INTERNAL CONTROL IN SWEDISH SMALL AND MEDIUM SIZE ENTERPRISES
ABSTRACT
Small and medium size enterprises are currently the major part of economic activities through out the world. Nowadays, they represent about 99% of all types of enterprises in Sweden, with providing high job opportunities to its labor force as these enterprises need focus in their development; the internal control mechanism is a means and a way of directing, monitoring and measuring the SMEs resources. It plays an important role in preventing and detecting fraud and protecting the physical and intangible resources as well as leading to high efficiency of the business operation. Therefore, focusing on this business area is a timely issue and a rewarding one since it contributes a lot for the majority of business enterprise involved in SMEs. This study examines and describes the effectiveness of internal control systems in Swedish small and medium size enterprises. The study focuses on the main five components of internal control and their impact on achieving the company’s objectives. In so doing, the study creates a better understanding of effective internal control that may be applicable to the context of SMEs and establish theoretically the features of an effective internal control for sampled SMEs. To achieve this objective we formulate one research question: To what extent does the internal control system of SMEs comply with the principles of effective internal control? This is intended to look into how closely SMEs follow the virtues of effective internal control in their business operation.
Applying an inductive approach in qualitative interview, the study found out that, contrary to what is generally suggested, SMEs are aware of the importance of having a good internal control system. The findings of the research enabled the emergence of a theory grounded in the collected data. Indeed, the major features of an effective internal control system applicable for SMEs are found to be sound control environment, sound risk assessment process, sound operational control activities, effective information and communication system, effective monitoring and evaluation system. Therefore, the major findings of the research fit into the theoretical framework.
Key words: SMEs, internal control, control environment, risk management, control activities, information and communication, monitoring and evaluation
TABLE OF CONTENTS
Page
Abstract—————————————————————————- ii
Acknowledgements————————————————————— iii
Table of Contents————————————————————— iv
List of Tables & Figures——————————————————– vii
CHAPTER 1. GENERAL INTRODUCTION
Background information————————————————- 1
Research objective——————————————————— 1
Research question——————————————————— 2
Definitions of main concepts——————————————- 2
Internal control————————————————— 2
Internal auditor————————————————— 2
SMEs—————————————————————- 3
Enterprise———————————————————- 3
Significance of the study————————————————- 3
Why SMEs? Why Sweden?———————————— 3
Why the study is important———————————– 3
Delimitation of the study———————————————— 4
Organization of the study———————————————— 4
CHAPTER 2. RESEARCH METHODOLOGY
Introduction—————————————————————– 6
Research Philosophy—————————————————– 6
Positivism———————————————————- 6
Interpretivism—————————————————– 6
Realism————————————————————- 7
Philosophy of this research 8
Research strategy———————————————————- 8
Research types————————————————————- 8
CHAPTER 3. THEORETICAL FRAMEWORK
Introduction—————————————————————- 10
Definition——————————————————————- 10
Defining internal control————————————— 10
Defining small and medium size enterprises————— 12
Effective internal—————————————– control in SMEs— 14
What we mean by Effective Internal Control————- 14
The choice of COSO framework—————————– 15
Objectives of effective internal control system———— 16
Components of Effective Internal Control—————– 17
3.3.5 Principles of Effective Internal Control——————— 21
Roles and Responsibilities in Internal control—————————————— 24
Internal Control in the Swedish Code of Corporate Governance———————————– 25
Studies on SMEs 26
Studies on internal control in SMEs———————— 26
Finance-related studies—————————————– 28
Internationalization of SMEs——————————— 29
CHAPTER 4. RESEARCH DESIGN
Introduction 32
Research Assumption—————————————————————————————- 32
Research Approach 32
Ethical Considerations—————————————————————————————- 33
Empirical Observation—————————————————————————————- 33
Methods of data collection————————————- 33
Methods of Data Analysis————————————- 35
Research Criteria 40
Introduction 40
Reliability———————————————————- 40
Validity 41
CHAPTER 5. EMPIRICAL FINDINGS AND DATA ANALYSIS
General highlights on the empirical study
Major findings—————————
Awareness on internal control———————————-
Use of computer system
Levels of authority and responsibilities————————-
Risk mitigation
HR Policies and codes of conduct———————————-
Communication
Evaluations
Analysis———————————
Awareness of SMEs on internal control————————-
Control environment
Control activities
Risk management
Information and Communication—————————-
Monitoring and Evaluations——————————
CHAPTER 6. CONCLUSION
Introduction—————————–
Summary of main findings—————–
Limitations of the study—————–
Possible future research directions——
LIST OF TABLES
Page
Table 1 Theory, Research Design and Methods—————- 7
Table 2 SME thresholds———————————————— 13
Table 3 Imbalances between risks and controls——————– 19
Table 4 Principles of Effective Internal Control————– 23-24
Table 5 Internet Search results………………………………………… 27
Table 6 Influencing factors of competitiveness in SMEs……… 29
Table 7 Four Stages of Analysis in the Adapted Grounded Theory 37
Table 8 Examples of codes and concepts from the data in case of small
enterprises—————————————————— 38
Table 9 Characteristics of Sample SMEs ————————– 42
LIST OF FIGURES
Figure 1 Diagrammatical emergence of the category “Information
Technology as a mechanism for effective internal control” 35
Figure 2 Control Environment—————————————– 44
Figure 3 Control Activities———————————————- 45
Figure 4 Risk Management———————————————- 45
Figure 5 Information and Communication————————– 46
- GENERAL INTRODUCTION
This introductory chapter provides a general background to the research. It also presents the general objectives of the study and the research questions are also formulated under this chapter with the view to make the research focused on specific relevant issues. In what follows, definitions are given for major concepts frequently used in the study. The significance and delimitation of the research is also discussed and finally, a highlight on the organization of the research paper is provided.
