Qualitative Analysis of Enterprise Risk Management Systems in the Largest European Electric Power Companies
Abstract
:1. Introduction
2. Literature Review
3. Materials and Methods
4. Results
4.1. Governance and Culture
4.2. Strategy and Objective-Setting
4.3. Performance
4.4. Review and Revision
4.5. Information, Communication and Reporting
5. Discussion
6. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Dvorski Lacković, I.; Kurnoga, N.; Sprčić, D.M. Three-factor model of enterprise risk management implementation: Exploratory study of non-financial companies. Risk Manag. 2022, 24, 101–122. [Google Scholar] [CrossRef]
- Miloš Sprčić, D.; Mešin Žagar, M.; Šević, Ž.; Marc, M. Does enterprise risk management influence market value—A long-term perspective. Risk Manag. 2016, 18, 65–88. [Google Scholar] [CrossRef]
- Lechner, P.; Gatzert, N. Determinants and Value of Enterprise Risk Management: Empirical Evidence from Germany. Eur. J. Financ. 2017, 24, 867–887. [Google Scholar] [CrossRef]
- Florio, C.; Leoni, G. Enterprise risk management and firm performance: The Italian case. Br. Account. Rev. 2017, 49, 56–74. [Google Scholar] [CrossRef]
- Callahan, C.; Soileau, J. Does Enterprise risk management enhance operating performance? Adv. Account. 2017, 37, 122–139. [Google Scholar] [CrossRef]
- Marc, M.; Miloš Sprčić, D.; Mešin Žagar, M. Is enterprise risk management a value added activity? Ekon. Manag. 2018, 21, 68–84. [Google Scholar] [CrossRef]
- Committee of Sponsoring Organizations of the Treadway Commission (COSO 2004). Enterprise Risk Management Framework; American Institute of Certified Public Accountants: New York, NY, USA, 2004. [Google Scholar]
- Committee of Sponsoring Organizations of the Treadway Commission (COSO 2017). Enterprise Risk Management Integrating with Strategy and Performance; Executive Summary; American Institute of Certified Public Accountants: New York, NY, USA, 2017. [Google Scholar]
- Lundqvist, S.A. An Exploratory Study of Enterprise Risk Management: Pillars of ERM. J. Account. Audit. Financ. 2014, 29, 393–429. [Google Scholar] [CrossRef]
- McShane, M.K. Enterprise risk management: History and a design science proposal. J. Risk Financ. 2018, 19, 137–153. [Google Scholar] [CrossRef]
- White, M.D.; Marsh, E.E. Content Analysis: A Flexible Methodology. Libr. Trends 2006, 55, 22–45. [Google Scholar] [CrossRef][Green Version]
- Conley, C.; Tosti-Kharas, J. Crowdsourcing content analysis for managerial research. Manag. Decis. 2014, 52, 675–688. [Google Scholar] [CrossRef]
- Miloš Sprčić, D.; Kožul, A.; Pecina, E. Managers’ Support—A Key Driver behind Enterprise Risk Management Maturity. Zagreb Int. Rev. Econ. Bus. 2017, 20, 25–39. [Google Scholar] [CrossRef][Green Version]
- Farrell, M.; Gallagher, R. The Valuation Implications of Enterprise Risk Management Maturity. J. Risk Insur. 2015, 82, 625–657. [Google Scholar] [CrossRef]
- Paape, L.; Spekle, R.F. The Adoption and Design of Enterprise Risk Management Practices: An Empirical Study. Eur. Account. Rev. 2012, 21, 533–564. [Google Scholar] [CrossRef][Green Version]
- Miloš Sprčić, D. Determining Quality and Effectiveness of Enterprise Risk Management System. In Proceedings of the 33rd International Business Information Management Association Conference, Granada, Spain, 10–11 April 2019; pp. 902–913. [Google Scholar]
- Herrinton, M. How Mature Is Your Risk Management? Harvard Business Review, 29 June 2012. Available online: https://hbr.org/2012/06/how-mature-is-your-risk-manage (accessed on 5 July 2022).
