Abstract
The present paper aims to identify the role of internal audit function in risk management from the perspective of risk managers in banks operating in Palestine, with a review of the concept, importance, objectives, and principles of internal audit and its role in risk management for banks. The target population is the risk managers in the banks operating in Palestine. The major findings in the presented paper. First, the main factor in risk management is the risk manager's efficiency, and the internal auditing focuses on evaluating the risk management department and ensuring the efficiency of risk management practices in dealing with these risks. Second, the internal audit departments in the banks operating in Palestine participate in providing advice, suggestions and recommendations for the risk management department. Based on the results, the board of directors and senior management in these banks should continue to pay attention to the risk management department, and the need for coordination between these departments to achieve the best results at the banking and economic levels.
JEL classification: M42, G32
Keywords: Internal Audit, Risk Management, Efficiency of Internal Audit.
(ProQuest: ... denotes formulae omitted.)
1. Introduction
Banking risk management is one of the most important topics that bankers are interested with globally, this increased in importance after the financial and banking crises (Sarens & Beeide, 2010). The global financial crisis of 2008 led to a highlight on risk management science (Petitjean, 2013). The world is witnessing rapid development and changes in the business environment with artificial intelligence, thus business organizations are moving to develop effective structures, processes, and reengineering their operations, to add some accountability in line with their need for more relevant and reliable information for decision-making (De Loach, 2016). The main trait that governs the activity of banks is how to manage risk rather than avoid it, as a result, the role of internal audit by identifying, measuring, and disclosing these risks in a way that the users of the financial statements can judge the bank effectiveness in manage and control risks that may be exposed in the future to make the investment decisions and other decisions (Norman et al., 2010).
Many international companies faced financial defaults and collapse at the beginning of the current decade. There has also been widespread debate about the role of the internal auditor in risk management. The new risk management framework has raised many questions about its concept, components, and its relationship to internal control and the relationship to institutional control. Banking regulations have been active in this function in many countries of the world due to poor supervision of risk management, and have introduced multiple risk initiatives, calling on banks to invest in the banks structure, in order to consolidate its operations and database, to developing a sound risk management framework serving the regulatory authorities (Spira & Page, 2005). The risk management department is independent in most of the financial institutions and the risk manager is responsible to deal with the process of identifying, assessing and controlling threats to an organization's capital and earnings (Kerazan, 2016). From the above, there is a global interest in risk management and the role of internal auditor in risk management, which requires to explore and explain this role. Thus, the problem of the study is clear in the following question:
What is the role of internal audit in risk management from the perspective of the risk managers? The following sub-questions:
-What is the extent to which are the internal auditors identifying, assessing, controlling to risks, evaluating response procedures, and their role in activating the performance of risk management? -What is the extent to which compliance with auditing standards on the effectiveness of risk management?
-What is the extent to which the internal auditor has to understand the importance of risk management?
Some executives believe that there is no need to increase the number of employees and pay attention to risk management departments because their costs are more than their benefits, and internal audit departments carry out the tasks of these departments in banks operating in Palestine, as a result, the importance of the study to know the role of internal audit in mange the risks from the perspective of risk managers, and based on the results we can determine if the boards of directors must pay more attention to risk management departments in the Palestinian banking sector, in addition, to provide suggestions to enhance this sector one of the main engines in the economy.
2. Theoretical Framework
2.2 Internal Audit
The concept of auditing has evolved significantly as a result of the development of economic projects and the internal control system emergency, it is no longer just a means of maintaining cash, the main function to ensure that the objectives of the company are achieved, and its one of the best ways to avoid deficiencies in the company. Effective internal control is essential for any enterprise because it contributes to support the implementation of policies and objectives (Onumah, 2016).
