Risk Governance: Basic Rationale and Tentative Findings from the German Banking Sector

  • Volker SteinEmail author
  • Arnd Wiedemann
Part of the CSR, Sustainability, Ethics & Governance book series (CSEG)


The fact that, over and over again, companies are surprised by unanticipated risks points to a serious deficit: Obviously, neither risk management nor corporate governance has been able to avert the incurred damage. Are these two highly specialized functions unable “to see the forest for the trees?” For the sake of overcoming the addressed limitations, the management theory-related search for a solution leads to the proposal of a bridging function: “risk governance”. We will first introduce its basic rationale in the corporate context before presenting tentative empirical findings from a benchmark study in the German banking sector. Our paper contributes to the development of a generic approach towards the strategic control of risk from the perspective of top management.


Risk governance Board effectiveness Corporate governance Strategic leadership Risk management Top management Sustainability 


  1. Aebi, V., Sabato, G., & Schmid, M. (2012). Risk management, corporate governance, and bank performance in the financial crisis. Journal of Banking & Finance, 36(12), 3213–3226.CrossRefGoogle Scholar
  2. Ahl, V., & Allen, T. F. H. (1996). Hierarchy theory: A vision, vocabulary, and epistemology. New York: Columbia University Press.Google Scholar
  3. Ahrne, G., & Brunsson, N. (2004). Soft regulation from an organizational perspective. In U. Mörth (Ed.), Soft law in governance and regulation (pp. 171–190). Cheltenham: Edgar Elgar.Google Scholar
  4. Ammarapala, V., & Luxhøj, J. T. (2007). A collaborative multi-criteria decision making technique for risk factor prioritization. Journal of Risk Research, 10(4), 465–485.CrossRefGoogle Scholar
  5. Anderson, G., Goldberg, L., Kercheval, A. N., Miller, G., & Sorge, K. (2005). On the aggregation of local risk models for global risk management. Journal of Risk, 8(1), 25–40.CrossRefGoogle Scholar
  6. Ansoff, H. I. (1975). Managing strategic surprise by response to weak signals. California Management Review, 18(2), 21–33.CrossRefGoogle Scholar
  7. Ball, D. J., & Golob, L. (1999). Diverse conceptions of risk prioritization. Journal of Risk Research, 2(3), 243–261.CrossRefGoogle Scholar
  8. Battaglia, F., & Gallo, A. (2015). Risk governance and Asian bank performance: An empirical investigation over the financial crisis. Emerging Markets Review, 25(Dec), 53–68.CrossRefGoogle Scholar
  9. Bhagat, S., Bolton, B., & Lu, J. (2015). Size, leverage, and risk-taking of financial institutions. Journal of Banking & Finance, 59, 520–537.CrossRefGoogle Scholar
  10. Bromiley, P., McShane, M., Nair, A., & Rustambekov, E. (2015). Enterprise risk management: Review, critique, and research directions. Long Range Planning, 48(4), 265–276.CrossRefGoogle Scholar
  11. Brooks, M. (2006). Know your enemy. Financial Management, 84(Nov), 55–56.Google Scholar
  12. Commission on Global Governance. (1995). Our global neighbourhood. The report of the Commission on Global Governance. Oxford: Oxford University Press.Google Scholar
  13. Davis, S., & Lukomnik, J. (2012). Governance & oversight in the era of complexity. Compliance Week, 9(104), 48–49.Google Scholar
  14. De Marchi, B. (2003). Public participation and risk governance. Science and Public Policy, 30(3), 171–176.CrossRefGoogle Scholar
  15. Derman, E. (1996). Model risk. Retrieved December 20, 2016, from
  16. Doz, Y., & Kosonen, M. (2010). Embedding strategic agility: A leadership agenda for accelerating business model renewal. Long Range Planning, 43(2), 370–382.CrossRefGoogle Scholar
