A theory of enterprise risk management

2019 ◽  
Vol 19 (3) ◽  
pp. 565-579 ◽  
Author(s):  
Håkan Jankensgård
Keyword(s):  
Risk Management ◽  
Boards Of Directors ◽  
Enterprise Risk Management ◽  
Risk Governance ◽  
Corporate Risk Management ◽  
Content Type ◽  
Enterprise Risk ◽  
Risk Aggregation ◽  
The Board Of Directors

Purpose The purpose of this paper is to develop a theory of enterprise risk management (ERM). Design/methodology/approach The method is to develop a theory for ERM based on identifying the general risk management problems that it is supposed to solve and to apply the principle of deduction based on these premises. Findings ERM consists of risk governance, which is a set of mechanisms that deals with the agency problem of risk management and risk aggregation, which is a set of mechanisms that deals with the information problem of risk management. Research limitations/implications The theory, by identifying the central role of the Board of Directors, encourages further research into the capabilities and incentives of directors as determinants of ERM adoption. It also encourages research into how ERM adoption depends on proxies for agency problems of risk management, such as a decentralized company structure. Practical implications The theory encourages Boards of Directors to focus on understanding where the under and over management of risk are likely to be greatest, as opposed to the current practice of mapping a large number of risk factors. Originality/value The theory complements existing theory on corporate risk management, which revolves around the role of external frictions, by focusing on internal frictions in the firm that prevent effective risk management. It is the first work to delineate ERM vis-a-vis existing risk theory.

Adoption of enterprise risk management (ERM) in small and medium-sized enterprises: evidence from Malaysia

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Consilz Tan ◽  
Su Zy Lee
Keyword(s):  
Risk Management ◽  
Best Practices ◽  
Business Environment ◽  
Risk Tolerance ◽  
Enterprise Risk Management ◽  
Risk Governance ◽  
Success Factor ◽  
Content Type ◽  
Enterprise Risk ◽  
Risk Appetite

Purpose The critical success factor of enterprises is the ability to identify risks and subsequently adapt to the ever-changing technology, as well as the business environment. This paper aims to investigate the top risks faced by small and medium-sized enterprises (SMEs). In the meantime, this paper outlines the perspectives on enterprise risk management (ERM)-based best practices and the adoption level of ERM practices in SMEs. Design/methodology/approach A mixed methodology was used to collect a comprehensive understanding of the adoption of ERM, especially in SMEs. The research is based on cross-sectional questionnaires and collected from risk practitioners in Malaysia. Detailed analysis of the top risks and best practices presented in this paper to identify the developments of risk management in changing organizations. This study used chi-square tests to examine the distribution of the adoption of the ERM programme using risk and insurance management society risk maturity model attributes. Logit regression was used to test the association of ERM efforts with the probability of adopting/considering ERM practices. Findings The findings indicated that business interruption risk and economic slowdown risk are the major concern for companies in Malaysia. A business continuity plan was found to be the most common risk management practice. Efforts such as the establishment of a risk management team and the development of risk appetite and/or risk tolerance statements in an organization are associated with the probability of adopting/considering ERM practices. Research limitations/implications This paper helps to identify challenges of implementing risk governance and management in SMEs that shed light on the regulatory setting which we rather know a little about its impacts. Originality/value There are limited studies conducted in emerging countries on ERM and the application of the ERM framework in SMEs. Prior research studies are mostly generalized and lack details of risk management strategies applying to specific risks. This paper successfully examined the low maturity level of ERM practices and how SMEs in Malaysia managed those risks that emerged in their organizations.

The effect of enterprise risk management on financial performance and firm value: the role of environmental, social and governance performance

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Chairani Chairani ◽  
Sylvia Veronica Siregar
Keyword(s):  
Risk Management ◽  
Firm Performance ◽  
Financial Performance ◽  
Firm Value ◽  
Enterprise Risk Management ◽  
Content Type ◽  
Thomson Reuters ◽  
Enterprise Risk ◽  
Moderating Role

Purpose This study aims to examine the effect of enterprise risk management (ERM) on financial performance and firm value, as well as the moderating role of environmental, social and governance (ESG) performance. Design/methodology/approach The samples in this study are listed companies in the ASEAN 5 (Indonesia, Malaysia, Philippines, Singapore and Thailand) during the years 2014–2018, with total observations of 680 firm-years. Fixed effect panel data regressions were used to test the hypotheses. The data was collected from Financial Report, Annual Reports and Thomson Reuters. Findings The results show that ERM has a positive significant effect on financial performance and firm value. This paper also finds that ESG has a significant moderating role in increasing the effect of ERM on firm value. Further, this paper divides the samples into sensitive and non-sensitive industries and find a significant moderating role of ESG performance on firm performance for sensitive industries. Originality/value Extant studies have not empirically examined the moderating role of ESG on the effect of ERM on firm performance and firm value. The findings have important implications in suggesting that firms need to analyze various threats and opportunities related to and ESG risks in achieving competitive advantage.

