THE ROLE OF INTERNAL CONTROL IN RISK MANAGEMENT ( CASE STUDY OF ZENITH BANK)
CHAPTER ONE
All forms of economic activities are confronted with risks. Some of these risks, both internal and external, involve huge losses that could deprive a firm from its continuity if the proper management is not put in place. These days, managing risk has become a matter of necessity. This thesis looks at risks faced by firms in the financial sector in Nigeria , how these risks are managed and the systems of control used to mitigate them using Zenith bankof Nigeria as a case study. Risk has been defined as “uncertain future events that could influence the achievement of the organization’s strategic, operational and financial objectives” (IFA, 1999). “Risk can be defined as the combination of the probability of an even and its consequences” (IRM et al., 2002).
The aim of every profit-making organization is to earn profit, stay in business for a long time, meet customers’ demand and expectations, pay their debts when they fall due and satisfy the aims of stakeholders. These objectives are easily achieved if the owner and manager of the company is the same person. However, as the business grows and expands, the need for additional employees arises and the owner employs more and more people to help manage the company. This gradually results in what is called in business terms “separation of ownership and control” (Smith, 1776). At this point, the owner realizes that precautions must be taken to protect the company as well as the interest of the owner. The issue of ownership and control becomes more complicated if a company is big and listed on a recognized stock exchange. That is, a company with much more capital investment both in cash, assets and personnel. Thus, the owners need an assurance that the intended objectives of the company would be achieved, assets of the company would be protected from theft and mismanagement, the accounting information would be received on time and that they would be accurate and reliable.
The weaknesses of many companies’ control systems have been highlighted due to the big financial scandals of recent years (between 2001 and 2003) and as a result increased attention on risk management, internal controls, internal audit and their role in modern organizations. The implementation of the Sarbanes-Oxley Act 2002 (SOX), which was enacted by the US Congress, in response to a number of major corporate and accounting scandals including those affecting Enron Corporation, Tyco International, WorldCom and others, is an evidence of major steps taken by governments to revise company regulations (Coates, 2002).
