Managing Risk in Credit Cooperative Banks: Lessons From A Case Studyadele

Management Accounting Research 32 (2016) 115
Contents lists available at ScienceDirect
Management Accounting Research

journal homepage: www.elsevier.com/locate/mar
Managing risk in credit cooperative banks: Lessons from a case study

Adele Caldarelli a , Clelia Fiondella b , Marco Maffei a , Claudia Zagaria b,
a
University of Naples Federico II, Department of Economics, Management, Institutions, Campus Universitario Monte S. Angelo, Via Cinthia 26, 80126
Naples, Italy
b
Second University of Naples, Department of Economics, Corso Gran Priorato di Malta 2, 81043 Capua, Italy
a r t i c l e
i n f o
Article history:
Received 26 May 2014
Received in revised form 15 October 2015
Accepted 21 October 2015
Available online 16 November 2015
Keywords:
Duality of purpose
Enterprise Risk Management
credit cooperative banks
a b s t r a c t
The aim of this paper is to explore how the implementation of enterprise risk management (ERM) practices can help organisations to pursue both economic and social goals. To do so, we look at the credit
cooperative banking sector, which often attempts to conduct socially responsible business practices. To
deepen our understanding of how such banks deal with risk, we provide an in-depth study of one credit
cooperative bank. The analysis highlights the peculiarities of ERM practices implemented in a specic
context and explains how an ERM system enables credit cooperative banks to manage the risks associated
with a duality of purpose.
This research is relevant from a theoretical perspective because it addresses new trends in the risk
management literature, thus elucidating how ERM systems can be implemented to support dual-purpose
organisations. The study also adds to the literature on ethical banking, as it offers an in-depth description
of how ERM systems work in this particular context. This paper also has practical implications; it provides
insights to similar banks on how to manage risk in a way that supports social development in their local
communities. Our analysis is also of interest to other types of socially-oriented businesses, which may
follow a similar approach to operationalise ERM practices.
2015 Elsevier Ltd. All rights reserved.
1. Introduction
During the recent nancial crisis, the traditional large banks
experienced a distinct decline in their performance (Landsman
and Peasnell, 2013) due to signicant weaknesses in their risk
management practices, which became painfully visible (Paape and
Spekl, 2012; Magnan and Markian, 2011; Fraser and Simkins,
2010; Harner, 2010; Power, 2009). Consequently, nancial rms
worldwide are currently under signicant pressure to strengthen
their risk management systems (Tekathen and Dechow, 2013).
Effective risk management is central to sound corporate governance, and it adds value for stakeholders (Paape and Spekl, 2012).
In this regard, banks have changed their decision-making processes
towards a different and more complex approach that integrates
social, environmental and consumer concerns into their core strategies (Barbu and Vintila, 2007; De la Cuesta-Gonzlez et al., 2006,
Scholtens, 2006). They have also redesigned their risk management processes accordingly (Linsley and Shrives, 2006) and carry
out risk-based due diligence to identify, prevent and mitigate all
Corresponding author.
E-mail address: claudia.zagaria@unina2.it (C. Zagaria).
http://dx.doi.org/10.1016/j.mar.2015.10.002
1044-5005/ 2015 Elsevier Ltd. All rights reserved.
risk events, including nancial and non-nancial ones, to minimise

