Search results

The need for robust governance standards in financial institutions requires no overemphasis. However, instances of governance failures have been a recurring global phenomenon. This paper examines the key elements of governance in financial institutions, evaluates reasons for failures and suggests ways to strengthen governance and prevent such failures.

The author follows a descriptive design and a behavioural approach to understand the governance issues in financial institutions.

The author identifies key elements of governance, and the potential reasons for failures and highlights that the structure of boards, thrust on the adoption of best practices and regulatory guidelines are necessary but not sufficient to ensure failsafe governance standards. The author emphasises the need for recognition of behavioural factors and a focus on continuous monitoring and red flagging of the conduct of key stakeholders by the third and fourth lines of defence. An effective whistle-blower policy, a clear focus on organisational culture and the subjugation of individuals to the systems can improve the robustness of the governance standards in financial institutions.

To the best of the author's knowledge and belief, the observations and suggestions made in the paper are original. The paper contributes by offering a nuanced perspective for strengthening governance in financial institutions.

The purpose of this paper is to analyse and investigate how intensified regulatory requirements related to outsourcing have influenced and changed the outsourcing activities of German financial institutions.

The study involved interviewing 11 outsourcing experts in the German financial sector, including four of the five largest banks in Germany. In coding and analysing the collected data, this study adopted the approach of a qualitative content analysis framework.

The study found that the revised legal requirements have had a significant and potentially negative impact on the efficiency of outsourcing, leading to a necessity for German financial institutions to internally realign their outsourcing managements. The study further revealed practical realigned methods German financial institutions executed to meet the legal requirements.

The impact, meaning and relevance of legal requirements in the outsourcing environment of German financial institutions has been relatively under-researched from a qualitative perspective and focused on other primary fields of investigation like outsourcing decisions and outcomes. This study has, by adopting a qualitative approach, addressed the identified gap by providing first-hand insights and new knowledge.

While the three lines model (TLM) provides an organizational structure to execute risk and control duties, research and practice show limitations in the model's implementation. These limitations result in governance issues. Such issues, together with control weaknesses, could be addressed by leveraging properties of distribution, transparency, and immutability of blockchain technology. To this end, in this paper the authors propose a conceptual control framework based on blockchain technology to augment control practice.

The design of the resulting blockchain-based control framework (BBCF) and its prototype, based on the design science research methodology (DSRM), is presented and discussed in terms of the potential impact in the context of the identified problems within the TLM.

One potential outcome of BBCF could be to redefine the scope and boundaries of some of the activities in audit and control practices from a more static to a more dynamic and prospective role. In a larger context of improving governance practices, the BBCF could set the path for a more inclusive and participatory interaction between the different governance actors of an organization.

However, this assumes that blockchain is more widely adopted despite its complexity and rigidity.

BBCF covering both a conceptual model design and a reference implementation provides an innovation in audit and control. BBCF could include all relevant stakeholders who have an interest in corporate governance and control activities, including the regulators.

The contribution intends to serve both as a starting point for discussing the evolution of audit and control practice based on blockchain technology, as well as an initial actionable prototype for experimentation and further development.

This study aims to understand independence in internal auditing by investigating how internal auditor independence is constructed when analysed in its corporate governance context.

A critical discourse analysis (CDA) of the corporate governance reports of Swedish large stock market listed non-financial companies, for three consecutive years, is undertaken, using a theoretical lens of organisational embeddedness and operational coupling to understand independence as a situated practice.

The study develops four archetypes of internal auditor independence – autarchic, instrumental, symbiotic and subservient – and discusses each archetype's implications for independence, related to tripartite relations with management and the audit committee, regarding who has the mandate to direct work and how the work is done. It finds that internal auditors always have a capacity to be independent. Although they are not independent in relation to agents in the subservient archetype, they are independent of those down the organisational chain of command, suggesting independence is both situational and relational.

The analysis contributes a novel approach to the literature and develops a conception of independence using the dimensions of embeddedness and coupling. The archetypes offer an analytical framework for future studies on independence.

