SlideShare a Scribd company logo

Bongko roland final report

Download as DOC, PDF
T
TANI4BANKS
EducationEconomy & FinanceBusiness
1 of 20
GENERAL INTRODUCTION: Unity Co-operative Society (UNICS) was created on the 15th of February 2000 by a resolution of a constituent general meeting, with the goal to create added value to the Cameroonian economy. The creation of UNICS is backed by law No 92/006 of 14 August 1992 relating to the Co-operative Societies and Common Initiative Groups and by its degree of implementation No 92/455/PM of 23rd November 1992.UNICS is accredited to COBAC (D2002/48 OF 27/11/2002). UNICS has as mission to co-operate and solve future economic problems through present day decisions and actions. UNICS’s primary objectives include; alleviation of poverty and unemployment through the creation of wealth and financing of micro projects, provide efficient and rapid financial services to society through the medium of her dynamic staff. After 8 years of hard work and dedication, UNICS now boasts of 9 branches. These include; 1. Yaounde Marche Central, 2. Yaounde BiyemAssi, 3. Douala Deido, 4. Douala Bonaberi, 5. Buea, 6. Bamenda, 7. Kribi, 8. Limbe and 9. Bafut branches. UNICS also has correspondent branches abroad in the UK and in the USA For 8 years (15/01/2000-31/12/2008) UNICS operated as a category I microfinance institution. Under this category her activities were limited to those of a co-operative. She was considered a non profit making entity composed of members. As of 1st January 2009, UNICS becomes a category II microfinance institution and also moves from UNICS to UNICS PLC (UNITY CO-OPERATIVE SOCIETY PUBLIC LIMITED COMPANY). The 28th of March 2009 marked an important step in the growth and development of UNICS. On this UNIC’s status of a category II microfinance institution was approved by the General Assembly which was held in Bamenda.She now has the status of a profit making institution. She is now subjected to greater government scrutiny (She is now liable to value added tax (VAT)). The micro-finance sector in Cameroon is steadily growing. The sector has about 520,000 customers. (www.allafrica.com). UNICS has a customer portfolio of over 20 000 customers (THE LENDER.1st edition) as at 31st December 2008.This means that UNICS PLC has a microfinance market share of about 4% in Cameroon. 1
PART ONE PRACTICAL TRAINING EXPERIENCE AT VARIOUS SERVICES Chapter 1 SERVICES AND ACTIVITIES (a) INTRODUCTION I was recruited into UNICS PLC on the 2nd of February 2002.I had a probation period of three months. It was carried out in two phases: the Orientation Phase at Head Office/Yaounde Marche Central Branch and Technical Phase at the UNICS Kribi branch (as internal control trainee). During this probation period, I had the opportunity to visit all the services indicated below.It is worth noting that the branch is the microcosm of the general organization of UNICS PLC. It is the commercial center of organization. (b) PRACTICAL EXPERIENCE ACQUIRED THROUGH SERVICES. (1) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES Accounting Inconsistent filling Every personnel must be trained to keep archive Collects, records, and Ensure weekly check on archives. analyses and documentation Employees who fail to classify their documents should be reports financial sanctioned. statements of Access to affairs of UNICS documents not Each service must have a register to record movement of PLC restricted Insufficient filing archives and those responsible space (2) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES Internal Control and audit Provide assurance to management about ; Inadequate Internal controllers should be given -Effectiveness of operations training adequate training and should -Economical and effective use of resources acquire enough experience in other -Reliability of financial reporting Lack of a to be able to do their work -Compliance with policies, procedures, and complete internal effectively. regulations, control audit -Safeguarding of assets manual An efficient an effective standard -Integrity, reliability of information, accounts audit and internal control system and data should be put in place.(pages 8,12 ) - Fraud, irregularity or corruption - risk management 2
(3) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES Banking operations, Customer service and tellers Chronos are not filed Ensure rearrangement of chronos in a chronological Receive, direct in a serial order. order. orientate and serve clients at different Not all accounts have The customer service should endeavor to produce a levels. pictures and list of all clients who haven’t got their pictures or signatures attributed signature in their accounts. to them. Staff working especially at the front office needs to be given regular training on customer relationship. (4) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES Credit and Recovery, The entire Growing A clear plan for follow up of the client is very essential to ensure management delinquency rate. timely repayment. and recovery of loans. Increase debits in Ensure solid agreements exist between UNICS and her clients accounts. counterparties.Fixed assets are ideal as collaterals. A follow up of the strict implementation of the new credit policy should be put in place. (5) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES Local and International Operations , Absence of updated account history with International transfer For local(speedy the Bank of America, this implies that there transactions should have a cash)and international is little or no control to approved deposits formal procedure. money transfers made in BOA for payout here in Cameroon. Recent crackdown of fraud of the 1st of April 2009 which included the depositing of fraudulent electronic cheques against the UNICS account of HSBC in London. 3
(6) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES General . . Shortages reported by tellers Electronic banking seems to be the final word. The may just be another means to use of automatic teller machines can effectively solve obtain a fast overdraft as the this problem or, final punishment is an Shortages or overages reported by tellers should be well investigated before sanctions are given to them. obvious debit into their account. The speedy cash network is very The system should be coded such that it can be exposed. An employee who has opened only on a particular computer in the office as the password to the website can it is done for Western Union. seat at any cyber cafe completely out of the office and effect a transfer or payment. Inadequate protection of UNICS should consider the desire for customer employee and client information. privacy and data security (bank secrecy), as well as the legislative and cultural norms. Some customers prefer assurances that their data will not be shared with third parties without their prior consent and that safeguards are in place to prevent illegal access by third parties. UNICS should ensure all employees are given a copy of the company’s data protection policy. Collectors may be existing as The risk may be minimized by recruiting only female “ghost banks” bearing UNICS collectors. PLC’s name (that is collecting cash from clients and taking Figures without clients signatures should not be custody of the sums). posted into the system and collectors must make Also it has been noticed that sure the clients sign against their deposits clients hardly sign against amounts deposited with Collectors should be given proper training on the collectors and therefore a risk products they market and the risk involved. exist that collectors may alter figures in their registers or . clients may claim inflated amounts. Collectors are untrained and can They (collectors) should also be trained on how to fill hardly market the products in figures involving overdrafts in the booklets of client. question. Constant electricity disruption Generators be made available to branches during working hours. 4
PART TWO EXAMINE THE FUNCTIONING OF A STANDARD AUDIT AND CONTROL SYSTEMS IN A MICROFINANCE INSTITUTION (Case Study: UNICS PLC) Chapter 2 OVERVIEW OF SUBJECT MATTER (a) INTRODUCTION: This study is shaped to help UNICS improve the quality of internal audit and controls and her risk management processes. It focuses on problem prevention (preventive control) and early problem identification (detective control). The study provides guidelines for establishing operational activities that will assist UNICS in identifying vulnerabilities, designing and implementing controls; monitoring the effectiveness of controls. It also highlights problem resolution (corrective control) as a means for risk management. More generally, objectives, budgets, plans and other expectations are bases for control and audit. By setting objectives, management can then identify the risks involved in achieving these objectives. To address these risks, management may implement specific internal controls. The effectiveness of internal control can then be measured by how well the objectives were achieved and how effectively the risks were managed. One of the primary objectives of internal auditing in relation to corporate governance is helping the Audit Committee of the Board of Directors (or equivalent) perform its responsibilities effectively. This may include reporting critical internal control problems, informing the Committee privately on the capabilities of key managers, suggesting questions or topics for the Audit Committee's meeting agendas, and coordinating carefully with the external auditor and management to ensure that objective setting is considered a precondition to internal control. (b) DEFINITIONS Audit: The general definition of an audit is an evaluation of a person, organization, system, process, project or product. Audits are performed to ascertain the validity and reliability of information; also to provide an assessment of a system's internal control. The goal of an audit is to express an opinion on the person/organization/system (etc) in question, under evaluation based on work done on a test basis. Those who perform audits are called auditors (www.google.com). Control: A control is any action taken by the Board, Management and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Management plans, organizes, and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals will be achieved (www.google.com). Microfinance institutions: refers to the provision of financial services to poor or low-income clients, including consumers and the self-employed. The term also refers to the practice of sustainably delivering those services (www.google.com). 5
Internal audit and internal control Although internal control and internal audit are closely related, they are distinct from each other. Internal control is defined as a process affected by an organization's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives. It is a means by which an organization's resources are directed, monitored, and measured. It plays an important role in preventing and detecting fraud and protecting the organization's resources, both physical (e.g. property) and intangible (e.g., reputation or intellectual property such as trademarks). Internal audit: An independent appraisal service to management that measures and evaluates the effectiveness and efficiency of internal control system .It uses and investigative/detective approach. However, internal auditors are not responsible for the execution of company activities, they advise management and the Board of Directors (or similar oversight body) regarding how to better execute their responsibilities. (c) THE ROLE OF EXTERNAL AUDIT. • It should not be a part of the internal control process. • It should provide independent external comment on the standard, quality and coverage of internal audit. • It should not duplicate the internal audit work except grounds for concern. • Should examine and comment on both internal audit and internal control quality. 6
Chapter 3 INTERNAL CONTROL STRUCTURE (a) INTRODUCTION Effective internal controls and standard audits are the foundation of safe and sound banking systems. The purpose of internal controls is not to entrap employees; rather, good internal controls provide a working environment in which good employees are not tempted to do something they would not ordinarily do. The formality of internal control system will depend largely on an institutions size, the complexity of operations and its risk profile. However fraud and embezzlement schemes are not solely a problem of larger institutions. In fact, the very size of small microfinance institutions creates opportunities for a weak internal control structure and fraud. Therefore the Board and Management of UNICS PLC should work within her scope to develop methods that will safeguard the institutions resources and clients' accounts and reduce the opportunity for fraud. A proposed internal control flow chart for UNICS PLC is presented below. (Figure 1) 7
Figure 1: Proposed Internal Control Flow Chart for UNICS Plc Elements of Management Control System BOD and Management Control Environment External auditors and regulators Internal and External Risk Assessment Controllable and Uncontrollable Control Activities Approval and Authorization Segregation of duties Physical Controls Information Processing Obligatory Vacation for Staff Accounting, Information and Communication Monitoring 8
