Keywords

ERM, Credit Risk, Bank Complexity and Corporate Governance.

Introduction

Banking industry faces the more risks compared to other industries. Fraser and Kolari (2001) highlighted that credit, country, market, interest rate, liquidity, operational, legal and reputation risks are common risks that faced by banking industries. However, Basel Committee on Banking Supervision (2000) focus credit risk arising from loan and other various financial instruments, including acceptances, inter-bank transactions, trade financing foreign exchange transactions, financial futures, swaps, bonds, equities, options, and in the extension of commitments and guarantees, and the settlement of the transaction. Moreover, credit risk is the greatest risk faced by commercial banks and a major cause of failure (Fraser & Kolari, 2001; Angerer, 2004). Even the bankruptcy of several major financial institutions in the United States known as the subprime mortgage crisis stems from credit problems, which later became a global financial crisis (Setyawati et al., 2017).

Since the bank facing a variety of potential risks including credit risk throughout the bank's operations, management must be able to implement an effective risk management to control and manage risk. Banks managers should consider the best way to reduce risks. Gordon et al. (2009) describe management in many industries including banking must manage risk based on a holistic perspective known as enterprise risk management (ERM). Subramaniam et al. (2009) state that risk management is an integral part of good business practice that is done informally and sustained by each organization. Traditionally, risk management has been developed as a professional and technical discipline in a number of key areas, namely finance, health, and safety, clinical and environmental.

The Cadbury Committee (1992), suggested that the board of directors responsible for ERM policy. Moreover, Australia Standard and New Zealand Standards (AS/NZS, 1995) published first ERM standard in the world. While, the Committee of Sponsoring Organizations of the Treadway Commission (COSO, 2004) issued guidelines for integrated ERM, which was adopted by various organizations until now. However, the implementation of ERM and functioning of supervisory functions the organization at various companies are still far from complete. It is evident from the number of companies that are vulnerable when buffeted by various cases/financial scandals such as Enron, WorldCom, Adelphia, and Tyco in the United States, Global bank, Century Bank and other cases, including the bankruptcy of numerous companies when the financial crisis experienced by Indonesia and other countries in Asia in 1997/1998 as well as the global economic crisis of 2008. These cases lead to strengthening and improving corporate governance and ERM implementation (Kleffner et al., 2003; Cowan, 2004). ERM has become an important issue for business and has been included in the corporate philosophy (Kleffner et al., 2003). Several studies have proven that ERM implementation can increase shareholder value (Gordon et al., 2009; Hoyt and Liebenberg, 2011; Gatzert and Martin, 2015; Husaini and Saiful, 2017).

Cowan (2004) conclude that an integrated supervision function required from both inside and outside the organization as an important pillar in the implementation of ERM. Moreover, ERM is a function of the board of directors, independent board, audit committee, risk management committee and internal audit (Fraser and William, 2007; Beasley et al., 2005; Desender, 2007; and Meizaroh and Lucynda, 2011). Sarens and Beelde (2006a) concluded that one of the duties of the audit committee is to review the progress of ERM, while the internal audit is specifically positioned to support the board of directors and management as an important component of corporate governance mechanisms, and with expertise, must audit the internal audit function and ensure the organization's risk management process (Pickett, 2005; Demidenko and McNutt, 2010). Therefore, expertise in risk management techniques and knowledge about the internal control system owned by the internal auditor be a source of strength that enables internal auditor plays an important role in an organization (Spira and Page, 2003; Sarens and Beelde, 2006b).

Furthermore, in its operations as an inter-mediation function, the bank cannot be separated from the credit risks that still a big problem for the banking sector until now. Therefore, the credit risk needs special attention and serious because every penny is doubtful to be jammed. This risk is indicated by the non-performing loan (NPL). Therefore, we need a corporate governance mechanism so that the credit risk can be reduced, and the implementation of ERM is part of the implementation of corporate governance that can be used as a monitoring mechanism in controlling credit risk (Haneef et al., 2012; Lundqvist & Vilhelmsson, 2016).

This research aims to:

1. Examine the factors associated with the implementation of ERM in the banking company in Indonesia.

More specifically, this study tested whether the corporate governance factors (board size, the proportion of independent board, audit committee, risk management committee and internal audit) and corporate characteristics factors significantly influence the implementation of ERM.

2. Examine the impact of the implementation of ERM against Non-Performing Loan.

Literature Review and Hypothesis Development

Enterprise Risk Management (ERM)

Risk management evolves from a silo-based risk management into a holistic approach known as Enterprise Risk Management (Gordon et al., 2009; Desender and Lafuente, 2009; Hoyt and Liebenberg, 2011). The ERM approach seeks to link risk management with business strategy and goal setting, entering the realm of control, accountability and decision making (Arena et al., 2010; Liebenberg and Hoyt, 2003). According to the agency theory perspective, ERM can be a mechanism that allows for a more formal and transparent risk perspective, which in turn can reduce information asymmetry between management and other corporate stakeholders.

