Final answer:
Internal controls have limitations such as resistance to criticism, susceptibility to statistical fraud, and the potential for corporate governance failures, all of which can prevent them from being completely effective in detecting and preventing errors and fraud.
Step-by-step explanation:
Internal controls are essential mechanisms in a business's operations to prevent and detect errors and fraud. However, there are inherent reasons why internal controls cannot always be completely effective.
Firstly, bureaucracies are often resistant to criticism, both from external and internal sources. Employees within the organization may be deterred from reporting mismanagement due to fear of retaliation or job loss, as they have to weigh the personal costs of doing the right thing against their livelihood.
Secondly, another limitation in the efficacy of internal controls comes from the possibility of statistical fraud. When research is conducted, there is a tendency to stop data collection once the desired results are obtained, without considering that further data might contradict the initial findings.
Lastly, there is the issue of corporate governance failure. Institutions that are supposed to oversee top executives sometimes fail to provide accurate oversight, as seen in the case study of Lehman Brothers. This indicates that when such governance systems do not function as intended, internal controls may also falter.
All these issues contribute to the fact that internal controls, while critical, are not foolproof in preventing and detecting every case of error or fraud within an organization.