Celia Project
Celia Project
Celia Project
INTRODUCTION
Within the last one and a half decades, quite a number of very prominent business organizations
around the world have faced many financial Reporting scandals and crisis. Nigeria business and
financial reporting environment is not an exception. We have had cases of reputable entities’
desired profit performance in financial reports and in some cases, outright abuse of codes of
corporate governance. One of the financial reporting quality control mechanisms that have been
of major interest to many researchers and authors is risk based internal audit. Recent studies have
examined the impact of internal audit on the transparency and quality of financial reporting.
However, from this researcher’s investigation, few studies have evaluated the relationship
between risk based internal audit procedures and financial performance of corporate entities.
Abdel-Khalik (2013) found in their study that risk based internal audit function supports the
financial statement audit performed by external auditors. This implies improving audit quality
and therefore the quality of financial reporting. Schneider and Wilner (1990) estimated that risk
based internal audit function detects irregularities. Thus, the study of Gordon and Smith (2012)
concluded that risk based internal audit function plays a key role in improving the control
environment. It avoids irregularities in the financial statements, which involves improving the
been associated with the need for appropriate Risk Based Internal Audit which involves risk
management and internal control systems Beekes and Brown, (2016). This has been reflected
1
through corporate governance guidelines. A major effort, that has caught the attention of the
financial reporting and legislative environment around the globe is Sarbanes-Oxley Act of 2002,
passed by the United States Congress to protect Shareholders and the general public from
accounting errors and fraudulent practices as well as to improve the accuracy of corporate
disclosures. However, the subjectivity of the application and procedures of risk based internal
audit has given rise to different levels of emphasis on risk management and internal control and
Committee on Banking Supervision, (2016). While these voluntary guidelines that have
originated in each organization may provide different levels of focus on Risk based Internal
Audit and governance, it is uncertain as to what extent of influence these different levels of focus
exert; either direct or indirect, on an organizations risk management and internal control
practices Sarens and De Beelde, (2016). It is even more uncertain, the extent of the influence of
this relationship between risks based internal audit procedures and financial performance of
money deposit banks in Nigeria, is the motive of this study. Risk based Internal Audit (RBIA) is
n internal methodology which is primarily focused on the inherent risk involved in the activities r
system of an entity and provides assurance that risk is being managed by the management within
the defined risk appetite level of the enterprise. RBIA is the risk management framework of the
entity and it seeks at every stage to reinforce the responsibility of management and BOD Board
of Directors) for managing risk (https://en.wikipedia). Risk based internal audit helps the risk
management function of the company by providing assurance about risk mitigation. RBIA
allows internal audit to provide assurance to the board that risk management processes are
2
Risk based audit is a process, an approach, a methodology and an attitude of mind rolled into
The simplest way to think about risk-based audit conceptually is to audit the things that all matter
to your organization (Kasiva, 2010). Risk based internal audit (RBIA) is a term arrived from the
Institute of Internal Auditors (IA) research foundation based in the USA (IA,)2014. In 1999, the
board of directors of IA voted to approve a new definition of internal auditing and a new
Professional Practice Framework (PPF). The board through deliberation came to a conclusion
that a significant gap existed between available guidance and current practice of internal
auditing, and that a new framework was needed to carry the profession into 21st century IA,
2004). Ideally, risk based audit (RBA) is a paradigm shift from traditional approach of pre-
auditing or transactional audit to systems audit and finally to RBA, In pre-audit, management
abdicated their responsibilities to internal audits; there were no audit reports and no view of the
system by management. On the other hand, systems audit was passive and reactive control based
audit with no involvement of management in audit planning. Therefore, for internal audit to be
Risk-based internal auditing is a new approach to the practice whose aim is to improve the
quality and effectiveness of audits, since determining the appropriate nature, timing, and extent
of substantive testing allows for higher quality audits at shorter time. Substantive testing is
limited where there is internal control reliance and extensive where there is no internal control
reliance (Forsati,) 2012. Risk-based internal auditing is the process of identifying and reporting
3
the risk of significant distortions in financial statements. This approach not only increases the
value of the product (financial statements), but also makes auditing more profitable. In other
words, risk-based internal auditing satisfies both the managers and the auditors Smith, 2016;
Hirrington, (2014). In this approach, the auditor first examines the accounting and internal
control systems (through written narratives, questionnaires, and flowcharts, and by performing a
walk-through test), and then estimates inherent and control risks. Initial estimates of inherent and
control risks help the auditor in determining the reliability of the internal control system. If the
internal control system is effective, the auditor relies on control and carries out minimal
substantive test, otherwise, he performs extensive substantive test. The results can adjust and
finalize the initial estimates of inherent and control risks Moradi & Pourhosseini, (2019) There
are many aspects of the performance of deposit money banks that can be analyzed. The
importance of bank profitability can be appraised at the micro and macro levels of the economy.
At the micro level, profit is the essential prerequisite of a competitive banking institution and the
cheapest source of funds. It is not merely a result, but also a necessity for successful banking in a
period of growing competition on financial markets. Hence the basic aim of every bank
macro level, a sound and Profitable banking sector is better able to withstand negative shocks d
contribute to the stability of the financial system. Bank profits provide an important source of
equity especially if re-invested into the business. This should lead to safe banks, and as such high
profits could promote financial stability Kasiva, (2010). Return on assets (ROA), Return on
equity (ROE) and Return on Investment (ROl) are accounting based performance indicators
which are widely used to assess the performance of firms, including deposit money banks. Bank
regulators and analysts have used ROA and ROE to assess industry performance and forecast
4
trends in market structure as inputs in statistical models to predict bank failures and mergers and
for decision making purposes that are related to efficiency and profitability. This study is
concerned about the relationship between risk based internal audit procedures and financial
There is a generally accepted relationship between risk and return, that is, the higher the risk the
higher the expected return, therefore, traditional measures of bank performance have measured
moth risks and returns. The increasing competition in the national and international banking
markets, the new technological innovations herald major changes in banking environment, and
challenge all banks to make timely preparations in order to enter into new competitive financial
environment. Spathis, and Doumpos, (2012). investigated the effectiveness of commercial banks
based on their assets size. They used in their study a multi criteria methodology to classify Greek
banks according to the return and operation factors, and to show the differences of the bank’s
profitability and efficiency between small and large banks. This study seeks to establish the
impact of risks based internal audit on the quality of financial performance in deposit money
banks in Nigeria.
In summary, it is the view of this researcher that, risk-based internal auditing is a significant tool
risk based audit practices. Risk based audit practices such as risk assessment, risk management,
risk based planning, and internal audit standards are adopted to benchmark the risk appetite of
entity against operational and inherent risk, thereby protecting the entity against avoidable risks
5
A company’s internal control practices such as risk based auditing are widely believed to be
crucial to the success of an enterprise as it acts as a powerful brake on the possible deviations
from the predetermined objectives and policies. This means that an organization that puts in ice
an appropriate and adequate system of risk based auditing is likely to perform better than those
that do not. In other words, for there to be effective risk management in an organization, auditing
must be risk-based. In the instances where there have been lack of or inadequate risk-based
auditing, the firms concerned may be prone to fraud and other forms of financial
misappropriation Coram et al. (2014). Recent incidences of entity collapse and financial scandals
have provoked worldwide concern and clamor for risk based internal audit. It has highlighted
apparent failures of traditional risk management strategies in such entities. The failure of the
banking sector in Nigeria, which brought about the mergers of the last decade, is of relevance
here. Risk Based Internal Auditing could improve the precision of operational strategies and
define the risk appetite of the banks so as to focus operations within profitable boundaries. The
level of uncertainty regarding the association between risks based internal audit procedures and
profit performance in deposit money banks has created a research gap in this ea. Quite a number
of essays have given diverse reasons for low quality of financial reports of corporate entities in
Nigeria, research evidence on the effects of risk based auditing practices on financial
performance of deposit money banks in Nigeria is however scanty. Thus absence of risk based
audit could negatively affect the financial performance of deposit money banks in Nigeria. The
6
1.3 Objectives of the Study
The general objective of this study is to analyze the strength of risk based internal audit as a tool
towards improving the quality of financial performance in deposit money banks in Nigeria. The
1. To examine the impact of risk based internal audit on financial performance of deposit
2. To examine the impact of annual risk based internal audit planning on financial
Nigeria
1. Does risk based internal audit influence financial performance of deposit money banks in
Nigeria?