possible adverse impacts on overall performance (Milano, 2010).
Because of the aforementioned considerations, the idea of enterprise risk management (ERM) has gained substantial momentum
(Lundqvist, 2014; Paape and Spekl, 2012; Frigo and Anderson,
2011). ERM enables organisations to effectively deal with uncertainty, and its associated risks and opportunities, to achieve
performance and protability targets and prevent the loss of
resources (COSO, 2004). Therefore, we argue that such an approach
enhances banks capacity to preserve and create value for their
stakeholders, which includes not only economic prot but also
social benets.
A growing number of academic researchers (Demidenko and
McNutt, 2010; Weitzner and Darroch, 2010) and practitioners
(Institute of Internal Auditors, 2013; Institute of Risk Management,
2012) have begun to address the connection between ERM implementation and both economic and social value. However, as yet,
there is no empirical evidence concerning how ERM systems can
be organised in order to balance and manage the risks associated
with the aforementioned duality of purpose. To ll this gap, our
research explores how ERM practices work within nancial institutions that aim to achieve both economic and social value. To
better focus the analysis, we look at the credit cooperative banking sector because banks in that sector are recognised by regulators
A. Caldarelli et al. / Management Accounting Research 32 (2016) 115
(European Commission, 2011) and professional associations (International Cooperative Banking Association, 2013) alike as being
especially afliated with social business behaviours. Indeed, they
are described in the literature as ethical banks, as characterised by
San-Jose et al. (2011).
Credit cooperative banks, as ethical banks, have a twofold purpose: as nancial intermediaries, they have to achieve economic
protability in order to meet the shareholders needs, while, at
the same time, they operate to promote the economic and social
development of local communities (San-Jose et al., 2011; Barbu
and Vintila, 2007; Buttle, 2007; Cowton and Thompson, 2001).
For this reason, these banks provide funding to local businesses
and non-bankable persons (Ayadi et al., 2010) that have frequently
experienced nancial exclusion because they carry more risk than
those that large commercial banks are typically prepared to fund.
Credit cooperative banks risks are those of their clients, namely
a combination of economic and social risks that are translated into
the banks activity, forcing these nancial institutions to face a
wider range of risk categories (other than nancial ones) in order to
achieve their targets. Therefore, ERM assumes a crucial role, especially in the context of credit cooperative banks, because it allows
them to holistically handle riskiness according to the specic nature
of these banks business model, including their peculiar governance
structure.
Hence, the aim of this paper is to investigate how the implementation of an ERM system can help such banks, which aim to achieve
both economic targets and social value, to better identify, manage,
and mitigate their risks.
More specically, our analysis answers the following research
questions:
1. How do credit cooperative banks operationalise ERM?
2. How does the governance structure of credit cooperative banks
shape ERM?
3. How does ERM allow credit cooperative banks to achieve both
economic and social performance?
To deepen our understanding of how ERM may help organisations that aim to achieve both economic and social purposes, our
analysis employs a single case study of an Italian credit cooperative
bank.
The reminder of the paper is structured as follows. Section 2
elucidates the main characteristics of the business model of cooperative banks to which we refer in our analysis. Section 3 assesses
prior studies on ERM practices. Section 4 describes the research
method. Section 5 focuses on the case study itself, while Section 6
discusses the main ndings of the research. The last section concludes the study, considers the implications of the analysis and
makes suggestions for further research.
2. The business model of credit cooperative banks
During the last few years, a number of factors, both theoretical and practical, have contributed to banks attempting to add
value to stakeholders (European Commission, 2011; Arena et al.,
2011; Barbu and Vintila, 2007; Scholtens, 2006). Attention has been
devoted to the banking system because it has the power to orient and redirect external rms performance, thus generating a
more comprehensive engagement with the potential to move the
whole economic system towards the creation of social value (De la
Cuesta-Gonzlez et al., 2006).
To improve value for stakeholders, banks are including social
value, along with economic purposes, into their decision-making
processes (De Graaf, 2006) and are taking into account the economic and social risks associated with their investments (European
Commission, 2011; Scholtens, 2006; De la Cuesta-Gonzlez et al.,

