ISSUES IN ACCOUNTING EDUCATION American Accounting Association

Vol. 27, No. 4 DOI: 10.2308/iace-50177

2012
pp. 1171–1192

Learning Internal Controls from a Fraud

Case at Bank of China
Huong Ngo Higgins
ABSTRACT: This case provides an opportunity to discuss principles of internal control,
the process by which an entity’s board of directors, management, and other personnel
provide reasonable assurance that fraud and theft are prevented and detected. The case
also facilitates discussion of the unique corporate governance and internal control
environments in China, a fast-growing economy. Readers will be asked to apply the
fraud triangle theory to identify internal control weaknesses and to design control
activities for preventing fraud. The case is intended for beginning auditing students, but
is also suitable for a more general audience such as accounting, management, and
business students at the M.B.A. or undergraduate level.
The case introduces Bank of China (BOC) against the backdrop of China’s banking
sector. It describes the proliferation of non-performing loans in Chinese banks, the failure
to report these loans correctly, and the way in which these conditions create a climate
where fraud and theft might be easily hidden. These problems and the need for internal
controls become evident in the description of a major fraud scheme at BOC. After
relating this scheme, the case concludes by reviewing recent reform initiatives to
modernize internal controls in Chinese banks.
Keywords: banks; China; COSO; internal controls; fraud; non-performing loans.

THE CASE

Bank of China and China’s Banking Sector

Established in February 1912, Bank of China (BOC) functioned as the country’s central bank,
its international settlement bank, and its international trade bank until 1949 (BOC 2009). After the
founding of the People’s Republic of China, BOC became a state-owned specialist bank engaged in
foreign exchange and foreign trade. In 1994, BOC was restructured into a wholly state-owned
commercial bank. In August 2004, BOC was incorporated into Bank of China Limited, and it went
public on the Hong Kong Stock Exchange in June 2006 and on the Shanghai Stock Exchange in
July 2006, becoming the first Chinese commercial bank listed in the Chinese Mainland and in Hong
Kong.

Huong Ngo Higgins is an Associate Professor at Worcester Polytechnic Institute.

I acknowledge the helpful comments of the journal editors and reviewers, and John Hedly and Fabienne Miller. The
assistance of Anran Chen, Aynur Wufuer, and Ruoyu Xie is much appreciated.
Supplemental materials can be accessed by clicking the links in Appendix A.

Published Online: April 2012

1171
1172 Higgins

The major stockholder (owning 67 percent of BOC) is Central Huijin Investment Limited,
owned by the People’s Republic of China. Shareholder rights are exercised by the State Council.
Central Huijin provides a structure by which the government can operate under China’s Company
Law as a shareholder of the large Chinese banks.
Besides its large share of the domestic market, BOC has substantial overseas operations,
including operations in highly regulated banking environments such as Hong Kong, New York, and
London. For this reason, BOC has had perhaps greater exposure to international business and
regulatory standards than any other Chinese state enterprise. Figure 1 shows the ownership and
operational structures of BOC.
The governance structure of BOC is that of a joint-stock company, composed of the General
Meeting of Shareholders, the Board of Directors, and the Board of Supervisors. The Board of
Directors is BOC’s decision-making body composed of 15 members, namely its chairperson, three
executive directors, seven non-executive directors, and four independent directors. Its committees
include the Strategic Development Committee, Audit Committee, Risk Policy Committee,
Personnel and Remuneration Committee, and Connected Transaction Control Committee.

FIGURE 1
Ownership and Operational Structures of Bank of China

Source: BOC (2009).

Issues in Accounting Education

Volume 27, No. 4, 2012
Learning Internal Controls from a Fraud Case at Bank of China 1173

The Senior Management, BOC’s executive body, reports to the Board of Directors. It consists
of a president, vice-president, and other senior management members. It includes numerous
committees responsible for corporate banking, personal banking, global markets business,
operational service, risk management and internal control, securities investment management,
purchase review, asset disposal, and anti-money laundering.
The Board of Supervisors is BOC’s supervisory body, consisting of five supervisors, three of
whom are shareholders and two of whom are employees. The Board of Supervisors is responsible to
the General Meeting of Shareholders, and it oversees the bank’s financial affairs and the legal
compliance of the Board of Directors and the Senior Management. The governance structure of
BOC, depicted in Figure 2, is consistent with a dual board structure often found in countries with a
civil law tradition such as Germany and France.
BOC is one of the ‘‘Big Four’’ state-owned commercial banks (Industrial and Commercial
Bank of China, Bank of China, Agricultural Bank of China, and China Construction Bank), which
together account for the majority of the country’s market. The remainder of the country’s sector is
made up of policy banks, joint-stock banks partially owned by the government and partially by
other interests, foreign banks, and rural credit cooperatives. The Big Four face little competitive
threat and are better known for their poor risk controls than their contribution to the economy
(Chang et al. 2010; Garcia-Herrero et al. 2009; Jia 2009; Lin and Zhang 2009). The Big Four are
less profitable, are less efficient, and have worse asset quality than most other banks in China.
Lending by the Big Four is less prudent, although improvements over time are expected as reform
initiatives are implemented. Economic growth leads financial development in China (not the other
way around), and until 2005, bank loans had little effect on local growth.

FIGURE 2
Governance Structure of Bank of China

Source: BOC (2009).

Issues in Accounting Education

Volume 27, No. 4, 2012
1174 Higgins

China’s banking system is notably different than private, market-based banking systems in the
West, in that it is state owned and it plays a significant role in commercial enterprise financing. The
most salient aspect of the system is the dominant role of the state. The Chinese government holds,
on average, 53 percent of a listed company’s total shares, while the second-largest shareholder
holds roughly 10 percent. State ownership is exercised by the Chinese Communist Party and
government ministries. The state participates actively in managing the banks. Government officials
are routinely appointed as bank managers and directors, and the state sets management
compensation at most banks. The party appoints the boards with the approval of the State
Council. Chinese financial regulators tend to pursue macroeconomic policy goals through regulated
institutions, particularly through banks and securities firms. Because China is an extremely
populous country and because Chinese communism emphasizes social and economic equality over
the profit motive, social and economic stability are deemed essential and generally constitute the
overarching goals of government policies. Government officials in manager or director positions
tend to pursue government policies without emphasizing profit-seeking goals.
The second most salient aspect of the system is the banks’ significant role in commercial
financing. Despite significant recent growth in China’s capital markets, close to 90 percent of
Chinese enterprise financing comes from the banks. In stark contrast, in the U.S., capital markets
account for about half of total business financing (Bell and Chao 2010). Even in Japan, a bank-
centered economy, bank financing accounts for only about two-thirds of total business financing.
Thus, banks are even more important for commercial financing in China than in Japan.