The Committee of Sponsoring Organizations of the Treadway Commission in September 2004, compiled Enterprise Risk Management Integrated Framework, to provide a framework for the implementation of ERM. The framework defines ERM as a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives (COSO, 2004). While, Joint Australian Standard/New Zealand Standard (AS/NZS 4360, 2004) states that ERM is a culture or behavior, processes, activities that promote achievement of the goals by managing events or potential events that will affect the achievement of corporate goals. Based on Central Bank of Indonesia Regulation No.: 5/8/PBI/2003 (revised by the new regulations of the No.: 11/25/PBI/2009 dated July 1, 2009) on the Application of Risk Management for Commercial Bank, defining the risk is the potential event (events) that can cause bank losses, associated with (1) event risks, i.e. events that led to potential losses (bad outcomes), (2) risk of loss, namely the consequences (direct or indirect) of the events/the risk event.

Furthermore, according to COSO (2004), the purpose of the implementation of ERM is to achieve the following four objectives;

1.Strategy: high-level goals aligned and support the organization's mission.

2.Operations: effective use of resources and efficient.

3.Reporting: reliability of reporting.

4.Compliance: comply with the laws of draft regulations.

While at the operational level to achieve these objectives, the implementation of ERM is done by implementing the eight components developed COSO (2004) namely; internal environment, goal setting, event identification, risk assessment, response to the risks, control activities, information and communication, and monitoring. The implications of the implementation of the ERM allows companies to better inform risk profile and which serves as a signal of their commitment to risk management, along with the increasing openness of risk management, so that ERM is possible to reduce the cost of supervision and external capital (Meulbroek, 2002).

Board Size and ERM

The Board of directors is the highest supervisor in exercising oversight (monitoring and review) the implementation of enterprise risk management and ensures the company has an effective risk management program. The board of directors involves itself in the ERM process by providing direction, authority, and supervision to management (Sobel et al., 2004). Dabari and Saidin (2016), state that higher Board of Director's involvement in the ERM process will significantly affect an efficient ERM system, and this always leads to much higher ERM practices. Kleffner et al. (2003) indicate that managers adopted ERM as boosted by the board of directors. Chtourou et al. (2001) argue that larger board promote better management monitoring mechanism, and the board can perform effective oversight function (Zahra and Pearce, 1989). Although risk management is the responsibility of management, the board must create a conducive environment for the disclosure of risk management. This argument is consistent with the results of research by Subramaniam et al. (2009) who found that a larger board of directors are more likely to apply ERM. Likewise, the results of research by Husaini et al. (2013) showed that the board size significant positive effect on the implementation of ERM. Thus, we hypothesize:

H1: Board size positively affects the implementation of ERM.

Independent Board and ERM

The Independent board is board members who do not have the financial, management, ownership or family relationship with the other board members, management, controlling shareholders or other relationship which could affect its ability to act independently. The Indonesian Stock Exchange through the Decision of the Board Jakarta Stock Exchange Inc. No.: Kep-305/BEJ/07-2004 on the Stock Registration No. 1-A: General Provisions on Registration of Shares and Equity Securities exchange, in 1-A mention about the ratio of independent directors, that the independent directors in number proportionally to the number of shares held by noncontrolling shareholders with the provisions of the number of independent board of at least 30% (thirty percent) of the total members of the Board of directors.

The proportion of independent board members be regarded as indicators of independence of the board. The presence of independent board can improve the quality of supervision because it is not affiliated with the company so freely in decision making. Research Beasley (1996) showed an inverse relationship between the proportions of independent directors with the level of fraudulent financial reporting. Companies with a high proportion of independent board tend to be more concerned with the company's risk compared to the low proportion of independent board (O'Sullivan, 1997). Desender and Lafuente (2009) show the result that board independence has a significant influence on ERM level. Likewise, the research Kleffner et al. (2003) and Beasley et al. (2005) showed that the presence of independent directors enhances the quality of supervision over the implementation of risk management in order to reduce fraud and opportunistic behavior of managers. Thus, we hypothesize that:

H2: Independent board positively affects the implementation of ERM.

Audit Committee and ERM

The audit committee is a committee established by and responsible to the board of directors with the duties and responsibilities of its core to ensure that the principles of good corporate governance, especially transparency and disclosure are applied consistently and adequately by the executive (Tjager et al., 2003 p.34). The audit committee acts as a vehicle to review the ERM process, because this committee does not have operational responsibility, and its members should consist of independent persons (Cowan, 2004 p.111). This committee always discusses policies relating to risk assessment and ERM as a whole, as well as discuss the risk exposure faced by the company and measures to monitor and control the risk exposures with the board of directors (The Institute of Internal Auditors / IIA, 2004).

The audit committee is responsible for monitoring the ERM system, although this responsibility is delegated the responsibility of the directors of the company (Sarens and Beelde, 2006a). In performing its duties related to ERM, the audit committee should discuss policies related to risk assessment and exposure-prime exposure of financial risks as well as measures to monitor and control the exposure-risk exposures to senior management (IIA, 2004). Establishment of Audit Committee based on certain characteristics such as independence, financial and accounting expertise, size and diligent so that the monitoring functions can be carried out effectively. Characteristics of the audit committee are most frequently cited in the literature of corporate governance as a prerequisite for the functioning of an effective monitoring are independence, where an audit committee composed of non-executive originating from outside (independent) assumed that it could be monitors better than management (Sarbane-Oxley Act, 2002; Blue Ribbon Committee, 1999). The results of the study Dionne and Triki (2005) and Abdullah et al. (2017) prove that the requirements concerning the number and independence of audit committee encourage companies to pay more attention ERM. Furthermore, Alzharani and Aljaaidi (2015) concluded that audit committee size had a positive effect on risk management. Thus, the hypothesis as follows.

