Abstract
Purpose: The purpose of this chapter is to provide a regulatory perspective on internal control. We will therefore describe and discuss some of the internal control regulations which are imposed on firms.
Synopsis: The regulatory environment has a significant influence on the internal control practices of firms. A fundamental feature of most corporate governance regulations are their focus on transparency and disclosure. The use and usefulness of management reporting on internal control and auditor reporting on internal control have been widely debated. The Cadbury code in the United Kingdom has been a pioneer in corporate governance regulation. This code is semi-mandatory with a comply-or-explain character and has become a blueprint for other corporate codes and exported to many countries. The Cadbury code covers both financial and non-financial controls. One main controversy with the Cadbury code concerned paragraph 4.5 which prescribed that directors should report on the organization’s internal control system. Later, in 1999, the Financial Reporting Council released guidance on internal control, guidance which was subsequently revised in 2005. This document is to help directors with reference to the provisions in section C.2 of the Combined Code, which relates to internal control. Following high-profile management fraud in the United States, the Sarbanes-Oxley Act of 2002 was implemented. Section 404 of this Act prescribes that managers must assess an organization’s internal control over financial reporting, and that the external auditor must assess and report on both management’s assessment and the effectiveness of internal controls. This unique piece of regulation has been somewhat controversial due to its relatively strict requirements and widely discussed during the last few years. In 2004 Sweden implemented its own corporate governance code. Originally, the code included strict internal control reporting requirements, but these provisions were subsequently downsized. In 2008, a revised code was released and further updates, based on the implementation of European Union directives, are expected. These changes will make mandatory the disclosure of a corporate governance report and also the existence of an audit committee for concerned listed companies. These regulations can be viewed from an agency theory perspective which explains how the interests of principals and agents need to be better aligned. Institutional theory however, helps understand the quick and severe responses to public and visible corporate crises.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
To suggest that the FRC 2005 contains three key parts may be rather crude since both the introduction-part and the appendix are important elements. However, for the purposes of this thesis we will focus on the three parts noted above, since they together constitute the key guidance that needs to be addressed by directors in complying with the Combined Code, section C.2 – namely establishing and maintaining a system of internal control, reviewing its effectiveness, and reporting on the status of the system of internal control.
References
Baker, R. L., Bealing, W. E., Jr., Nelson, D. A., & Staley, A. B. (2006). An institutional perspective of the Sarbanes-Oxley act. Managerial Auditing Journal, 21(1), 23–33.
Bhasa, M. P. (2004). Global corporate governance: Debates and challenges. Corporate Governance, 4(2), 5–17.
Brandinger, R. (2008a). Kodens ansvar finns i betraktarens öga. Dagens Industri.
Brandinger, R. (2008b, September 1). Riskhantering – inget för koden. Dagens Industri.
COSO (Committee of Sponsoring Organizations of the Treadway Commission). (1992). Internal control – Integrated framework. New York: AICPA.
COSO (Committee of Sponsoring Organizations of the Treadway Commission). (2009a). Internal control – integrated framework. Guidance on monitoring internal control systems – introduction. New York: AICPA. Available at www.coso.org
Davies, M. (2008). The impracticality of international “once size fit all” corporate governance of best practice. Managerial Auditing Journal, 23(6), 532–544.
DeFond, M. L., & Francis, J. R. (2005). Audit research after Sarbanes-Oxley. Auditing: A Journal of Practice and Theory, 24(Supplement: 5–30), 5–40.
FRC (Financial Reporting Council). (2005). Internal control. Revised guidance for directors on the combined code. London. Available at www.frc.org.uk
FRC (Financial Reporting Council). (2008, June). The combined code on corporate governance, London. Available at www.frc.org.uk
Gee, W., & McVay, S. (2005). The disclosure of material weaknesses in internal control after the Sarbanes-Oxley Act. Accounting Horizons, 19(3), 137–158.
Grant Thornton (2009b). ISEQ corporate governance review 2009. Available at www.grantthornton.ie
Hambrick, D. C., Werder, A., & Zajac, E. J. (2008). New directions in corporate governance research. Organization Science, 19(3), 381–385.
Heier, J. R., Dugan, M. T., & Sayers, D. L. (2005). A century of debate for internal controls and their assessment: A study of reactive evolution. Accounting History, 10(3), 39–70.
Jackson, R. A. (2004, October). Principles vs. rules. Internal Auditor, 56–61.
Jokipii, A. (2006). The structure and effectiveness of internal control – A contingency approach. (diss.) Åbo Akademi University, Turku.
Jonnergård, K., & Larsson, U. (2007). Developing codes of conduct: Regulatory conversations as means for detecting institutional change. Law & Policy, 29(4), 460–492.
