Download This Article

Tracy Xu, Hugh Grove, Philipp Schaberl



Risk management committees are now required for all U.S. financial institutions that are regulated by the U.S. Federal Reserve Bank. All U.S. public companies must now report their risk management activities for both Board of Directors and top management in their 10 K annual reports to the U.S. Securities and Exchange Commission (SEC). This paper analyzes one approach to risk management for public companies and their Boards of Directors. Since 2011, Disclosure Insight Inc. has issued risk ratings for over 1500 public companies in US. Its risk rating is based on the number, nature, and timing of 100 risk factors, which are across major categories, such as the SEC investigative activity, auditor issues, capital market events, and corporate governance issues. Our study finds significant positive abnormal risk-adjusted returns for companies with lower risk ratings and these companies also outperform the S&P500. Thus, this paper should be of interest to investors, company executives, and risk management committees, as well as SEC and other regulators. Alternatively, risk management committees in public companies could just establish their own rating systems, based upon their own key factors, as opposed to using the Disclosure Insight Inc. aggregate rating approach for all 100 risk factors.

Keywords: Risk Management, Corporate Governance, Company Performance

How to cite this paper: Xu, T., Grove, H., & Schaberl, P. (2013). Corporate governance: A risk management approach. Corporate Ownership & Control, 10(2), 104-113.