H3: The audit committee positively influences the implementation of ERM

Risk Management Committee and ERM

According to KPMG (2001), RMC is a sub-committee of the board of directors that provides educational enterprise risk management at the board level, setting risk appetite and risk strategy, develop a risk management oversight by the board of directors and review the company's risk report. Subramaniam et al. (2009) stated that the quality of internal monitoring of risk management will be better when the risk management committee (RMC) exist compared with the situation when there is no RMC. Where the existence of RMC allows the board to more effectively deal with various threats and opportunities faced by the entity. Further that the establishment and disclosure of RMC demonstrate the applicability of corporate governance quality company. Meizaroh and Lucynda (2011) concluded that the presence of RMC positive effect on ERM, this suggests that the existence of RMC can improve the implementation of ERM. Consistent with Meizaroh and Lucynda (2011), Sanusi et al. (2017) and Abdullah et al. (2017) also found that the establishment of RMC provided awareness in the application of risk management to certain organizations. Therefore, the hypothesis as follows.

H4: Risk Management Committee (RMC) positively affects the implementation of ERM

Internal Audit and ERM

The Internal Audit is an assurance and consulting activity that is independent and objective, which is designed to add value and improve an organization's operations. Internal audits also help organizations to achieve objectives, through a systematic and orderly approach to evaluate and improve the effectiveness of risk management, control and governance processes (IIA, 2004). Based on these definitions, the internal audit function has an important role in overseeing the implementation of risk management. This is in line with good corporate governance guidelines which assume that the risks can be objectively identified, measured and strategically managed properly. Consequently, expertise in risk management techniques and knowledge about the internal control system became a source of strength that enables internal auditor plays an important role in an organization (Spira and Page, 2003).

Research Allegrini and D'Onza (2003) concluded that the company always develop a structured methodology for risk assessment, especially to improve corporate governance and internal control systems. Their results also concluded that the financial companies, the internal auditor always participates in the risk management team and contribute to a qualitative assessment of operational risk. Further research Sarens and Beelde (2005), found that internal auditors play a role in the risk assessment and can be an important input in the audit planning considerations. In another study, Sarens and Beelde (2006b) concluded that the CEOs and internal auditors expect to meet one of the supporting roles management activities that focus on the continuous improvement of risk management, internal controls, organizational processes and strategic projects. One of the conclusions in the study Fadzil et al. (2005), states that the internal auditor had identified ERM framework and risk management policies in monitoring the application of the policies and procedures of the organization. Likewise, the research conducted by Stewart and Kent (2006), concluded that there is a correlation between the presence of internal audit functions and their commitment to the power of ERM. Zwaan et al. (2011) conducted a study with the design of experiments involving internal auditors within the ERM, concluding that internal auditors are involved in ERM assurance activities. Furthermore, Dabari and Saidin (2016) effectiveness of internal audit has a significant effect on ERM implementation. Thus, the hypothesis put forward as follows.

H5: Internal audit positively affects the implementation of ERM

According to the Central Bank of Indonesia Regulation No.: 11/25/PBI/2009, the credit risk is the risk of the failure of the debtor and other parties to meet obligations to the bank. Credit risk can be sourced from a variety of business activities of the bank. At most banks, loans are the largest source of credit risk. Credit risk may increase as the concentration of funding, among other things on the debtor, geographic region, product, type of financing, or a particular business field (Attachment of Central Bank of Indonesia Circular Letter No.: 13/23/ DPNP dated October 25, 2011). Therefore we need good corporate governance to guide the management in carrying out its function properly so that the credit risk can be lowered. ERM implementation is part of the implementation of corporate governance that can be used as a monitoring mechanism for controlling credit risk.

Standard and Poor's / S & P (2007) states that ERM provides a new and clearer language for transferring information about management intent and capabilities, which is essential for credit evaluation. Even S & P has determined that ERM is an important aspect of evaluating a company's creditworthiness. S & P (2007) argues that, in the review of credit ratings, insurance companies with stronger ERM processes can forecast losses in the shortest time, identify the weaknesses of the ERM process, and immediately ratify, thus minimizing operational disruptions. In contrast, insurers with weak ERM processes lose twice as much as what they previously reported as a possible maximum loss, not even able to reliably estimate losses.

Zéghal and El Aoun (2016) examines the effects of the financial crisis on risk management. Using content analysis from the 10-k annual report with a sample of 59 of the largest US banks. Concludes that there is a change of ERM strategy for credit risk when there is a financial crisis. Research Haneef et al. (2012) in the banking sector in Pakistan concluded that the non-performing loans increased due to a lack of risk management, which affects the profitability of the bank. Likewise, the results of research Lundqvist and Vilhelmsson (2016) on the 78 largest banks in the world, concluded that the implementation of ERM at higher levels negatively effect on the credit default swap spreads (CDS) of banks.Thus, the hypothesis put forward as follows.

