The Impact of Internal Control System

CHAPTER ONE
1.0 INTRODUCTION
1.1 Background to the Study
Banks occupy a critical position in a complex financial system that supplies the money
and credit needs of the economy. The unique characteristic of a commercial bank is that it also
creates money, and it is this particular feature of the commercial banks which distinguishes
them from non-banking financial institution Babatunde, (2006). However, all take part in the
process of financial intermediation whereby such intermediaries also provide considerable
benefits to borrowers in so far as there may be difficulties in locating potential savers who are
willing to lend appropriate amount of funds at relevant interest rate.
Banks ability to promote growth and development depends on the extent to which financial
transactions are conducted with trust and least risk. The foundation on which banks is built is
on confidence and trust, and where banks indulge in unsafe and unsound confidence, such banks
may collapse. So, for banks to achieve objectives and as well as generating overall confidence,
the Introduction and Establishment of Internal Control must come in to promote efficient
operation. Internal control system therefore serves as a sine-quanon for fraud prevention.
Internal control is a creation of management, thus, the management retains sole responsibility
for the establishment and maintenance of adequate and functional internal control Adeyemi W.
(2000).
Banks play very important roles in the economic development of any country. As an
important component of the financial system, banks channel scarce resources from surplus
economic units to deficit units. Thus, to an appreciable and reasonable extent, they exert a lot
of influence on the pattern and trend of economic development through their lending and
deposit mobilization activities. The efficient mobilization of savings and its allocation of
productive investment by financial institution, thereby promote economic growth and
1
development as well as achieving their objectivities, profitability and solvency. All the
aforementioned benefits that banks can exert on the economy as a whole can be achieved
through an effective internal control system and fraud prevention in the banking industry
Benjamin A. (2009).
In the words of Millechamp A. (2000), Internal Control system is an independent
appraisal function within an organization for the review of system of control and the quality of
performance as a service in the organization.
The Institute of Chartered Accountant of England and Wales ICAE& W, (2011) defines it
as a review of operations and records, sometime continuous undertaken with a business by a
specially assigned staff.
Internal control, therefore is a whole system of controls, financial or otherwise, established by
the management in order to carry out the business of an enterprise in an orderly and efficient
manner, ensure adherence to management policies, safeguard the assets and secure as far as
possible the completeness and accuracy of record.
Fraud, on the other hand is defined by Anyawu (2008) as an act of deception deliberately
practiced to gain unlawful or unfair advantage to the detriment of another. The international
standard on Auditing (ISA) defines fraud as an intentional act by one or more individuals among
management, those charged with governance, employees or third parties involving the use of
deception to obtain an unjust or illegal advantage. Fraud may include: manipulation,
falsification or alteration of documents and records; recording transaction without substances,
intentional misapplication of accounting policies etc. just to mention a few Horngreen, (2007).
Therefore, the menace called fraud has been a deadly disease that has infected many
financial corporate body particularly the banks which led to the recent reformation in the
banking industry in Nigeria, thus, involving the process of business combination in the industry
such as merger and acquisition whereby the infected banks are being merged to and/or acquired
2
by the healthy and sound ones. This reformation has obviously pointed out. The enormous
damage that fraud has done to the banks, thus, the dilution in the financial strength of Nigeria
banks CBN Report, (2011).
In other to combat this syndrome of fraudulent practices, several measures have been
identified as the way out to minimize this act. Internal control system is one of the many
measures that are to be discuss in chapter 2 of this research. Internal Control System has been
the most single trusted and effective measures that can combat this act of malpractices to the
barest minimum. Infact, the Central Bank of Nigeria (CBN) reported that the backward
development in Nigeria was attributable to the weakness in the Internal Control System of the
banks. Therefore, an attempt to bring to barest minimum, if not completely eradicated, the
spate of fraud by the measure of internal control system gave rise to this research study Olatunji,
(2009).
1.2. Statement of the Problem
Following the recent failure of some banks that led to the reformation in the banking industry,
the confidence of the bank customer, that is savers of fund, and of the lenders of money from
bank has been lost. Attributed to the failure is also the weakness in the Internal Control System
and the prevalence of fraudulent practices among staffs and management of the bank.
An effective internal control system and good system of fraud prevention will ensure
efficient mobilization of savings and its allocation to productive investment, thereby promoting
growth and development, as well as achieving their objectives, profitability, solvency and
ultimately restores the lost confidence of customers and lenders overtime. However, the system
of internal control is mainly the function of management to establish such, and the ultimate aim
of this is to minimize and prevent the occurrence of fraud in the bank, thus
It should be noted however that fraudulent practices in the banks is usually cause
through lapses or inadequacies which manifested in various ways.
3
1.3 Research Questions
For the purpose of this study, the following are some of the problem-solving questions
that
May come up during the course of carrying out this study. The following are the research
questions which will aid the understanding and efficient study of the problem.
(a) Does the Internal Control System have impact on the overall management of banks?
(b) Can the Internal Control Systems of bank ensure fraud prevention and detection?
(c) Can an inadequate internal control system cause perpetration of fraud?
(d) Can strong internal control system fish-out actors that contributed to incidence of fraud
in banks?
1.4 Objectives of the Study
The general objective of the study is to assess the impact of Internal Control System as a means
to minimize and prevent the occurrence of fraudulent practices in any form.
These objectives of the study are as follows:
i. To determine the impact of Internal Control System on the overall management of
Nigeria banks
ii. To examine the impact of the Internal Control system on fraud prevention and detection.
iii. To highlight the major causes of fraud and actors that contributed to the incidence of
fraud in banks.
1.5 Significance of the Study
Establishment of an adequate Internal Control and its effective review and assessment by the
management will go a long way in preventing fraudulent acts and practices among the fraudsters
within the banks and other third parties. The usefulness and the expected benefit of the study
to the banking industry entail the following:
4
It will help in knowing and studying how the principles of Internal Control Components or
elements are used to prevent fraud.
The study will also unveil the lapses and inadequacies in the bank open to fraudsters within and
outside the banks.
The study will help to review fraudsters mode of operation and thereby recommend ways to
avert their operations through the use of internal control system.
It will also result in reduction in an attempt to defraud by the management and staff as a result
of lay-down expected punishment.
It will also enhance customers confidence and trust in the banking industry as a result of strong
internal control being put in place.
This study will ultimately help in promoting economic growth and development as a result of
efficient mobilization of savings thereby enhancing profitability and solvency in the bank, all
of which are achievable through implementation of strong system of internal control.
1.6. Scope of the Study.
The scope of the study will be limited to how Internal Control System will be used as
an effective means to prevent fraud, thus, an essential system have to be in place before fraud
can be minimize and prevented, Guaranty Trust Banks Bauchi Branch. Although, information
from bank on internal control and fraud are difficult to obtain since they are regarded as
sensitive issues which cannot be provided without caution because it is mainly to protect the
image of the bank and not to erode depositors confidence. On these circumstances, attention
is focus on Guaranty Trust Bank Plc, Bauchi Branch, in order to obtain easy accessibility of
information. Also, it is believe that this type of study will expose the inadequacy and lapses in
the bank with the presence of Internal Control system and this will be a possible suggestion for
greater improvement, not only in Guaranty Trust Bank, but on all banks as a whole, other
financial institutions and the economy at large.
5
1.7. Limitations of Study
The study was confronted with many problems, among these are:
1. Inability of the researchers to get to the respondents due to bureaucracy.
2. Not all the questionnaires distributed for administering was returned.
3. Insufficient time on the part of the researchers to do proper evaluation.
4. Responses were not given to some questions in the questionnaire regarded as internal
issues.
The following limitations had made proper evaluation of Internal Control System as a means
of fraud prevention difficulty in Guaranty Trust Bank Plc.
1.8. Definition of Terms
1. Internal Check: Is the aggregate of the checks and balances imposed on day to day
transaction in an organization whereby the work of one person is verified independently or in
complimentary to the work of another.
2. Internal Audit: Is an independent appraisal function established by the management
of an organization for the review of Internal Control System as a service to the organization.
3. Internal Control: This is a whole system of control, financial or otherwise, established
by the management in order to carry out the business of an enterprise in an orderly and efficient
manner, ensure adherence to; management policies, safeguard the assets and secure as far as
possible the completeness and accuracy of records.
4. Fraudsters: These are the people who commit frauds.
5. Fraud: This is a crime involving cheating somebody in order to get money or goods
illegally.
6. Error: This is an unintentional; Mis-statement in the financial statement. It is an act
done without the intention of committing the act.
6
7. Irregularities: This is an Intentional distortion of the bases of preparing the financial
statement. It is act an error since it is a deliberate act and also not a fraud since personal benefit
may not be the objectives. The end product of irregularities is fraud.
7
CHAPTER TWO
2.0 LITERATURE REVIEW
2.1 Introduction
This chapter discusses the conceptual and theoretical framework relating to this research
work. The current and relevant literature will be sought for and thoroughly reviewed.
2.1 Area of Study
This study will focus on Guaranty Trust Bank Plc., Nigeria, as a case study. Its head office is
based in Victoria Island, Lagos State. It is one of the biggest companies in entire Western
Africa. Guaranty Trust Bank plc., was incorporated as a limited liability company licensed in
July 1990 to provide commercial and other banking services to the Nigerian public. The Bank
commenced operation in February 1991, and has since then grown. In September 1996,
Guaranty Trust Bank plc. became a publicly quoted company and won the Nigeria Stock
Exchange Presidents Merit award that same year and subsequently in the year 2000, 2003,
2005, 2006, 2007, 2008 and 2009. In February 2002, the bank was granted a universal banking
license and later appointed a settlement bank by the Central Bank of Nigeria (CBN) in 2003.
This study will focus on the impact of internal control system of Guaranty Trust Bank plc.,
and how it prevents the occurrence of fraudulent act and practices. NDIC, (2011). Guaranty
Trust Bank plc. is a foremost Nigerian financial institution with vast business outlays spanning
Anglophone West Africa and the United Kingdom. Guaranty Trust Bank plc., is a financial
services provider which presently has an Asset Base of over 2 Trillion Naira; Shareholders
funds/equity of over 200 Billion Naira and Employs over 5000 people in Nigeria, Cote divoire,
Gambia, Ghana, Liberia, Sierra Leone and the United Kingdom. This study will also look at
how internet control enhances the profitability and solvency of Guaranty Trust Bank plc.
8
2.2 Theory of Internal Control:
The institute of chartered Accountants of England and Wales ICAE&W, (2011). define internal
control as the whole system of controls, financial or otherwise established by management in
other to carry out the business of an enterprise in orderly and efficient manner, ensure adherence
to management policies, safeguard the assets and secure as far as possible the completeness and
accuracy of records.
Mayo, (2006) defined it as the measure taken by an organization for the purpose
of protecting its resources against waste, fraud, inefficiency; ensuring accuracy and reliability
in accounting and operating data; securing compliance with organization policies and
evaluating the level of performance in the division of the organization.
Millechamp (2000) also defined internal control system of an independent appraisal
function within an organization for the review of the system of control and the quantity of
performance as a service in the organization.
Also following the need to restore public confidence and trust in the financial statement of
companies, both financial and non-financial institutions, Sarbanes-Oxley emphasizes the
importance of effective internal control, and thus, internal control was defined in the Sarbanes
- Oxley Act of 2002 as the procedures and processes used by a company to safe guard the assets,
process information accurately and ensure compliance with laws and regulation.
Sarbanes-Oxley requires companies to maintain strong and effective internal control
over the recording of transactions and the preparing of the financial statement. Such controls
are important because it deters fraud and prevent misleading financial statements.
From these definitions, it can be deduced that internal control comprises the plan of an
organization and all of the coordinate methods and measures adopted within it, to safeguard its
9
assets, check the accuracy and reliability of its accounting data, promote operational efficiency
and encourage adherence to prescribe managerial policies.
Internal control objectives are channels towards ensuring adherence to managerial policies and
achieving organizational goals in generals. It also embraces internal checks, internal audit and
the whole system of control, check and balance established by the management Onwuamaeze,
(2008).
2.2.1 Internal Audit
This is an independent appraisal function established by the management of an organization for
the review of the internal control system as a service to the organization. The external audit
carried out by the external audit department.
These departments investigate and appraise the system of external control along with the
efficiency of various units of the banks if they are performing their assigned function as a basic
for protective and constructive services to management.
2.2.2 Internal Check
This is the aggregate of the checks and balance imposed on day to day transactions in
an organization whereby the work of person is verified independently or is complementary to
the work of another, the objectives been the prevention or early detection of error and fraud
Fakunle, (2006).
Internal check therefore of necessity starts from delegation of authorities and proper
division of work in such a manner that one person alone does not see a transaction through from
the beginning to the end, that is to make the payment of an invoice. Internal check would involve
the following;
10
(a) Somebody confirming that goods and services have been received and that the price
of the invoice is correct
(b) Somebody else preparing the payment voucher
(c) One other person signing the cheque.
(d) The cashier of somebody else writing out the cheque.
(e) Another person with appropriate authority approving the voucher for payment
2.3 Scope of Internal Control
It is the responsibility of every company to design an internal control system which is
suitably adapted to their situation. In the case of a group, the parent company ensures that inter-
control systems exist within its subsidiaries. These systems should be adapted in line with their
own individual characteristics and to the relationship that exists between the parent company
and the subsidiaries Aren and Loebbecke, (2011).
In a situation where a parent has a substantial holding interest, over which it has
significant influence, that parent should take care to assess the possibility of acquainting itself
with and examining the measures taken by its affiliate, in terms of internal control
2.4 Objectives of Internal Control System
Internal control of a bank is the bank system defined and implemented under its responsibility.
The system more particularly is designed to ensure that certain objectives which are
fundamental to the operation of the bank are achieved.
These objectives are to:
(a) Ensure the effectiveness and efficiency of operations (including protection of asset)
(b) Ensure reliability of financial reporting
11
(c) Ensure compliance with applicable laws and regulations and
(d) Ensure that the instructions and directional guidelines fixed by the executive
management or the management board are applied.
The committee of sponsoring organization (coso) of the treadway commission (1999)
categorizes the above stated objectives of internal control system as a means to provide
reasonable assurance that;
i. Assets are safeguard and used for business purposes.
ii. Business information is accurate; and
iii. Employees comply with laws and regulations.
Internal control is therefore neither limited to a set of procedures nor simply to
accounting nor financial processes. Nor does it embrace all of the initiatives taken by the
executive bodies or by management, such as defining company strategy, fixing objectives,
management decisions, and dealing with the risk or monitoring performance according to Ojo
(2008).
2.4.1 Ensuring the Effectiveness and Efficiency of Operations
This objective is to ensure the correct functioning of the bank s internal processes,
particularly those implicating the security of its assets.
All operational, industrial, commercial and financial processes are concerned. In order
for processes to function correctly, standards or operating principle have to be established and
performance and profitability indicators set up.
By assets, it must be understood not only the tangible assets, but also the intangible
assets such as know-how, image or reputation. These assets can disappear in the wake of
12
thefts, frauds, lack of productivity, errors, or result from a bad management decision or an
internal control weakness. Special attention should be paid to the related processes in these
cases.
Similarly, for the processes involved in the elaboration and processing of accounting
and financial information. These processes include act only those which deal directly with the
preparation of financial reports, but also the operational processes which generate the
accounting data Ayodele, (2003).
2.4.2 Ensuring the reliability of financial reporting
The reliability of financial information can only be obtained through the implementation
of internal control procedures which are capable of faithfully recording all the operations
performed by the organization.
The quality of this internal control system can be targeted by means of:
i. Segregation of duties, enabling a clear distinction to be made between recording
duties, operational duties and retention duties.
ii. Function descriptions which should enable the origins of the information
prepared to be identified, together with its recipients.
iii. An accounting internal control system enabling to check that the operations have
been performed in accordance with general and specific instructions, and that
they have been accounted for so as to produce financial information which
complies with generally accepted accounting principles.
2.4.3 Ensuring compliance with applicable laws and regulations.