The Institute Internal Audit (IIA, 2015) addressed the quality of the internal audit, through specific criteria, which include the characteristics of institutions and individuals performing this job (SOX, 2002). IIA 1100 this standard indicated that internal audit activity should be independent, and auditors should be objective (integrity). IIA 1110 noted that the audit managers should communicate with an administrative level within impartiality while performing their work, and the institution allows internal audit activity to carry out its responsibilities the auditor shall possess the knowledge, skills, and competencies required to perform their functions (Armour, 2012). In general, the quality of the internal auditing is determined by the objectivity and independence of internal auditors (Bazerman et al., 1997). Internal audit is one of the most important functions of organizations, an independent and objective activity that provides assurance, consulting services to add value to the organization and improve its operations. This activity helps to achieve the organization's objectives through a systematic approach to evaluating, improving the effectiveness of governance, risk management, and control process (Suddaby et al., 2006). In the following the main roles that must be carried out by the employees charged with internal audit functions:
1. Help top management: internal audit is an objective, advisory activity as it provides advice and assistance to management in addition to its role in providing management consulting services to serve the company to improve and improve its performance (Holm & Zaman, 2012).
2. Helping to achieve the objectives: internal audit helps the organization achieve its objectives as an essential pillar of governance and risk management that threatens the organization's objectives, as well as its role in the search for the long-term success of the enterprise.
3. Evaluation and development of the company: the internal audit process compares what is planned with what is actual and ensures good control. Evaluation techniques that are applied in a professional and fair must be used to provide reliable results. The valuation also helps to improve the organization's operations. However, the audit staff asks questions and examines a set of records so the results are unreliable (De Zwaan et al., 2011).
4. Improve the operations of the company: the internal audit works to improve the operations of the establishment. The task of the internal auditor is no longer the inspection, but rather the contribution to the continuous improvement of the organization (Brody & Lowe, 2003).
5. Increase the value of the company: if the company has professional internal auditors in apply their tasks in addition to auditing standards this will be affected positively indirectly on the market value of the company.
To achieve the objectives of the audit and supervision of the work of banking institutions requires taking into account the administrative, financial, and accounting principles as follows:
1. Administrative Principles. The administrative bases on which banking performance is based are important to achieve the objectives of the internal audit process in terms of the clarity of the banks main and secondary objectives, where those responsible are guided by working towards achieving these objectives. The division of labor, through which cost, responsibility centers are determined and specific work assigned to each department. Thus, facilitating the audit and control process. The application of liability accounting based on the division of labor, so that the administrator in each department or department can be held accountable for the shortcomings of its work, after giving some authority commensurate with the responsibility entrusted to him (Kerazan, 2016). Management of the exception, where the attention is paid to issues that deviate from what they should be by informing the senior management levels of any fundamental changes facing the middle and lower executive departments during implementation or any defect or failure in the actual performance of the target performance to analyze the situation and find the solutions.
2. Financial and Accounting Principles. The internal audit department focus on set of financial and accounting principles to achieve the objectives of auditing and supervising the activities of banking institutions, the most important of which are (IIA, 2015): Liquidity control, means that the bank maintains some of its customers' deposits in cash or cash equivalents that can be converted into cash very quickly. This is achieved by finding a balance between the amount of cash held and the amount of cash invested in addition to there is no a deficit leads to risk. Providing safety, means ensuring the rights of the banks customers and making them available to them at the time they wish, which means a positive relationship between security and liquidity. However, high safety leads to loss of investment opportunities for the bank, the bank management must find a balance between the amount of liquidity required and the degree of safety required. Maximizing profitability is achieved by the rational decisions for the liquidity and the degree of safety, which depends on the types of deposits.
Commercial banks are the backbone of the economy in all countries, IFAC's International Auditing Practice (1006) 1990 defines the bank as a type of financial institution recognized as a bank by the official authorities of the countries in which it operates, is limited to using the term "bank" as part of its name (Lin & Hwang, 2010). The main function of the commercial bank is to accept deposits and provide loans in addition to other financial services, such as buying, selling foreign currencies securities, issuing accepting bills of exchange, guarantees, letter of credit, and other banking activities (COSO, 2014). In the recent years the banking sector witnessing increase the complexity of banking services, therefore the internal body is required tasks and responsibilities of monitoring and monitoring of performance, so the internal audit process is gaining significant importance in banks, where all departments and activities of the bank must be subject to an internal audit, without excluding any activity from the scope of this work. The following are the most important procedures to be performed within the internal audit functions (IIA, 2015):
- Evaluate of sustainability of information systems.
- Evaluate the level of reliability (including accuracy, integrity, and inclusiveness).
- Assess the appropriateness of financial and administrative information for decision-making.
- Check the efficiency and effectiveness of the work.
