(1) The corporate governance mechanism is not perfect. Although China's commercial banks have set up institutions such as shareholders' meeting, board of directors and board of supervisors in accordance with international practices and the requirements of modern enterprise system, there are still great defects in the effectiveness of corporate governance. Such as unreasonable ownership structure, insufficient incentive mechanism and lack of effective restraint and supervision mechanism.

(2) Ignoring the construction of internal control mode. At present, the method of target control is mainly adopted, with too much emphasis on the control mode of results and neglect of the standardization of internal control environment and process, which will inevitably lead to the failure of long-term control objectives.

(3) Lack of effective risk management control mechanism. First of all, the lack of a strong risk management team makes the risk assessment of China's commercial banks only qualitative and artificially adjustable management methods. Second, there is a lack of necessary risk assessment methods. Third, the computer risk control ability is poor.

(4) Lack of effective internal control standards and standardized evaluation control procedures. Because it is impossible to feedback and evaluate the effectiveness of internal control and adopt corresponding strategies according to the evaluation results, the internal control system cannot be continuously improved.

(5) The effectiveness of internal audit is insufficient. Internal audit lacks planning, unreasonable audit cycle and frequency, weak sense of responsibility of internal auditors and insufficient reward and punishment mechanism, which eventually leads to insufficient effectiveness of internal audit.