters. Regarding the consequences of adoption, for late adopters, we find that firms using the revised COSO framework have a lower probability of reporting weaknesses in IT-related controls. We also find evidence that COSO 2013 adoption is helpful in remediating internal control weaknesses.

The Impact of Information Technology Internal Controls on Firm Performance

2012 ◽  
Vol 24 (2) ◽  
pp. 39-49 ◽  
Author(s):  
Lemuria D. Carter ◽  
Brandis Phillips ◽  
Porche Millington
Keyword(s):  
Information Technology ◽  
Firm Performance ◽  
Internal Control ◽  
Ordinary Least Squares ◽  
Internal Controls ◽  
Publicly Traded ◽  
Sarbanes Oxley ◽  
Internal Control Weaknesses ◽  
Performance Results ◽  
The Impact

Since the introduction of the Sarbanes-Oxley (SOX) Act in 2002, companies have begun to place more emphasis on information technology (IT) internal controls. IT internal controls are policies that provide assurance that technical systems operate as intended, provide reliable data, and comply with regulations. Research suggests that firms with strong internal controls perform better than those with internal control weaknesses. In this study, the authors evaluate the impact of IT internal controls on firm performance. The sample includes 72 publicly traded firms, 36 that reported IT internal control weaknesses and 36 that did not. The results of ordinary least squares (OLS) regression indicate that substantive IT internal control weaknesses negatively impact firm performance. Results and implications for research and practice are discussed.

SOX 404 Reported Internal Control Weaknesses: A Test of COSO Framework Components and Information Technology

2009 ◽  
Vol 23 (2) ◽  
pp. 1-23 ◽  
Author(s):  
Bonnie K. Klamm ◽  
Marcia Weidenmier Watson
Keyword(s):  
Information Technology ◽  
Internal Control ◽  
Negative Impact ◽  
Internal Controls ◽  
First Year ◽  
Section 404 ◽  
Sarbanes Oxley ◽  
Material Weaknesses ◽  
Assessment And Monitoring ◽  
Internal Control Weaknesses

ABSTRACT: This paper examines internal controls, from both an information technology (IT) and non-IT perspective, in relation to the five components of the Committee of Sponsoring Organization's Internal Control-Integrated Framework (COSO 1992), as well as the achievement of one of COSO's three objectives-reporting reliability. Our sample consists of 490 firms with material weaknesses reported under Sarbanes-Oxley Section 404 during the first year of compliance. We classify the weaknesses by COSO component and as IT-related or non-IT-related. Our results support the interrelationships of the COSO Framework. The results also show that the number of misstated accounts is positively related to the number of weak COSO components (i.e., scope) and certain weak COSO components (i.e., existence). Firms with IT-related weak components report more material weaknesses and misstatements than firms without IT-related weak components, providing evidence on the pervasive negative impact of weak IT controls, especially in control environment, risk assessment, and monitoring.

Earnings Management of Firms Reporting Material Internal Control Weaknesses under Section 404 of the Sarbanes-Oxley Act

2008 ◽  
Vol 27 (2) ◽  
pp. 161-179 ◽  
Author(s):  
Kam C. Chan ◽  
Barbara Farrell ◽  
Picheng Lee
Keyword(s):  
Earnings Management ◽  
Internal Control ◽  
Internal Controls ◽  
Corporate Disclosure ◽  
Section 404 ◽  
Sarbanes Oxley ◽  
Material Weaknesses ◽  
Potential Benefits ◽  
Internal Control Weaknesses ◽  
Reported Earnings

SUMMARY: The main objectives of the Sarbanes-Oxley Act of 2002 are to improve the accuracy and reliability of corporate disclosure. Under Section 404 of the Sarbanes-Oxley Act, the external auditor has to report an assessment of the firm’s internal controls and attest to management’s assessment of the firm’s internal controls. Material weaknesses in internal controls must be disclosed in the auditor and management reports. The objective of this study is to examine if firms reporting material internal control weaknesses under Section 404 have more earnings management compared to other firms. The results provide mild evidence that there are more positive and absolute discretionary accruals for firms reporting material internal control weaknesses than for other firms. Since the findings of ineffective internal controls by auditors under Section 404 may cause firms to improve their internal controls, Section 404 has the potential benefits of reducing the opportunity of intentional and unintentional accounting errors and of improving the quality of reported earnings.