This refers to the laws and regulations to which the bank is subject. The laws
and regulations in force determine the behavioural standards that the company incorporates into
13
its compliance objectives. Examples of such standards and laws include; banks and other
financial institution act (BOFIA), environmental regulations, contract terms and safety
regulation, central bank of Nigeria prudential guidelines.
Given the large number of areas that exist (company law, commercial law, security,
environment, social arts), the banks organization needs to be structured in such a way so that it;
i. Is aware of the various rules that apply to it
ii. an be informed in due time of any changes that are made for them (legal monitoring)
iii. Can transpose these rules into its internal procedures
iv. Can inform and train staff on those rules which affect them
2.4.4 Ensuring the application of the instruction of the instruction and directional
guidelines fixed by executive management board.
These instructions and directional guidelines must be communicated to the staff
concerned, based on the objectives allocated to each of them, so as to provide guidelines on
how their activities should be conducted. These instructions and directional guidelines must be
defined in line with the banks overall objectives and the inherent risks Idowu, (2009).
2.5 Framework for Internal Control Systems in Banking Organizations in Nigeria
As part of its on-going efforts to address bank supervisory issues and enhance
supervision through guidance that encourages sound risk management practices, the central
bank of Nigeria (CBN) committee on banking supervision issues the framework for the
evaluation of internal control systems. The framework is a set of interrelated elements, thus a
component of an integrated system of internal control systems.
Other national and international regulatory body and authority also laid down the same
elements or components of the integrated system of internal control as the structure upon which
14
the internal control objectives can be achieved. As a result of the global acceptability of and
worldwide laid down elements of internal control; these elements are therefore furthers broken
down individually into a set of principles. These elements are (5) in numbers.
2.5.1 Internal Control Elements
These elements are also refers to as the component of internal control. The
internal control systems therefore consist of five closely related components and interrelated
elements. They are:
1. Management oversight and the control culture
2. Bank recognition and assessment
3. Control activities and segregation of duties
4. Information and communication
5. Monitoring activities and correcting deficiencies
The problems observed in recent large losses at banks can be aligned with these five elements.
The effective functioning of these elements is essential to achieving a banks performance,
information, and compliance objectives
2.5.2 Principles for the assessment of internal control system under each of the
elements.
A. Management Oversight and the Control Culture
1. Board of directors
Principle 1: The board of directors should have responsibility for approving and periodically
reviewing the overall business strategies and significant policies of the bank; understanding the
major risks run by the bank, setting acceptable levels for these risks and ensuring that senior
15
management takes the steps necessary to identify, measure, monitor and control these risks;
approving the organizational structure; and ensuring that senior management is monitoring the
effectiveness of the internal control system. The board of directors is ultimately responsible for
ensuring that an adequate and effective system of internal controls is established and
maintained.
The board of directors provides governance, guidance and oversight to senior
management. It is responsible for approving and reviewing the overall business strategies and
significant policies of the organization as well as the organizational structure. The board of
directors has the ultimate responsibility for ensuring that an adequate and effective system of
internal controls is established and maintained. Board members should be objective, capable,
and inquisitive, with a knowledge or expertise of the activities of and risks run by the bank. In
those countries where it is an option, the board should consist of some members who are
independent from the daily management of the bank. A strong, active board, particularly when
coupled with effective upward communication channels and capable financial, legal, and
internal audit functions, provides an important mechanism to ensure the correction of problems
that may diminish the effectiveness of the internal control system. The board of directors should
include in its activities
i. Periodic discussions with management concerning the effectiveness of the internal
control system,
ii. A timely review of evaluations of internal controls made by management, internal
auditors, and external auditors,
iii. Periodic efforts to ensure that management has promptly followed up on
recommendations and concerns expressed by auditors and supervisory authorities on
internal control Internal control systems weaknesses, and
iv. A periodic review of the appropriateness of the banks strategy and risk limits.
16
One option used by banks in many countries is the establishment of an Independent audit
committee to assist the board in carrying out its responsibilities. The establishment of an audit
committee allows for detailed examination of information and reports without the need to take
up the time of all directors. The audit committee is typically responsible for overseeing the
financial reporting process and the internal control system. As part of this responsibility, the
audit committee typically oversees the activities of, and serves as a direct contact for, the banks
internal audit department and engages and serves as the primary contact for the external
auditors. In those countries where it is an option, the committee should be composed mainly or
entirely of outside directors (i.e., members of the board that are not employed by the bank or
any of its affiliates) who have knowledge of financial reporting and internal controls. It should
be noted that in no case should the creation of an audit committee amount to a transfer of duties
away from the full board, which alone is legally empowered to take decisions.
2. Senior Management
Principle 2: Senior management should have responsibility for implementing strategies
and policies approved by the board; developing processes that identify measure, monitor
and control risks incurred by the bank; maintaining an organizational structure that clearly
assigns responsibility, authority and reporting relationships; ensuring that delegated
responsibilities are effectively carried out; setting appropriate internal control policies; and
monitoring the adequacy and effectiveness of the internal control system.
Senior management is responsible for carrying out the directives of the board of
directors, including the implementation of strategies and policies and the establishment of an
effective system of internal control. Members of senior management typically delegate
responsibility for establishing more specific internal control policies and procedures to those
responsible for a particular business unit. Delegation is an essential part of management;
however, it is important for senior management to oversee the managers to whom they have
17
delegated these responsibilities to ensure that they develop and enforce appropriate policies and
procedures
Compliance with an established internal control system is heavily dependent on a well-
documented and communicated organizational structure that clearly shows lines of reporting
responsibility and authority and provides for effective communication throughout the
organization. The allocation of duties and responsibilities should ensure that there are no gaps
in reporting lines and that an effective level of management control is extended to all levels of
the bank and its various activities.
It is important that senior management takes steps to ensure that activities are conducted
by qualified staff with the necessary experience and technical capabilities. Staff in control
functions must be properly remunerated. Staff training and skills should be regularly updated.
Senior management should institute compensation and promotion policies that reward
appropriate behaviours and minimize incentives for staff to ignore or override internal control
mechanisms Horngreen, (2007).
3. Control culture
Principle 3: The board of directors and senior management are responsible for promoting high
ethical and integrity standards, and for establishing a culture within the organisation that
emphasizes and demonstrates to all levels of personnel the importance of internal controls. All
personnel at a banking organization need to understand their role in the internal controls process
and be fully engaged in the process.
An essential element of an effective system of internal control is a strong control
culture. It is the responsibility of the board of directors and senior management to emphasise
the importance of internal control through their actions and words. This includes the ethical
values that management displays in their business dealings, both inside and outside the
18
organisation. The words, attitudes and actions of the board of directors and senior management
affect the integrity, ethics and other aspects of the banks control culture.
In varying degrees, internal control is the responsibility of everyone in a bank. Almost
all employees produce information used in the internal control system or take other actions
needed to effect control. An essential element of a strong internal control system is the
recognition by all employees of the need to carry out their responsibilities effectively and to
communicate to the appropriate level of management any problems in operations, instances of
non-compliance with the code of conduct, or other policy violations or illegal actions that are
noticed. This can best be achieved when operational procedures are contained in clearly written
documentation that is made available to all relevant personnel. It is essential that all personnel
within the bank understand the importance of internal control and are actively engaged in the
process. In reinforcing ethical values, banking organizations should avoid policies and practices
that may inadvertently provide incentives or temptations for inappropriate activities. Examples
of such policies and practices include undue emphasis on performance targets or other
operational results, particularly short-term ones that ignore longer-term risks; Compensation
schemes that overly depend on short-term performance; ineffective segregation of duties or
other controls that could allow the misuse of resources or concealment of poor performance;
and insignificant or overly onerous penalties for improper behaviours Oset, (2006).
While having a strong internal control culture does not guarantee that an organization will
reach its goals, the lack of such a culture provides greater opportunities for errors to go
undetected or for improprieties to occur.
B. Risk Recognition and Assessment
Principle 4: An effective internal control system requires that the material risks that could
adversely affect the achievement of the banks goals are being recognized and continually
assessed. This assessment should cover all risks facing the bank and the consolidated banking
19
organization (that is, credit risk, country and transfer risk, market risk, interest rate risk,
liquidity risk, operational risk, legal risk and reputational risk).Internal controls may need to be
revised to appropriately address any new or previously uncontrolled risks.
Banks are in the business of risk-taking. Consequently it is imperative that, as part of
an internal control system, these risks are being recognized and continually assessed. From an
internal control perspective, a risk assessment should identify and evaluate the internal and
external factors that could adversely affect the achievement of the banking organizations
performance, information and compliance objectives. This process should cover all risks faced
by the bank and operate at all levels within the bank. It differs from the risk management process
which typically focuses more on the review of business strategies developed to maximize the
risk/reward trade-off within the different areas of the bank.
Effective risk assessment identifies and considers internal factors (such as the
complexity of the organizations structure, the nature of the banks activities, the quality of
personnel, organizational changes and employee turnover) as well as external factors (such as
fluctuating economic conditions, changes in the industry and technological advances) that could
adversely affect the achievement of the banks goals. This risk assessment should be conducted
at the level of individual businesses and across the wide spectrum of activities and subsidiaries
of the consolidated banking organization. This can be accomplished through various methods.
Effective risk assessment addresses both measurable and non-measurable aspects of risks and
weighs costs of controls against the benefits they provide Asukwo, (2007).
The risk assessment process also includes evaluating the risks to determine which are
controllable by the bank and which are not. For those risks that are controllable, the bank must
assess whether to accept those risks or the extent to which it wishes to mitigate the risks through
20
control procedures. For those risks that cannot be controlled, the bank must decide whether to
accept these risks or to withdraw from or reduce the level of business activity concerned.
In order for risk assessment, and therefore the system of internal control, to remain
effective, senior management needs to continually evaluate the risks affecting the achievement
of its goals and react to changing circumstances and conditions. Internal controls may need to
be revised to appropriately address any new or previously uncontrolled risks. For example, as
financial innovation occurs, a bank needs to evaluate new financial instruments and market
transactions and consider the risks associated with these activities. Often these risks can be best
understood when considering how various scenarios (economic and otherwise) affect the cash
flows and earnings of financial instruments and transactions. Thoughtful consideration of the
full range of possible problems, from customer misunderstanding to operational failure, will
point to important control considerations
C. Control Activities and Segregation of Duties
Principle 5: internal Control activities should be an integral part of the daily activities of a bank.
An effective internal control system requires that an appropriate control structure is setup, with
control activities defined at every business level. These should include: top level reviews;
appropriate activity controls for different departments or divisions; physical controls; checking
for compliance with exposure limits and follow-up on noncompliance; a system of approvals
and authorizations; and, a system of verification and reconciliation.
Control activities are designed and implemented to address the risks that the bank
identified through the risk assessment process described above. Control activities involve two
steps: (1) the establishment of control policies and procedures; and (2) verification that the
control policies and procedures are being complied with. Control activities involve all levels of
personnel Examples of control activities include: personnel in the bank, including senior
management as well as front line personnel.
21
Examples of control activities include:
i. Top level reviews - Boards of directors and senior management often request
presentations and performance reports that enable them to review the banks
progress toward its goals. For example, senior management may review reports
showing actual financial results to date versus the budget. Questions that senior
management generates as a result of this review and the ensuing responses of
lower level of management represent a control activity which may detect
problems such as control weaknesses, errors in financial reporting or fraudulent
activities.
ii. Activity controls - Department or division level management receives and
reviews standard performance and exception reports on a daily, weekly or
monthly basis. Functional reviews occur more frequently than top-level reviews
and usually are more detailed. For instance, a manager of commercial lending
may review weekly reports on delinquencies, payments received, and interest
income earned on the portfolio, while the senior credit officer may review
similar reports on a monthly basis and in a more summarized form that includes
all lending areas. As with the top-level review, the questions that are generated
as a result of reviewing the reports and the responses to those questions represent
the control activity.
iii. Physical controls - Physical controls generally focus on restricting access to
tangible assets, including cash and securities. Control activities include physical
limitations, dual custody, and periodic inventories.
iv. Compliance with exposure limits - The establishment of prudent limits on risk
exposures is an important aspect of risk management. For example, compliance
with limits for borrowers and other counterparties reduces the banks
22
concentration of credit risk and helps to diversify its risk profile. Consequently,
an important aspect of internal controls is a process for reviewing compliance
with such limits and follow-up on instances of non-compliance.
v. Approvals and authorizations - Requiring approval and authorization for
transactions over certain limits ensure that an appropriate level of management
is aware of the transaction or situation, and helps to establish accountability.
vi. Verifications and reconciliations - Verifications of transaction details and
activities and the output of risk management models used by the bank are
important control activities. Periodic reconciliations, such as those comparing
cash flows to account records and statements, may identify activities and records
that need correction. Consequently, the results of these verifications should be
reported to the appropriate levels of management whenever problems or
potential problems are detected.
Control activities are most effective when they are viewed by management and all other
personnel as an integral part of, rather than an addition to, the daily activities of the bank. When
controls are viewed as an addition to the day-to-day activities, they are often seen as less
important and may not be performed in situations where individuals feel pressured to complete
activities in a limited amount of time. In addition, controls that are an integral part of the daily
activities enable quick responses to changing conditions and avoid unnecessary costs. As part
of fostering the appropriate control culture within the bank, senior management should ensure
that adequate control activities are an integral part of the daily functions of all relevant
personnel.
It is not sufficient for senior management to simply establish appropriate policies and
procedures for the various activities and divisions of the bank. They must regularly ensure that
all areas of the bank are in compliance with such policies and procedures and also determine
23
that existing policies and procedures remain adequate. This is usually a major role of the internal
audit function Shiozawa, (2011)
Principle 6: An effective internal control system requires that there is appropriate segregation
of duties and those personnel are not assigned conflicting responsibilities. Areas of potential
conflicts of interest should be identified, minimized, and subject to careful, independent
monitoring
In reviewing major banking losses caused by poor internal controls, supervisors
typically find that one of the major causes of such losses is the lack of adequate segregation of
duties. Assigning conflicting duties to one individual (for example, responsibility for both the
front and back offices of a trading function) gives that person access to assets of value and the
ability to manipulate financial data for personal gain or to conceal losses. Consequently, certain
duties within a bank should be split, to the extent possible, among various individuals in order
to reduce the risk of manipulation of financial data or misappropriation of assets. Segregation
of duties is not limited to situations involving simultaneous front and back office control by one
individual. It can also result in serious problems when there are not appropriate controls in those
instances where an individual has responsibility for:
i. Approval of the disbursement of funds and the actual disbursement;
ii. Customer and proprietary accounts;
iii. Transactions in both the "banking" and "trading" books;