Bank Governance Problems and Reforms

China opened its economy and launched economic reform in the late 1970s. In the 30 years
prior to this, the Chinese economy had functioned as a socialist economy, based upon state
ownership and centralized decision making. Chinese banks executed government directives to
support regional and industrial policies. Owned by the state and not beholden to interested
shareholders, they were not profit oriented. Rather, they allocated resources in accordance with
central planning.
Since the launch of economic reform in the late 1970s, Chinese banks have been moving away
from being mere extensions of the government; however, many Chinese banks still have a
governance regime that is not well adapted to a more independent, active role in resource allocation.
The four largest commercial banks, including BOC, are owned primarily by the state. The second-
largest category of banks consists of 11 joint-stock banks that emerged after the reforms. These
banks are co-owned by the government and by other interests. Less constrained by government
directives, these banks have developed a stronger commitment to profitability.
In tremendous growth, China’s banking sector is deemed more vulnerable to fraud than the
banking sectors of developed countries. Due to the very recent development of the country’s
corporate culture, the distinction between government and commercial functions is still blurred in
Chinese enterprises. Because state officials still often act as bank owners, managers, and directors,
they often interfere with banking operations for policy purposes and do not base decisions on
commercial principles. Many state-owned commercial banks continue lending to favored
borrowers, many of whom are unprofitable state-owned enterprises. Furthermore, the government
has an implicit policy of not letting major banks fail. Lack of adherence to commercial principles
and a bailout mentality open doors to adverse credit selection and to conflicts of interest.
Decades of reform have achieved only limited success in instilling discipline in the state-owned
banks. While cumulating huge assets due to a high savings rate from the thrifty Chinese public (40
percent of national income is in the form of bank deposits from the public), Chinese banks manage
these assets poorly. Particularly, state-owned banks often extend credit to weak but privileged

Issues in Accounting Education

Volume 27, No. 4, 2012
Learning Internal Controls from a Fraud Case at Bank of China 1175

borrowers and then continue approving further loans to these borrowers in order to avoid reporting
non-performing loans. Many such borrowers are loss-making, state-owned enterprises. Many others
are individuals and businesses perpetrating fraud.
Unprincipled lending has led to an increase in non-performing loans. By the end of 1997, non-
performing loans generated by China’s state-owned commercial banks were equivalent to $400
billion (Chan 2001). Estimates of China’s non-performing loan ratio varied between 20 percent as
officially reported, to 40–50 percent as estimated by some in the West (Shih et al. 2007 and the
citations therein). At the same time, the average capital adequacy rate of Chinese banks was 3.5
percent, much lower than the 8 percent required by the Basel Accords.
Important restructuring began in 1998, when capital of RMB 270 million (3 percent of China’s
GDP, equivalent to $33 billion) was injected into the four state-owned banks.1 In 1999, the Chinese
government established Asset Management Companies to purchase RMB 1.4 trillion (equivalent to
$170 billion) of non-performing loans. In these transactions, the Chinese government transferred a
substantial number of non-performing loans to state-owned asset management companies at book
value, essentially injecting capital into banks to rid them of their toxic assets. Further capital
injections followed in 2003 and 2004. The estimated cost to the government for non-performing
loans was at least 20 percent and as much as 50 percent of one year’s GDP, equivalent to 1 to 2.5
percent of GDP annually over 20 years (OECD 2005).
Capital injection has indeed played a role in reducing non-performing loans at BOC and at
other Chinese banks. In 1997 at BOC, a whopping 60 percent of total loans were estimated as non-
performing. By 2002, this rate was reduced to roughly 26 percent.2 By 2004, BOC’s non-
performing loan rate was only around 5 percent. By 2009, the rate was under 2 percent, helping
BOC rank 11th among the world’s top 1,000 banks by Tier 1 capital. This bailout demonstrated the
Chinese government’s resolution to resurrect Chinese banks. Nonetheless, the provision of funds
was insufficient to address banks’ balance-sheet problems and provided little incentive to prevent
the banks from reverting to earlier patterns of lending. Figure 3 shows the non-performing loans of
BOC over the years.
Another phase of governance reform was undertaken in 2003 as a condition for China’s
accession to the World Trade Organization (WTO). WTO membership required China to open the
country’s finance sectors to more foreign competition (Chow 2003).3 Key reform elements that
grew out of WTO requirements were ownership diversification, public listing, and expanded
foreign presence, all designed to subject banks to higher standards of transparency and to enable
external scrutiny. Governance reform and international exposure are intertwined because they are
both linked to banks’ attempts to strengthen their balance sheets via additional financial support. At
the same time, a specialized independent agency for bank supervision, the China Banking
Regulatory Commission (CBRC), was formed to accelerate new measures of bank supervision. The
reform initiatives aimed to incorporate internationally accepted best practices and to foster banks’
transition from their traditional role as government agencies toward a commercial orientation.

1
The Renminbi (RMB) is the official currency of the People’s Republic of China.
2
Official non-performing loans data, such as from the China Financial Statistical Yearbook and from corporate
annual reports, were not available in the earlier phases of reform. Official reports are usually more optimistic than
private sector estimates. According to the stipulation of China’s Audit Law, the assets, liabilities, and profits and
losses of the state-owned or predominantly state-owned monetary institutions are audited by China’s National
Audit Office. When BOC went public in Hong Kong in 2006, it was also audited by PricewaterhouseCoopers.
3
WTO membership required China to open its market for international trade and investment in exchange for access
to the world’s economy. Conditions for membership also included (1) the lowering of tariffs for imports, (2) the
permission of foreign firms to sell directly in the Chinese domestic markets, and (3) the opening of the
telecommunication and finance sectors to more foreign competition.

