INTERNAL CONTROL SYSTEM AS A MEANS OF PREVENTING FRAUD IN NIGERIA FINANCIAL INSTITUTION (A CASE STUDY OF FIRST BANK OF NIGERIA PLC ONITSHA)
Many Authors and researchers have written on the topic of internal control”, most of this writers are foreigners and as a result of witting the context of their home contraries. In recent times, however, indigenous writers have also made their impact in bringing the situation nearer home.
It has to be emphasized were that early part of this chapter will be devoted to fraud resulting from the effect of lapses in internal control system. This is necessary to illustrate the firms and types of fraud that exist in the banking industry especially in first bank of Nigeria Plc.
Also special reference is made to some of the permission of the financial regulations at it effect internal control system in the banking industry designed for the purpose of checking fraud. A comprehensive and exhaustive body of literature in relation to an internal control system with a view to checking fraud in first bank of Nigeria Plc had not yet been developed in Nigeria.
However, considerable and commendable publication have been written on this subject and there are various commendable paper presented by accounting authorities in seminar and symposia on fraud in the bank.
It is therefore my intention in this chapter to evaluate some of their works and papers and then make my own contribution.
2.1 DEFINITION OF FRAUD
The simplest definition of fraud as given by oxford advanced learners Dictionary is “Criminal deception, out of deception trick, checking swindling, persons or things that deceives” in the banking industry, a good numbers of experts have tries to defined fraud as if affects the industry.
WOLE ADEWUNRI (1986, P.2) defined fraud as a conscious premeditated action of a person or group or persons in the intention of altering the truth and or fact for selfish personal monetary gain.
RODXINOWICS AND WOLGANG (1972), on their article on crime and justice classified fraud together with white colour crime and defined them as:
Illegal act’s characterized by quit deceit and concealment and not dependent up on the application of physical force or violence of threats there of.
2.2 TYPES AND CAUSES OF BANK FRAUD
Fraud in banks is very widely is nature, character and method of perpetration, thus making the classification a very difficult exercise while some authorities such as the committee of Chief inspections of banks (1987) and Sydney F.I (op, cit, pg 2D) prefer to group fraud according to the perpetrators others refers a classification based on the method used.
On the basis of perpetrators, the bank fraud be grouped into broad categories.
INTERNAL FRAUD: This is the form of fraud which raised within the bank. It is, so to say, that type of fraud committee by members of the bank stage.
EXTERNAL FRAUD: Unlike the internal fraud, the idea of this form of fraud is generated outside the bank. They are those types of fraud that are committed by those that are not committed by the bank customers on the parties (Non customers).
MIXED FRAUD: This is the form of fraud that is committed by outsiders in collusion with bank staff. Thus, it is mixture of internal and external fraud.
However, using the methods of perpetrate as a basis of classification, types of fraud has been identified as follows.
- Forged cheque with forged signature: This is the most frequent type of fraud committee mostly by a company staff who have access to the company’s cheque, Mostly they collude, with the dishonest staff of the paying bank. It is a situation where forged signature is placed on a company’s account with the bank.
- Telex fraud: This type of fraud occurs when authentic messages which are to be tested and sent by a bank’s telex officials fall into the hands of the fraudulent bank staff. Test keys are manipulated usually with the collusion of bank officials and the messages after being duly tested are tranfuitted As a result of misdirection. Money is paid to a fictitious account abroad through a correspondent bank and later cashed by overseas conspirators.
- Cross fining of cheque of tilling: The customer indulging in this practice usually have two or more different bank or branches. He drams a cheque on his account in Bank A, knowing that there are fund on that account and Deposit, the cheque into the account with Bank B. He then draws on the uncollected finds in bank B and immediately deposits in bank A, another cheque drawn on non-existent finds in his account on bank B.
- Cash fraud: This is type of fraud occurs when a cashier receives huge sum of money but will not record all of it in his book. He then takes it out by passing it over the counter to a third party.
- Other types of fraud under this classification include falsification of account (current saving and suspense account) printing of bank documents illegally, clearing fraud, computer fraud, foreign exchange fraud, theft of cash/suppression of lodgment, opening and operating a fraudulent loan account and over-invoicing for services to the bank.
A slightly different and more defiled classification of fraud is provided by Ojighed S.I (op.cit. p.2). He classified fraud into two broad types; errors and irregularities. Errors are mistakes which are not intended but which do occur.