H6: The implementation of ERM negatively effect on credit risk

Control Variables

Firm size and complexity used as control variables in this study. Large business activities are more complex and more vulnerable to the risk so that large companies tend to pay more attention to risk management of the company's small size. Beasley et al. (2005) and Hoyt and Liebenberg (2011) found that company size was positively related to the implementation of ERM. While complexity is associated with the number of business segments (Doyle et al., 2007). The more complex the operations of a company, the greater the chances of operational failure or increasingly vulnerable to risks. Therefore, companies with complex business segments will be taken into account the implementation of ERM compared with companies that have only one or two segments alone (Gordon et al., 2009).

Research Method

Population and Sample

This research was conducted on banking companies listed in Indonesia Stock Exchange (BEI) in 2007-2013. Consideration of the use of banking companies that have been listed for reasons of data available regarding disclosure of ERM and various variables related supervision can only be obtained at companies that have a listing on the capital market. In addition to the listed companies are also obliged to publish annual financial statements and reports on the implementation of good corporate governance (GCG).

Sampling in this study using purposive sampling method. The sampling criteria are as follows: (a) the company has released its annual report and the audited financial statements as of December 31, as a form of information from companies that have been verified through an independent audit and have been officially published, (b) the company has GCG reports published on its website or on the website of the Stock Exchange, and (c) the financial statements are presented in rupiah currency and all the data required for this study are comprehensive. Table 1 presented samples of this study.

Table 1 Sample Selection
Criteria	Total	Observation
Consistently listed Banks during 2007-2013	20	140
Banks without complete GCG report	(3)	(21)
Total samples	17	119

Based on Table 1 as many as 17 banks meet criteria samples or 85% of the total Consistently listed banks during 2007-2013. Therefore, the final sample to be tested in this study was a total of 119 observations.

Research Model

This study uses panel data regression method (fixed effect model or random effect model) to test the hypothesis. The Hausman test is used in selecting whether the fixed effect model or random effect model is an appropriate model for this study. The analysis was performed on two models of research, namely: the first model to examine the factors that affect the implementation of ERM, and the second model to examine the consequences of the implementation of ERM to credit risk (NPL). As for the model can be formulated as follows.

Model one:

Model two:

In this equation, subscript i shows cross sectional and t shows time series. Furthermore, the measurement of research variables is presented in Table 2 below.

Table 2 Variables Measurement
Variables	Measurement
Enterprise Risk Management (ERM)	ERM calculated by summing the ERM objectives;Strategy1,2, Operation11,2, Reporting1,2 andcomplience1,2 (Gordon et al., 2009).
Credit Risk (CR)	The percentage of non-performing loans compared to total loans
Independent Board (IB)	The number of independent members compared to a total membership of a board of directors
Board size (BS)	Total members of a board of director
Audit Committee (AC)	total member of the audit committee
Risk management Committee (RMC)	Total overall risk management committee.
Internal Audit	Value composite self-assessment implementation of the internal audit function, if very well dummy 1, 0 other
Firm size (Size)	Natural Logaritma (Ln) of total asset
Complexity (Complx)	Total segment owned business

Results

Statistic Descriptive

The descriptive statistical analysis in this study is presented in Table 3, where the average implementation of ERM at 0.50 showed positive figures, while the average NPL of 2.17 shows that the average credit risk, banks are in a tolerable limit or still under the limit minimum set by Bank Indonesia (the central bank). Next to variable IA shows that the bank has implemented the internal audit function very well as 44 banks (37%).

Table 3 Descriptive Statistic
Panel A
Variables	Min	Max	Mean	Std. Dev
ERM	-2.53	4.49	0.5035	1.69320
CR	0.10	6.33	2.1781	1.51467
BS	2.00	9.00	5.5044	1.73269
IB	0.00	1.00	0.5538	0.11805
AC	2.00	8.00	4.0619	1.32479
RMC	3.00	8.00	5.0531	1.49308
Complx	2.00	8.00	4.0885	1.28562
Size	12.07	34.23	24.0877	9.10577
Panel B
AI			Freq	%
Implementation of the internal audit function "very good"			44	37
Implementation of the internal audit function "others"			75	63
Total			119	100

Furthermore, the average number of commissioners (BS) 5.50 (total 6) with the proportion of independent board (IB) of 55%, showing that the average proportion of independent commissioners bank went public in compliance with the provisions of the Regulation of Bapepam and FCGI Code. The average number of the audit committee (AC) is 4.06 (total 4 people), while the average number of risk management committee 5.05 (5 people) the number of compliance with regulations and recommendations that a minimum number of committee FCGI commissioners were 3 people. Further to the complexity of the control variables (Complx) showed an average of 4.08 or an average bank has four business segments, while the bank size (Size) is quite varied.

