top banner

Control Chatter                                                   May 2018
News that Control Professionals Need to Know

 Quick Links
 *All New* Internal Control online courses
ici logo
The ICI "Certification Series" has been completely updated and is available online to everyone around the world!  Course content prepares individuals to design and/or assess internal control and to assist management in installing internal control processes. In addition, the series prepares candidates for the Certified Internal Control Specialist (CICS) Examination.
To review the course catalog click here: ICI Course Catalog
To register for one or all of the online training programs click here:  

Online course pricing has been reduced by over 70%, so get started today! 
****Limited Time Only****
Test your Knowledge of Internal Control
*** Take the  Internal Control Knowledge Mini-Assessment ***
The Internal Control Institute has developed a CICS Common Body of Knowledge Mini-Assessment that helps an individual determine their knowledge as it relates to governance and control practices. Results point out areas of knowledge that may require additional training and experience. The assessment also provides a measurement to the individual's readiness for CICS certification. The assessment measures core knowledge in eight critical areas including: Internal Control - Principles, Terms and Concepts, Internal Control Environment, Risk Management, Assessing Application Controls, Business System Control Assessment, Risk Assessment, Internal Control Measurement and Reporting, and Governance Practices
In This Issue
All New Internal Control online courses
Internal Control is Risky Business
ICI Announcements
How to Prevent Internal Control Breakdowns and Workplace Harassment
Overcoming the fraud triangle
PCAOB fines Deloitte $500,000 for faulty audits of Jack Henry
Three Markers Of An Ethically Sound Board
Wells Fargo Altered Documents About Business Clients
Aussie Exchange Official: Internal Audit Needs to Toughen Up
Samsung Securities Disciplines Employees Who Sold 5 Million 'Ghost' Shares
Indian regulators crack down on battered banking sector
Internal Control is Risky Business
By Michael Pregmon, Jr., Ph.D., CICP
COO and Managing Director
Dr. Michael Pregmon, Jr.
COO and Managing Director 
Last month we discussed the fact that many organizations fail to install adequate controls and then are surprised when they experience fraud or embezzlement, etc. Why does this happen so often? The reason is because of the relationship between controls and business risk.
The correlation between internal control and business risk is an inverse relationship. That means the more internal controls that are installed into an organization, the lower the level of business risk. This is also why smaller companies and those run by business owners are particular vulnerable. Medical and dental offices tend to be smaller in size and likewise fall into this category. The old saying: "familiarity breeds contempt" truly applies here! Business owners who are running their business tend to reluctantly introduce controls because they feel these will impact their personal relationship with their "trusted" employees. After all, why install a system of "checks and balances" upon the activities of a trusted friend and employee? But, this is a costly mistake for many businesses.
The Internal Control Common Body of Knowledge (CBOK) clearly covers this fallacy as follows:
" Segregating Custody of Assets from Accounting
The reason for not permitting the person who has temporary or permanent custody of an asset to account for that asset is protection against defalcation.  When one person performs both functions, there is an excessive risk of disposing of the assets for personal gain and adjusting the records to cover it up."
In the text entitled "Enterprise Risk Management Best Practices" author Anne M. Marchetti explains the two categories of fraud. These are (a) fraudulent financial reporting and (b) misappropriation of assets.
She goes on to explain:
     "Fraudulent financial reporting may be accomplished by:
  • Manipulation, falsification or alteration of accounting records
  • Misrepresentation in or intentional omission from the financial statement of events,transactions, or other significant information. 
  • Intentional misapplication of accounting principles relating to amounts, classification,manner of presentation or disclosure.
  • Misappropriation of assets may be accomplished through stealing, embezzling or individual or group facilitation of payment for goods or services that were not received."
Interestingly, time after time we at the Internal Control Institute learn about fraudulent occurrences that fit exactly into the categories outlined above. Perhaps a more appropriate title to this brief article should be "Lack of Internal Controls is Risky Business." You be the judge!
The Internal Control Institute™ (ICI) improves organizational Internal Control worldwide by providing training, products and services and individual Professional Certifications recognized internationally. The Institute's Board of Advisors has determined it would like to further expand into areas where it is not directly represented. ICI provides world-class programs and its intellectual property to affiliates free of charge and shares all program revenue with them. If your organization is interested in partnering with ICI to earn revenue while you contribute to the development of the internal control profession worldwide please contact Dr. Michael Pregmon, Jr., Chief Operations Officer, by email at: or by phone at 727-538-4113   in the USA. 