2. Does annual risk based internal audit planning contribute to financial performance of
7
4. Does internal control influence financial performance of deposit money banks in Nigeria?
H01: There is no significant relationship between risks based internal audit procedures and
H02: There is no significant relationship between annual risks based internal audit planning and
H03: There is no significant relationship between the application of internal audit standard and
H04: There is no significant relationship between the application of internal control and financial
This study is significant in that it will enable management of banks in Nigeria to appreciate the
importance of risk based internal audit practices and assist them in rating their level of
compliance against those of their competitors or the entire market, and in determining whether
The study will help shareholders to know the various mechanisms through which they can
exercise their control. Potential investors will also benefit as they will be able to determine banks
that are properly governed in making their investment decisions in deposit money banks.
8
It will also guide management of deposit money banks in developing internal control policy
framework and policy making regarding risk based internal audit procedures.
It will also guide the regulatory agencies as to what metrics should be adopted when monitoring
the transactional and reporting activities of the banking sector, to ensure transparency and full
disclosure.
The academic environment will benefit from relevant information regarding the relationship
between risks based internal audit and financial reporting in the deposit money banks. The study
will contribute to the general body of knowledge and form a basis for further research.
This study examines the impact of risks based internal audit and the quality of financial
performance in six (6) listed deposit money banks in Nigeria. It is a review of the financial
performance of the six listed banks who claimed to have adopted risk based internal audit
procedures. Consolidated, audited accounts and financial reports of the banks were reviewed;
branch management accounts have been consolidated by their respective head offices and by
9
CHAPTER TWO
LITERATURE REVIEW
The Chartered Institute of Internal Auditors defined Risk based internal auditing (RBIA) as a
methodology that links internal auditing to an organizations overall risk management framework.
RBIA allows internal audit to provide assurance to the Board that risk management processes are
managing risks effectively in relation to the risk appetite of the entity CIIA, (2014). The board of
directors of RBIA voted to approve a new definition of internal auditing and a new Professional
practice Framework (PPF). The board through deliberation came to a conclusion that a
significant gap existed between available guidance and current practice of internal auditing, and
a new framework was needed to carry the profession into the 21st century CIIA, (2004). Ideally,
Risk based internal auditing is a paradigm shift from traditional approach of pre auditing or
transactional audit to systems audit and finally to risk based internal auditing. In pre-audit,
management abdicated their responsibilities to internal audits; there were no audit reports and no
review of the system by management. On the other hand, systems audit was passive and reactive
control based audit with no involvement of management in audit planning. Therefore, for
internal audit to be effective and efficient, risk based internal auditing was introduced CII
systematic, disciplined approach to evaluate and improve the effectiveness of risk management,
control, and quality of financial report CIIA, (2003). This definition is designed to embrace the
expanding role.
10
Internal audit which in recent years has evolved from a narrow focus on control to include risk
management and corporate governance Brod and Lowe, (2017). This definition is used as a
framework to develop hypotheses concerning the characteristics of companies that use internal
while there is considerable overlap between the areas of risk management, control and
governance Colbert, 2012; McNamee and Selim, (2019). Besides focusing on the level of risk,
the risk-based method helps to evaluate and build value into the financial reporting process and
the clients company. In order to do this, the auditor must an up to date insight of the clients
business and activities. This knowledge is gained through the way the client operates their
business, management, internal and external environments McNamee and Selim, (2013). The
knowledge gathered can help to design the audit program that includes the most effective and
efficient combination of tests responsive to each client’s unique circumstances. For this reason,
the risk-based approach is then superior to traditional auditing methods (Gibson, (2013).
Although the new system of auditing has become more popular over the years, there are obvious
vantages and disadvantages that need to be considered. For example, the aim of this risk-based
approach is to assess and identify the high-risk areas, while at the same time; the auditor is
minimizing the risk of negligence Griffiths, (2016). This can therefore speed up the audit work it
help to allocate specialists to specific areas of the audit. However, this process can cause the time
to be spent on the audit and raise costs, thus not making economic sense.
Unfortunately, another problem faced by auditors when adopting the risk-based approach is
when identifying high-risk areas. Auditors must decide what evidence is required and in how r.ch
analysis and business process evaluation and on assessing the goals, risks and controls that must
11
monitoring a company’s risk, internal auditing helps assure that resources are adequate and based
on priorities Kunkel, (2014). Generally, risk-based auditing assesses areas of heightened risk
(Griffiths, (2016) and, importantly, conducts continuous risk assessments O’Regan, (2012);
Marks, (2011). The knowledge gained from a comprehensive annual risk assessment as well as
from risk assessments undertaken at the outset of every internal audit engagement should be
Since one of the primary responsibilities of the audit committee is to review and monitor the
audit process, active and independent audit committees can influence the extent of the audit
Dezoort. (2007). Independent directors on audit committees have incentives to protect their
reputation and avoid potential litigation. These incentives can be explained by the demand-based
perspective in the context of regulatory oversight and the scrutiny of the role of independent
directors ((Lorenzo, 2011). The demand-based perspective suggests that independent directors
differentially higher audit quality. Such greater assurance provided by the external auditor
necessarily requires additional audit work which is reflected in higher audit fees. Evidence
consistent with this view is provided by Carcello et al. (2012) and Abbott et al. (2013).
Given the importance of risk management in financial functioning, the efficiency of listed
deposit money Bank’s risk management is expected to significantly influence its financial
performance (Marker and Satvros, 2014). An extensive body of literature (Santomoro and el,
1997) argues that risk management matters for financial report of firms. According to (2011),
and customers. The corporate finance literature has linked the importance risk management with
the shareholder value maximization hypothesis. This suggests that Banks will engage in risk
management policies if it enhances shareholder value Ali and Luft, (2012). Thus, effective credit
12
risk management either in non-banking firms or in banking entities is expected to enhance the
Some Accountants have argued that effective risk based internal audit procedure promotes
particular, help reduce overhead, identify ways to improve efficiency and minimize exposure to
possible losses from inadequately safeguarded company risk assets, all of which can have a
significant effect on the financial performance of the entity. Risk based internal auditing
influences a firm’s use of its internal audit function from risk management, control and
(2010). Effective risk management practices diminish earnings volatility and thereby reduce the
costs associated with potential financial distress. Risk based internal audit can be extended to
include a real options perspective where firms are able to develop opportunities and claims on
future that can be evaluated based on assumptions about underlying risk factors Upson, (2008).
Stulz (2014) carried out a study on the rationale of risk based internal audit to organizations and
found that there existed a rationale for RBIA for lenders and financial institutions in the business
of lending thus influencing bank financial performance. Transparency, disclosure and trust,
which constitute the integral part of risk management, can provide pressure for improved
13
2.2 Concept of Annual Risk Based Planning
Panning is generally considered a vital internal audit activity and it includes preparing a strategic
plan, annual plans and programs for individual risk based audit assignments. The operational
standard of the Internal Audit, dealing with the planning aspects of the internal audit, requires the
preparation of a strategic plan - usually a five-year plan, a periodic (annual) plan and :ns for
individual audit assignments Kasiva, (2010). Most organizations’ internal audit offices not
develop a strategic plan, the exercise of which would have enabled the audit staff to evaluate risk
and identify high-risk areas that deserve audit attention. It could also have been an exercise by
which the head of internal audit ensures the appropriateness of resources by projecting
requirements in a timely fashion thus enhancing good governance. Proper planning enables
In some cases the numbers of the audit engagements are completed in the budgeted time and the
number of actual audits performed in a period is usually less than the number of audits stated in
the annual audit plan Sanda, Mikailu and Garba. (2015). This is usually caused by adhoc audit
assignments by the management and urgent requests by external parties. Adhoc audit
assignments signify the relevance of internal audit to management Van Gansberghe, (2005), and
reflect positively on audit effectiveness and also in good governance. The supply side argument
suggests that during the audit planning stage, auditors assess corporate governance risk and plan
The principles of good governance, transparency and accountability, fairness and equity,
efficiency and effectiveness, respect for the rule of law and high standards of ethical behavior
14
resent the basis upon which to build on OECD, (2005). For Risk Based Internal Audit to provide
good financial report in public sector they must embrace the International Auditing standards
that guide the internal audit’s ethics of work and maintain professional auditing standards.
Organizations grow in size and complexity, effective risk management becomes increasingly
problematic Fraser and Henry (2017). Previous study for demand of internal auditing has been
zed to the cost and benefit from undertaking monitoring Goodwin, Stewart and Kent (2010).