2006). This also implies that banks have started to assess their
clients on the basis of their social and environmental performance,
thus stimulating the pursuit of non-prot-oriented goals from their
borrowers, investors and other actors in the external environment.
The growth in importance of non-prot-oriented issues has
increased interest in the area of the banking system that centres its
activity on humans rather than money. Different from traditional
banks, this kind of locally-rooted nancial rm pays more attention to the external, non-economic consequences of all economic
decisions. Hence, such organisations fund entrepreneurs who are
promoting business models that increase social value, guarantee
ecosystem protection, and develop democratic decision-making
processes. This kind of bank avoids engaging in nancial practices
for speculative purposes and instead promotes the idea of the creation of value for the community as a whole (Ayadi et al., 2010).
The literature denes such banks, which are shaping a different
idea of nance, as ethical banks and identies the duality of purpose
as their distinguishing feature. Importantly, ethical banks aim to
achieve both economic and social protability (San-Jose et al., 2011;
Barbu and Vintila, 2007; Cowton and Thompson, 2001). Economic
protability should be regarded as a good management practice on
the part of the bank that helps to guarantee economic sustainability
and durability over time, while social protability involves funding economic activities with a social role as well as the absence of
investments in speculative projects (San-Jose et al., 2011). These
targets have to be achieved jointly, since the social dimension,
which makes the bank ethical, can only be pursued if the bank is
economically sustainable. In other words, the nancial objectives of
these organisations are merely their means of realising the ultimate
objectives of people, which are non-nancial in nature.
It has been argued (San-Jose et al., 2011; Cowton, 2010) that
such banks build their core business on the following three principles, which represent the meeting point between traditional and
ethical banking systems (Vigan and Nicolai, 2006): afnity, responsibility and integrity. The afnity principle is based on investments
that meet the interests of both shareholders and depositors, and
refers to the banks responsibility for decision making regarding
the placement of assets as well as the nal destination of deposited
funds. The responsibility principle is about being accountable to
the local community as a whole for the consequences of a banks
behaviour. The integrity principle, fostered by close proximity to
customers, is related to the attempt to avoid nancial exclusion,
which often includes immigrants, women, and the very young and
very old, i.e. the so-called non-bankable people, to which credit is
denied (Cowton, 2010).
This ethical approach to banking has inspired many European
nancial institutions (De Clerck, 2010), who have gradually operationalised the aforementioned driving principles in their activity,
sometimes adopting different legal structures that allow them to
operate for the achievement of social purposes. Such banks may be
not linked to a particular association or may belong to a specic
network (Buttle, 2007), as is the case for credit cooperative banks.
The literature supports the contention that the three principles
discussed above, as well as the theoretical underpinnings of ethical
banks, have been put into practice in the business model of credit
cooperative banks (San-Jose et al., 2011; Barbu and Vintila, 2007;
Buttle, 2007; Thompson and Cowton, 2001). Historically, the birth
of credit cooperative banks in Europe was a response to the challenge of providing affordable loans to the emerging class of workers,
shopkeepers and farmers with little or no collateral and who had
limited access to credit. Due to the fact that credit obtained from
money lenders was often available only at exorbitant interest rates,
the central idea of a cooperative credit institution was simple: the
people excluded from the nancial system had to be self-reliant
(Vigan and Nicolai, 2006). The historical motivations related to
the birth and the development of the credit cooperative banks still
persist.
Credit cooperative banks represent an integral and wellestablished part of the European nancial system. The credit
cooperative banking model has shown itself capable of translation into many different national settings (Davis and Worthington,
1993). This means that there is no completely homogeneous set of
cooperative banks across Europe, because national laws on cooperatives vary. Therefore, the European cooperative banking sector
can be characterised as having commonality with diversity (Ayadi
et al., 2010).
According to the aforementioned criteria of the ethical banking
system, credit cooperative banks carry out their business activities
to achieve so-called duality of purpose, which encompass economic
and social protability. These banks, as nancial intermediaries,
have to meet the members needs to ensure economic protability
but, at the same time, they are socially responsible entities that aim
to contribute to the development of communities and local areas.
This position is described in Christensen et al. (2004), Groeneveld
and De Vries (2009) and Ayadi et al. (2010) as dual bottom line institutions, meaning that cooperative banks need to generate prot to
survive and expand, but that prot is not the sole or even primary
bottom line objective.
To achieve the so-called duality of purpose, credit cooperative
banks not only operate according to the driving principles of ethical
banks (i.e. afnity, responsibility and integrity), but also adhere to
further distinguishing principles, which ensure that these banks
meet members needs so as to guarantee economic protability
and, at the same time, contribute to the social development of
communities and local areas. In more depth, the business model
of credit cooperative banks also relies on the mutuality principle,
the membership concept, the democratic principle and network cooperation (Ayadi et al., 2010).
Cooperative banks operate on the basis of the mutuality principle, which is intended as a different way to make prot.1 The
mutuality principle states that organisations have to deliver services to their members on more favourable terms, through the
comparative advantage of establishing trust (Kay, 2006). Hence,
according to the mutuality principle, credit cooperative banks aim
to provide benets to their afliates/shareholders based on their
membership rather than to achieve economic prots. Similarly,
credit cooperative banks are effectively held and controlled by their
local customers through the membership concept. Cooperative
banks are owned by their members, who are private citizens and
individual entrepreneurs who have stakes in the bank. However,
a cooperative bank may have customers who are not members. To
align banks objectives with their members interests, governance is
built upon the democratic principle. Accordingly, the voting rights
of the user-members are allocated in accordance with the one
member, one vote principle rather than in proportion to the size
of ownership stakes.
In addition, cooperative banks are part of a network that has an
integrated structure and extensive vertical and horizontal cooperation. These institutions concentrate the provision of certain
services and production processes, especially where benets of
economies of scale are signicant (IT support, data processing,
1
The idea of the mutuality principle as a driver of making prot in a different way
is fully addressed in the literature. It pertains to the modus operandi of cooperatives,
as organisations operating in a restricted and peculiar competitive environment
where their suppliers and/or customers coincide with their owners. These businesses use resources to add value in the creation of goods and services that meet
the need of their shareholders rather than to provide them a capital gain for the
share owned (Potito, 2014, p. 13).
training, accounting, marketing, product development and representation).