(b) CHARACTERISTICS OF INTERNAL CONTROL/OBSERVATIONS /RECOMMENDATIONS Control environment Reflects the Board of Directors and Management’s commitment to internal control. This provides discipline and structure to the internal system. Management is accountable to the Board of Directors, which provides governance, guidance and oversight. The Board of Directors should: 1. Periodically discuss the internal control systems effectiveness with management, 2. Review internal control evaluation conducted by management and auditors, 3. Monitor management action on auditor recommendations, 4. Review the institutions strategies and risk limits. 5. Ensure that Management properly considers the risks and control issues associated with emerging technologies and also embrace electronic banking. The Board may delegate some of these duties and responsibilities to an Audit Committee or a risk committee. The General Manager of UNICS PLC has overall responsibility for designing and implementing effective internal control. More than any other individual, the General Manager sets the "tone at the top" that affects integrity and ethics and other factors of a positive control environment. Virtually all employees produce information used in the internal control system or take other actions needed to effect control. Elements of a control environment • Organizational structure of the UNICS PLC • Management philosophy and operating style (All business strategies should be formal ) • The integrity, ethics and competence of personnel should be taken seriously into consideration. • External influences that affect the institution’s operations and its risk management for example independent audits should be taken into account. The effectiveness of human resource, policies and procedures should be reviewed on regular basis. However, whether UNICS PLC achieves operational and strategic objectives may depend on factors outside the enterprise, such as competition or technological innovation. Risk assessment This involves identification, measurement and analysis of risk (internal and external, controllable and uncontrollable) at individual business levels and for the institution as a whole. The Management of UNICS should assess all risks facing the institution because uncontrollable risk taking can prevent the institution from reaching its objectives or can jeopardize operations. Control activities These are policies, procedures and practices established to help ensure that bank personnel carry out Board and Management directives at all business levels of the institution. I therefore propose that; • Only approved and authorised transactions and activities should be executed and violators should be given due punishment. • Duties should be segregated and rotated to reduce a person’s opportunity to commit and conceal fraud or errors (for example assets should not be in the custody of the person who procures, authorizes and records it) 9
• Physical safeguards for assess to and the use of assets and records should be improved. (For example UNICS should secure facilities and control access to computer programmes and data files.) .The use of cameras to protect property is recommended. • Independent checks should be conducted on whether jobs are getting done and records accurate. Control over information whether automatic or manual should be adequate to ensure the integrity of management information systems, books and records. • UNICS employees should enter pertinent information into the processing systems in a timely manner ,A significant deficiency in a control system is a deficiency in risk management (for example the failure to process transaction in an accurate, thorough and timely manner which is a failure of internal control ,exposes the system to potential loses) • There should exist a requirement that officers and employees in sensitive positions be absent for two consecutive weeks each year. This will eliminate the risk of fraud due to a continues and uninterrupted presence. Accounting, information and communication systems This captures and imparts pertinent and timely information in a form that enables the Board, Management and employees to carry out their responsibilities. This includes accounting systems (methods and records that identify, assemble, analyze, classify, records and report an institution’s transactions). Information and communication systems (enable all personnel to understand their roles in the control system, how their roles relate to others and their accountability). These systems of information are very important as they produce reports on operations, finance and compliance that enable Management and Board to run the institution. It also provides information to external parties such as regulators, shareholders and customers. It is important to note that Management Information Systems are distinct from regular information systems in that they are used to analyze other information systems applied in operational activities in the organization. Self assessment This will involve UNICS’s own oversight of the control system performance. These are evaluation of departmental or operational controls by persons within the area. All UNICS personnel should share responsibility for self assessment or monitoring. Also, all personnel should be responsible for communicating upward problems in operations, noncompliance with the code of conduct, or other policy violations or illegal actions. Internal control must be consistently applied and well understood by bank staff if board and management policies are to be effectively implemented. However effective and well designed internal control systems are still subject to execution risk. In other words, most control systems are executed by human beings whom even if well trained and with the best of intentions can still be subjected to distraction, carelessness, tiredness, or confusion 10
Chapter 4 STRUCTURING OF A STANDARD AUDIT (a) INTRODUCTION Internal audit is going through a significant period of development and change in UNICS which provides a number of opportunities and challenges. Corporate governance development in general has provided much focus on the rule of internal audit and internal auditors/controllers need to demonstrate the right skills, knowledge and understanding of the organizations system of internal control. An organization's internal control structure is at the heart of its processes and controls. The Audit Committee or its equivalent, with its responsibility of evaluating the efficiency of the organization's internal control service, needs to understand the concepts of internal control in order to be effective and efficient. Internal audit is vital in assessing, reporting and proposing solutions to management about the effectiveness and efficiency of internal control systems. (b) INTERNAL AUDIT STRUCTURE There are two possible structures: - A Centralized System where all auditors are stationed at head office and only go down to the field on regular basis for control and -A decentralized system where controllers are stationed at the branches or subsidiaries, perform audits and report to a central controller. It is important to emphasise that internal control and internal audit are related but are different from each other.UNICS PLC uses the name internal controller to refer to internal auditors. My proposal is that the name internal controller should be changed and should be called internal auditor so that the functions of internal control and internal audit can be well understood. .A proposed internal and decentralized audit organizational structure for UNICS PLC is as indicated below. Figure 2.(also see reporting structure). 11
Figure 2:Proposed Decentralised Internal Audit Structure for UNICS Plc Board of Directors Internal Audit Committee Chairman of the Board of Directors Vice Chairman of the Board of Directors National Internal Auditor Internal Auditor Internal Auditor Internal Auditor Reporting System Board of Directors Internal Audit Committee Chairman of the Chairman of the Board of Directors Internal Audit Committee (Chairman Vice Chairman of of the Board of the Board of Directors) Directors e National Internal Auditor Internal Auditor Internal Auditor Internal Auditor 12
A developing best practice will be for the internal auditors who should be at the level of the UNICS PLC branches to report directly to the National Internal Auditor who should be stationed at the Hea Office. The National Internal Auditor should report to the Audit Committee through the chairman of this committee who should be the chairman of the Board of Directors. In such cases, the comm ttee should have a means to evaluate the performanc Internal audits should be designed as an integrated process, independent from other business operations, for evaluating the extent to which internal control achieves its objectives in key areas, including appropriate risk management, efficient and effective business operations, reliable financial reporting and compliance with laws, regulations and internal rules. It should offer advice and remedial recommendations in connection with any problems that may be identified. Through this process, internal audits will assist the Boards of Directors of UNICS PLC to fulfill their managerial duties efficiently and effectively. The internal Audit Committee should determine all important matters concerning internal audits. The committee should be chaired by the chairman of the board of directors. The internal Audit Committee should be able to monitor and manage internal audits at all UNICS PLC branches through internal audit reports prepared by internal auditors and submitted to the National Internal Auditor. These decisions together with the results of their examination of the internal audit reports are sent to the Board of Directors. (c) ROLE OF THE AUDIT COMMITTEE. Since the occurrence of significant frauds can frequently be attributed to an override of internal controls, the Audit Committee plays an important role to ensure that internal controls address the appropriate risk areas and are functioning as designed. If fraud or irregularities are asserted or discovered, the Audit Committee, through the internal auditors, should investigate, and, if necessary, request legal counsel to assert claims on the organization’s behalf. If fraud is discovered, or there is a reasonable basis to believe that fraud may have occurred, the Audit Committee is responsible for ensuring that an investigation is undertaken and necessary measures taken. With a decentralized internal audit system UNICS will benefit as follows; 1. Fraudulent or erroneous transactions may be prevented before they occur because the internal auditors are present in the field and are monitoring all transactions. 2. Objective assessment of the effectiveness and efficiency of operations is easily accomplished. 3. Internal auditors at various levels of the institution will use their knowledge to spread good practices throughout the organization. 4. Management can easily get advice on whether the institution has sound systems of internal controls and therefore be in an ideal position to protect the organization against loses. 5. May detect mistakes caused by personal distraction, carelessness, fatigue, arrows in judgment, or unclear instructions in addition to fraud or deliberate non compliance with policies. 6. Can help UNICS measure performance, make decisions, evaluate processes and limit risk. 13
Chapter 5 CATEGORIES OF FRAUD (a)INTRODUCTION An understanding of fraud is essential for the Audit Committee to carry out its responsibilities. The Audit Committee also needs to be aware of the fact that, fraud affecting the organization often falls within one of three categories: • Management fraud, which involves senior management’s intentional misrepresentation of financial statements, or theft or improper use of company resources. • Employee fraud, which involves nonsenior employee theft or improper use of company resources. • External fraud, which involves theft or improper use of resources by people who are neither management nor employees of the firm. This categorization of fraud is useful, but not absolute. This is because middle management employees may intentionally misrepresent financial statement transactions, for example, to improve their apparent performance, or outside individuals may collude with company management or employees. It is proposed that internal audit staff be experienced and trained in fraud prevention and deterrence. With such training internal auditors can serve a vital role in aiding in fraud prevention and deterrence. This will help to provide assurance that • Risks are effectively identified and monitored; • Organizational processes are effectively controlled and tested periodically; and • Appropriate follow-up action is taken to address control weaknesses. The Audit Committee needs to ensure that internal auditors are carrying out their responsibilities in connection with potential fraud. (b) INTERNAL CONTROL AND FRAUD PREVENTION. (WHAT COULD BE DONE TO AVOID FRAUD AND EMBEZZLEMENT IN UNICS) (1) AVENUE POSSIBLE FRAUD RECOMMENDATIONS This is one of the most A supervisor may regularly review a sample of all new important symptoms of loans issued and determine whether required fraud. Inaccurate or documentations are present, and if not, confirm missing incomplete records are information with third parties. Missing often used to hide fraud. documentatio Make sure loan documentation is complete: guarantee n Fictitious loans could be titles, insurance, charges deducted. Be aware of made in the name of counterfeit collateral. former borrowers. This way UNICS can also identify fraudulent practices by loan officers or non adherence to new policies before they are replicated on a wide scale. 14
