1

CHAPTER 1

THE PROBLEM AND ITS SETTING

Background of the Study

Internal Control has always been a trend and an issue in the world. Organizations face

a wide range of uncertain internal and external factors that may affect the achievement of

their objectives. Nowadays businesses operate in the fast, competitive and ever-changing

environment. Their success is based on the ability to adapt to the environmental changes, to

fulfil organizational objectives and to manage risks as the business landscape evolves every

day.

A system of effective internal controls is a critical component of company

management and a foundation for the safe and sound operation of organizations. However,

ineffective internal controls result in ineffective programs and losses (Financial Management

Manual 2005). That is why the Retired Executive Vice President of American Savings Bank,

Mary Locatelli in September, 2003, made it known that, the recent rash of corporate failures

and accounting frauds are mostly preceded by a failure in a company’s internal control

structures. (Directorship Journal, 2003)

A framework for internal control systems in Banking Organizations issued by the

Bank of International Settlement (Basle Committee) on Banking Supervision in 1998 stated

that, the heightened interest in internal controls is, in part, a result of significant losses

incurred by several organizations. It explained that, an analysis of the problems related to

these losses indicates that they could probably have been avoided had the organizations

maintained effective internal control systems. Such systems would have prevented or enabled

earlier detection of the problems that led to the losses, thereby limiting damage to the
 2

organization. This same idea is reflected in Kaplan (2007), that, poor standards of corporate

governance had led to insufficient controls being in place to prevent wrong doing in the

United States (US) in the 1990s, as demonstrated by the collapse of Enron and WorldCom.

These in fact were described as a high-profile collapse by the Association of Certified

Charted Accountants – ACCA, (Student Accountant, 2008).

In the Philippines, there have been recent lapses in bank internal controls that make it

inappropriate for banks and the BSP to claim the incidents are isolated. Last July 2017,

Metrobank discovered unauthorized cash transfers. It was the most shocking case since the

RCBC money laundering in year 2016. NBI spokesman Ferdinand Lavin said, “The biggest

loss on this is the integrity of the banking system and the internal control system of the bank.”

(Boo Chanco, 2017) Another similar case is the unauthorized transactions in the accounts of

the BPI clients. In June 2017, BPI issued a statement saying that an “internal data processing

error” had caused some errors in the accounts of their clients. (VJ Bacungan, 2017)

Issues on internal controls among business entities also took place in the municipality

of Bansalan, Davao del Sur. Some of these are the lack of control with authorization of

transactions, no oversight and review of the operations, ineffective information systems and

lack of physical and logical security.

From the above, it is therefore imperative to say that, internal controls play a

significant role in helping entrepreneurs and managers to achieve their goals hence the need

for this study to investigate the effectiveness of internal controls.

Statement of the Problem

The main aim of this study is to determine the level of implementation of internal

controls and to assess its effectiveness among MSMEs in Bansalan, Davao del Sur; it sought

to answer the following question.

 3

1) What is the level of implementation of internal controls in terms of:

1. Types of Internal Controls:

i. Preventive Controls

ii. Detective Controls

2. Components of Internal Controls:

i. Control Environment

ii. Risk Assessment

iii. Control Activities

iv. Information and Communication System

v. Monitoring Activities

2) What is the level of effectiveness of internal controls in terms of:

1. Types of Internal Controls:

i. Preventive Controls

ii. Detective Controls

2. Components of Internal Controls:

i. Control Environment

ii. Risk Assessment

iii. Control Activities

iv. Information and Communication System

v. Monitoring Activities

3) Is there a significant relationship between the implementation of internal controls

and its effectiveness?

 4

Hypothesis

In this study, the null hypothesis is of 0.05 level of significance.

Ho1: There is no significant difference in the level of implementation of internal

controls with regards to its effectiveness among MSMEs in Bansalan, Davao del Sur.