To conclude, the business model of credit cooperative banks
described in this section claries the peculiarities of the context
in which our case study is built, which will help to understand how
such organisations balance and manage the risks associated with
their duality of purpose.
3. Enterprise Risk Management literature: emerging issues

ERM is dened as a process, affected by an entitys board of
directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events
that may affect the entity, and manage risk to be within its risk
appetite, to provide reasonable assurance regarding the achievement
of entity objectives (COSO, 2004: 2). According to recent literature
(Tekathen and Dechow, 2013; Soin and Collier, 2013; Mikes, 2009),
this denition of ERM is similar to the widely used denition of
management control by Anthony (1965).
In particular, due to the emphasis on the strategic features and
purposes of ERM, it can be regarded as a strategic management
control system, which helps an entity to get to where it wants to
go and to avoid pitfalls and surprises along the way (Collier, 2009).
It should be noted that the premise of enterprise risk management is
that every entity exists to provide value for its stakeholders. All entities
face uncertainty, and the challenge for management is to determine
how much uncertainty to accept as it strives to grow stakeholder value
(COSO, 2004: 1).
The existing literature on ERM has emphasised the importance
of the internal environment for the appropriate implementation of
an ERM system in a particular organisation (Gordon et al., 2009;
COSO, 2004) and that this is very likely to vary from rm to rm.
The suggestion that there is no universally-accepted ideal ERM
system is quite intuitive and has been suggested elsewhere (e.g.,
Financial Reporting Council, 2005; Beasley et al., 2005; Moeller,
2007). In this regard, a number of contributions have studied the
details of ERM practices in specic organisational settings (Arena
et al., 2010; Mikes, 2009; Kimbrough and Componation, 2009;
Wahlstrm, 2009; Woods, 2009). It has been argued that, for
effective ERM, companies must look beyond technology to establish a culture of risk management throughout the organisation,
one that permeates both its existing practices and the individual
behaviour of managers in everyday decision making (Mikes, 2011;
Caldarelli et al., 2011). For instance, Arena et al. (2010) emphasise
the context-specic and highly organisationally dependent nature
of ERM and the continually evolving mutual interaction between
ERM and other pre-existing risk management practices. Woods
(2009) reports signicant variety at the operational level of the ERM
system within a single large public sector organisation. With particular reference to the banking sector, Mikes (2009), through the
analysis of two large banks, concludes that systematic variations in
ERM practices exist, even within a single industry setting. However,
despite the increasing attention paid to the implementation of ERM
systems within the banking sector, there is a lack of description on
how ERM practices are operationalised in those banks that have to
achieve duality of purpose.
It is widely accepted that the implementation of ERM develops
from the governance structure of a specic setting; for banks, such
implementation would be intended to help them reach their performance targets (COSO, 2014). Some authors regard ERM practices
as a key component of corporate governance (Arena et al., 2011;
Arnaboldi and Lapsley, 2011; Demidenko and McNutt, 2010). ERM
provides means of attaining an entitys objectives by monitoring
performance of (say) an agent by a principal and assuring that the
principals (i.e. stakeholders) interests are met by the diligent and

