如何完善商业银行内控体系

国际上内部控制理论先后经历了内部牵制、内部控制制度、内部控制结构、内部控制整体框架以及最新的全面风险管理总体框架五个阶段。1992年,美国著名的内部控制研究机构＂发起组织委员会＂（COSO）提出了最具里程碑意义的专题报告《内部控制—整体框架》,也称COSO报告,成为内部控制领域最为权威的文献之一。我国监管机构发布的《商业银行内部控制指引》、《企业内部控制规范》等,基本上沿袭了COSO内部控制报告的框架。2004年,COSO又发布了《企业风险管理—整合框架》报告,提出了全面风险管理的总框架。本文对内部控制与全面风险管理的差异进行了分析,并针对我国商业银行内部控制存在的问题,提出了完善内控体系的建议。     

从内部控制到风险管理

美国COSO委员会于1992年发布了《内部控制框架》,2004年9月,COSO委员会正式颁布了新的COSO报告:《企业风险管理——整合框架》(ERM)。COSO的ERM框架是对COSO内部控制框架的完善和补充,企业风险管理与内部控制相互融合,才能实现最佳效果。     

非上市公司建立内部控制框架的理论基础问题

本着提高企业管理水平和降低经营风险的目的,很多非上市公司开始借鉴美国上市公司的做法,采用COSO《内部控制整合框架》作为理论基础,建立内部控制制度并对其定期测评。本文通过对《内部控制整合框架》和《风险管理框架》的对比分析,认为采用《内部控制整合框架》作为理论基础不能完全满足一些非上市公司建立内部控制的初衷,最后得出结论:非上市公司应该把《企业风险管理框架》作为内部控制制度建立和测评的理论框架。     

内部审计在企业全面风险管理中的运用

在经历全球金融危机冲击之后，越来越多的企业已经认识到全面风险管理在经营管理中发挥的关键作用。根据美国COSO在2004年发布的《企业风险管理——整合框架》的阐释，风险管理框架以内部控制为中心，强调通过制度、流程和财务等手段，在业务层面上管控运营、操作过程中的风险。     

关于企业内部控制与风险管理的思考

COSO是美国反虚假财务报告委员会下属的发起人委员会的英文缩写,其最先提出的《内部控制——整体框架》其中将企业的内部控制与风险管理相关联;在2004年接着发布了《企业风险管理总体框架》,该书将企业内部控制视作风险管理的手段;从上述可见,风险管理已经成为当代企业内部控制管理的必要环节,企业内部控制与风险管理通常是相辅相成的,这样才能为企业各个战略目标的实现提供切实的保障.本文主要是阐述了内部控制与风险管理之间的相互关系,以及关于这两者之间的个人的见解与思考,并针对这些问题提出了现代企业健全内部控制体系以及风险管理的对策.     

风险主导下的商业银行内控评价整合模型构建

近年来,银行内部控制评价问题引起了越来越多的关注,我国监管机构借鉴美国COSO委员会《内部控制—整体框架》和巴塞尔银行监管委员《银行机构内部控制体系框架》主要原则和框架,出台了《商业银行内部控制评价办法》、《企业内部控制评价指引》。以上办法和指引对银行内部控制和评价做出了规范,但更多地体现了概念框架的性质。本文根据商业银行风险特征,以风险控制为主导,对传统的评价模型进行了整合设计,提出了内控评价的整合模型思路。     

不同理论下企业内部控制问题的研究

随着发展,COSO框架、CoCo控制指南、ERM框架和《企业内部控制基本规范》等理论表出了趋同性,他们之间既有区别又有联系,主要体现在内部控制的定义、目标和要素中。COCO控制指南最早提出风险管理且最重视员工参与,ERM在各阶层都注重风险管理,而中国《企业内部控制基本规范》借鉴了两者的思想,提出了全员控制并且强化了在目标设定环节就要考虑风险因素。本文对几种不同的内部控制理论进行比较研究,分析中国内部控制标准的建立,以期对企业内部控制理论提供一定的思考价值。     

论企业内部控制的风险及趋同与个性

近年来系列财务舞弊和会计造假案件的爆发,严重冲击了资本市场的正常秩序。内部控制的缺陷是导致企业经营失败并最终铤而走险、欺骗投资者和社会公众的重要原因。为此,许多国家通过立法强化企业内部控制。2004年9月,美国COSO委员会发布了《企业风险管理:整合框架》,公司不仅可以借助这个企业风险管理框架来满足内部控制需要,还可以借此转向一个更加全面的风险管理过程。在整体制度安排上,我国企业内部控制体系是由一个基本规范与三个配套指引构成的,本文拟进一步探讨我国企业内部控制的风险构成及其国际趋同特点,由此阐述这样一种观点:进行内部控制制度设计时应考虑其权变性制度空间,应注意到内部控制制度存在经济学视角的一般性与管理学视角的个案性的均衡问题我们可以将该问题视为内部控制制度的趋同与个性的并存。     