Carcello, et al. (2015) asserts that increased organizational complexity would result in greater
risk and companies facing higher risk will increase their organizational monitoring. In addition,
from transaction cost perspective, larger firms have opportunities to gain economies of scale
from investment in the fixed costs of internal auditing Carey et al. (2012).
Events since mid-1970s have contributed to the growth of internal auditing. The United States
foreign Corrupt Practices Act of 1977 mandated public companies to establish and maintain
effective internal accounting controls to provide reasonable assurance that assets are safeguarded
and that transactions are properly authorized and recorded. To accomplish this, many companies
established internal audit functions, increased internal audit staffing, and strengthened internal
audit independence. Coram et al. (2008) find that organizations with internal audit staffs are
more likely than those without internal auditing to detect and self-report occurrences of fraud.
The number and magnitude of errors requiring adjustment by the external auditors have been
found to be substantially lower for entities that had an internal audit department compared to
those that did not have an internal audit department, Wallace and reutzfe1dt, (2011). The internal
15
audit function is important because it adds value and therefore reduces detected errors Goodwin
In 1987, a report by the Treadway Commission recommended that public companies establish an
internal audit function to be fully supported by top management and have effective reporting
relationships. This means that the internal auditors’ qualifications, staff, status within the
company reporting lines, and relationship with the audit committee and the board of directors
must be adequate to ensure the internal audit function’s effectiveness and objectivity Treadway
commission, (2017). The report urged that the internal audit function be staffed with an adequate
number of qualified personnel appropriate to the size and the nature of the company Treadway
commission, (2013).
The New York Stock Exchange enacted a requirement in 2003 that all listed companies must
have an internal audit function, either in-house or outsourced. This requirement was approved by
the Securities and Exchange Commission (SEC) later in that year. Relying on internal auditing
avoid unnecessary duplicating audit procedures. It also can benefit external auditors because
External auditors have certain advantages. The internal auditors generally have more knowledge
rut the company’s procedures, policies, and business environment than do the external auditors.
However, external auditors must reconcile the advantages of relying on internal auditing with the
need to maintain both the appearance and reality of independence as defined external auditors
Gramling, Maletta, Schneider and Church, (2004).According to Norman Marks (2007), emerging
request from boards is that internal auditors review and comment on the organization’s
governance policies, processes, and practices. The IIA recognizes this in its International
16
The internal audit activity should evaluate and contribute to the improvement of risk
management, control, and governance processes using a systematic and disciplined approach.
Internal audit quality, which is determined by the internal audit department’s capability to
provide useful findings and recommendations, is central to audit effectiveness. Internal audit has
proved that it is of value to the organization and earn a reputation in the organization, Internal
audit has to evaluate its performance and continually improve its service. According to
2.1.5 Relationship between Risk Based Internal Audit and Financial Report
The empirical findings by Al-Tamimi (2002) and Al-Mazrooei (2007) highlighted that UAE
banks are efficient in risk based internal auditing. Drzik (1995) found out that bank administered
risk based internal audit survey showed that large banks in the US had made substantial progress
in their financial reporting. Comprehensive risk based internal auditing influence effective
financial reporting activities and the application of risk based internal audit, particularly for
credit and overall banking risks, is important for banks. The presence of real options based
flexibilities should enhance effective risk management practices that diminish earnings volatility
and thereby reduce the costs associated with potential financial distress (Andersen. 2008). To the
extent an organization is able to manage risks imposed by dynamic global conditions, potential
under investment problems would be reduced resulting in higher earnings (Froot, Scharfstein and
Stein, 1994). Hence, risk based internal audit can be extended to include a real options
perspective where firms are able to develop opportunities and claims on the future that can be
evaluated based on assumptions about underlying risk factors (Leiblein, 2003). Stulz, (1984)
carried out a study on the rationale of risk based internal audit to organizations. He indicated that
there exist rationales for risk based internal audit for lenders and financial institutions in the
17
disclosure and trust, which constitute the integral part of corporate governance, can provide
pressure for improved financial report. Financial report, present and prospective is a benchmark
for investment. The Mckinsey Quarterly surveys suggest that institutional investors will pay as
much as 28% more for the shares of well governed companies in emerging markets Mark,
(2000). According to the corporate governance survey( 2012), carried out by the Kuala Lumpur
stock exchange and accounting firm Price Water House Coopers (PWC), the majority of
investors in Malaysia are prepared to pay 20% premium for companies with superior corporate
governance practices. It was disclosed that all the dimensions of financial transparency,
disclosure and trust had positive relationships with most of the financial report dimensions in
commercial banks in Nigeria. For instance capital adequacy, earnings, assets quality highly
showed positive correlations with openness, competence, honesty and kindness. Regression
analysis was used to find the influence of the independent variable (corporate Governance) on
the dependent variables of the financial report (capital adequacy, asset quality, earnings and
liquidity). An analysis of variance was produced reflecting the influence of the independent
variable of corporate governance on the financial report. Results indicated that Corporate
Governance (Transparency, Trust and Disclosure) predicts 34.5 % of the variance in the general
financial report of Commercial banks in Nigeria. The significant contributors to financial report
were openness and reliability. Openness and reliability are all measures of trust. Prior research
has examined the effect of corporate governance on auditors decisions (judgments). Cohen and
Hanno (2000) find that management control philosophy and corporate governance structure
affect auditors’ pre-planning (client acceptance) and planning (extent and timing of testing)
judgments; specifically, auditors were more willing to recommend client acceptance and more
18
management control philosophy. Bedard and Johnstone (2004) examined auditors assessments of
and planning and pricing decisions related to earnings manipulation risk and corporate
governance risk, and showed that auditors plan increased effort and billing rates for clients with
earnings manipulation risk and that the positive relation between earnings manipulation risk and
both effort and billing rates are greater for clients that have heightened corporate governance
risk. Lee et al. (2004) found that an independent audit committee and board members who are
concerned about incurring legal liability and harming reputation support external auditors in
accomplishing their assurance duties. Yatim et al. (2006) examined the relationship between
corporate governance and audit fees, finding that external audit fees are positively and
significantly associated with good audit committees. Cohen et al. (2007) examined the effect of
the role of the board of directors in monitoring management (agency role) and/or the role of the
board in helping to formulate corporate strategies (resource dependence role) on the auditors
planning judgments, and showed that auditors respond to the role of the board when making
judgments with respect to control risk assessments and the planned scope of audit tests. The way
management and control are organized affects the companys performance and its long run
competitiveness. It determines the conditions for access to capital markets and the degree of
Banking institutions around the world face a number of challenges in meeting the changing
expectations and needs of their citizens. Responses to these challenges typically include setting
up and delivering service delivery reforms, fiscal management, seeking to operate more
effectively, efficiently and openly and developing new capabilities for civil society participation,
partnership and resource management Brownbridge, (2007). The principles of good governance
transparency and accountability, fairness an equity, efficiency and effectiveness, respect for the
19
rule of law and high standards of ethical behavior represent the basis on which to build upon
OECD, (2005). IIA (2005) in their submission to the Turnbull Review Group requested that
boards should be responsible for determining acceptable risks and for managing them. While
board members have ultimate responsibility for risk management and internal control, they
require assurance that risks throughout the organization have been identified assessed and
managed Fraser and Henry (2007). Hence, internal auditing risk-based orientation would be a
key component for such assurance. Haniffa and Hudaib (2006) indicated that board size affects
the extent of monitoring and controlling. As a small board may be seen to be more effective, we
would expect a higher percentage of risk based internal auditing may be used. However, as
bigger boards seem to be more symbolic rather than being a part of the management process
Haniffa and Hudaib (2006;) Chen (2003), they would require internal audit activities to have
The study examines the effect of internal audit on the financial performance of deposit money
banks (DMB) in Nigeria. Specifically, the study ascertained the effect Audit Committee
independence, Audit committee size, Audit committee gender diversity on the financial
performance of deposit money banks. The study employ ex post facto research design. The
sample size for this research work is 12 listed DMBs from 2010–2018. The sources of data
employed in this study are secondary data from the Nigeria Stock Exchange Fact Books and
related companies’ Annual Financial Reports for the period covered in the study. The study
made use of spearman rank correlation analyze and also employed panel least square regression
analyses in order to analyze the data for the study. The findings of this study indicated that audit
committee independence has a negative insignificant effect on the performance of listed DMBs
20
in Nigeria, audit committee size has a positive significant effect on the performance of listed
DMBs in Nigeria, audit committee gender diversity has a positive insignificant effect on the
performance of listed DMBs in Nigeria. The researcher recommends that there is need for banks
to have an audit committee that is not too small such that there will be no lack of expert advice
and too large such that it has free riders that are prone to follow other member’s opinion. The
size of the audit committee should also be in a way that the process of accounting and finance are
A significant body of work has built up in this area within the context of the principal- agent
framework. The work of Jensen and Mecklin (2016) in particular and of Faina and Jensen (2013)
are important. Agency theory identifies the agency relationship where one party, the principal,
delegates work to another party, the agent. The agency relationship can have a number of
disadvantages relating to the opportunism or self interest of the agent: For example, the agent
may not act in the best interests of the principal, or the agent may act only partially in the best
interests of the principal. There can be a number of dimensions to this including for example, the
agency misusing his power for pecuniary, or other advantages, and the agent not taking
appropriate risks in pursuance of the principals interests because the agent views those risks as
not being appropriate and the principal may have different attitudes to risks. There is also the
problem of information asymmetry whereby the principal and the agent have access to different
levels of information; in practice this means that the principal is at a disadvantage because the
agent has more information. In the context of financial institutions and issues of risk based
internal auditing, agency theory view risk based internal auditing as being an essential
monitoring device to try to ensure that any problem that may be brought about by the principal-
21
agent relationship, are minimized. Blair (2006) states; managers are supposed to be the ‘agents’
arrangements must provide some checks and balances to make sure they do not abuse their
power. The costs resulting from managers misusing their position, as well as the costs of
monitoring and disciplining those who try to prevent abuse have been called ‘agency costs’.