Theoretical and Conceptual Framework of the Study

Arad and Jamshidi-Navid (2010), stated that internal control is an accounting

procedure or system design to promote efficiency or assure the implementation of a policy or

safeguard assets or avoid fraud and error. Internal control is a major part of managing and

organization. It comprises the plans, methods, and procedures used to meet missions, goals,

and objectives and, in doing so, support performance-based management. Internal Control

helps managers achieve desired results through effective stewardship of resources. It reduces

the risk associated with undetected errors or irregularities, both designing and establishing

effective internal controls is not a simple task and cannot be accomplished through a short set

of quick fixes. In this paper the concepts of internal controls and different aspects of internal

controls are discussed.

Figure 1 shows the conceptual framework of the study showing the significant

difference of the variables in the study. The independent variable is the internal controls

wherein it is solely focused on Micro, Small, and Medium enterprises. The dependent

variable is the level of implementation and its effectiveness. Indicators of the level of

implementation of internal controls and its effectiveness include preventive controls,

detective controls, control environment, risk assessment, control activities, information and

communication system, and monitoring activities.

 5

Types of Internal Controls

 Preventive controls
 Detective controls

Components of Internal Controls

 Control environment
 Risk assessment
 Control activities
 Information and communication system
 Monitoring activities

Figure 1.Conceptual Framework showing the relationship of the variables of the study.
 6

Review of Related Literature

This portion presents the review of related literature connected with study of the level

of implementation of internal controls and its effectiveness. This covers its definition, types

and components. The information of the study was gathered and selected from unpublished

thesis, articles available via internet, and books in the library.

Internal Control

According to statement of Auditing standards (SAS,300); Internal Control is defined

as all the policies and procedures adopted by the directors and management of an entity to

assist in achieving their objective of ensuring, as far as practicable, the orderly and efficient

conduct of its business, including adherence to internal policies, the safeguarding of assets,

the prevention and detection of frauds and errors, the accuracy and completeness of

accounting records, and the timely preparation of reliable financial information.

COSO (1992)also defined internal control as “process, effected by an entity’s board

of directors, management, and other personnel, designed to provide reasonable assurance

regarding the achievement of objectives relating to operations, reporting, and compliance”.

Effectiveness of Internal Control

According to COSO (1992), the extent to which the components are present and

operating effectively will serve as a base to judge whether the internal control is effective.

Effective functioning of all the components provides reasonable assurance as to achievement

of one or more of the three categories of objectives. Internal control may be judged effective

for each of the three categories of internal control objectives if the board of directors and

management have reasonable assurance that:

 7

 They understand the extent to which the entity's operations objectives are being

achieved.

 Published financial statements are being prepared reliably,

 Applicable laws and regulations are being complied with.

Types of Internal Controls

Preventive Controls

According to Locatelli M. (2009), preventive controls are measures put in place by

management to deter and prevent noncompliance with directives, policies and procedures.

These controls are intended to prevent risk of error, frauds and irregularities from occurring

in transactions and prevention of loss. Segregation of duties, proper authorization and

approval, establishment of organizational chart to allocate jobs to responsible officers,

adequate documentation, physical control over assets and constant training of staff are

examples of preventive controls.

Detective Controls

Wells J. (2006) defined detective controls as controls which are aimed at detecting

and uncovering problems such as fraud, irregularities and errors after they have been

committed. Although, detection is necessary prevention is more desirable. These controls are

in the form of post-audits, exception reports and validation. They provide evidence that a loss

has occurred but do not prevent a loss from occurring. Examples of detective controls are

reviews, analyses, variance analyses, reconciliation, physical inventories and audits.

However, detective controls play critical role in providing evidence that the preventive

controls are functioning and preventing losses.

 8

Components of Internal Control

COSO (1992) defined internal control as having five components. They have an

impact on the organizational structure level of the entity.These components are:

Control Environment

The control environment reflects the board of directors’ and management’s

commitment to internal control. It provides discipline and structure to the control system.

Elements of the control environment include:

 The organizational structure of the institution.

 Management’s philosophy and operating style.

 The integrity, ethics, and competence of personnel.

 The external influences that affect the bank’s operations and risk management.

 The attention and direction provided by the board of directors and its committees,

especially the audit or risk management committees.

 The effectiveness of human resources policies and procedures.

