The Risky Business of Regulating Risk Management in Listed Companies

34 Pages Posted: 30 Oct 2013

See all articles by Luca Enriques

Luca Enriques

University of Oxford Faculty of Law; European Corporate Governance Institute (ECGI)

Dirk A. Zetzsche

Universite du Luxembourg - Faculty of Law, Economics and Finance; Heinrich Heine University Dusseldorf - Center for Business & Corporate Law (CBC)

Date Written: October 23, 2013

Abstract

Policymakers around the world, including in Europe, increasingly display a tendency to embed risk management into law, for example by mandating risk governance best practices or by requiring firms to have risk management functions in place. Most recently, the European Commission issued a proposal to increase disclosure by listed and large firms on their management of risks, which will indirectly imply greater attention to risk management procedures on their part. This paper, after documenting the phenomenon of Risk Management ‘Juridification’ (RMJ) with specific reference to developments in EU legislation, highlights the numerous shortcomings of such a policy: we first highlight the intrinsic limits of risk management and, even more, risk measurement techniques. Failure to understand such limits may lead to market participants’ over-reliance ex ante and to enforcers’ over-reaction ex post. Next we show how risk management can hardly be distinguished from management and argue that RMJ may well lead to courts’ excessive ex post-review of managerial decisions. We then focus on the intensified perils of standardization, proceduralization, and acritical box-ticking that RMJ implies. After clarifying that RMJ can do little to alleviate systemic risk, we further show that risk management requirements may serve managers’ interests vis-à-vis shareholders and are hard to justify for companies with controlling shareholders. Finally, we highlight their anticompetitive effects due to their higher relative burden on small companies. We conclude that absent special, industry-specific circumstances, RMJ is, if not an even dangerous exercise, a less effective and efficient regulatory tool than policymakers tend to think.

Keywords: Risk management, board duties, directors liability, CRD IV, Non-financial information, internal controls

JEL Classification: K22, K23, K42, M14, M48

Suggested Citation

Enriques, Luca and Zetzsche, Dirk Andreas, The Risky Business of Regulating Risk Management in Listed Companies (October 23, 2013). European Company and Financial Law Review Vol. 103, Issue 3, pp. 271-303 (2013). Available at SSRN: https://ssrn.com/abstract=2344314 or http://dx.doi.org/10.2139/ssrn.2344314

Luca Enriques

University of Oxford Faculty of Law ( email )

St Cross Building
St Cross Road
Oxford, OX1 3UL
United Kingdom

European Corporate Governance Institute (ECGI)

c/o ECARES ULB CP 114
B-1050 Brussels
Belgium

HOME PAGE: http:/www.ecgi.org

Dirk Andreas Zetzsche (Contact Author)

Universite du Luxembourg - Faculty of Law, Economics and Finance ( email )

Luxembourg, L-1511
Luxembourg

HOME PAGE: http://wwwen.uni.lu/recherche/fdef/research_unit_in_law/equipe/dirk_andreas_zetzsche

Heinrich Heine University Dusseldorf - Center for Business & Corporate Law (CBC) ( email )

Universitaetsstr. 1
D-40225 Düsseldorf
Germany
+49 211 81 15084 (Phone)
+49 211 81 11427 (Fax)

Register to save articles to
your library

Register

Paper statistics

Downloads
321
Abstract Views
1,568
rank
95,939
PlumX Metrics