efcient behaviour of the agent (the entity).
One of the challenges associated with ERM implementation is
determining the appropriate leadership structure to manage the
identication, assessment, measurement and response to all types
of risks that arise across the enterprise (COSO, 2004; Nocco and
Stulz, 2006). To respond to this challenge, many organisations
appoint a member of the senior management team to oversee
the enterprises risk management process. Some authors such as
Liebenberg and Hoyt (2003) and Beasley et al. (2008) rely on data
on chief risk ofcer appointments as their sole indicator for ERM
adoption, arguing that the appointment of a chief risk ofcer is used
to signal, both internally and externally, that senior management
and the Board is serious about integrating all of its risk management activities under a more powerful senior-level executive (Lam,
2001). Indeed, because of its scope and impact, there is a prevailing
view that an ERM initiative cannot succeed without strong support
from the senior management level, with a direct reporting line to
the chief executive ofcer or chief nancial ofcer. Senior management leadership of ERM helps to consistently communicate and
integrate the entitys risk philosophy and risk management strategy
throughout the enterprise (COSO, 2004).
Several semi-regulatory bodies (Casualty Actuarial Society
Committee on Enterprise Risk Management, 2003; COSO, 2004; The
Basel Committee on Banking Supervision, 2004) and professional
associations (Institute of Internal Auditors, The Global Association
of Risk Professionals, the Institute of Risk Management, and the
European Commission) have tried to standardise and codify best
practices by suggesting a high-level architecture of process-based
risk management (Power, 2007). ERM standards include boards,
audit committees, and internal and external auditors with structured frameworks through which to evaluate, monitor and account
for organisational processes.
However, others emphasise (Paape and Spekl, 2012) that
there is no evidence that the application of the COSO framework
improves risk management effectiveness, nor is there support for
the mechanistic view on risk management as implicit in widely
accepted recommendations on risk appetite and tolerance. In this
regard, some authors highlight how the principles of ERM may
induce rms to create bureaucratic trails to prove sound corporate governance (Arena et al., 2011; Martin and Power, 2007; Spira
and Page 2003), making the production of evidence more important
than managing real risk (Fraser and Henry, 2007; Baker 2004).
What emerges is that while this intensication of organisational responsibility structure is important (Power, 2007), ERM
systems are not to be identied solely with practices implemented
by large corporations and do not necessarily imply a complex governance apparatus for handling risk. In reality, the introduction of
an ERM system is based on cultural principles that entail institutional variation in risk governance (Harner, 2010; Kimbrough and
Componation, 2009 Power, 2007), which is strongly anchored in
local circumstances (Meyer et al., 1997). Despite this new emphasis
on risk-governance activities, as framed within the organisational
system, the question of how organisations with a lean governance
structure actually practice ERM still remains unanswered.
Papers addressing the effects of ERM adoption on rm performance (McShane et al., 2011; Hoyt and Liebenberg, 2011; Beasley
et al., 2008; Gordon et al., 2009) are sparse and offer mixed results.
Some authors investigating the relationship between the extent
of ERM practice implementation and rm performance found that
nancial performance increases as rms implement increasingly
more sophisticated traditional risk management systems but does
not increase further when rms achieve ERM (McShane et al.,
2011). On the other hand, other studies predict that by adopting
a systematic and consistent approach to managing all the risks
confronting an organisation, ERM lowers the rms overall risk of
failure and thus increases its performance and, in turn, its overall
value (Gordon et al., 2009). In this regard, Gordon et al. (2009) identied ve specic rm factors (environmental uncertainty, industry
competition, rm complexity, rm size and board of directors monitoring) that are believed to have an impact on the relationship between
ERM and rm performance. In particular, it is argued that ERM represents a tool to ensure nancial stability as well as to achieve social
value (Demidenko and McNutt, 2010).
A considerable effort has been made on the part of practitioners
to construct practical guidelines for all rms seeking to integrate
the social dimension into their ERM programme (COSO, 2013). In
the banking sector, there are some examples of emerging best
practices for transforming the assessment of social risks into the
creation of business benets (International Finance Corporation,
2007). However, as yet, there is no empirical evidence of how ERM
actually allows social banks to achieve their performance targets.
Given this background, this paper seeks to investigate how the
implementation of an ERM system can help credit cooperative
banks, which aim to achieve both economic targets and social value,
to better identify, manage, and mitigate risk. More specically,
this research addresses the aforementioned gaps in the existing
literature by providing evidence of how credit cooperative banks
operationalise ERM, explaining how the governance structure of credit
cooperative banks shapes ERM, and elucidating how ERM allows credit
cooperative banks to improve both economic and social performance.
4. Research design
To address the research questions, we examine in detail the case
of a specic credit cooperative bank, explaining how an ERM system
allows such banks to deal with issues risk, so as to achieve their
duality of purpose (Ahrens and Chapman, 2007; Busco et al., 2006;
Otley and Berry, 1994; Scapens, 1990).
We use the case of Banca di Credito Cooperativo (BCC) di Napoli,
the main credit cooperative bank within the Neapolitan region,
which is characterised by strong cultural and social divisions, and is
plagued by deep-seated problems of crime and corruption. Moreover, in this region, the nancial crisis has had devastating effects
on economic growth and occupation, and the examined bank has
played a crucial role in supporting the community, both in economic and social terms. On the one hand, BCC di Napoli is the
second most protable small bank in Italy (Banca and Finanza ranking, 2014), while on the other hand, it has also been recognised
as an excellent example of ethical banking (letter attached to the
Financial Report 2014). Therefore, this case study is relevant to
deepening our understanding of how to encourage economic and
social growth in areas that need not only nancial investment but
also social investment for their development.
The analysis of this case study is based on both the internal and
the external environment of BCC di Napoli, and it covers the period
from 2009 to 2013. Hence, we use internal sources (interviews with
the managers and internal documents, which are not usually available to the public) and external sources (all reports published by
the company, newspaper articles and other public coverage of the
company).
As the primary source of information, we interviewed the chairman and the board of directors because they are responsible for
achieving the banks duality of purpose. In addition, we also interviewed other people who work in the organisation, i.e. the risk
management team and credit risk controllers, as they are directly
involved in ERM processes. To gain a more comprehensive view
on how BCC di Napoli deals with risk: we interviewed two clients
who were involved in particular investment projects, allowing us
to conrm the data provided by insiders of the bank. The two clients
are, of course, not representative of all the socially recognised

