2.3. Internal control in the UK
Internal control is the whole system of financial
controls established in order to
provide reasonable assurance of: effective and
efficient operations; internal
financial control; and compliance with laws and
regulations. Under the UK
corporate governance system, the board of directors is
elected by the shareholders
who in practice exercise their control in a number of
ways The recent scandals has
159
attracted considerable attention.
There was concern about systems for controlling
corporate action, particularly that
of company directors. The role of auditors and the
extent of their independence
were criticised; the audit report at the time
considered as being the ultimate
indicator of corporate based upon an independent
opinion on the company's
affairs became the subject of debate. The Cadbury Report
recommended that 'the
directors should report on the effectiveness of the
company's system of internal
control' and that this report should be reviewed by
the auditors. Moreover, to
enforce the recommendations of the Cadbury
Report, sanctions have been
imposed since 1993 for companies listed on the
London International Stock
Exchange. With the Cadbury Report, companies boards
became more responsive
to shareholders' concerns as it stated:
`Bringing clarity to the respective responsibilities of
directors, shareholders, and auditors will also strengthen trust in the
corporate system. Companies whose standards of corporate governance are high
the more likely to gain the confidence of investors and support for the
development of their business'(1.6, p.58).
The Cadbury Report considers that all directors, whether
or not they have executive
responsibilities, should be responsible for ensuring that
`the necessary controls over
the activities of their companies are in place and working'.
In addition, the Cadbury
report' view was that the board of directors is
responsible for the governance of
159. Rutternam Working Group,1994.p.1
companies, these responsibilities include the company'
strategic aims, providing the
leadership to put them into effect, supervising the
management of the business and
reporting to shareholders. However, one of the
requirements of the Code of Best
Practice on directors was to include a report
in their annual control on the
effectiveness of the company's system of internal control
(CBP, 4.5.p.59 ). This latter
requirement was not considered in the draft guidance of the
Working Group set up to
develop a set of criteria for assessing effectiveness. In
1995, the Combined Code of
the Committee on corporate governance (the Code) was
published. One of its
requirements was to assist listed companies about the
internal control question.
Principle D.2 of the Code states that' the board should
maintain a sound system
of internal control to safeguard shareholders' investment and
the company's assets';
the directors should, at least annually, conduct a review
of the effectiveness of the
group's system of internal control and should report to
shareholders that they have
done so. The review should cover all controls, including
financial, operational and
compliance controls and risk management'(D.2.1).
It was argued that a company's system of internal
control has a key role in the
160
management of risks that are significant to the
fulfilment of its business objectives.
A sound system of internal control contributes to
safeguard the shareholders'
investment and the company's assets; company's
objectives, its internal control
organisation and the environment in which it
operates are continually evolving
161
and, as a result, the risks it faces are continually
changing.
160.A.Chambers,'Tolley's corporate governance'
161.ibid
A sound system of internal control therefore depends on
a thorough and regular
162
evaluation of the nature and extent of the risks to which
the company is exposed.
Since profits are in part the reward for successful
risk-taking in business, the purpose
of internal control is to help manage and control
risk appropriately rather than to
163
eliminate it. The Turnbull Report was set up in 1999 to
address the issue of internal
control and respond to these Provisions in the
Combine Code. It represented the
culmination of several years' debate concerning
companies' systems of internal
control. The report was accompanied by the code of practice.
However, Turnbull aimed not to transform companies' systems of
internal control but
to make explicit the systems of internal control, which many
of the top- performing
companies had developed, in order to standardize internal
control and achieve best
164
practice. Solomon suggests that without an effective
system of internal control,
companies can undergo substantial financial losses as
a result of unanticipated
disasters. In the UK as in the USA the recent
collapses of Maxwell, Barings and
Enron have been attributed in part to a failure of the
company's system of internal
control. The board of directors is responsible for the
company's system of internal
control; it should set appropriate policies on internal
control and seek regular
assurance that will enable it to satisfy itself that the
system is functioning effectively;
the board must further ensure that the system of
internal control is effective in
165
managing risks in the manner which it has approved.
Moreover, it is the role
of management to implement board
policies on risk and control.
162.A.Chambers,'Tolley'sCorporate governance'.
163.ibid.
164.J. Solomon and A. Solomon , ' Corporate governance and
Accountability'.
165.ibid
In fulfilling its responsibilities, management should
identify and evaluate the risks
faced by the company for consideration by the board and
design, operate and monitor
a suitable system of internal control which implements the
policies adopted by the
166
board. In the Enron case, the function of the NEDs was
as they did not detect
fraudulent accounting activities through their internal
audit function; indeed, the
167
internal audit committee failed completely in policing their
auditors. Serious conflicts
of interest have arisen involving members of Enron's
internal audit committee, for
example, Lord Wakeham was on the audit committee
at the same time as
168
having a consulting contract with a
consulting contract with Enron.
These examples show that people in responsible positions who
should have detected
unethical activities, were themselves not independent. Enron
illustrated that the board
of directors was composed of a number of people who have been
shown to be of poor
moral character and willing to conduct fraudulent activity;
this was the genuine root
169
of the company's corporate governance failure.
Moreover, the internal audit
committee did not perform its function of internal control and
of checking the external
170
auditing function. However, it seems that on a practical level
the Turnbull Report has
had a far-reaching impact on corporate risk disclosure, as
companies have been
encouraged to comply with its recommendations by producing
detailed reporting of
171
their risks.
166.J. Solomon and A . Solomon , ' Corporate governance and
Accountability'.
167.ibid
168. The Economist , 7 February 2002.
169. J. Solomon and A . Solomon ,'Corporate Governance and
Accountability `.
170.ibid
171. ibid
The Cadbury Committee Working Group, limited the
directors' s reporting
responsibilities to internal financial control which are
those established to provide
reasonable assurance of the maintenance of proper
accounting records and the
reliability of financial information. In fact, the
internal control process shows the
importance of the non- executive director in the
UK corporate governance.
| 