ICI Affiliate News:

The Internal Control Institute is conducting certification training in a classroom format for the internationally recognized CICS (Certified Internal Control Specialist) certification in internal control. Information on these programs regarding dates and schedules can be found on the Events tab on our Website or directed to the affiliate named below.

ICI Course Internal Controls, Risks, and Compliance - May 2018 - Nextel

Training Plans :
Porto Alegre June 25-29, 2018
Curitiva July 16-20, 2018
Belem August 6-10
Belo Horizonte August 27-31, 2018

For more details on planned training please check on the website below, or send a message to Mr. Eduardo Person Pardini

CICS Wuhan Training Course 05/06/2018
CICS Shanghai Training Course 05/13/2018

Training Plans:

Hangzhou June 7-10, 2018
Beijing June 20-23, 2018

International Association for Internal Control The headquarters of ICI China has moved to a new location.  T he new address is as follows.  Individuals or companies interested in internal control training and Certification should contact:  
Mr. Qiu Jianting
Room 1039, Block A, Jinmao Building, No. 18, Xizhimenwai Street,
Xicheng District, Beijing, China
Zip Code: 100044
Mobile phone: 13810588109

ICIB president Yves Dupont presented his association and their development in the area of Control Self-Assessment at the FERMA Forum (European Risk Managers association)  in Monte-Carlo. He hereby highlighted the complementarity between risk management and internal control, insisting on the role of first line operational management. For more information:

For more information on scheduled training and exams please contact Mr.Yves Dupont of ICI Belgium at: 
For more information on upcoming activities in this area please contact Mr. Summit Goyal of
ICI India at :
Phone: +91 9810575613

Myanmar and Cambodia:

ICI is proud to announce it has entered into an agreement with Better Business Governance - APAC PTE LTD (BBG) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in Myanmar and Cambodia.  Better Business Governance will be responsible for all development activities, including professional training and Certification.  For more information on upcoming activities in this area please contact:
Better Business Governance
Mr. Sanjeev Gathani
1 Claymore Drive
#08-14, Orchard Towers (Rear Block)
Singapore 229594
ICI Mexico is working  to translate training course materials into Spanish and also to develop the web page for ICI Mexico in Spanish.  For more information on upcoming activities in this area please contact the following:
Antonio Salas Hernandez CICP,  Email: 
Joaquin Prendes Herrera, Email: 

Middle East:
The CICS exam is now being  provided in Arabic.  Osool Training and Consulting has courses and testing available in Jordan, Libya, Muscat, Sudan, Qatar, the United Arab Emirates, Kuwait and Palestine. 

9th Auditing Forum held in cooperation with ICI Amman, Jordan May 2018

Training Plan 2018

Certified Internal Control Specialist (CICS) Khartoum-Sudan July 16-24
Certified Internal Control Specialist (CICS) Amman-Jordan October 7-16

Interested applicants in that region should contact Osool for scheduling for future programs.  For additional information on scheduled ICI Certification and program sessions, please contact:

Lina Salameh
Assistant General Manager
O SOOL for Training & Consulting
Mob Oman:  +968 95 98 98 20
Mob Jordan: +962 7 99589666
Tel:   +962 6 5927171 Ext. 107
Fax:  +962 6 5927172

Leadway Consulting conducts CICS training sessions and examinations in Nigeria. For more information on upcoming activities in Nigeria  please contact:
Mr.  Joel Aluko

For more information on activities in Pakistan individuals or companies should contact : Muhammad Farooq Hammodi

Singapore, Malaysia, Indonesia and Taiwan:
ICI has entered into an agreement with GRC Consultancy Pte Ltd. (ICI Singapore, Malaysia, Indonesia and Taiwan) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in those territories.  

