The Role of Internal Control Systems in Ensuring Financial Performance Sustainability

Abstract

This study investigates the influence of internal control systems (ICS) compliance on banks’ financial performance sustainability (FPS) in the Amman Stock Market. Using a questionnaire survey of sixteen listed banks, the extent of ICS compliance and its impact on various indicators of financial performance is examined, such as profitability, earnings, and returns on sustainability initiatives. It is found that the banks comply with ICS requirements and that ICS compliance positively and significantly affects their financial sustainability. In particular, this study shows that the control activities, information and communication, and monitoring components of ICSs are key drivers of bank performance. These findings have important implications for policymakers and regulators who aim to enhance the effectiveness of ICSs in banks and foster economic growth in the region. As sustainability becomes a vital issue in the banking sector, understanding how ICS compliance relates to financial sustainability is essential for ensuring long-term viability.

1. Introduction

The ICS serves as a form of assurance for confirming accurate reporting and the attainment of a firm’s objectives, particularly in light of the increasing demand for information from internal and external stakeholders. Moreover, security, privacy, and proper management of information are vital aspects for most successful firms [1]. Consequently, it is imperative to acknowledge the significance of ICS in the banking sector, as they play a critical role in fostering economic growth [2]. The current state of the banking sector is marked by macroeconomic instability, sluggish growth in real economic activities [3], and the risk of fraud and corruption [4]. Therefore, the need for an effective ICS cannot be underestimated [4]. Moreover, ICSs are believed to have a favorable impact on Environmental, Social, and Governance (ESG) ratings, which indicate corporate sustainability. This is because well-functioning internal control systems result in enhanced operational efficiency and effectiveness, reliable reporting, and adherence to relevant laws and regulations. By ensuring the integrity of all forms of information, adequate internal controls can aid in the long-term growth of firms with a high level of confidence.

The banking and capital markets sector is experiencing rapid growth in the Middle East, making it one of the world’s fastest-growing markets. Ref. [5] directs the attention of researchers to this sector’s effect and the key factors behind its growth or failure. Considering that ICSs are one of the most important factors in banking failures, the main duty of the ICS is controlling the high risk taken by bank management decisions to protect the banking sector’s success against any posed threats [6]. Therefore, this research studies ICSs in the Jordanian banking sector.

This paper focuses on examining the compliance of Jordanian domestic banks with ICS requirements and how this compliance influences the sustainability of their financial performance. This study also examines the ICS components among the respondents in the study sample (top management, IT specialists, HR, and employees at lower levels) in respect of the compliance with ICS. While the issue of creating an overall evaluating measurement to evaluate the ICS has received reasonable research attention in emergent markets, studies based in developing countries are relatively rare. I am unaware of any studies evaluating the ICS in Jordan that address the issue of not only committing to the existence of the components of the ICS but also activating, updating, and evaluating these components and correlating them with the sustainability performance of these banks. The few studies that have been carried out to examine this relationship either focus on the ICS components from one managerial perspective [7], measure the FP in a limited way relying on one or two proxies such as ROA and ROE [8], or are limited to investigating one or two components of the ICS concerning sustainability [9]. In addition, this study focuses on the points of view of the top management of the banks, the IT specialists, the HR, and the employees at lower levels. Hence, the findings of this study hold great significance as they provide critical insights into the major components of ICSs measured carefully from different levels of management and their impact on control system practices in an emerging economy. By shedding light on the association between enhanced ICSs, financial performance, and the sustainability of firms, this study can offer valuable guidance to policymakers and industry leaders in developing strategies that promote long-term financial stability and growth.

The empirical evidence of this study shows that the Jordanian banking sector is adopting and applying ICSs. On the other hand, it found a lack interest in management in following up and understanding employees’ abilities and desires in terms of work environment and given tasks. Moreover, the findings manifest some harmful impacts of applying high-quality ICSs on the bank’s sustainable financial performance; specifically, the control activities component can decrease the profitability of the banks measured by return on assets (ROA) and increase the general and administrative (G&A) expenses. Moreover, compliance in executing ICSs and monitoring this system increases the return per employee (RPE) in the banks, and information and communication enhance the return on sustainability initiatives (ROSI).

By focusing on the specific elements of internal control systems (ICSs) and their impact on the sustainability of financial performance in developing markets, specifically the Jordanian banking sector, this study provides a noteworthy contribution to the existing body of literature. This is a departure from previous studies which mainly focused on aggregated measures of ICSs and their influence on various outcomes in developed markets [10,11,12,13]. Moreover, the provided result fills a gap in the literature by exploring the hidden aspects of ICSs and analyzing how each component affects FPS.

The following sections cover the related institutional background, literature, and main hypotheses. The data and methodology sources are presented in Section 3, while Section 4 discusses the empirical results, and data analysis, and provides a discussion. Finally, Section 5 summarizes the findings and provides concluding remarks.

2. Institutional Background, Literature Review, and Hypotheses Development

2.1. Institutional Background in the Jordanian Banking Sector

2.1.1. Central Bank of Jordan

The Central Bank of Jordan (CBJ) has been given various responsibilities to achieve its objectives, which include preserving monetary and financial stability, ensuring the Jordanian Dinar’s convertibility, supporting sustainable economic growth, and promoting banking and financial stability in the country. One of the most important objectives is overseeing and supervising banks to ensure their financial stability and protecting the rights of their depositors and shareholders under the relevant legislation and governance rules. Additionally, financial institutions are monitored and supervised to ensure their financial stability following applicable laws. Moreover, the CBJ regulates and develops the National Payments System to ensure that payment, clearing, and settlement systems are sound and effective [14].