iv. Informally providing information to customers about their positions while marketing to
the same customers;
v. Assessing the adequacy of loan documentation and monitoring the borrower after loan
origination; and,
vi. Any other areas where significant conflicts of interest emerge and are not mitigated by
other factors.
24
Areas of potential conflict should be identified, minimized, and subject to careful
monitoring by an independent third party. There should also be periodic reviews of the
responsibilities and functions of key individuals to ensure that they are not in a position to
conceal inappropriate actions ICAN study pack (2006).
D. Information and Communication
Principle 7: An effective internal control system requires that there are adequate and
comprehensive internal financial, operational and compliance data, as well as external market
information about events and conditions that are relevant to decision making. Information
should be reliable, timely, accessible, and provided in a consistent format
Adequate information and effective communication are essential to the proper functioning
of a system of internal control. From the banks perspective, in order for information to be
useful, it must be relevant, reliable, timely, accessible, and provided in a consistent format.
Information includes internal financial, operational and compliance data, as well as external
market information about events and conditions that are relevant to decision making. Internal
information is part of a record-keeping process that should include established procedures for
record retention.
Principle 8: An effective internal control system requires that there are reliable information
systems in place that cover all significant activities of the bank. These systems, including those
that hold and use data in an electronic form, must be secure, monitored independently and
supported by adequate contingency arrangements
A critical component of a bank's activities is the establishment and maintenance of
management information systems that cover the full range of its activities. This information is
usually provided through both electronic and non-electronic means. Banks must be particularly
aware of the organizational and internal control requirements related to processing information
in an electronic form and the necessity to have an adequate audit trail. Management decision-
25
making could be adversely affected by unreliable or misleading information provided by
systems that are poorly designed and controlled.
Electronic information systems and the use of information technology have risks that
must be effectively controlled by banks in order to avoid disruptions to business and potential
losses. Since transaction processing and business applications have expanded beyond the use
of mainframe computer environments to distributed systems for mission-critical business
functions, the magnitude of risks also has expanded. Controls over information systems and
technology should include both general and application controls. General controls are controls
over computer systems (for example, mainframe, client/server, and end-user workstations) and
ensure their continued, proper operation. General controls include in-house back-up and
recovery procedures, software development and acquisition policies, maintenance (change
control) procedures, and physical/logical access security controls. Application controls are
computerized steps within software applications and other manual procedures that control the
processing of transactions and business activities. Application controls include, for example,
edit checks and specific logical access controls unique to a business system. Without adequate
controls over information systems and technology, including systems that are under
development, banks could experience loss of data and programs due to inadequate physical and
electronic security arrangements, equipment or systems failures, and inadequate in-house
backup and recovery procedures.
In addition to the risks and controls above, inherent risks exist that are associated with
the loss or extended disruption of services caused by factors beyond the banks control. In
extreme cases, since the delivery of corporate and customer services represent key transactional,
strategic and reputational issues, such problems could cause serious difficulties for banks and
even jeopardize their ability to conduct key business activities. This potential requires the bank
to establish business resumption and contingency plans using an alternate off-site facility,
26
including the recovery of critical systems supported by an external service provider. The
potential for loss or extended disruption of critical business operations requires an institution-
wide effort on contingency planning, involving business management, and not focused on
centralized computer operations. Business resumption plans must be periodically tested to
ensure the plans functionality in the event of an unexpected disaster. Ajisebutu, (2007).
Principle 9: An effective internal control system requires effective channels of communication
to ensure that all staff fully understand and adhere to policies and procedures affecting their
duties and responsibilities and that other relevant information is reaching the appropriate
personnel.
Without effective communication, information is useless. Senior management of banks
need to establish effective paths of communication in order to ensure that the necessary
information is reaching the appropriate people. This information relates both to the operational
policies and procedures of the bank as well as information regarding the actual operational
performance of the organization.
The organizational structure of the bank should facilitate an adequate flow of
information - upward, downward and across the organization. A structure that facilitates this
flow ensures that information flows upward so that the board of directors and senior
management are aware of the business risks and the operating performance of the bank.
Information flowing down through an organization ensures that the banks objectives,
strategies, and expectations, as well as its established policies and procedures, are
communicated to lower level management and operations personnel. This communication is
essential to achieve a unified effort by all bank employees to meet the banks objectives.
Finally, communication across the organization is necessary to ensure that information that one
division or department knows can be shared with other affected divisions or departments.
E. Monitoring Activities and Correcting Deficiencies
27
Principle 10: The overall effectiveness of the banks internal controls should be monitored on
an ongoing basis. Monitoring of key risks should be part of the daily activities of the bank as
well as periodic evaluations by the business lines and internal audit.
Since banking is a dynamic, rapidly evolving industry, banks must continually monitor
and evaluate their internal control systems in the light of changing internal and external
conditions, and must enhance these systems as necessary to maintain their effectiveness. In
complex, multinational organizations, senior management must ensure that the monitoring
function is properly defined and structured within the organization.
Monitoring the effectiveness of internal controls can be done by personnel from several
different areas, including the business function itself, financial control and internal audit. For
that reason, it is important that senior management makes clear which personnel are responsible
for which monitoring functions. Monitoring should be part of the daily activities of the bank
but also include separate periodic evaluations of the overall internal control process. The
frequency of monitoring different activities of a bank should be determined by considering the
risks involved and the frequency and nature of changes occurring in the operating environment.
On-going monitoring activities can offer the advantage of quickly detecting and
correcting deficiencies in the system of internal control. Such monitoring is most effective when
the system of internal control is integrated into the operating environment and produces regular
reports for review. Examples of ongoing monitoring include the review and approval of journal
entries, and management review and approval of exception reports.
In contrast, separate evaluations typically detect problems only after the fact; however,
separate evaluations allow an organization to take a fresh, comprehensive look at the
effectiveness of the internal control system and specifically at the effectiveness of the
monitoring activities. These evaluations can be done by personnel form several different areas,
including the business function itself, financial control and internal audit. Separate evaluations
28
of the internal control system often take the form of self-assessments when persons responsible
for a particular function determine the effectiveness of controls for their activities. The
documentation and the results of the evaluations are then reviewed by senior management. All
levels of review should be adequately documented and reported on a timely basis to the
appropriate level of management.
Principle 11: There should be an effective and comprehensive internal audit of the internal
control system carried out by operationally independent, appropriately trained and competent
staff. The internal audit function, as part of the monitoring of the system of internal controls,
should report directly to the board of directors or its audit committee, and to senior
management.
The internal audit function is an important part of the on-going monitoring of the system
of internal controls because it provides an independent assessment of the adequacy of, and
compliance with, the established policies and procedures. It is critical that the internal audit
function is independent from the day-to-day functioning of the bank and that it has access to all
activities conducted by the banking organization, including at its branches and subsidiaries.
Tilto, (2006).
By reporting directly to the board of directors or its audit committee, and to senior
management, the internal auditors provide unbiased information about line activities. Due to
the important nature of this function, internal audit must be staffed with competent, well trained
individuals who have a clear understanding of their role and responsibilities. The frequency and
extent of internal audit review and testing of the internal controls within a bank should be
consistent with the nature, complexity, and risk of the organizations activities. It is important
that the internal audit function reports directly to the highest levels of the banking organization,
typically the board of directors or its audit committee, and to senior management. This allows
for the proper functioning of corporate governance by giving the board information that is not
29
biased in any way by the levels of management that the reports cover. The board should also
reinforce the independence of the internal auditors by having such matters as their
compensation or budgeted resources determined by the board or the highest levels of
management rather than by managers who are affected by the work of the internal auditors.
Principle 12: Internal control deficiencies, whether identified by business line, internal audit,
or other control personnel, should be reported in a timely manner to the appropriate
management level and addressed promptly. Material internal control deficiencies should be
reported to senior management and the board of directors.
Internal control deficiencies, or ineffectively controlled risks, should be reported to the
appropriate person(s) as soon as they are identified, with serious matters reported to senior
management and the board of directors. Once reported, it is important that management corrects
the deficiencies on a timely basis. The internal auditors should conduct follow-up reviews or
other appropriate forms of monitoring, and immediately inform senior management or the board
of any uncorrected deficiencies. In order to ensure that all deficiencies are addressed in a timely
manner, senior management should be responsible for establishing a system to track internal
control weaknesses and actions taken to rectify them.
The board of directors and senior management should periodically receive reports
summarizing all control issues that have been identified. Issues that appear to be immaterial
when individual control processes are looked at in isolation, may well point to trends that could,
when linked, become a significant control deficiency if not addressed in a timely manner.
2.6 Types of Internal Control
All the above elements of internal control system can be grouped into the following types.
1. Physical Control
30
It is the control design to ensure physical protection of assets from unauthorized access.
For example, cars are parked at secured garage; cash locked up in a safe or vault; stock locked
up in a secured ware house etc.
2. Authorization and Approval
All companys processes and transactions must be duly authorized and approved by
responsible companys officials operating within the limit of their authority
3. Personnel
These are controls developed to ensure that company maintains at all-time appropriate
mix of qualified and experienced staff. This controls take the form of structured recruitment
procedure, training and on the job training.
4. Arithmetic and Accuracy
These are control design to ensure accuracy of recording of all transaction processed. It covers
casting and cross casting to ensure integrity of financial report.
5. Management control.
This is the most important element of control in that all other control revolves around it. It takes
the form of the use of budget and management account to control operations. It may also involve
the use of functional internal audit department.
6. Organization control.
Every organization should have a clearing laid out organizational structure which define s and
allocate responsibility as well as identify lines of reporting. It is essential that every person in
the organization should know the prcised power delegated unto him and to whom he should
report in order to achieve unit of command.
7. Supervision Control.
31
These are controls exercised by higher level officers on their subordinate .They may not
be part of the routine control system but they are design to ensure that the organization business
are being conducted as intended.
8. Segregation of Duties.
No one person should be allowed to undertake all aspect of a transaction. Segregation of duty
is a breaking down of transaction process to accommodate many individuals to take part. This
will reduce error or deliberate fraud
9. Acknowledgement and Budgeting
This requires that all actions taken must be acknowledged in writing by the performance. Also,
it involves the use of budget to control operation.
2.6.1 Theory of Fraud
Fraud and Forgery have been identified as major causes of bank distress and eventual
failure in the Nigerian banking sector (Ajayi 2010). According to NDIC Publication, about one
thousand nine hundred and fourteen (1914) bank staff of various banks were involved in bank
fraud between 1996 and 1998. The report also established that fraud contributed immensely to
the failure of most banks in the 1990s,the amount involved representing as many as 32.1% of
shareholders fund in 1998 (Udegbunam, 2010)
The concept of fraud: What is fraud? Fraud has been widely defined in literature by
scholars and experts. Hornby (2008) defines Fraud as an action or an instance of checking
somebody in order to make money or obtain goods illegally. The same dictionary defines the
perpetrators of frauds as fraudsters.
32
According to the ICAN (2006) Fraud consists of both the use of deception to obtain an
unjust or illegal financial advantage and intentional misrepresentations, affecting the financial
statements by the one or more individuals among management, employees, or third parties.
Anyawu (2005) defined fraud as an act of deception deliberately practiced to gain
unlawful or unfair advantage to the detriment of another. Megis (2003) also refer to fraud as
the misrepresentation by a person of a material fact knows. Fraud is also refers to as intentional
mis-representation of financial record by one or more individuals or by management or
employee or third Parties. It is also a type of irregularities involving the use of criminal
deception to obtain an unjust or illegal advantage.
Archibong (1992) describes Fraud as a predetermined and well planned tricky process
or device usually undertaken by a person or group of persons, with the sole aim of checking
another person or organization, to gain ill-gotten advantages, be it monetary or otherwise, which
would not have accrued in the absence of such deceitful procedure.
From the above, the term fraud may be said to be as an intentional misrepresentation of
financial information by one or more individuals among management, employees or third
parties. Fraud may involve;
(a) Manipulation , falsification or alteration of documents and records
(b) Recording transaction without substances
(c) Mis-appropriate of assets or theft
(d) Intentional mis-application of accounting policies
(e) Suppressing of transactions or omitting such transaction from records
(f) Wilful misrepresentation of transactions of the entitys state of affairs
It involves taking a property unlawfully from its owner, without his/her knowledge,
permission or consent, or to misstate a situation knowingly or by negligence.
33
2.6.2 Causes of Fraud
a) Brune (2012) said that causes of fraud are through lapses or inadequacies, which
manifest in various ways. Lacks of adequate supervision, which fraudulent minded
operator in the system sees as an opportunity and utilize it.
b) Development of new technologies has facilitated the tempo fraudulent activities (More
pronounced in computer and information technology).
c) Human avarice, the insatiable appetite to a mass wealth and the social economic
condition of the society. However, there are many causes of bank fraud that can be
summarized into two namely.
2.6.3 Institutional Factor;
These are factors that exist because of the action or inaction of the banks management.
They are therefore factors that are within the control of the management .The following are
responsible for fraud perpetuation in any organization particularly resulting from the failure to
separate duties, and where an individual handle exclusively all stages of transactions:
(a) Where employee are allowed to accumulate their vocation, which make it difficult to
uncover illegal abstraction
(b) Absence of employee rotation: failure to shift personnel encourages fraud by covering
the work of each employee.
(c) Remuneration: fair remuneration aids controlling speculation. Where an employee, is
remuneration accounting to the value of its contribution to the bank and accounting to
the going wage, rather comparatively he dues not to try to correct it through
(d) Training : inadequate or lack of proper training of bank personals allows a staff in
bank to unconsciously create lapses in the operation assigned to him/her causing another
fraudulent minder staff utilize the opportunity to perpetuate the fraudulent act.
34
2.6.4 Environmental/Social Factors
These are factor that are not within the control or the bank management. The
high ranking among these factors is the general lust for wealth, also the fact that the
society does not challenge the source of peoples wealth, but rather recognition is given
into such. The bank is a part of the society, coupled with the regard and position bankers
are placed in the society. This therefore encourage people even bankers to be bold
confident when involved in such malpractices.
2.6.5 Classification of Frauds.
As it has been said earlier, fraud is a criminal act of involving the use of deceit
to gain an undue or illegal advantage. This comes in different shapes and magnitude.
According to Biggs (2006), he classified fraud into (2) namely;
a) Defalcation
This involves either misappropriation of money or goods, which can coax the omission of cash
received.
b) Manipulation
This involves Fraudulent manipulation of account involving defalcation. This is less frequent
and it involves large amount. Its also a form of frauds that is indigenous and skill fully
concealed and carried out by person holding position of the higher trust. Megis also classified
fraud into;
i. Management fraud
ii. Employee fraud
a) Management Fraud
This type of fraud comes from the top where the executives of a company deliberately
deceive stock holders, creditors, and independent auditor
35
According to Fakunle (2006), management fraud often involves the manipulation of the
records and the account, typically by the enterprises senior officers with a view to benefiting
in some indirect way. An example is, obtaining finance under false presences, or concealing a