Much of agency theory, as related to financial Institutions is set in the context of the quality of
report and control as described in the work of Berle and Pears (2011). In this context, the agents
are the managers and the principals are the shareholders and this is the most important
commonly cited agency relationship in the corporate governance context. However, for the
internal audit function to be effective as an essential monitoring device, it is the view and
considered opinion of this researcher that the independence of the internal auditor, from the
overbearing influence of management, is crucial. This should also impact positively on the
quality of financial performance of the entity. This is a gap that should be addressed by
researchers.
In juxtaposition to agency theory, Stakeholder’s theory takes into account, a wider group of
that the maintenance or enhancement of shareholders’ value is paramount whereas when a wider
stakeholder group such as employees, providers of credit, customers, suppliers, government and
the local community is taken into account the overriding focus on shareholders’ value become
less self evident. Nonetheless, many companies do strive to maximize shareholders value whilst
at the same time trying to take into account the interests of the wider stakeholder group. One
rationale for effectively privileging shareholders over other stakeholders is that they are
22
recipients of the residual cash flow (being the profits remaining once other stakeholders such as
loan creditors, have been paid).This means that the shareholders have vested interest in trying to
ensure that resources are used to maximum effect, which in turn should be to the benefit of the
society. Risk-based internal audit derives largely from models that assume that inherent risk (IR)
and control risk (CR) are distinct concepts and that inherent risk arises from attributes of the
entity and the audit environment that are completely independent of attributes that determine the
level of control risk. Operationalizing the distinction between inherent risk and control risk has
however proved troublesome as the literature review below indicates. There appears to be little
consensus regarding attributes that may identify inherent risk and there is little published
evidence regarding how inherent risk is considered by practitioners. Also, it is not yet clear,
neither is it logical, to separate inherent risk and control risk in the manner demanded by
Assessing the risk of material misstatement at the financial statement level as well as at the
planning stage, adds to and clarifies the direction on performing a combined assessment of
inherent, and control risk, leaving the ability for the internal auditor to assess other risk factors in
an internal audit McCord, (2012). This approach to internal auditing has also changed the view
of substantive procedures performed by internal auditors. For example, the use of statistical
sampling has significantly reduced, but remains an important part of auditor’s substantive
procedures, once they wish to ensure that it is efficient and effective. In order to improve the
risk-based approach, ways must be identified in which internal auditors’ judgment of inherent
risk and control risk can become more accurate and consistent Kasiva. (2012). One area in
particular that would seem to warrant significant reliance on internal audit work is that of fraud
risk assessment. Because internal auditors have greater knowledge about a company’s operations
23
than external auditors, they are particularly adept at fraud risk assessment. This assertion is
supported by KPMG studies which indicate that internal auditors are more likely to discover
fraud than external auditors (KPMG. (2013). For instance, while 65% of frauds were discovered
in 2003 by internal auditors, only 12% were discovered by external auditors KPMG. (2013). So,
it is important that external auditors should rely on internal audit work relating to fraud risk
assessment.
Chen, (2018) investigated the relationship between quality of financial report and risk-taking
behavior in Taiwanese Banking Industry. Sample consists of all of the 39 domestic banks, and of
the 39 surveys mailed, 24 completed responses were returned for a response rate of 61.54%. Of
the 24 survey responses, 13 (54.1%) of the credit unions report that more than 60% of their
internal audit activities are risk oriented. It was found that 8 of 24 (33.3%) respondents
indicating that they use a relatively high level of risk based internal audit, about 61 %- 80%.
while 6 (25%) of the domestic banks report that about 21 %-40% of their internal audit work are
Liebesman (2004) strongly advocates that ISO 9000 and ISO 14000 can be used to reduce risks
with compliance with the Sarbanes-Oxley Act SOX, (2002): Because of SOX, the CEOs and
CFOs of public companies must certify their financial reports, and each year they must certify
the effectiveness of their systems of internal controls mandated by the law, Top management
needs to obtain better information about the effectiveness of their organizations. Quality and
environmental people should be at the table when the internal financial auditors present their
24
Kibara (2007) in his study on a survey of internal auditors risk management practices in the
banking industry in Kenya found out that, most banks in Kenya were in process of drafting the
Early Rate Mode process and strategies. Kibet (2008) concluded that risk based internal audit
function played a role in financial reporting. The limitations of the study were time constraints,
restriction to state owned corporations and having to make prior arrangement in order to meet the
internal audit in promoting quality financial reports for companies listed in the NSE.
Additionally, a study on the influence of internal audit and audit committee on financial
The Sarbanes-Oxley Act of 2002 has also contributed to the growth of internal auditing. Internal
auditors have enjoyed increased prominence, higher salaries, and a greater public appreciation
for the role that internal auditing can play in a well-governed organization (Hermanson, 2006).”
In particular, companies are using internal auditors to strengthen and evaluate their internal
control systems to comply with the internal controls provisions of Sarbanes-Oxley. A 2003
survey by the Institute of Internal Auditors indicated that 20% of companies included in the
Fortune 1,000 did not yet have internal audit departments but 50% of the Fortune 1,000
companies planned to increase their internal audit staffs to comply with Sarbanes-Oxley
Harrington, (2004). A later survey of 117 chief audit executives of public companies subject to
the provisions of Sarbanes- Oxley indicated that 111 reported that their companies increased
internal audit budgets from 2002 to 2005 (Kaplan & Schultz, 2006). Of these 111, 32% increased
internal audit budgets by more than 50%. Another survey of 402 companies reports that more
than half of them increased internal audit resources as a result of Sarbanes-Oxley, with 15%
indicating more than a 50% increase Price, water house Coopers, (2006). Kibara (2007)
25
conducted a survey of internal auditors risk management practices in the banking industry in
Kenya. The study sought to establish banking internal auditors perception of their distinct role in
the bank wide Enterprise Risk Management (ERM) process, and whether there was any conflict
between internal audit and risk management departments being established to take over the ERM
process. Bank internal auditors risk assessment practices in Kenya were also probed. To achieve
the objectives set, a survey, involving 27 Executives - all heads of internal audit departments in
the banking industry in Kenya was conducted. Data analysis was done, and 14 with response rate
of 52%, it was concluded that the outcome of the study fairly represented the banking industry
internal auditors’ practices and perception of risk management. It also emerged that only 14% of
the internal auditors could clearly list the distinct role of quality financial reporting and those of
Risk Management Department. For institutions both departments, a conflict was already brewing
between IAD and RMD in 29% of the institutions. The conflict centered mainly on lack of
clarity on the distinct roles to be played by those two departments in the whole ERM process.
The study found that, most banks in Kenya were in process of drafting the ERM process and
strategies.