2.1.2. The Jordanian Banking Sector

The banking sector in Jordan plays a crucial role in promoting economic growth by promoting domestic savings and financing various economic sectors. The CBJ reports that the banking industry contributed around 20% to the country’s GDP in 2021. Banks use their branch networks to offer clients a range of financial solutions, which are further enhanced by digital banking services. However, the Jordanian banking system comprises three categories of banks: commercial, Islamic, and foreign, with 13 commercial banks, three Islamic banks, and eight foreign banks operating in the country. The importance of the Jordanian banking industry stems from its role as a primary contributor to the GDP, and its dominant position as a primary supporter of the country’s economy [15].

2.2. Literature Review and Hypotheses Development

2.2.1. Literature Review

An ICS is “a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of effectiveness and efficiency of operations, reliability of financial reporting, compliance with applicable laws and regulations, and safeguarding of assets”. According to the Committee of Sponsoring Organizations of the Treadway Commission (COSO)’s 2013 framework, the following are the main components of the ICS: (1) control environment; (2) risk assessment; (3) control activities; (4) information and communication; and (5) monitoring the ICS.

The objective of this process is to provide a guarantee that a firm can attain its goals, therefore, the existence of an efficient and well-controlled system in the firm will have a clear influence on the company’s performance (ISA, 315), especially in the banking sector, where it is considered as an important element for keeping this sector well functioning and healthy, to finally positively affecting the macro stability [16]. Ashbaugh-Skaife [10] demonstrates that weak ICS can negatively impact reporting reliability and that inefficient controls could produce lower-quality information which leads to lower-quality investment decisions [17].

The ICS components are an integrated system, leading in the event of the firm’s commitment to strengthen and improve the financial performance of the firm [18]. In addition, ICS influences and protects the assets of the firm [19] by preventing the firm from investing in inefficient projects which could expose their long-term assets to risk [20], and also by helping firms to create steadily cash-holding policies [21] which eventually protect firms’ value during any financial crisis [22]. The internal control procedures quality for any firm determine the moral environment of the firm, the activities of internal audit, and staff training on risk management [23]; therefore, any deficiencies in the ICS increase the risk of the firm [24].

ICS components, if committed by a firm, can improve its financial performance and have a positive impact on the firm [18]. In addition to the expected impact of internal control on the firm’s performance, there is also an effect of internal control on external parties such as investors [25] and analysts [26]. Healthy banking sectors with a lower level of specious, mistaken transactions and fraud usually come from an effective internal control system [27], and vice versa; a weak internal control system in the banking sectors leads to lower financial performance [28]. Despite the obvious importance of the system of internal control as an essential element in the company’s performance evaluation reports, however, many firms are not interested in the application of ICS [29].

Previous literature focuses on the US environment, which suggests that ICS has an impact on financial reporting. Studies conducted in the United States have stated that internal controls have a considerable effect on the quality of reporting, and the implementation of the Sarbanes–Oxley Act (SOX) has directed an enhancement in the general quality of internal controls for publicly listed firms.

Nevertheless, the practice of the US market cannot be generalized to the Jordanian market because the legal execution in Jordan is unlikely to be as solid as it is in the US. Specifically, the Jordanian banking sector is in an emerging market and most banks are below international standards of operating efficiency [15]. Therefore, it is still unclear how the ICS affects the FPS of the emerging market. However, [30] partially study the integral impact of the supply chain and ICS on the FP. They employed different methodologies and proxies to measure the ICS away from any consideration of the sustainability of FP to find weak evidence about the relationship. Moreover, several studies have examined the relationship between internal control systems (ICS) and financial performance (FP) of different sectors and regions. For example, [31] found a positive relationship between COSO’s components and FP (ROI, ROE) of Jordanian banks. They also reported a statistically significant impact of two components (Control Activities and control environment) on FP. Similarly, [32] found that monitoring and information and communication components positively impacted the FP of Bangladeshi banks, while the rest of the components had a negative impact. However, [8] investigated the ICSs’ relationship with the FP of Iraqi banks using the ROE metric only and found a positive impact of most of the ICS components on FP. These studies suggest that ICS can enhance the FP of banks in different contexts, but the impact may vary depending on the components and metrics used.

Another aspect that has been explored in relation to ICS and FP is corporate social responsibility (CSR). CSR refers to the voluntary actions that firms take to address the social and environmental impacts of their activities. The authors of [33] showed that the improvement in the quality of environmental information disclosure enhances the FP of Chinese banks. They argued that disclosing environmental information can improve the reputation and legitimacy of banks and attract more customers and investors. The authors of [34] examined how internal control and CSR interact to influence corporate performance and found that the main benefits of adopting CSR practices for internal or external stakeholders affect not only the company itself, but also its suppliers, government, employees, and customers/stakeholders. They suggested that the aim of investing in CSR is not only to enhance the internal effectiveness of the company and to achieve dependability but also to conform to related laws and regulations [35]. These studies indicate that CSR can improve the FP of banks by creating value for various stakeholders and complying with regulations.

However, some studies have also highlighted the challenges and limitations of implementing ICS and CSR in different sectors and regions. For instance, Ref. [7] provided evidence of strong FP related to applying restricted ICSs in Kenyan banks. They employed the ROE as a proxy to measure the FP only, whereas this study employed six different FP proxies to understand the relationship and examine the different regions with different regulations and GPA which makes the results more generalizable. In [9], the authors examined two elements of ICS (internal control activities and managerial conduct) and their relationship with sustainability in small and medium-sized African firms. They found a weak economic sustainability for these firms after operating a business for around three years. Their study differs greatly with this study, in which I measure the sustainability of FP for the banking sector, which is different in terms of regulations and restrictions. Additionally, they examined two different elements of ICS compared to the generally used elements in the literature. The authors of [36] reaffirmed the effectiveness of internal controls and emphasized how their effective implementation can increase the sustainability of this business cohort. However, they also acknowledged the challenges faced by small businesses in implementing internal controls, such as lack of resources, skills, and awareness.