Table 1
The interviewees.
Interviewees functional position
Number of interviewees
Chairman and Board of Directors

General directors
Director of legal and compliance
Financial accounting division
Risk controller
Risk management team
Chief credit ofcer
Credit risk controller
Financial ofcer
Department of accountability and transparency
Head of branch
Clients
3
2
1
1
1
3
1
2
2
1
1
2
stakeholders. However, these interviews did permit us to obtain a

different, although partial, perspective of the external perceptions
of the banks activities. Documentary sources, such as newspaper
articles, were also accessed to better elucidate the whole of the
phenomenon.
In sum, we collected 20 in-depth interviews, each between two
and two and a half hours in length. Table 1 provides the list of
interviewees.
To deepen our understanding on how ERM practices allow BCC
di Napoli to balance and manage the risks associated with its duality
of purpose, we kept the interviews open and used semi-structured
questions. These semi-structured questions covered a number of
key topics to be discussed during the interviews; the same literal
questions were not asked during each interview. These interviews
were used to gather information on the ethical principles of the
bank, and how and to what extent these principles inuence banking activities. We also asked for information on the how this bank is
able to balance economic protability and social needs and, in doing
this, the role ERM plays. The interviews were recorded and then
transcribed for analysis. Telephone follow-up with the respondents
was conducted when their responses were found to be unclear or
missing.
During the interviews, we collected many relevant internal documents to help us to learn about the risk management process and
corroborate the interview responses. These documents included a
complete set of the procedures of BCC di Napoli, comprising summaries of risk management procedures, strategic plans and other
related matters. Public information about the company was used
as an additional source of information.
Table 2 lists the external and internal documents to which we
referred.
Because one member of the research team was a member of the
banks supervisory committee, we had the opportunity to attend
some important corporate meetings to collect further documentation. Attendance at such meetings allowed us to collect informal
evidence on the corporate environment and made us aware of personal relationships between different members of the board. In this
regard we beneted from very good access to relevant information, as this bank wanted to promote its practices and consequently,
people were very willing to discuss their work.
We worked as a team in each step of the analysis. All researchers
contributed to the denition of the key topics for the interviews.
At least two members of the team were involved in each interview,
if more than one interview had been arranged at the same time.
As soon as possible after the interviews, the recordings were listened to, transcribed and then discussed by the team. Sometimes
the researchers involved in the interviews provided other members of the team with informal evidence and notes taken during
eldwork. Corporate meetings, on the other hand, were attended
by all researchers. Working notes were taken and, as soon as the
meetings ended, each team member prepared a separate report.
Collecting and analysing evidence in this way allowed us to

