279.F论中小油田企业内部控制存在的问题及对策 外文原文.doc

How Does Internal Control RegulationAffect Financial reportingJennifer AltamuroFisher college of BusinessThe Ohio State UniversityAbstract:Internal control regulation effectiveness remains controversial given the recent financial crisis. To address this issue we examine the financial reporting effects of the Federal Depository Insurance Corporation Improvement Act (FDICIA) internal control provisions. Exemptions from these provisions for banks with assets under $500 million and for non-U.S. banks provides two unaffected control samples. Our difference in differences method suggests that FDICIA-mandated internal control requirements increased loan-loss provision validity, earnings persistence and cash-flow predictability, and reduced benchmark-beating and accounting conservatism for affected versus unaffected banks. More pronounced effects in interim versus fourth quarters suggests that greater auditor presence substitutes for internal control regulation.1. IntroductionInternal control systems have long been advocated as a mechanism for establishing high quality financial reporting, and firms have voluntarily used them for this purpose. In response to several high-profile financial frauds, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) issued their Internal Control - Integrated Framework in September 1992. This report provided a foundation for assessing internal control effectiveness. Since then, several waves of accounting scandals have led to regulatory requirements for managers and auditors to report on internal control effectiveness. Most recently, the Sarbanes Oxley Act (SOX) internal control provisions have fueled the ongoing debate among regulators and practitioners about the effectiveness of this type of regulation in improving financial reporting quality given the subsequent financial crisis. In a speech delivered at the U.S. Chamber of Commerce Global Capital Markets Summit, James Turley (2008), Chairman and CEO of Ernst Young, calls for “a global debate about what management should be saying about its controls, (and) what auditors should be saying about them, if anything.” Supporters of internal controls regulation argue that limiting managerial discretion improves financial reporting quality. While potentially true for firms with material internal control weaknesses, limiting managerial discretion may not improve financial reporting, on average, for all regulated firms and could potentially reduce financial reporting informativeness. For example, Bagnoli and Watts (2005) show that managers with discretion to report conservatively can signal their private information about the probability of good future prospects. Essential to resolving this argument is the ability to isolate changes in financial reporting due to internal controls regulation. In their study evaluating the effectiveness of SOX internal controls regulation, Hochberg et al. (2009) point out that “the central challenge to distinguishing between the two main views is the lack of a control group of firms unaffected by the legislation.”The internal control provisions of the Federal Deposit Insurance Corporation Improvement Act of 1992 (FDICIA) facilitate meeting this “control group” challenge by exempting some firms from these provisions. In the absence of an explicit exclusion, the FDICIA provisions apply to all insured depository institutions1.Such an exclusion exists for the FDICIA internal control provisions, in contrast to all other FDICIA provisions. FDICIA exempts institutions with assets less than $500 million from its internal control monitoring and reporting requirements. Specifically, these institutions are exempted from FDICIAs requirements that management issue a report on the effectiveness of internal controls over financial reporting, and that their independent public accountant attest to managements report. This exemption provides a control group unaffected by the internal control legislation, but otherwise similarly affected by the remaining FDICIA provisions. We examine the relative impact of this regulatory shift in internal control systems monitoring on financial reporting quality for the average affected versus unaffected firm.We compare annual and quarterly financial reporting of bank holding companies (banks) affected by FDICIAs internal control provisions to that of unaffected banks. Specifically, we examine changes in: the validity of the loan loss provision, earnings quality, benchmark-beating, and accounting conservatism. We analyze two samples, (1) a sample of U.S. public and private banks included in the Fed Form Y9-C Regulatory Filing database and (2) a sample of publicly-traded banks included in the COMPUSTAT database2. Our difference-in-differences research design isolates the effects of the FDICIA internal controls provision by controlling for changes in financial reporting unrelated to those provisions. We validate our control samples by testing for differences between the affected and unaffected firms in the pre-regulation period.We argue that in addition to providing a control sample, our setting has several advantages for examining how internal controls regulation affects financial reporting. First, the effective date of FDICIA enables a long-range study of the impact of the first regulatory enforcement of COSO-based internal control provisions, which have served as the cornerstone of future regulation. The relationship between FDICIA andSOX internal control reforms has been well documented, with Securities and Exchange Commission (SEC) Chairman Cox (2007) declaring that “FDICIA was a clear antecedent to the SOX internal control reforms.” Second, focusing on a single industry allows us to isolate and examine changes in the validity of the account1 While FDICIA regulations did bring Savings and Loans (S&Ls) under the auspices of the FDIC, this study examines the impact of FDICIA-mandated internal control provisions on commercial banks.2 Although FDICIA applies at both the bank and holding company levels, we focus on holding companies to increase comparability between our Regulatory and COMPUSTAT analyses.most likely affected by internal control deficiencies, the loan-loss provision, and to explore how account-specific changes lead to more general changes in financial reporting. Third, our examination of all firms affected by the regulation, rather than only those most likely to benefit from the regulation (i.e. those with material internal control weaknesses), allows us to make an unbiased assessment of the financial reporting impact of the regulation on all affected firms. Finally, our comparison of the interim quarters to the fourth quarter allows us to assess whether the extent of auditor presence substitutes for internal controls regulation.We compare the change in financial reporting for our affected and control firms in the seven-year periods before and after the passage of FDICIA. First we examine the properties of the annual financial reports. We find that the FDICIA-mandated internal control requirements lead to improvements in the validity of the loan-loss provision. Specifically, the association between the loan-loss provision and actual loans written off for affected banks strengthened in the period after the enactment of FDICIA. This improvement addresses the GAOs (1994) concern “that banks loan-loss allowances included large supplemental reserves that were not