Individuals or companies interested in internal control training or Certification should contact:
General enquiries for all 4 markets -
Singapore - Mr. Bob Seetoh -
MalaysiaMr. Melvin
IndonesiaMr. Barry Dingga -
Taiwan - Ms. Mickey Tai -


ICI Turkey plans for 2018 include:
  • Opening 6 CICS training courses in Ankara and Istanbul. 
  • Providing full scope of ICI services in Turkey, as well as a specific corporate internal control accreditation system with ICI Headquarters. The government institutions, banks and corporations will be accredited jointly by ICI and ICI Turkey based on a certain rating/assessment program. 
  • Targeting banking and public institutions with the main objective being to introduce ICI and Professional Certifications to these 2 industries. More than 2000 professionals will be made aware of and familiar with ICI and ICI' s Certifications. 
For information on scheduled ICI Certification and program sessions, please contact ICI Turkey at it's  new address or the individual contacts below:

Ms. Ilknur Tunc,  VP -
Dr. Bertan Kaya -
GOP Mahallesi, İran Caddesi, Karum İs Merkezi
No:21, D Blok, 4. Kat, D:398-399

+90 (312) 4425015 T
+90 (533) 4474444 D
CICS-CICP® Preparation Training is planned for  HCM CITY starting June 16th.  Saturday, Sunday  Morning: 08:30 - 11:30  Afternoon: 13:30 - 14:30  4 days June 16,17,23 and 24.

The plan for the CICS examination in Vietnam: 


For more information on upcoming activities in Vietnam please contact: NGUYEN THANH TUNG (MBA. M.Eng, PhD.) Director, FMIT Institute of Financial Management & Information Technology
Level 5, 126 Nguyen Thi Minh Khai Street, Ward 6, District 3, HCMC, Viet Nam
Office: 848 3803 5020 - 848 3512 9371 - 848 3512 7652