Does the hiring of chief risk officers align with the COSO/ISO enterprise risk management frameworks?

2017 ◽  
Vol 25 (3) ◽  
pp. 274-295 ◽  
Author(s):  
Erastus Karanja
Keyword(s):  
Risk Management ◽  
Enterprise Risk Management ◽  
Clear Understanding ◽  
Press Releases ◽  
Apparent Lack ◽  
Content Type ◽  
Business Operations ◽  
Enterprise Risk ◽  
The Press ◽  
Iso 31000

Purpose There are two main industry-sanctioned enterprise risk management (ERM) models, that is, COSO 2004 and ISO 31000:2009, that firms refer to when implementing ERM programs. Taken together, the two ERM models specify that firms should implement ERM programs to meet a strategic need, improve operations and reporting or to comply with government regulations or industry best practices. In addition, the focus of ERM implementation should be either the subsidiary, business unit, division, firm/entity or global level. The purpose of this study is to investigate whether firms are aligning their ERM implementations with these tenets: strategy, operations, reporting, compliance and the level of implementation. Design/methodology/approach The proxy for ERM implementation is the hiring of a Chief Risk Officer (CRO). The research data come from a sample of 122 US firms that issued a press release following the hiring of a CRO between 2010 and 2014. The press releases were retrieved and aggregated through content analysis in LexisNexis Academic. Findings The results reveal that many ERM implementations are occurring at the firm/entity level, and with the exception of reporting, firms consider ERM to be a strategic firm resource capable of improving business operations and compliance initiatives. Originality/value There is a dearth of research studies specifically investigating whether ERM programs adopted by firms are aligned with the specification of COSO 2004 and ISO 31000:2009 frameworks. The apparent lack of a clear understanding of the alignment between the firm ERM programs and the industry’s ERM frameworks may limit the development and implementation of ERM and the eventual realization of the benefits associated with a successful ERM implementation.

Enterprise risk management and sustainability of banks performance

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Babajide Oyewo
Keyword(s):  
Risk Management ◽  
Banking Sector ◽  
Management Practice ◽  
Enterprise Risk Management ◽  
Annual Reports ◽  
Banking Reform ◽  
Content Type ◽  
Enterprise Risk ◽  
The Impact

PurposeThis study investigates firm attributes (namely level of capitalisation, scope of operation, organisational structure, organisational lifecycle, systemic importance and size) affecting the robustness of enterprise risk management (ERM) practice, the extent to which ERM affects the performance of banks and the impact of ERM on the long-term sustainability of banks in Nigeria. This was against the backdrop that the 2012 banking reform was a major regulatory intervention that mainstreamed ERM in the Nigerian banking sector.Design/methodology/approachThe study employed a mixed methodology of content, trend and quantitative analyses. Ex post facto research design was deployed to analyse performance differential of banks, with respect to the implementation of ERM, over a 10-year period (2008–2017). A disclosure checklist developed from the COSO ERM integrated framework was used to assess the robustness of ERM by content-analysing divulgence on risk management in published annual reports. The banking reform periods were dichotomised into pre- (2008–2012) and post- (2013–2017) reform periods. Jonckheere–Terpstra test, independent sample t-test and Mann–Whitney test were applied to analyse a total of 1,036 firm-year observations over the period 2008–2017.FindingsResult shows that bank attributes significantly affecting the robustness of risk management practice are level of capitalisation, scope of operation, systemic importance and size. Performance of banks improved slightly during the post-2012 banking reform period. This suggests that as banks consolidate on the gains of ERM, benefits of the regulatory policy on risk management may be realised in the long run. Result also shows that ERM enhances long-term performance, connoting that effective risk management could serve as a competitive strategy for surviving turbulence that typically characterises the banking sector.Practical implicationsThe emergence of level of capitalisation, scope of operation, systemic importance and size as determinants of ERM provides empirical evidence to support the practice of reviewing the capital requirements for banking business from time to time by regulatory authorities (i.e. recapitalisation policy) as a strategy for managing systemic risk. Top management of banks may consider instituting mechanisms that will ensure risk management is given prominence. A proactive approach must be taken to convert risks to opportunities by banks and other financial institutions, going forward, to cope with the vicissitudes of financial intermediation.Originality/valueThe originality of the study stems from the consideration that it provides some new insights into the impact of ERM on banks long-term sustainability in a developing country. The study also contributes to knowledge by exposing the factors determining the robustness of risk management practice. The study developed a checklist for assessing ERM practice from annual reports and other risk management disclosure documents. The paper also adds to the scarce literature on risk governance and risk management.