Using a Movie to Study the COSO Internal Control Framework: An Instructional Case

2008 ◽  
Vol 22 (1) ◽  
pp. 63-76 ◽  
Author(s):  
Arline Savage ◽  
Carolyn Strand Norman ◽  
Kathryn A. S. Lancaster
Keyword(s):  
Internal Control ◽  
House Of Representatives ◽  
Financial Institution ◽  
Internal Controls ◽  
Publicly Traded ◽  
Accounting Firms ◽  
Publicly Traded Companies ◽  
Sarbanes Oxley ◽  
Control Framework ◽  
Accounting Graduates

Following enactment of the Sarbanes-Oxley Act (SOX) of 2002 (U.S. House of Representatives 2002), public accounting firms and publicly traded companies are much more focused on internal controls. Accordingly, many accounting graduates will be asked to evaluate, document, and perhaps test the adequacy of an organization's internal control structure. The Committee of Sponsoring Organizations' (COSO 1992) Internal Control—Integrated Framework is the most widely used tool for this purpose. This instructional case, based on the movie, Rogue Trader, gives students the opportunity to see the consequences of lax corporate governance and weak internal controls at the Barings Bank. Students view the movie and then use the COSO framework to critically analyze the collapse of a well-established financial institution.

Sunshine Center: An Instructional Case Evaluating Internal Controls in a Small Organization

2010 ◽  
Vol 25 (4) ◽  
pp. 709-720 ◽  
Author(s):  
Sandra K. Fleak ◽  
Keith E. Harrison ◽  
Laurie A. Turner
Keyword(s):  
Child Care ◽  
Financial Reporting ◽  
Internal Control ◽  
Care Center ◽  
Internal Controls ◽  
Fraud Triangle ◽  
For Profit ◽  
Not For Profit ◽  
Control Framework ◽  
Internal Control Weaknesses

ABSTRACT: Management and auditors face increased responsibilities to evaluate internal control and assess the risk of fraud. This case provides the opportunity to evaluate internal controls and the possibility of fraud in a very small not-for-profit child care center, a setting that is easy to understand. The first goal of the case is to identify internal control weaknesses by applying the COSO internal control framework in an environment that lacks many aspects of internal control. Interactions among the five components of the COSO framework provide the basis for analyzing internal control. The case requires students to consider possible misappropriation of funds using the fraud triangle. A secondary goal of the case is to introduce financial reporting for a not-for-profit organization as a means of accountability.

scholarly journals Internal Control Weakness and Bank Loan Contracting: Evidence from SOX Section 404 Disclosures

2011 ◽  
Vol 86 (4) ◽  
pp. 1157-1188 ◽  
Author(s):  
Jeong-Bon Kim ◽  
Byron Y. Song ◽  
Liandong Zhang
Keyword(s):  
Internal Control ◽  
Bank Loan ◽  
Control Problems ◽  
Section 404 ◽  
Loan Contracts ◽  
Loan Spread ◽  
Sarbanes Oxley ◽  
Loan Contracting ◽  
Internal Control Weaknesses ◽  
Loan Contract

ABSTRACT Using a sample of borrowing firms that disclosed internal control weaknesses (ICW) under Section 404 of the Sarbanes-Oxley Act, this study compares various features of loan contracts between firms with ICW and those without ICW. Our results show the following. First, the loan spread is higher for ICW firms than for non-ICW firms by about 28 basis points, after controlling for other known determinants of loan contract terms. Second, firms with more severe, company-level ICW pay significantly higher loan rates than those with less severe, account-level ICW. Third, lenders impose tighter nonprice terms on firms with ICW than on those without ICW. Fourth, fewer lenders are attracted to loan contracts involving firms with ICW. Finally, our within-firm analyses show that banks increase loan rates charged to ICW firms after their disclosure of internal control problems and that banks reduce loan rates after firms remediate previously reported ICW.