According to Heath and Norman, (2004), when senior managers were given multiple objectives
to achieve, it may become almost impossible to measure their success in improving the firm
performance through accountability to achieve firm value, leading to failure. Several studies
suggest that firms with more independent directors perform worse than those with relatively
fewer independent directors. For example, Agrawal and Knoeber (2016) reported a negative
correlation between the proportion of outside directors and Tobin’s Q index (which is a measure
of growth prospects of assets, defined by the future profitability of the asset in relation to its
replacement cost). This is consistent with evidence established by Bhagat and Black (2017) that
26
a high proportion of independent directors is strongly correlated with slower past growth across a
number of accounting variables, but not so with future performance. Evidence from Bhagat and
Black (2007) and Klein (2007) also shows that a high proportion of independent directors
This study is adopting the agency theory and stakeholder theory as the theoretical background for
this study.
At present, little is known about the level of influence that risk based internal audit practices
have on the financial performance of deposit money banks in Nigeria. It is in an attempt to fill
this gap that this study seeks to question and obtain evidence on the effects of risk assessment on
the financial performance of deposit money rinks in Nigeria. The financial crisis experienced in
Nigeria banking sector in the last decade, to large extent, is attributable to excessive risk-taking
by deposit money banks. Given that risk cased internal audit is essentially a mechanism for
addressing agency problems and controlling risk within the firm, it is not surprising that the
recent steps by the Central Bank of Nigeria, and their regulatory authorities have emphasized the
importance of effective risk based internal auditing practices in the banking sector for efficiency
and a guide against distress. Thus, it is now widely acknowledged that shortcomings in the
traditional approach to internal audit may have served as a central role in the instances of bank
27
CHAPTER THREE
RESEARCH METHODOLOGY
The research design employed in this study is partly survey, ex post facto and partly descriptive
research design. These designs form the basis upon which the research was carried out. It is ex
post facto research design in that the financial data generated were already put in place and are
not subject to the manipulation of the researcher. Similarly it also includes a descriptive research
design in that the data generated from questionnaire were analyzed and the outcome described
The target population for this study is the 15 deposit money banks listed in the Nigeria Stock
Table 3.1
28
7 Guaranty Trust bank Plc 1996
9 Stanbic-IBTC 2005
Sample size is the portion of the population selected by the researcher to represent the entire
population. Osuala (2005) and Asika (2006) argued that a sample that is either too large or too
small may lead to getting results that lack validity; for the purpose of this research work six (6)
29
5 First Monument Bank Plc 1983
The source of the data for this study is both primary and secondary source. The primary source is
the responses from questionnaires distributed to internal control departments of the sample size,
to collect data on the independent variables. With regards to the secondary source, data were
Simple random sampling technique is employed in selecting the sample size for the study. The
use of this technique gives every member of the population an equal and independent chance of
being selected. The technique was used through a raffle draw after the name of all the elements
The data generated for this analysis are analyzed by using three techniques; Descriptive
Descriptive statistics is used to compute measures of central tendency, such as mean, median,
mode, range, standard deviation, maximum and minimum values of both dependent and
30
independent variables. The computed values could enable us to determine the variability among
the values.
Pearson Correlation is the second technique to be use in order to determine whether mutual or
complimentary relationship exists between two or more variables. It is also used to show whether
one variable is as a result of another: that is the degree to which the independent variable
The research will use multivariate regression analysis, employing the Panel data regression
technique as used by Loncan and Caldera (2014). Panel data has advantage of enabling the
researcher to observe the behavior of entities across time and includes the variables at different
levels or period of analysis. Therefore, it is suitable in this research because the study analyzes
data from six (6) listed deposit money banks, using SPSS version 16. The method employed by
the researcher to analyze the data generated from field is ordinary least multiple regressions
(OLSR). The regression is used to analyze the impact of two or more variables, that is, the
dependent and independent variables. The study is a model which attempts to determine the
impact of X on Y. It is presumed that the performance of the banks (ROA) is dependent on risk
management; annual risk based planning, application of internal auditing standard and internal
controls (independent variables). Multiple regression analysis was applied for the data analyses.
31
3. 7 Definition and Variable Measurements
The variables of this study comprise two sets: (1) the dependent and (2) independent variables.
The dependent variable is financial performance of the banks, which surrogate in this study is
Return on Asset (ROA). The independent variables are: risk management, annual risk based
organizational importance. Given that the mission of a profit organization is the reason for its
existence, it is appropriate to focus on financial resources in their relationship to the mission. The
key to analysis and measurement of the financial and operational control and impact is related to
the central question. Their model reflects the interrelationship between a series of questions
about the mission and the financial resources and control of the organization. Financial ratio is a
framework which provides an appropriate analysis for past performance and helps organizations
to move towards its future direction. The profitability analysis is achieved on a set of indicators
of these are endogenous, some are exogenous and yet structural. Banking structure and
profitability structure of banking system across countries have a bearing on the profitability of
banks.
Return on Equity:
32
Return on Equity is the amount of net income returned as a percentage of shareholders equity. It
reveals how much profit a company earned in comparison to the total amount of shareholder
equity found on the balance sheet. ROE is one of the most important financial ratios and
profitability metrics. It is often said to be the ultimate ratio or the ‘mother of all ratios’ that can
be obtained from a company’s financial statement. It measures how profitable a company is for
the owner of the investment, and how profitably a company employs its equity. Return on Equity
or profit to equity, is the most significant indicator for profit, which measures the banking
management in all its dimensions, and offers an image over the way to use the capital brought by
shareholders, the effect of their retainer in bank’s activity. The higher the ratio percentage, the
more efficient management is, in utilizing its equity base and the better return is to investors.
The other measure of financial performance in the bank is return on investment. Return on
Investment (ROI) is one of several commonly used financial metrics for evaluating the financial
magnitude and timing of investment gains directly with the magnitude and timing of investment
costs. A high ROT means that investment gains compare favorably to investment costs (Ball and
Shivakumar, 2004).
33
profitability structure of banking system across countries have a bearing on the profitability of
banks.
Return on Equity:
Return on Equity is the amount of net income returned as a percentage of shareholders equity. It
reveals how much profit a company earned in comparison to the total amount of shareholder
equity found on the balance sheet. ROE is one of the most important financial ratios and
profitability metrics. It is often said to be the ultimate ratio or the ‘mother of all ratios’ that can
be obtained from a company’s financial statement. It measures how profitable a company is for
the owner of the investment, and how profitably a company employs its equity. Return on Equity
or profit to equity, is the most significant indicator for profit, which measures the banking
management in all its dimensions, and offers an image over the way to use the capital brought by
shareholders, the effect of their retainer in bank’s activity. The higher the ratio percentage, the
more efficient management is, in utilizing its equity base and the better return is to investors.
The other measure of financial performance in the bank is return on investment. Return on
Investment (ROI) is one of several commonly used financial metrics for evaluating the financial
magnitude and timing of investment gains directly with the magnitude and timing of investment
costs. A high ROI means that investment gains compare favorably to investment costs (Ball and
Shivakumar, 2004).
34
Return on Asset
Return on Assets is an indicator of how profitable a deposit money bank is relative to its total
assets.
Total Assets
ROA gives an idea as to how efficient management is at using its assets to generate earnings.
Calculated by dividing a company’s annual earnings by its total assets, ROA will be displayed as
previous ROA numbers or the ROA of a similar company thus this study will make use of ROA.
Changes in policies monitored by RBA are exogenous to the system. This includes changes in
monetary policy, changes in quantitative credit control like changes in Credit Risk Regulation
Short and long-term Rates, manipulation of bank rates, qualitative credit controls like selective
credit control measures, C/D ratio, recognized guidelines on lending to priority sectors, changes
in interest rates on deposits and advances, levy of tax on interest income (Kasiva, 2010). Various
other factors like careful control of expenditure, timely recovery of loans are endogenous.
Various structural factors include geographical spread of bank branches, decentralization in the
management and structural changes in deposits and advances. Risks based audit is independent
35
variable just as risk management, annual risk based planning, internal auditing standards and
internal controls. These variables are measured by taking the average of the questionnaires
The model used, based on the above variables, is of the mathematical form:
Where:
β° Is the constant.
βI - β4 is the coefficient of the independent variables measuring contribution of risk based audit
RM = Risk Management
E = Standard errors
36
CHAPTER FOUR
A total of ninety (90) copies of the questionnaire were administered to the respondents but only
eighty-two (82) copies were returned out of which sixty (60) were properly filled while twenty
two (22) were not properly filled. Hence the total number of duly completed and returned copies
This shows that thirty (30) which represent 5 0.0% of the respondents are male while thirty (30)
Table 4.2 above shows that twenty-nine (29) which represents 48.3% of the respondents falls
between the ages of 18-29 and thirty-one (31) represents 51.7% of the respondents falls between
26 - 50 years.