Correlation Analysis

Table 4 presents the correlation between independent variables (BS, IB, AC, RMC, IA, Complx and Size) and independent variable (ERM) for model 1 and the correlation between ERM, Complx and Size) and independent variable (CR) for model 2. The Table 4 also provide the correlation among independent variables both models. Based on Pearson correlation analysis, all independent variables except IB were correlated to ERM for first models. However, ERM was not correlated to CR in the second model. Table 4 also showed that the coefficient correlation among independent variables in both models were lower than 0.80, so according to Hair et al. (2010), multicollinearity is not occur.

Table 4 Correlation Coefficients
Model One
Variables	ERM	BS	IB	AC	RMC	IA	Complx	Size
ERM	1
BS	0.196**	1
IB	-0.090	-0.193**	1
AC	0.298***	0.663***	-0.100	1
RMC	0.244***	0.663***	-0.130	0.770***	1
IA	0.259***	0.420***	0.146	0.230**	0.307***	1
Complx	0.209**	-0.040	0.095	0.102	-0.063	0.077	1
Size	-0.312***	0.149	0.097	0.182	0.055	-0.013	0.188**	1
Model Two
					CR	ERM	Complx	Size
CR					1
ERM					-0.056	1
Complx					-0.265***	0.209**	1
Size					-0.425***	-0.312***	0.188**	1

Hypothesis Testing and Discussion

Based on the Hausman test result, the random effect model was more suitable to be used for both model one and model two of this study. Furthermore, the results of hypothesis testing based on the appropriate models are shown in Table 5. In the first model shows the value of Fstatistics for 7.045, significant at the level of 0.000, with r-square of 30,8%. Hypothesis testing results indicate that the hypothesis 3 and 5 are supported, while hypothesis 1, 2 and 4 are not supported. While the second models show that the value of F-statistic of 7.156, and significant at the level of 0.000, with r-square of 25.7%. however, the hypothesis 6 is not supported. Table 5 presents the overall results of hypothesis testing.

Table 5 The Results of Hypothesis Testing
	Model one			Model two
Dependen Variable	ERM			CR
Independent variable	Coef.	t-stat	p-value	Coef.	t-stat	p-value
(Constant)	0.632	0.673	0.502	4.998	7.723	0.000***
BS	-0.123	-1.103	0.273
IB	-0.879	-0.832	0.407
AC	0.614	3.633	0.000***
RMC	-0.131	-0.903	0.368
IA	0.628	1.929	0.056*
Complx	0.242	2.229	0.028**	-0.172	-1.257	0.212
Size	-0.084	-5.641	0.000***	-0.079	-4.814	0.000***
ERM				0.067	0.674	0.502
F-Stat	7.045			7.156
Sig F	0.000***			0.000***
R-square	0.308			0.257

Table 5 shows that, the audit committee significant positive effect on ERM (β=0.614, t=3,633, p<0.01). These results indicate that the greater number of the audit committee, the implementation of ERM will increase. It implies that the presence of the audit committee in the discharge process of the implementation of ERM is mainly to monitor and control the risk exposures banking is well run (IIA, 2004). The results of research in line with Dionne and Triki (2005) and Abdullah et al. (2017) that the requirements regarding the number of audit committee encourages companies for more attention to the ERM. The research results are also consistent with research Alzharani and Aljaaidi (2015), that the audit committee significantly influences the implementation of risk management.

Furthermore, the internal audit also a significant positive effect on the implementation of ERM (β=0628, t=1.929, p<0.10). These results indicate that the better the internal audit function, the implementation of ERM has increased. Therefore assurance and consulting activity that is independent and objective in evaluating and improving the effectiveness of risk management has been run by the bank's internal audit function. This is consistent with the statement of Spira and Page (2003) that internal audit has an important role in the ERM in line with the guidelines for good corporate governance the latest, which assumes that the risks can be objectively identified, measured and strategically managed, then as a consequence, expertise in risk management techniques and knowledge about the internal control system became a source of strength that enables internal auditor plays an important role in an organization. The results are consistent with research (Allegrini and D'Onza, 2003; Fadzil et al., 2005; Sarens and Beelde, 2005; Stewart and Kent, 2006; Zwaan et al., 2011 and Dabari and Saidin, 2016) concluded that the internal auditor and the contribution members play an active role in improving ERM implementation organizations.

Instead of the board of directors, independent board, and risk management committee does not affect the application of the ERM which indicate each with a value (β=-0.123, t=-1.103, p>0.10; β=-0.879, t=-0.832, p>0.10; and β=-0.131, t=-0.903, p>0.10). These results show the board size, the proportion of independent board and the existence of a risk management committee did not determine an increase in the implementation of ERM. The results of this study are not consistent with Desender (2007) which states that a large number of board members to add opportunities to exchange information and expertise to improve the quality of ERM. The results of this study are also inconsistent with the results of the study (Subramaniam et al., 2009 and Husaini et al., 2013) that companies that have a larger board of directors are more likely to apply ERM and the positive effect on the implementation of ERM. Likewise, the proportion of independent board that these results are not consistent with research Beasley (1996) that companies with a high proportion of independent board tend to be more subject to the risk, the results also inconsistent with research (Desender and Lafuente, 2009; Kleffner et al, 2003 and Beasley et al., 2005) showed that the presence of independent board can improve the quality of supervision over the implementation of risk management. Next the results of this study indicate that the presence of the RMC does not affect the application of risk management, the result is also not consistent with the argument Subramaniam et al., (2009) stated that the quality of internal monitoring of risk management will be better when the risk management committee (RMC) exist. The results also inconsistent Meizaroh research and Lucynda (2011) and Sanusi et al. (2017) that the presence of RMC positive effect on ERM.