Issues in Accounting Education

Volume 27, No. 4, 2012
1176 Higgins

FIGURE 3
Non-Performance Loans of Bank of China

This chart shows the ratio, in percentage, of bank non-performing loans to total gross loans.
Sources: China Financial Statistical Year Book (for the 2002 data) and Bank of China Corporate Annual
Reports (for later years’ data).

After China’s accession to the WTO in 2001, initiatives to strengthen corporate governance
and risk management helped uncover a myriad of fraud instances at Chinese banks. In 2005,
China’s Ministry of Commerce revealed that over 4,000 corrupt officials had fled the country,
taking with them nearly $50 billion (Hanru 2005). Corrupt officials had reason to flee: corruption is
a crime that can draw capital punishment in China, although the death penalty often may be reduced
to life imprisonment in non-political cases. The following incident relates one such example of
fraud.

Fraud Incident
BOC has experienced no shortage of fraud orchestrated by management at all levels. One of the
most spectacular schemes came to light in 2001, coinciding with China’s entrance in the WTO. In
the process of improving their systems to comply with WTO requirements, BOC auditors
discovered that amounts equivalent to half a billion U.S. dollars were missing from the bank’s
accounts. Investigations led to a branch in Kaiping, a manufacturing town in the Guangdong
province.4

The Gang
According to Hong Kong authorities, Xu Chaofan, mastermind of the scheme and a former
general manager at the Kaiping branch, began illegal transfer and use of BOC funds in the early

4
The details are based on the court appeal (criminal appeal No. 29 of 2007) in the High Court of the Hong Kong
Special Administrative Region and the U.S. Department of Justice news release on May 6, 2009.

Issues in Accounting Education

Volume 27, No. 4, 2012
Learning Internal Controls from a Fraud Case at Bank of China 1177

1990s. While at the branch, he stole an estimated $400þ million. Promoted to manager of the
regional headquarters at Guangzhou in 1999, Xu Chaofan netted an additional $80 million in stolen
funds by conspiring with two succeeding Kaiping general managers, Yu Zhendong and Xu Guojun.

The Operation
In the 1990s, many mainland Chinese set up so-called ‘‘window’’ companies to speculate in
stocks and real estate in Hong Kong, China’s window to the world. The gang helped create two
window companies in 1992; they then used the companies as vehicles to invest BOC funds and to
pull in profits for themselves, as well as to divert stolen funds. Relatives of Xu Chaofan set up both
companies, Ever Joint Properties and Yau Hip Trading Limited. On the surface, the window
companies acted as investing arms of BOC Kaiping. However, no permission to remit these funds
abroad was granted by a BOC senior branch manager. Some funds from Ever Joint were funneled to
a third organization the gang had created, Land Galaxy Limited, which paid salaries and expenses
incurred by the gang, whose members had created false Hong Kong identities for this purpose. Ever
Joint funds also were moved to other accounts controlled by the gang at casinos and elite financial
institutions in Hong Kong and in other countries. The gang’s typical fraudulent transaction was a
bank loan. BOC funds were remitted to Ever Joint in Hong Kong mostly by means of false
information purporting to show loans made to intermediary companies in Hong Kong, although
there was no genuine business between Ever Joint and these intermediaries.

Co-Conspirators
The gang’s most important co-conspirators were Hui Yat-sing, Xu Chaofan’s first cousin, and
Wong Suet-mui, Hui Yat-sing’s wife. Both were directors and managers of Ever Joint Properties
and signatories of the company’s bank account. Wong also ran Yau Hip Trading and was the
signatory of its bank account. The gang also had accomplices managing mainland companies that
received loans from BOC Kaiping and remitted the funds to Ever Joint. Additional accomplices in
Hong Kong received funds from Ever Joint and then disbursed them to the gang under members’
false Hong Kong identities.

The Stolen Funds

Ever Joint funded the purchase of three expensive Hong Kong apartments for the gang. Monies
from the window company were invested in real properties, stocks, index futures, and foreign
exchange. Some investments apparently met with disastrous results in the wake of the real estate
and stock market crashes of 1997. Ever Joint’s biggest stock position was in Leading Spirit High-
Tech Holdings Company Limited, a Chinese stock that plunged 99 percent from its 1997 high. The
gang also bought and suffered great loss from a stake in tycoon Richard T. K. Li’s Pacific Century
CyberWorks Limited. They also deposited large sums into accounts controlled by themselves, their
wives, and their relatives at casinos in Macau, Australia, and the United States (Clifford et al. 2002).
Figure 4 shows the flow of stolen funds.

The Cover
Since the bank managers had insider authority to make loans and transfer funds without
controls, the stolen funds went unnoticed by BOC’s information system and auditing processes for
some time. Lax supervision and the proliferation of non-performing loans also provided a mask,
hiding the theft. The managers could further resort to accounting gimmicks to cover their tracks. A
major auditing weakness at the time was the system’s inability to clear and verify a large number of

Issues in Accounting Education

Volume 27, No. 4, 2012
1178 Higgins

FIGURE 4
Flow of Stolen Funds

accounts simultaneously, leaving a window of a couple of days for bank managers to transfer funds
from account to account to camouflage shortages.