37
Table 4,3: shows that twenty-nine (29) which represent 48,3% of the respondents are single
Table 4.4: shows the educational qualification of the respondents. Nineteen (19) which represent
31.7% of the respondents are holders of Bachelor Degree (B.Sc) and Higher National Diploma
(HND).Also, seventeen (17) respondents representing 38.3% of the employees are holders of
Senior Secondary School Certificates while twenty-four (24) representing 40% of the
38
Table 4.5: shows the year of working experience of the respondents, it shows that eighteen (18)
represent 30.0% are not more than 5 years, twenty- four (24) representing 40.0% of the
respondents falls between 6-l0years while eighteen (18) representing 30,0% falls between 1 l0
Table 4.6: shows the number of professionally qualified respondents. It shows that nineteen (19)
representing 3 1.7% of the respondents are (ICAN) professionals, fifteen (15) represent 25.0%
are; (ANAN) professionals, and nine (9) representing 15% are Institute of Taxation of Nigeria
(TIN) professionals, while seventeen (17) representing 28.3% are not professionally qualified.
A multivariate regression model was applied to test the relationship between the percentages of
Risk Based Audit practices and financial performance of listed deposit money banks in Nigeria.
39
Where:
β° Is the constant.
performance of banks.
RM Risk Management ARBP = Annual Risk Based Planning lAS Internal Audit Standard TAC
Adjusted R2 is called the coefficient of determination and gives the extent to which return on
assets varies with variation in factors influencing financial performance listed deposit money
banks in Nigeria. From the table above, the value of adjusted R2 is 0.023. This implies that, there
was a variation of 2.3% of return on asset, which varied with variation in factors influencing
financial performance of listed deposit money banks in Nigeria. These factors are risk
management, annual risk based planning, internal auditing standards and internal auditing
40
The strength of variation of the predictor values that influence the financial performance of listed
From the above regression model, it was found that return on asset in listed deposit money banks
in Nigeria would be at 0.017, holding risk management, annual audit risk based planning,
internal auditing standards and internal audit capacity constant. A unit increase in effective risk
management would lead to increase in return on asset in commercial banks by factor of 0.001
41
with a P Value of 0.822; a unit increase in annual audit risk based planning would lead to
increase in return on asset in banks by factor of 0.002 with a P Value of 0.608. a unit increase in
internal auditing standards would lead to increase in return on asset in banks by factor of
0.003with a P Value of 0.276 while a unit increase in internal audit capacity would lead to
Therefore, positive impact exists between return on asset (ROA) and risk based audit factors
influencing financial performance in listed deposit money banks in Nigeria, clearly indicating
that effective risk management, annual audit risk based planning, internal auditing standards and
internal audit capacity influence financial performance in the banks, as they are statistically
significant with a P-Value of 0.822, 0.608, 0.276 and 0.906 at 95% confidence levels. This
implies that risk management, annual risk based planning, internal auditing standards and
internal audit capacity influence return on assets in listed deposit money bank in Nigeria.
The impact of each variable of the study has been analyzed and investigated using multivariate
regression analysis. Preliminary analysis was performed on the data to ensure no violation of the
investigation reveals a positive impact between risks based internal audit procedures such as
selection, risk management; annual audit risk based planning, internal auditing standards and
internal audit capacity (Independent Variables) and quality of financial performance (Dependent
The findings for the study reveal that hypothesis 1, which states that there is no significant
relationship between risks management and financial performance of deposit money banks in
42
Nigeria was statistically rejected by the analysis where p value 0.822 and r = .001 which indicate
that there is significant positive impact between risks management and financial performance of
listed deposit money banks in Nigeria. This suggests that risk assessment relates positively with
financial performance of listed deposit money banks in Nigeria. The findings are similar to that
of Maiteka (2010) who found that there existed a strong and positive relationship between risk
Hypothesis 2, which states that there is no significant relationship between annual risk based
internal audit planning and financial performance of listed deposit money banks in Nigeria was
tested and the result rejected the hypothesis, where p value 0.002, and r = 0.608. This indicates
that annual risk based internal audit planning is a significant predictor of financial performance
The findings were similar to that of Maiteka (2010) who found that there existed a strong and
positive relationship between risk based audit and corporate governance in public sectors with an
adjusted R2 of 0.78 3 indicating that the risk based audit explain 78.3 % of the variability in the
corporate public governance in enhancing public service delivery. Also, the findings were similar
to that of Chen, (2003) who investigated the relationship between corporate governance and risk
banks, and of the 39 surveys mailed, 24 completed responses were returned thus a response rate
of 6 1.54% of the 24 survey responses. 13 (54.1%) of the credit unions reported that more than
60% of their internal audit activities are risk oriented. It was found that 8 of 24 (33.3%)
respondents indicated that they use a relatively high level of RB1A, at about 61 %-80%, while 6
(25%) of the domestic banks reported that about 21%-40% of their internal audit work are risk-
based.
43
Test of hypothesis 3, which states that there is no significant relationship between internal audit
standard and financial performance of deposit money banks in Nigeria was tested and the result
rejected the hypothesis, where p value = 0.002, and r 0.276. This indicates that internal audit
This concurred with hA, (2004) which states that the internal audit activity should evaluate and
contribute to the improvement of risk management, control, and governance processes using a
systematic and disciplined approach. The findings are similar to Cohen and Hanno (2000) whose
findings indicated that Corporate Governance (Transparency, Trust and Disclosure) predicts 34.5
Test of hypothesis 4, which states that there is no significant relationship between internal audit
control and financial performance of deposit money banks in Nigeria was tested and the result
rejected the hypothesis, where p value = .005, and r 0.906. This indicates that internal audit
control has a positive significant relationship with financial performance. This concurred with
the study conducted by Kibet (2008) who concluded that internal audit control played a
significant role in corporate governance for companies listed on the NSE hence improving
financial performance of the financial institutions. Also, in the study conducted by Millichamp,
(2002) who indicated that Internal Audit controls are required in risk management, in
determining processes and their objectives, identifying risks that hinder the processes put in
place by management, identifying controls mitigating the risks, reporting where risks are not
sufficiently mitigated by controls and assure management that risks are mitigated to an
acceptable level.
44
CHAPTER FIVE
5.1 Summary
The general objective of this study is to analyze the impact of risk based internal audit on the
quality of financial performance in listed deposit money banks in Nigeria, while the following
are the specific objectives: to examine the impact of risk management, annual risk based
planning, internal auditing standard and internal controls on the quality of financial performance
5.2 Conclusion
The study concludes, from the result of data analysis that, there is a significant relationship
between risks based internal audit procedures and the quality of financial performance of listed
deposit money banks in Nigeria. Risks based internal audit will help detect risks and enhance
quality of financial performance of listed deposit money banks in Nigeria. Risks based internal
audit procedure helps to minimize risk, increases transparency and accountability hence
enhancing quality of financial performance of listed deposit money banks in Nigeria. Internal
auditors’ understanding of the bank’s risk, consideration of risks based internal audit in the
identification of changes in banking operations, are the indicators of risks assessment, which
influence the quality of financial performance of listed deposit money banks in Nigeria. Finally
the study concludes that risks based internal audit procedures impact positively on the quality of
45
5.3 Recommendations
This study recommends that management of deposit money banks in Nigeria should adopt
effective risk based audit practices such as risk assessment, risk management, annual risk based
planning, application of internal auditing standards and risk based internal controls, to enhance
effective and efficient financial performance of their Banks. From the findings and conclusions,
this research recommends a similar study to be carried out in the Public Sector, particularly
government ministries, departments and agencies. There is also the need for a study to be
conducted to determine the challenges facing the application of risk based internal audit in
deposit money banks in Nigeria, this will help in enhancing the effectiveness of internal audit
and risk assessment in deposit money banks in Nigeria and thus positively enhancing their
financial performance.