material, worsening off the companys true position, i.e., window dressing.
Robertson (2010) defines management fraud as a deliberate fraud, committed by
management that injures investors and creditors, through materially misleading financial
statements. Management fraud is sometimes called fraudulent financial reporting.
Management fraud is usually perpetrated by the management staff of an organization, which
management frauds are investors and creditors and the instrument of perpetration is a financial
statement.
The essence of management fraud most times is to attract more shareholders to come and invest
in the organization. It is also perpetrated, so that organization will be in better position of
obtaining loans from banks, because, a good statement will show a healthy look, hence it will
be a good collateral security.
b) Employee Fraud
This is the dishonest action of the employee towards the management despite the fact
the management put in efforts to prevent such action. Employee fraud is also known as non-
management fraud: These are frauds that are perpetrated by the employees of an organization.
Robertson (1996) defines it as the use of fraudulent means to take money or other property from
an employer. It usually involves falsification of some kind, like false documents, lying,
exceeding authority, or violating an employers policies, phases, which are: embezzlement of
companys funds, usually in form of cash or other assets. It consists of three
i. The fraudulent act
ii. The conversion of the money or property to the fraudsters us
36
iii. The cover up
Employee frauds are more likely to be encountered where internal controls are weak: other
types of employees frauds according to Awe (2005) are as follows:
i. Fictitious payment of suppliers:
ii. Alteration of invoices
iii. Double payment of invoices
iv. Suppression of credit note received
v. Missing returned cheque (so that it appears that bills are paid)
vi. Missing invoices
vii. Wages fraud (payroll fraud)
viii. Payment for hours not worked for
ix. Payment of an incorrect wage rate
x. Fictitious employees (ghost workers) on wage sheet
xi. Deliberate errors in wage sheet
xii. Misappropriated cash taking
xiii. Actual theft of cash balance
xiv. Misappropriated cash from credit sales
It is important to note that all these form of employee fraud are perpetrated, so that the
perpetrators will have an undue benefit from all the irregularities made, as embedded in
the definition of fraud.
2.6.6 Types of Fraud
The various types of fraud based on these categories as enumerated by Anyanwu (2013) and
Goldface and Inckwube (2007) are as follows:
37
i. Cash fraud:
There is several method of cash fraud that is engaged in by the bank staffs. A cash
fraud from the cashier may be outright cash theft by unsuspecting cashier to suppress
other colleague. Management cash fraud may take the form of removing cash from strong
room and replacing the strong room money with counterfeit currency.
ii. Cheque fraud:
This is in form of forging of cheque that is, making an alteration on cheque by changing the
figures or the signature. Cheque fraud may involve the following:
(a) Removal of cheque books from stock (e.g. safe) or cheque leafs from cheque book.
(b) Illegal and unauthorized adjustment of cheque amongst which include alteration of
signature and date.
(c) Clearing cheque fraud, bank drafts, bank cheque and bankers payment. These are means
of payment commonly used in the banking system. Once they are suppressed, intercept,
stolen and signatures perfectly forged and names cleverly altered, the fraud will be good
and successful.
iii. Foreign Exchange Malpractices
These involve the unlawful trafficking in foreign exchange and non-adherence to
official guidance on foreign exchange transaction.
iv. Telex fraud:
These occur among authentic massages which are to be tested and sent by bankers
telex official. Spurious telex messages are introduced because of such fake messages in
which money is usually paid to a fictions account through a correspondence bank and
later cashed by the overseas collaborations. Then the correspondence bank without notice
will credit the fictions account after decoding the telex message.
v. Loan fraud:
38
This type of fraud is peculiar to specialized banks though occur in all banks. The
area of frauds and forgeries are the procedure for granting, recording and monitoring of
loan and advances to customers. Loan fraud may take the form of outright grants to
unintended and unqualified borrowers who are aided and abetted by senior bank staff that
may be relatives, friends and business partners. By this, it is an outright intention to
defraud.
2.6.7 Type of banks common fraudulent practices:
Ovuakporia (2013) gave account of thirty-three types of bank frauds in the banking
sector. These includes theft, embezzlement, defalcations, forgeries, substitution, suppression,
payment against unclear effects, unauthorized lending, lending to ghost borrowers, kite flying
and cross firing, unofficial borrowing, foreign exchange malpractice, impersonation, over-
involving, manipulation of vouchers, fictitious accounts, over and under valuation of properties,
false declaration of cash shortages, falsification of status reports, duplication of cheque books,
mail transfer, interception of clearing cheques, computer frauds, fake payments, teeming and
lading, robbers and others.
The above numerous types of fraudulent practices in banks, serve as threats to the
success of many banks. If adequate preventive and detective measures are not put into action,
it could lead to the complete failure of financial institutions especially banks in Nigeria.
2.6.8 Causes of Bank Frauds:
There are many identified causes of fraud in banks. They vary from Institutional to
economical, social, psychological, legal and even infrastructural causes. The Immediate
causative agents of frauds in general as provided by Ogbunka (2012) are as follows:
i. Availability of opportunities to perpetrate frauds and forgeries
39
ii. Human greed, avarice, instability
iii. Poverty and the widening gap between the rich and the poor
iv. Prevailing misplaced social values, moral and spiritual decadence
v. Increasing incidence of unemployment
vi. Increasing financial burden on individuals
vii. Misapplied intelligence-say for adventure
viii. Job insecurity
x. Social misconceptions that banks money is nobodys money property and therefore can
be defrauded
xi. Societal expectations
xii. Inadequate training of personnel
xiii. unhealthy comparison and competition
xiv. Peer group pressure
xv. Revenge
xvi. Non-adherence to ethical standards
xvii. Leadership by bad example
xviii. Over ambition/frustrations of staff
xix. Increasing and changing sophistication in technological equipment
xx. Poor/weak recruitment policies
xxi. Inadequate training of manpower
xxii. Societal indiscipline, especially with money
xxiii. Risk on the fraudsters may be low or none
xxiv. Possibility of identifying or stopping a fraud may be very little
xxv. Lack of effective machinery that guarantee severe punishment for fraudsters and forgers
xxvi. Poor/weak management control, monitoring and supervision
40
xxvii. Weak internal control system of the bank
2.7 Roles and Responsibility of External Auditor
The Basle Committee on Banking Supervision, in their article, emphasized the impact
of external auditor in assessing a bank internal control system through their roles and
responsibilities. Although, external auditors, according to them, are not, by definition part of a
banking Organization and therefore, are not part of its internal control system, they have an
important impact on the quality of internal controls through their audit activities, including
discussions with management and recommendations for improvement to internal controls. The
external auditors provide important feedback on the effectiveness of the internal control system.
While the primary purpose of the external audit function is to give an opinion on the annual
account of a bank, the external auditor must choose whether to rely on the effectiveness of the
banks internal control system. For this reason, the external auditor's have to obtain an
understanding of the internal control system in order to assess the extent to which they can rely
on the system in determining the nature, timing and scope of their own audit procedures Kechi,
(2014).
The exact role of external auditors and the processes they use vary from country to
country. Professional auditing standards in many countries require that audits be planned and
performed to obtain reasonable assurance that financial statements are free of material
misstatement. Auditors also examine, on a test basis, underlying transactions and records
supporting financial statement balances and disclosures. An auditor assesses the accounting
principles and policies used and significant estimates made by management and evaluates the
overall financial statement presentation. In some countries, external auditors are required by
the supervisory authorities to provide a specific assessment of the scope, adequacy and
effectiveness of a banks internal control system, including the internal audit system.
41
One consistency among countries, however, is the expectation that external auditors will
gain an understanding of a banks internal control process to the extent that it relates to the
accuracy of the banks financial statements. The extent of attention given to the internal control
system varies by auditor and by bank; however, it is generally expected that material
weaknesses identified by the auditors would be reported to management in confidential
management letters and, in many countries, to the supervisory authority. Furthermore, in many
countries external auditors may be subject to special supervisory requirements that specify the
way that they evaluate and report on internal controls.
2.8 Emperical Review
In the work of Olaniyi (2008), and aligning it with the conclusion made in the works of
Fakunle (2006), Robertson (2016) and also in the work of Hamby (2011); bank fraud, according
to him are now becoming a global phenomenon. The aftermath of fraud, according to him,
causes an embarrassment to the nation and on bank owners, customers and their family
members, as most bank failures are associated with large scale frauds.
In his conclusion, he was of the emphases that internal control department/unit of any
organization is very important in detection and prevention of fraud and cannot be undermined
especially by banks. Since the lack of an effective internal control system, according to the he
findings is the major cause of bank frauds. It is then concluded that the management of every
bank should create and establish a standard internal control system, strong enough to stand
against the wiles of fraud in order to promote continuity of operations and to ensure the
liquidity, solvency and going concern concept of the bank.
In the work Ajayi (2010) in collaboration with the works of other researchers such as
(Olasanmi, 2010; Gold, 2009) ;(Eseoghene, 2010); (Udegbunam, 2009) and (Nwaze, 2008); he
opined that expected loss due to fraud in the Nigeria banking industry are affected mainly by
42
number of fraud cases and total amount involved, while the numbers of staff involved also
contribute to the loss it was found to be statistically insignificant. Base on his findings, he
concluded that there should be sound corporate governance and the need to improve on the
existing ones, thus;
i. That management should not hesitate to come to the aid of employees, any time there is
a genuine financial request particularly in emergency situations. Such assistance,
according to him, does not only eliminate the tendency to defraud the organization, but
helps to cultivate a group of dedicated and highly positive workforce.
ii. Also, in recruiting key personnel who are to handle certain sensitive operations, it is
essential that banks make efforts at conducting a proper background check on the status
and nature of the employee in his or her neighbourhood as this would help them
establish the probability of the employee engaging in fraudulent activities.
iii. He also concluded that sound corporate governance characterized by effective
operational practices comparable to international standards should be adopted by top
management of bank as an essential ingredient for the prevention of fraud in the banking
sector.
iv. Top management must also strive to maintain a high degree of ethical standards in the
performance of its duties in view of the fiduciary nature of their functions. All these
according to him, is imperative as they are required to safeguard the assets of their
banks.
43
CHAPTER THREE
3.0 RESEARCH METHODOLOGY
3.1 Introduction
The research methodology is concerned with the methods of collecting data for this
research work for the purpose of this work all the necessary techniques of data collection were
through primary and secondary sources, by the use of interview and direct observation of the
study elements concerned in the study
3.2 Research Design
A research design could be defined as a torchlight that illuminates the mind of the
researcher in his investigation efforts with the unknown. A research design could also be used
to show the method of data processing and presentation. According to osuola, (2013; 4), a
research design is the basic plan which will guide the data collection and analysis phase of the
research project.
There are several types of research design which involves; historical, experimental,
survey method, case study etc. Jegede, (2014).However, the case study method was used for
this study because it is very useful in explanatory research study.
3.3. Sample Size Sampling Technique
Due to the largeness of population, samples were drawn from Guaranty Trust Banks
staff. Questionnaires were distributed to subjects based on random sampling to staff in various
department of the bank. Random sampling methods were used for questionnaire administration.
Also, analysis was done based on questionnaires administered. This method is made possible
due to the limited number staff available for research study the researcher is using random
sampling so as to obtain valuable information from staff.
44
3.4. Population
The population for a research study is defined by Jegede (2010) as the totality of all the
observations that an investigator is concerned with. The population of this research consist of
all Staff of Guaranty Trust Bank Bauchi Branch, for effective coverage and timely report.
3.5. Definition of Data
Oxford advanced learners Dictionary of current English defined data as facts, things
certainly known and from which conclusion may be drawn. Data can be any information
acquired by researcher in respect of a given study from a wide range of sources which may
include any one or a combination of the following: interview, questionnaire, measurement,
review of literature and observation. The use of appropriate data in any research work is
fundamental and it depends on the expertise, skills and commitment. For example a researcher
in need of peoples opinions about a given situation may decide to use a questionnaire for
obtaining vital information.
3.6. Sources of Data Collection
Personal interview with chief inspector of the bank, observations of relevant reports and
questionnaire administration were the various methods used to collect the needed data for this
study. The sources of data used in this research study are: primary sources of data and secondary
sources of data.
Primary sources of data were obtained from questionnaire administered and personal
interview with the chief inspector of the bank conducted by the researchers. Secondary sources
of data were obtained from relevant journal, Bank Annual Report and Accounts, Articles and
review of research report.
45
3.7 Method of Data Analysis
The method of data analysis used for this study was descriptive statistical method were
tables and simple percentages will be used to analyze the information in the questionnaire
supplied by the respondents so as to allow accuracy and easy decoding of information, and on
this basis, the discussion of findings shall be made.
According to Samford (2010), Data presentation method is the process of presenting
and the re-arrangement of data in such a way that it will be meaningful and easy to
understanding. In presenting data for this study, the under-mentioned tools were employed.
3.8.1 Tabulation
This is the transfer of data from the data instrument to the tabular form in which they
were systematically examined. The purpose of tabulation was to condense data for comparison
in order to provide easy analysis and interpretation.
3.8.2 Percentage
This is a statistical method used in simplifying further the data arranged in a table.
Percentage thus simply involves expressing fractions of a group of data as a component of
hundred.
3.8.3 Literary Presentation
This is a presentation in which the research situation, events, ideas and processes are explained
3.9. Description of Research Instrument
The core instrument used to gather information was the questionnaire. The
questionnaire was properly designed and addressed to the bank for study. The questionnaire
had two parts. Part one talked about the bio-data of the respondents and part two provides
questions to be answered. The questionnaire was structured to close ended questions.
46
3.10. Reliability and Validity of Research Instrument
Validity can be defined as the extent to which the survey instrument acts as an accurate
predictor. Validity involves the degree to which the questionnaire as regards the study measures
accurately what is supposed to be measured. According to show and Wright (1991), there are
four general procedures for estimating the validity of the questionnaire.
47
CHAPTER FOUR
4.0 PRESENTATION, ANALYSIS AND INTERPRETATION OF DATA
4.1 Introduction
In this chapter, an attempt was made to present, analyzed and interpret the data collected
mainly through primary sources.
In analyzing the data collected, fifty (50) questionnaires were administered to
respondents in Guaranty Trust Bank, forty two (42) were returned, and as such, forty-two (42)
were available for analysis.
This chapter is divided into three (3) sections. Section 4.1 presents the socio-
demographic distribution of the respondents, section 4.2 present data analysis and discussions
according to research objectives. Simple percentages and tables were used in the analysis of
data; while section 4.3 present the discussion of findings.
4.2 Socio-Demographic Distribution of Respondents
This section presents the socio-demographic data about the respondent. At table is employed to
present the data and interpretation follows immediately.
48
Table 1: Tabular Presentation of Socio-Demographic Distribution of Respondence
CATEGORY OPTION FREQUENCY PERCENTAGE (%)
1. Sex Male 25 59.524
Female 17 40.476
Total 42 100
2. Age 20 27 yrs. 12 28.571
28 35 yrs. 20 47.619
36 40yrs 6 14.286
41 55yrs 4 9.524
56yrs above 0 0
Total 42 100
3. Education OND 5 11.905
HND 12 28.571
B.Sc./B.Ed. 18 42.857
M.Sc/.M.Ed/MA 5 11.905
Ph.D. 2 4.762
Total 42 100
4. Work 1 5 yrs. 20 47.619
Experience 6 10 yrs. 18 42.857
11 15 yrs. 3 7.143
16 20 yrs. 1 2.381
21yrs. and above 0 0
Total 42 100
Source: Field Survey, Feb., 2016
From table 1, the sex distribution of respondents shows that 59.524% of the respondents
constitute males and 40.476% of the respondents are female. For the age distribution of
respondents as shown above, 28.571% of the respondents falls within the age bracket of 20-
27yrs, 47.619% falls within 28-35yrs, 9.524% falls within 41-55yrs and 0% falls within the age
of 56yrs and above. Table 4.1 also reveals the statistical fact about the educational background
of the respondents. 11.905% of the respondents holds OND certificate, 28.571% holds HND
certificate, 42.857% are B.Sc. /B.Ed. holder, 11.905% holds M.Sc. /M.Ed. certificate and
finally 4.762% are Ph.D. holder.
Table 4.1 finally reveals information about the work experience of the respondents.
47.619% of the respondents hold work experienced between 1 to 5yrs; 42.857% had work
experience of 6 to 10yrs; 7.143% of the respondents had work experience between 11 to 15yrs;
2.381% only had work experience between 16 to 20yrs and finally 0% had work experience of
21yrs and above.
49
4.2.1 Analysis according to Research Objectives
This section attempts to analyze and interprets data collected from the respondents
based on the objectives stated in chapter 1 of the study.
4.2.2 The Impact of Internal Control System on the overall Management of Nigeria Banks
This sub-section presents data collected on the impact of internal control system on the
overall management of Nigeria banks. This constitutes one of the objectives of the study. An
attempt is made to know whether the respondent sees the significant usefulness of internal
control system on the banks operation, its profitability, solvency, going concern and any
relationship that may arise among these variables.
Table 2 Tabular Presentation of the Impact of Internal Control on the overall

