현대자동차 웹진

Interview

Insights from K-SOX Expert!

The Future Direction of Korea's Accounting System through the Perspective of U.S. System.

Jin-moo You, Partner (Deloitte-Anjin, KICPA)

Two years ago, an internal embezzlement incident worth 200 billion won at Company ○ caused a big stir in Korean society. As shocking as the astronomical amount of embezzlement was the fact that embezzlement and other corruption incidents occur in a variety of industries and departments, from manufacturing and service industries to the financial industry. Now, even companies that are trusted to have good internal controls are being caught up in embezzlement cases. This is because the company's internal control system, which prevents and detects corruption such as embezzlement, did not actually work.

At the end of last year, the Financial Supervisory Service legislated the internal accounting management system, which had been established and operated as a voluntary regulation, into the 'Internal Accounting Management System Evaluation and Reporting Standards'. According to this standard, which has been in effect since January of this year, the CEO must report to the audit (committee), board of directors, and general shareholders' meeting every year the company's core internal control activities to respond to the risk of financial fraud, such as embezzlement, in a prescribed form. In addition, the audit (committee) must consult face-to-face with management every year regarding fund-related fraud risks and additionally disclose details of communication with external auditors in the evaluation report. This is a warning from the supervisory authorities to no longer engage in formal governance activities that end with reporting.

Please introduce your company and yourself.

As a partner and expert at an accounting firm, what do you think of recent occupational fraud incidents such as embezzlement within companies, which have been observed from press?

This standard applies equally to domestic and foreign subsidiaries of listed companies with total assets of KRW 2 trillion or more. In particular, in the case of overseas subsidiaries, passive management by headquarters that relies on reports from a small number of expatriates, weak division of work related to funds, practice of sharing IDs and passwords, work structure in which slips are created without proper approval, lack of internal audit function, etc. There is an urgent need to improve the weak internal control environment.

What is interesting is that there was a large difference in the amount of fraud depending on whether there was an internal control system to prevent fraud. A representative example is rotational assignments, and the difference between the average amount of fraud in companies with rotational assignments and the amount of fraud in companies without rotations was the largest, more than twice. The recent incident in which an employee of a domestic bank embezzled approximately 300 billion won while working in real estate project financing in the same department for 15 years from 2007 is a clear example that shows the importance of rotational positions.

People tend to think less seriously about fraud incidents or internal control or do not consider it as their business. What is your opinion on this?

In fact, fraud accidents are caused by a small number of malicious people. Internal control is a necessary measure to prevent and detect them. However, it is true that most normal people do not have intention to commit fraud living ordinary life, so they are reluctant to be constrained or perform additional work originated from internal control practices. People think “I'm just doing my job with integrity, and this surveillance is very unnecessary”. So, I believe that resolving the gap between employees and upgrading the system is one of the important missions to be solved.

You have a lot of experience working for US companies. Could you briefly share your experience and their practice regarding control activity?

What I felt from auditing U.S. subsidiaries was that in the U.S., the internal process is completely “manual-centered.” For example, in Korea, fund transfers are often carried out after receiving verbal instructions and the approval process is often postponed to a later date. Whereas in the United States, the approval line is predetermined depending on the size of the transfer amount. As most of the procedures are performed based on manuals and approval will not be granted unless the process follows the manual. The advantage of this practice is that it can prevent accidents by blocking possible surprises in advance, but the disadvantage is that the speed of work process is very slow. For example, if the manual or policy requires the approval of two people when spending 1,000 dollars and if one person is absent, it is difficult to immediately process the payment and related evidence will not be provided. In other words, even if you have 90% of the evidence, you must wait until the remaining 10% is received.

Do you think this practice will be implemented to South Korea?

From the perspective of internal control, the current major trend in the Korean business environment is that the controls established by U.S. listed companies are equally applied to Korean companies. The control activities of Korean companies are becoming more sophisticated, and they are beginning to maintain appropriate evidence. Of course, fast work speed and flexibility are advantages of the Korean work environment, and it is important to maintain them. However, if standardization of work processes, construction of manuals, preparation of evidence documents are settled into the company's culture, it will also be possible to take advantage of the American work environment.

When talking about the work environment in the United States, you used approval process as an example. As the number of approvals to be processed increases, so-called ‘blind confirmation’ occurs, where approval is made without review. Are there a lot of blind confirmations in the U.S. and what are the ways to solve this problem?

Blind confirmation is currently a common issue across the world. It is necessary to review whether appropriate evidence is provided, but since the number of approvals carried out by the authorities is very large, blind confirmation accidents inevitably occur to process the work in time.

U.S. companies invest heavily in systems to solve this problem. By making the work process as automatic as possible, the burden on approval authorities is greatly reduced. Although it may take a lot of budgets to construct and operate the system, the most important thing is to prevent accidents by reducing the workload on employees.

Please give us a final word regarding the ICFR system.

Since the legal basis for the system was created, it seems that Korean companies have now begun to pay attention to ‘control’ to some extent. It seems that such an atmosphere is gaining ground, especially after reports of large-scale embezzlement. What is important in this situation seems to be our ‘thoughts’ in accepting it. I hope that internal control will become a natural part of work process rather than a burdensome task, and that this will serve as an opportunity for the working culture to become more mature than it is now. If appropriate control activities are naturally incorporated not only in financial accidents and embezzlement but also in various other areas such as sales, purchasing, human resources, and general affairs, we expect that the company's potential risks will be greatly reduced.

Home

[Contact Us]
Please contact to the email below if you have any questions.
sh.moon@hyundai.com (F&AP Team Seonghoon Moon Manager)

This newsletter has been sent for executives and employees to comply with K-SOX training obligation under the Korean External Audit Act (Enforcement Decree Article 9)