Internal auditors may understand their practice differently through the archetypes that result from this study.

Internal auditors' power relations within corporate governance further an understanding of the pressures on internal auditors and their role.

This study contributes new knowledge on the situatedness of independence by showing how internal auditors are embedded and coupled helps build their independence.

Inspired by new findings on and perceptions of risk governance, such as the necessity of taking a broader perspective in coping with risks in companies and working together in interactive groups with various stakeholders to deal with complex risks in the modern world, the purpose of this paper is looking for new ways to deal with financial risks. Current methods dealing with those risks are confronted with the problems of being primarily based on past data and experience, neglecting the need for objectivity, focusing on the short-term future and disregarding the interconnectedness of different financial risk categories.

A literature review of risk governance, financial risk management and open foresight was executed to conceptualize solutions to the mentioned-above problems.

Collaborative financial risk assessment (CFRA) is a promising approach in financial risk governance with respect to overcoming said problems. It is a method of risk identification and assessment, which combines aspects of “open foresight” and the financial risk management and governance literature. CFRA is characterized as bringing together members of different companies in trying to detect weak signals and trends to gain knowledge about the future, which helps companies to reduce financial risks and increase the chance of gaining economic value. By overcoming organizational boundaries, individual companies may gain the knowledge they would probably not have without CFRA and achieve a competitive advantage.

A conceptual paper like the one at hand wants empirical proof. Therefore, the authors developed a research agenda in the form of five propositions for further research.

This paper discusses the existing problems of financial risk identification and assessment methods. It contributes to the existing literature by proposing CFRA as a solution to those problems and adding a new perspective to financial risk governance.

Islamic financial institutions (IFIs) are required to establish a Shariīʿah Governance Framework (SGF) to strengthen their Sharīʿah-compliance mechanism and ensure that all relevant IFI regulations are in line with Sharīʿah rules and principles. Effective implementation of the Shariīʿah-compliance function will further promote stakeholder confidence, as well as the integrity of IFIs, by reducing Shariīʿah non-compliance risks. This study aims to examine the internal control framework developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and explore the extent to which it can be incorporated in the Sharīʿah-compliance function of IFIs.

This study adopts a qualitative method of inquiry, utilizing the inductive method and content analysis to build comprehensive knowledge that will assist in exploring the framework of COSO methodology and the extent to which it can be adopted by IFIs.

The findings indicate that the existing frameworks of Sharīʿah governance, whether that of the Accounting and Auditing Organization for Islamic Financial Institutions (AAOIFI) or Bank Negara Malaysia (BNM), need to be further developed. Therefore, the adoption of COSO methodology in the internal Sharīʿah audit of IFIs, as suggested by AAOIFI, is not only possible but desirable. The study also finds that the COSO framework places the highest priority on risk management in that it makes it an integral part of the decision-making process in all the institution's activities. As a result, incorporating the comprehensive COSO risk management structure within the Sharīʿah-compliance function will enhance risk management in IFIs.

This study highlights the importance of the COSO internal control framework and examines its components, principles and the possibility of its adoption by IFIs. The findings of this study are expected to contribute to enhancing the Sharīʿah-compliance function of IFIs.

This study aims to explore the formation of municipal risk management (RM) and the reasons for the differences of RM practices between the seven biggest cities in Finland.

The empirical data of this comparative qualitative case study comprises 33 interviews conducted with municipal managers. Supplementary material includes documentary material on municipal rules governing RM as well as annual reports and risk tools used in the municipalities.

This study found differences in cities with respect to when, how and why RM practices had evolved. The results indicate that differences in RM practices and development paths between cities are largely explained by the differences in the original reason to initiate RM, time span since its introduction, professional and educational backgrounds of risk managers, local risk events and accounting infrastructure such as RM tools developed in a city. These findings also suggest that even within the same municipality, different functions can be at different phases regarding RM.

This study reports on RM as a new form of accounting in the field of Finnish municipalities. This highlights how fairly uniform considerations at the field level lead to variation in the elaboration of RM practices at the municipal level. The study finds that different paths in the development of local RM involve iterative evolution between the phases of emergence, largely explained by contextual differences. This study contributes to understanding the emergence of new accounting forms in a municipal RM context.