Management of Nigeria Banks
Items Questions Yes No Total
1. Does internal control system capable 37 5 42
of ensuring and promoting the
effectiveness and efficiency of
operations in the banks?
(11.905%) (100%)
(88.095%)
2. Does the implementation of effective 32 10 42
and strong internal control system
capable of enhancing customers
confidence and trust in the Banks (76.190%) (23.810%) (100%)
3. Does the implementation of internal 30 12 42
control system in the banks ensure the
reliability of financial reporting by the
users of banks financial statements?
(71.429%) (28.571%) (100%)
4. Does effective monitoring and 38 4 42
auditing of the functional operation of
internal control system promote
growth, profitability and continuous
existence of the Banks? (90.476%) (9.524%) (100%)
5. Does the overriding of control by 32 10 42
Banks Management capable of
making Banks to liquidate and
eventually collapse? (76.190%) (23.810%) (100%)
50
From the table 2, it is seen that 88.095% of the respondents agreed that internal control system
is capable of ensuring and promoting the effectiveness and efficiency of Banks operation.
However, 11.905% of the respondents did not agree. This means that the bank staff at large
holds a belief that internal control system is capable of promoting the effectiveness of various
operations in the banks were control procedures are set in all the operations. The 11.905%
respondents who objected to this belief may have a view that internal control system only is not
sufficient enough to ensure effective operations of bank, but to be use in collaboration with
other system of control or management or directing the affairs of the bank, such as corporate
governance. The table further shows that 76.190% of the respondents agree that customers
confidence and trust in the bank can be enhanced through the implementation of effective and
strong internal control system, while 23.810% of the respondents disagree to this assertion.
From the table also, it is seen that 71.429% of the respondents agrees that internal
control system will ensure reliability of financial reporting by the users of financial statements,
while 28.571% disagree to this assertion. It is further shown in the table that 90.470% of the
respondents are of the opinion that effective monitoring and auditing of the functional operation
of the system of internal control will promote the growth, profitability of the bank, and finally
ensures its continuous existence, while a minor percentage of 9.524% disputed against this
assertion.
Finally, the table confirms that 76.190% of the respondents agreed that overriding of
controls by Banks Management has the capability to make the bank to liquidate and eventually
collapse, while only 23.810% did not agree.
In summary, the table confirms that respondents believe that effective monitoring and
auditing of the functional operation of the system of internal control is capable of ensuring
growth, profitability and going-concern of the bank and can also promote the effectiveness and
51
efficiency of operation in the banks. However, the overriding of such system of controls by top
management can make banks to liquidate and eventually collapse.
4.2.3 The Impact of Internal Control System on Fraud Prevention and Detection
This sub-section present data collected about the impact of internal control in preventing
and detecting fraud and forgery. The data is presented in the table below and an analysis follows
immediately.
Table 3: Tabular Presentation of the Impact of Internal Control System on Fraud

