Corporate Governance in an Era of Compliance

Compliance is the new corporate governance. The compliance function is the means by which firms adapt behavior to legal, regulatory, and social norms. Formerly, this might have been conceived as a typical governance matter to be handled at the discretion of the board of directors. Compliance, however, does not fit traditional models of corporate governance. It does not come from the board of directors, state corporate law, or federal securities law. Compliance amounts instead to an internal governance structure imposed upon the firm from the outside by enforcement agents. This insight has important implications, both practical and theoretical, for corporate law and corporate governance. This Article pairs a detailed descriptive study of the contemporary compliance function with a normative account of its incompatibility with current conceptions of corporate governance. It argues that compliance alters the political economy of American business, challenges governance efficiency, and makes old theories of the firm new again. Prescriptively, the Article calls for greater transparency and a more limited role for government in designing corporate governance mechanisms

Corporate Governance in an Era of Compliance

Compliance is the new corporate governance. The compliance function is the means by which firms adapt behavior to legal, regulatory, and social norms. Formerly, this might have been conceived as a typical governance matter to be handled at the discretion of the board of directors. Compliance, however, does not fit traditional models of corporate governance. It does not come from the board of directors, state corporate law, or federal securities law. Compliance amounts instead to an internal governance structure imposed upon the firm from the outside by enforcement agents. This insight has important implications, both practical and theoretical, for corporate law and corporate governance. This Article pairs a detailed descriptive study of the contemporary compliance function with a normative account of its incompatibility with current conceptions of corporate governance. It argues that compliance alters the political economy of American business, challenges governance efficiency, and makes old theories of the firm new again. Prescriptively, the Article calls for greater transparency and a more limited role for government in designing corporate governance mechanisms

An Examination of the Role of vCISO in SMBs: An Information Security Governance Exploration

Information security threats and their associated breaches are exponentially growing, with millions of records containing personally identified information released to the public each year. Cyber incidents targeting businesses nearly doubled in US past 6 years, with more than 130 large-scale targeted breaches per year in U.S. In the first half of 2020, 36 billion records were exfiltrated by external hackers, with the average cost to recover from a cyber-attack averaging $21.00 per record. While Small and Mid-sized Businesses (SMBs) attempt to stay ahead of this growing trend and protect organizational data, they have specific behaviors that do not affect larger organizations. The four behaviors (non-strategic executive-level sponsorship, apathetic risk management procedures, constrained resources, and non-existent technical skills) are identified in the literature and recognized within the small to midsized industry. If not correctly identified and remediated, these behaviors may impede the businesses from protecting information assets and achieve a mature level of information security governance. To assist organizations in achieving information security governance, the literature identifies five domains that all organizations should possess for organizational alignment and governance maturity. These governance domains are Strategic Alignment, Value Delivery, Risk Management, Performance Measurement, and Resource Management. However, extant literature does not align the five governance domains with the small to midsized business behaviors, nor provide a solution to assist SMBs in achieving information security governance. The literature review focused on four main aspects that are relevant to the study: SMB Characteristics, Virtual Leadership, Information Security Governance, and Information Security program. Previous research identified how similar organizations utilized virtual leadership positions to overcome SMB behaviors to attain organizational business requirements but did not identify virtual positions that can assist SMBs with information security governance. To bridge this gap, this study explored a recent phenomenon, identified as a virtual Chief Information Security Officer (vCISO), that can align the SMB behaviors with the five governance domains and provide a viable solution for SMBs to achieve Information Security Governance within the identified behaviors. Specifically, this qualitative exploratory study interviewed six vCISOs and 14 companies to examine the role the vCISO provided in bridging SMB’s organizational behaviors with the five Information Security Governance domains

Cyber maturity in the Asia-Pacific Region 2014

Summary: To make considered, evidence-based cyber policy judgements in the Asia-Pacific there’s a need for better tools to assess the existing ‘cyber maturity’ of nations in the region. Over the past twelve months the Australian Strategic Policy Institute’s International Cyber Policy Centre has developed a Maturity Metric which provides an assessment of the regional cyber landscape. This measurement encompasses an evaluation of whole-of-government policy and legislative structures, military organisation, business and digital economic strength and levels of cyber social awareness. This information is distilled into an accessible format, using metrics to provide a snapshot by which government, business, and the public alike can garner an understanding of the cyber profile of regional actors

Profit Versus Non Profit: A Third Way? The Case of the Italian Mutual Cooperative Banks.