In summary, previous studies have shown that ICS and CSR can have positive effects on FP and the sustainability of different sectors and regions. However, they have also pointed out some factors that may influence or limit these effects, such as the components and metrics of ICS and CSR, the regulations and restrictions in different contexts, and the challenges faced by different types of businesses. Therefore, this study explores more factors in more depth.

2.2.2. Hypotheses Development

The role of ICSs is crucial in the banking sector as it guarantees operational effectiveness, trustworthy financial documentation, and adherence to legal requirements and regulations, in addition to asset protection. The banking sector, being a service sector heavily dependent on human decision making and understanding of regulations, emphasizes the importance of ICS compliance. Thus, it is reasonable to hypothesize that the Jordanian banking sector is committed to applying ICS and its components. However, to establish the validity of this hypothesis, empirical testing is necessary. This study aims to investigate the policies and practices of the Jordanian banking sector to determine the level of commitment to applying ICS and its components. The results of this study will provide insights into the effectiveness of the ICS in the Jordanian banking industry and the extent to which they contribute to ensuring operational efficiency, compliance, and asset protection.

H1. 

The Jordanian banking sector is committed to applying the ICS and its components.

Based on agency theory, conflicts of interest may emerge between the principals of a company (e.g., shareholders) and its agents (e.g., managers). To reconcile these conflicting interests and advance the organization’s goals, internal controls can be established. The control environment “sets the tone of an organization, influencing the control consciousness of its people” (COSO, 1992). It serves as the foundation for the other elements of internal control, offering discipline and organization. This aspect encompasses various aspects, such as how authority and responsibility are delegated by management, the operating style and philosophy of management, the ethical values and integrity of employees, and the human resources policies in place [37]. In general, flexible and effective ICSs strongly influence employee satisfaction in banking sectors such as fraud practices and unethical behaviors, and the ability to discover the types of practices that form a risk to the entities [38]. This study’s purpose is to analyze the impact of the control environment on the FPS. By doing so, it seeks to offer valuable observations regarding the efficiency of internal controls in aligning the interests of shareholders and managers, and in securing the organization’s long-term prosperity. Consequently, the second hypothesis proposed in this study is as follows:

H2. 

There is an impact of the control environment on the FPS of Jordanian banks.

Every firm meets numerous risk types from internal sources (unethical practices related to financial data preparation and management regulations), and external sources (related to industry) that should be evaluated. To carry out a risk assessment effectively, it is essential to establish objectives that are interconnected at various levels and are internally coherent [39]. Accordingly, risk assessment “is the identification and analysis of relevant risks to the achievement of the objectives, forming a basis for determining how the risks should be managed” (COSO, 1998). Given that economic, industry, regulatory, and operational conditions are subject to ongoing changes, it is necessary to implement mechanisms that can identify and address specific risks associated with these changes. Additionally, it is important to pay attention to the potential impact of internal risks, such as the lack of qualified accounting staff with technical expertise in Securities and Exchange Commission (SEC) regulations and Generally Accepted Accounting Principles (GAAP) requirements. This deficiency can directly contribute to ineffective internal control [40,41]; SEC (2007, 2) supported this notion in their definition of ICS, underscoring that employee failures are an important key reason for internal IC ineffectiveness.

Additionally, risk assessment is a crucial element of the ICS as it allows for a thorough analysis of potential risks and the execution of proper approaches to managing these risks. By assessing the potential impact of risks and establishing controls to mitigate them, the likelihood of adverse events can be reduced, leading to increased FPS for Jordanian banks. By investigating the correlation between risk assessment and the sustainability of financial performance, this study may enhance our comprehension of how proficient risk management strategies can assist Jordanian banks in attaining long-term success while mitigating conflicts of interest between shareholders and managers. Consequently, the third hypothesis formulated in this study is as follows:

H3. 

There is an impact of risk assessment on the FPS of Jordanian banks.

To mitigate risks within firms and ensure the effectiveness of other components of internal control systems (ICS), a set of policies and procedures known as Control Activities are implemented [42]. Control Activities serve to ensure that management directives are executed, and necessary measures are taken to address risks that may hinder the achievement of the firm’s objectives. “Control activities occur throughout the organization, at all levels and in all functions” (COSO, 2002). They encompass various actions such as information processing (approvals, authorizations, verifications), performance reviews (reconciliations, assessments of operational performance), physical controls (asset security), and segregation of duties (COSO, 2002; ISA, 2004).

According to agency theory, managers may be motivated by self-interest and may engage in unethical practices like fraud or embezzlement. Control Activities play a critical role in preventing such behavior by establishing a system of checks and balances and ensuring compliance with internal controls. Therefore, investigating the association between control activities and the FPS can provide valuable insights into the effectiveness of internal controls in aligning the interests of shareholders and managers, and promoting the long-term success of the organization. Consequently, the fourth hypothesis proposed in this study is as follows:

H4. 

There is an impact of control activities on the FPS of Jordanian banks.