Therefore, the responsibility of the internal audit department to give adequate attention to the legal and regulatory controls that achieve the objectives of supervision in the business, including the policies, methods, rules, and principles issued by the competent authorities in banking. The internal audit department also requires the return of risk management systems, linking the level of risk to the level of capital adequacy; and the extent of compliance with the banks general policies. The internal audit department should also not only perform activities within the banks departments but must pay attention to all clients to ensure that risks are low. The internal audit department should prepare a comprehensive audit plan to review banking operations based on risk assessment-related activities and discuss this plan at the board level to achieve better banking performance (Amoush, 2017).
2.2 Risk Management
Risk management can be defined as a scientific approach to dealing with pure risk by anticipating potential accidental losses and designing and implementing procedures that would reduce the financial impact of losses to the minimum (Norman et al., 2010). The risk management committee has been defined as identifying, analyzing, and control of these risks that threaten the assets or management capacity of the project (Anette, 2013).
2.2.1 Types of Risks in Banks
Since banking is inherently exposed to high risks due to its reliance on depositors' funds that are legally considered borrowed funds from third parties, it is necessary to take care to maintain them by employing them in the areas of achieving banking revenues, on the one hand, providing liquidity and safety for these funds (Arena et al., 2016). On the other hand, banking management should take the necessary care to identify and assess risks to its various operations, including:
A)Financial Risk
1. Liquidity risk. The risk that the bank may face unscheduled inflows of its customers' deposits abroad due to a sudden change in the behavior of depositors (Pender, 2001). Such a situation could impose on the bank an unusual activity in short-term financing to refinance the gap caused by the lack of liquidity in the market at prices it is the responsibility of ensuring sufficient liquidity in the bank to its board of directors and senior management (Miller et al., 2006). Accordingly, the bank is required to prepare comprehensive liquidity policies that focus on the items within the balance sheet and off-balance sheet. To reduce the liquidity risks Basel Committee issued several instructions and equations to evaluate these risks like liquidity coverage ratio (LCR) and net stable funding ratio (NSFR) In the following the parts of these equations (Basel Committee, 2013 and 2019):
Liquidity Coverage Ratio (LCR) = ... (1)
HQLA = AL 1+ AL 2 (A) + AL 2 (B) - Max (1.1)
Where:
AL1: Assets Level 1 assigned 0% risk-weight
AL2 (A): Assets Level 2 (A) assigned 20% risk-weight
AL2 (B): Assets Level 2 (B) assigned > 20% (Debt securities and bonds not issued by banks)
Max: Adjusted Level 2A+Adjusted Level 2B - (2/3·Adjusted Level 1+Adjusted Level 2B - (15/85 · Adjusted Level 1 + Adjusted Level 2A).
Note: AL2 < 40% of HQLA and AL2 (B) < 15% of High Quality Liquid Assets (HQLA)
NCOF = TCOF - (TCIF or 75% GOF) (1.2)
Where:
TCOF: Total Cash Outflows
TCIF: Total Cash Inflows
GOF: Gross Outflows 75% (If less than TCIF)
Net Stable Funding Ratio (NSFR) = ... (2)
Where:
AASF: Available Amount of Stable Funding
RASF: Required Amount of Stable Funding
2. Market risk. These risks are caused by general price and policy changes at the level of the economy as a whole, and private market risks arise when there is a change in the prices of particular trading assets or instruments due to their circumstances (Liebenberg & Hoyt, 2003). Market risks are divided into:
a) Interest rate risk. This risk arises from interest rate fluctuations, which may result in significant losses to the bank if the re-pricing of both liabilities and assets is not consistent (Power, 2004). These risks are compounded in the absence of an information system that allows to determine the rates for a cost for liabilities and the sensitivity of items in the balance sheet for interest rates.
b) Exchange rate risk. This type is faced by the bank in fluctuations of exchange and the risk of revaluation of currency positions based on a variable, volatile exchange rates and consequently their impact on the assets, liabilities, and the competitive position for the bank (Danisman et al., 2018).
c) The securities price risks. When the banks are exposed to losses due to volatility in the market prices of stocks, bonds, and commodities. The measurement of price risk is critical to recognizing losses and ensuring that these losses don't significantly affect the capital.