Prevention and Dictation
1. Does the implementation of strong 36 6 42
internal control system able to detect
and prevent fraudulent act and
practice? (85.714%) (14.286%) (100%)
2. Does an effective supervision and 35 7 42
implementation of strong internal
control system capable of revealing
fraudsters mode of operations? (83.333%) (16.667%) (100%)
3. Does awareness of internal control 34 8 42
system by management and staff
reduces an attempt to perpetrate
fraud? (80.952%) (19.048%) (100%)
4. Does an effective internal control 12 30 42
system sufficient enough to reveal the
lapses and inadequacies in the bank
open to fraudsters within and outside
the bank? (28.571%) (71.429%) (100%)
5. Does top management adherence and 29 13 42
submission to the control procedures
set in place in all departments of the
bank able to prevent the occurrence of
management fraud? (69.048%) (30.952%) (100%)
Source: field survey, Feb., 2016
From the table 3, it is seen that 85.714% of the respondents agreed that the implementation of
strong internal control system in the bank is capable of detecting and preventing fraudulent acts
and practices. However, 14.286% of the respondent did not agree. This implies that internal
52
control system implemented in the banking operations is capable of preventing fraud and
forgery and also in detecting same.
The table further shows that 83.333% of the respondents are in support of the fact that
effective supervision and implementation of strong internal control system is capable of
revealing fraudsters mode of operation while 16.667% of the respondents oppose the notion.
By implication, larger percentage of the respondents agree that bank should set up effective
supervision machinery on internal control system, thus, helps in exposing fraudsters mode of
operation.
Furthermore, it was reveal in the table that 80.952% of the respondents agreed that the
awareness of control system within the bank by both management and staff will reduce an
attempt to perpetrate fraud, while a small percentage of 19.048% disagree. Also, the table shows
that 71.429% were against the assertion that an effective internal control system is sufficient
enough to reveal that lapses and inadequacies in the bank, while only 28.571% support this
assertion. This therefore implies that internal control system is not sufficient enough to reveal
the lapses and inadequacies in the bank open to fraudsters, rather it should be use with other
system of control such as adherence to the code of corporate governance, improved system of
audit and monitoring etc.
Finally, the table depicts that management fraud can be prevented if and only if, top
management adhere and submit themselves to the controls set in place within the bank. This
was supported by 69.048% of the respondents from the last question in the table above, but only
30.952% of the respondent disagrees.
In summary therefore, the implementation of strong internal control system is capable
to preventing and detecting fraudulent acts and practices, but not sufficient enough to reveal the
lapses and inadequacies in the bank open to fraudsters within and outside the bank. However,
53
other measures should be used alongside internal control system if the lapses open to fraudsters
wants to be discovered and controlled, such as establishment of audit department that regularly
audit the fundamental operation of the control procedures in existence, maintaining and
supervision of the control system through the establishment of internal control unit/department.
54
4.2.3 The Major Causes of Fraud and Actors that Contributed to the Incidence of Fraud
in Banks
This sub-section presents data collected about the major causes of fraud, and its actors
in the banks. The data is presented in the table below and an analysis follows immediately.
Table 4: The Major Causes of Fraud and Actors that Contributed to the Incidence of
Fraud in Banks
Items Questions SA A N DA SD Total
1. Inadequate training of bank 4 8 0 12 18 42
personnel serves as a lapses
open to fraudsters to operate. 9.524% 19.048% 0% 28.571% 42.857% 100%
2. Lack of effective machinery 0 8 2 12 20 42
that guarantee severe
punishment for fraud
perpetrator and forgers
encourages perpetration of
fraud 0% 19.048% 4.726% 28.571% 47.619% 100%
3. Job Insecurity can lead 30 12 0 0 0 42
people into committing fraud
71.429% 28.571% 0% 0% 0% 100%
4. Increased financial burden on 4 7 5 12 14 42
individual and bank
personnel could lead them to
commit fraudulent act 9.524% 16.667% 11.905% 28.571% 33.333% 100%
5. Weak/poor management 28 14 0 0 0 42
control, monitoring and
supervision of internal
control system can cause
perpetration of fraud 66.667% 33.333% 0% 0% 0% 100%
6. Non-adherence to ethical 21 12 5 4 0 42
standard set by the bank
management and regulatory
body could lead to fraud
perpetration 50% 28.571% 11.905% 9.524% 0% 100%
7. Weak internal control system 22 12 4 4 0 42
could also lead to
perpetration of fraud 52.381% 28.571% 9.524% 9.524% 0% 100%
8. Bad leadership of the banks 20 14 0 8 0 42
top management and
executives could encourage
others to perpetrate fraud
47.619% 33.333% 0% 19.048% 0% 100%
55
The table 4 above reveals that 9.524% of the respondents strongly agreed that inadequate
training of bank personnel serves as a lapse open to fraudsters to operate, 19.048% of the
respondents also support the opinion. However, 0% of the respondents are said to be neutral as
regards this assertion while 28.571% did not believe that inadequate training of bank personnel
could lead to a lapse open to fraudsters to operate and a larger percentage of the respondents
strongly disagreed this assertion.
This therefore implies that inadequate training of bank personnel do not serve as a lapses
open to fraudsters to operate. The table further shows that 19.048% of the respondents agreed
that lack of effective machinery that guaranteed severe punishment for fraud perpetrators could
encourage perpetration of fraud, only 4.726% of the respondents are neutral; and 28.571% did
not believe this opinion which is supported by a greater percentage of the respondents of
47.619% who strongly disagree that the lack of effective machinery that guarantee severe
punishment for fraud perpetrators could encourage perpetration of fraud.
More so, the table depicts at a glance that 71.429% of the respondents strongly agreed
that job insecurity could lead people, particularly bank staff to involve in fraudulent acts, this
was supported by a lesser degree of 28.571% of the respondents, making a total of 100% of the
respondents who believe that job insecurity leads people into committing fraud. By implication,
it means that the entire staff of the bank are of the opinion that job-insecurity is the major actor
that leads people into committing fraudulent act.
The table 4 further reveals that higher percentage of the respondents strongly disagree
that increased in financial burden on bank personnel could lead them to commit fraud. This was
supported by 28.571% who merely disagree that increased in financial burden on individual
and bank personnel could lead them to commit fraudulent act; but only 16.667% of the
respondents believed this assertion, as 9.524% strongly agreed on this assertion, while 11.905%
56
of the total respondent neutral as regard this assertion. By implication, it means increased in
financial burden will not cause individual and bank personnel to commit fraud.
In an attempt to confirm the consistency of the respondents, the table shows that
66.667% of the respondents strongly held and 33.333% agreed that weak or poor management
controls, monitoring and supervision in internal control system can cause perpetration of fraud.
This was in line with 90.476% and 83.333% opinion of the respondents in table 4.2.1 item
number 4 and 4.2.2 item number 2 respectively were 90.470% of the respondents believed that
effective monitoring and auditing of the functional operation of internal control system promote
growth, profitability and continuous existence of the banks and 83.333% believed that effective
supervision and implementation of strong internal control system is capable of revealing
fraudsters mode of operations. Table 4 also depicts that half of the respondents i.e. 50% of the
respondents strongly agree that non-adherence to ethical standard set by bank management and
regulatory body could lead to fraud perpetration. This was supported by 28.571% of the
respondents who held the same view. However, 11.905% of the respondents are neutral, while
only 9.524% of the respondents objected to this assertion.
To further ascertain the responses of the respondents on the opinion that strong internal
control system is able to detect and prevent fraud as shows in table 4.2.2, item number 1 where
85.714% of the respondents agreed to this assertion; table 4.2.3 therefore, clearly reveals again
that weak internal control system could lead to perpetration of fraud. This opinion was strongly
agreed by 52.381% of the respondents and was supported by 28.571% of the respondent while
9.524% of the respondents are neutral and 9.524% also disagree to this assertion. This therefore
implies that weak system of internal control could lead to perpetration of fraud.
Finally the table reveals that 47.619% of the respondents strongly held the opinion that
bad leadership banks top management and executives could encourage others to perpetrate
57
fraud. This was seconded by 33.333% of the respondents, making a total of 80.952% who
agreed that bad leadership of the banks top management and executive could encourage others
to perpetrate fraud; while only 19.048% of the respondents did not agree that such bad
leadership could encourage others to perpetrate fraud. This conclusion is almost similar to the
opinion of the respondents in table 2; item number 5 where 69.048% of the respondents agreed
that top management adherence and submission to control procedures (which serves as a good
leadership) set in place in all departments of the bank is capable of preventing the occurrence
of management fraud.
Therefore in summary, it is obviously and meticulously revealed by table 4 that job
insecurity, as regard this research work, is the prime causes of fraud perpetration, thus an actor
that contributed to the incidences of fraud in the bank. In addition to this cause is the weak or
poor management control, monitoring and supervision of control system; and also the weakness
of internal control system established.
4.3 Discussion of Findings
The study determines whether internal control system is capable of detecting and
preventing fraudulent acts and practices in Nigeria banks. Having thoroughly analyzed the data
gathered from questionnaires administered for the purpose of the study the findings below
originated:
1. The establishment and implementation of strong internal control system is able to detect
and prevent fraudulent acts and practices.
2. Internal control system also enhances the reliability of financial reporting by the users
of financial statement and also increases customers confidents and trust in the bank.
58
3. Effective monitoring and audit of the functional operation of the system of internal
control will prevent fraud occurrence which ultimately promote growth, profitability
and going concern of the banks.
4. Also, effective supervision of the implemented control system will aid the implemented
control to detect fraud, and exposes the mode of operation by fraudsters.
5. Overriding of control by management could serves as a bad leadership example, and
could also cause the bank to liquidate and eventually collapse.
6. The establishment and implementation of internal control system is not sufficient
enough to reveal the lapses and inadequacies in the bank open to fraudsters within and
outside the bank. It should be used with other non-internal control system, thus external
control system such as adherence to the code of cooperate governance, ethical standards
set by bank management and regulatory bodies etc.
7. Of the major finding is the fact that job insecurity will cause people, particularly bank
staff to engage in fraudulent acts and practices. Therefore, job security should be
guarantee to staff in order to reduce to the barest minimum if not completely the
practices of fraud and forgery among bank staff.
Most of the findings listed above are in line within the findings from related past
researches on internal control and fraud prevention in commercial banks. The researches
conducted by Olaniyi O.A (2006), Robertson (1996) and Hamby (1998) confirms that effective
monitoring and supervision of the functional operation of internal control system will prevent
the occurrence of fraud and also detect same. They are of the opinion that there should be the
establishment of internal control unit or department to carry out this role of function. Eseoghene
(2010), Nwaze (2008), Olasanmi (2010) and Ajayi (2010) also concluded in their researches on
the need for sound corporate governance as a means to reduce the incidence of fraud in the
banking industry. In the research conducted by Ajayi specifically opined that internal control is
59
not sufficient enough to reduce the incidence of fraud nor reveals the fraudsters mode of
operation, but rather concluded, based on his finding, that there should be sound corporate
governance and the need to improve on the existing ones.
The Basle committee on banking supervision, in their article, emphasized the impact of
external auditor in assessing a bank internal control system through their roles and
responsibilities. Although, external auditors, according to them, are not, by definition part of a
banking organization, and therefore, are not part of its internal control system, they have an
important impact on the quality of internal controls through their audit activities, including
discussion with management and recommendations for improvement of internal controls. The
external auditors provide important feedback on the effectiveness of the internal controls. In
summary therefore, effective audit of the functional operation of the system of internal control
to prevent and detect fraud should be carried out by external auditors when auditing their clients.
60
CHAPTER FIVE
5.0 SUMMARY, CONCLUSION AND RECOMMENDATIONS
5.1 Introduction
Detailed examination of internal control system and fraud prevention in commercial banks was
looked into in this study because of the rate of fraud and forgery that has negatively affected
the profitability and growth of financial institutions.
This work specifically examined impact of internal control system on fraud prevention in
commercial banks. In gathering information, both primary and secondary sources of data were
used and properly analized.
5.1.1 Summary of Major Findings:
Mobilization of savings and lending being an important activities in commercial banks
business and which Santomero (1997), said lending, accounts for a sizeable portion of the risk
assets of banks. Thus, both has associated problem of fraud and forgery in ensuring effective
mobilization of such savings and collections of the amount lent out. From the findings, it is
obviously depicted that the major causes of, and actor that contributed to the incidence of fraud
and forgery in commercial banks is job insecurity.
Furthermore, the findings vividly revealed that overriding of control system in the bank
by top management has also significantly contributed to the collapses of some large banks,
coupled with poor or weak management control, monitoring and supervision of internal control
system and procedures which also causes fraud to be perpetrated.
However, general principles for the assessment of internal control system as sub-
divided under each of the elements of internal control system were examined. During the course
of this study, the primary data reveals that strong and effective system of internal control
61
reduces the risks of fraud and forgery being perpetrated and also ensures the continuous
existence (going concern) of the bank.
5.2 Conclusion
It has been established in this study that internal control system is paramount in
ensuring effective operation of banks, and it has impact on prevention and detection of fraud
and enhances the overall profitability of banks. As such, it is an important factor that ensures
the going concern of corporate body especially financial institution.
Most commercial banks, though has internal control system in place, but are being
threatened due to weak and ineffective monitoring of the controls in place, and the overriding
of such control by management. This assertion has been proved by the increasing rate of fraud
and forgery perpetration and the growing rate of collapses of banks in the recent time.
However, it was revealed from the findings that the major causes of fraud and forgery
in commercial banks is the insecurity of job of the bank staffs , and that internal control in its
self is not sufficient enough to reveal the lapses and inadequacies in the bank open to fraudsters
but to be use with other system of controls, viz-a-viz, external system of control; such as
adherence to ethical standards ,rules and laws set by bank regulatory bodies such contained in
the CBN prudential guidelines, Bank and other financial institution act(BOFIA), Security and
Exchange Commission and finally adherence to the ethical standard and laws set by statutory
body such as adherence to the code of corporate governance(Nigeria code of best
practices),appointment of external auditor, etc.
Also, from the study, it can be rightly concluded that there is significant relationship
between internal control system and profitability of banks. This rising profile of fraudulent
practices which are threatening the survival of commercial banks is as a result of banks not
62
establishing a very strong internal control and monitoring system, coupled with overriding of
such controls in place by the management of the banks.
This observation is however not true with Guarantee Trust Bank plc. Whose control
procedures and monitoring activities have shown conformity with good internal control system
and staff job being highly secured.
5.3. Recommendations
Having studied the situation in Guaranty Trust Bank plc., it is imperative at this point to make
some recommendation as to ways of prevent further occurrence of fraud and forgery and to
improve monitoring activities and procedures on internal control system in commercial banks.
In order to achieve these, the following suggestions are:
i. Bank staff should be guaranteed job security.
ii. Proper evaluation of the system of internal control and the various control
procedures relating to control objectives should be constantly monitored,
supervised and improved where any lapses is noticed or found. This can be
achieved by establishing an internal control unit/department.
iii. External control system as discussed in the conclusion paragraph above should
be strictly, constantly and continuously adhere to or followed in order to make
internal control system effective and sufficient enough to reveal lapses and
inadequacies open to fraudsters and forgers within and outside the bank.
iv. The functional operation of the internal control system should be constantly
reviewed, monitored and audited strictly by external auditor. Internal auditor
also carries out this function, particularly when conducting pre-audit
test/review.
63
v. Of paramount important is that the management of commercial banks who
establishes controls in the banks should also adhere strictly to such controls,
(internal and external). They should be submissive to such controls, and by this
will they prove good leadership. Overriding of control by management shows a
bad leadership which can instigate subordinates to follow suit and thereby
engaged in the dubious acts of fraud and forgery. Management overriding the
control has a future, long term negative effect on the bank as it jeopardize the
going concern of such banks.
vi. Finally, in spite of the comprehensiveness of this study, it should be noted that
findings are based on Guaranty Trust Bank plc.; other banks can still be used.
And also the need for more use of secondary data in analysing the system of
internal control of banks in subsequent research works.
vii. Therefore, there is need for the bank management to ensure that the internal
control system is very strong as much as possible to cover those lapses and
inadequacies which manifested in various ways known to them.
64
REFERENCES
Adewunmi.W. (2012) Fraud in banks, Nigerian institute of bankers, Landmark pub-
Ajayi M.A. (2010) Determinants of Fraud in Nigeria Banking Industry
Anyanwu I.C (2013) Money Economics, theory policy and institutions, hybrid
Benjami A. (2009). Principles and practice of guiding investigation and professional practice.
FBN Annual Report (2006).
Bigg W.W (2014) Practical auditing hybrid publisher limited Business and financial
practices: Internal Control, August 2014.
Canadian Deposit Insurance Corporation, Standards of Sound Business and financial
practices: Internal Control, August 2010.
Canadian Institute of Chartered Accountants, Guidance on Control, November 2010.
Central Bank of Nigeria 2009. Banking Sector Reforms and Bank Consolidation in
Nigeria, Bullion, 29(2). economic and financial review, 1(33), 62- 83.
Eseoghene. J.I. (2010), Bank fraud in Nigeria: underlying causes, Effect and Possible European
Monetary Institute, Internal Control Systems of Credit
Fakunle, B. (2006). Audit companion. 2nd Edition Lagos
Gold face Irokolibe I.J Eradication of banking malpractices in Nigeria, CBN Institutions,
July 199 Publications, Lagos.
Horngreen, C.T. (2007). Cost accounting: A managerial emphasis. Englewood Cliffs, N.J
Prentice-hall Inc, 5th Edition
Idowu, A. (2009). An assessment of fraud and its management in Nigeria commercial banks.
European Journal of social sciences, 10(4) 628-640.
Lagos.Publisher ltd, Nigeriaremedies, African Journal of Accounting, Economics, Finance
and Banking Research, 6(6), 62-79
Nigeria Deposit Insurance Corporation (NDIC, 2011). Annual report
65
Nwankwo, G.O. (2011) Bank Management Principles and Practices, Malt house press Ltd.,
Ojo, J. A (2008). Effect of bank frauds on banking operations in Nigeria international journal
of investment and finance. 1 (1), p 103
Olatunji, O.C. (2009). Impact of internal control system in banking sector in Nigeria pp.181-
189
Onwuamaeze, D (2008). Migrane of banks, NDIC report of 2007.
The Committee of Sponsoring organizations of the Tread way Commission (COSO),
Internal Control Integrated Framework, July 2011.
Tilton P.D. (2006). Potential red flags detection techniques,
66
APPENDIX
QUESTIONNAIRE
Internal Control and Fraud Prevention
(A Case Study of Guaranty Trust Bank Bauchi Branch)
Dear Respondent,
I am a postgraduate student of Abubakar Tafawa Balewa University (ATBU) Bauchi,
conducting a research on the above mentioned topic, as part of the requirement for the Award
of Post Graduate Diploma in Accounting is in view of the above that, I humbly wish that you
answer the questions raised on the Attached questionnaire. The questionnaire is made up of
sections A and B section A you are required to state your personal data and in section B you
are also require to Tick appropriately. I will appreciate it if you give me the benefit of having
your true view, as the success or otherwise of this study depend squarely on your responses.
All information supplied will be used for the purpose of this research only and will be treated
confidentially.
Thank you for sparing and participate in this research.
Yours faithfully,
Nya Eunice Ebong
67
SECTION A: BIO DATA
Kindly thick [ ] in the appropriate bracket.