The IC is an important component of the ICS that gathers and exchanges the operational, monetary, and compliance-related data necessary for managing and controlling the firm. For internal control and structural goals to be met, the information obtained must be pertinent, trustworthy, complete, and timely, and communication must take place both internally and externally (COSO, 2013). Literature has also demonstrated a positive impact of IC on internal information asymmetry [43], reducing internal information asymmetry and improving the quality of financial reporting [44]. Moreover, IC is a crucial component of internal controls that can aid in aligning the interests of shareholders and managers. Effective communication of financial information can help confirm that all groups are informed of the organization’s performance, reducing the likelihood of opportunistic behavior by managers. Thus, examining the influence of information and communication on FPS can provide insight into the effectiveness of ICS in promoting the alignment of interests between shareholders and managers and promoting long-term organizational success in the context of agency theory. The fifth hypothesis of this study is as follows:

H5. 

There is an impact of information and communication on the FPS of Jordanian banks.

The last component of internal control is monitoring, which ensures that controls operate as intended through ongoing activities or separate evaluations. Moreover, it is found that a firm’s investment could be boosted by high-quality monitoring which also enhances the accounting quality of the firm [45]. In the context of agency theory, monitoring is a crucial aspect of internal controls that involves the continuous assessment and analysis of organizational performance to ensure that it aligns with established goals and objectives. It provides oversight and accountability, reducing the likelihood of opportunistic behavior by managers and promoting organizational success. Evaluating the influence of monitoring on financial sustainability can thus show the efficacy of ICS in addressing conflicts of interest between shareholders and managers and promoting the alignment of their interests. The last hypothesis in this study is as follows:

H6. 

There is an impact of monitoring on the FPS of Jordanian banks.

3. Data and Methodology

3.1. Sample Selection

The study sample comprises the Jordanian domestic banks listed on the Amman stock exchange market (ASE) in 2020. There are 16 commercial banks in Jordan which were included in the study sample (I have included commercial banks only in the sample where the International and Islamic banks have different considerations and controls for some items in their ICS). As

Table 1. Sample construction.

Sample Selection Criteria	No. of Banks	No. of Obs.
Observations with complete info from the questionnaires for 2020 for ICS	16	120
Less
Non-collected questionnaires from banks, and non-sufficient data from surveys	4	42
The final sample	12	118

shows, four banks did not participate in the survey; therefore, the final sample included 12 commercial banks and 118 respondents received after eliminating two due to missing data. Financial data was obtained from ASE and the banks’ published annual reports, and ICS data were obtained from a structured questionnaire [7,30,32,33].

The ICE components, as a compatible process, are impacted by all levels of employees, starting with the board of directors and the senior management, who are responsible for creating and monitoring the IC process, in addition to the other levels of employees [46]. Hence, the sample comprised 118 respondents working in various departments and positions in Jordanian commercial banks, such as the compliance department, internal audit department, information technology department, customer service officers, and teller officers. The survey was designed to fit with targeted respondents; it was prepared in Arabic and English, delivered by hand, and sent by email to the concerned sample. The targeted samples were carefully selected considering employees’ understanding of all ICS components to test the study hypotheses (The full version of the questionnaire is not included in this paper due to length constraints, but it can be made available upon request).

Table 2. Demographical Data.

		Frequency	Percentage
Gender	Male	80	67.80
	Female	38	32.20
Qualification	Diploma	4	3.39
	Bachelor	70	59.32
	Master	31	26.27
	PhD	13	11.02
Experience	<5	27	22.88
	6–12	46	38.98
	13–20	24	20.34
	>20	21	17.80
Jon title	Senior auditor	23	19.49
	Compliance officer	15	12.71
	IT officer	21	17.80
	Teller	14	11.86
	Customer service	21	17.80
	N/A	23	19.49

Note: This table presents the demographical data of the study sample.

presents the main demographic classification of the study sample, demonstrating that most of the respondents are male, around 37% of them hold master’s and PhD degrees, and approximately 38% of the sample are highly experienced, exceeding 13 years of experience.

3.2. Reliability of Measurements

The structure of the scales used in this study was assessed using Cronbach’s alpha (C_α) coefficient. C_α is commonly used to assess internal consistency in construct validity, with a threshold of 0.60 considered acceptable for exploratory purposes, 0.70 considered adequate for confirmatory purposes, and 0.80 considered good for confirmatory purposes [47]. All alpha values in this study exceeded 0.80, with the highest value for ICS compliance being 0.95. This indicates that if the survey is distributed again to the same participants, there is a 95% possibility of collecting the same data.

Table 3. Reliability of the independent variables.

Variables	Cronbach Alpha
Control environment	0.85
Risk assessment	0.92
Control activities	0.86
Information and communication	0.89
Monitoring	0.94
Compliance with ICS requirements	0.95

Note: This table presents the Cronbach’s alpha coefficient.

demonstrates the reliability of the ICS in relation to the financial performance of Jordanian banks, highlighting a high degree of consistency in the survey structure. Therefore, the survey utilized in this study was well understood by the respondents, and their answers can be considered highly credible.

Table 3 shows the C_α values, indicating the reliability of the ICS in relation to the FPS of Jordanian banks. The results demonstrate that the survey structure employed in this study is at a high level of reliability in measuring the ICS and its impact on the FPS of Jordanian banks. This means that the respondents understood the survey well and gave credible answers.

3.3. Measurement of the Independent Variable

Internal Control Systems

The IC is widely defined as a method influenced by the board of directors, managers, and other individuals [48] to deliver rational assurance about the accomplishment of various objectives such as financial reporting reliability, and operational effectiveness and efficiency. A survey with the following structure was created to assess the impact of independent variables: thirty-one questions for the control environment, ten for risk assessment, six questions for control activities, seven questions for information and communication, and twelve questions for monitoring.

