(In)Consistency Between Private and Public Disclosure on Enterprise Risk Management and Its Determinants

  • Silvia PanfiloEmail author
Conference paper
Part of the Springer Proceedings in Business and Economics book series (SPBE)


Worldwide governance organizations and regulators have recently called for more enhanced disclosures about how organizations manage risks. Enterprise Risk Management (ERM) is recognized as a value-contributing best practice even when legal standards do not require it (Whitman in Risk Manag Insur Rev 18(2):161–197, 2015), but public disclosure on such a process is not generally mandatory. In Italy emphasis on risk disclosure started in 2008 but it was the 2011 revision of the Corporate Governance (CG) code for listed companies to ask for the board commitment in disclosing, within the CG report, about the main internal control and risk management system’s characteristics (Borsa Italiana in Codice di Autodisciplina, 2011). Given the proprietary nature of risk information in addition to the Italian capital market characteristics (small capitalization and presence of a dominant shareholder) and the lack of any mandate for what specific aspects board should disclose, the study aims at investigating a potential variation between private and public disclosure on ERM. Relying on the ERM concepts provided by the COSO framework (2004) the author submitted a survey seeking information about ERM practices within Italian listed companies. Such a private information is compared to public CG reports released by the same companies. The comparison shows companies tend to privately reveal a more effective ERM process than the one they publicly disclose. An examination of CG and firm’s risk variables potentially determining higher variation—i.e. information inconsistency—supports proprietary costs theory rather than agency theory expectations. Thus showing the limits of voluntary disclosure dealing with risk management systems. The study might have international policy implications.


Enterprise risk management (ERM) Private disclosure Public disclosure Information (in)consistency Determinants 



The author is grateful to the editors and the reviewers for their insightful comments and the support provided during the review process. In its earlier version, the article benefited from the feedback provided by the attendees at AIDEA conference, Rome, Italy, 14–15 September 2017 where the paper has been awarded as Emerging scholar colloquium—Best Paper Award and at ERRN 8th European Risk Conference, Katowice, Poland, 20–21 September 2018.


  1. Abraham, S., Cox, P.: Analysing the determinants of narrative risk information in UK FTSE 100 annual reports. Br. Account. Rev. 39(3), 227–248 (2007)CrossRefGoogle Scholar
  2. Abraham, S., Shrives, P.J.: Improving the relevance of risk factor disclosure in corporate annual reports. Br. Account. Rev. 46(1), 91–107 (2014)CrossRefGoogle Scholar
  3. AICPA & NCSU: The State of Risk Oversight: An Overview of Enterprise Risk Management Practices. Available at: (2016)
  4. AIDEA: “New Trends” in Business Economics and Management Studies Rewriting the Relationship between Business and Society. (2017)
  5. Allegrini, M., Greco, G.: Corporate boards, audit committees and voluntary disclosure: evidence from Italian listed companies. J. Manage. Governance 17(1), 187–216 (2013)CrossRefGoogle Scholar
  6. Allini, A., Manes Rossi, F., Hussainey, K.: The Board’s Role in Risk Disclosure: An Exploratory Study of Italian Listed State-Owned Enterprises. Public Money and Management (2016).