Meanwhile second model is explored in order to examine the consequences of the application of the ERM to credit risk (CR), the results explain that ERM implementation has no effect on NPL (β=0.067, t=0.674, p>0.10), or in other words the implementation of ERM cannot reduce credit risk in banking companies. These results are not consistent with the research (Haneef et al., 2012; Lundqvist and Vilhelmsson, 2016) that the implementation of ERM at a higher level negatively affects bank credit risk.

The study also examined two variables control the complexity of enterprise (Complx) and firm size (Size) for a one and two models. In the model the complexity of the positive effect on the implementation of ERM (β= 0.242, t=2.229, p<0.05). These results indicate that the more complex a company then increasing attention to implementing ERM. Instead of firm size negative effect on the implementation of ERM (β=-0.084, t=-5.641, p<0.01). These results indicate that the bigger the company, the lower the implementation of ERM. this is possible because the larger the company the more comprehensive system of supervision and controls that must be implemented. Along with that, the bank should also pay more attention to the ERM for the banking business is very vulnerable to the risk.

Furthermore, for the two models of the variable complexity of the company (Complx) does not affect the credit risk (CR) (β=-0.172, t=-1.257, p>0.10), whereas the size of the company (Size) a negative effect on credit risk (β=-0.079, t=-4.814, p<0.01). These results indicate that large companies tend to credit risk (CR) is high. Therefore, banks with large size should be more focus on credit risk in particular and ERM implementation at the corporate level, so avoid the problem of bad loans.

Conclusion

This study aimed to examine the whether the corporate governance factors (board size, the proportion of independent board, audit committee, risk management committee and internal audit) and corporate characteristics factors are the determinant factors of the ERM implementation. This study also examines the impact of the implementation of ERM on credit risk interm of Non-Performing Loan. The study found that, audit committees have a positive effect on the implementation of ERM, which indicates that the existence of an audit committee can improve ERM implementation in banking companies. The results of the study are consistent with Alzharani and Aljaaidi (2015) and Abdullah et al. (2017) who concluded that the relatively large number of audit committees would encourage companies to pay more attention to supervision in improving ERM implementation. this study also found that the internal audit function has a positive effect on ERM implementation, which indicates that the better the internal audit function in the banking industry, the implementation of ERM will increase. These results are consistent with some previous studies (for example Allegrini and D'Onza, 2003; Fadzil et al., 2005; Sarens and Beelde, 2005; Stewart and Kent, 2006; Zwaan et al., 2011 and Dabari and Saidin, 2016) who concluded that an effective internal audit function would contribute to improving ERM implementation. However, this study found no evidence that board size, the proportion of independent boards, and risk management committees influence the implementation of ERM. These results are not consistent with some previous studies (for example Desender, 2007; Subramaniam et al., 2009 and Husaini et al., 2013) who find that companies that have a large board of directors tend to be more effective in implementing ERM. The results of this study are also inconsistent with Desender and Lafuente studies, (2009); Kleffner et al (2003) and Beasley et al. (2005) found that the presence of an independent board could improve the quality of supervision in the implementation of ERM. Likewise with the presence of RMC, the results are also inconsistent with Subramaniam et al. (2009), Lucynda, (2011), and Sanusi et al. (2017) who concluded that the implementation of ERM would be of higher quality when the monitoring function by the risk management committee (RMC) increased. Furthermore, this study failed to prove that the implementation of ERM has an effect on credit risk (NPL), this result indicates that the implementation of ERM in banking companies cannot reduce loan problems or credit risk, these results are not consistent with the research of Haneef et al., (2012); Lundqvist and Vilhelmsson, (2016).