3. Credit risk. These risks arise from borrowers' failure to pay their debts in whole or in part. If the financial institution receives the principal of the funds in addition to the interest in full, there is no risk. In the case of bankruptcy or problems of repayment, this may result in loss of the return bank and part of the loan principal (Boyd et al., 2005).
Several standards issued by the international accounting standard board (IASB) such as IFRS 7, IAS 39 replaced by IFRS 9 in additions to instructions of Basel that helps the financial institutions in managing financial risks.
B) Operational risk
Operational risk arising from poor internal control, employees and systems or external circumstances, the risks of insufficient information systems, technical failure, violation of control systems, embezzlement, and natural disasters (Miller et al., 2006).
C) Business Risk
There are many risks this type of risks that are arising from a bank or business long term strategy:
Legal risks, these risks arise in the case of violation of laws, rules, or regulations, especially those related to the fight against money laundering, or as a result of the lack of clear definition of legal obligations resulting from electronic banking operations, and lack of knowledge about some agreement (Rae et al., 2008). Reputation risk is the risk resulting from negative public opinion which results in significant losses to customers or funds (Bazerman et al., 1997).
2.2.2 The Coordination between Internal Audit and Risk Management
Risk management is a joint responsibility between internal audit department and risk management departments (Brody & Lowe, 2003). Risk management officers are responsible for all the processes that would provide comprehensive risk management to the bank. The internal auditor is responsible for verifying the recommendations made regarding risk management that it is good (William, 2015). The process of risk management and internal audit functions is very important to the success, sustainability of the organization, and risk management is a vital element that is based on uncertainty about the events or outcomes that can occur have the main impact on the achievement of the strategies of the institution (Fredrick et al., 2014).
Internal audit has an effective role in risk management, the internal audit function is to provide advice to both executive management and risk management (Frigo & Anderson, 2011). There is also coordination between internal audit and risk management while maintaining their independence, risk management uses internal audit management in its different work phases has its experience in risk assessment and identification, as well as the internal auditor, uses risk management in many processes related to its performance (Coetzee & Fourie, 2010). Risk-based internal audit process that assurance that controls are operating effectively (Griffiths, 2015). Figure 1 shows the main components for risk-based internal audit, consequence (C), likelihood (L), risk appetite (RA) by the board and relationship residual risks (RR) they are after controlled and inherent risks (IR) they are before controlled.
Despite the distinguished role for the internal auditor in providing advice, support to the correct administrative decisions, and attempting to address administrative decisions that appear to be inappropriate, but the process of control and risk management falls under the responsibility of senior management and the board (Anette, 2013). The role of the internal auditor is advisory to assist the bank in identifying and evaluating the risks (Onumah, 2016). Many tasks outside the scope of auditor job in the area of risk management (Sox, 2002). Figure 2 shows the conceptual framework used in the present paper.
3.Research Methodology
This section describes the methodology of the study, the sample, the research instrument, and finally the analytical techniques that were relied upon in the study. The population of the study the risk managers in the listed financial institution, the target population is the banking sector and the sample consisted of 10 banks, and therefore the percentage of the study sample is 66% of the target population for the study. The Palestinian banks are the target population for this study, the risk management departments of the financial institutions operating in Palestine are newly emerging and face financial and political challenges. The banks operating in Palestine are 15 banks (local banks and foreign banks), and the respondents are risk managers in banks operating in Palestine, as the banking sector has 15 risk managers. Data were collected through formal and informal interviews with risk managers from local and foreign banks operating in Palestine. The interviewers followed the standard routine for conducting executive interviews, as follows: Message was sent to the risk manager and obtain the approval by email. The study used descriptive coding methods for analyzing the answers of interviews.
The necessary data were obtained through field research, through interviews prepared for this purpose. The interview questions were divided into two parts: Part I, consists of the personal data of the study sample. Part II consists of the role of internal audit in risk management in banks operating in Palestine from the point of view of risk managers. This section includes five main axes. First, the extent to which the internal audit identifying, assessing, and controlling to risks, and their role in activating the performance of risk management in the banks operating in Palestine. Second, the importance of the expertise and professional certificates of internal auditors in risk management. Third, the importance of having an independent risk department in banks. Four, the responsibility in risk management in the banks. Finally, adhering in apply the international standards by the internal audit, the interview is presented in Appendix. One of the most important steps taken to prepare the interview questions was the following:
- Prepare preliminary questions for use in data and information collection.