  7. Amran, A., Bin, A.M.R., Hassan, B.C.H.M.: Risk reporting: an exploratory study on risk management disclosure in Malaysian annual reports. Manag. Audit. J. 24(1), 39–57 (2009)CrossRefGoogle Scholar
  8. Arena, M., Arnaboldi, M., Azzone, G.: Is enterprise risk management real? J. Risk Res. 14(7), 779–797 (2011)CrossRefGoogle Scholar
  9. Ball, R., Kothari, S.P., Robin, A.: The effect of international institutional factors on properties of accounting earnings. J. Account. Econ. 29(1), 1–51 (2000)CrossRefGoogle Scholar
  10. Baxter, R., et al.: Enterprise risk management program quality: determinants, value relevance, and the financial crisis. Contemp. Account. Res. 30(4), 1264–1295 (2013)CrossRefGoogle Scholar
  11. Beasley, M., Branson, B., Pagach, D.: An analysis of the maturity and strategic impact of investments in ERM. J. Account. Public Policy 34(3), 219–243 (2015)CrossRefGoogle Scholar
  12. Beasley, M.S., Clune, R., Hermanson, D.R.: Enterprise risk management: an empirical analysis of factors associated with the extent of implementation. J. Account. Public Policy 24(6), 521–531 (2005)CrossRefGoogle Scholar
  13. Beasley, M., Pagach, D., Warr, R.: Information conveyed in hiring announcements of senior executives overseeing enterprise-wide risk management processes. J. Account. Audit. Financ. 23(3), 311–332 (2008)CrossRefGoogle Scholar
  14. Beretta, S., Bozzolan, S.: A framework for the analysis of firm risk communication. Int. J. Account. 39(3), 265–288 (2004)CrossRefGoogle Scholar
  15. Borsa Italiana: Codice di Autodisciplina. Available at: (2011)
  16. Borsa Italiana: Codice di Autodisciplina. Available at: (2015)
  17. Brown, I., Steen, A., Foreman, J.: Risk management in corporate governance: a review and proposal. Corp. Gov.: Int. Rev. 17(5), 546–558 (2009)CrossRefGoogle Scholar
  18. Buckby, S., Gallery, G., Ma, J.: An analysis of risk management disclosures: Australian evidence. Manag. Audit. J. 30(8/9), 812–869 (2015)CrossRefGoogle Scholar
  19. Campbell, J.L., et al.: The information content of mandatory risk factor disclosures in corporate filings. Rev. Account. Stud. 19(1), 396–455 (2014)CrossRefGoogle Scholar
  20. Chen, C.J.P., Jaggi, B.: Association between independent non-executive directors, family control and financial disclosures in Hong Kong. J. Account. Public Policy 19, 285–310 (2000)CrossRefGoogle Scholar
  21. Collier, P.M., Berry, A.J., Burke, G.T.: Risk and Management Accounting: Best Practice Guidelines for Enterprise-Wide Internal Control Procedures, vol. 2. No. 11. Elsevier (2007)Google Scholar
  22. Cormier, D., Magnan, M.: Environmental reporting management: a continental European perspective. J. Account. Public Policy 22(1), 43–62 (2003)CrossRefGoogle Scholar
  23. COSO: Enterprise risk management—Aligning Risk with Strategy and Performance. Available on the internet at (2016)
  24. COSO: Enterprise risk management. Available on the internet at (2004)
  25. Courtnage, S.: Financial reporting of risk. Tolley’s Pract. Audit. Account. 9(6), 61–63 (1998)Google Scholar
  26. Dobler, M.: Incentives for risk reporting: a discretionary disclosure and cheap talk approach. Int. J. Account. 43(2), 184–206 (2008)CrossRefGoogle Scholar
  27. Dobler, M., Lajili, K., Zéghal, D.: Attributes of corporate risk disclosure: an international investigation in the manufacturing sector. J. Int. Account. Res. 10(2), 1–22 (2011)CrossRefGoogle Scholar
  28. Ellul, A., Yerramilli, V.: Stronger risk controls, lower risk: evidence from U.S. bank holding companies. J. Finance 68(5), 1757–1803 (2013)CrossRefGoogle Scholar
  29. Elshandidy, T., Neri, L.: Corporate governance, risk disclosure practices, and market liquidity: comparative evidence from the UK and Italy. Corp. Gov.: Int. Rev. 23(4), 331–356 (2015)CrossRefGoogle Scholar
  30. Elshandidy, T., Fraser, I., Hussainey, K.: Aggregated, voluntary, and mandatory risk disclosure incentives: evidence from UK FTSE all-share companies. Int. Rev. Financ. Anal. 30, 320–333 (2013)CrossRefGoogle Scholar
  31. EU Parliament and Council: Directive 2001/65/CE, del 27 settembre 2001, che modifica le direttive 78/660/CEE, 83/349/CEE e 86/635/CEE per quanto riguarda le regole di valutazione per i conti annuali e consolidati di taluni tipi di società nonché di banche e di altre istituzioni finanziarie (2001)Google Scholar