Kinney, W. R., Jr. (2005). Twenty-five years of audit deregulation and re-regulation: What does it mean for 2005 and beyond? Auditing: A Journal of Practice and Theory, 24, 89–109.
Kodgruppen [The Code group]. (2004). Svensk kod för bolagsstyrning [Swedish code of Corporate Governance], Stockholm.
Kollegiet för Svensk Bolagsstyrning [The Swedish Corporate Governance Board]. (2006a). Anvisning Nr.1-2006 [Guidance No. 1-2006 on the application of code provisions regarding reporting and disclosure of internal controls], Stockholm, September 6, 2006. Available at www.corporategovernanceboard.se
Kollegiet för Svensk Bolagsstyrning [The Swedish Corporate Governance Board]. (2006b). Årsrapport 2006 [Annual Report 2006]. Stockholm, June 2006. Available at www.corporategovernanceboard.se
Kollegiet för Svensk Bolagsstyrning [The Swedish Corporate Governance Board]. (2008a). Jämförelse mellan den tidigare koden och den reviderade koden 2008-05-05 [Comparison between the revised Swedish code of Corporate Governance Code and the previous Code]. Available at www.corporategovernanceboard.se
Kollegiet för Svensk Bolagsstyrning [The Swedish Corporate Governance Board]. (2008b). Svensk kod för bolagsstyrning. Gällande från 1 juli 2008 [The Swedish code of Corporate Governance: Applicable from July 1 2008], Stockholm. Available at www.corporategovernanceboard.se
Kollgiet för Svensk Bolagsstyrning [The Swedish Corporate Governance Board]. (2009, June). Årsrapport 2009 [Annual Report 2009], Stockholm. Available at www.bolagsstyrning.se
Kollgiet för Svensk Bolagsstyrning [The Swedish Corporate Governance Board]. (2010). Årsrapport 2010 [Annual Report 2010], Stockholm. Available at www.bolagsstyrning.se
Krishnan, J., Rama, D., & Zhang, Y. (2008). Costs to comply with SOX section 404. Auditing: A Journal of Practice and Theory, 27(1), 169–186.
Lekvall, P. (2008, September 6). Intern kontroll kvar i fokus. Dagens Industri.
MacCahery, J., Picciotto, S., & Collin, S. (Eds.). (1993). Corporate control and accountability – Changing structures and the dynamics of regulation. New York: Oxford University Press.
Patterson, E. R., & Smith, J. R. (2007). The effects of Sarbanes-Oxley on auditing and internal control strength. The Accounting Review, 82(2), 427–455.
PCAOB (Public Company Accounting Oversight Board). (2009, September). Report on the first-year implementation of the audit standard No.5: An audit of internal control over financial reporting that is integrated with an audit of financial statements. Available at www.pcaob.org
Power, M. (1997). The audit society: Rituals of verification. New York: Oxford University Press.
Power, M. (2007). Organized uncertainty: Designing a world of risk management. New York: Oxford University Press.
Regeringskansliet [Government Offices of Sweden]. (2008). Styrelseansvaret i företag med statligt ägande [Board responsibility in state-owned companies]. Produktion: Edita Communication. Tryck: Edita Västra Aros. Available at www.regeringen.se
Rittenberg, L. E., & Miller, P. K. (2005). Sarbanes-Oxley 404 work: looking at the benefits. Florida: IIA (The Institute of Internal Auditors) Research Foundation.
Tacket, J., Wolf, F., & Claypool, G. (2006). Internal control under Sarbanes Oxley: A critical examination. Managerial Auditing Journal, 21(3), 317–323.
Vinten, G. (2002). The corporate governance lessons of Enron. Corporate Governance, 2(4), 4–9.
Wallace, W. A. (1981). Internal control reporting practices in the municipal sector. The Accounting Review, 56(3), 666–689.
Yakhou, M., & Dorweiler, V. P. (2004). Dual reforms: Accounting and corporate governance. Managerial Auditing Journal, 19(3), 361–377.
Zandstra, G. (2002). Enron, board governance and moral failings. Corporate Governance, 2(2), 16–19.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Arwinge, O. (2013). A Regulatory Perspective. In: Internal Control. Contributions to Management Science. Physica, Heidelberg. https://doi.org/10.1007/978-3-7908-2882-5_4
Download citation
DOI: https://doi.org/10.1007/978-3-7908-2882-5_4
Published:
Publisher Name: Physica, Heidelberg
Print ISBN: 978-3-7908-2881-8
Online ISBN: 978-3-7908-2882-5
eBook Packages: Business and EconomicsBusiness and Management (R0)