- Background information
Small enterprises and medium-sized enterprises are defined by their size, turnover or balance sheet total. In the European Union, small enterprises have between 10 and 49 employees and an annual turnover not exceeding EUR 7 million or an annual balance-sheet total not exceeding EUR 5 million. Medium-sized enterprises have fewer than 250 employees. Their annual turnover does not exceed EUR 40 million or their annual balance- sheet total should be less than EUR 27 million. In the case of Sweden, all enterprises with fewer than 250 employees are categorized as medium size enterprises and those with fewer than 50 employees are categorized as small (European Commission, 2003, p. 1).
SMEs constitute currently the major part of economic activities in the Sweden. Nowadays, they represent about 99% of all types of enterprises in Sweden and provide high job opportunities to its labour force (Nutek, 2004, p. 15). This business structure is not different from the EU business structure.
Internal control is a means by which resources of these SMEs are directed, monitored, and measured. It plays an important role in preventing and detecting fraud and protecting the physical and intangible resources; moreover it leads to high efficiency of the business operation. Therefore unless they have strong internal control system to monitor and run their businesses, the prospect of bankruptcy threatens each and every Swedish SME (Sampson, 1999, p. 4).
The focus of this research is to examine the effectiveness of internal control systems in small and medium size enterprises in Sweden. Therefore, focusing on this business area is a timely issue and a rewarding one since it contributes a lot for the majority of business enterprises involved in SMEs.
- Research objective
The general objective of this research is to examine the effectiveness of internal control systems in small and medium size enterprises in Sweden. In so doing, the research create a better understanding of effective internal control that may be applicable to the context of SMEs and establish empirically the features of effective internal control for SMEs in Sweden .
- Research question
Since our research objective is set to study the effectiveness of internal control in Swedish SMEs, the main problem that this research paper intends to address can be formulated in the form of the following research question: To what extent does the internal control system of SMEs comply with the principles of effective internal control?
This question is believed to be central to the research as it guides all the way forward to the conclusion. Indeed, for a system of internal control to be effective, it needs to abide by certain standards of effective internal control. The research question intends to look into how closely SMEs follow the virtues of effective internal control in their business operations.
- Definitions of main concepts
In what follows, a general definition of some main terms is given in order to restrict their respective meaning to the sense they are employed in this research on SMEs so that the research question is addressed adequately. A detailed discussion of these concepts is to be found in the review of literature in Chapter Three.
- Internal control
Internal control means a system and a process established and operated within a small and medium sized enterprise for it to carry out its operation in a proper and efficient manner. Major examples of its objectives are ensuring compliance (abiding by laws and regulations), ensuring trust in financial reporting and increasing operational efficiency (COSO, 1992, p.2).
- Internal auditor
By contrast to the external auditor, the internal auditor is an employee of the SME with the major task of advising management on whether its major operations have sound systems of risk management and internal controls (Putra, 2008, p. 1).
Internal audit’s role in evaluating internal controls is wide ranging because ‘everyone from the mailroom to the boardroom is involved in internal control’ (Institute of Internal Audit, 2008). The internal auditor’s work includes assessing the tone and risk management culture of the organization at one level through to evaluating and reporting on the effectiveness of the implementation of management policies at other SMEs (Institute of Internal Audit, 2005, p. 1).
- SMEs
Small and medium sized enterprises are commercial business entities that are generally distinguished from large companies by their size and turn-over. Medium-sized enterprises have fewer than 250 employees and annual turnover not exceeding EUR 40 million. Small enterprises have fewer than 50 employees and an annual turnover not exceeding EUR 7 million (European Commission, 2003, p. 1).
- Enterprise
Enterprise refers to a unit of economic organization or activity, especially a business organization (Merriam-Webster, 1977, p. 380)