The survey consists of six sections; the first one includes questions related to demographic information. The following sections (two to six) include all the statements that measure the independent variable, ICS. Under each section of the ICS, a group of sub-components is used to implement a more accurate and robust assessment of the ICS. For instance, the control environment component was assessed through sub-components of organizational structure and communication, management philosophy, human resources policy and practices, and integrity and ethical values.

Moreover, a four-point Likert scale was used for the questionnaire, with one meaning strongly disagree and five strongly agree. However, I avoided neutral answers, looking for more accurate responses. Furthermore, the questionnaire was judged by five experts (three professors in the Business School of Jordan University, and two CFOs) to assess the relevance of each question to the component of the ICS.

3.4. Measurement of the Dependent Variable

Financial Performance Sustainability

Various studies prefer accounting-based measures due to their sympathy and capability to “reflect internal decision-making capabilities and managerial performance” [49] (p. 408). Therefore, this study mainly employs several accounting-based indicators to measure financial performance, continuity, and sustainability.

Return on assets (ROA): This proxy is used widely in the literature [30,32,33] to assess the efficiency of the firm in utilizing its assets to generate net income; a high ratio refers to better management of bank efficiency; this ratio is calculated by the following equation:

$$ROA=\frac{Net income}{Avg. total assets}$$

Return on Equity (ROE): This ratio measures the efficiency of the administration in the operation of the owners’ equity, this ratio is complementary to the ROA, as the rate of ROA measures the efficiency of the administration in the investment of its assets, but it does not cover the impact of debt on return from the owners, which is reflected in the rate of return on equity. Following the literature [30,32,33], this ratio is calculated by the following equation:

$$ROE=\frac{Net income}{Weighted Avg of owner’s equity}$$

Revenue per Employee (RPE): This ratio measures the average earned revenues of each bank employee; therefore, it measures the efficiency of the bank in effectively employing its employees; the higher the ratio is, the more effective the management of employees’ working hours. The RPE proxy is employed in this study in relation to the control activities component of ICS. The satisfaction of the employees is one of the major points of this component and it is important to know the revenues per employee compared to their satisfaction. Additionally, the monitoring component, which represents the periodic reports, is submitted to management, which results in a periodic auditing process to make appropriate decisions to enhance the revenue. This ratio is calculated with the following equation:

$$RPE=\frac{Operational revenues}{Avg. number of employees}$$

Operating Expenses Margin (OEM): This variable measures total general and administrative expenses (GA expenses) to sales revenues related to the main activities of the bank, and is the amount or percentage of administrative expenses spent by the bank to earn JOD 1 from operating revenues; a higher ratio is a negative indicator of the performance of the administration, and it must reconsider those expenses. This proxy is utilized in connection with several ICS components such as control activities, control environment, risk assessment and monitoring. This ratio is calculated by the following equation:

$$OEM=\frac{\mathit{General} \mathit{and} \mathit{administrative} \mathit{expenses}}{\mathit{Sales} \mathit{revenues}}$$

Allowance of Doubtful Loans to Total Loans: This ratio measures the efficiency of the administrative decisions taken regarding customers’ debts and loans over the inability of borrowers to repay those debts, and whenever this ratio increases whenever the negative index reflects the inefficiency of the administration in customer choice and the collection of debts owed to. This proxy is utilized in connection with ICS components of control activities (which look at the internal processes if followed by the employees and the management), control environment (which focuses on following the organization structure and internal policy), risk assessment (where auditing is one of the major points in this component), and monitoring. This ratio was calculated by the following equation (Allowance of doubtful loans calculated as the provision for impairment direct credit facilities at amortized cost plus the interest and commission in suspense, and the total loans calculated as the direct credit facilities at amortized cost):

$$ADL/TD=\frac{Allowance of Doubtful Loans}{Total Loans}$$

General and Administrative Expenses to Gross Profit: This item measures the percentage of what is spent by the bank of the total income of the GA expenses. When this percentage increase is negative, it reflects the inefficiency of the administration performance, either in terms of the size of administrative expenses incurred by the bank, which therefore must be re-considered, or a decrease in the operational revenue, which is reflected on the operational performance of the bank. This ratio is used to measure the control environment component (with a focus on the employees who are the main expense in the service industries), control activities component (where periodic reconciliations and physical counting of the bank assets is one of the metrics of this component) in addition to the monitoring component (where periodic reporting and internal auditing on the ICS components increase GA expenses). This ratio was calculated using the following equation:

$$GA/GP=\frac{General and administrative expenses}{Gross profit}$$

Return on Sustainability Investment (ROSI): This tool is an analytic method that allows firms to measure the financial returns on their sustainability activities. By calculating the financial benefits of sustainability initiatives and comparing them to the costs of implementation, firms can evaluate the return on investment of sustainability projects and make data-driven decisions about where to allocate resources. This proxy is used to measure the sustainability of the bank and its ESG initiatives. This instrument is chosen concerning the information and communication component, where it considers a channel to communicate good news to internal and external audiences. This ratio was provided by the banks directly.