(2) AVENUE POSSIBLE FRAUD RECOMMENDATIONS MIS officers or managers or MIS reports should contain proper Resistance to some employees may be information for review by management for improve the resisting efforts to modify or internal control purposes. Management improve the MIS. There Information are“ghosts and skeletons” Management should regularly review MIS System(MIS) by the which they do not want to reports and consider possible modifications management or bring out. or improvements. some employees (3) AVENUE POSSIBLE FRAUD RECOMMENDATIONS I would say that the second most General ledger suspense accounts or frequent category of frauds (fictitious transit accounts should be reconciled Existence of loans being first) are done using general and checked weekly by an internal transit or ledger suspense accounts or transit controller. suspense accounts. accounts General ledger suspense accounts generally are used to temporarily "store" a transaction until all necessary information is available, but can also be used to hide an unauthorized transaction. (4) Embezzlements usually require the Policies that require managers and AVENUE POSSIBLE FRAUD RECOMMENDATIONS Lack of embezzler's ongoing attention. employees to take at least one and mandatory preferably two weeks' vacation (not a day vacation policy here and there) reduce the risk of embezzlements. (5) AVENUE POSSIBLE FRAUD RECOMMENDATIONS Combination of duties may allow a Therefore total Segregation of duties is highly manager or supervisor to approve recommended to be fully applied or improved in the loans, set them up on the UNICS. No one should have full control of a Lack of system, issue the checks, and whole process or activity. segregation then cash them through a teller of duties. drawer. Make sure that managers and supervisors don’t (Combination know the tellers’ passwords and make sure the of duties as a Microfinance institutions with tellers change their passwords regularly. result of limited staff are often at risk of inadequate errors, fraud and embezzlement staff). because the critical work is done by few people. (6) 15
AVENUE POSSIBLE FRAUD RECOMMENDATIONS Weak software can be used to A review and evaluation of the MIS by outside hide fraud. experts can reveal flaws in risk management and May be the programmers who internal control. Weak did conceive the software software received no directions from For example a good application should log and experts in internal control as to report the user name and event date/time of all what internal control principles entry and deletion of transactions and also for or procedures to integrate into creating, editing, and deleting clients, loans, and the software (for example, schedules of installments. segregation of duties). (7) AVENUE RECOMMENDATIONS Adequate audit trails should be maintained. Audit trails will enable the tracing of any given item through the UNICS books. The internal controller or auditor should pull all loan files him/herself. He/she Inadequate audit should keep in mind that any person he/she is asking to assist could be a thief. trails The controller should verify every explanation that an employee offers. In some cases, the auditor should contact the loan recipient. Software should also have a thorough audit trail built in. (8) AVENUE RECOMMENDATIONS UNICS can benefit from outside experts to help her set up and make Absence of improvements to their internal control systems. It is often easier for an impartial technical third party to identify shortcomings in the internal control system than for assistance operational staff to objectively evaluate its effectiveness. (9) AVENUE RECOMMENDATIONS UNICS may encourage donor participation given that ; Donors can facilitate the development of internal control mechanisms by providing funds for the initial risk assessment and implementation of internal controls. Absence They may require UNICS to have some type of internal control mechanism, appropriate of donor to the UNICS’s level of development rule They may encourage UNICS to develop an operations manual and to conduct client visits as part of its regular operations. In addition, donors can support microfinance in their efforts to test new ways to mitigate old risks through new products, such as micro insurance, or operational control tools, such as internal audit software 16
Chapter 6 IDENTIFYING AND MANAGING RISK (a) INTRODUCTION Surprises may be fatal to UNICS. Risk is inevitable, avoiding risk impossible. Risk management is the key. The more you know about what you are doing, the less risk you run. If you can define risks, you can limit them. If business was good yesterday, good today, it is not a guarantee that it will be good tomorrow. The recent case of bankruptcy by the Lehman brothers on September 15 2008 can clearly explain this. Management performs risk assessment activities as part of the ordinary course of business in each of these categories: strategic planning, marketing planning, capital planning, budgeting, hedging, incentive payout structure, and internal auditors are typically part of the project team in an advisory role. (b) VARIOUS RISKS FACED BY UNICS PLC/RECOMMENDATIONS • Credit risk: This is the risk that the borrower will be unable or unwilling to pay back the loan. -Solid agreements should exist between UNICS PLC and her borrowers. • Counterparty risk: The risk that a party to a contract will be unable or unwilling to uphold their obligations (co-maker or co-signer). -Solid agreements should exist between UNICS and her counterparties. • Asset price risk: The risk that assets will depreciate in value, resulting in financial losses, for example those held as securities of collaterals for loans. -The long term effect on assets held as collaterals should be well evaluated. • Capital risk: A common concern with any investment is that you may lose the money you invest (your capital). -UNICS should implement a system of effective planning and objective setting in order to minimise loses. • Financial risk: UNICS shareholders bear an additional risk when UNICS uses debt in addition to equity financing. Companies that issue more debt instruments would have higher financial risk than companies financed mostly or entirely by equity. -Little or no dependency on debt financing will eliminate the risk. • Operational risk: The risk arising from execution of all UNICS's business functions. These involve; 1. Fraud (internal or external). 2. Clients, products, and business practice -market manipulation, antitrust and improper trade. 17
3. Damage to physical assets - natural disasters, terrorism and vandalism. 4. Business disruption and systems failures - utility disruptions, software and/or hardware failures. 5. Execution, delivery, and process management - data entry errors, accounting errors, failed mandatory reporting and negligence. To reduce operational risk adequate and flexible systems must be put in place; -Only valid or authorized transactions are processed. -Transactions occurred during the correct period or were processed timely. -All transactions are completely processed with no omissions. -Transactions are calculated using an appropriate methodology or are compute accurately. -Assets represent the rights of the company, and liabilities its obligations, as of a given date. Components of financial statements (or other reporting) are properly classified (by type or account) and described. • Currency risk. Given that UNICS holds foreign currencies and also performs international transfers which involves exchange between currencies (the US dollar and the British pound), she runs the risk that currency movements alone may affect the value of the currencies she holds. -UNICS should limit the amount of foreign currencies she holds at a given time period. • Legal risk: (Data protection) UNICS runs the risk that the information she holds may not comply with the laws and regulations in force. This refers to the personal or client information UNICS holds and how it processes it. For example UNICS uses the internet for communication. The passwords to the email address boxes are not restricted to particular employees or are changed on a regular basis. This means that an employee who has resigned or is dismissed can still have access to the entire UNICS information being carried over the internet at anytime anywhere provided there is internet connection. Confidential information may easily reach unauthorized third parties. The therefore propose that passwords to UNICS email address boxes should be restricted to particular employees and should be changed on a monthly basis. UNICS should also review the security of her IT systems and premises regularly. • Legal risk: (Health and safety).Threat of accidents and casualties. For example the cashiers risk falling sick as a result of the continues touching of cash and the inhaling of its smell. -The Board must now, therefore, more than ever, embrace their overall responsibilities towards employee health. • Technology risk. UNICS runs the risk that key processes that she uses to develop, deliver, and manage its products, services, support operations, entry, transfer and storage of data may be lost .The importance of looking at technology risks in the context of UNICS business strategy is underscored by recent lessons learned from the tragedies of September 11th (While the vast majority of information systems recovered well and demonstrated the effectiveness of disaster planning measures, significant gaps in the continuity of key business process were experienced). By understanding the role that technology plays in supporting various business 18
functions, UNICS management is in a better position to determine the relative importance of these functions and prioritize the systems, applications, and data involved. -An information classification program can be instrumental in prioritizing data, and the systems and applications through which it flows. Information classification involves distinguishing classes of data, or systems, and assigning relative priorities. A basic classification system might incorporate three or four categories ranging from” highly confidential" to "public" with various degrees in between. Once categorized, each class of data would be accorded certain treatment. Knowing the classifications allows bank management to trace the flows of information with an eye to ensuring proper protection throughout the system. Obviously, one would not want to see "highly confidential" and "public" information following the same transmission path or stored on the same computer server with only rudimentary controls. The information classification process will assist UNICS PLC Management in focusing attention on priority areas first and pinpointing key areas of vulnerability. • Political risk UNICS PLC faces complications as a result of what are commonly referred to as political decisions or any political change that alters the expected outcome and value of a given economic action by changing the probability of achieving business objectives. For example the recent government circular restricting banks from collecting account holding charges for deposit accounts. -UNICS may have a Chief Risk Officer who is charged with managing political risk or, in many cases, this is the obligation of the Chief Financial Officer. (c)RISK MANAGEMENT AND BUSINESS CONTINUITY. Risk management is simply a practice of systematically selecting cost effective approaches for minimising the effect of unforeseen circumstances to the organization. All risks can never be fully avoided or mitigated simply because of financial and practical limitations. Therefore all organizations have to accept some level of residual risks. The strategies involved in Risk Management include: 1. Transferring the risk to another party, 2. Avoiding the risk, 3. Reducing the negative effect of the risk and, 4. Accepting some or all of the consequences of a particular risk. • Risk avoidance: Includes not performing an activity that could carry risk. An example would be not buying a property or business in order not to take on the liability that comes with it. • Risk reduction: Involves methods that reduce the severity of the loss or the likelihood of the loss from occurring. • Risk retention: Involves accepting the loss when it occurs. True self insurance falls in this category. All risks that are not avoided or transferred are retained by default. War is an example since most property and risks are not insured against war, so the loss attributed by war is retained. • Risk transfer: In the terminology of practitioners and scholars alike, the purchase of an insurance contract is often described as a "transfer of risk." 19
However if risks are improperly assessed and prioritized, time can be wasted in dealing with risk of losses that are not likely to occur. Spending too much time assessing and managing unlikely risks can divert resources that could be used more profitably. GENERAL CONCLUSION. The lack of effective internal controls is one of the remaining impediments to the development of a sustainable microfinance industry; microfinance institutions (MFIs), technical assistance providers, donors, practitioner networks and regulators all have a role in overcoming this obstacle. The officials of UNICS PLC can study these internal control weaknesses that are common elements of fraud or embezzlement and make necessary revisions to the UNICS internal controls. The ultimate tests of the effectiveness of UNICS internal control systems will be time and investor interest. Unfortunately, UNICS may suffer serious unforeseeable financial loss before discovering the weaknesses inherent in her internal audit and control systems if she becomes complacent, assuming that what works well today will work well tomorrow. Microfinance institutions that proactively apply the principles of risk management and implement an effective feedback programme will be able to uncover and address risk exposures and succeed the test of time. MFIs that prove their ability to manage and mitigate risk will be more likely to demonstrate consistent profits, the primary objective of private investors. In addition, MFIs that implement effective internal control systems that aid in the risk management process will be most effective in fulfilling the social mission to provide financial services to low income sectors over the long-term. However if internal control system is implemented only to prevent fraud and comply with laws and regulations, then an important opportunity is missed. The same internal controls can also be used to systematically improve businesses, particularly in regard to effectiveness and efficiency. 20

