This paper examines internal control failure as a root cause of major corporate fraud and financial collapse, using the Barings Bank scandal — orchestrated by rogue trader Nick Leeson — as its central case study. The paper defines internal control, outlines the seven core requirements for an effective internal control system, and explains how deficiencies in each area create opportunities for fraud and financial loss. It also addresses the limitations of existing frameworks, particularly the COSO guidelines, in preventing senior management fraud, citing the Enron and WorldCom scandals as further evidence that zones of discretion at the executive level undermine even well-designed control systems.
The collapse of Barings PLC, the oldest bank in England, is a striking example of internal control failure. Nick Leeson, a trader in derivatives, lost close to $1.7 billion in open-ended derivative contracts established in the name of Barings PLC (Leeson, 2006). When the Bank of England's report on the financial fiasco was released, the Daily Telegraph, a respected British newspaper, declared: "The [Bank of England] report reflects badly on the Bank of England, badly on Mr. Leeson, but worst of all on the senior management of Barings. It defies the comprehension of an outsider that a single individual could have wreaked such havoc for almost three years without detection." This statement captures the essence of what internal control is meant to prevent. Leeson was a fraudster, but the failure of internal control allowed him to accumulate enormous losses unchecked for nearly three years.
The internal controls at Barings PLC were effectively non-existent, and even Leeson himself claimed to be astonished at the absence of any oversight or accountability. During his prosecution, Leeson admitted: "I was astonished that nobody stopped me. People in London should have known that I was making up the numbers." He could only continue spending due to the complete lack of controls over his derivative trading activity. "I marveled at how every single Barings person blamed somebody else — especially me — rather than themselves. It was as if they needn't have been employed at all," Leeson declared to the press.
Business internal controls are important and must be understood by entrepreneurs and accountants alike. Poorly monitored or haphazardly developed internal controls can make the difference between the success and failure of any business. Calhoun and Luizzo (1992) found that 30% of business failures occur due to poor internal controls and dishonest employees.
Internal control is defined as a process that ensures effective operations with reliable financial reporting, in compliance with applicable laws and regulations. An internal control system must protect a business's assets, encourage efficient operations, generate reliable accounting information, and comply with company policy — making it difficult for a dishonest employee to commit fraud. Lavery et al. (2000) estimated that U.S. businesses lose $400 billion annually due to fraud and theft by managers and employees.
Setting up a system of internal control requires a business to observe the following principles (Hrncir & Hobbs, 2002):
Internal control failure is the result of failing to apply any or all of these guidelines.
If no person is made responsible for an activity, no one will handle that responsibility. For example, if receiving payments from customers is left to whoever happens to be nearby, everyone may assume the departing customer has already paid someone else — and the customer may leave without paying at all. The business owner is likely to pay for this management style through loss of cash, loss of inventory, loss of control, and ultimately loss of the business (Hrncir & Hobbs, 2002).
Maintenance of accounting records allows a business to monitor its performance, gauge its effectiveness in achieving targets, and enables managers to verify whether a given event did or did not occur on a specific date. Accounting records can highlight failures to meet targets and help identify accounting anomalies.
"How each missing control creates fraud opportunity"
"COSO zones of discretion shield executives from oversight"
In all cases of negligence, product failure, and accounting fraud, failure to implement internal controls has been identified as the primary cause of the resulting debacles. The International System of Standards (ISO) relies on ensuring quality through internal controls at every stage of a company's operations. Failures to implement these controls result in substandard production and significant financial losses.
You’re 47% through this paper. Sign up to read the remaining 2 sections.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.