This China Briefing edition focuses on the practical application of business controls and auditing within the Chinese context. It highlights the importance of internal controls and audits in detecting and preventing fraud, with an emphasis on their role in companies expanding their operations in China. The content includes:
- An overview of internal controls and audits in the Chinese business environment.
- Regulatory frameworks governing internal controls and audits in China.
- Practical lessons from operational audits to enhance internal controls.
- Strategies for using internal controls to prevent fraud, including a checklist for verification.
The edition underscores that as more companies prioritize Chinese operations as part of their growth strategy, inefficient internal control systems are no longer an option. It encourages understanding effective internal control systems within the Chinese context and the role of audits in identifying and preventing fraud.
Key points include:
- Internal controls are processes designed to establish reasonable safeguards, aimed at operational effectiveness, financial information reliability, compliance with laws and regulations, and asset protection.
- Internal controls and audits are essential in detecting and preventing fraud, especially in smaller companies where potential for fraud might be higher.
- Companies subject to foreign parent company codes or international regulations like the U.S.' Foreign Corrupt Practices Act face unique challenges in implementing effective internal controls and audits.
- The Chinese business environment presents specific risks and different understandings in implementing internal control and audit systems.
The edition provides insights into how internal controls should be implemented, evaluated, and verified continuously to effectively manage risks. It also touches on the importance of ongoing expansion and adaptation of internal control processes to address emerging risks such as new market regulations, reputational risks related to media, and growing information technology risks.
The text concludes by emphasizing the need for continuous improvement of internal control processes to adapt to these evolving risks. It stresses the importance of effective communication, risk identification, and a clear message from top management about the seriousness of control responsibilities. It also notes the findings of a study suggesting that internal audits in China may not be as effective in identifying risks compared to global audits, despite awareness of risks not being reported to senior management.