IT环境下企业内部控制模式探讨

本文对IT环境下的企业内部控制进行了探讨。分析了信息技术对内部控制的影响,对IT控制、IT环境下的内部控制等概念进行了辨析,分析了COSO内部控制整合框架和风险管理框架、SOX法案,COBIT,ITIL及我国企业内部控制规范等目前国内外广泛采用或研究的内部控制框架或法律规范,提出了内部控制系统、内部控制系统的工程实施体系、内部控制系统的评价体系是内部控制模式不可分割的三要素,并对它们进行了详细分析。     

内部控制整体框架理论的突破及其启示

本文介绍了内部控制整体框架理论的建立和发展过程,对于美国内部控制的最新研究成果《企业风险管理——总体框架》进行了全面分析,揭示了内部控制理论的发展趋势,并从内部控制理论的发展进程中系统地归纳了美国内部控制理论的特点。     

新《企业财务通则》取得的几个重大突破

新《企业财务通则》是政府对国有企业财务管理的基本规范，已于2007年率先在国有企业施行。文章分析了新财务通则在理顺政府与国有企业权责关系，切实赋予企业财务管理自主权、按现代企业制度要求规范企业财务管理、完善职工薪酬制度和加强财务风险管理等方面取得的重大突破。     

How to Evaluate Risk Management Units in Financial Institutions?

Based on the existing Enterprise Risk Management framework and current government regulations, “banks are required to establish risk management units (RMUs) to review and evaluate their risks, monitor them, and to advise top management.” Currently an integral part of the risk governance and management process, RMUs in financial institutions have become increasingly important since the 2007–2008 financial crisis. This article details the authors' creation of an index to evaluate the performance of risk management units in financial institutions, and then examines some of their findings. The index transforms twelve parameters into a simple and convenient index that isolates the RMU's activities from the rest of the organizational risk management process, its risk preferences and the activities of the rest of the units. The index's parameters are divided into three dimensions of the RMU's performance: professionalism, organizational status and relationship with top management and the board. The authors found a positive relationship between their RMUI and some important risk governance characteristics: CROs who are among the five highest paid executives at the bank, banks with at least one independent director serving on the board's risk committee having banking and finance experience and boards with greater efficacy.     

Management based critical success factors in the implementation of Enterprise Resource Planning systems

This study examines critical success factors for implementing Enterprise Resource Planning systems using the framework of classical management theory. The study is motivated by conflicting results in earlier studies examining critical success factors in Enterprise Resource Planning implementation, many of which are anecdotal in nature. Ten critical success factors in ERP systems implementation proposed in past literature are selected. The relationship between each of these factors and project success is examined. Project success is defined as organizational impact and on time and on/under budget project completion. Eight implementation projects were qualitatively analyzed using the case study method to examine the proposed relationships. The findings suggest that choosing the right full time project manager, training of personnel, and the presence of a champion relate to project success. The use of consultants, the role of management in reducing user resistance and the use of a steering committee to control the project do not appear to differentiate successful and unsuccessful projects. Integration of ERP planning with business planning, reporting level of the project manager, and active participation of the CEO beyond project approvals, resource allocation and occasional project review, are not found to be critical factors of success. Considering the financial cost and risk associated with these projects, a better understanding of critical success factors will enable practitioners and academics to improve the chance of success in the implementation projects. All organizations implementing ERP, especially small and mid-sized enterprises with limited resources, will benefit from this knowledge.     

New development: Integrating risk management in management control systems—lessons for public sector managers

Exploring multiple dimensions of management control systems (MCS), this article proposes a new framework to integrate risk management with strategy, MCS and performance measurement systems (PMS). Considering the public sector as a focal point, the article points to some enterprise risk management (ERM) issues and argues that ERM-enabled MCS has potential to improve PMS and strategic decision-making, leading to a more proactive risk management framework and a culture that promotes performance driven accountability. Consequently, the article calls for further research towards solving the public sector’s risk management problems, motivating its managers to adopt best practices, and stimulating suitable policy developments.     