Recommended

M phil-computer-science-data-mining-projects
M phil-computer-science-data-mining-projectsM phil-computer-science-data-mining-projects
M phil-computer-science-data-mining-projectsVijay Karan
 
Scp presentation
Scp presentationScp presentation
Scp presentationStewart Boyd
 
Esztetikai
EsztetikaiEsztetikai
EsztetikaiJudit Anna Dr. Szabó
 
Testimoni Mitra Dbs
Testimoni Mitra DbsTestimoni Mitra Dbs
Testimoni Mitra Dbsmuchnigroups
 
وتكونون لى شهود القس مايكل انور
وتكونون لى شهود القس مايكل انوروتكونون لى شهود القس مايكل انور
وتكونون لى شهود القس مايكل انورIbrahimia Church Ftriends
 
Feiscluub
FeiscluubFeiscluub
Feiscluubjovesambfutur2
 
Pakatan mengajar belajar
Pakatan mengajar belajar Pakatan mengajar belajar
Pakatan mengajar belajar Nur Shazlina Yusoff
 
Photo3
Photo3Photo3
Photo3alexwafafa
 

Recommended

M phil-computer-science-data-mining-projects
M phil-computer-science-data-mining-projectsM phil-computer-science-data-mining-projects
M phil-computer-science-data-mining-projectsVijay Karan
 
Scp presentation
Scp presentationScp presentation
Scp presentationStewart Boyd
 
Esztetikai
EsztetikaiEsztetikai
EsztetikaiJudit Anna Dr. Szabó
 
Testimoni Mitra Dbs
Testimoni Mitra DbsTestimoni Mitra Dbs
Testimoni Mitra Dbsmuchnigroups
 
وتكونون لى شهود القس مايكل انور
وتكونون لى شهود القس مايكل انوروتكونون لى شهود القس مايكل انور
وتكونون لى شهود القس مايكل انورIbrahimia Church Ftriends
 
Feiscluub
FeiscluubFeiscluub
Feiscluubjovesambfutur2
 
Pakatan mengajar belajar
Pakatan mengajar belajar Pakatan mengajar belajar
Pakatan mengajar belajar Nur Shazlina Yusoff
 
Photo3
Photo3Photo3
Photo3alexwafafa
 
Lpa11
Lpa11Lpa11
Lpa11hazmilplv
 
ضوء الحقيقه بالحقيقه قام - و العمى يبصرون
ضوء الحقيقه بالحقيقه قام - و العمى يبصرونضوء الحقيقه بالحقيقه قام - و العمى يبصرون
ضوء الحقيقه بالحقيقه قام - و العمى يبصرونIbrahimia Church Ftriends
 
العقيده المسيحيه الكنيسه
العقيده المسيحيه الكنيسهالعقيده المسيحيه الكنيسه
العقيده المسيحيه الكنيسهIbrahimia Church Ftriends
 
Managing for the First Time
Managing for the First TimeManaging for the First Time
Managing for the First Timeglobe
 
Group Work: Questions
Group Work: QuestionsGroup Work: Questions
Group Work: Questionsssclasstorremar
 
Theory of probability and probability distribution
Theory of probability and probability distributionTheory of probability and probability distribution
Theory of probability and probability distributionpolscjp
 
Data mining-ieee-2014-projects
Data mining-ieee-2014-projectsData mining-ieee-2014-projects
Data mining-ieee-2014-projectsVijay Karan
 
Tapaltea 130716021738-phpapp01
Tapaltea 130716021738-phpapp01Tapaltea 130716021738-phpapp01
Tapaltea 130716021738-phpapp01Sagar Mehta
 
M.Phil Computer Science Cloud Computing Projects
M.Phil Computer Science Cloud Computing ProjectsM.Phil Computer Science Cloud Computing Projects
M.Phil Computer Science Cloud Computing ProjectsVijay Karan
 
Best traffic
Best trafficBest traffic
Best trafficEducation952
 
Que es el_amor
Que es el_amorQue es el_amor
Que es el_amortere_banegasbella
 
женщины
женщиныженщины
женщиныСветлана Коломиец
 
تاريخ الكنيسه يوسابيوس القيصرىBook i church history
تاريخ الكنيسه يوسابيوس القيصرىBook i church historyتاريخ الكنيسه يوسابيوس القيصرىBook i church history
تاريخ الكنيسه يوسابيوس القيصرىBook i church historyIbrahimia Church Ftriends
 
Reducing the Risk of Fraud​ through Treasury Technology
Reducing the Risk of Fraud​ through Treasury TechnologyReducing the Risk of Fraud​ through Treasury Technology
Reducing the Risk of Fraud​ through Treasury TechnologyElena Oliveira
 
5. Core Banking System
5. Core Banking System5. Core Banking System
5. Core Banking SystemAshish Desai
 
Banking Management
Banking ManagementBanking Management
Banking Managementpriyankpatel2811
 
Finacle - New Banking Technology Advancement
Finacle - New Banking Technology Advancement Finacle - New Banking Technology Advancement
Finacle - New Banking Technology Advancement Infosys Finacle
 
Advancing credit services through the application of credit bureau technology
Advancing credit services through the application of credit bureau technologyAdvancing credit services through the application of credit bureau technology
Advancing credit services through the application of credit bureau technologyFrank Lenisa
 
Foundation Course - Innovation in Financial Services
Foundation Course - Innovation in Financial ServicesFoundation Course - Innovation in Financial Services
Foundation Course - Innovation in Financial ServicesPranavShinde44
 
Banking Management System Synopsys
Banking Management System SynopsysBanking Management System Synopsys
Banking Management System SynopsysMr. Moms
 
A study of cash management at standard chartered bank
A study of cash management at standard chartered bankA study of cash management at standard chartered bank
A study of cash management at standard chartered bankProjects Kart
 
Operationalizing Real-Time Fraud Detection
Operationalizing Real-Time Fraud DetectionOperationalizing Real-Time Fraud Detection
Operationalizing Real-Time Fraud DetectionVivastream
 

More Related Content

Viewers also liked

ضوء الحقيقه بالحقيقه قام - و العمى يبصرون
ضوء الحقيقه بالحقيقه قام - و العمى يبصرونضوء الحقيقه بالحقيقه قام - و العمى يبصرون
ضوء الحقيقه بالحقيقه قام - و العمى يبصرونIbrahimia Church Ftriends
 
العقيده المسيحيه الكنيسه
العقيده المسيحيه الكنيسهالعقيده المسيحيه الكنيسه
العقيده المسيحيه الكنيسهIbrahimia Church Ftriends
 
Managing for the First Time
Managing for the First TimeManaging for the First Time
Managing for the First Timeglobe
 
Theory of probability and probability distribution
Theory of probability and probability distributionTheory of probability and probability distribution
Theory of probability and probability distributionpolscjp
 
Data mining-ieee-2014-projects
Data mining-ieee-2014-projectsData mining-ieee-2014-projects
Data mining-ieee-2014-projectsVijay Karan
 
Tapaltea 130716021738-phpapp01
Tapaltea 130716021738-phpapp01Tapaltea 130716021738-phpapp01
Tapaltea 130716021738-phpapp01Sagar Mehta
 
M.Phil Computer Science Cloud Computing Projects
M.Phil Computer Science Cloud Computing ProjectsM.Phil Computer Science Cloud Computing Projects
M.Phil Computer Science Cloud Computing ProjectsVijay Karan
 
تاريخ الكنيسه يوسابيوس القيصرىBook i church history
تاريخ الكنيسه يوسابيوس القيصرىBook i church historyتاريخ الكنيسه يوسابيوس القيصرىBook i church history
تاريخ الكنيسه يوسابيوس القيصرىBook i church historyIbrahimia Church Ftriends
 

Viewers also liked (13)

Lpa11
Lpa11Lpa11
Lpa11
 
ضوء الحقيقه بالحقيقه قام - و العمى يبصرون
ضوء الحقيقه بالحقيقه قام - و العمى يبصرونضوء الحقيقه بالحقيقه قام - و العمى يبصرون
ضوء الحقيقه بالحقيقه قام - و العمى يبصرون
 