Discovery
In October 2001, coinciding with China’s entrance to the WTO, a change at BOC in the
structure providing for the transfer of funds and centralization of information helped auditors
discover discrepancies in the accounting books of BOC Kaiping. On October 13, 2001, BOC’s
auditors examined the accounting records for that branch and found that a huge sum of money was
missing.
On the same day, the three managers failed to attend work, fleeing to Hong Kong and using
their Hong Kong identity cards to gain entry. On October 15, 2001, they left Hong Kong for
Canada. Their final destination was the U.S., where they and their wives obtained citizenship by
unlawfully using loopholes in the system and by using forged documentation. Via the arrangement
of his true wife, Yu Zhendong entered a sham marriage with a naturalized U.S. woman named
Shanna Yu Ma in order to procure his own U.S. citizenship.
Police in China, Hong Kong, Canada, and the U.S. cooperated in the investigation. Yu
Zhendong was arrested in Los Angeles in December 2002. He pleaded guilty to racketeering in
February 2004, was sentenced to 144 months in prison by a federal court in Las Vegas, and
voluntarily returned to China on China’s promise to exempt him from the death penalty. In China, a
court in Jiangmen City sentenced him to 12 years in prison, comparable to the U.S. sentence. Yu
was the first corrupt Chinese official to be repatriated as a result of China’s ratifying the United
Nations Convention against Corruption in October 2005 (Yan 2006). Prior to this convention and
before Yu’s case, suspects of severe economic crimes in China had rarely been sent back, because
many countries objected to the death penalty for this type of crime. Xu Guojun was arrested in
Kansas in September 2004, and Xu Chaofan was arrested in Oklahoma in October 2004. In 2008,
the two were convicted of racketeering, money laundering, and passport fraud by a Las Vegas
court. In 2009, a U.S. district judge sentenced Xu Chaofan to 25 years in prison and Xu Guojun to
22 years in prison.

Issues in Accounting Education

Volume 27, No. 4, 2012
Learning Internal Controls from a Fraud Case at Bank of China 1179

The Need for More Bank Audits and Reforms in China

In light of the fraud triangle theory, the Kaiping scheme suggested high fraud risk at BOC and
other Chinese banks. The concept of a fraud triangle denotes three factors, namely opportunity,
pressure/incentive, and rationalization/attitude that signal high likelihood of fraud. The Kaiping
managers’ ability to abuse their positions of trust was consistent with a lack of supervision in many
Chinese enterprises, which created ample opportunities for managers to commit fraud. These
opportunities suggested high fraud risk at the bank, and to the extent that other Chinese banks
shared the same governance and control structure, they also had high fraud risk.
Indeed, not just BOC but other Chinese banks and enterprises have similar challenges in
applying control activities. The following notes highlight some common challenges beyond the
facts of the described fraud incident. These notes should be important to managers and auditors of
Chinese banks and enterprises.
First, managers often have undivided authority in China. According to Shen Xiaoming, deputy
director of the China Banking Regulatory Commission (CBRC), regulations as of 2005 allowed
bank managers to give loans with undivided authority (Asia News 2005). Banks often accepted
forged commercial papers and illegal deposit pledges in exchange for loan disbursements (Global
Times 2011). Banks typically did not have procedures to limit managers’ authority, such as loan
approval committees to assess lenders’ merit based on credit and business purposes.
Second, it is common in China for the authorized signatory of bank accounts to use seals in place
of handwritten signatures. Usually, the minimum two seals required are the Legal Representative Seal
and the Finance Seal, although some companies may use more seals for better segregation of duties.
However, the intended control is overridden if both seals are accessible to one single individual.
Third, many Chinese banks lack a process for controlling bank confirmations at the branch
level; as a result, fraudulent employees at local branches may give fake bank confirmations without
being detected (Norris 2011). An essential audit procedure by auditors is to seek bank confirmations
of a firm’s cash balance. However, firms with friends at the local bank may deceive their auditors if
their friends issue a fake confirmation. To mitigate this problem, auditors may seek confirmations at
both the bank branch and headquarters.
The fraud incident prompted BOC, other Chinese banks, and Chinese bank regulators to strengthen
supervisory standards. Today, Chinese regulators have published standards that are comparable to those
of other major financial systems in the world. China’s Basic Standard for Enterprise Internal Control
(Basic Standard) was issued in June 2008, followed by Implementation Guidelines (Guidelines), issued
in April 2010 (MOF 2010). The Guidelines were based on the 1992 Document on Internal Control,
published by the Committee of Sponsoring Organizations (COSO 1992).
The COSO framework has been adopted by many organizations and government entities in the
U.S. and throughout the world to design and assess internal control systems. COSO identifies three
objectives: effectiveness and efficiency of operations, reliability of financial reporting, and
compliance with applicable laws and regulations. To achieve these objectives, COSO identifies five
interrelated components of internal control: control environment, risk assessment, control activities,
information and communication, and monitoring. Thus, the COSO framework may be visualized as
a matrix of three objectives and five components that can assist high-level managers in designing
internal control systems and auditors in conducting COSO-based audits (see Figure 5).
Although all five components of an internal control system are important, control activities
form the first line of defense against fraud. These activities include establishment of responsibility;
segregation of duties; documentation of procedures; establishment of physical, mechanical, and
electronic controls; development of a system for independent internal verification; and creation of
human resource controls. Kimmel et al. (2011) provide a discussion of these principles, summarized
in Figure 6.