- Mikes, A.; Kaplan, R.S. Towards a Contingency Theory of Enterprise Risk Management; Working Paper; Harvard Business School: Brighton, MA, USA, 2014. [Google Scholar]
- Power, M. The risk management of nothing. Account. Organ. Soc. 2009, 34, 849–855. [Google Scholar] [CrossRef]
- Grace, M.F.; Leverty, J.T.; Phillips, R.D.; Shimpi, P. The Value of Investing in Enterprise Risk Management. J. Risk Insur. 2015, 82, 289–316. [Google Scholar] [CrossRef]
- Ittner, C.D.; Michels, J. Risk-based forecasting and planning and management earnings forecasts. Rev. Account. Stud. 2017, 22, 1005–1047. [Google Scholar] [CrossRef]
- Aebi, V.; Sabato, G.; Schmid, M. Risk management, corporate governance and bank performance in the financial crisis. J. Bank. Financ. 2012, 36, 3213–3226. [Google Scholar] [CrossRef]
- Beasley, M.; Branson, B.; Pagach, D. An analysis of the maturity and strategic impact of investments in ERM. J. Account. Public Policy 2015, 34, 219–243. [Google Scholar] [CrossRef]
- Henschel, T. Risk Management Practices in the Main Industries of German Small to Medium-Sized Enterprises. An empirical Investigation. Ph.D. Thesis, Napier University, Edinburgh, UK, 2007; pp. 1–301. [Google Scholar]
- Monda, B.; Giorgino, M. An Enterprise Risk Management Maturity Model. MPRA Paper No. 45421. 2013. Available online: https://mpra.ub.uni-muenchen.de/45421/ (accessed on 5 July 2022).
- Thekdi, S.; Aven, T. An enhanced data-analytic framework for integrating risk management and performance management. Reliab. Eng. Syst. Saf. 2016, 156, 277–287. [Google Scholar] [CrossRef]
- Nair, A.; Rustambekov, E.; McShane, M.; Fainshmidt, S. Enterprise Risk Management as a Dynamic Capability: A test of its effectiveness during a crisis. Manag. Decis. Econ. 2014, 35, 555–566. [Google Scholar] [CrossRef]
- Nocco, B.W.; Stulz, R.M. Enterprise Risk Management: Theory and Practice. J. Appl. Corp. Financ. 2006, 18, 8–20. [Google Scholar] [CrossRef]
- Frigo, M.; Anderson, R.J. Strategic Risk Assessment: A first step for improving risk management and governance. Strateg. Financ. 2009, 12, 25–33. [Google Scholar]
- ERM Initiative Faculty. Five Basics to Managing Innovation Risk. 2014. Available online: https://erm.ncsu.edu/library/article/five-basics-to-managing-innovation-risk (accessed on 5 July 2022).
- CGMA. Global State of Enterprise Risk Oversight, 2nd ed.; Analysis of the Challenges and Opportunities for Improvement; CGMA: New York, NY, USA, 2015. [Google Scholar]
- Woods, M. A contingency theory perspective on the risk management control system within Birmingham City Council. Manag. Account. Res. 2009, 20, 69–81. [Google Scholar] [CrossRef]
- Jordan, S.; Jørgensen, L.; Mitterhofer, H. Performing risk and the project: Risk maps as mediating instruments. Manag. Account. Res. 2013, 24, 156–174. [Google Scholar] [CrossRef]
- OECD. Risk Management and Corporate Governance; OECD Publishing: Paris, France, 2014. Available online: http://dx.doi.org/10.1787/9789264208636-en (accessed on 6 July 2022).
- Ittner, C.D.; Oyon, D.F. The Internal Organization of Enterprise Risk Management. 2014. Available online: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2486588 (accessed on 6 July 2022).
- Fraser, J.R.; Simkins, B.J. The challenges of and solutions for implementing enterprise risk management. Bus. Horiz. 2016, 59, 689–698. [Google Scholar] [CrossRef]
- Beasley, M.; Branson, B.C.; Hancock, B.V. Developing Key Risk Indicators to Strengthen Enterprise Risk Management; ERM Initiative at North Carolina State University and the Committee of Sponsoring Organizations of the Treadway Commission: Raleigh, NC, USA, 2010. [Google Scholar]
- Zhao, X.; Hwang, B.G.; Low, S.P. Developing a fuzzy enterprise risk management maturity model for construction firms. J. Constr. Eng. Manag. 2013, 139, 1179–1189. [Google Scholar] [CrossRef]
- Arena, M.; Arnaboldi, M.; Azzone, G. Is enterprise risk management real? J. Risk Res. 2011, 14, 779–797. [Google Scholar] [CrossRef]
- Viscelli, T.R.; Hermanson, D.R.; Beasley, M.S. The Integration of ERM and Strategy: Implications for Corporate Governance. Account. Horiz. 2017, 31, 69–82. [Google Scholar] [CrossRef]
- Jonek-Kowalska, I. Efficiency of Enterprise Risk Management (ERM) systems. Comparative analysis in the fuel sector and energy sector on the basis of Central-European companies listed on the Warsaw Stock Exchange. Resour. Policy 2019, 62, 405–415. [Google Scholar] [CrossRef]
- S&P Global Market Intelligence. Available online: https://www.spglobal.com/marketintelligence/en/news-insights/trending/sgSxFo7P69ByGX1pBy4mvg2 (accessed on 25 October 2021).