Certified Internal Control Specialist (CICS) Certification Workshop
May 29-June 1, 2018
Rainbow Towers, Hotel Harare
CICS Exam is scheduled for June 28th, 2018
For more information on activities being planned please contact:
Mr. Proctor Nyemba at:
2018 Internal Controls Training Calendar:  View the Training Calendar
Internal Control Chatter  
Each month the staff of The Internal Control Institute reviews hundreds of articles related to Internal Control and Corporate Governance. Here are brief summaries of some of the top articles (along with links to the original article) that may be of interest to you.
How to Prevent Internal Control Breakdowns and Workplace Harassment
By Sonja J. McGill
May 16, 2018 
Robust internal controls are vital for companies to detect and remedy fraud, waste and abuse, i.e., embezzlement, as a component of its financial oversight. Incorporating similarly robust internal controls for addressing sexual harassment complaints must be a priority, particularly when the targets of such claims are executive or C-suite leadership for publicly traded companies.  The rapid downfall of Steve Wynn at Wynn Resorts is a cautionary tale detailing why incorporating such systems is of paramount importance. The Wall Street Journal recently  recounted several instances  where implementing a dynamic internal controls system would have provided senior management, and the board of directors, with proactive measures to change the company's culture prior to Wynn's speedy demise from the company late last year.
Overcoming the fraud triangle
Financier Worldwide Magazine
June 2018  
Despite the efforts of authorities around the world, corrupt and fraudulent behaviour continues to flourish, with a debilitating economic effect. According to data published by Experian, fraudulent activity now costs the UK alone £190bn per year. The public sector loses an estimated £40.3bn a year, while fraud in the private sector costs the UK economy £140bn. According to PwC's 2018 Global Economic Crime and Fraud Survey, 49 percent of organisations said they have been a victim, up from 36 percent in 2016. And while this increase could, in part, be due to growing global awareness of the threat, the unfortunate truth is that companies today operate in an increasingly challenging environment in which both internal and external threats are becoming harder to repel. Many organisations are also unaware of the full extent of the threats they face.
PCAOB fines Deloitte $500,000 for faulty audits of Jack Henry
The Public Company Accounting Oversight Board censured Deloitte & Touche LLP and imposed a $500,000 penalty against the Big Four firm for overlooking material accounting errors during three consecutive audits of Jack Henry & Associates, Inc., a Missouri-based IT provider for banks and credit unions.
The PCAOB charged Deloitte with violating its rules and auditing standards in its fiscal year 2012, 2013 and 2014 audits of Jack Henry. It found Deloitte was primarily responsible for the violations because none of the engagement personnel the firm assigned to audits of Jack Henry had enough software industry experience and knowledge (including of the relevant accounting rules) to properly evaluate and audit the accounting for software license revenue.
Three Markers Of An Ethically Sound Board
BY Patrick Quinlan
For decades, CEOs have largely been seen as the top rung of the ladder, the ultimate decision makers and the source of "tone at the top," to use an overused phrase. That perception is by no means wrong, but the buck doesn't stop there. There's one more rung of the ladder: the board of directors.  Any business executive is well aware the board is essentially their boss, but to the general public, the board's role in business ethics and values hasn't always been so visible. In the last few years, that's changed. The board has emerged as the ultimate and more external-facing layer of corporate accountability.  Why? We're undergoing an ethical transformation across industries -- from Silicon Valley to Hollywood and beyond -- and  more CEOs are being fired  for ethical lapses than ever before. When the CEO messes up, members of the board become the voice we hear most clearly in the midst of corporate turmoil. 
Read the Article
Wells Fargo Altered Documents About Business Clients
Wells Fargo recently discovered that some workers altered documents about business customers, raising new concerns about the embattled bank's  internal system  of checks-and-balances.  The improper activity took place in 2017 and early 2018 and was brought to light by multiple Wells Fargo employees who alerted  management , a person familiar with the matter told CNNMoney.
The  document  altering happened in Wells Fargo's business banking group, which caters to medium-sized businesses with annual sales of $5 million to $20 million.  A Wells Fargo investigation found that some employees may have broke with procedure when they changed forms that are required by anti-money laundering laws, the person said. 
Aussie Exchange Official: Internal Audit Needs to Toughen Up
E lizabeth Johnstone, the chairman of the ASX Corporate Governance Council in Australia, has a frank message for internal auditors: stop being intimidated by company executives and board members.  While Johnstone was addressing risk and governance failures in Australia, including multiple scandals at the Commonwealth Bank of Australia, her words serve as a good reminder to internal auditors everywhere to "speak truth to power," escalate problems that go unresolved, and to demand accountability.  "From my own research, I have found instances where internal auditors have found issues but didn't follow through to a satisfactory resolution," Johnstone said during a speech today in Melbourne to the  Internal Auditors Conference . She told the group of internal auditors that too often they have been intimidated into changing reports or have not been bold enough to confront those in positions of power with their concerns.
Samsung Securities Disciplines Employees Who Sold 5 Million 'Ghost' Shares
The announcement comes a month after a trader at the firm mistakenly issued $100 billion-worth of stock to employees
By David Kimberley
May 23, 2018
Samsung Securities,  a South Korean investment firm , said this Wednesday that it has taken action against a number of employees involved in a dividends error last month. The 'Fat Finger' crisis led to the firm mistakenly issuing stock and giving it to their employees as dividends.  The error occurred last April when a trader was supposed to send 2.8 billion won ($2.6 million)  worth  of shares to employees as dividends. Instead, the trader sent 2.8 billion shares, worth approximately $100 billion.  Despite repeated warnings from the company, some employees quickly  sold off approximately 5 million shares . The sixteen employees that sold off shares will either be suspended, dismissed or have their pay cut. Five others who attempted to sell off their shares will face similar punishments.
Indian regulators crack down on battered banking sector
Nirav Modi's alleged $2 billion fraud and huge weight of bad debts are forcing authorities to implement a regulatory overhaul
Just a few days into his role as the acting Indian Finance Minister, Piyush Goyal, took on a major task - to try to clean up the country's beleaguered banking system.  Mr Goyal, whose usual role is as the Railways and Coal Minister,  last Thursday gathered together the heads of 11 of India's ailing public sector banks in New Delhi, as the industry continues to reel under the impact of the country's largest ever bank loan fraud that came to light this year and the weight of bad loans. " I am extremely confident that we will be able to overcome the banking sector legacy issues in a very short period of time," Mr Goyal posted on Twitter following the meeting. Known in political circles as a troubleshooter, he is standing in for Finance Minister Arun Jaitley, who underwent a kidney transplant  last week.
Control Quotes
Individual commitment to a group effort - that is what makes a team work, a company work, a society work, a civilization work. 
Vince Lombardi
Help Keep Everyone Informed...
If you see a news story concerning internal control or corporate governance that you feel is important for other professionals to know please send it to us .
ici logo The Internal Control Institute™ (ICI) is a worldwide organization  devoted exclusively to internal control and corporate governance. The Institute is dedicated to the development of world-class educational programs and best practice guidelines on internal control and corporate governance, based on the Sarbanes-Oxley Act and the COSO internal control framework.  Visit us on the web at the Internal Control Institute
Control Chatter is a monthly news summary of the top stories concerning internal control and corporate governance.  Control Chatter is prepared by the staff of Internal Control Institute for the benefit of their members and associates. Please consider it for your personal use or pass it on to associates who may have an interest in one or more of the topics by clicking on the Forward email button below.