Issues in Accounting Education

Volume 27, No. 4, 2012
1180 Higgins

FIGURE 5
COSO Internal Control—Integrated Framework

Control Environment: The control environment sets the tone of an organization, influencing the control
consciousness of its people. It is the foundation for all other components of internal control, providing discipline
and structure. Control environment factors include the integrity, ethical values, and competence of the entity’s
people; management’s philosophy and operating style; the way management assigns authority and responsibility,
and organizes and develops its people; and the attention and direction provided by the Board of Directors.
Risk Assessment: Every entity faces a variety of risks from external and internal sources that must be assessed.
A precondition to risk assessment is establishment of objectives, linked at different levels and internally
consistent. Risk assessment is the identification and analysis of relevant risks to achievement of the objectives,
forming a basis for determining how the risks should be managed. Because economic, industry, regulatory, and
operating conditions will continue to change, mechanisms are needed to identify and deal with the special risks
associated with change.
Control Activities: Control activities are the policies and procedures that help ensure management directives are
carried out. They help ensure that necessary actions are taken to address risks to achievement of the entity’s
objectives. Control activities occur throughout the organization, at all levels and in all functions. They include a
range of activities as diverse as approvals, authorizations, verifications, reconciliations, reviews of operating
performance, security of assets, and segregation of duties.
Information and Communication: Pertinent information must be identified, captured, and communicated in a
form and timeframe that enable people to carry out their responsibilities. Information systems produce reports,
containing operational, financial, and compliance-related information, that make it possible to run and control the
business. They deal not only with internally generated data, but also information about external events, activities,
and conditions necessary to informed business decision making and external reporting. Effective communication
also must occur in a broader sense, flowing down, across, and up the organization. All personnel must receive a
clear message from top management that control responsibilities must be taken seriously. They must understand
their own role in the internal control system, as well as how individual activities relate to the work of others.
They must have a means of communicating significant information upstream. There also needs to be effective
communication with external parties, such as customers, suppliers, regulators, and shareholders.
Monitoring: Internal control systems need to be monitored—a process that assesses the quality of the system’s
performance over time. This is accomplished through ongoing monitoring activities, separate evaluations, or a
combination of the two. Ongoing monitoring occurs in the course of operations. It includes regular management
and supervisory activities, and other actions personnel take in performing their duties. The scope and frequency
of separate evaluations will depend primarily on an assessment of risks and the effectiveness of ongoing
monitoring procedures. Internal control deficiencies should be reported upstream, with serious matters reported
to top management and the board.
Source: COSO 1992

Issues in Accounting Education

Volume 27, No. 4, 2012
Learning Internal Controls from a Fraud Case at Bank of China 1181

FIGURE 6
Principles of Control Activities

Source: Kimmel et al. (2011).

The Guidelines have been dubbed ‘‘C-SOX’’ since they are similar to the U.S. Sarbanes-Oxley
Act Section 404. They outline the regulatory requirements for Chinese enterprises to establish,
evaluate, and assess the effectiveness of their internal controls.5 C-SOX also requires accounting
firms to audit the effectiveness of the enterprise’s internal controls. Enterprises are required to issue
assessment reports of internal controls every year. The CEO and Board of Directors are ultimately
responsible for risk management and compliance. In addition, auditors are required to disclose in
their audit reports any noted material deficiencies in internal controls that are both related and
unrelated to financial reporting.
While these standards should help, some remain fundamentally concerned about the inherent
conflicts of interest that emerge in state-controlled banks, arguing that independence in individuals’
judgment is a necessary foundation for implementing governance and reform standards. State
control calls into question the independence of the supervisory process, objectivity of the board,
independence of management, and integrity of the audit and risk management processes.
Other concerns are about the aspects of Chinese culture that may impede systems of internal
controls. According to Buckley et al. (2006), the most prominent Chinese cultural characteristics
that have strong implications for interpersonal and inter-organizational dynamics are guanxi and
mianzi. Guanxi, which means personal connections, is embedded in a tradition of mutual trust,

5
China’s Guidelines are referred to as C-SOX, not to be confused with Canada’s CSOX.

Issues in Accounting Education

Volume 27, No. 4, 2012
1182 Higgins

warmth, loyalty, and respect. Guanxi is consistent with other characteristics of Chinese culture,
such as family orientation, favor, and harmony. Mianzi, which means face, is the recognition by
others of an individual’s social standing. Mianzi is consistent with typical Confucian values, such as
respect for age and hierarchy, and avoidance of conflict and overt disagreement. Mianzi is a key
component in the dynamics of guanxi, whereby parties of a business relationship must save mianzi
for each other. In the Chinese business context, building guanxi and saving mianzi creates trust and
a bond between partners. While guanxi and mianzi contribute to the success of many Chinese
societies, these cultural aspects can become fertile soil for corruption and fraud, especially when
combined with state paternalism and collectivism. Although guanxi is not necessarily a source of
corrupt behavior, it is a critical facilitator of corruption, which some say is ubiquitous in China (Luo
2008). Saved faces and special relations with powerful people may turn into power exchange and
gain sharing without obligating formal laws and informal norms. According to Luo (2008), Chinese
fraud often involves more than individual wrongdoing but also institutionalized corruption that
involves guanxi networks between high-ranking government officials and private businessmen. It
should be noted that the intertwinement of connections and corruption may exist in any country, not
just in China.
Ultimately, reform success depends largely on the commitment of the government and people.
In a country with centuries-old traditions and a corporate culture that is still quite young, it will be
interesting to see whether new standards affect the banks’ control environment significantly.

Possible Discussion Questions

Internal Controls
1. Using Kimmel et al.’s (2011) principles of control activities (described in Figure 6), identify
the internal control weaknesses that contributed to the BOC fraud incident.
2. As you reflect on the fraud triangle, what economic, organizational, institutional, or cultural
factors of the fraud triangle helped foster the described fraud incident?
3. Review Figure 5 and do additional research on COSO’s Internal Control—Integrated
Framework. Focusing on ‘‘Effectiveness and Efficiency of Operations,’’ discuss how a bank
manager would design an internal controls system to mitigate the risk of lending to non-
performing borrowers. Alternatively, discuss which control features a bank auditor should look
for in assessing the effectiveness of the bank in mitigating the risk of lending to risky borrowers.

Governance Environment in China

4. What are the objectives of predominantly state-owned versus privately owned enterprises in
China? What is the main ownership characteristic of Chinese banks?
5. What are some aspects of Chinese culture that may affect the fraud environments at Chinese
enterprises?

Related Issues
6. What are non-performing loans? Which type of enterprises, state-owned versus privately
owned, contributed more to the non-performing loans problem in Chinese banks during the
early 2000s?
7. What are some methods that banks might use to reduce their reported non-performing
loans? What methods were used in Chinese banks in the late 1990s?
8. A bailout is an act of saving or rescuing something (such as a business) from money
problems. How were Chinese banks bailed out? How did the Chinese bank bailout differ, if

Issues in Accounting Education

Volume 27, No. 4, 2012
Learning Internal Controls from a Fraud Case at Bank of China 1183

at all, from the recent U.S. bank bailout? Students assigned to this question should do
additional research to understand the bailout issues before answering this question.
9. As you examine the governance structure of BOC (Figure 2), compare BOC’s board
structure with that of some other listed Chinese firms.
10. What are the pros and cons of investing in the Chinese banking sector for an individual
investor?