العقيده المسيحيه الكنيسه
العقيده المسيحيه الكنيسهالعقيده المسيحيه الكنيسه
العقيده المسيحيه الكنيسه
 
Managing for the First Time
Managing for the First TimeManaging for the First Time
Managing for the First Time
 
Group Work: Questions
Group Work: QuestionsGroup Work: Questions
Group Work: Questions
 
Theory of probability and probability distribution
Theory of probability and probability distributionTheory of probability and probability distribution
Theory of probability and probability distribution
 
Data mining-ieee-2014-projects
Data mining-ieee-2014-projectsData mining-ieee-2014-projects
Data mining-ieee-2014-projects
 
Tapaltea 130716021738-phpapp01
Tapaltea 130716021738-phpapp01Tapaltea 130716021738-phpapp01
Tapaltea 130716021738-phpapp01
 
M.Phil Computer Science Cloud Computing Projects
M.Phil Computer Science Cloud Computing ProjectsM.Phil Computer Science Cloud Computing Projects
M.Phil Computer Science Cloud Computing Projects
 
Best traffic
Best trafficBest traffic
Best traffic
 
Que es el_amor
Que es el_amorQue es el_amor
Que es el_amor
 
женщины
женщиныженщины
женщины
 
تاريخ الكنيسه يوسابيوس القيصرىBook i church history
تاريخ الكنيسه يوسابيوس القيصرىBook i church historyتاريخ الكنيسه يوسابيوس القيصرىBook i church history
تاريخ الكنيسه يوسابيوس القيصرىBook i church history
 

Similar to Bongko roland final report

Reducing the Risk of Fraud​ through Treasury Technology
Reducing the Risk of Fraud​ through Treasury TechnologyReducing the Risk of Fraud​ through Treasury Technology
Reducing the Risk of Fraud​ through Treasury TechnologyElena Oliveira
 
5. Core Banking System
5. Core Banking System5. Core Banking System
5. Core Banking SystemAshish Desai
 
Finacle - New Banking Technology Advancement
Finacle - New Banking Technology Advancement Finacle - New Banking Technology Advancement
Finacle - New Banking Technology Advancement Infosys Finacle
 
Advancing credit services through the application of credit bureau technology
Advancing credit services through the application of credit bureau technologyAdvancing credit services through the application of credit bureau technology
Advancing credit services through the application of credit bureau technologyFrank Lenisa
 
Foundation Course - Innovation in Financial Services
Foundation Course - Innovation in Financial ServicesFoundation Course - Innovation in Financial Services
Foundation Course - Innovation in Financial ServicesPranavShinde44
 
Banking Management System Synopsys
Banking Management System SynopsysBanking Management System Synopsys
Banking Management System SynopsysMr. Moms
 
A study of cash management at standard chartered bank
A study of cash management at standard chartered bankA study of cash management at standard chartered bank
A study of cash management at standard chartered bankProjects Kart
 
Operationalizing Real-Time Fraud Detection
Operationalizing Real-Time Fraud DetectionOperationalizing Real-Time Fraud Detection
Operationalizing Real-Time Fraud DetectionVivastream
 
Five Financial Industry Objectives for Catalyzing Order from Chaos
Five Financial Industry Objectives for Catalyzing Order from ChaosFive Financial Industry Objectives for Catalyzing Order from Chaos
Five Financial Industry Objectives for Catalyzing Order from ChaosCognizant
 
apidays LIVE Australia 2021 - Empowering the fintech ecosystem with APIs by D...
apidays LIVE Australia 2021 - Empowering the fintech ecosystem with APIs by D...apidays LIVE Australia 2021 - Empowering the fintech ecosystem with APIs by D...
apidays LIVE Australia 2021 - Empowering the fintech ecosystem with APIs by D...apidays
 
Bank Branch Statutory Audit
Bank Branch Statutory AuditBank Branch Statutory Audit
Bank Branch Statutory AuditQuadrisk
 
MIS IN BANKING SECTOR
MIS IN BANKING SECTORMIS IN BANKING SECTOR
MIS IN BANKING SECTORomkar misal
 
The Importance of Intel in Cautious Times
The Importance of Intel in Cautious TimesThe Importance of Intel in Cautious Times
The Importance of Intel in Cautious TimesDP Information Group
 
Guide on Account aggregator License
Guide on Account aggregator LicenseGuide on Account aggregator License
Guide on Account aggregator LicenseEnterslice
 
Banking operations unit4
Banking operations unit4Banking operations unit4
Banking operations unit4UNBFS
 

Similar to Bongko roland final report (20)

Reducing the Risk of Fraud​ through Treasury Technology
Reducing the Risk of Fraud​ through Treasury TechnologyReducing the Risk of Fraud​ through Treasury Technology
Reducing the Risk of Fraud​ through Treasury Technology
 
5. Core Banking System
5. Core Banking System5. Core Banking System
5. Core Banking System
 
Banking Management
Banking ManagementBanking Management
Banking Management
 
Finacle - New Banking Technology Advancement
Finacle - New Banking Technology Advancement Finacle - New Banking Technology Advancement
Finacle - New Banking Technology Advancement
 
Advancing credit services through the application of credit bureau technology
Advancing credit services through the application of credit bureau technologyAdvancing credit services through the application of credit bureau technology
Advancing credit services through the application of credit bureau technology
 
Foundation Course - Innovation in Financial Services
Foundation Course - Innovation in Financial ServicesFoundation Course - Innovation in Financial Services
Foundation Course - Innovation in Financial Services
 
Banking Management System Synopsys
Banking Management System SynopsysBanking Management System Synopsys
Banking Management System Synopsys
 
A study of cash management at standard chartered bank
A study of cash management at standard chartered bankA study of cash management at standard chartered bank
A study of cash management at standard chartered bank
 
Operationalizing Real-Time Fraud Detection
Operationalizing Real-Time Fraud DetectionOperationalizing Real-Time Fraud Detection
Operationalizing Real-Time Fraud Detection
 
Five Financial Industry Objectives for Catalyzing Order from Chaos
Five Financial Industry Objectives for Catalyzing Order from ChaosFive Financial Industry Objectives for Catalyzing Order from Chaos
Five Financial Industry Objectives for Catalyzing Order from Chaos
 
apidays LIVE Australia 2021 - Empowering the fintech ecosystem with APIs by D...
apidays LIVE Australia 2021 - Empowering the fintech ecosystem with APIs by D...apidays LIVE Australia 2021 - Empowering the fintech ecosystem with APIs by D...
apidays LIVE Australia 2021 - Empowering the fintech ecosystem with APIs by D...
 
Bank Branch Statutory Audit
Bank Branch Statutory AuditBank Branch Statutory Audit
Bank Branch Statutory Audit
 
Banking innovations
Banking innovationsBanking innovations
Banking innovations
 
21595
2159521595
21595
 
Alpha seaq&a june2008
Alpha seaq&a june2008Alpha seaq&a june2008
Alpha seaq&a june2008
 
MIS IN BANKING SECTOR
MIS IN BANKING SECTORMIS IN BANKING SECTOR
MIS IN BANKING SECTOR
 
The Importance of Intel in Cautious Times
The Importance of Intel in Cautious TimesThe Importance of Intel in Cautious Times
The Importance of Intel in Cautious Times
 
Innovation in Banking
Innovation in BankingInnovation in Banking
Innovation in Banking
 
Guide on Account aggregator License
Guide on Account aggregator LicenseGuide on Account aggregator License
Guide on Account aggregator License
 
Banking operations unit4
Banking operations unit4Banking operations unit4
Banking operations unit4
 

Recently uploaded

Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 

Recently uploaded (20)

Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 

Bongko roland final report

  • 1. GENERAL INTRODUCTION: Unity Co-operative Society (UNICS) was created on the 15th of February 2000 by a resolution of a constituent general meeting, with the goal to create added value to the Cameroonian economy. The creation of UNICS is backed by law No 92/006 of 14 August 1992 relating to the Co-operative Societies and Common Initiative Groups and by its degree of implementation No 92/455/PM of 23rd November 1992.UNICS is accredited to COBAC (D2002/48 OF 27/11/2002). UNICS has as mission to co-operate and solve future economic problems through present day decisions and actions. UNICS’s primary objectives include; alleviation of poverty and unemployment through the creation of wealth and financing of micro projects, provide efficient and rapid financial services to society through the medium of her dynamic staff. After 8 years of hard work and dedication, UNICS now boasts of 9 branches. These include; 1. Yaounde Marche Central, 2. Yaounde BiyemAssi, 3. Douala Deido, 4. Douala Bonaberi, 5. Buea, 6. Bamenda, 7. Kribi, 8. Limbe and 9. Bafut branches. UNICS also has correspondent branches abroad in the UK and in the USA For 8 years (15/01/2000-31/12/2008) UNICS operated as a category I microfinance institution. Under this category her activities were limited to those of a co-operative. She was considered a non profit making entity composed of members. As of 1st January 2009, UNICS becomes a category II microfinance institution and also moves from UNICS to UNICS PLC (UNITY CO-OPERATIVE SOCIETY PUBLIC LIMITED COMPANY). The 28th of March 2009 marked an important step in the growth and development of UNICS. On this UNIC’s status of a category II microfinance institution was approved by the General Assembly which was held in Bamenda.She now has the status of a profit making institution. She is now subjected to greater government scrutiny (She is now liable to value added tax (VAT)). The micro-finance sector in Cameroon is steadily growing. The sector has about 520,000 customers. (www.allafrica.com). UNICS has a customer portfolio of over 20 000 customers (THE LENDER.1st edition) as at 31st December 2008.This means that UNICS PLC has a microfinance market share of about 4% in Cameroon. 1
  • 2. PART ONE PRACTICAL TRAINING EXPERIENCE AT VARIOUS SERVICES Chapter 1 SERVICES AND ACTIVITIES (a) INTRODUCTION I was recruited into UNICS PLC on the 2nd of February 2002.I had a probation period of three months. It was carried out in two phases: the Orientation Phase at Head Office/Yaounde Marche Central Branch and Technical Phase at the UNICS Kribi branch (as internal control trainee). During this probation period, I had the opportunity to visit all the services indicated below.It is worth noting that the branch is the microcosm of the general organization of UNICS PLC. It is the commercial center of organization. (b) PRACTICAL EXPERIENCE ACQUIRED THROUGH SERVICES. (1) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES Accounting Inconsistent filling Every personnel must be trained to keep archive Collects, records, and Ensure weekly check on archives. analyses and documentation Employees who fail to classify their documents should be reports financial sanctioned. statements of Access to affairs of UNICS documents not Each service must have a register to record movement of PLC restricted Insufficient filing archives and those responsible space (2) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES Internal Control and audit Provide assurance to management about ; Inadequate Internal controllers should be given -Effectiveness of operations training adequate training and should -Economical and effective use of resources acquire enough experience in other -Reliability of financial reporting Lack of a to be able to do their work -Compliance with policies, procedures, and complete internal effectively. regulations, control audit -Safeguarding of assets manual An efficient an effective standard -Integrity, reliability of information, accounts audit and internal control system and data should be put in place.(pages 8,12 ) - Fraud, irregularity or corruption - risk management 2
  • 3. (3) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES Banking operations, Customer service and tellers Chronos are not filed Ensure rearrangement of chronos in a chronological Receive, direct in a serial order. order. orientate and serve clients at different Not all accounts have The customer service should endeavor to produce a levels. pictures and list of all clients who haven’t got their pictures or signatures attributed signature in their accounts. to them. Staff working especially at the front office needs to be given regular training on customer relationship. (4) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES Credit and Recovery, The entire Growing A clear plan for follow up of the client is very essential to ensure management delinquency rate. timely repayment. and recovery of loans. Increase debits in Ensure solid agreements exist between UNICS and her clients accounts. counterparties.Fixed assets are ideal as collaterals. A follow up of the strict implementation of the new credit policy should be put in place. (5) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES Local and International Operations , Absence of updated account history with International transfer For local(speedy the Bank of America, this implies that there transactions should have a cash)and international is little or no control to approved deposits formal procedure. money transfers made in BOA for payout here in Cameroon. Recent crackdown of fraud of the 1st of April 2009 which included the depositing of fraudulent electronic cheques against the UNICS account of HSBC in London. 3
  • 4. (6) SERVICE/ OBSERVATIONS RECOMMANDATION ACTIVITIES General . . Shortages reported by tellers Electronic banking seems to be the final word. The may just be another means to use of automatic teller machines can effectively solve obtain a fast overdraft as the this problem or, final punishment is an Shortages or overages reported by tellers should be well investigated before sanctions are given to them. obvious debit into their account. The speedy cash network is very The system should be coded such that it can be exposed. An employee who has opened only on a particular computer in the office as the password to the website can it is done for Western Union. seat at any cyber cafe completely out of the office and effect a transfer or payment. Inadequate protection of UNICS should consider the desire for customer employee and client information. privacy and data security (bank secrecy), as well as the legislative and cultural norms. Some customers prefer assurances that their data will not be shared with third parties without their prior consent and that safeguards are in place to prevent illegal access by third parties. UNICS should ensure all employees are given a copy of the company’s data protection policy. Collectors may be existing as The risk may be minimized by recruiting only female “ghost banks” bearing UNICS collectors. PLC’s name (that is collecting cash from clients and taking Figures without clients signatures should not be custody of the sums). posted into the system and collectors must make Also it has been noticed that sure the clients sign against their deposits clients hardly sign against amounts deposited with Collectors should be given proper training on the collectors and therefore a risk products they market and the risk involved. exist that collectors may alter figures in their registers or . clients may claim inflated amounts. Collectors are untrained and can They (collectors) should also be trained on how to fill hardly market the products in figures involving overdrafts in the booklets of client. question. Constant electricity disruption Generators be made available to branches during working hours. 4
  • 5. PART TWO EXAMINE THE FUNCTIONING OF A STANDARD AUDIT AND CONTROL SYSTEMS IN A MICROFINANCE INSTITUTION (Case Study: UNICS PLC) Chapter 2 OVERVIEW OF SUBJECT MATTER (a) INTRODUCTION: This study is shaped to help UNICS improve the quality of internal audit and controls and her risk management processes. It focuses on problem prevention (preventive control) and early problem identification (detective control). The study provides guidelines for establishing operational activities that will assist UNICS in identifying vulnerabilities, designing and implementing controls; monitoring the effectiveness of controls. It also highlights problem resolution (corrective control) as a means for risk management. More generally, objectives, budgets, plans and other expectations are bases for control and audit. By setting objectives, management can then identify the risks involved in achieving these objectives. To address these risks, management may implement specific internal controls. The effectiveness of internal control can then be measured by how well the objectives were achieved and how effectively the risks were managed. One of the primary objectives of internal auditing in relation to corporate governance is helping the Audit Committee of the Board of Directors (or equivalent) perform its responsibilities effectively. This may include reporting critical internal control problems, informing the Committee privately on the capabilities of key managers, suggesting questions or topics for the Audit Committee's meeting agendas, and coordinating carefully with the external auditor and management to ensure that objective setting is considered a precondition to internal control. (b) DEFINITIONS Audit: The general definition of an audit is an evaluation of a person, organization, system, process, project or product. Audits are performed to ascertain the validity and reliability of information; also to provide an assessment of a system's internal control. The goal of an audit is to express an opinion on the person/organization/system (etc) in question, under evaluation based on work done on a test basis. Those who perform audits are called auditors (www.google.com). Control: A control is any action taken by the Board, Management and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Management plans, organizes, and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals will be achieved (www.google.com). Microfinance institutions: refers to the provision of financial services to poor or low-income clients, including consumers and the self-employed. The term also refers to the practice of sustainably delivering those services (www.google.com). 5
  • 6. Internal audit and internal control Although internal control and internal audit are closely related, they are distinct from each other. Internal control is defined as a process affected by an organization's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives. It is a means by which an organization's resources are directed, monitored, and measured. It plays an important role in preventing and detecting fraud and protecting the organization's resources, both physical (e.g. property) and intangible (e.g., reputation or intellectual property such as trademarks). Internal audit: An independent appraisal service to management that measures and evaluates the effectiveness and efficiency of internal control system .It uses and investigative/detective approach. However, internal auditors are not responsible for the execution of company activities, they advise management and the Board of Directors (or similar oversight body) regarding how to better execute their responsibilities. (c) THE ROLE OF EXTERNAL AUDIT. • It should not be a part of the internal control process. • It should provide independent external comment on the standard, quality and coverage of internal audit. • It should not duplicate the internal audit work except grounds for concern. • Should examine and comment on both internal audit and internal control quality. 6
  • 7. Chapter 3 INTERNAL CONTROL STRUCTURE (a) INTRODUCTION Effective internal controls and standard audits are the foundation of safe and sound banking systems. The purpose of internal controls is not to entrap employees; rather, good internal controls provide a working environment in which good employees are not tempted to do something they would not ordinarily do. The formality of internal control system will depend largely on an institutions size, the complexity of operations and its risk profile. However fraud and embezzlement schemes are not solely a problem of larger institutions. In fact, the very size of small microfinance institutions creates opportunities for a weak internal control structure and fraud. Therefore the Board and Management of UNICS PLC should work within her scope to develop methods that will safeguard the institutions resources and clients' accounts and reduce the opportunity for fraud. A proposed internal control flow chart for UNICS PLC is presented below. (Figure 1) 7
  • 8. Figure 1: Proposed Internal Control Flow Chart for UNICS Plc Elements of Management Control System BOD and Management Control Environment External auditors and regulators Internal and External Risk Assessment Controllable and Uncontrollable Control Activities Approval and Authorization Segregation of duties Physical Controls Information Processing Obligatory Vacation for Staff Accounting, Information and Communication Monitoring 8