References

1. Abdullah, M.A., Abdul-Shukor, Z., & Rahmat, M.M. (2017). The influences of risk management committee and audit committee towards voluntary risk management disclosure. Jurnal Pengurusan, 50, 83-95.
2. Allegrini, M., & D’Onza, G. (2003). Internal auditing and risk assessment in large Italian companies: An empirical survey. International Journal of Auditing, 7(3), 191-208.
3. Alzharani, A.M., & Aljaaidi, K.S. (2015). An empirical investigation of audit committee effectiveness and risk management: Evidence from Saudi Arabia. Accounting & Taxation, 7(1), 39-49.
4. Angerer X.W. (2004). Empirical studies on risk management of investors and banks. dissertation. The Ohio State University. Retrieved from https://etd.ohiolink.edu/pg_10?0::NO:10:P10_ETD_SUBID:63288
5. Arena, M., Arnaboldi, M., & Azzone, G. (2010). The organizational dynamics of enterprise risk management. Accounting, Organizations and Society, 35(7), 659-675.
6. Australia Standard and New Zealand Standards-AS/NZS. (1995). Risk Management. Australian/New Zealand Standard. Australia.
7. Basel Committee on Banking Supervision. (2000). Principles for the management of credit risk, CH – 4002 Basel, Switzerland Bank for International Settlements.
8. Beasley, M.S. (1996). An Empirical Analysis of the Relation between the Board of Director Composition and Financial Statement Fraud. The Accounting Review, 71, 443-465.
9. Beasley, M.S., Clune, R., & Hermanson D.R. (2005). Enterprise risk management: An empirical analysis of factors associated with the extent of implementation. Journal of Accounting and Public Policy, 24, 521-531.
10. Blue Ribbon Committee. (1999). Report on improving the effectiveness of corporate audit committees, New York: New York Stock Exchange.
11. Central Bank of Indonesia. (2009). Bank Indonesia Regulation, No: 11/25/PBI/2009. Retrieved from https://www.bi.go.id/id/peraturan/perbankan/Pages/pbi_112509.aspx
12. Central Bank of Indonesia. (2011). Appendix to Bank Indonesia Circular Letter. No.13/23/DPNP/2011. Retrieved from https://www.ojk.go.id/Files/201402/d35ec2f2e42b40ba955f9a79b6517aecSE1323DPNPand AppendicesEG_1392092133.pdf
13. Chtourou, S.M., Bedard, J., & Courteau, L. (2001). Corporate governance and earnings management. Retrieved from https://papers.ssrn.com/sol3/papers.cfm?abstract_id=275053
14. Cowan, N. (2004). Corporate Governance That Works.Prentice Hall Pearson Education South Asia Pte Ltd. Singapore.
15. COSO. (2004). Enterprise risk management-integrated framework. Committee of Sponsoring Organizations of the Treadway Commission. New York. Retrieved from https://www.coso.org/Documents/COSO-ERM-Executive-Summary.pdf
16. Dabari, I.J., & Saidin, S.Z. (2016). A moderating role of board characteristics on enterprise risk management implementation: Evidence from the Nigerian Banking Sector. International Journal of Economics and Financial Issues, 6(4), 96-103.
17. Demidenko, E., & McNutt, P. (2010). The ethics of enterprise risk management as a key component of corporate governance, International Journal of Social Economics, 37(10), 802-815.
18. Desender, K. (2007). On the determinants of enterprise risk management implementation. Information Resources Management Association Annual Meeting Paper. Retrieved from http://www.irma_international.org/ viewtitle/33035/.
19. Desender, K., & Lafuente, E. (2009). The influence of board composition, audit fees and ownership concentration on enterprise risk management. SSRN Electronic Journal. DOI-10.2139/ssrn.1495856.  
20. Dionne, G., & Triki, T. (2005). Risk management and corporate governance: The importance of independence and financial knowledge for the board and the audit committee. Working paper. Retrieved from https://pdfs.semanticscholar.org/.../9aabcbb16f563b87f8249.
21. Doyle, J.T., Ge, W., & McVay, S. (2007). Accruals quality and internal control over financial reporting. The Accounting Review, 82(5), 1141-1170.
22. Fadzil, F.H., Haron, H., & Muhamad, J . (2005). Internal auditing practices and internal control system, Managerial Auditing Journal, 20(8), 844-866.
23. Fraser, D.R.B.E., & Kolari, J.W. (2001). Commercial banking: The management of risk. South-Western College Publishing, Cincinnati, Ohio.
24. Fraser, I., & William, H. (2007). Embedding risk management: Structures and approaches, Managerial Auditing Journal, 22(4), 392-409.
25. Gatzert, N., & Martin, M. (2015). Determinants and value of enterprise risk management: Empirical Evidence from the Literature, Risk Management and Insurance Review, 18(1), 29-53.
26. Gordon, L.A., Loeb, M.P., & Tseng, C.Y. (2009). Enterprise risk management and firm performance: A contingency perspective. Journal Account. Public Policy. 28, 301-327.
27. Hair, J.F., Anderson, R.E., Tatham, R.L., & Black, W.C. (2010). Multivariate data analysis (Second Edition). New York: Prentice-Hall, Upper Saddle River, NJ.
28. Haneef, S., Riaz, T., Ramzan, T., Rana, M.A., Ishaq, H.M., & Karim, Y. (2012). Impact of risk management on non-performing loans and profitability of banking sector of Pakistan. International Journal of Business and Social Science, 3(7), 307-315.
29. Hoyt, R.E., & Liebenberg, A.P. (2011). The value of enterprise risk management. Journal of Risk and Insurance, 78, 795-822.
