According to a recent survey by Deloitte China, only 5.88 percent of companies in China train their staff on internal controls. This is a very interesting article which you should definitely look at if you are interested in internal control and risk management in China. It shows that there is lots of activity on internal control related to the Basic Standard for Enterprise Internal Control (C-SOX) but still no clear direction as to where the market is going.
Consider other interesting statistics from the Deloitte survey:
- “88.24% of listed companies have raised their awareness of internal control and risk management”
- “58.82% of the enterprises have established designated departments to implement risk management and internal control”
- “23.53% of them have their focus of internal control progressed from written procedures to practical implementation”
- “Only 17.65% have carried out quality review of their internal control initiatives”
- “58.82% of the enterprises consider that the execution of internal control measures cannot achieve their expected results”
- “52.94% of the enterprises believe that a lack of information system relevant to internal control is one of the major problems to internal control implementation”
My read of this? Lots of companies are trying to take China SOX and internal controls and risk management seriously because they expect it to benefit their business. But they are not yet clear on how to achieve their objectives and what steps to take first.
My suggestion is to start with staff training to raise awareness and create a common language about risk management. Also make sure to prepare an organizational map showing areas of responsibility and who will need more advanced training. Once those are in place, companies can start finding IT systems that meet their internal control needs.
We published a whitepaper last month on how to get started with your C-SOX implementation. Click for more details – it’s free and you don’t have to register.