interpret phenomena that were agreed upon by all team members, thus avoiding the subjectivity of each individual researcher.
In terms of the member of our team who was also a member of
the Supervisory Committee, we managed his potential bias in a
way that would enable rather than detract from our research. We
benetted from his knowledge and relationships within the organisation, as well as from his broader explanations of key banking
activities but, at the same time, our research protocol and codes for
the analysis came from a distributed process that required interaction and collaboration. In addition, to avoid the effects of bias on
the analysis, the contextual validity of the ndings was addressed
by the respondents through the verication and further clarication of interview transcripts and through the approval of the nal
report by key informants.
The researchers organised the transcripts chronologically and
discussed the interviews, summarising the data, where possible,
around the business model of cooperative banks provided in Section 2 and the relevant themes in ERM outlined in Section 3. The
issues that were impossible to summarise in light of such themes
were discussed separately and associated with one or more issues
of broader interest.
5. Enterprise Risk Management at Banca di Credito
Cooperativo di Napoli
5.1. Setting the context
In Italy, there is no specic law that determines the fundamental nature and general operational principles of cooperative banks;
they are regulated by a chapter of the broader national law on the
banking sector (Testo Unico Bancario, 2007). The cooperative banking sector represents a growing proportion of banks in Italy, and
this trend is likely to continue in the years to come (ISTAT, 2012).
Although government support is available in some notable cases
at the European level, Italian credit cooperative banks are private
enterprises, i.e. organisations that use resources to add value in the
creation of goods and services (Catturi, 2007). They are referred to
as Banche di Credito Cooperativos (BCCs).
BCCs play a very important role in the Italian banking sector due
to their widespread distribution in many cities (sometimes as the
only bank in a local community). In particular, BCCs maintain a signicant presence in municipalities with less than 5000 inhabitants,
which helps them to achieve greater proximity and provide better
access in these areas.
According to Italian law, BCCs must carry out at least 50% of their
banking activities for members/stakeholders (art. 35). However,
according to the mutuality principle, BCCs conduct their business
primarily for their members/shareholders. More specically, to
emphasise a strong relationship with a local region, all members
of BCCs have to prove that they are residents (the registered ofce
or the continuous activity) of the local community. According to
Italian law (art. 37), BCCs have to allocate 70% of prots to their
legal reserve, with 3% to the mutual fund, and distribution to members cannot be more than 2.5% above the interest free rate. The
remainder is to be used for charitable purposes.
BCCs operate within a three-level network (local, regional and
national), characterised by an associative structure and a corporate
system.2 Hence, the Italian mutual credit cooperative banking sys-
2
More specically, it is possible to identify mutual credit cooperative banks at
the local level, federations at the regional level and Federcasse at the national level.
Each mutual credit cooperative bank is associated, according to the geographic area
of reference, with a federation (encompassing one or more regions). Federations
are, in turn, members of the national association Federcasse, which represents and
Table 2
External and internal documents.
External documents
Internal documents
Regulation of credit cooperation

Values chart
Cohesion chart
Finance chart
Social reporting of the credit cooperation (Bilancio Sociale e di Missione del Credito Cooperativo)
Financial statements (20092013)
Newspaper articles (Il Sole 24 Ore) (20102013)
Strategic plans (20092015)

