Search results

The purpose of this paper is to examine, from the agency perspective, the influence of internal audit and audit committee attributes, as well as risk management and internal control systems, on the implementation of risk-based auditing among public-listed companies in Malaysia.

A questionnaire survey was distributed to the in-house internal audit function in approximately 620 public-listed companies. Consequently, data from 117 heads of the internal audit function was collected and analyzed.

The findings indicate that “audit committee review and concern” and “risk management system” are significantly and positively related to the implementation of risk-based auditing. Most importantly, the results indicate the importance of audit committee inputs and concerns in reviewing internal audit activities. Empirically, the findings also suggest that a more formalized risk environment would foster the existence of a strong risk-aware culture and hence provides a strong foundation for internal audit to implement risk-based auditing. However, internal audit experience, size of internal audit function, audit committee qualifications, and internal control system are not found to be significant predictors of the presence of risk-based auditing.

This study examined only risk-based auditing practices in the in-house internal audit function of public-listed companies; hence, the findings cannot be generalized to all Malaysian-listed companies that outsource or co-source their internal audit activities.

An effective internal monitoring mechanism and better quality of internal audit work will minimize potential risks that prevent the achievement of company objectives, reduce propensity to falsify financial information, and improve financial reporting quality.

This study contributes evidence concerning the relationship between internal monitoring mechanisms and the implementation of risk-based auditing among in-house internal audit activity.

The purpose of this paper is to analyse company‐specific factors associated with adoption of risk‐based auditing. It seeks to explore the role of internal auditing in enterprise risk management (ERM).

Findings are drawn from a questionnaire survey, sent in 2006, to all 96 chief internal auditors who were members of the Institute of Portuguese Internal Auditors.

In planning an annual schedule of audits, the adoption of a risk‐based approach is statistically significant in international firms (p≤0.05) and companies listed on the Portuguese stock market (p≤0.10). There is a strong (but not significant) association between risk‐based annual audit planning and entities which are private, in the finance sector, and large. In planning each audit engagement, adoption of a risk‐based approach is correlated positively with entity size. Internal auditing is more proactive in the implementation of ERM in smaller organisations, and is more important in the finance industry and the private sector.

A better understanding emerges of factors associated with the adoption of risk‐based auditing, together with an enhanced appreciation of the role of internal auditing in ERM.

The paper reveals the specific characteristics of companies that are associated with the adoption of risk‐based approaches in the internal audit process. It is the first paper published about risk‐based internal auditing in Portugal.

Debate is growing around the expansion of risk-based regulation. The regulation scholarship provides evidence of regulatory failure of the risk-based approach in different domains, including financial regulation. Therefore, this paper aims to provide cautionary evidence about the risk of regulatory failure of risk-based strategy in the financial regulation while using enterprise risk management (ERM) as a meta-regulatory toolkit.

Based on interview data gathered from 30 risk managers of banks and five regulatory personnel, combined with secondary data, this study mainly explores the challenges for meaningful use of ERM based self-regulation in regulated banks. The evidence helps to assess the risk of regulatory failure of the risk-based regulation while using ERM.

The evidence reflects that regulated banks face diverse challenges arising from both peripheral and internal environments that limit the true internalization of ERM-based self-regulation. Despite this, the regulator uses this self-regulation as a meta-regulatory toolkit under the risk-based regulation to achieve the regulatory aims. However, the lack of true internalization of ERM based self-regulation is likely to raise the risk of regulatory failure of risk-based regulation to achieve the regulatory goals. Risk-based regulation is an evolving strategy in the regulatory regime. Therefore, care should be taken while using ERM as a regulatory toolkit before relying on it substantially.

The paper provides empirical insights about the challenges for effective use of ERM as a meta regulatory toolkit that might be useful practically both to the regulators and regulated firms.

The current emphasis in anti‐money laundering (AML)/ counter terrorist financing (CTF) regulation on “risk‐based” strategies means that regulatory, law enforcement and reporting agencies need to respond to money laundering and terrorist‐financing threats in ways that are proportionate to the risks involved. However, the way that risk is conceptualized remains vague, and the requirements on agencies imposed by the risk‐based approach involve a significant element of uncertainty. The paper addresses these issues.

This paper examines the attributes of risk as it applies to AML/CTF strategy in the context of regulatory risk and related forms of risk assessment, and argues that there are a number of conditions that must be met if risk‐based decision‐making for AML/CTF is to work effectively.

This paper argues that there are a number of conditions that must be met if risk‐based decision‐making is to work effectively. Three of the most important conditions are that there has to be agreement about what risk is being decided on; there must be explicit, quantifiable models of risk, and those responsible for developing and refining risk‐based decision models must have access to knowledge about the outcomes of assessments.

The paper identifies the need for fundamental changes in the relationship between the regulators and the regulated.

This paper seeks to deconstruct the proposed risk‐based approach to anti‐money laundering (AML) and to relate it to the text of the European Union's 3rd Directive. The paper also aims to discuss a variety of risk‐related aspects and how they have come to be constructed on the sociological perspective of risk and subsequently to examine the relation of risk elements to AML.

The theoretical approach of the paper is based on the tradition of second‐order cybernetics and on many of the theoretical concepts discussed by Niklas Luhmann, as well as his work on the sociology of risk.