- Reuters. Available online: https://www.reuters.com/markets/companies/ (accessed on 6 July 2022).
- Krippendorff, K. Content Analysis: An Introduction to Its Methodology, 2nd ed.; Sage: Thousand Oaks, CA, USA, 2004. [Google Scholar]
- Beaugrande, R.D.; Dressler, W.U. Einführung in Die Textlinguistik; Niemeyer: Tübingen, Germany, 1981. [Google Scholar]
- Linsley, P.M.; Shrives, P.J. Examining risk reporting in UK public companies. J. Risk Financ. 2005, 6, 292–305. [Google Scholar] [CrossRef]
- Baregheh, A.; Rowley, J.; Sambrook, S. Towards a multidisciplinary definition of innovation. Manag. Decis. 2009, 47, 1323–1339. [Google Scholar] [CrossRef]
- Miloš Sprčić, D. Enterprise risk management-value based approach to managing corporate risks holistically. In Enterprise Risk Management: Theory and Practice with Selected Case Studies of Multinational Companies; Miloš Sprčić, D., Ed.; Faculty of Economics and Business, University of Zagreb: Zagreb, Croatia, 2020; pp. 1–61. [Google Scholar]
- Radić, D.; Pecina, E.; Miloš Sprčić, D. Enterprise Risk Management in the Electric Power Industry. In Risk Management: Strategies for Economic Development and Challenges in the Financial System; Miloš Sprčić, D., Ed.; Nova Science Publishers: Hauppauge, NY, USA, 2014; pp. 303–318. [Google Scholar]
- SSE PLC. Annual Report 2020. 2021. Available online: https://www.sse.com/media/jqcamklf/sse-32693-annual-report-2020-web-1.pdf (accessed on 21 November 2021).
- Iberdrola. Activities Report of the Board of Directors and of the Committees Thereof 2020. 2021. Available online: https://www.iberdrola.com/documents/20125/42349/gsm21_AnnualReportBoardDirectors.pdf/837cef1f-a488-0752-077b-d07a4b149bcc?t=1631254750608 (accessed on 10 January 2022).
- Endesa, S.A.; Subsidiaries. Consolidated Annual Financial Report for the Year Ended 31 December 2020. 2021. Available online: https://www.endesa.com/content/dam/enel-es/endesa-en/home/investors/financialinformation/annualreports/documents/2021/annual-report-2020-cac-eng-v-cnmv.pdf (accessed on 12 November 2021).
- Energias de Portugal. Changing Tomorrow Now-Annual Report 2020. 2021. Available online: https://www.edp.com/sites/default/files/2021-03/210x297_RC20_EDP_EN_0.pdf (accessed on 1 December 2021).
- Fortum Oyj. Financials 2020. 2021. Available online: https://www.fortum.com/media/26927/download?attachment (accessed on 5 December 2021).
- Ørsted. Annual Report 2020. 2021. Available online: https://orsted.com/-/media/annual2020/annual-report-2020.pdf (accessed on 15 January 2022).
- Enel. Integrated Annual Report 2020. 2021. Available online: https://integratedreporting2020.enel.com/sites/enelar20/files/allegati/dc/eng/integrated-annual-report_2020.pdf (accessed on 18 January 2022).
- Fortum Oyj. Governance 2020. 2021. Available online: https://www.fortum.com/media/26926/download?attachment (accessed on 5 December 2021).
- Terna. 2020 Integrated Annual Report. 2021. Available online: https://download.terna.it/terna/RelazioneFinanziariaAnnuale_2020_ENG_SEGNALIBRI_8d8fab8ff902f7e.pdf (accessed on 8 November 2021).
- Electricité de France. Universal Registration Document 2020—Including the Annual Financial Report. 2021. Available online: https://labrador.cld.bz/EDF-2020-Universal-Registration-Document (accessed on 10 December 2021).
- Fortum Oyj. CEO´s Business Review 2020. 2021. Available online: https://www.fortum.com/media/26924/download (accessed on 6 December 2021).
- Verbund. Integrated Annual Report 2020. 2021. Available online: https://www.verbund.com/en-de/about-verbund/investor-relations/financial-reports (accessed on 1 November 2021).
- Endesa, S.A.; Subsidiaries. Corporate Governance Report 2020. 2021. Available online: https://www.endesa.com/content/dam/enel-es/endesa-en/home/investors/corporategovernance/annualreport/documents/2020/IAGC_2020_EN.pdf (accessed on 13 November 2021).