3.5. Empirical Models

First, to assess the first hypothesis, “There is an impact of bank’s commitment to ICS on the financial performance of Jordanian banks”, Model 1 examines the relationship using the one-sample t-test. Second, to examine the rest of the hypotheses, which investigate the association between the ICS and FP, this study uses the following model repeated using different measures of financial performance (ROA, ROA, RPE, OEM, ADT, GA/GP, ROSI):

$$Model \mathbf{1}:F{P}_{i,t}={\alpha }_0+{\beta }_1\times C.E{ }_{i,t}+{\beta }_2\times R.A{ }_{i,t}+{\beta }_3\times C.A_{i,t}+{\beta }_4\times I\&C_{ i,t}+{\beta }_5\times M_{ i,t}+{\epsilon }_{ i,t}$$

where FP is the financial performance as measured using the ROA, ROE, RPE, OEM, ADL/TD, GA/GP, and ROSI proxies; C.E_i,t is the control environment component; R.A_i,t is the risk assessment component; C.A_i,t is the control activities component; I&C_i,t is the information and communication component; and M_i,t is the monitoring component, all of which were measured using the questionnaire instrument.

4. Results

4.1. Descriptive Statistics and Correlations

Applying ICS generally can help to reduce risks, increase efficiency, save assets, and support compliance with policies and regulations, which altogether will lead to better financial performance. This study’s findings have important implications for policymakers and regulators who aim to enhance the effectiveness of ICS in banks and foster economic growth in the region. As sustainability becomes a vital issue in the banking sector, understanding how ICS compliance relates to financial sustainability is essential for ensuring long-term viability. In this section, I will discuss the findings after examining the study hypotheses.

Table 4. Descriptive statistics for variables.

	Mean	SD	Max	Min	Relative Importance
Variables of interest
Control environment	3.26	0.81	4.00	2.41	81.50
Risk assessment	3.28	0.62	4.00	2.40	82.00
Control activities	3.40	0.60	4.00	2.60	85.00
Info. and communication	3.45	0.61	4.00	2.50	86.25
Monitoring	3.51	0.55	4.00	2.69	87.75
Dependent variables
ROA	1.53	0.31	2.00	0.90
ROE	12.50	3.69	17.00	5.90
RPE	80.75	62.88	188.58	18.98
OEM	33.54	2.84	36.00	26.00
ADL/TD	8.09	3.11	14.00	5.00
GA/GP	41.50	7.05	53.00	31.00
ROSI	9.10	4.51	15.30	5.10

Note: See Appendix A for variable definitions.

shows the main variables of descriptive statistics utilized in this study. First, the average of ICS components is above 2.5 (The average of the used four-point Likert scale is 2.5, therefore I consider the average above 2.5 to be relatively high and below 2.5 to be low), reflecting a high commitment to the requirements of ICS. The most applied element of ICS is monitoring, with a mean score of 3.51 and a relative importance of 87.75 indicating that the banking sector requires high control and follow up on their activities. This is because the banks’ activities rely on employees’ decisions and their understanding of the general policies. Moreover, the lowest mean (relative importance) is that of the control activities component, with 3.26 (81.50).

However, while evaluating the control environment component, it was found that the “presence of a clear organizational structure and the existence of a documented and generalized internal policy guide” question had the highest mean of 3.52, and this is an indication of the banks’ management awareness about the importance of having policies control the internal environment of the banks to obtain adequate job performance. On the other hand, the lowest mean scores are 2.71 to 2.98 for questions examining employees’ job satisfaction and the extent of management’s attention to employees in terms of their workload, developing their efficiency and capabilities, and following up on their satisfaction in terms of promotions and incentives. It was also noted that there is inadequate attention to reinforcement and encouragement to adhere to work ethics.

Questions were asked about the employees’ satisfaction such as “There is a fair evaluation of the employee’s performance to determine their strengths and weaknesses”; “Training courses are allocated to employees based on their evaluation”; “There is a clear promotion policy for employees”; “The workload assigned to the employee and their ability to perform them individually is studied continuously”; “There are well-structured motivation policies for employees to improve their performance and satisfaction”; and “The behavior of employees is studied in terms of their absenteeism from work and is linked to their job satisfaction”. Nevertheless, these findings reflect the banks’ unawareness of the employees’ workload and ability to perform it, which has an impact on their performance and efficiency.

As for the risk assessment component, it was found that there is a high concern in following up on the operational risks arising from embezzlement and money laundering operations, which is noted through the highest means of 3.39 of the two questions “Action plans are maintained to manage operational risks such as embezzlement” and “There is an effective Compliance Department that deals with banking crimes (large bank transfers, financial terrorism operations, and money laundering)”. This confirms the existence of effective plans to face internal and external risks. However, this result is logical due to the high operational risks that the banking sector is exposed to.

Since the CBJ regulation requires the establishment of a compliance department in each bank, through this study, it has been observed how effective this type of department is, but in confirmation of the first observation in the control environment about management unawareness of the employees’ satisfactory, the lowest mean 3.11 when studying the risk assessment related to “There is a quality department that monitors the employee’s performance”.

When studying the control activities component in banks, it was noted that the highest mean of 3.54 supports the existence of “a clear mechanism for auditing financial transactions”. On the other hand, the least important item among the questions was related to the periodic reconciliations and physical counting of the bank assets. However, the importance does not vary among the questions, which reflects the management’s awareness of the material aspects that affect the bank’s assets.

Moreover, regarding the information and communication component, it was found that there is an interest in banks to maintain databases with the highest degree of safety and confidentiality, as the mean of 3.58 related to having databases kept outside the bank and updated periodically, in addition to having adequate control of access to the accounts. Nevertheless, controlling access is considered one of the basic rules in the banking sector, as all the operations are carried out through a cloud network that includes all the bank’s branches which exposes them to the risk of losing part of their database. However, this risk might cause a huge embezzlement issue, and loss of credibility with clients, therefore, it is expected that the management will give attention to this component.

In terms of the monitoring component of ICS, it was found that periodic reports are submitted to management which results from a periodic auditing process to make appropriate decisions. As the Central Bank and the Chamber of Commerce require the existence of an independent auditing division that reviews banking operations and monitoring systems, this finding is to be expected.

