Internal control and their failures

COSO Framework

To evaluate on Madoff Securities‘ internal controls and their failures, some of the framework adopted for evaluating internal controls that was developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) that includes aspects such as control environment, risk assessment, control activities, information and communication and monitoring activities (Cruz, 2016) will be applied.

trust in close relationships

Firstly, the relationship that exists between Madoff and those holding main positions of corporate governance within Madoff Securities contributed to an ineffective control environment. This is due to the elevated risk of collusion occurring as a result of the trust between both parties in such a relationship (Coenen, n.d). Madoff’s brothers worked as Chief Compliance Officer while both of his sons worked as directors; and because they trusted Madoff, it gave Madoff the opportunity to have more control over the transaction processes of the company (Azim and Azam, 2016). This gave Madoff more opportunity to cover up the fraud.

Lack of segregation of duties

A second form of failure lies within the centralization of power within the company as there is not only failure in the control environment itself, but also failure in proper application of control activities. Segregation of duties is an important aspect of internal control as it becomes less likely for someone to be able to cover up fraud when a key process is done by a separate party (Thomas, n.d). In implementation for example, positions such as assets manager, recorder, fund administrator and custodian should be held by separate people. However, this was not observed in Madoff Securities as Madoff was in charge of multiple transactions – such as managing assets reporting assets – which allowed him to fabricate numbers without being questioned, as the lack of control activities caused no review to be done to these accounts. Ultimately, this led to him being able to hide his scheme for many years before eventually being caught (Azim and Azam, 2016).

poor risk assessment

According to allegations by the SEC (2009), the sole auditor of Madoff Securities, Friehling & Horowitz (F&H) did not conduct proper testing of the internal controls within the company and merely audited accounts that had a lack of procedures in place. As such, proper risk assessment was absent within Madoff Securities, which resulted in certain risks such as of heavy debts being ignored (SEC, 2009).

Secrecy

Another problem was the lack of information communicated within and outside the company as Madoff kept all transactions and financial statements in secrecy (Tavakoli, 2008). Moreover, this secrecy was extended to his clients as well, as they were not allowed to have online access to their accounts (Appelbaum, Hilz, & Paley, 2008). This affected the quality of the information and communication to support the internal control function, as it creates uncertainty.

lack of monitoring

Lastly, monitoring of internal controls is important to evaluate the operation of internal controls and ensure functionality (FEI Daily, 2014). However, as the internal controls were not properly introduced either way and Madoff’s power and secrecy might have prevented the company from evaluation, it is likely that little to no monitoring was actually done.

Google Sites

Report abuse