linked to analysis of loss exposure or supported by evidence.” We find a corresponding increase in both earnings persistence and ability to predict cash flows, and a reduction in the use of earnings management to report positive earnings growth, suggesting that reducing supplemental reserves generally improves reporting quality. However, we also find that earnings conservatism declines for affected versus unaffected banks in both samples. This reduction in conservatism is also consistent with a reduction in supplemental reserves.Next we examine the properties of quarterly reports to determine whether the effects are larger in the interim quarters relative to the fourth quarter, when an increased auditor presence might substitute for improved internal controls. Consistent with this hypothesis, we find that the improvements in the validity of the loan loss provision, and the increase in earnings persistence and predictability of future cash flows, are all larger in the first three quarters than in the fourth quarter.Taken together, these results suggest that the FDICIA-mandated internal control provisions resulted in the average bank exercising less reporting discretion. This reduced discretion creates a greater association between current reported accrual numbers and future cash flow numbers. However, as a result of this improved association, the reported accrual numbers also became less conservative. Thus, the conclusion about how this regulation affected the quality of financial reports depends on ones definition of quality. Our results suggest improved reporting quality based on the FASBs argument in Statements of Financial Accounting Concepts (SFAC) 2 that “conservatism in financial reporting i.e. any attempt to understate results consistently is likely to raise questions about the reliability and integrity of the information about those results.” However,Watts (2003) argument that the “attempts to ban conservatism are likely to fail and produce unintended consequences” suggest that the changes in financial reporting characteristics that we document may indicate a deterioration, rather than an improvement, in financial reporting quality.We believe our results can inform the debate between regulators and practitioners over the merits of internal controls regulation. Our focus on banks is particularly relevant to the renewed debate over this type of regulation arising from the recent financial crisis. In addition, our study can be used to draw inferences about the implications of similar changes in internal control regulations outside of the banking industry, in particular for regulations that are also based on the COSO framework, such as the SOX internal control provisions. Thus, we believe that our results could have broad implications for understanding the effects of internal control regulations.Section 2 provides the background for our study. We discuss hypotheses in Section 3; sample selection in Section 4 and research design in Section 5. We present our results in Section 6 and discuss our sensitivity test results in section 7. We conclude in Section 8.2. Background2.1 Development of Internal Control Regulation in the U.S.2.1.1 COSOCOSO is a private-sector initiative begun in 1985 to address fundamental causes of financial reporting scandals. Reliability of financial reporting is one of the three objectives of the internal control process in the COSO framework. The COSO Report provides guidelines for assessing effective control system attributes, and states that:internal control is broadly defined as a process, affected by an entitys board of directors, management and other personnel, designed to provide reasonable assurance regarding achievement of effectiveness and efficiency of operations, reliable financial reporting, and compliance with applicable laws and regulations3. In an October, 2006, speech, Charles D. Niemeier, a Public Company Accounting Oversight Board (PCAOB) member, states that:Although U.S. companies have been required to have internal controls over their accounting since Congress enacted the Foreign Corrupt Practices Act of 1977, by the 1990s many corporations had still failed to establish or maintain effective controls that would ensure integrity in the preparation of the overall financial statements. This lack of internal controls allowed senior corporate managers to manipulate official reported financial results to look better than they were In the early 1990s, Congress attempted to bolster controls in the banking sector at least, by requiring in FDICIA that certain financial institutions provide banking regulators with assessments of, and auditor attestations on, their internal controls.2.1.2 FDICIAFDICIA was enacted to change federal oversight of depository institutions, and as a result, four new sections were added to the Federal Deposit Insurance Act (The Act). The Act applies to all depository institutions that are insured by the Federal Deposit Insurance Corporation (FDIC), unless an explicit exemption is made for a particular section of The Act. Of these four sections, only Section 36 entitled “Early Identification of Needed Improvements in Financial Management,” includes such an exemption. Specifically, this section includes an exemption for institutions with total assets less than the greater of $150 million, or a larger amount prescribed by regulation. On June 2, 1993, the FDIC issued such a regulation, increasing this exemption to cover banks with assets less than $500 million GAO (1996). This exclusion was allowed for economic efficiency reasons (Murphy, 2004). Consequently, only U.S. banks with assets greater than $500 million are subject to the internal controls provision of FDICIA.Section 36 requires that banks establish an independent audit committee, and that they report annually on “Management Responsibility for Financial Statements and Internal Controls” and “Internal Control Evaluation and Reporting Requirements for Independent Public Accountants.” The management responsibility report must be signed by the CEO and the chief accounting or financial officer. The report must state managements responsibilities for preparing financial statements, establishing and maintaining an adequate internal control structure and developing procedures for financial reporting and complying with related laws and regulations. The report must also provide an assessment of the effectiveness of the internal control structure and procedures, and the institutions compliance with laws and regulations relating to safety and soundness as of the end of the fiscal year. The report of the independent public accountant must include an attestation to the assertions of management included in the management report. This annual report also requires an independent audit of the financial statements (conducted in accordance with GAAS) 4. The other three sections that FDICIA added to The Act apply to all federally insured depository institutions regardless of size. Section 37 “Accounting Objectives, Standards and Requirements” requires that regulatory accounting be at least as stringent as GAAP, and that all federal banking agencies maintain uniform accounting standards when determining statutory or regulatory compliance. Section 38 “Prompt Corrective Action,” requires that regulators classify depository institutions into one of five capital adequacy categories, including three undercapitalized categories, based on the