Additionally, it is noticed that the lower mean of 3.32 related to “There is a committee that follows up and updates the organizational structure and internal procedures in the bank periodically”, which may confirm what is discussed in the previous components about the management’s lack of interest in following up and understanding employees’ abilities and desires. Even though there is a clear organizational structure that assigns and explains the tasks, there is insufficient interest noted about the management’s concern in developing its internal systems that specifically pertain to employees.

The mean ROA is 1.53; on average, the sample firms are reasonably profitable compared to the banking industry. The average ROE is 12.5, which is higher than the ROA since the banks’ main activities depend largely on equities. Additionally, the RPE on average is JOD 80.75, with high variation between maximum and minimum values indicating the difference in the banks’ size, and the OEM average is 33.54, which is not high and could explain the low ROA rate. In addition, the average level of bank allowance of doubtful accounts to the total debt is 8.09%, demonstrating a strong credit procedure consistent with the high-risk assessment means discussed previously. The general and admin (GA) expenses of the gross profit was approximately 41.5%, which is considered high, but could be explained through the idea of banks providing services and depending on human resources to deliver their services this may increase their GA expenses. The average ROSI is about 9.10, indicating that a sustainability initiative is generating a financial return of 9.10 for every dollar invested in the initiative, which is considered a good return.

Table 5. Pairwise Pearson correlation among all variables.

Variables	(1)	(2)	(3)	(4)	(5)	(6)	(7)	(8)	(9)	(10)	(11)	(12)	(13)
(1) Control environment	1.000
(2) Risk assessment	0.853 *	1.000
(3) Control activities	0.711 *	0.664 *	1.000
(4) Info. & communication	0.618 *	0.594 *	0.716 *	1.000
(5) Monitoring	0.707 *	0.687 *	0.669 *	0.709 *	1.000
(6) Compliance	0.899 *	0.881 *	0.864 *	0.829 *	0.869 *	1.000
(7) ROA	−0.017	−0.003	−0.182	−0.146	−0.106	−0.101	1.000
(8) ROE	0.192	0.171	0.114	0.086	0.232 *	0.186	0.331 *	1.000
(9) RPE	0.151	0.117	0.259 *	0.176	0.267 *	0.223 *	−0.674 *	−0.067	1.000
(10) OEM	0.213 *	0.165	0.189	0.235 *	0.222 *	0.234 *	−0.710 *	−0.481 *	0.292 *	1.000
(11) ADL/TD	−0.027	−0.011	0.147	0.122	0.037	0.059	−0.416 *	−0.358 *	0.756 *	0.038	1.000
(12) GA/GP	0.312 *	0.248 *	0.248 *	0.271 *	0.379 *	0.335 *	−0.628 *	−0.290 *	0.443 *	0.923 *	0.078	1.000
(13) ROSI	0.181	0.150	0.116	0.088	0.323 *	0.168	0.221 *	0.223 *	0.113	0.017	0.033	0.524 *	1.000

Notes: * represent significance at the 10% level. See the Appendix A for variable definitions.

displays the pairwise Pearson correlation matrix encompassing all utilized variables in this study. It serves as a reflection of the multicollinearity test outcomes and investigates the variance inflation factor, which sets the adequate level of 10. The pairwise Pearson correlation matrix reveals two noteworthy findings. Firstly, the correlations demonstrate that all five components of internal control systems (ICS) exhibit significant and positive associations with the financial performance variable, GA/GP. Secondly, the statistical results indicate significant positive correlations between the compliance variable and the financial ratios of RPE, OPM, GA/GP, and ROSI.

4.2. Main Results

The Impact of ICS Components on FPS

Table 6. One sample t-test.

Variables	Mean	Std. Dev.	t	Relative Importance
Compliance	3.339	0.381	27.65 ***	83.48
Control environment	3.230	0.437	22.19 ***	80.76
Risk assessment	3.295	0.466	21.88 ***	82.38
Control activities	3.439	0.443	25.56 ***	85.97
Info. and communication	3.255	0.401	24.63 ***	81.36
Monitoring	3.478	0.449	25.89 ***	86.94

Notes: *** represent significance at the 1% level. See the Appendix A for variable definitions.

demonstrates the results of examining the study’s first hypothesis through a one sample t-test. The findings indicate a strong significant positive t value (t above 21.87) for all ICS components, with mean values above 2.5 and high relative importance above 80% for all components. The results indicate that the Jordanian banking sector is committed to applying the ICS and its components, which is consistent with the literature findings [40].

Table 7. Regression of ICS on the financial performance of Jordanian banks.

Variables	ROA	ROE	RPE	OEM	ADL/TD	GA/GP	ROSI
	Coef. (t-test)
Compliance	0.155 (0.69)	2.431 (1.42)	49.869 * (1.80)	−5.207 (−0.97)	−1.946 (−0.21)	−3.159 (−0.32)	0.132 * (1.67)
Control environment	0.002 (0.68)	0.012 (0.43)	−67.386 (−0.23)	0.054 (0.76)	−0.099 (−0.90)	0.131 (1.08)	0.024 (0.90)
Risk assessment	0.002 (0.71)	−0.001 (−0.05)	−19.880 (−0.70)	−0.035 (−0.67)	−0.013 (−0.11)	−0.089 (−0.98)	0.342 (1.30)
Control activities	−0.003 * (−1.65)	−0.005 (−0.26)	34.311 (1.16)	−0.007 (−0.14)	0.116 (1.07)	−0.029 (−0.35)	0.210 (1.23)
Info. and communication	−0.001 (−0.31)	−0.016 (−0.81)	−15.308 (−0.60)	0.050 (0.67)	0.051 (0.57)	0.007 (0.06)	0.145 * (1.89)
Monitoring	−0.001 (−0.36)	0.027 (1.19)	37.371 * (1.76)	0.025 (0.43)	−0.017 (−0.27)	0.194 ** (1.97)	0.003 (0.40)
Constant	0.021 *** (3.67)	0.054 (1.23)	−55.219 (−0.92)	0.258 * (1.75)	−0.015 (−0.07)	−0.254 (−0.95)	0.054 *** (2.98)
Adjusted R Square	0.37	0.37	0.41	0.47	0.36	0.46	0.43