Errors produce unreliable records and include omissions of proper entries. Inclusion of in current entering erroneous calculations and errors in posting.
Irregularities are fraud intentionally perpetrated and may take any of the follow firms; deliberate omission of an entry. Introduction of improper entry, improper calculation, improper posting, manipulation of documents substitution of ticititions document and alternative of genuine documents.
The above list of the types of fraud is not exhaustive since the methods used in perpetrating fraud seen to be increasing with time.
The notoriety and ingenuity of fraudsters in devising new methods of defrauding banks have imposed a sere of fatalism on some bankers who lament that the problems of fraud is insurmountable.
However, fraud can be caused by a lot of factors and these can be grouped into two major classes. Institutional factors and environmental\Societal factors. The institutional factor. The institutional factor. The institutional factors are those traceable to the internal environment of the bank, while the environmental societal factor are those which result from the influence of the environmental/society on the banking industry. The common institutional cause of as identified by different authors are summarized as follows;
Volume of work, number of staff banking experience of staff, lack of staff training, poor management, staff negligence, poor security arrangement for documents use of sophisticated machines and lapes in the mtg. Control system. The environmental /society factors have been identified as follows; society value inability of law enforcement agents to detect fraud and prosecute fraudsters with dispatch and lack of effective determent punishment.
- CONCEPT AND DEFINITION OF INTERNAL CONTROL SYSTEM
The intuiting standards and guideline (45 % G) 3.204 defined internal control system as the whole system of control both financial and otherwise established by management in order to carry on the business of the enterprises in an orderly and efficient manner, ensure adherence to management policies, safeguard the assets and secure as far as, possible, the completeness and accuracy of the records. 4.
Guilie Woolf (1979. p. 64) commenting on the definition given by the auditing standards and Guideline stated that the striking thinning about the definition;
It all embracing nature and it is clear that internal control is concerned with the controls operative in every areas of co-operate activity well as with the way in which individual controls inter-relation.5 .
The American institute of certified public Accountancy’s however stated that; internal control comprises the plan of organization and of the co-ordinate methods and measures and by a business safeguard its assets, check the accuracy and reliability of it’s accounting data, promote operational efficiency and encourage adherence to prescribed management policies 6.
From the above definitions, internal control be viewed as a system of controls, financial, administrative and otherwise installed and maintained by internal management to achieve set purposes. These include:-
- Safeguarding the assets of the enterprise from all forms of misuse and error.
- Establishing and maintaining the accuracy and reliability of accounting data information and records.
- Promote operational efficiency and effectiveness, seek, encourage and obtain adherence to prescribed management policies and method.
Settler H.F. (1977, p 85) pointed out that “Internal control system extends beyond financial and accounting matters, and the custody of assets”. 7 corns C.M (1981, p.8) however stated that “internal control, contrary to the frequent misconception and not operating procedures but a check on operating procedures. They are not part of an audit function but the establishing of rules and regulations, proofs and balance conversing transactions, which under an audit programme are verified and their authenticity established’ 8 it is appeared from the definitions above the whole system therefore is to evolve a system whereby, even though ownership is separated from management, yet the owner will be left in no doubt that their assets and resources are efficiently managed.
Since the internal control system is a tool set up by the management, it follows that the control system would be different from firm to firm. However, in his articles “internal control system and fraud in the Nigeria public sectors”.
BOLA FAYENIM 9, of the Department of accountancy university of illogical, maintained that for then to be an efficient internal control system, the following will be put into consolations:-
- The control must be relevant to the size of the job that is being performed.
- Variation from standards must be reported immediately.
- Distinctions must be properly set
- There must be a good control environments.
- Exception to stated rules and procedures must be avoided.
From the definitions so far given, internal control may be summary as consisting of internal check, internal audit, and other forms of control (administrative and financial).
The institute of chartered accountants of England and wales (ICAEWO) statement of auditing defined internal check as:-
The allocation of authority and work in such a manner as to afford check on the routine transactions of day to day work by means of the work of one person being proved independently, by another or the work of one person being complementary to records sometime continuous. Undertaken within the business by specially assigned staff 1.0
A.H MILLCHAMP (1981, P.34) however defined internal check as:-
The check on the day to day transactions which operated continuously as part of the routine system whereby the work of one person is proved the presentation or early detection of errors and frauds; includes matters such as the delegation and allocation of authority and the division of works. Methods of recording transactions, and the use of independently ascertained total against which a large number of individual items can be proved from these definitions it could be deduced that internal check involves dividing the work in such a way that no one person taken change of a work from the beginning to the end rather different stages of a particular work will require different persons.