Issues in Accounting Education

Volume 27, No. 4, 2012
1184 Higgins

CASE LEARNING OBJECTIVES AND IMPLEMENTATION GUIDANCE

Overview
The case is set in an environment where banks’ financial assets cumulate faster than their
control systems can monitor them, where the conflation of management, ownership, and oversight
generates conflicts of interest, and where proliferation and lax reporting of non-performing loans
help mask theft. Describing an incident of fraud at Bank of China (BOC), the case facilitates
discussion of internal controls and illustrates the challenges faced by Chinese banks and
businesses in preventing and detecting financial fraud.

Primary Learning Objectives

1. Identify internal control weaknesses.
2. Identify elements of the fraud triangle.
3. Apply the COSO framework to design/evaluate control activities.

Secondary Learning Objectives

4. Demonstrate general understanding of corporate governance characteristics of Chinese
banks and enterprises.
5. Demonstrate general familiarity with aspects of Chinese culture that affect the fraud
environments at Chinese enterprises.

Audience
The intended audience is beginning auditing students. The case is also suitable for a more
general audience such as accounting, management, and business students at the M.B.A. or
undergraduate level. The case is particularly recommended for courses that aim to expose
students to international issues. Instructors may choose from a number of questions to elevate or
reduce the analytical difficulty of the case discussion or to emphasize auditing versus more
general management aspects of the case.

Need for the Case

China’s economy continues to play a leading role in the world. In 2011, China’s economy
surpassed Japan’s to become the second largest and the fastest growing in the world. Most of the
world’s major financial systems are in retrenchment after the 2008–2009 crisis; however, the
large Chinese banks are growing, with assets eclipsing those of the U.S. banking system. Despite
the growth of China’s economy and banking sector, there are very few instructional resources on
the corporate governance and control environments in China. This case is based on China’s
banking sector, an important sector of China’s economy, yet this sector is arguably its weakest
link due to the sector’s undeveloped infrastructure.
Today’s pressure to condense curricula leaves little room for discussing international issues.
Asian countries generally are under-represented in textbook coverage and in classroom
discussions. By examining corporate governance and internal controls in the Chinese banking
sector, this case meets the educational needs of traditional business students who may not be
familiar with this fast-growth market.

Take-Aways
Students will learn about COSO-based principles of internal control, particularly principles
for control activities. Students will learn via a real but spectacular fraud case in which control

Issues in Accounting Education

Volume 27, No. 4, 2012
Learning Internal Controls from a Fraud Case at Bank of China 1185

principles were not followed. The case also will familiarize students with the governance and
internal control environments of China and Chinese banks. One figure depicts the Chinese fraud
triangle, which is useful as a blueprint for organizational risk assessment in a Chinese context.

How to Use the Case

Instructors may use this case to complement textbook coverage of internal controls. The case
contains 10 questions; instructors may select from these questions according to course emphasis.
The first five questions serve the five key learning objectives. Questions 1–3 serve the primary
objectives related to internal control skills. Questions 4–5 serve the secondary objectives related
to the governance and control environments in China. The remaining questions may be used to
enrich class discussion. The Teaching Notes contain possible answers to all the questions and
include additional materials that may be used in the classroom.
A rubric for assessing student performance on all objectives and questions is presented in
Table 1. It may be adapted by the instructor for grading. Individual instructors may vary the
selection of questions and their corresponding grading weights depending on their classes.
All figures are made available to instructors in PowerPoint slides (see Appendix A). The case
itself provides specific information on BOC and China’s banking sector, but the Teaching Notes
include more complex background information that may be used to facilitate comparisons
between China and other countries. Neither the instructor nor the student will need prior
knowledge of China to use the case.

Teaching Experience
Table 2 outlines a class plan for teaching the case; individual instructors may easily modify it
to suit their course goals and resources.
The author has taught this case as part of a basic accounting course in a private university in
the northeastern United States. Typically, she uses the case to complement coverage of the
internal controls chapter of an accounting textbook. She devotes less than one hour to discussion
of the case in class, allotting roughly 10 minutes to background lecture and 20–45 minutes for
case discussion. Depending on time availability, she may shorten the discussion to encompass
only LO1 on internal controls (the short case), or she may also address the other LOs (the long
case). In one of her classes, due to limited time, she used a ‘‘short case’’ whereby students
discussed only internal controls (Questions 1 and 2) and each question was given 50 percent
weight. Discussing the short case took 25–30 minutes. Question 1 generated the most discussion
as it tests knowledge of control principles directly, while generating enthusiastic discussion of the
intrigues of the fraud. In another of her classes, discussion of the long case took 55 minutes
(Questions 1, 2, 4, and 10) and each question was given 25 percent weight. Discussing the long
case is necessary if one wants to address the governance and internal control environments in
China.
A colleague of the author at the same university has also taught this case in a combined
accounting/finance course at the M.B.A. level. After discussing the case in class, he assigned all
questions (Questions 1–10) as a written assignment, giving 10 percent weight to each question.
The students’ responses were collected to assess their performance on the case learning
objectives.