Risk Assessment

Risk assessment is the identification, measurement, and analysis of risks, internal and

external, controllable and uncontrollable, at individual business levels and for the entity as a

whole. Management must assess all risks facing the entity because uncontrolled risk-taking

can prevent the entity from reaching its objectives or can jeopardize its operations. Effective

risks assessments help determine what the risks are, what controls are needed, and how they

should be managed.
 9

Control Activities

Control activities are the policies, procedures, and practices established to help ensure

that the personnel carry out board and management directives at every business level

throughout the entity. These activities help ensure that the board and management act to

control risks that could prevent the entity from attaining its objectives. They should include:

 Reviews of operating performance and exception reports.

 Approvals and authorization for transactions and activities.

 Segregation of duties to reduce a person’s opportunity to commit and conceal fraud

or errors.

 The requirement that officers and employees in sensitive positions be absent for two

consecutive weeks each year.

 Design and use of documents and records to help ensure that transactions and events

are recorded.

 Safeguards for access to and use of assets and records. To safeguard data processing

areas, for example, a bank should secure facilities and control access to computer

programs and data files.

 Independent checks on whether jobs are getting done and recorded amounts are

accurate

Information and Communication System

Accounting, information, and communication systems capture and impart pertinent

and timely information in a form that enables the board, management, and employees to carry

out their responsibilities. Accounting systems are the methods and records that identify,

assemble, analyze, classify, record, and report a entity’s transactions. Information and

communication systems enable all personnel to understand their roles in the control system,
 10

how their roles relate to others, and their accountability. Information systems produce reports

on operations, finance, and compliance that enable management and the board to run the

bank. Communication systems impart information throughout the entity and to external

parties such as regulators, examiners, shareholders, and customers.

Monitoring

Monitoring is oversight of the control system’s performance. Self-assessments are

evaluations of departmental or operational controls by persons within the area. Ongoing

monitoring should be part of the normal course of daily operations and activities. Internal and

external audit functions, as part of the monitoring system, may provide independent

assessments of the quality and effectiveness of a control system’s design and performance.

Strong control cultures typically incorporate qualified personnel, effective risk identification

and analysis, clear designation and appropriate separation of responsibilities, accurate and

timely information flow, and established monitoring and follow-up processes.

Significance of the Study

This study would be beneficial to the following:

Government Entities. This would provide them information on how crucial internal controls

are in the achievement of their goals. This information will serve as their basis on what laws

and regulations to implement to support the implementation and effectiveness of the internal

controls.

Entrepreneurs. Businessmen, employers and managers would highly benefit from this study

for this would provide them knowledge about the types and components of internal controls
 11

to be implemented in their firms. This would also help them assess the level of effectiveness

of the controls implemented and find solutions to cope up with the lapses.

Students. College students, especially those who took up business degrees, would benefit

from this study for they will gain knowledge and an overview about internal controls.

Researchers. We, the researchers, find this study very significant to us because along the

process we understood how important internal controls. We realized that these controls play a

big role in the achievement of an entity’s goal. We also found out that money isn’t the only

thing that would ensure the continuous existence of the entity.

Future Researchers. This study can be a useful guide for the next researchers who will

conduct a study on about the same issues and will also make the presented study broader and

more informative.

Definition of Terms

Internal Controls-are the mechanisms, rules and procedures implemented by a company to

ensure the integrity of financial and accounting information, promote accountability and

prevent fraud.

Control Environment-sets the tone for the organization, influencing the control

consciousness of its people. It is the foundation for all other components of internal control.

Risk Assessment-the identification and analysis of relevant risks to the achievement of

objectives, forming a basis for how the risks should be managed

Information and Communication Systems-processes that support the identification,

capture, and exchange of information in a form and time frame that enable people to carry out

their responsibilities
 12

Control Activities-the policies and procedures that help ensure management directives are

carried out.

Monitoring-processes used to assess the quality of internal control performance over time.

Effectiveness-producing a result that is wanted: having an intended effect.

MSMEs- are micro, small and medium enterprises

 13

CHAPTER 2

METHOD

The methodology we will select for the proposed study will be detailed here. This

chapter will describe and discuss the procedure to be made by the proponents in gathering

necessary data and information that will be seen in the entire study. The planned research

design, research participants, the methods of collecting and analysing data, the sources and

roles of researcher will be presented here.