An element of internal control system set up by management of internal control system set up by management of enterprise to examine, evaluate and report on accounting and other controls on operations. It exists either because of a management decision or in certain circumstances because of statutory requirements.
However, the council of the institute of chartered accountant of England and wakes defines internal auditing as a review of operations and records:-
Something continuous, undertaken within a business by a specially assigned staff. From the definitions, internal audit could be summarized as:-
- Review, monitoring and evaluation of compliance with policy matters.
- Reporting compliance and non-compliance to management for nations.
One of the main objective of internal check & the accounting system are effective in design of operation other components of internal control are the Administration and financial control .
Nwokolo. (1988).p.6) define administrative control as consisting of: All non-accounting and non-financial system and method which are built into the system to promote the attainment of the four major goals of internal control. They are often non pecuniary in nature and their effects usually consists of,
- The plan of the organization, appropriately designating authorities and responsibilities for financial and other matters including matters of appraised and rewards.
- Administrative control evaluations, appraisals and reward measures including promotion, recognition and commendation procedure and methods.
- Discipline and code of business ethics and conduct.
- Rotation and duties transfers and vocations.
- Education and training programmes fidelity coverage for employees and officials. (NWOKOLO C 1BID, P.8) defined accounting and financial control as consisting of:
- Internal accounting and financial policies procedures and regulations encompassing, recording, safe-guarding reconciliation’s and valuations of transactions and assets.
- An internal monitoring, review and audit unit charged with the functions listed above. A good internal control system imposed from outside is not likes to adequate in design and effective in operation.
2.4 TYPES OF CONTROLS
The auditing standard, “The auditors operational standard” sets out some of the types of controls the auditors may define in many enterprises. These include.
ORGANIZATION: The standard states that “enterprise should have a plan of there organization, define and allocating responsibilities and identifying lines of reporting for all aspect of the enterprises operations including the controls. The delegation of authority and responsibility should be clearly specified.
“This mean’s that evening function in an organization should be in the charge of a specified person who might be called the responsible.
Officials; and employees should always know the precise powers delegated to him, the extend his authority and to whom he should report.
SEGREGATION OF DUTIES: One of the prime means of control is the segregation of those responsibilities or duties which would, if combined enable one individual to record and process a complete transaction. This involvement of several people in a process reduces the risk of intentional manipulation or accidental error and increase the element of checking of work.
The guideline specified such functions to be segregated as including those of authorization execution, custody, recording and, in the case of a computer based accounting system. System development and daily operations.
PHYSICAL: These are concerned with mainly security measures designed to ensure that access to assets is limited to authorized personnel. These includes both direct and indirect access via documentation. The quidline states that these controls are especially important in the case of valuable, portable, exchangeable or desirable assets.
AUTHORIZATION AND APPROVAL: This are the controls associated with the recording function which checks that the transition to be record and processed have been authorized, that they are all include and that they are all included and that they are correctly recorded and accurately processed. Such control, according to guidline, including checking the arithmetical accuracy of the records, the maintenance and checking of totals reconciliation, control accounts and trial balances and accounting for documents.
PERSONAL: There should be procedure to ensure that personnel have capability commensurate with responsibilities inevitably the proper functioning of any system depends on the competence and integrity of those operation it. The qualifications, selection and training as well as innate personal characteristics of the personnel involvement are important figure to be considered as in setting.
SUPERVISION: The guideline provides that any system of internal control should include the supervision by responsible official of day to day transaction and the recording there of in order words, all actions by all levels of staff should be supervised. The responsibility for supervision should be clearly laid down and communicated to the person being supervised.
MANAGEMENT: These are the control exercised by the management outside the day to day rotine of the system. They include the overall supervisory controls exercised by the management, the review of management accounts comparison there of with budget; the internal audit function and are any other special review procedure.
A.M. MILLICHAMP 12 (op cit, P 100) in additional to this type of control which appear in the quidline made two other categories. These includes;
Acknowledgement of performance: Persons pec framing data processing operation should acknowledged their activities by means of signature, initial relaber stamps etc.
This is not only allows blame. E to be ascribed but also have a powerful psychological effect.