Student Responses
Open-ended survey questions gauged the level of student interest in the case. Questions were
administered at the end of a 30-minute discussion of the short case. The audience was a class of 42

Issues in Accounting Education

Volume 27, No. 4, 2012
1186 Higgins

TABLE 1
Assessment Rubric
Question Used Answers Meeting This Objective
for This Should (in Ascending Order of Type of
Learning Objective Objective Difficulty Level) Learning
LO1 Question 1 Identify control weaknesses in the Apply knowledge
case. of principles to
the case to
articulate
problems and
solutions.
Students identify internal Link the weaknesses to (violations of )
control weaknesses. principles of control activities.
Identify the corresponding principles
by name.
Explain why their violations create
vulnerabilities that invite fraud.
LO2 Question 2 Identify the three elements of the fraud Same as above.
triangle (Opportunity, Pressure, and
Rationalization).
Students identify elements Discuss major factors within each
of the fraud triangle. element.
LO3 Question 3 Demonstrate familiarity with the Same as above.
COSO framework.
Students apply the COSO Identify major elements of the control
framework to design/ environment, risk assessment,
evaluate control control activities, information and
activities. communication, and monitoring.
Discuss major control activities for
bank operations in mitigating risk of
lending to non-performing
borrowers.
LO4 Question 4 Discuss ownership and control by the Read and
state. demonstrate
knowledge of
the content of
the case.
Students demonstrate Discuss the differences between state-
general understanding of owned versus privately owned
corporate governance enterprises in China.
characteristics of Chinese
banks and enterprises.
LO5 Question 5 Identify unique Chinese cultural Same as above.
aspects discussed in the case.
Students demonstrate Discuss how these aspects affect the
general familiarity with fraud environment. (Students who
aspects of Chinese do additional research or who are
culture that affect the more familiar with Chinese culture
fraud environments at may also discuss additional aspects.)
Chinese enterprises.
(continued on next page)

Issues in Accounting Education

Volume 27, No. 4, 2012
Learning Internal Controls from a Fraud Case at Bank of China 1187

TABLE 1 (continued)
Question Used Answers Meeting This Objective
for This Should (in Ascending Order of Type of
Learning Objective Objective Difficulty Level) Learning
Additional questions for Question 6 Discuss why many Chinese banks Demonstrate
enrichment. incurred non-performing loans. knowledge of
the case and
additional
research to gain
more
understanding of
the case.
Question 7 Discuss non-performing loans Discuss different
reporting problems. outcomes given
uncertainty.
Question 8 Discuss key bailout concepts.
Question 9 Discuss key board structure concepts.
Question 10 Consider opposing effects to form
conjectures.

undergraduate students taking accounting for the first time. Although some failed to realize how a
Chinese case might be relevant to their future work, most indicated curiosity about the situation in
China, notably the banks’ phenomenal asset accumulation in the context of a weak infrastructure for
financial management; others were intrigued by ongoing, rampant fraud despite the penalty of
capital punishment. Many students expressed keen interest in the mechanisms for concealing stolen
funds across many countries’ banking systems. Overall, the survey responses suggested that the
students found this case very interesting.
A separate survey gauged the effort students put into the assignment. This survey was
administered by a professor who is not the case author. Twenty-five students responded, 18 of
whom were M.B.A. students and seven of whom were working toward graduate degrees in
engineering, marketing, and financial mathematics. Three students had prior work experience in
accounting/finance, and six had taken a prior accounting course.

TABLE 2
Suggested Class Plan

Issues in Accounting Education

Volume 27, No. 4, 2012
1188 Higgins

After a face-to-face discussion of background concepts related to the case, students were asked
to submit written responses to the 10 case questions within four weeks. Answers were graded for
course credit and were used to assess student performance on the case LOs. Table 3 summarizes this
assessment.
The students were also asked to fill out survey questions to garner feedback about their
experience with the case. This feedback was incorporated when revising the case. Some of these
survey responses are summarized in Table 4.
Survey results suggest that the case requires light effort (averaging 2.3 hours of case
preparation for what would be 55 minutes of class discussion), that students were split in their
assessment of the difficulty level (12 of 25 say the case is difficult), and that students appreciate
what they learn from the case.

TABLE 3
Assessment Data
What Should Help
Did They Meet the Students to Meet This
Student Performance LO? LO in Excellence?
LO1
Identify internal All students were able Yes Displaying Figure 6,
control weaknesses. to identify the key which shows the list of
control weakness principles and their
and link them to the explanations.
principles of
internal control.
Question 1 Prompting students to
explain explicitly why
violations of the
principles create
weaknesses and invite
fraud.
LO2
Identify elements of Students’ responses Yes Displaying a fraud
the fraud triangle. covered a broad triangle before
array of factors that beginning the
trace to the discussion.
Opportunity element
of the fraud
triangle.
Question 2 Many students also Some students focused Displaying students’
traced back to state only on factors responses as bullet
ownership and lack related to items on a board to
of accountability in Opportunity, thus facilitate idea sharing
state-owned the instructor should and open discussions.
enterprises. prompt them to The display should be
consider Pressure in such a way as to
and Rationalization show the fraud triangle,
also. like Figure 4.
(continued on next page)

Issues in Accounting Education

Volume 27, No. 4, 2012
Learning Internal Controls from a Fraud Case at Bank of China 1189

TABLE 3 (continued)
What Should Help
Did They Meet the Students Meeting This
Student Performance LO? LO in Excellence?

LO3
Apply the COSO Students’ responses Yes Displaying and discussing
framework to covered a broad the COSO framework
design/evaluate array of factors of (Figure 5) before
control activities. the five COSO discussing this
elements. question.
Question 3 Many students only Providing Figure 6 as a
focused on financial handout to students for
analyses/financial them to prepare in
managers. advance. This figure
Instructors should provides a structure for
prompt students to presenting risk
consider more risk management aspects
management related to lending.
aspects.
LO4
Demonstrate general Most students Yes The case seems self-
understanding of recognized a lack of explanatory with regard
corporate profit motive among to this question.
governance state-owned
characteristics of enterprises, and
Chinese banks and mentioned
enterprises. ownership and
control by the state
as a particular
corporate
governance feature
of state-owned
enterprises and
banks in China.
Question 4 Students need to read the
case to meet this LO
well.
LO5
Demonstrate general Many students Yes The case provides a
familiarity with mentioned family concise discussion of
aspects of Chinese relationships and/or Chinese culture.
culture that affect a lack of individual
the fraud independence as
environments at aspects of Chinese
Chinese enterprises. culture that may
impede internal
controls.
Question 5 Students need to read the
case to meet this LO
well.

