A May 18th article in Compliance Week by Rick Steinberg (former PwC partner who was the lead partner on the development of the COSO internal controls framework) doesn't mince any words when it comes to practices at Washington Mutual (WaMu). He believes, and his points are cogent, that WaMu "created such a toxic environment for itself, one so bad that you have to wonder how anyone within the organization could survive, and whether any amount of help — oxygen, liquidity, or otherwise — could have saved the company."
He quotes Senator Carl Levin: "Using a toxic mix of high-risk lending, lax controls, and compensation policies that rewarded quantity over quality, Washington Mutual flooded the market with shoddy loans that went bad."
I thoroughly recommend a careful and thoughtful read of the article. While there are issues relating to fraud (in loan processing), risk management, and controls, the primary issue was leadership and the corporate culture — what Rick would call Control Environment issues in the COSO internal control model. The tone at the top was hardly conducive to ethical and risk/controls-conscious behavior by management or staff.
I like the way Rick ends, and will use his last paragraph to end this post:
"Companies seeking to drive up the top line without regard to quality seem to allow established controls to be diminished or ignored. Sometimes this is done intentionally, other times subconsciously in concert with the shortsighted push for quantity. This is where the risk officer, compliance officer, legal counsel, audit executive, audit committee, and others need to step up and do what's necessary to ensure business initiatives are well controlled—to ensure that long-term business goals are indeed likely to be met."