BUDGETING: A common techniques used in business is the use of budgets, which can be defined as quantitative plans of action. Budgets having been agreed can be compared with actual turn out and difference investigated.
2.5 INTERNAL CONTROL SYSTEM IN FINANCIAL INSTITUTION (First bank of Nigeria p(c)
Institutions requires an effective system of internal control. Atwood and stein (1986, p.5814) maintained that, the highest standard of internal control must be present in view of the large amount of cash present in banks and possible opportunities to manipulate account. If control were absent . 13
To this effect, the federation of Nigeria revised financial regulation, 1976 provided some guideline towards ensuring an effect system of internal control.
Section 202 provides that vouchers must be numbered consecutively and promptly posted to the cash book. This will prevent fraudulent use of vouchers which is an authority for cheques to be issued or cash payments to be made to the person named there no usually referred to as the payee.
Section 315 provides that cancelled forms including originals will be retained in the receipt or license book, similarly, Sec 828 mandates that spoiled or cancelled cheque leaves and receipts including originals must be retained in the cheque and receipt book.
Section 510 places a responsibility for signing certificated of vouchers on all officers involved with writing checking, passing and payment of vouchers.
Section 29 states that “when money is paid to the bank, the paying-in-slip and duplicated (and triplicate where used) must be analysed” as to:
- Postal orders
- Money orders
The duplicate must be examined to that means an acknowledgement of receipt by the bank and the analysis has neither been altered nor added to non-substituted for after lodgment”,
Section 1414 emphasized that accounting officers must issue institutions for systematic inspection at irreqular intervals of the cash help by their subordinated. A record of such inspection must be kept.
Section 2203-2208 are entirely devoted to the duties and responsibilities of the internal audit.
However, Attwood and stein (op.cit p. 5814) suggestion that the following controls are necessary in every branch of a bank.
- Custody control: Access to bank vaults, strong room and other stores requires the presence of two designated bank officials managers and accountant, to open them and strict record are kept of the issue and receipt of cash and secure.
- Segregation of Duties: No staff of the bank will be allowed to record and process a complete transaction. The work will be so separated that a transaction has to pass through more than one person for it to be completed.
- Authorization: Procedure must be established governing the grating of overdrafts and the monitoring of balances limit is normally placed on the managers authority. Beyond that limit authorization will be needed from a higher officers.
- Active internal audit: Terms of internal auditions normally referred to in the banking industry as inspectors, should be making surprise visits to branches to cash and review the operations of other branch controls.
- Regular Review of Accounts of Bank Staff: This is aimed at detecting unsold movement, possibly indicative of involvement of fraud.
- Reconciliation of account should be made with other banks.
- There should be reviews of securities help for loans and overdrafts to confirm their continuing adequacy.
Sewage H-1 (1973, Pgs 28-44) in his own contribution maintained that internal auditors of a bank should, in a bid to promote the internal control systems carry out the following function. 14
- To note on a separate sheet any violation or any weakness in the internal control system.
- Review the general ledger account with the source of entry, particularly as the who originated and approved such entry what other duties such person have which might present possibility of a conflict from the stand point of internal control.
- To check and Sec, how employees are rotated particularly in jobs where contact with the public or with cash on negotiable ideas are involved.
- To determine who is responsible for the close secreting of the outside activities of use officers and employees.
- To review the systems control and cashiers Varity, mails and other vouchers with its books of accounts.
Sewage H-L (Ibid) also maintained that the internal auditors are to determine the procedures as to who prepares, signs and issues cheque books and certificates and also maintains the register or segregation between issuance subsequent payment and maintenance of records of outstanding items. They should also check the control of unused certificates and cheque especially the reserve supply and whether or not unbers are ever account form.
Most commercial banks in resent times have gone comprised and some cases of banks fraud are fraud. It becomes necessary therefore to maintain a system of internal control over the operation of computers in bank. The input into the computer should be subjective to internal control procedure before it gets into the computer.
This is to ensure that the transaction was duty authorized, recorded and the information correctly processed.
Wilson R.M.S 16 in his paper title “financial control: A system Approach” 1974, P. 145 was of the operation that procedures should exist to ensure the followings:
- That operation staff do not have access to source documents and are not allowed to amend programme or input data.
- That programmes do not have access to the computer other than for testing of programmes.
- that unauthorized employees and outsiders are not allowed in the computer room and;
- That all the computer routine are properly documented.
Output should be properly safeguarded to prevent alternation or damaged.