Enterprise risk management and Solvency II: the system of governance and the Own Risk and Solvency Assessment

2020 ◽  
Vol 21 (4) ◽  
pp. 317-332 ◽  
Author(s):  
Pablo Durán Santomil ◽  
Luis Otero González
Keyword(s):  
Risk Management ◽  
Insurance Industry ◽  
Solvency Ii ◽  
Enterprise Risk Management ◽  
Insurance Companies ◽  
Legal Form ◽  
Content Type ◽  
Enterprise Risk ◽  
Solvency Assessment

Purpose The purpose of this paper is to analyze how enterprise risk management (ERM), the system of governance and the Own Risk and Solvency Assessment (ORSA) have been boosted with the entry of Solvency II. Design/methodology/approach For this analysis, the authors have undertaken a survey of chief risk officers (CROs) working in Spanish insurance companies. Findings The results show that Solvency II has definitely promoted ERM in the European insurance industry and improved the system of governance of the insurance companies, and that the perceived value of the ORSA for the companies is higher than the cost. It is clear that the quality of ERM implemented by companies is higher in those that face more complex risks and with greater interdependencies – that is, larger companies, foreign insurers and insurers with several lines of business – but is unaffected by the legal form of the entity (mutual/corporation). Originality/value This study conducts primary research with surveys of CROs and develops a measure of the quality of ERM implemented by insurance companies.

scholarly journals Peran Internal Audit dalam Implementasi Enterprise Risk Management berupa Pelaporan Kerusakan Prosedur Risiko.

2020 ◽  
Vol 14 (2) ◽  
Author(s):  
Indarti Indarti
Keyword(s):  
Risk Management ◽  
Internal Audit ◽  
Enterprise Risk Management ◽  
Audit Committees ◽  
Corporate Risk Management ◽  
Internal Auditor ◽  
Internal Auditors ◽  
Enterprise Risk ◽  
Management Procedures ◽  
Corporate Risk

Implementation of Enterprise Risk Management (ERM) by Internal Audit in an orga-nization or company becomes important because Internal Audit is expected to help the organization achieve its objectives by approaching systematic and discipline to evaluate and improve the effectiveness of risk management, control, and governance process. As for which affects it is the involvement of internal auditors, the relation-ship of the audit committee with the internal auditor, and ERM.This study aims to analyze the involvement of Internal Audit in Enterprise Risk mana-gement implementation. Internal auditors should assist both management and audit committees in risk management responsibilities and supervisory roles by examining, evaluating, reporting and recommending improvements to the adequacy and effec-tiveness of risk management processes. An interesting issue is whether internal auditors involved in corporate risk management have a link to the willingness of internal auditors to report to the audit committee.The population in this study are the internal auditors and audit committees who working in companies manufacturing and financial services. The reason for determining the company is because the researcher wants to know how internal audit is involved in ERM implementation on that entity. The sample used in this research is internal auditor at private company and at Banking in this case internal auditor at local bank.The analytical method used is multiple regression analysis with SPSS version 23 pro-gram. The analysis technique used in this research is descriptive statistical analysis, classical assumption test, F-statistic hypothesis test to test influence together with 5% confidence level and use t-statistics to test partial regression coefficients. This re-search was conducted to analyze how much influence the role of Internal Audit in applying Enterprise Risk Management in the implementation of Audit.The result of this research is that the high level of internal auditor involvement in Enterprise Risk management implementation has no significant and significant im-pact on reporting of damage to risk management procedures. This indicates that the role of internal auditors in corporate risk management does not affect the reporting of damage to corporate risk management procedures. While the characteristics of strong relationships between internal auditors and audit committees positively and significantly influence the reporting of risk procedures, this indicates that internal audits that have strong internal audit-audit committee relationships strongly support internal auditors who have high involvement to report damage Greater risk procedures.

Sign in / Sign up

Export Citation Format

Share Document