The internal control system is an essential process to maintain and manage an organization. It helps an organization achieve its goal by containing risks that might affect its accomplishment of the goal. The system is considered increasingly important as it is a fundamental procedure to protect a company’s asset by detecting and preventing irregularities and malpractices. This research compares and analyzes laws and regulations pertaining to internal control systems in the U.S., Japan, and Korea and their key elements. The research result is as described below. The U.S. was the first country to establish laws and regulations on corporate internal controls in order to improve its law enforcement and public disclosure guidelines. The U.S. Securities and Exchange Commission (“SEC”) played a leading role in establishing the Foreign Corrupt Practices Act (“FCPA”) to prevent accounting irregularities of the U.S. companies. The Model Business Corporation Act (“MBCA”) provides basic guidelines of internal controls and stipulates that the board of directors meeting shall be responsible for building and operating the internal control system. Moreover, the Act practically enforces practical control over companies in the U.S. by stipulating compulsory internal control (including com- pliance issues) in the listed company manuals of the stock exchange. After that, Sarbanes-Oxley Act (“the SOX Act”) was established to have management and external auditors responsible for internal control in a stronger and stricter manner. The SOX Act provides regulations on accounting, corporate governance, and audit, encompassing all three areas of internal control covered in Committee of Sponsoring Organizations of the Treadway Commission (“COSO”) report. Japan introduced regulations on establishment of the internal control system in its Corporate Act of 2005. Afterwards, due to the unlawful acts of Japanese companies, articles and provisions concerning internal control system were stipulated in the Financial Instruments and Exchange Act (“FIEA”). In particular, establishment of the internal control systems is a legal requirement in Japan’s Corporate Act. According to the Act, every large company in the country shall establish an internal control system and issue a public disclosure on the operational result of the system. Where the operation is considered inappropriate, the system shall face an audit. Japan’s Corporate Act categorizes companies in three major groups; companies with board of directors meeting, those without the board, and other companies with committees. It is to specify the responsibility of directors for internal control. The enforcement decree of the Corporation Act specifies matters concerning the compliance management system, for instance directors’ performance of duty shall be in compliance with laws, regulations, and the articles of incorporation. Moreover, FIEA regulates internal control only in terms of corporate accounting, such as reliability of financial reporting. Hence, the definition of internal control suggested by the Corporation Act and FIFA is different from each other and the discrepancy has led to some controversies. Japan reckons internal control as an integrated framework, similar to as suggested by the COSO report of the U.S. issued in 1992. In line with the context of the COSO report, Japan is trying to reflect circumstances of local companies in its legal system. As such, there are some differences in the relevant laws of the U.S. and Japan. The SOX Act of the U.S. largely focuses on financial reporting in regard of internal control, while internal control function is dependent on the monitoring of the board of directors. However, Japan’s Corporate Act mandates large companies and companies with committees to make financial reports on their internal control system as well as ensures the companies lawfully and efficiently perform their business. Korea has broader regulations about internal control in finance related laws including the Financial Investment Services and Capital Markets Act and the Act on External Audit of Stock Companies. Finance related laws already have articles about internal control standards and compliance officer system. But it was only April 2011 that the Commercial Act of Korea stipulated compliance control standards and compliance officer system. Hence the Act includes only compliance control standards, not internal control standards for companies. To establish the internal control system, a clear definition on internal control organizations shall be established to ensure independence of their status and duties. In addition, an effective internal control system has to be installed, including internal control criteria. At the same time, the management of companies and financial institutions should have strong commitment to actively establish and operate the internal control system. This research limits its study scope to comparison and analysis of internal control related regulations and key factors in the U.S., Japan, and Korea and suggests indications from the analysis result. A following research will provide an empirical study based on the result of this research.
Read full abstract