From the findings and conclusions, the study recommends that risk based internal audit should
be enhanced through adoption of better risk assessment, constant review of internal auditing
standards, annual risk based planning and internal auditing staffing practices so as to achieve
success in financial performance in deposit money banks. Generally, there is need for an
extensive study to be conducted on the roles and challenges of internal auditing in the banking
industry in Nigeria. The study recommends that an in-depth study should be done on the role of
internal audit in strengthening central bank’s regulations and the requirement for compliance
46
REFERENCES
Abdel-Khalik, A.R., Snowball, D. & Wragge, J.H. (1983). The Effects of Certain Internal Audit
Variables on the Planning of External Audit Programs. The Accounting Review, Vol. 58,
No. 2 (Apr., 1983), pp. 215-227
Allegrini, M. & D’Onza, G. (2003). Internal auditing and risk assessment in large Italian
companies: an empirical survey. International Journal of Auditing, vol. 7, pp. 19 1-208.
Al-Shetwi M., Ramadili S.M., Taufiq Chowdury H.S. & Son Z.M. (2011). Impact of internal
audit function (IAF) on financial reporting quality (FRQ): Evidence from Saudi Arabia.
African Journal of Business Management Vol.5 (27), pp. 11189-11198
Al-Tamimi. H, (2002). Risk Management Practices: An Empirical Analysis of the UAE
Commercial Microfinance Institutions. Finance India, Vol. 16. (3), pp. 1045-1057.
Asika, N. (2006). Research Methodology in the Behavioural Sciences. Lagos, Nigeria: longman
Nigeria PLC.
Ball, L, and Shivakumar, L. (2004). Earnings quality in u.k. private firms. Working Paper Vol. 4,
pp 45-57
Basel Committee on Banking Supervision (2006). Core Principles for Effective Hank
Supervision, Bank for International Settlements. Basel.
Beasley, M.S. (1996). An empirical analysis of the relation between the board of director
composition and financial statement fraud. The Accounting Review, Vol. 71 No.4,
pp.443-65.
Becht. M., Bolton, P. and Roell, A. (2002). Corporate governance and control, working paper,
ECGI, Brussels
Bedard, J. C. and Johnstone, K. M. (2004). Earnings manipulation risk, corporate governance
risk, and auditors’ planning and pricing decisions”, The Accounting Review, Vol. 79
No.2, pp.227-3 04.
Beekes, W., and Brown, P. (2006). Do better governed Australian firms make more informative
disclosures, Journal of Business Finance & Accounting? Vol. 33 No.3-4, pp.422-50.
Beekes, W., Pope, P. and Young, S. (2004). The Link Between Earnings, Timliness, Earnings
conservatism and board compositiomevidcnee from the UK. Blackwell Publishing, 12:47-
59
Beumer, K. J. (2006). Corporate governance disclosure, Journal of Accounting, Vol. 22 No.4,
pp.325-45.
Bishop, W. G., Hermanson, D. R., Lapides, P. D. and Rittenburg, L. E. (2000). The year of the
audit committee, Internal Auditor Vol.57. (2), pp. .46-51.
Brody, R.G. and I .owe, D.J, (2000). 1 he new role of the internal auditor: Implications for
internal auditor objectivity. International Journal of Auditing. Vol.4 , pp. 169-76.
Brownbrigde. C S. (2007). Regulation and Supervision of Micro finance Institutions; Experience
from Latin America, Asia and Africa, Occasional paper I. Washington D.C: Micro finance
network. Bulletin forth coming October 2003.
Carcello, J.V., Hermanson, D.R. and Raghunandan, K, (2005). Factors associated with US public
companies’ investment in internal auditing.Accounting Horizons 19 69-84.
Carey, P., Simnett, R. and. Tanewski, G, (2000). Voluntary demand for internal and external
auditing by family businesses. Auditing: A Journal of Practice & Theory 19 Suppily.
Vol.37-51.
CBK, 2010 - Consolidate Bank of Kenya, Annual Report (2010)
47
Cebenoyan, A. S., Cooperman, E. S. and Register, C. A. (1999). Corporate governance, A
Journal of Internation Financial, Vo 1.4 , pp. 37-51.
Central Bank of Kenya. (2010). Central Bank of Kenya Prudential Guidelines for Institutions
licensed under the Banking Act. Nairobi:
Chen, H, J. (2003). The Relationship between Corporate Governance and Risk-Taking. Journal
of Accounting and Public Policy, Vol. 5 . pp.325-345.
Chola, F. & Omondi, A. T, (2000). The Status of Computer Auditing in Kenya”. Master in
Business Administration Thesis. University of Nairobi.
Choo, F. (2002). Audit risk model: some technical limitations. ICA Journal A. Vol. Pp. 38-41.
Claessens, J.P. Fan, P.H. and Wong, T.J. (2002). A study of the relationship between the
independent director system and the operating performance of the business in Taiwan,
working paper
Cohen, J. R. and Hanno, D. M. (2000). Auditor’s consideration of corporate governance and
management control philosophy in preplanning and planning .Journal of Finance .Vol7.pp.
34-68
Colbert, S. (2002). A risk driven altitude to the internal audit. Managerial Auditing Journal Vol
10. pp 38-44
Coram, P. & Woodliff, D. (2004). The effect of risk of misstatement on the propensity to commit
reduced quality acts under time
Donaldson, W. (2003). Congressional testimony concerning the implementation of the
SarbanesOxley Act of2002. Working paper
Eisenhardt, K. (1985). Control: Organizational and economic approaches. Management Science,
3 1(2): pp. 134-149.
Eng, L. L. and Mak, Y. T. (2003). Corporate governance and voluntary disclosure”, Journal of
Accounting and Public Policy, Vol. 22 No.4, pp.325-45.
Epstein, M.J. and Roy, M. (2004). How does your board rate, Strategic Finance, No. Fcbruary,
Ettredge, M., Reed, M. and Stone, M. (2000). An examination of substitution among monitoring
devices: the case of internal and external audit expenditures, Review of Quantitative
Finance and Accounting, Vol. 15 No.1, pp.57-79.
Fatemi. A. and Glaum, M. (2000). Risk management practices in German firms, Managerial
Finance, Vol. 26 No. 3.
Feary, S. (2005). Effective accreditation is essential for audit competence, ISO Management
Systems, Vol. 5 pp.pp. 18-22.
Fogarty, T, Zucca, L, Meonske, N. and Kirch, D. (1997). Proactive practice review: a critical
case study of accounting regulation that never was”, Critical Perspectives on Accounting,
Vol. 8 pp. 167-87.
Forsati V. (2002). The Shortcomings of System-Based Auditing and Its Replacement with Risk-
Based Auditing in Iran. Ma thesis, Tarbiat Modarres University, Tehran.
FRC. (2005). Internal Control: Revised Guidance for Directors on the Combined Code.
Function: evidence from Australia and New Zealand, International Journal of Auditing,
Vol. 7 No.3, pp.263-76.
Funston, R. (2003). Creating a risk-intelligent organization”, The Internal Auditor, Vol. 60 No.2,
pp.59-63.
Gibson, M. 5. (2003). Is corporate governance ineffective in emerging markets? Journal of
Financial and Quantitative Analysis, Vol. 38 No.1, pp.231-50.
Goodwin, J. (2003). The Relationship between the Audit Committee and the Internal Audit
48
Goodwin, J. and Yeo, T. Y. (2001). Two factors affecting internal audit independence and
objectivity: evidence from Singapore, International Journal of Auditing, Vol. 5 No.2, pp.
107-25.
Gordon, L, A. & Smith, K. J. (1992). Post auditing capital expenditures and firm performance.
Account Org Society., November, pp. 741-757.
Griffiths, D. (2006). Risk Based Internal Auditing: An Introduction, available at:
www.internalaudit.biz (accessed February 12, 2008).
Haniffa, R. and Hudaib, M. (2006). Corporate Governance Structure and Performance of
Malaysian Listed Companies. Journal of Business, Vol. 12 (6), pp 214-23 1 Hendriksen, E. S.
(1982). Accounting Theory. Homewood, Illinois: Irwin.
Hermanson, D. R. & Rittenberg, L. (2013). Internal Audit and Organizational Governance.
Florida. The Institute of Internal Auditors Research Foundation.
Houghton, C. W. and Fogarty, J, A. (1991). Inherent risk, Auditing: A Journal of Practice &
Theory, Vol. lONo.l, pp.1-21.
HPO (2006). ISO 9001:2000 Registration with the HPA, the HPO Group, Kettering, available at:
www.the-hpo .com, https ://en.wikipedia.org/wiki/risk based internal audit
IIA (2004). International Standards for the Professional Practice of Internal Auditing, Institute of
Internal Auditors, Altamonte Springs, FL
Kasiva, M. (2010). The impact of risk based audit on financial performance of commercial banks
in Kenya. Being a research project presented in partial fulfillment of the requirements for
the award of degree of Master of Business Administration, School of business, University
of Nairobi.