- Hoyt, R.E.; Liebenberg, A.P. The Value of Enterprise Risk Management. J. Risk Insur. 2011, 78, 795–822. [Google Scholar] [CrossRef]
- Pagach, D.; Warr, R. The characteristics of firms that hire chief risk officers. J. Risk Insur. 2011, 78, 185–211. [Google Scholar] [CrossRef]
- Peljhan, D.; Miloš Sprčić, D.; Marc, M. Strategy and organizational performance: The Role of Risk Management System Development. In Performance Measurement and Management Control: The Relevance of Performance Measurement and Management Control Research; Emerald Group Publishing Limited: Binglay, UK, 2018. [Google Scholar]
ERM Characteristic | Literature Source for ERM Characteristic | COSO (2017) Component | |
---|---|---|---|
C1 | Existence of a written document, i.e., a formal risk management policy | Herrinton [17]; | (1) Governance and culture |
Lundqvist [9] | |||
C2 | The „tone at the top“ and active support to risk management by the company’s top management | Mikes and Kaplan [18]; | (1) Governance and culture |
Miloš Sprčić et al. [13] | |||
C3 | Existence of a business continuity plan, i.e., crisis management plan | Power [19] | (1) Governance and culture |
C4 | Trust of employees that the real level of risk a company is exposed to is reflected in boards’ decisions concerning future business activities | Grace et al. [20]; | (1) Governance and culture |
Ittner and Michels [21] | |||
C5 | Establishment of the risk committee on the company level | Herrinton [17]; | (1) Governance and culture |
Aebi et al. [22]; | |||
Lundqvist [9]; | |||
Beasley et al. [23] | |||
C6 | Clear identification of company’s goals and connection to adequate measures of business success | Henschel [24]; | (2) Strategy and objective-setting |
Monda and Giorgino [25]; | |||
Thekdi and Aven [26] | |||
C7 | Thorough understanding of the macroeconomic environment and the industry in which the company operates | Nair et al. [27] | (2) Strategy and objective-setting |
C8 | Business objectives and risks associated to these objectives are clearly communicated on all levels of the company | Monda and Giorgino [25] | (2) Strategy and objective-setting |
C9 | The results of the risk management process and the person in charge for risk management are included in strategic decision making | Nocco and Stulz [28]; | (2) Strategy and objective-setting |
Frigo and Anderson [29]; | |||
ERM Initiative Faculty [30] | |||
C10 | Existence of the standardised process and methodology for risk identification (explicit guidelines for risk identification) | CGMA [31] | (3) Performance |
C11 | Identification of significant risk factors that may have negative impacts on the ability of the company to achieve its strategic plans and business goals | Lundqvist [9] | (3) Performance |
C12 | Two-dimensional risk assessment (assessment of the risk probability occurrence and its significance for company’s business goals) | Woods [32]; | (3) Performance |
Jordan et al. [33] | |||
C13 | Risk identification and risk evaluation are performed regularly, at minimum annually | OECD [34]; | (3) Performance |
Paape and Spekle [15] | |||
C14 | Estimation of interdependencies between different types of risks a company is exposed to | Nocco and Stulz [28]; | (3) Performance |
Lundqvist [9]; | |||
Mikes and Kaplan [18] | |||
C15 | Usage of quantitative techniques for risk assessment | Paape and Spekle [15]; | (3) Performance |
Lundqvist [9] | |||
C16 | Quantification of the impact of risks on strategy and key risk indicators | Lundqvist [9] | (3) Performance |
C17 | Determination of measures for treating identified and assessed risks with the aim to increase risk management efficiency. | Woods [32] | (3) Performance |
C18 | Determination of risk owners responsible for conducting defined measures for treating risks | Lundqvist [9]; | (3) Performance |
Mikes and Kaplan [18]; | |||
Ittner and Oyon [35] | |||
C19 | Existence of risk register containing all risks, its owners and measures for risk management | Nocco and Stulz [28]; | (3) Performance |
Fraser and Simkins [36] | |||
C20 | Continuous meetings of the risk committee, at least 2–3 times a year | Aebi et al. [22]; | (4) Review and revision |
Lundqvist [9]; | |||
OECD [34] | |||
C21 | Continuous assessment and revision of risk management strategy and exposure to internal and external risk factors | Beasley et al. [37] | (4) Review and revision |
C22 | Active and continuous review of the risk management process | Beasley et al. [23] | (4) Review and revision |
C23 | Continuity in risk monitoring is assured through the internal audit or risk committee and is not dependent of personnel changes in internal audit or risk committee | Zhao et al. [38] | (4) Review and revision |
C24 | Continuous discussions regarding risk (for example, risk workshops) | Mikes and Kaplan [18] | (5) Information, communication and reporting |