- Presenting the interview questions to a group of managers based on the sample of the study.
- Making formal and informal interviews to collect the data needed for the study.
4.Discussion and Findings
Part A. Personal data for the sample of the study, this paper was conducted through 10 interviews with risk managers working in the banking sector. Their age ranged from 36 to 55 years. Also, the number of years of experience ranged between 9-25 years and the number of years in risk management between 4-15 years. The educational level is 60% Master.
Part B. Four axes to measure the role of internal audit in risk management at the banks that are operating in Palestine from the perspective of risk managers. Axis I: The extent to which the internal auditors in identifying, assessing, controlling risks, evaluating response procedures, and their role in activating the performance of risk management in commercial banks operating in Palestine. This axis contains three questions: First, to know what procedures are performed by the internal audit department to monitor the risk management department. The majority of the answers in this question agree that internal audit monitors risk management by assessing the efficiency of reports submitted to the board of directors and risk committees and evaluating the efficiency of risk management practices in risk management facing the bank. There were replies that the internal audit department was working to ascertain the extent to which the risk department was committed to the procedures. Second, to ensure that there is periodic control over the risk department by the internal audit, there are responses that every quarter, month, year, irregularly, and the majority of the responses agree that there is an audit of the reports to the risk committees by the risk department every quarterly. Third, to determine the mechanism of work between internal audit and risk management in identifying risks that may face the bank, two responses that the risk was identified through a system called a risk-based internal audit, there was also one answer stating that risks are not identified in coordination with internal audit, and other responses are identified through periodic meetings with the internal audit and top management.
Axis II: The importance of the expertise and professional certificates of internal auditors in risk management. The perspective of risk managers, this axis measures how professional certificates and expertise can be used by managers and staff of internal audit departments to contribute in risk management at the bank. All the answers focused on the fact that professional certificates are the most important thing in this department. Besides, the experience is the most needed by this department, since the director of the internal audit department must have a high level of scientific certificates and experience because he needs to know all the work procedures for all departments and departments of the bank.
Axis III: Measures the importance of having an independent risk department in banks. This axis contains two questions to measure the importance of having an independent risk department. First, two responses answered there is no need for a risk department, but only an internal audit and risk department within this department, and the rest of the respondents 80% of the sample, focus on the need for this department away from the requirements of the Palestine Monetary Authority. Second, there is one answer that says that the disadvantages of separating the risk department from the internal audit are more than the advantages, while the other answers with the necessity to separate the risk department from the internal audit to provide reports that have high quality for the committees of risk management and the internal audit, in addition to the efficiency of the work for internal audit department rather than preoccupied with the identification, assessment, and management of risks, on the other hand, separation of these departments based on the responses the fixed costs increased since the number of employees and hiring experts in this field.
Axis IV: This axis measures the most important determinants of risk management in banks. Six managers are representative 60% of the sample, they answered that risk management depends on the efficiency, intelligence, and experience of the risk manager in the first place. Two responses, 20% of the sample, they with the efficiency and strength of the board of directors, while the other of the responses, less than 20% they think that risk management depends on the strength of the internal audit department.
Axis V: This axis measures the extent of adhering in apply the international standards in the field of risk management and internal audit. Three managers with 30% of the sample whose answers that the international standards are not applied by the internal audit in the risk management audit, there is one answer that does not know about this matter, and the remaining managers 60% were answered yes there is an application of these standards as ISO31000, Basel instructions like Basel III and there are special procedures that are part of the international accounting standards for this function.
According to axis one, there is oversight of the risk department by the internal audit department to ensure the efficiency of the work of the risk department. There is also cooperation between these departments in identifying the risks that banks may face in the Palestinian banking sector. Professional experience and certificates can contribute effectively to the internal audit cycle in risk management in the bank as all the answers were consistent with the importance of international professional certificates and the high expertise of the internal audit department in the good contribution and ability to perform this position well.
There is a need to increase attention to the risk department in this sector and other sectors because of its importance, especially in a country suffering from fluctuations in the political and economic situation. Also, the advantages of separating the internal audit department from risk management are more defects in terms of profitability, reporting quality, and risk management capability, but we must take into account costs.