The purpose of this study is to assess the impact of cyberfraud in the South African banks with the aim to provide recommendations to effectively mitigate it.

The study uses a qualitative approach involving the use of structured questionnaires. The questionnaires were made available to the staff of 17 licensed banks in South Africa who deal with management, operation, administration and banking services. Two hypotheses were formulated and non-parametric statistical analyses involving the use of Chi-square test, Fischer’s Exact test and Spearman’s correlation were carried out. The two hypotheses formulated were tested to draw a conclusion.

The results obtained indicate that the impact of cyberfraud in the South African banking industry is highly significant and has affected the reputation of some of the banks. This calls for the need to review the diverse ways of curbing cyberfraud to lessen their impact and that of associated fraud risks on the banking operation.

This study provides an analysis on the relationship cyberfraud occurrences and the reputation of South African banks. The implementation of the recommendations may reinforce the existing security measures in the fight against cyberfraud.

The novelty of this study lies in the fact that the assessment of the impact of cyberfraud on the banking industry in South Africa has not been sufficiently highlighted by the existing literature.

This study aims to examine how the legitimacy of internal auditing is reconstructed during enterprise resource planning (ERP)-driven technological change.

The study is based on the comparative analysis of internal auditing and its transformation due to ERP implementations at two case firms operating in the food sector in Egypt – one a major Egyptian multinational corporation (MNC) and the other a major domestic company (DC).

Internal auditors (IAs) at MNC saw ERP implementation as an opportunity to reconstruct the legitimacy of internal auditing work by engaging and partnering with actors involved with the ERP change. In doing so, the IAs acquired system certifications and provided line functions and external auditors with data-driven business insights. The “practical coping mechanism” adopted by the IAs led to the acceptance (and legitimacy) of their work. In contrast, IAs at DC adopted a purposeful strategy of disengaging, blaming and rejecting since they were skeptical of the top management team's (TMT's) sincerity. The “disinterestedness” led to the loss of legitimacy in the eyes of the stakeholders.

The article offers two contributions. First, it extends the literature by highlighting a spectrum of behavior displayed by IAs (coping with impending issues vs strategic purposefulness) during ERP-driven technological change. Second, the article contributes to the literature on legitimacy by highlighting four intertwined micro-processes – participating, socializing, learning and role-forging – that contribute to reconstructing the legitimacy of internal auditing.

To demonstrate transparency and accountability, the three boards in this study are required to meet in public in front of an audience, although the boards reserve confidential issues for discussion in private sessions. This study examines boardroom public accountability, contrasting it with accountability in board meetings held in private. The study adopts Erving Goffman's impression management theory to interpret divergences between boardroom behaviour in public and private, or “frontstage” and “backstage” in Goffman's terminology.

The research observes and video-records three board meetings for each of the three boards (nine board meetings), in public and private. The research operationalises accountability in terms of director-manager question-and-answer interactions.

In the presence of an audience of local stakeholders, the boards employ impression management techniques to demonstrate accountability, by creating the impression that non-executive directors are performing challenge and managers are providing satisfactory answers. Thus, they “save the show” in Goffman terms. These techniques enable board members and managers to navigate the interface between demonstrating the required good governance and the competence of the organisations and their managers, while not revealing issues that could tarnish their image and concern the stakeholders. The boards need to demonstrate to the audience that “matters are what they appear to be”, even if they are not. The research identifies behaviour consistent with impression management to manage this complexity. The authors conclude that regulatory objectives have not met their transparency aspirations.

For the first time, the research studies the effect of transparency regulations (“sunshine” laws) on the behaviour of boards of directors meeting in public. The study contributes to the embryonic literature based on video-taped board meetings to access the “black box” of the boardroom, which permits a study of impression management at board meetings not previously possible. This study extends prior impression management theory by identifying eleven impression management techniques that non-executive directors and managers use and which are unique to a boardroom context.