  32. EU Parliament and Council: Directive 2006/46/CE, del 14 giugno 2006, che modifica le direttive del Consiglio 78/660/CEE, relativa ai conti annuali di taluni tipi di società, 83/349/CEE, relativa ai conti consolidati, 86/635/CEE, relativa ai conti annuali e ai conti consolidati delle banche e degli altri istituti finanziari, e 91/674/CEE, relativa ai conti annuali e ai conti consolidati delle imprese di assicurazione (2006)Google Scholar
  33. EU Parliament and Council: Directive 2013/36/UE, del 26 giugno 2013, sull’accesso all’attività degli enti creditizi e sulla vigilanza prudenziale sugli enti creditizi e sulle imprese di investimento, che modifica la direttiva 2002/87/CE e abroga le direttive 2006/48/CE e 2006/49/CE (2013)Google Scholar
  34. European Parliament and Council: Regulation (UE) n. 575/2013, del 26 giugno 2013, relativo ai requisiti prudenziali per gli enti creditizi e le imprese di investimento e che modifica il regolamento (UE) n. 648/2012 (2013)Google Scholar
  35. European Parliament and Council: Directive 2009/138/CE, del 25 novembre 2009, in materia di accesso ed esercizio delle attività di assicurazione e di riassicurazione (solvibilità II) (2009)Google Scholar
  36. Florio, C., Leoni, G.: Enterprise risk management and firm performance: the Italian case. Br. Account. Rev. 49(1), 56–74 (2017)CrossRefGoogle Scholar
  37. Frigo, M.L., Anderson, R.J.: Strategic risk management: a foundation for improving enterprise risk management and governance. J. Corp. Account. Financ. 81–88 (2011)CrossRefGoogle Scholar
  38. Francis, J., Nanda, D.J., Olsson, P.: Voluntary disclosure, earnings quality, and cost of capital. J. Account. Res. 46(1), 53–99 (2008)CrossRefGoogle Scholar
  39. Giner, B., Ruiz, A., Cervera, N., Arce, A.: Accounting policy choice and the disclosure of segmental information: Spanish evidence. In: Paper Presented at the 20th EAA Annual Congress, Graz, April (1997)Google Scholar
  40. Gordon, L.A., Loeb, M.P., Tseng, C.: Enterprise risk management and firm performance: a contingency perspective. J. Account. Public Policy 28(4), 301–327 (2009)CrossRefGoogle Scholar
  41. Hassan, M.K.: UAE corporations-specific characteristics and level of risk disclosure. Manag. Audit. J. 24(7), 668–687 (2009)CrossRefGoogle Scholar
  42. Hayne, C., Free, C.: Hybridized professional groups and institutional work: COSO and the rise of enterprise risk management. Account. Organ. Soc. 39(5), 309–330 (2014)CrossRefGoogle Scholar
  43. Healy, P., Palepu, K.: Information asymmetry, corporate disclosure, and the capital markets: a review of the empirical disclosure literature. J. Account. Econ. 31, 405–440 (2001)CrossRefGoogle Scholar
  44. Hoyt, R.E., Liebenberg, A.P.: The value of enterprise risk management. J. Risk Insur. 78(4), 795–822 (2011)CrossRefGoogle Scholar
  45. IIRC: The International Integrated Reporting Framework. (2013)
  46. IRDCEC: Documento n. 1. La Relazione sulla Gestione. Alcune considerazioni. Roma: Istituto di Ricerca dei Dottori Commercialisti e degli Esperti Contabili (2008)Google Scholar
  47. Jensen, M.C., Meckling, W.H.: Theory of the firm: managerial. J. Financ. Econ. 3, 305–360 (1976)CrossRefGoogle Scholar
  48. Jordan, S., Jørgensen, L., Mitterhofer, H.: Performing risk and the project: risk maps as mediating instruments. Manag. Account. Res. 24(2), 156–174 (2013)CrossRefGoogle Scholar
  49. Kajüter, P.: Risk disclosures of listed firms in Germany: a longitudinal study. In: 10th Financial Reporting & Business Communication Conference, July, Cardiff Business School: Unpublished (2006)Google Scholar
  50. Lajili, K.: Board characteristics, ownership structure and risk disclosures: Canadian evidence. In: 30th Annual Congress of the European Accounting Association, April, Lisbon: Working Paper (2007)Google Scholar
  51. Lajili, K., Zeghal, D.: A content analysis of risk management disclosures in Canadian annual reports. Can. J. Adm. Sci. 22(2), 125–142 (2005)CrossRefGoogle Scholar
  52. Leuz, C.: Proprietary versus Non-Proprietary Disclosures: Voluntary Cash Flow Statements and Business Segment Reports in Germany. Working Paper, Department of Business and Economics, Johann Wolfgang Goethe-Universitat, Frankfurt (1999)Google Scholar