1. Age:
i. 25 years and below [ ] ii. 26 - 30 years [ ]
iii. 31 - 35 years [ ] iv 36 - 40 years [ ]
iv. 40 year and above [ ]
2. Gender:
i. Male [ ] ii. Female [ ]
3. Highest teaching qualification:
i. Grade II [ ] iv. PGDE [ ]
ii. N.C.E [ ] v. M.Ed [ ]
iii. B.Ed. [ ] vi. Ph.D Ed [ ]
4. Work Experience:
i. 1-5 years [ ] iii. 11-15 years [ ]
ii. 6-10 years [ ] iv. 16-20 years [ ]
v. 21 years and above [ ]
SECTION B
Kindly thick [ ] in the column that best expresses your opinion.
Key: SA=Strongly Agree, A=Agree, U=Un-decided, D=Disagree, SD=Strongly Disagree
THE IMPACT OF INTERNAL CONTROL ON THE OVERALL
MANAGEMENT OF NIGERIA BANKS
5. Does internal control system capable of ensuring and promoting the effectiveness
and efficiency of operations in the banks?
6. Does the implementation of effective and strong internal control system capable
of enhancing customers confidence and trust in the Banks
7. Does the implementation of internal control system in the banks ensure the
reliability of financial reporting by the users of banks financial statements?
8. Does effective monitoring and auditing of the functional operation of internal
control system promote growth, profitability and continuous existence of the
Banks?
9. Does the overriding of control by Banks Management capable of making Banks
to liquidate and eventually collapse?
68
THE IMPACT OF INTERNAL CONTROL SYSTEM ON
FRAUD PREVENTION AND DETECTION
10. Does the implementation of strong internal control system able to
detect and prevent fraudulent act and practice?
11. Does an effective supervision and implementation of strong internal
control system capable of revealing fraudsters mode of operations?
12. Does awareness of internal control system by management and staff
reduces an attempt to perpetrate fraud?
13. Does an effective internal control system sufficient enough to reveal
the lapses and inadequacies in the bank open to fraudsters within and
outside the bank?
14. Does top management adherence and submission to the control
procedures set in place in all departments of the bank able to prevent
the occurrence of management fraud?
Items Questions SA A N DA SD Total