  17. EBA (European Banking Authority). (2014). Guidelines on common procedures and methodologies for the supervisory review and evaluation process (SREP). Retrieved December 20, 2016, from
  18. Egoavil, M. (2003). The intersection of corporate governance and operational risk. Bank Accounting & Finance, 16(5), 43–48.Google Scholar
  19. FSB (Financial Stability Board). (2013). Thematic review on risk governance. Peer Review Report. Retrieved December 20, 2016, from
  20. Gibbons, R., & Kaplan, R. S. (2015). Formal measures in informal management: Can a balanced scorecard change a culture? American Economic Review, 105(5), 447–451.CrossRefGoogle Scholar
  21. Gordon, L. A., Loeb, M. P., & Tseng, C. Y. (2009). Enterprise risk management and firm performance: A contingency perspective. Journal of Accounting and Public Policy, 28(4), 301–327.CrossRefGoogle Scholar
  22. Grimm, V., & Railsback, S. F. (2005). Individual-based modeling and ecology. Princeton, NJ: Princeton University Press.CrossRefGoogle Scholar
  23. Hardy, C., & Maguire, S. (2016). Organizing risk: Discourse, power, and “riskification”. Academy of Management Review, 41(1), 80–108.CrossRefGoogle Scholar
  24. Hull, J. C. (2015). Risk management and financial institutions (4th ed.). Hoboken, NJ: Wiley.Google Scholar
  25. Hutchinson, M., Seamer, M., & Chapple, L. (2015). Institutional investors, risk/performance and corporate governance. The International Journal of Accounting, 50(1), 31–52.CrossRefGoogle Scholar
  26. IFC (International Finance Corporation Advisory Services in Europe ad Central Asia; IFC’s Financial Market Crisis Response Program in Eastern Europe and Central Asia). (2012). Standards on risk governance in financial institutions. Kiev: IFC.Google Scholar
  27. Ingram, D., Underwood, A., & Thompson, M. (2014). Risk culture, neoclassical economics, and enterprise risk management. Retrieved December 20, 2016, from
  28. IRGC (International Risk Governance Council). (2012). An introduction to the IRGC risk governance framework. Lausanne: IRGC. Retrieved December 20, 2016, from
  29. IRGC (International Risk Governance Council). (2015). What is risk governance? Retrieved December 20, 2016, from
  30. ISO (International Organization for Standardization). (2009). ISO 31000:2009. Risk management – Principles and guidelines. Retrieved December 20, 2016, from
  31. Johnston, M., Dixon, D., Hart, J., Glidewell, L., Schröder, C., & Pollard, B. (2014). Discriminant content validity: A quantitative methodology for assessing content of theory-based measures, with illustrative applications. British Journal of Health Psychology, 19(2), 240–257.CrossRefGoogle Scholar
  32. Jorion, P. (2007). Value at risk. The new benchmark for managing financial risk (3rd ed.). New York: McGraw-Hill.Google Scholar
  33. Kitchin, R. (2014). Big data, new epistemologies and paradigm shifts. Big Data & Society, 1(1), 1–12.CrossRefGoogle Scholar
  34. Lundquist, S. A. (2015). Why firms implement risk governance – Stepping beyond traditional risk management to enterprise risk management. Journal of Accounting and Public Policy, 34(5), 441–466.CrossRefGoogle Scholar
  35. Merna, T., & Al-Thani, F. F. (2008). Corporate risk management (2nd ed.). Chichester West Sussex: Wiley.Google Scholar
  36. Mongiardino, A., & Plath, C. (2010). Risk governance at large banks: Have any lessons been learned? Journal of Risk Management in Financial Institutions, 3(2), 116–123.Google Scholar
  37. OECD (Organisation for Economic Co-operation and Development). (2004). OECD principles of corporate governance. Paris: OECD.Google Scholar