Notes: *, **, and *** represent significance at the 10%, 5%, and 1% levels, respectively. See the Appendix A for variable definitions.

presents the multivariate regression results of Model 1. Variables compliance, control activities, IC, and monitoring have significant positive coefficients with various financial performance proxies, indicating the positive impact of these ICS components on financial performance which is in line with previous literature [31,32]. For the regression of RPE, the coefficient for compliance is 49.869 and significant at the 5% level (t = 1.80). As a higher level of return on employees implies better financial performance, the first hypothesis is confirmed. This hypothesis suggested that banks more committed to ICS have better financial performance. This result is consistent with [18].

Turning to the control activities variable, the coefficient on the ROA is negative 0.003 and significant at the 10% level (t = −1.65). This result implies that the banks’ commitments to applying the control activities element of ICS harm the profitability of the banks, which could be explained by the extra cost that might be required to control the ICS activities in line with [18].

Regarding information and communication, the results indicate a positive coefficient on the ROSI of 0.145 and significance at the 5% level (t = 1.89). The finding demonstrates that gathering and exchanging the operational, monetary, and compliance-related data necessary for managing and controlling the firm, meeting the firm’s goals, and providing complete information promptly enhances the return on sustainability initiatives. Previous studies have found a positive relationship between information and communication and FP [32], but the ROSI ratio has not been previously examined. However, this implies that banks with higher investments in sustainability initiatives, such as environmental, social, and governance (ESG) practices, tend to earn more from their investments than banks without such initiatives. It also implies that the communication and information component of the internal control system, which refers to the processes and systems that ensure the prompt and reliable flow of information inside and outside the bank, has a significant impact on increasing the returns on sustainability initiatives. This could be because effective communication and information can enhance the transparency, accountability, and reputation of the bank and its sustainability initiatives, as well as support the decision-making and monitoring processes. Therefore, these findings indicate that banks should invest more in sustainability initiatives and improve their communication and information systems to boost their performance and competitiveness. Considering the monitoring variable, the coefficients for RPE and GA/GP are 37.371 and 0.194, respectively, and both are significant at the 5% level (t = 1.76, 1.97, respectively). The findings demonstrate that high monitoring of the ICS components would increase the GA expenses [41] of the banks, and on the other hand, enhance the return on employees. Moreover, these findings suggest that banks that monitor their internal control system and their activities more effectively tend to have higher returns on their employees and higher general and admin expenses relative to their gross profit, in line with previous literature [50].

5. Conclusions

Following the expectation that banks’ commitment to adopting and executing strong ICS would enhance their financial performance, this paper examines whether Jordanian banking sector compliance to high-quality ICS leads to an enhancement of their financial performance by employing the most used proxies of FP, i.e., ROA, ROE, RPE, OEM, ADL/TD, GA/GP, and ROSI. The empirical results of the regression analysis yielded several noteworthy observations. Firstly, the findings offer evidence supporting the compliance of the banking sector in adopting and implementing internal control systems (ICS). In turn, these findings prove that Jordanian banks are more interested in creating high-quality ICS and give attention to each component of the system. On the other hand, it is found that management lack interest in following up and understanding employees’ abilities and desires. Even though there is a clear organizational structure that assigns and explains the tasks, there is insufficient interest noted about the management’s concern in developing its internal systems that specifically pertain to employees.

Second, the findings manifest some harmful impacts of applying high-quality ICS on the bank’s financial performance; specifically, the control activities component would decrease the profitability of the banks as measured by ROA and increase the GA expenses. Moreover, compliance in executing ICS and monitoring this system increases the RPE in the banks. Moreover, it was found that the banks’ compliance with ICS contributes to the financial returns generated by sustainability initiatives in the banking sector. Specifically, stronger information and communication affect the returns of sustainability initiatives which are gathering and exchanging the operational, monetary, and compliance-related data necessary for managing and controlling the firms’ investments by providing more accurate timely information. The study findings present invaluable insights for regulators and policymakers, offering strategic guidance to strengthen internal control systems (ICS) in banks, resulting in substantial enhancements in financial performance. Moreover, these findings establish a solid groundwork for future research, enabling a comprehensive exploration of the individual components of ICS that can yield either favorable or adverse effects on the examined relationships. Furthermore, banks’ ICS have to comply with the international sector regulations that aim to ensure the soundness and stability of the banking system. For example, the Basel III framework sets out minimum standards for capital, liquidity, leverage, and risk management for banks. The rules on supervisory matters and prudential capital requirements also refer to the internal control systems as a key component of bank management and governance. Therefore, banks have to design and implement effective internal control systems that meet regulatory expectations and requirements. In this study, I focused on the COSO framework of ICS and some specific FP metrics. Forthcoming studies should delve into the cost-effectiveness of implementing these ICS measures, weighing them against the derived benefits, while also examining the correlation between the ICS components and the Basel rating and credit risk assessment.