30. Husaini, Saiful, Fadli, A., & Aisyah, S. (2013). Corporate Governance and Enterprize Risk Management: An Empirical Evidence from the Unique Two-Tier Boards System of Indonesian Public Listed Companies. Proceedings of World Business and Social Science Research Conference 24-25 October 2013, Bangkok, Thailand. Retrieved from https://wbiworldconpro.com/uploads/bangkok_conference2013october/ accounting/1382554784_108-Husaini.pdf
31. Husaini., & Saiful. (2017). Enterprise risk management, corporate governance, and firm value: Empirical evidence from Indonesian public listed companies. International Journal of Advances in Management and Economics, 6(6), 16-23. Retrieved from http://managementjournal.info/index.php/IJAME/ article/ view/23/22.
32. Institute of Internal Auditors. IIA. (2004). The Professional Practices Framework. The IIA Research Foundation.
33. Kleffner, A., Lee, R., & McGannon, B. (2003). The effect of corporate governance on the use of enterprise risk management: evidence from Canada. Risk Management and Insurance Review, 6(1), 53-73.
34. KPMG. (2001). Enterprise risk management: An emerging model for building shareholder value, KPMG.
35. Liebenberg, A.P., & Hoyt, R.E. (2003). The determinants of enterprise risk management: Evidence from the appointment of chief risk officers. Risk Management and Insurance Review, 6(1), 37-52.
36. Lundqvist, S., & Vilhelmsson, A. (2016). Enterprise risk management and default risk: Evidence from the Banking Industry. Journal of Risk and Insurance, 85(1), 127-157.
37. Meizaroh, & Lucyanda, J. (2011). Effect of Corporate Governance and Concentration of Ownership on Enterprise Risk Management Disclosures. Paper presented in SNA XIV, Banda Aceh, July 21-22. Retrieved from. Retrieved from http://lib.ibs.ac.id/materi/Prosiding/SNA%20XIV-Aceh/makalah/060.pdf.
38. Meulbroek, L.K. (2002). Integrated risk management for the firm: A senior manager’s guide. Retrieved from www.ssrn.com.
39. O'Sullivan, N. (1997). Ensuring the Agents: The role of directors and officers insurance in corporate governance. Journal of Risk and Insurance, 64(3), 545-556.
40. Pickett, K., & Spencer, H. (2005). Auditing the risk management process. USA: John Willey & Sons, Inc.
41. Sarbanes Oxley Act. (2002). Enterprise risk management integrated framework. The U.S.
42. Sarens, G., & Beelde, I.D. (2005). Internal auditors' perception of their role in risk management: A comparison between US and Belgian companies, Managerial Auditing Journal, 21(1), 63-80.
43. Sarens, G., & Beelde, I.D. (2006a). Interaction between internal auditors and audit committee: A qualitative analysis of expectations and perceptions. Working Paper Faculteit Economie En Bedrijfskunde Universiteit Gent. Belgium. Retrieved from https://ideas.repec.org/p/rug/rugwps/06-357.html.
44. Sarens, G., & Beelde, I.D. (2006b). Internal audit: The expert in providing comfort to the audit committee. The case of risk management and internal control.Working Paper FaculteitEconomie En BedrijfskundeUniversiteit Gent. Belgium. Retrieved from http://wpsfeb.ugent.be/Papers/wp_06_428.pdf.
45. Sanusi, Z.M., Nia, S.M., Roosle, N.A., Sari, R.N., & Harjitok, A. (2017). Effects of corporate governance structures on enterprise risk management practices in Malaysia. International Journal of Economics and Financial Issues, 7(1), 6-13.
46. Setyawati, I., Suroso, S., Suryanto, T., & Nurjannah, D.S. (2017). Does financial performance of islamic banking is better? Panel data estimation. European Research Studies Journal, 20(2A), 592-606.
47. Sobel, P.J., & Reding, K.F. (2004). Aligning corporate governance with enterprise risk management. Management Accounting Quarterly, 5(2), 29-37.
48. Spira, L.F., & Page, M. (2003). Risk management: The reinvention of internal control and the changing role of internal audit, Accounting, Auditing & Accountability Journal, 16(4), 640-661.
49. Stewart, J.G., & Kent, P. (2006). The use of internal audit by Australian companies. Managerial Auditing Journal, 21 (1), 81-101.
50. Standard & Poors. (2007). Request for comment: Enterprise risk management analysis for credit ratings of nonfinancial companies. Retrieved from http://www.rims.org/resources/ERM_OLD/Documents/ERM_ ratingspracticesSandP.pdf.
51. Subramaniam, N., McManus, L., & Zhang, J. (2009). Corporate governance, firm characteristics and risk management committee formation in Australian companies, Managerial Auditing Journal, 24(4), 316-339.
52. Tjager, I.Y, Alijoyo, F.A., Djemat, H.R., & Soembodo, B. (2003). Corporate governance: Challenges and Opportunities for the Indonesian Business Community. Prenhillindo, Jakarta. Retrieved from https://catalogue.nla.gov.au/Record/982062.
53. The Cadbury Committee. (1992). The Financial Aspects of Corporate Governance. Gee & Co. Ltd. The UK. Retrieved from http://www.ecgi.org/codes/documents/cadbury.pdf.
54. Zahra, S.A., & Pearce, J.A. (1989). Boards of directors and corporate financial performance: A Review and Integrative Model. Journal of Management, 15(2), 291-334.
55. Zéghal, D., & El Aoun, M. (2016). Enterprise Risk Management in the US Banking Sector Following the Financial Crisis. Modern Economy, 7, 494-513.
56. Zwaan, L.D, Stewart, J., & Subramaniam, N. (2011). Internal audit involvement in enterprise risk management, Managerial Auditing Journal, 26(7), 586-604.