THE MAJOR CAUSES OF FRAUD AND ACTORS
THAT CONTRIBUTED TO THE INCIDENCE OF
FRAUD IN BANKS
15. Inadequate training of bank personnel serves as a lapses
open to fraudsters to operate.
16. Lack of effective machinery that guarantee severe
punishment for fraud perpetrator and forgers encourages
perpetration of fraud
17. Job Insecurity can lead people into committing fraud
18. Increased financial burden on individual and bank
personnel could lead them to commit fraudulent act
19. Weak/poor management control, monitoring and
supervision of internal control system can cause
20. Non-adherence to ethical standard set by the bank
management and regulatory body could lead to fraud
perpetration
21. Weak internal control system could also lead to
22. Bad leadership of the banks top management and
executives could encourage others to perpetrate fraud
69

The Impact of Internal Control System

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

The Impact of Internal Control System

Uploaded by

Copyright:

Available Formats

CHAPTER ONE

1.1 Background to the Study

process of financial intermediation whereby such intermediaries also provide considerable

willing to lend appropriate amount of funds at relevant interest rate.

productive investment by financial institution, thereby promote economic growth and

In the words of Millechamp A. (2000), Internal Control system is an independent

performance as a service in the organization.

as a review of operations and records, sometime continuous undertaken with a business by a

specially assigned staff.

Internal control, therefore is a whole system of controls, financial or otherwise, established by

possible the completeness and accuracy of record.

deception to obtain an unjust or illegal advantage. Fraud may include: manipulation,

falsification or alteration of documents and records; recording transaction without substances,

banks CBN Report, (2011).

1.2. Statement of the Problem

through lapses or inadequacies which manifested in various ways.

(c) Can an inadequate internal control system cause perpetration of fraud?

1.4 Objectives of the Study

to minimize and prevent the occurrence of fraudulent practices in any form.

These objectives of the study are as follows:

i. To determine the impact of Internal Control System on the overall management of

1.5 Significance of the Study

to the banking industry entail the following:

elements are used to prevent fraud.

outside the banks.

avert their operations through the use of internal control system.

of lay-down expected punishment.

internal control being put in place.

of which are achievable through implementation of strong system of internal control.

1.6. Scope of the Study.

financial institutions and the economy at large.

1. Inability of the researchers to get to the respondents due to bureaucracy.

2. Not all the questionnaires distributed for administering was returned.

3. Insufficient time on the part of the researchers to do proper evaluation.

of fraud prevention difficulty in Guaranty Trust Bank Plc.

1.8. Definition of Terms

transaction in an organization whereby the work of one person is verified independently or in

complimentary to the work of another.

2. Internal Audit: Is an independent appraisal function established by the management

3. Internal Control: This is a whole system of control, financial or otherwise, established

possible the completeness and accuracy of records.

4. Fraudsters: These are the people who commit frauds.

6. Error: This is an unintentional; Mis-statement in the financial statement. It is an act

done without the intention of committing the act.

may not be the objectives. The end product of irregularities is fraud.

2.0 LITERATURE REVIEW

2.1 Area of Study

control as the whole system of controls, financial or otherwise established by management in

evaluating the level of performance in the division of the organization.

Millechamp (2000) also defined internal control system of an independent appraisal

performance as a service in the organization.

companies, both financial and non-financial institutions, Sarbanes-Oxley emphasizes the

Sarbanes-Oxley requires companies to maintain strong and effective internal control

and encourage adherence to prescribe managerial policies.

2.2.1 Internal Audit

This is an independent appraisal function established by the management of an organization for

carried out by the external audit department.

for protective and constructive services to management.

2.2.2 Internal Check

an organization whereby the work of person is verified independently or is complementary to

of the invoice is correct

(b) Somebody else preparing the payment voucher

(c) One other person signing the cheque.