내부통제시스템의 본질과 내부통제의무 위반에 대한 법적 책임
The Nature of Internal Control System and Its Liability
서완석(가천대학교)
31권 2호, 271~329쪽
초록
The need for internal control is currently not a matter of dispute. A more significant question is where ultimate responsibility for internal control should be vested. Internal controls within business entities are also referred to as operational controls. The COSO Report defines internal control as “a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives” in three categories: “effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations.”Effective internal control implies the organization generates reliable financial reporting and substantially complies with the laws and regulations that apply to it. However, whether an organization achieves operational and strategic objectives may depend on factors outside the enterprise, such as competition or technological innovation. These factors are outside the scope of internal control; therefore, effective internal control provides only timely information or feedback on progress towards the achievement of operational and strategic objectives, but cannot guarantee their achievement. Internal control system in Korea was recently introduced. But the area is limited only in the accounting control and compliance system, compared to the United States and Japan. And the research of legal liability on the violation of internal control duties is still in a very nascent stage. This Article contributes to this ongoing debate on the legal liability in violation of internal control duties, especially (1) a director’s liability for a failure of oversight as opposed to an action taken by the director; (2) a corporate board’s obligation to establish an overall policy for internal controls, including risk management and compliance with laws, and to oversee the formulation and implementation of specific components of such policy; and (3) the relationship with the business judgement rule. As a result, the minimum standards of internal control should be established, and also the scope of internal control should be broadened to include effectiveness and efficiency of operations as well as financial reporting and compliance system.
Abstract
The need for internal control is currently not a matter of dispute. A more significant question is where ultimate responsibility for internal control should be vested. Internal controls within business entities are also referred to as operational controls. The COSO Report defines internal control as “a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives” in three categories: “effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations.”Effective internal control implies the organization generates reliable financial reporting and substantially complies with the laws and regulations that apply to it. However, whether an organization achieves operational and strategic objectives may depend on factors outside the enterprise, such as competition or technological innovation. These factors are outside the scope of internal control; therefore, effective internal control provides only timely information or feedback on progress towards the achievement of operational and strategic objectives, but cannot guarantee their achievement. Internal control system in Korea was recently introduced. But the area is limited only in the accounting control and compliance system, compared to the United States and Japan. And the research of legal liability on the violation of internal control duties is still in a very nascent stage. This Article contributes to this ongoing debate on the legal liability in violation of internal control duties, especially (1) a director’s liability for a failure of oversight as opposed to an action taken by the director; (2) a corporate board’s obligation to establish an overall policy for internal controls, including risk management and compliance with laws, and to oversee the formulation and implementation of specific components of such policy; and (3) the relationship with the business judgement rule. As a result, the minimum standards of internal control should be established, and also the scope of internal control should be broadened to include effectiveness and efficiency of operations as well as financial reporting and compliance system.
- 발행기관:
- 한국상사법학회
- 분류:
- 법학