  • 9. (b) CHARACTERISTICS OF INTERNAL CONTROL/OBSERVATIONS /RECOMMENDATIONS Control environment Reflects the Board of Directors and Management’s commitment to internal control. This provides discipline and structure to the internal system. Management is accountable to the Board of Directors, which provides governance, guidance and oversight. The Board of Directors should: 1. Periodically discuss the internal control systems effectiveness with management, 2. Review internal control evaluation conducted by management and auditors, 3. Monitor management action on auditor recommendations, 4. Review the institutions strategies and risk limits. 5. Ensure that Management properly considers the risks and control issues associated with emerging technologies and also embrace electronic banking. The Board may delegate some of these duties and responsibilities to an Audit Committee or a risk committee. The General Manager of UNICS PLC has overall responsibility for designing and implementing effective internal control. More than any other individual, the General Manager sets the "tone at the top" that affects integrity and ethics and other factors of a positive control environment. Virtually all employees produce information used in the internal control system or take other actions needed to effect control. Elements of a control environment • Organizational structure of the UNICS PLC • Management philosophy and operating style (All business strategies should be formal ) • The integrity, ethics and competence of personnel should be taken seriously into consideration. • External influences that affect the institution’s operations and its risk management for example independent audits should be taken into account. The effectiveness of human resource, policies and procedures should be reviewed on regular basis. However, whether UNICS PLC achieves operational and strategic objectives may depend on factors outside the enterprise, such as competition or technological innovation. Risk assessment This involves identification, measurement and analysis of risk (internal and external, controllable and uncontrollable) at individual business levels and for the institution as a whole. The Management of UNICS should assess all risks facing the institution because uncontrollable risk taking can prevent the institution from reaching its objectives or can jeopardize operations. Control activities These are policies, procedures and practices established to help ensure that bank personnel carry out Board and Management directives at all business levels of the institution. I therefore propose that; • Only approved and authorised transactions and activities should be executed and violators should be given due punishment. • Duties should be segregated and rotated to reduce a person’s opportunity to commit and conceal fraud or errors (for example assets should not be in the custody of the person who procures, authorizes and records it) 9
  • 10. Physical safeguards for assess to and the use of assets and records should be improved. (For example UNICS should secure facilities and control access to computer programmes and data files.) .The use of cameras to protect property is recommended. • Independent checks should be conducted on whether jobs are getting done and records accurate. Control over information whether automatic or manual should be adequate to ensure the integrity of management information systems, books and records. • UNICS employees should enter pertinent information into the processing systems in a timely manner ,A significant deficiency in a control system is a deficiency in risk management (for example the failure to process transaction in an accurate, thorough and timely manner which is a failure of internal control ,exposes the system to potential loses) • There should exist a requirement that officers and employees in sensitive positions be absent for two consecutive weeks each year. This will eliminate the risk of fraud due to a continues and uninterrupted presence. Accounting, information and communication systems This captures and imparts pertinent and timely information in a form that enables the Board, Management and employees to carry out their responsibilities. This includes accounting systems (methods and records that identify, assemble, analyze, classify, records and report an institution’s transactions). Information and communication systems (enable all personnel to understand their roles in the control system, how their roles relate to others and their accountability). These systems of information are very important as they produce reports on operations, finance and compliance that enable Management and Board to run the institution. It also provides information to external parties such as regulators, shareholders and customers. It is important to note that Management Information Systems are distinct from regular information systems in that they are used to analyze other information systems applied in operational activities in the organization. Self assessment This will involve UNICS’s own oversight of the control system performance. These are evaluation of departmental or operational controls by persons within the area. All UNICS personnel should share responsibility for self assessment or monitoring. Also, all personnel should be responsible for communicating upward problems in operations, noncompliance with the code of conduct, or other policy violations or illegal actions. Internal control must be consistently applied and well understood by bank staff if board and management policies are to be effectively implemented. However effective and well designed internal control systems are still subject to execution risk. In other words, most control systems are executed by human beings whom even if well trained and with the best of intentions can still be subjected to distraction, carelessness, tiredness, or confusion 10
  • 11. Chapter 4 STRUCTURING OF A STANDARD AUDIT (a) INTRODUCTION Internal audit is going through a significant period of development and change in UNICS which provides a number of opportunities and challenges. Corporate governance development in general has provided much focus on the rule of internal audit and internal auditors/controllers need to demonstrate the right skills, knowledge and understanding of the organizations system of internal control. An organization's internal control structure is at the heart of its processes and controls. The Audit Committee or its equivalent, with its responsibility of evaluating the efficiency of the organization's internal control service, needs to understand the concepts of internal control in order to be effective and efficient. Internal audit is vital in assessing, reporting and proposing solutions to management about the effectiveness and efficiency of internal control systems. (b) INTERNAL AUDIT STRUCTURE There are two possible structures: - A Centralized System where all auditors are stationed at head office and only go down to the field on regular basis for control and -A decentralized system where controllers are stationed at the branches or subsidiaries, perform audits and report to a central controller. It is important to emphasise that internal control and internal audit are related but are different from each other.UNICS PLC uses the name internal controller to refer to internal auditors. My proposal is that the name internal controller should be changed and should be called internal auditor so that the functions of internal control and internal audit can be well understood. .A proposed internal and decentralized audit organizational structure for UNICS PLC is as indicated below. Figure 2.(also see reporting structure). 11
  • 12. Figure 2:Proposed Decentralised Internal Audit Structure for UNICS Plc Board of Directors Internal Audit Committee Chairman of the Board of Directors Vice Chairman of the Board of Directors National Internal Auditor Internal Auditor Internal Auditor Internal Auditor Reporting System Board of Directors Internal Audit Committee Chairman of the Chairman of the Board of Directors Internal Audit Committee (Chairman Vice Chairman of of the Board of the Board of Directors) Directors e National Internal Auditor Internal Auditor Internal Auditor Internal Auditor 12
  • 13. A developing best practice will be for the internal auditors who should be at the level of the UNICS PLC branches to report directly to the National Internal Auditor who should be stationed at the Hea Office. The National Internal Auditor should report to the Audit Committee through the chairman of this committee who should be the chairman of the Board of Directors. In such cases, the comm ttee should have a means to evaluate the performanc Internal audits should be designed as an integrated process, independent from other business operations, for evaluating the extent to which internal control achieves its objectives in key areas, including appropriate risk management, efficient and effective business operations, reliable financial reporting and compliance with laws, regulations and internal rules. It should offer advice and remedial recommendations in connection with any problems that may be identified. Through this process, internal audits will assist the Boards of Directors of UNICS PLC to fulfill their managerial duties efficiently and effectively. The internal Audit Committee should determine all important matters concerning internal audits. The committee should be chaired by the chairman of the board of directors. The internal Audit Committee should be able to monitor and manage internal audits at all UNICS PLC branches through internal audit reports prepared by internal auditors and submitted to the National Internal Auditor. These decisions together with the results of their examination of the internal audit reports are sent to the Board of Directors. (c) ROLE OF THE AUDIT COMMITTEE. Since the occurrence of significant frauds can frequently be attributed to an override of internal controls, the Audit Committee plays an important role to ensure that internal controls address the appropriate risk areas and are functioning as designed. If fraud or irregularities are asserted or discovered, the Audit Committee, through the internal auditors, should investigate, and, if necessary, request legal counsel to assert claims on the organization’s behalf. If fraud is discovered, or there is a reasonable basis to believe that fraud may have occurred, the Audit Committee is responsible for ensuring that an investigation is undertaken and necessary measures taken. With a decentralized internal audit system UNICS will benefit as follows; 1. Fraudulent or erroneous transactions may be prevented before they occur because the internal auditors are present in the field and are monitoring all transactions. 2. Objective assessment of the effectiveness and efficiency of operations is easily accomplished. 3. Internal auditors at various levels of the institution will use their knowledge to spread good practices throughout the organization. 4. Management can easily get advice on whether the institution has sound systems of internal controls and therefore be in an ideal position to protect the organization against loses. 5. May detect mistakes caused by personal distraction, carelessness, fatigue, arrows in judgment, or unclear instructions in addition to fraud or deliberate non compliance with policies. 6. Can help UNICS measure performance, make decisions, evaluate processes and limit risk. 13
  • 14. Chapter 5 CATEGORIES OF FRAUD (a)INTRODUCTION An understanding of fraud is essential for the Audit Committee to carry out its responsibilities. The Audit Committee also needs to be aware of the fact that, fraud affecting the organization often falls within one of three categories: • Management fraud, which involves senior management’s intentional misrepresentation of financial statements, or theft or improper use of company resources. • Employee fraud, which involves nonsenior employee theft or improper use of company resources. • External fraud, which involves theft or improper use of resources by people who are neither management nor employees of the firm. This categorization of fraud is useful, but not absolute. This is because middle management employees may intentionally misrepresent financial statement transactions, for example, to improve their apparent performance, or outside individuals may collude with company management or employees. It is proposed that internal audit staff be experienced and trained in fraud prevention and deterrence. With such training internal auditors can serve a vital role in aiding in fraud prevention and deterrence. This will help to provide assurance that • Risks are effectively identified and monitored; • Organizational processes are effectively controlled and tested periodically; and • Appropriate follow-up action is taken to address control weaknesses. The Audit Committee needs to ensure that internal auditors are carrying out their responsibilities in connection with potential fraud. (b) INTERNAL CONTROL AND FRAUD PREVENTION. (WHAT COULD BE DONE TO AVOID FRAUD AND EMBEZZLEMENT IN UNICS) (1) AVENUE POSSIBLE FRAUD RECOMMENDATIONS This is one of the most A supervisor may regularly review a sample of all new important symptoms of loans issued and determine whether required fraud. Inaccurate or documentations are present, and if not, confirm missing incomplete records are information with third parties. Missing often used to hide fraud. documentatio Make sure loan documentation is complete: guarantee n Fictitious loans could be titles, insurance, charges deducted. Be aware of made in the name of counterfeit collateral. former borrowers. This way UNICS can also identify fraudulent practices by loan officers or non adherence to new policies before they are replicated on a wide scale. 14
