리스크 매니지먼트(risk management), 즉 내부통제의 실패로 인해 기업의 불상사가 빈발하고 있다. 이와 같은 기업의 불상사의 원인은 경영진에 대한 감시감독시스템이 제대로 기능하지 않았다는 점과 내부통제시스템이 제도적으로 구축되어 있지 않고, 또한 효과적으로 기능하지 않았다는 점에서 찾을 수 있다. 특히 내부통제시스템은 종업원 및 임원의 불법·부정행위로 인한 금융기관의 불상사의 빈발로 더욱 법적인 관심을 끌게 되었고, 이로 인해 금융기관에 우선적으로 내부통제시스템의 구축이 요구되었고, 이후 일반주식회사로까지 내부통제시스템의 구축이 확대되기에 이르렀다. 주식회사가 내부통제시스템을 구축해야 하는 목적은 경영의 건전성의 확보와 효율성의 제고에 있다고 할 수 있다. 즉 경영상의 불법·부정행위를 방지하고, 리스크를 효율적으로 관리하여 이익을 극대화할 수 있다면, 주식회사는 글로벌 시장에서 경쟁적 우위를 가질 수 있을 것이다. 이러한 이유로 선진국은 주식회사에 내부통제시스템을 구축하도록 하는 입법을 추진해 오고 있다. 우리나라의 경우에도 내부통제제도로서 금융기관 관련법상의 준법감시인제도와 외감법상의 내부회계관리제도가 도입되어 있지만, 우리나라의 경우 상법상 주식회사에 대해 내부통제에 관한 근거규정을 마련해 두고 있지 않은 문제점이 있고, 또한 내부회계관리제도와 준법감시인제도 등을 포괄하는 통합적 시각에서의 내부통제제도에 관한 논의도 부족하다고 평가할 수 있다. 따라서 향후 전사적 리스크관리의 관점에서 통합적인 내부통제제도의 입법화를 우선 검토해야 할 필요가 있다고 생각된다.

Internal Control-Integrated Framework of Committee of Sponsoring Organizations of the Treadway Commission was published in U.S. in 1992. In 2004, Enterprise Risk Management-Integrated Framework of Committee of Sponsoring Organizations of the Treadway Commission was published. It can be said that Enterprise Risk Management-Integrated Framework contained and developed concept of internal control. In the context of the making of good corporate governance, it is necessary to reinforce and improve internal control system. A company may greatly suffer damages caused by illegal acts or misconduct of employees or the management. In result, establishment of effective internal control system is greatly necessary from the perspectives of corporate governance structure. In addition, as much emphasis has been placed on corporate social responsibility and socially responsible investment fund recently, the importance of establishment of internal control system has been greatly stressed. The competitiveness of the company will be relatively enhanced in a global market if the internal control system is well established. Because of the continued accounting scandals of Enron Energy, and Worldcom, the Sarbanes-Oxley Act of 2002 was enacted in U.S. The Sarbanes-Oxley Act adopted internal control system. According to the Sarbanes-Oxley Act, large corporations in U.S. should establish internal control system. In Japan, internal control system was introduced under the Corporation Code. In addition, the Financial Products Transaction Code of 2006 contained internal control related to a financial report in order to secure confidence of disclosure information in capital market. The reason is that false evaluation of financial position of large companies and illegal acts and misconduct of employees or the management of large companies were continually found. Furthermore, even in Germany, France, England, and China, large corporations should establish internal control system in order to prevent accounting fraud, misconduct, and illegal acts of employees or the management. In Korea, in respect of internal control, a compliance officer should be employed in case of financial institutions and specific large corporations including financial institutions should establish internal accounting management system. Recently, the Supreme Court judged that a director of large corporations had a duty of internal control in the lawsuits in respect of the accounting scandals of the Daewoo Corporation. Therefore, it can be said that a director of large corporations has a duty to establish internal control system and to monitor internal control system. However, there are not any relevant provisions in respect of internal control under the Commercial Code of Korea. Relevant provisions in respect of internal control, therefore, should be codified under the Commercial Code of Korea as soon as possible. Finally, it is necessary to check out and review internal control system from the viewpoint of enterprise risk management.