The implications for the risk‐based approach on AML are discussed on the basis of how risk can be represented and categorized, and the paradoxes behind various such risk‐classifications are analysed, thus offering a critique on the oversimplification with which risk has been appropriated within AML.

The practical implications of this paper relate to how risk should be considered within the domain of AML and how financial institutions and financial intelligence units should mostly focus on re‐constructing the aspects surrounding risk‐communication.

The originality of this paper lies in its unique treatment of risk within the context of AML, while clearly exposing the unavoidable observational paradoxes that the concept of risk induces, as well as examining the consequences on the risk‐based approach for dealing with AML.

Risk-based clearing has been proposed by Rausser et al. (2010) for over-the-counter (OTC) derivatives. This paper aims to illustrate the application of risk-based margins to a case study of the mortgage-backed securities derivative portfolio of the American International Group (AIG) during the period 2005-2008. There exists sufficient publicly available information to examine AIG’s derivative portfolio and how that portfolio would depend on conjectural changes in margin requirements imposed on its OTC derivative positions. Generally, such data on OTC derivative portfolio positions are unavailable in the public domain, and thus, the AIG data provide a unique opportunity for an objective evaluation.

This paper uses modern financial methodology to evaluate risk-based margining and collateralization for the major OTC derivative portfolio of the AIG.

This analysis reveals that a risk-based margin procedure would have led to earlier margin calls of greater magnitude initially than the collateral calls actually faced by AIG Financial Products (AIGFP). The total margin ultimately required by the risk-based procedure, however, is similar in magnitude to the collateral calls faced by AIGFP by August 2008. It is likely that a risk-based clearing procedure applied to AIG’s OTC contracts would have led to the AIG undertaking significant hedging and liquidation of their OTC positions well before the losses built up to the point they had, perhaps avoiding the federal government’s orchestrated restructuring that occurred in September 2008.

There has been no published risk-based evaluations of a major OTC portfolio of derivatives for any company, let alone the AIG.

The purpose of this paper is to investigate Financial Action Task Force (FATF)'s risk‐based guidance to combat money laundering and terrorist financing to determine its approach to the identification and management of low‐risk providers, products and transactions.

The paper analyses the relevant FATF recommendations and its guidance notes and reflects on key questions for regulators and financial institutions.

FATF has not defined “risk” for purposes of the risk‐based approach. The absence of a clear definition complicates the identification of low‐risk products. FATF do provide an example of a risk matrix that can be used to identify low‐risk banks, but the example is based on assumptions and generalisations that are not sustainable. In addition, it identifies certain low‐value transactions as “low risk” transactions. The paper reflects on the role of value as an indicator of risk and concludes with a number of suggestions to clarify the conceptual framework.

Low‐risk products and transactions are often overlooked because the risk‐based approach focuses attention on high‐risk matters. Low‐risk products are however crucial to the efforts to increase financial inclusion. The paper identifies gaps in the current conceptual framework and indicates ways in which they can be addressed.

Here the author proposes the Mutual Insurance Model with Incentive Compatibility (MIMIC). MIMIC is a model for deposit insurance that mimics the incentives and practices of a private sector, mutual, insurance organisation. The main features of MIMIC are: fully risk‐based premiums, payments by the Federal Deposit Insurance Corporation (FDIC) to the US Treasury Department (the Treasury) for its line of credit and ‘catastrophe insurance’, rebates to banks when the reserve ratio exceeds a risk‐based ceiling, surcharges on banks when the reserve ratio dips below a risk‐based floor, dilution fees on deposit growth to maintain reserve ratio and refunds to banks to maintain reserve ratio when their deposits shrink.

The purpose of this paper is to draw attention to the difficulties that non‐bank reporting entities have in establishing a best practice risk‐based approach to their anti money laundering and counter terrorism financing (AML/CTF) controls.

The paper draws on the experience of the author in working with non‐bank reporting entities in Australia on their implementation of AML/CTF risk‐based programs to meet the requirements of new laws.

Non bank reporting entities struggle to find data to use in their risk assessments and thus cannot easily formulate a risk‐based approach that will effectively reduce the risk of money laundering and terrorism financing (ML/TF) using their products and services.

Financial intelligence units and AML/CTF regulators need to make more information available in a timely fashion to assist regulated entities to improve their risk‐based approach through a better understanding of the ML/TF risks their business face.

The paper draws on the current experience of new regulated entities not previously exposed to AML/CTF requirements. Regulators implementing risk‐based regimes should consider the issues raised when measuring the likely success of these regimes.

The purpose of this paper is to explain the rule‐based and risk‐based anti‐money‐laundering (AML) approach, to demonstrate the implementation problems in carrying out a risk‐based approach (RBA) to AML and finally propose in what way the RBA should be conducted in China.

This paper analyzes the practice of money‐laundering risk management in Chinese AML programs, compares the rule‐based AML approach and the risk‐based AML approach, and discusses the practical condition of carrying out the risk‐based AML approach in China.

Although China has made significant progress on combating money laundering, the practice of money‐laundering risk management in Chinese AML programs is still weak, and the pre‐conditions for fully implementing the RBA in China are yet to be met.

This paper highlights the practical issues preventing Chinese authorities from fully implementing a risk‐based AML approach, and proposes a “rule‐based but risk‐oriented” AML approach (a partial RBA) in the context of Chinese realities.