Research Design

In order to satisfy the objectives of the study, a quantitative research will be held.

Since its main focus is to emphasize objective measurements and the statistical,

mathematical, or numerical analysis of data collected by manipulation of pre-existing

statistical data or by the used questionnaires, and surveys using computational techniques.

The main advantage of this method is that it allows and offers complete and concise

information in measuring the specified research subject.

Research Subject

Researchers will collect statistical record of the level of implementation of internal

controls and its effectiveness among MSMEs in the municipality of Bansalan, Davao del Sur.

Research Instrument

There are self-administered questions which will be directly distributed to the

respondents to gather the necessary data. But before the respondents will answer the

questionnaires, researchers will briefly explain the objectives of the study to conduct a

survey; a brief explanation will be given through the managers/employers and owners of the

business face to face wherein self-administered questionnaires will be given.

 14

Data Gathering Procedure

Researchers will plan a procedure to gather step by step information.

1. A letter of permission will be sent to the Program head of BSAT Department and

Director of the University of Mindanao Bansalan College asking permission to allow

the researchers to conduct the study.

2. Another letter of permission will be submitted to the Office of the Mayor of Bansalan,

Davao del Sur, in order to allow us to conduct the study and distribute questionnaires

to the respondents of the study.

3. The researchers will create a survey questionnaire to be validated by selected experts.

These questionnaires will be administered and distributed to the respondents of the

study.

4. Upon the approval of the letter, the questionnaires will be administered to the

establishments in Bansalan, Davao del Sur.

5. Upon the retrieval of the questionnaires, the researchers will be able to retrieve the

questionnaires from the respondents. The instruments will be collated, tallied, and

analyzed.

Role of the Researcher

The role of the researcher is to collect all possible data that is deemed necessary in the

materialization of the study. It also monitors and reduces biases by developing competence

method.

Statistical Tools

Statistical tools such as tables and percentage will be used for analyzing the data and

arriving at the conclusion.

 15

Frequency. This tool will be used to identify the number of respondents of the study.

Mean. It will be used to determine the average value of the level of implementation of

internal controls and its effectiveness in Bansalan, Davao del Sur.

T-test. It will be used to analyze the significant difference of the level of financial

literacy in terms

F-test. Is a test that will be used to determine whether two variant having normal

distribution have the same variances of standard deviation.

Anova. Is a powerful statistical technique that involves partitioning the observed

variance into different components to conduct various significant tests.In the study, it will be

used in to determine the significant difference of the level of financial literacy

Standard Deviation. It will be used to determine the difference between the average

of a group of numbers and a particular number in that group.

P value. It will help to determine the significance of the results. Hypothesis tests were

used to test the validity of a claim that is made about a population.

Sum of Squares. Is a statistical technique used in regression analysis to determine the

dispersion of data points. This will be used as part of the ANOVA analysis.

Degree of Freedom. Is the number of independent pieces of information that went

into calculating the estimate.

Mean Square. Mean squares will be used in the analysis of variance and are

calculated as a sum of squares divided by its degrees of freedom.

 16

REFERENCES

Ofori, W. (2011). Effectiveness of Internal Controls: A Perception or Reality? The

Evidence of Ghana Post Company Limited in Ashanti Region
Retrieved from https://www.coursehero.com/file/13547344/WILLIAM-OFORI FINAL-
THESIS-2011/

Chanco, B. (2017). The Philippine Star

Retrieved from https://www.philstar.com/business/2017/07/25/1721411/internal-
controls

Bacungan, V (2017). CNN Philippines

Retrieved from https://nine.cnnphilippines.com/news/2017/06/07/bpi-report-
unauthorized-transaction.html

Arad &Jamshidi-Navid (2010). A Clear Look at Internal Controls: Theory and Concepts
Retrieved from https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1342048

AICPA (1997). Statement of Auditing Standards 300

Retrieved from
https://app1.hkicpa.org.hk/professionaltechnical/pronouncements/handbook/volume3a/sas30
0.htm

COSO (2013). Internal Control Integrated Framework

Retrieved from https://home.kpmg.com>pdf>2016/05