Issues in Accounting Education

Volume 27, No. 4, 2012
1190 Higgins

Survey Questions
How long did you spend
preparing for the case?
How long did it take you to
answer the case questions?
What are the most interesting
questions or aspects of the
case? (You may list more
than one.)
What are the least interesting
questions or aspects of the
case? (You may list more
than one.)
Do you think the case is easy or
difficult?
Do you think the case is worth
your time?
TABLE 4
Student Experience
Summary Responses
Median: 2 hours
Mean: 2.3 hours
Three responses, which were not reported in hours, were excluded.
Median: 2 hours
Mean: 1.9 hours
Two responses, which were not reported in hours, were excluded.
Answers are listed from most to least common, based on keywords
gleaned from the responses.
Fraud case: 10 responses
China, China reform, and China banking: 5
State ownership: 3
Pros and cons of investing: 2
Banking industry: 2
Bailout: 1
Audit weakness: 1
Governance: 1
Culture: 1
Answers are listed from most to least common, based on keywords
gleaned from the responses.
None (all parts seem necessary): 8 responses
Applying COSO framework: 6
Governance of banks: 2
State ownership: 2
Pros and cons of investing in China: 1
Reform (nothing will change): 1
Questions that only require reading the case: 1
Need more time to discuss fraud: 1
Culture: 1
Having to write the answers: 1
Difficult: 12 responses
Easy: 11
Difficult and Easy: 2
Yes: 22 responses
No: 3

Survey results indicate that many students may be interested in the fraud mechanism;
instructors therefore may wish to focus on or begin with Question 1 (fraud incident and principles
of control activities) as a way to stimulate interest. Second, many students reported difficulty with
Question 3 (apply the COSO framework), perhaps because the framework is quite abstract and
students tend to want specific situations. Instructors might therefore wish to illustrate the framework
with concrete examples before assigning this question, or provide a specific structure to anticipate
student responses. For example, instructors may distribute a template like Figure 6 before assigning

Issues in Accounting Education

Volume 27, No. 4, 2012
Learning Internal Controls from a Fraud Case at Bank of China 1191

students to this question. This figure provides a structure for arranging ideas on multiple risk
management aspects related to lending.

TEACHING NOTES
Teaching Notes are available only to full-member subscribers to Issues in Accounting
Education through the American Accounting Association’s electronic publications system at http://
aaapubs.org/. Full-member subscribers should use their usernames and passwords for entry into the
system where the Teaching Notes can be reviewed and printed. Please do not make the Teachings
available to students or post them on websites.
If you are a full member of AAA with a subscription to Issues in Accounting Education and
have any trouble accessing this material, then please contact the AAA headquarters office at info@
aaahq.org or (941) 921-7747.

REFERENCES
Asia News. 2005. Bank fraud up in China. Available at: http://www.asianews.it/news-en/
Bank-fraud-up-in-China-4576.html
Bank of China (BOC). 2009. Corporate annual report. Available at: http://www.boc.cn/en/investor/
Bell, S. K., and H. Chao. 2010. The financial system in China: Risks and opportunities following the global
financial crisis. Available at: http://www.omm.com/files/upload/China-White-Paper.pdf
Buckley, P., J. Clegg, and H. Tan. 2006. Cultural awareness in knowledge transfer to China—The role of
guanxi and mianzi. Journal of World Business Review 41: 275–288.
Chan, T. 2001. US$400 billion needed to recapitalize China’s banks. Standard & Poor’s Credit Wire
(June).
Chang, P., C. Jia, and Z. Wang. 2010. Bank fund reallocation and economic growth: Evidence from China.
Journal of Banking and Finance 34: 2753–2766.
Chow, G. 2003. The impact of joining WTO on China’s economic, legal, and political institutions. Pacific
Economic Review 9: 105–115.
Clifford, M. L., P. Fong, M. Lam, A. Webb, and D. Roberts. 2002. The Bank of China’s black hole: How
$480 million disappeared from one of the country’s biggest banks. Business Week (February 4).
Committee of Sponsoring Organizations (COSO). 1992. Internal control—Integrated framework. Available
at: http://www.coso.org/IC-IntegratedFramework-summary.htm
Garcia-Herrero, A., S. Gavila, and D. Santabarbara. 2009. What explains the low profitability of Chinese
banks? Journal of Banking and Finance 33: 2080–2092.
Global Times. 2011. Bank of Qilu investigated for loan fraud. Available at: http://www.globaltimes.cn/
business/industries/2011-01/609239.html
Hanru, Z. 2005. Corruption has to stay capital crime. China Daily (August 19).
Kimmel, P. D., D. E. Kieso, and J. J. Weygandt. 2011. Fraud, internal control, and cash. In Financial
Accounting: IFRS. New York, NY: John Wiley & Sons.
Jia, C. 2009. The effect of ownership on the prudential behavior of banks—The case of China. Journal of
Banking and Finance 33: 77–87.
Lin, X., and Y. Zhang. 2009. Bank ownership reform and bank performance in China. Journal of Banking
and Finance 33: 20–29.
Luo, Y. 2008. The changing Chinese culture and business behavior: The perspective of intertwinement
between guanxi and corruption. International Business Review 17: 188–193.
Ministry of Finance, People’s Republic of China (MOF). 2010. Guidelines for Enterprise Internal Control.
Beijing, China: MOF.
Norris, F. 2011. The audacity of Chinese fraud. The New York Times (May 26).
Organization for Economic Co-operation and Development (OECD). 2005. China in the Global Economy—
Governance in China. Paris, France: OECD.

Issues in Accounting Education

Volume 27, No. 4, 2012
1192 Higgins

Shih, V., Q. Zhang, and M. Liu. 2007. Comparing the performance of Chinese banks: A principal
component approach. China Economic Review 18: 15–34.
Yan. 2006. Banker in Guangdong sentenced 12 years in prison. Guangdong News (April 3).

APPENDIX A
Fraud Case at Bank of China: http://dx.doi.org/10.2308/iace-50177.s1

Issues in Accounting Education

Volume 27, No. 4, 2012
Reproduced with permission of the copyright owner. Further reproduction prohibited without permission.