Kibara, C. W. (2007). A survey of internal auditors’ risk management practices in the banking
industry in Kenya. Unpublished MBA Project, University of Nairobi.
Kibet, P. K. (2008). A survey on the role of internal audit in promoting good corporate
governance in SOEs. Unpublished MBA Project, University of Nairobi,
Kibet, P. K. (2008). A survey on the role of internal audit in promoting good corporate
governance in SOEs. Unpublished MBA Project, University of Nairobi
Kimani, J. M. (2006). The Perceived role of the External auditor in Corporate Governance.
Unpublished MBA Project, University of Nairobi.
Kippenberger. G. (1999). Internal Audit and Governance: The Shift from Control to Risk. The
Antidote. Vol.4 (3):6 - 7.
Kiapper, L. F. and Love, I. (2003). Corporate governance, Risk Based audit, and performance in
emerging markets, Journal of Corporate Finance, Vol. 10 No.5, pp.703-28.
Klein, A. (2003). Likely effects of stock exchange governance proposals and Sarbanes-Oxley on
corporate boards and financial reporting”, Accounting Horizons, No.December,.
Knechel, W. R., and M. Willekens. (2006). The Role of Risk Management and Governance in
Determining Audit Demand. Journal of Business Finance &Accounting 33 (9-lO):pp.
1344-1367.
Koome, M. J. (2009). A survey on the role of internal auditors in enterprise wide risk
management for listed companies in Kenya (Industrial & Allied sectors! Unpublished
MBA Project, University of Nairobi.
KPMG (2003). Fraud survey 2003. New York, NY: KPMG.
Krishnan, J. (2005). Risk Base Audit and internal Corporate Governance: An empirical analysis.
The Accounting Review, Vol. 80 No.2, pp.649-75.
Kunkel, J. (2004). The changing role of internal audit. Chain Store Age, September, pp.4-5.
49
Lai, H. (2004). Re-engineering the ISO 9001:2000 certification process, ISO Management
Loncan, T. and Caldeira, J. (2014). Capital Structure, cash holdings and firm value: a study of
Brazililian listed firms. Revista contabilidade & financials, 25 (64) Sao Paulo
Massachusetts institute of technology.
Maiteka, S. (2010). The Influence of Risk Based Audit on Corporate Governance in Public
Sector in Kenya Focusing on Selected Ministries .Unpublished MBA project. Moi
University.
McCord, C. (2002). The assessment: corporate governance and Risk based Audit practices.
Oxford Review of Economic Policy, Vol. 8 No.3
McNamee, D. and Selim G. (1999). The Risk Management and Internal Auditing Relationship:
Developing and Validating a Model’, International Journal of Auditing. Vol. 2 , pp 132-
342
Millichamp, W.C. (2002). Embracing risk-based auditing in Internal corporate governance “,
Finance Review, June, pp. 17-20.
Moradi, M. & Pourhosseini M. (2009). The Relationship between Certain Financial and
NonFinancial Factors and Audit Operations in the Firms Listed in Tehran Stock
Exchange. Iranian Journal of Accounting Research. 1: 168-185.
Mugenda, 0. & Mugenda, A. (2003). Research Methods; Quantitative and Qualitative
approaches; Nairobi, African center for technology studies
Mululu, R. (2005). Influence of Risk management on financial performance of Commercial bank
Listed in NSE
Nam, S., Manyuru, K. and Onyango, M. (2002). Linkage between Corporate Governance and
Firm Performance, ADB Institute, an Unpublished MBA Project, University of Nairobi
O’Regan, D. (2002). The CPA’s transition to the world of internal auditing”, The CPA Journal,
August, pp.1 1-13.
Osuala, E. C. (2005). Introduction to Research Methodology. Onitsha, Nigeria, 31 Edition:
Africana-Fep Publishers Limited.
O’Sullivan, N. (2000). The impact of board composition and ownership on audit quality:
evidence from large UK companies”, British Accounting Review, Vol. 32 No.4, pp.397-
414.
Raghunandan, K., Read, W.J. and Rama, D.V. (2001). Audit committee composition, ‘gray
directors’, and interaction with internal auditing. Accounting Horizons, Vol. 15 No.2,
pp.’05-18,
Sanda, A. M., Mikailu, A. S. and Garba, T. (2005). Corporate Governance Mechanisms and Firm
Performance in Nigeria. Working paper
Santomero, M. (1995). Commercial Bank Risk Management, An analysis of the process. The
Wharton School, University of Pennysilvania.
Sarens, G. and de Beelde, I. (2006). Internal auditors’ perception about their role in Corporate
Governance: a comparison between US and Belgian companies. Managerial Auditing
Journal, Vol. 21 No.1, pp.63-8.
Schilling, S. (2003). Does corporate governance affect firm value?, Abstract of Diploma paper,
available at www.corporategovernance.co.uk.
Schnatterly, K. (2001). Internal corporate governance as a source of firm value: the impact of
internal governance on the incidence of white collar crime. University of Michigan,
Dearborn, MI, PhD thesis,.
50
Schneider, A. and Wilner, N. (1990). A test of audit deterrent to financial reporting irregularities
using the randomized response technique. Account. Rev., 65(3): 668-68 1.
Seddon, J. (2000). The Case against ISO 9000, Oak Tree Press, Dublin
Shivdasani, A. and Zenner, M. (2004). Best Practices in Corporate Governance: what two
decades of research reveals. The Bank of American Journal of Applied Corporate Finance,
Vol. l6No,2/3, pp.29-37.
Spathis, Ch., Doumpos, M. (2002). Assessing profitability factors in the Greek banking system,
International transactions in operational research “, Vol.9, No.5, 517-530
Spekie, F. S., Bernier, E. P., & Skerry, A. E. (2007). (in press). Core Social Cognition. In M. R.
Banaji & S. A. Gelman (Eds.), Navigating the Social World: What Infants, Children, and
Other Species Can Teach Us. Oxford University Press.
Spira, T. and Page. M, (2003). Risk management: The reinvention of internal control and the
changing role of internal audit, Journal of Finance. Vol. 5, pp 45-76
Stulz, M. (1984). Rational for risk management in Banks
Upson, J. (2008). Why do firms exercise foothold options? Explanations from real options
theory, Florida State University College of Business.
Vafeas, N. (1999). Board Meeting Frequency and Firm Performance, Journal of Financial
Economics, Vol.53 No. 1, pp. 113-42.
Van Gansberghe, C.N. (2005). Internal auditing in the Financial Sector: A Consultative Forum In
Nairobi, Kenya, Shores Up Best Practices For Audit Professionals in Developing Nations.
Internal Auditor, Vol. 62 No.4, pp.69-73.
Verschoor, C. C. (2002). Audit Committees Focus on Risk Based Audit, Internal Auditing,
July/August, pp.27-32.
51
DEPARTMENT OF ACCOUNTANCY
SCHOOL OF FINANCIAL STUDIES
THE FEDERAL POLYTECHNIC
P.M.B 55, BIDA
STUDENT PROJECT QUESTIONNAIRE
Topic: THE IMPACT OF RISK BASED INTERNAL AUDIT ON THE QUALLITY OF
Dear Sir/Madam
I am a student of the above named polytechnic, conducting a research on the impact of risk based
internal audit procedures on the quality of financial performance of listed deposit money banks
in Nigeria.
I hereby ask for permission to source relevant data, through the administration of questionnaire
and an extract of published financial statements of the bank. The research is in partial fulfillment
of the requirements for the award of a Bachelor degree in accounting I therefore depose to the
undertaking that all data collected shall be used for the purpose of the research only, and nothing
more.
I will be grateful if this request is granted. I assure you that any information given to me would
be treated with utmost discretion and will be used exclusively for the purpose of this research.
Thank you for the anticipated cooperation and assistance.
Yours faithfully,
52
APPENDIX B
QUESTIONNAIRE
1. Sex:
Male [ ] Female [ j
2. Age of respondents:
18-25years[ ]
3. Marital status:
26-5Oyears[ ]
Single [ ] Married [ ]
4. Educational qualification:
B.Sc./RND [ ]SSCE [ ]
5. Working Experience:
6. Professional Qualification:
OND[ ]
53
54
55
56
57
58
59
60