C25 | Existence of formal risk report that is presented to the management board at minimum once a year | Aebi et al. [22]; | (5) Information, communication and reporting |
Lundqvist [9]; | |||
C26 | Exchange of information on risk exposure and risk management between higher and middle management level | Frigo and Anderson [29]; | (5) Information, communication and reporting |
Grace et al. [20]; | |||
CGMA [31] | |||
C27 | Continuous board reporting about problems in risk management or problems related to measures determined for treating identified and assessed risks. | Paape and Spekle [15]; | (5) Information, communication and reporting |
Lundqvist [9] | |||
C28 | Face-to-face discussions with the lower levels of management concerning relevant risk management issues | Arena et al. [39]; | (5) Information, communication and reporting |
Miloš Sprčić et al. [13] | |||
C29 | Communication with external parties related to risk management through formal reporting | Herrinton [17]; | (5) Information, communication and reporting |
Lundqvist [9]; | |||
OECD [34]; | |||
Viscelli et al. [40] |
Company | Country | Activities | Market Capitalization as of 29 March 2019 (in Billions of Euros) |
---|---|---|---|
Enel SpA | Italy | Production, distribution and supply of energy | 57.99 |
Iberdrola SA | Spain | Production, transmission, distribution, wholesale and retail of electricity | 49.89 |
Electricité de France SA | France | Generation, transmission, distribution, energy trading, energy sales and energy services | 36.65 |
Ørsted A/S | Denmark | Procuring, producing, distributing and trading energy and related products | 28.38 |
ENDESA, S.A. | Spain | Generation, distribution and sale of electricity | 24.08 |
Fortum Oyj | Finland | Power generation, trading and optimisation | 16.19 |
VERBUND AG | Austria | Generation, trading and transmission of electricity | 14.86 |
SSE PLC | U.K. | Generation, trading and transmission of electricity | 14.31 |
EDP—Energias de Portugal SA | Portugal | Electricity generation, distribution and supply | 12.74 |
Terna—Rete Elettrica Nazionale Societa per Azioni | Italy | Transmission of electricity | 11.35 |
Firm | Risk Categories |
---|---|
ENEL [56] (p. 77) | Strategic, financial, digital technology, operational, compliance |
ENDESA [62] (p. 51) | Strategic, financial, digital technology, operational, compliance risk (including corruption and tax risks), culture and corporate governance risk |
Fortum Oyj [54] (p. 28) | Strategic, sustainability, financial, operational |
Iberdrola [51] (p. 23) | Risks arising from climate change, technological risks, cybersecurity risks, risks associated with the activities of the finance, control and resources division, reputational risks |
Ørsted [55] (p. 72) | Currencies and commodity prices, inflation and interest rates, price pressures due to the increased competition, US offshore development and construction, cybersecurity, legal compliance, climate-related risks |
SSE PLC [50] (pp. 28–36) | Commodity prices, financial liabilities, large capital projects quality, climate change, cybersecurity and resilience, energy affordability, energy infrastructure failure, politics, regulation and compliance, people and culture, safety and the environment, speed of change, emerging risk: joint venture and partner management |
Electricité de France [59] (pp. 105–126) | Financial and market risks; market regulation, political and legal risks; group transformation and strategic risks; operational performance; specific risks related to nuclear activities |
Energias de Portugal [53] (pp. 184–191) | Strategic, operational and financial risk |
Verbund [61] (pp. 110–113) | Financial statements impact, price risk, volume risk, asset/infrastructure risk, legal risk, financial risk, operational risk, project risk, strategic risk, other (reputational) risks |
Terna [58] (p. 90) | External/market risks, operational risks, legal/contractual risks, compliance risks, counterparty risks and natural/human-induced events |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Pecina, E.; Miloš Sprčić, D.; Dvorski Lacković, I. Qualitative Analysis of Enterprise Risk Management Systems in the Largest European Electric Power Companies. Energies 2022, 15, 5328. https://doi.org/10.3390/en15155328
Pecina E, Miloš Sprčić D, Dvorski Lacković I. Qualitative Analysis of Enterprise Risk Management Systems in the Largest European Electric Power Companies. Energies. 2022; 15(15):5328. https://doi.org/10.3390/en15155328
Chicago/Turabian StylePecina, Ena, Danijela Miloš Sprčić, and Ivana Dvorski Lacković. 2022. "Qualitative Analysis of Enterprise Risk Management Systems in the Largest European Electric Power Companies" Energies 15, no. 15: 5328. https://doi.org/10.3390/en15155328