  53. Linsley, P.M., Shrives, P.J.: Examining risk reporting in UK public companies. J. Risk Financ. 6(4), 292–305 (2005)CrossRefGoogle Scholar
  54. Linsley, P.M., Shrives, P.J.: Risk reporting: a study of risk disclosures in the annual reports of UK companies. Br. Account. Rev. 38(4), 387–404 (2006)CrossRefGoogle Scholar
  55. Marshall, A., Weetman, P.: Information asymmetry in disclosure of foreign exchange risk management: can regulation be effective? J. Econ. Bus. 54, 31–53 (2002)CrossRefGoogle Scholar
  56. Maizatulakma, A., et al.: Risk management disclosure: a study on the effect of voluntary risk management disclosure toward firm value. J. Appl. Account. Res. 16(3), 400–432 (2015)CrossRefGoogle Scholar
  57. McShane, M.K., Nair, A., Rustambekov, E.: Does enterprise risk management increase firm value? J. Account. Audit. Financ. 26(4), 641–658 (2011)CrossRefGoogle Scholar
  58. Miihkinen, A.: What drives quality of firm risk disclosure? The impact of a national disclosure standard and reporting incentives under IFRS. Int. J. Account. 47(4), 437–468 (2012)CrossRefGoogle Scholar
  59. Mikes, A.: Risk management and calculative cultures. Manag. Account. Res. 20(1), 18–40 (2009)CrossRefGoogle Scholar
  60. Murphy, K.J.: Reporting choice and the 1992 proxy disclosure rules. J. Account. Audit. Financ. 11(3), 497–515 (1996)CrossRefGoogle Scholar
  61. NCSU & Protiviti.: Executive Perspectives on Top Risks for 2016. Key Issues Being Discussed in the Boardroom and C-Suite. Research Conducted by North Carolina State University’s ERM Initiative and Protiviti. Available at: (2016)
  62. OECD: Risk Management and Corporate Governance, OECD Publishing. Available at: (2014)
  63. Oliveira, J., Lima Rodrigues, L., Craig, R.: Risk-related disclosures by non-finance companies. Manag. Audit. J. 26(9), 817–839 (2011)CrossRefGoogle Scholar
  64. O’Sullivan, N.: The impact of board composition and ownership on audit quality: evidence from large UK companies. Br. Account. Rev. 32(4), 397–414 (2000)CrossRefGoogle Scholar
  65. Paape, L., Speklé, R.F.: The adoption and design of enterprise risk management practices: an empirical study. Eur. Account. Rev. 21(3), 533–564 (2012)Google Scholar
  66. Patelli, L., Prencipe, A.: The relationship between voluntary disclosure and independent directors in the presence of a dominant shareholder. Eur. Account. Rev. 16(1), 5–33 (2007)CrossRefGoogle Scholar
  67. Prencipe, A.: Proprietary costs and determinants of voluntary segment disclosure: evidence from Italian listed companies. Eur. Account. Rev. 13(2), 319–340 (2004)CrossRefGoogle Scholar
  68. Rothbauer, P.: Triangulation. In: Given, L. (ed.) The SAGE Encyclopedia of Qualitative Research Methods. Sage Publications, Beverly Hills (2008)Google Scholar
  69. Standard and Poor’s: Methodology: Management and Governance Credit Factors for Corporate Entities and Insurers. S&P, New York (2012)Google Scholar
  70. Tao, N.B., Hutchinson, M.: Corporate governance and risk management: the role of risk management and compensation committee. J. Contemp. Account. Econ. 9, 83–99 (2013)CrossRefGoogle Scholar
  71. Tufano, P.: Who manages risk? An empirical examination of risk management practices in the gold mining industry. J. Financ. 51(4), 1097–1137 (1996)CrossRefGoogle Scholar
  72. Whitman, A.F.: Is ERM legally required? Yes for financial and governmental institutions, no for private enterprises. Risk Manag. Insur. Rev. 18(2), 161–197 (2015)Google Scholar
  73. Woods, M.: A contingency theory perspective on the risk management control system within birmingham city council. Manag. Account. Res. 20(1), 69–81 (2009)CrossRefGoogle Scholar
  74. Woods, M., Dowd, K., Humphrey, C.: Market risk reporting by the world’s top banks: evidence on the diversity of reporting practice and the implications for international accounting harmonisation. Span. Account. Rev. 11(2), 9–41 (2008)Google Scholar
  75. Verrecchia, R.E.: Discretionary disclosure. J. Account. Econ. 5, 179–194 (1983)CrossRefGoogle Scholar
  76. Zimmerman, J.L.: Conjectures regarding empirical managerial accounting research. J. Account. Econ. 32(1–3), 411–427 (2001)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Ca’ Foscari University of VeniceVeniceItaly

Personalised recommendations