The traditional distinction between profit and non profit firms does not necessarily apply to some types of cooperative firms, such as the Italian mutual cooperative banks (MCBs). These MCBs present a peculiar governance structure, a combination between a public company governance model and a non-profit one. Similarly to a "not for profit organization", the ownership of the MCBs is widely diffused among borrowerowners, but dividends are not typically redistributed. Like in "public company bank", MCBs have a spread ownership and a board of directors. MCBs work in order to maximise social utility rather than profits, as a social entrepreneurship. MCBs represent a kind of third way governance model in the financial sector. The board of directors of a MCB acts as a public-good administrator in deciding on how to invest, with a deep impact on the local community. However, the governance of these banks is affected by structural problems. The mutual and co-operative nature of these banks is challenged by the increase in the number of members-owners and in the heterogeneity of the member-owners group. This study aims at investigating the democratic voting mechanism of the board (one-head one-vote) and its appropriateness given enlargement of the member's community. The research would tackle the issue of governance structure and incentive to efficient behavior.cooperative firm; mutualism; cooperative banks; corporate governance; italian banking sector

Understanding the Determinantsof Project Performance: Empirical Evidencesfrom Software Houses of Pakistan

Thisstudy is investigating the effects of project quality, project risk and project governance on project performance. Moreover, this study investigatesthe moderation effect of project leadership on these relationships. Data is collected from 354 respondents of software houses and structural equation modeling (SEM) technique is utilized for data analysis. Results suggest that project quality, project risk and project leadership have positive significant impact on project performance while project governance does not have significant impact on project performance. Significant moderation effect of project leadership on the relationship between project quality and project performance is proved but project leadership has no moderation effect on the relationship between project governance, project risk and project performance. The findings of the study provide significant insights forsoftware houses ofPakistan to formulate strategies in order to develop a governance framework and enhance project performance in IT project management

Foreign direct investment, institutional quality and business regulatory environment: Evidence from Africa

Foreign direct investment (FDI) plays a significant role in both the economic growth and development of a nation. Given Africa\u27s development and economic characteristics, FDI is an attractive tool for economic development. Hence, understanding the key drivers of FDI is of major importance to help promote the sustainable development of the private sector. This thesis focuses on the interrelation between two key determinants of FDI inflows: institutional quality and the business regulatory environment, while controlling for economic determinants including the market and resource characteristics of a country. Using a panel of 46 countries for the period 2012-2016, a mediation analysis is employed to examine the relationship between an established governance index, as a proxy measure of institutional quality, using Worldwide Governance Indicators (WGI) and the doing business score developed by the World Bank (WB), as a proxy measure of business regulatory environment. The conditions of mediation analysis were tested using a number of multivariate log-linear regression models. The model is estimated using fixed effect panel regression analysis with robust cluster standard error to account for homoscedasticity and serial autocorrelation. The data on the included variables were gathered from publicly available resources. In line with literature such as Globerman and Sharpio (2002) and Gani (2007), the findings of the study regarding the relevance of governance index for FDI inflows showed a robust, consistent significance using different estimation techniques. However, contrary to the literature such as Piwonski (2010) and Morriz and Aziz (2011), the business regulatory environment did not demonstrate any robust significance to FDI inflows. Though these findings result in a statistical rejection of the main hypothesis, it does not constitute conclusive evidence that the business regulatory environment does not mediate the effect of institutional quality on FDI inflows within the African context. This is due to a concern regarding the validity of the doing business score validity as a proxy for the business regulatory environment

Why stagnant? Behind the scenes in Indonesia's reformed state asset management policies