Axis IV is the basis of this study, answering the main question of research, based on the opinion of risk managers that the role of internal audit is weak these days in risk management and the direction of institutions and banks to pay attention to the development of risk management in the subject of risk management since the traditional view is that the internal audit manager who manages these risks but today the focus has become as we mentioned on risk management to reduce the risk in the banks may face it.
According to the fifth axis questions, the Palestinian banking sector in a complex political situation and the adverse circumstances surrounding it, but this sector committed to the implementation of international standards in the field of internal audit and risk management as Basel III and the system of internal audit is based on risk, this indicates that there are managers with expertise and competence in applying these standards, but some banks need to develop their risk managers.
The main question: What is the role of internal audit in risk management from the perspective of the risk managers in banks operating in Palestine? Based on the results of the study, the role of internal audit in the final stages has become a useful tool for assessment and the postevent phase, but the main role in risk management is responsible for the risk management department. The Sub-Questions: First, what is the extent to which the internal auditor assesses and monitors risks and evaluate their response and its role in risk management in banks operating in Palestine? Based on the results of the study, there is an assessment by the internal audit department on risk management to ensure efficiency and policies. Second, what is the extent to which compliance with auditing standards on the effectiveness of risk management in banks operating in Palestine? Based on the results, they're applying for the international standards by internal audit departments in banks operating in Palestine. Third, what is the extent to which the internal auditor understands the importance of risk management in banks operating in Palestine? The understanding and contribution of internal audit in risk management are significant when international professional experience, certificates are available to managers and employees of the internal audit department.
5.Conclusion
This paper confirmed there is a great interest in the risk management department to manage risks as the traditional focus was on internal audit management. This does not mean that the internal audit function of the organization is not important, but its focus has been on assessing the compliance of the departments in the work procedures more than the role of risk management. As a result, the presented paper provides eight recommendations aimed to increase the attention of top management and board of directors in the risk management department. Based on the findings of this study, the research recommends: More empirical studies in the future about the how to develop the techniques of risk management in the banking sector. Senior management and board of directors should continue to pay attention to the risk management department and ensure its effective role. Continuity of work towards enhancing the skills and knowledge, developing the internal auditors' abilities, and diversifying courses to enable them to perform their duties effectively in the field of risk management. Increase the interest in the internal audit function and activate its role because of its impact in supporting risk management and tightening control on various aspects of banking performance. Follow up the technical developments in the internal audit standards and their relationship with risk management, and conduct training sessions for internal auditors on these standards. The need to verify the existence of an updated guide to managing risks to banks, in the light of developments on the banking scene. The need for more attention and support to achieve the coordination between the departments of risk management and internal audit in banks operating in Palestine. Risk managers should continue to develop, improve their practical and scientific skills to obtain the confidence of senior management and risk committees of the board of directors. Finally, these days the whole world witnessing new systematic risks, and thus the top management in the banks must evaluate the strategies of risk management for systematic risks, enhance and reinforce the risk-based internal audit to reduce the direct impact on the revenues and to avoid the indirect influences like fraud risk by unethical employees through exploiting the current conditions.
References
Anette, M. (2013). "Risk management and calculative cultures". Management Accounting Research. 20(1), 18-40. https://doi.org/10.1016/j.mar.2008.10.005
Arena, M., Arnaboldi, M., & Azzone, G. (2016). "Is enterprise risk management real?". Journal of Risk Research, 14(7), 779-797. https://doi.org/10.1080/13669877.2011.571775
Armour, G. (2012). "Internal control: Government framework and business risk assessment at Reed. Elsevier, 19(5), 75-81. https://doi.org/10.2308/AUD.2000.19.S-1.75
Amoush, A. (2017). The Internal Auditing Procedures Effectiveness in the Jordanian Commercial Banks. International Business Research, 10(3), 203. https://doi.org/10.5539/ibr.v10n3p203
Basel Committee. (2019). Net stable funding ratio (NSFR), Bank for International Settlements. Available at<https://www.bis.org/basel framework/chapter/NSF/20.htm?inforce=20191215.
Basel Committee. (2013). Net stable funding ratio (NSFR), Bank for International Settlements. Available at https://www.bis.org/publ/bcbs238.pdf.