  38. OECD (Organisation for Economic Co-operation and Development). (2014). Risk management and corporate governance. Paris: OECD.Google Scholar
  39. Orton, D. J., & Weick, K. E. (1990). Loosely coupled systems: A reconceptualization. Academy of Management Review, 15(2), 202–223.Google Scholar
  40. Powell, W. W. (2007). The new institutionalism. In S. R. Clegg & J. R. Bailey (Eds.), The international encyclopedia of organization studies (pp. 974–979). Thousand Oaks, CA: Sage.Google Scholar
  41. Power, M. (2007). Organized uncertainty: Designing a world of risk management. Oxford: Oxford University Press.Google Scholar
  42. Renn, O. (2005). Risk governance – Towards an integrative approach. IRGC (International Risk Governance Council) White Paper No. 1. Geneva: IRGC.Google Scholar
  43. Robu, I.-B., Robu, M.-A., Mironiuc, M., & Bălu, F. O. (2014). The value relevance of financial distress risk in the case of RASDAQ companies. Accounting & Management Information Systems, 13(4), 623–642.Google Scholar
  44. Rossiter, J. R. (2008). Content validity of measures of abstract constructs in management and organizational research. British Journal of Management, 19(4), 380–388.CrossRefGoogle Scholar
  45. Rothstein, H., Borraz, O., & Huber, M. (2013). Risk and the limits of governance: Exploring varied patterns of risk-based governance across Europe. Regulation & Governance, 7(2), 215–235.CrossRefGoogle Scholar
  46. Rothstein, H., Huber, M., & Gaskell, G. (2006). A theory of risk colonization: The spiralling regulatory logics of societal and institutional risk. Economy & Society, 35(1), 91–112.CrossRefGoogle Scholar
  47. Schlegel, G. L. (2015). Utilizing big data and predictive analytics to manage supply chain risks. Journal of Business Forecasting, 33(4), 11–17.Google Scholar
  48. Shleifer, A., & Vishny, R. W. (1997). A survey of corporate governance. Journal of Finance, 52(2), 737–783.CrossRefGoogle Scholar
  49. Simon, P. (2013). Too big to ignore – The business case for big data. Hoboken, NJ: Wiley.Google Scholar
  50. Skoglund, J., Erdman, D., & Chen, W. (2013). A mixed approach to risk aggregation using hierarchical copulas. Journal of Risk Management in Financial Institutions, 6(2), 188–205.Google Scholar
  51. Stein, V., & Wiedemann, A. (2016). Risk governance: Conceptualization, tasks, and research agenda. Journal of Business Economics, 86(8), 813–836.CrossRefGoogle Scholar
  52. Sterman, J. D. (2000). Business dynamics: Systems thinking and modeling for a complex world. New York: McGraw Hill.Google Scholar
  53. Teece, D. J. (2007). Explicating dynamic capabilities. The nature and microfoundations of (sustainable) enterprise performance. Strategic Management Journal, 28(13), 1319–1350.CrossRefGoogle Scholar
  54. Teece, D. J., Pisano, G., & Shuen, A. (1997). Dynamic capabilities and strategic management. Strategic Management Journal, 18(7), 509–533.CrossRefGoogle Scholar
  55. Tirole, J. (2001). Corporate governance. Econometrica, 69(1), 1–35.CrossRefGoogle Scholar
  56. van Asselt, M. B. A., & Renn, O. (2011). Risk governance. Journal of Risk Research, 14(4), 431–449.CrossRefGoogle Scholar
  57. Wang, C. L., & Ahmed, P. K. (2007). Dynamic capabilities. A review and research agenda. International Journal of Management Reviews, 9(1), 31–51.CrossRefGoogle Scholar
  58. Wiedemann, A., Stein, V., & Quast, J. (2016). Benchmarkstudie “Risk Governance in regional tätigen Kreditinstituten”. Siegen: Lehrstuhl für Finanz- und Bankmanagement, Universität Siegen.Google Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  1. 1.University of SiegenSiegenGermany

Personalised recommendations