  • 15. (2) AVENUE POSSIBLE FRAUD RECOMMENDATIONS MIS officers or managers or MIS reports should contain proper Resistance to some employees may be information for review by management for improve the resisting efforts to modify or internal control purposes. Management improve the MIS. There Information are“ghosts and skeletons” Management should regularly review MIS System(MIS) by the which they do not want to reports and consider possible modifications management or bring out. or improvements. some employees (3) AVENUE POSSIBLE FRAUD RECOMMENDATIONS I would say that the second most General ledger suspense accounts or frequent category of frauds (fictitious transit accounts should be reconciled Existence of loans being first) are done using general and checked weekly by an internal transit or ledger suspense accounts or transit controller. suspense accounts. accounts General ledger suspense accounts generally are used to temporarily "store" a transaction until all necessary information is available, but can also be used to hide an unauthorized transaction. (4) Embezzlements usually require the Policies that require managers and AVENUE POSSIBLE FRAUD RECOMMENDATIONS Lack of embezzler's ongoing attention. employees to take at least one and mandatory preferably two weeks' vacation (not a day vacation policy here and there) reduce the risk of embezzlements. (5) AVENUE POSSIBLE FRAUD RECOMMENDATIONS Combination of duties may allow a Therefore total Segregation of duties is highly manager or supervisor to approve recommended to be fully applied or improved in the loans, set them up on the UNICS. No one should have full control of a Lack of system, issue the checks, and whole process or activity. segregation then cash them through a teller of duties. drawer. Make sure that managers and supervisors don’t (Combination know the tellers’ passwords and make sure the of duties as a Microfinance institutions with tellers change their passwords regularly. result of limited staff are often at risk of inadequate errors, fraud and embezzlement staff). because the critical work is done by few people. (6) 15
  • 16. AVENUE POSSIBLE FRAUD RECOMMENDATIONS Weak software can be used to A review and evaluation of the MIS by outside hide fraud. experts can reveal flaws in risk management and May be the programmers who internal control. Weak did conceive the software software received no directions from For example a good application should log and experts in internal control as to report the user name and event date/time of all what internal control principles entry and deletion of transactions and also for or procedures to integrate into creating, editing, and deleting clients, loans, and the software (for example, schedules of installments. segregation of duties). (7) AVENUE RECOMMENDATIONS Adequate audit trails should be maintained. Audit trails will enable the tracing of any given item through the UNICS books. The internal controller or auditor should pull all loan files him/herself. He/she Inadequate audit should keep in mind that any person he/she is asking to assist could be a thief. trails The controller should verify every explanation that an employee offers. In some cases, the auditor should contact the loan recipient. Software should also have a thorough audit trail built in. (8) AVENUE RECOMMENDATIONS UNICS can benefit from outside experts to help her set up and make Absence of improvements to their internal control systems. It is often easier for an impartial technical third party to identify shortcomings in the internal control system than for assistance operational staff to objectively evaluate its effectiveness. (9) AVENUE RECOMMENDATIONS UNICS may encourage donor participation given that ; Donors can facilitate the development of internal control mechanisms by providing funds for the initial risk assessment and implementation of internal controls. Absence They may require UNICS to have some type of internal control mechanism, appropriate of donor to the UNICS’s level of development rule They may encourage UNICS to develop an operations manual and to conduct client visits as part of its regular operations. In addition, donors can support microfinance in their efforts to test new ways to mitigate old risks through new products, such as micro insurance, or operational control tools, such as internal audit software 16
  • 17. Chapter 6 IDENTIFYING AND MANAGING RISK (a) INTRODUCTION Surprises may be fatal to UNICS. Risk is inevitable, avoiding risk impossible. Risk management is the key. The more you know about what you are doing, the less risk you run. If you can define risks, you can limit them. If business was good yesterday, good today, it is not a guarantee that it will be good tomorrow. The recent case of bankruptcy by the Lehman brothers on September 15 2008 can clearly explain this. Management performs risk assessment activities as part of the ordinary course of business in each of these categories: strategic planning, marketing planning, capital planning, budgeting, hedging, incentive payout structure, and internal auditors are typically part of the project team in an advisory role. (b) VARIOUS RISKS FACED BY UNICS PLC/RECOMMENDATIONS • Credit risk: This is the risk that the borrower will be unable or unwilling to pay back the loan. -Solid agreements should exist between UNICS PLC and her borrowers. • Counterparty risk: The risk that a party to a contract will be unable or unwilling to uphold their obligations (co-maker or co-signer). -Solid agreements should exist between UNICS and her counterparties. • Asset price risk: The risk that assets will depreciate in value, resulting in financial losses, for example those held as securities of collaterals for loans. -The long term effect on assets held as collaterals should be well evaluated. • Capital risk: A common concern with any investment is that you may lose the money you invest (your capital). -UNICS should implement a system of effective planning and objective setting in order to minimise loses. • Financial risk: UNICS shareholders bear an additional risk when UNICS uses debt in addition to equity financing. Companies that issue more debt instruments would have higher financial risk than companies financed mostly or entirely by equity. -Little or no dependency on debt financing will eliminate the risk. • Operational risk: The risk arising from execution of all UNICS's business functions. These involve; 1. Fraud (internal or external). 2. Clients, products, and business practice -market manipulation, antitrust and improper trade. 17
  • 18. 3. Damage to physical assets - natural disasters, terrorism and vandalism. 4. Business disruption and systems failures - utility disruptions, software and/or hardware failures. 5. Execution, delivery, and process management - data entry errors, accounting errors, failed mandatory reporting and negligence. To reduce operational risk adequate and flexible systems must be put in place; -Only valid or authorized transactions are processed. -Transactions occurred during the correct period or were processed timely. -All transactions are completely processed with no omissions. -Transactions are calculated using an appropriate methodology or are compute accurately. -Assets represent the rights of the company, and liabilities its obligations, as of a given date. Components of financial statements (or other reporting) are properly classified (by type or account) and described. • Currency risk. Given that UNICS holds foreign currencies and also performs international transfers which involves exchange between currencies (the US dollar and the British pound), she runs the risk that currency movements alone may affect the value of the currencies she holds. -UNICS should limit the amount of foreign currencies she holds at a given time period. • Legal risk: (Data protection) UNICS runs the risk that the information she holds may not comply with the laws and regulations in force. This refers to the personal or client information UNICS holds and how it processes it. For example UNICS uses the internet for communication. The passwords to the email address boxes are not restricted to particular employees or are changed on a regular basis. This means that an employee who has resigned or is dismissed can still have access to the entire UNICS information being carried over the internet at anytime anywhere provided there is internet connection. Confidential information may easily reach unauthorized third parties. The therefore propose that passwords to UNICS email address boxes should be restricted to particular employees and should be changed on a monthly basis. UNICS should also review the security of her IT systems and premises regularly. • Legal risk: (Health and safety).Threat of accidents and casualties. For example the cashiers risk falling sick as a result of the continues touching of cash and the inhaling of its smell. -The Board must now, therefore, more than ever, embrace their overall responsibilities towards employee health. • Technology risk. UNICS runs the risk that key processes that she uses to develop, deliver, and manage its products, services, support operations, entry, transfer and storage of data may be lost .The importance of looking at technology risks in the context of UNICS business strategy is underscored by recent lessons learned from the tragedies of September 11th (While the vast majority of information systems recovered well and demonstrated the effectiveness of disaster planning measures, significant gaps in the continuity of key business process were experienced). By understanding the role that technology plays in supporting various business 18
  • 19. functions, UNICS management is in a better position to determine the relative importance of these functions and prioritize the systems, applications, and data involved. -An information classification program can be instrumental in prioritizing data, and the systems and applications through which it flows. Information classification involves distinguishing classes of data, or systems, and assigning relative priorities. A basic classification system might incorporate three or four categories ranging from” highly confidential" to "public" with various degrees in between. Once categorized, each class of data would be accorded certain treatment. Knowing the classifications allows bank management to trace the flows of information with an eye to ensuring proper protection throughout the system. Obviously, one would not want to see "highly confidential" and "public" information following the same transmission path or stored on the same computer server with only rudimentary controls. The information classification process will assist UNICS PLC Management in focusing attention on priority areas first and pinpointing key areas of vulnerability. • Political risk UNICS PLC faces complications as a result of what are commonly referred to as political decisions or any political change that alters the expected outcome and value of a given economic action by changing the probability of achieving business objectives. For example the recent government circular restricting banks from collecting account holding charges for deposit accounts. -UNICS may have a Chief Risk Officer who is charged with managing political risk or, in many cases, this is the obligation of the Chief Financial Officer. (c)RISK MANAGEMENT AND BUSINESS CONTINUITY. Risk management is simply a practice of systematically selecting cost effective approaches for minimising the effect of unforeseen circumstances to the organization. All risks can never be fully avoided or mitigated simply because of financial and practical limitations. Therefore all organizations have to accept some level of residual risks. The strategies involved in Risk Management include: 1. Transferring the risk to another party, 2. Avoiding the risk, 3. Reducing the negative effect of the risk and, 4. Accepting some or all of the consequences of a particular risk. • Risk avoidance: Includes not performing an activity that could carry risk. An example would be not buying a property or business in order not to take on the liability that comes with it. • Risk reduction: Involves methods that reduce the severity of the loss or the likelihood of the loss from occurring. • Risk retention: Involves accepting the loss when it occurs. True self insurance falls in this category. All risks that are not avoided or transferred are retained by default. War is an example since most property and risks are not insured against war, so the loss attributed by war is retained. • Risk transfer: In the terminology of practitioners and scholars alike, the purchase of an insurance contract is often described as a "transfer of risk." 19
  • 20. However if risks are improperly assessed and prioritized, time can be wasted in dealing with risk of losses that are not likely to occur. Spending too much time assessing and managing unlikely risks can divert resources that could be used more profitably. GENERAL CONCLUSION. The lack of effective internal controls is one of the remaining impediments to the development of a sustainable microfinance industry; microfinance institutions (MFIs), technical assistance providers, donors, practitioner networks and regulators all have a role in overcoming this obstacle. The officials of UNICS PLC can study these internal control weaknesses that are common elements of fraud or embezzlement and make necessary revisions to the UNICS internal controls. The ultimate tests of the effectiveness of UNICS internal control systems will be time and investor interest. Unfortunately, UNICS may suffer serious unforeseeable financial loss before discovering the weaknesses inherent in her internal audit and control systems if she becomes complacent, assuming that what works well today will work well tomorrow. Microfinance institutions that proactively apply the principles of risk management and implement an effective feedback programme will be able to uncover and address risk exposures and succeed the test of time. MFIs that prove their ability to manage and mitigate risk will be more likely to demonstrate consistent profits, the primary objective of private investors. In addition, MFIs that implement effective internal control systems that aid in the risk management process will be most effective in fulfilling the social mission to provide financial services to low income sectors over the long-term. However if internal control system is implemented only to prevent fraud and comply with laws and regulations, then an important opportunity is missed. The same internal controls can also be used to systematically improve businesses, particularly in regard to effectiveness and efficiency. 20