This study seeks to answer the question of “why is policy innovation in Indonesia, in particular reformed state asset management laws and regulations, stagnant?” through an empirical and qualitative approach, identifying and exploring potential impeding influences to the full and equal implementation of said laws and regulations. The policies and regulations governing the practice of state asset management has emerged as an urgent question among many countries worldwide (Conway, 2006; Dow, Gillies, Nichols, & Polen, 2006; Kaganova, McKellar, & Peterson, 2006; McKellar, 2006b) for there is heightened awareness of the complex and crucial role that state assets play in public service provision. Indonesia is an example of such country, introducing a ‘big-bang’ reform in state asset management laws, policies, regulations, and technical guidelines. Two main reasons propelled said policy innovation: a) world-wide common challenges in state asset management practices - such as incomplete information system, accountability, and governance adherence/conceptualisation (Kaganova, McKellar and Peterson 2006); and b) unfavourable state assets audit results in all regional governments across Indonesia. The latter reasoning is emphasised, as the Indonesian government admits to past neglect in ensuring efficiency and best practice in its state asset management practices. Prior to reform there was euphoria of building and developing state assets and public infrastructure to support government programs of the day. Although this euphoria resulted in high growth within Indonesia, there seems to be little attention paid to how state assets bought/built is managed. Up until 2003-2004 state asset management is considered to be minimal; inventory of assets is done manually, there is incomplete public sector accounting standards, and incomplete financial reporting standards (Hadiyanto 2009). During that time transparency, accountability, and maintenance state assets was not the main focus, be it by the government or the society itself (Hadiyanto 2009). Indonesia exemplified its enthusiasm in reforming state asset management policies and practices through the establishment of the Directorate General of State Assets in 2006. The Directorate General of State Assets have stressed the new direction that it is taking state asset management laws and policies through the introduction of Republic of Indonesia Law Number 38 Year 2008, which is an amended regulation overruling Republic of Indonesia Law Number 6 Year 2006 on Central/Regional Government State Asset Management (Hadiyanto, 2009c). Law number 38/2008 aims to further exemplify good governance principles and puts forward a ‘the highest and best use of assets’ principle in state asset management (Hadiyanto, 2009a). The methodology of this study is that of qualitative case study approach, with a triangulated data collection method of document analysis (all relevant state asset management laws, regulations, policies, technical guidelines, and external audit reports), semi-structured interviews, and on-site observation. Empirical data of this study involved a sample of four Indonesian regional governments and 70 interviews, performed during January-July 2010. The analytical approach of this study is that of thematic analysis, in an effort to identify common influences and/or challenges to policy innovation within Indonesia. Based on the empirical data of this study specific impeding influences to state asset management reform is explored, answering the question why innovative policy implementation is stagnant. An in-depth analysis of each influencing factors to state asset management reform, and the attached interviewee’s opinions for each factor, suggests the potential of an ‘excuse rhetoric’; whereby the influencing factors identified are a smoke-screen, or are myths that public policy makers and implementers believe in; as a means to explain innovative policy stagnancy. This study offers insights to Indonesian policy makers interested in ensuring the conceptualisation and full implementation of innovative policies, particularly, although not limited to, within the context of state asset management practices

ERP implementation methodologies and frameworks: a literature review

Enterprise Resource Planning (ERP) implementation is a complex and vibrant process, one that involves a combination of technological and organizational interactions. Often an ERP implementation project is the single largest IT project that an organization has ever launched and requires a mutual fit of system and organization. Also the concept of an ERP implementation supporting business processes across many different departments is not a generic, rigid and uniform concept and depends on variety of factors. As a result, the issues addressing the ERP implementation process have been one of the major concerns in industry. Therefore ERP implementation receives attention from practitioners and scholars and both, business as well as academic literature is abundant and not always very conclusive or coherent. However, research on ERP systems so far has been mainly focused on diffusion, use and impact issues. Less attention has been given to the methods used during the configuration and the implementation of ERP systems, even though they are commonly used in practice, they still remain largely unexplored and undocumented in Information Systems research. So, the academic relevance of this research is the contribution to the existing body of scientific knowledge. An annotated brief literature review is done in order to evaluate the current state of the existing academic literature. The purpose is to present a systematic overview of relevant ERP implementation methodologies and frameworks as a desire for achieving a better taxonomy of ERP implementation methodologies. This paper is useful to researchers who are interested in ERP implementation methodologies and frameworks. Results will serve as an input for a classification of the existing ERP implementation methodologies and frameworks. Also, this paper aims also at the professional ERP community involved in the process of ERP implementation by promoting a better understanding of ERP implementation methodologies and frameworks, its variety and history