货币政策和宏观审慎政策的关联及启示——基于英格兰银行的经验

时至今日,宏观审慎政策在内涵、工具和框架等方面快速发展,不仅政策目标更加清晰,工具类型更加丰富,相关理论基础也在不断完善。作为危机后形成的新政策框架,宏观审慎政策在工具有效性、作用机制、政策框架设计及与货币政策的关系方面都还有待深入研究。特别是在制度框架中,如何考虑宏观审慎政策与货币政策的关联,合理设计政策决策框架均已成为关键。对中国而言,系统风险识别、监测与分析更加复杂、困难,需要对宏观审慎政策开展更加精细、深入研究,尤其应吸收借鉴国际经验,建立、完善适合中国的宏观审慎政策框架。基于此,本文首先对宏观审慎政策的理论基础、政策目标及工具等进行系统综述,而后从两类政策关联中涉及的三个重要问题出发,着重分析宏观审慎政策与货币政策之间关系,并分别从组织架构设计、货币政策框架改革、金融政策框架设计等方面,系统介绍了英格兰银行在货币政策和宏观审慎政策框架改革的经验,重点阐述英格兰银行如何实现理论发展与制度设计的较好融合。最后,给出我国宏观审慎政策发展的若干启示和政策建议。     

公司治理的内在逻辑与企业改制

本文沿着委托代理理论和不完全合同理论这一分析框架,探讨了企业改制的任务和若干指导原则,并着重指出:(1)现行公司治理理论的逻辑框架是不完整的;(2)控制权格局的设计是企业改制的首要任务和逻辑起点;(3)不只国有企业,民营企业也需要改制;(4)"现代企业制度"是指企业治理的静态和动态逻辑,而不是指某种具体的治理模式.     

隐性关联企业贷款风险的观察与思考

国内各商业银行日益重视企业显性关联并采取了一定的风险控制措施,但企业隐性关联尚未引起银行的足够重视。由于隐性关联难以识别,不少企业试图通过该种方式来避免银行实施的关联管理和授信总量控制。本文在对关联企业的含义、特点及其三种主要表现形式加以解释的基础上,详细阐述了隐性关联企业贷款的潜在风险及国内银行对隐性关联企业贷款风险存在控制缺失的现状,进而从改善内外部环境、建立风险识别信息系统和强化最后保障性控制措施等方面提出了加强风险防范的应对措施。     

A Conceptual Framework for Learning Management Accounting

This paper demonstrates how Schoenfeld's ( 1985 ) conceptual framework for mathematics can provide an alternate framework for learning and thereby teaching management accounting. The four‐part framework—heuristics, resources, beliefs, and controls—is a refinement to problem‐based learning with three attributes in regard to management accounting. First, all aspects for teaching management accounting are integrated into a single framework or theory. Consistency among all parts of management accounting clarifies student and instructor roles in the learning process. Second, the framework's problem‐solving focus with linkages to explanatory materials or resources allows students to be rigorously informed about the functionality of management accounting heuristics. Third, transition or extension of relatively simple, standard problems to more complex nonstandard problems or cases is facilitated by introducing appropriate beliefs and controls. In effect, this approach enables management accounting, and particularly case analysis, to be taught with more structure.     

Buyer seller relationships in the UK insurance market: Is this the key competitive advantage?

In services marketing much of the recent literature recommends the use of relationship marketing frameworks rather than the extended marketing mix which adds people, process and physical evidence to the traditional four Ps of product, price, promotion and place. In the UK permanent health insurance sector some suppliers sell through intermediaries, making this an ideal environment for testing the value of relationship marketing. Using the Industrial Marketing and Purchasing (IMP) group framework, interviews were conducted with 100 intermediaries. Respondents were asked to rate their top two suppliers against five relationship marketing variables: commercial skills, technical skills, commitment, adaptability and conflict management.The data showed the top supplier was rated more highly than the second supplier in three of the criteria:— commercial skills— technical skills— adaptability.Two of the criteria, commercial skills and technical skills, showed significant differences. The results of this research provide support for the importance of relationship marketing within this sector of the insurance market. For suppliers in the insurance industry, developing competencies in adaptability and conflict management may be the best method both to differentiate the firm and to develop competitive advantage.     

Using Relational and Transactional MCSs to Manage the Delivery of Outsourced Public Services: Evidence from Twelve Cases in the USA

The successful management of the purchaser–provider relationship is essential for the effective delivery of public services, and entails the use of both transactional and relational approaches. We herein analyse the degree and complementarity of transactional and relational management control systems in the management of purchaser–provider relationships for the successful delivery of public services using evidence from 12 US case studies. We demonstrate that transactional and relational management control systems are controlled differently in order to improve contracting efficiency. We also show how a combination of these management control systems offers a framework for structured public accountability and service flexibility.