The Severity of Internal Controls over Financial Reporting Deficiencies: Differences among Types and Industries

2014 ◽  
pp. 55-77
Author(s):  
Tatiana Mazza ◽  
Stefano Azzali
Keyword(s):  
Information Technology ◽  
Financial Reporting ◽  
Internal Control ◽  
Service Industry ◽  
Listed Companies ◽  
Internal Controls ◽  
Service Companies ◽  
Finance Industry ◽  
Material Weaknesses ◽  
Fixed Assets

This study analyzes the severity of Internal Control over Financial Reporting deficiencies (Deficiencies, Significant Deficiencies and Material Weaknesses) in a sample of Italian listed companies, in the period 2007- 2012. Using proprietary data the severity of the deficiencies is tested for account-specific, entity level and information technology controls and for industries (manufacturing and services vs finance industries). The results on ICD severity is compared with one of the most frequent ICD (Acc_Period End/Accounting Policies): for account-specific, ICD in revenues, purchase, fixed assets and intangible, loans and insurance are more severe while ICD in Inventory are less severe. Differences in ICD severity have been found in the characteristic account: ICD in loan and insurance for finance industry and ICD in revenue, purchase for manufacturing and service industry are more severe. Finally, we found that ICD in entity level and information technology controls are less severe than account specific ICD in all industries. However, the results on entity level and information technology deficiencies could also mean that the importance of these types of control are under-evaluated by the manufacturing and service companies.

Board Independence and Internal Control Weakness: Evidence from SOX 404 Disclosures

2016 ◽  
Vol 36 (2) ◽  
pp. 45-62 ◽  
Author(s):  
Yangyang Chen ◽  
W. Robert Knechel ◽  
Vijaya Bhaskar Marisetty ◽  
Cameron Truong ◽  
Madhu Veeraraghavan
Keyword(s):  
Internal Control ◽  
Internal Controls ◽  
Board Independence ◽  
Negative Relation ◽  
Internal Control Weaknesses ◽  
A Company ◽  
Jel Classifications

SUMMARY In this paper, we investigate whether board independence has an impact on the likelihood that a company reports weaknesses in internal controls. Using a sample of 11,226 firm-year observations spanning the period 2004–2012, we establish several findings. First, we document a negative relation between board independence and the disclosure of internal control weaknesses. We also document that the negative relation is stronger for firms with unitary leadership (combined positions of CEO and chairman) than for firms with dual leadership. Next, we show that board independence is associated with both fewer account-specific and company-level weaknesses. Finally, we show that board independence is associated with timely remediation of internal control weaknesses and that the implementation of Auditing Standard No. 5 in 2007 weakens the effect of board independence on the disclosure of ICW. JEL Classifications: G10; G18.

Corruption as distinct crime: the need to reconceptualise internal control on controlling bureaucratic occupational fraud

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Ach Maulidi ◽  
Jake Ansell
Keyword(s):  
Local Government ◽  
Internal Control ◽  
Local Governments ◽  
Internal Controls ◽  
Financial Statement Fraud ◽  
Content Type ◽  
Practical Applications ◽  
Occupational Fraud ◽  
Asset Protection ◽  
Control Framework

Purpose The purpose of this study is to provide theoretical guidance that enables local governments to deal with occupational fraud. Design/methodology/approach The quantitative approach is used to examine the efficacy of the Committee of Sponsoring Organisations of the Treadway Commission (COSO) internal control framework in tackling occupational fraud in local government. To achieve the goals, the authors performed a survey of the Indonesian auditor institutions. Findings It is not appropriate to argue that all types of local government fraud can be deterred by a single internal control. The study suggests that COSO internal controls are not effective for dealing with corruption cases. However, the authors do find the efficacy of those controls are obvious for controlling asset misappropriation and financial statement fraud. This result indicates that if the COSO internal control framework is only designed for routine financial control and asset protection, it significantly and negatively influences its efficacy to deal with occupational fraud. This study has both theoretical and managerial implications, discussed separately. Originality/value In the field of prevention, the authors cannot make generalised theories and approaches for dealing with occupational fraud. Whilst previous authors have offered fraud deterrents in terms of internal controls, they have failed to realise the need to understand their effectiveness for particular forms of fraud. This paper sheds light on the effectiveness of internal controls in achieving their goals. This has both practical applications and stimulates theoretical insights.

Sign in / Sign up

Export Citation Format

Share Document