Risk Management, Internal Controls and Internal Audit
Risk Management, Internal Controls and Internal Audit
Adopt a risk-based approach to identify and mitigate your business risks.
Our services include:
evaluating your operating risks to tailor-make your risk management strategy;
establish sound internal controls to mitigate risks and prevent fraud and malpractices (e.g. corruption);
assisting with change management through staff training;
undertaking internal audit to ensure compliance with the laid down policies, procedures and regulations; and
conducting fraud and business investigations.
Frequently Asked Question
Business risks such as -
political risks, government policy
general / regional economic problems
industry / market risk (e.g. sector in decline; competitive pressure on price / market share)
wrong business strategy; too slow to respond to demands from market and customers; over reliance on key customers
poor brand management
obsolescence of technology; too slow to innovate and reengineer
bad acquisition; or becoming a takeover target
2. Financial risks such as -
credit risk; interest risk; currency risk
liquidity risk; overtrading; high cost of capital; unfulfilled pledges to investors
decisions based on incomplete or faulty information
breakdown of accounting system; penetration and attack of IT systems by hackers
fraud
3. Compliance risks such as -
breach of Listing Rules
breach of financial regulations and other statutory requirements (e.g. Companies Ordinance; environmental issues and competition regulations)
4. Operational and other risks such as -
inefficient / ineffective management process
probity issues (e.g. bribery; breach of confidentiality)
skills shortage; loss of key people; lack of employee motivation or efficiency; industrial action
stock-out of raw materials
loss of physical or intangible assets
physical disasters (e.g., fire and explosion)
There are inherent limitations in control. A sound and well designed system of internal control reduces, but cannot eliminate the possibility of
poor judgement in management decision-making;
human error or mistake;
control activities and processes being deliberately circumvented by the collusion of employees or others;
management overriding controls; and
the occurrence of unforeseeable circumstances.
Regular internal audit can help to timely detect any control loopholes, non-compliance and fraud.
Internal audit -
evaluates a company’s internal controls, including its corporate governance and accounting processes to ensure accurate and timely financial reporting and data collection;
review compliance with internal controls, laws and regulations; and
provide management information to attain operational efficiency.