Bazerman, M., Morgan, K., & Loewenstein, G. (1997). "The Impossibility of Auditor Independence. Sloan Management Review, 38(4), 89-94.
Boyd, J., & De Nicolo, G. (2005). The theory of bank risk-taking and competition revisited. The Journal of Finance, 60 (3), 1329- 1343. https://doi.org/10.1111/j.1540-6261.2005.00763.x
Brody, R., & Lowe, J. (2003). "The New Role of Internal Auditor: Implications for Internal Auditor Objectivity". International Journal of Auditing, 4(2), 169-176. https://doi.org/10.1111/1099-1123.00311
Coetzee, P., & Fouri, H. (2010). "Perceptions on the Role of the Internal Audit Function in Respect of Risk ". African Journal of Business Management, 3 (13), 959-968.
Danisman, G., & Demirel, P. (2018). Bank risk-taking in developed countries: The influence of market power and bank regulations. Journal of International Financial Markets, Institutions and Money. https://doi.org/10.1016/j.intfin.2018.12.007.
De Zwaan, L., Stewart, J., & Subramaniam, N. (2011). "Internal Audit involvement in enterprise risk management". Managerial Auditing Journal. 26(7), 586-604. https://doi.org/10.1108/02686901111151323
Fraser, I., & Henry, W. (2007). "Embedding risk management: structure and approaches". Managerial Auditing Journal, 22 (4), 392-409. https://doi.org/10.1108/02686900710741955
Fredrick, S., Gideon, A., & Narkiso, O. (2014). An Analysis of the Role of Internal Audit in Implementing Risk Management- a Study of State Corporations in Kenya. International Journal of Business & Social Science, 5 (6), 169-176. Available at<http://www.iibssnet.com/iournals/vol 5 no 6 may 2014/18.pdf
Frigo, M., & Anderson, R. (2011). Embracing Enterprise Risk Management: A practical approach of getting started. Though leadership in risk management, COSO. Available at https://www. coso.org/Documents/Embracing-ERM-Getting-Started. pdf
Griffiths, D. (2015). Risk-based internal auditing". Internal Auditor Journal, 12 (9), 15-20. Available at https://www.internalaudit.biz/files/implementation/rbiaimplementing.pdf
Holm, C., & Zaman, M. (2012). Regulating audit quality: Restoring trust and legitimacy. Accounting Forum, 36, 51-61. https://doi.org/10.1016/j.accfor.2011.11.004.
Liebenberg, A., & Hoyt, R. (2003). The Determinants of Enterprise Risk Management: Evidence From the Appointment of Chief Risk Officers. Risk Management and Insurance Review, 6 (1), 37-52. https://doi.org/10.1111/1098-1616.00019
Lin, J., & Hwang, M. (2010). Audit quality, corporate governance, and earnings management: A metaanalysis. International Journal of Auditing, 14(1), 57-77. https://doi.org/10.1111/i.10991123.2009.00403.x.
Kerazan, F. (2016). The Contribution of the Internal Audit Function in Risk Management, Journal of Management Research, 8(2), 1-25. https://doi.org/10.5296/imr.v8i3.9096
Miller, K., Kurunmäki, L., & O'Leary, T. (2006). Accounting, Hybrids and the Management of Risk. Accounting Organizations and Society, 45(9), 940-945. [online] : at https://www.lse.ac.uk/accounting/Assets/CARR/documents/D-P/Disspaper40.pdf
Norman, C., Anna, M., & Jacob, M. (2010). Internal audit reporting lines, fraud risk decomposition, and assessments of fraud risk, Accounting, Organizations and Society, 35(5), 546-557. https://doi.org/10.1016/i.aos.2009.12.003
Onumah, J. (2016). Effectiveness of Internal Control Systems of Listed Companys in Ghana. Accounting in Africa, 48 (4), 650-665.
Pender, S. (2001). "Managing Incomplete Knowledge: Why Risk Management is not Sufficient", International Journal of Project Management, 19(2), 79-87. https://doi.org/110.1016/S02637863(99)00052-6
Petitjean, M. (2013). Bank failures and regulation: a critical review. Journal of Financial Regulation and Compliance, 21(1) https://doi.org/10.1108/13581981311297803
Power, M. (2004). The Risk Management of Everything, London, Demos. Available at http://www.demos.co.uk/files/riskmanagementofeverything.pdf
Rae, K., Subramaniam, N., & Sands, J. (2008). "Risk Management and Ethical Environment: Effects on Internal Audit and Accounting Control Procedures". Journal of Applied Management Accounting Research, 6 (1), 1-21. Available at https://pdfs.semanticscholar.org/f483/20ae35f48fa4638ed917639aad7731bafe59.pdf
Sarbanes-Oxley Act. (2002). Section 404, A Guide To The Sarbanes-Oxley Act. Available at http://www.soxlaw.com/s404.htm
Sarens, G., & Beelde, I. (2010). The association between corporate governance guidelines and risk management and internal control practices: Evidence from a comparative study. Managerial Auditing Journal, 25(5), 288-30 https://doi.org/10.1108/02686901011034144
Schneider, N., & Becker, L. (2011). "Using the COSO model of internal control as a framework for ethics initiative in business school". Journal of Academic and Business Ethics, 4 (9), 118. Available at http://www.aabri.com/manuscripts/10725.pdf
Spira, L., & Page, M. (2005). The Turnbull Report, Internal Control and Risk Management: The Developing Role of Internal Audit. The British Accounting Review, 37(3), 354-355. https://doi.org/10.1016/j.bar.2005.04.002
Suddaby, R., & Cooper, D., & Greenwood, R. (2006). Transitional regulation of professional services: Governance dynamics of field level organizational change. Accounting, Organizations and Society, 32 (4-5), 333-362.
The Committee of Sponsoring Organization of the Treadway Commission (COSO). (2014). The Role of the Board of Directors, USA, COSO. Available at http://www.coso.org/documents/COSOBoardsERM4pager
The Institute of Internal Auditors (the IIA). (2015). Definition of Internal Auditing. The IIA. Available at https://na.theiia.org/standards-guidance/mandatory-guidance/Pages/Definitionof-Internal-Auditing.aspx
William, R. (2015). Auditing Risk Assessment & Risk Management Processes. The Institute of Internal Auditors Research Foundation, 31(3), 345-35.
(ProQuest: Appendix omitted.)
You have requested "on-the-fly" machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Show full disclaimer
Neither ProQuest nor its licensors make any representations or warranties with respect to the translations. The translations are automatically generated "AS IS" and "AS AVAILABLE" and are not retained in our systems. PROQUEST AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES FOR AVAILABILITY, ACCURACY, TIMELINESS, COMPLETENESS, NON-INFRINGMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Your use of the translations is subject to all use restrictions contained in your Electronic Products License Agreement and by using the translation functionality you agree to forgo any and all claims against ProQuest or its licensors for your use of the translation functionality and any output derived there from. Hide full disclaimer
© 2021. This work is published under https://creativecommons.org/licenses/by/2.5/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
Abstract
The present paper aims to identify the role of internal audit function in risk management from the perspective of risk managers in banks operating in Palestine, with a review of the concept, importance, objectives, and principles of internal audit and its role in risk management for banks. The target population is the risk managers in the banks operating in Palestine. The major findings in the presented paper. First, the main factor in risk management is the risk manager's efficiency, and the internal auditing focuses on evaluating the risk management department and ensuring the efficiency of risk management practices in dealing with these risks. Second, the internal audit departments in the banks operating in Palestine participate in providing advice, suggestions and recommendations for the risk management department. Based on the results, the board of directors and senior management in these banks should continue to pay attention to the risk management department, and the need for coordination between these departments to achieve the best results at the banking and economic levels.
You have requested "on-the-fly" machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Show full disclaimer
Neither ProQuest nor its licensors make any representations or warranties with respect to the translations. The translations are automatically generated "AS IS" and "AS AVAILABLE" and are not retained in our systems. PROQUEST AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES FOR AVAILABILITY, ACCURACY, TIMELINESS, COMPLETENESS, NON-INFRINGMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Your use of the translations is subject to all use restrictions contained in your Electronic Products License Agreement and by using the translation functionality you agree to forgo any and all claims against ProQuest or its licensors for your use of the translation functionality and any output derived there from. Hide full disclaimer
Details
1 Department of Accounting, University of Debrecen, Debrecen, Hungary