Operational plans (20092013)
General regulation statement (2010, 2012)
Internal procedure on management of savings (2009, 2011, 2012)
Riskiness measure reports (20092013)
Internal procedures on lending process (revised version) (2011)
Credit risk reporting(20092013)
Liquidity monitoring (20092013)
Audit plans (20102012)
tem, thanks to the role of the network, combines the traditional

features and the economic constraints of banking activities with
the peculiar social purposes of such banks, as it is characterised by
a exible organisational structure. At the same time, this structure
also ensures a high degree of autonomy to each credit cooperative bank, thus enabling them to better meet their local members
needs.
BCC di Napoli, which is the subject of our case study, is a relatively young bank, founded in 2007, and carries out its banking
activities in Naples, in the South of Italy. As with all BCCs, BCC
di Napoli aims to achieve economic protability to guarantee its
economic sustainability. Its activities are also oriented to social
protability. Indeed, the main goal of BCC di Napoli is to promote
bottom-up development of the Neapolitan community through
assisting young people who are not nanced by traditional large
banks, promoting sustainable growth of smallmedium sized entities and observing its duty of benecence.
According to the mutuality principle, BCC di Napoli conducts
over 70% of its activity3 for its members/shareholder. At a deeper
level, BCC di Napoli directs its activities towards internal mutuality, which is viewed as the creation of economic and social value for
the clientmember. At the same time, BCC di Napoli aims to pursue the economic, social and environmental interests of the local
community, i.e. external mutuality. Moreover, with other cooperative banks, BCC di Napoli enacts systemic mutuality to enhance
cooperation and promote network development.
The following sub-sections of the case study will describe the
ERM process of BCC di Napoli. We will move from the explanation
of the internal environment in which the analysis has been carried
out to an analysis that denes the banks purposes, both economic
and social. We then elucidate how ERM has been operationalised
and dene roles and responsibilities related to the management of
different risks, paying more attention to credit risk, which is the
most important risk for BCC di Napoli. We also explain the role
of the network in supporting BCC di Napolis activities related to
holistic risk management.
5.2. Mission and objectives

BCC di Napolis activity is strongly rooted in the Neapolitan
region and, rather than maximising short-term economic value, it
seeks to maximise the broad interests of its members/shareholders,
protects the rights of its associated banks, offering them legal, scal, and organisational assistance, while providing support in communications and training, so as to
provide benets to the mutual credit cooperatives system as a whole. Also, at corporate level, the Italian mutual credit cooperative banking system includes several
service companies, working together to guarantee a complete and diversied range
of nancial products, which help these small banks to reach their own economic
and social aims.
3
It should be noted that BCC di Napoli conducts more of its activity for its members, than the minimum required by law, which is 50% of banking activity.
who typically maintain long-term trusting relationships with the

bank. BCC di Napolis mission is clearly declared in its statute:
Carrying out its activities, BCC di Napoli is based upon the principle of mutuality without speculation. Its purpose is to create
favourable conditions for its members and the local community
in the products and services provided by the bank, pursuing
the improvement of the moral, cultural and economic conditions and promoting the development of cooperation as well as
the social cohesion, the responsible growth and the sustainable
development of the region in which it operates. (art. 2, Statute)
As conrmed by the interviews, this mission is shared and
embedded within the organisation as a whole. All of the interviewees emphasised that they perceive BCC di Napoli as our bank,
and that they appreciate its open door policy, or familiar approach.
In this regard, the chairman stated: communication makes people
feel involved in the activities, part of a family with the same values.
We just communicate, as soon as we can, everything that matters:
communication is knowledge and knowledge is the oxygen for our
activity. This was also conrmed by the interview with the risk
controller, who said: You really need to talk to each other if you
want to build a team rather than just the sum of individuals with
their autonomous conicting opinions.
When we were in the bank for the interviews, we realised how
people shared their knowledge in concrete terms. In particular, we
found that there were formal meetings between the members of
each team and also between team leaders and each member, during
which they discussed problems, suggestions or strategies for any
special cases. There were also informal meetings, as the employees frequently had lunch together and discussed recent news from
newspaper articles that could impact BCC di Napolis activities.
Given the values that shape the internal environment and permeate the mission of BCC di Napoli, which were already addressed
above, it is important to clarify the extent to which BCC di Napoli
has achieved its social purposes. In this regard, the interview with
the chairman highlighted that, although the mission of the bank is
to achieve the common good of the local community, BCC di Napoli
is not a charitable institution: BCC di Napoli is a bank and, as a
bank, has to make prot to ensure its existence and durability.
The mission is clearly translated into BCC di Napolis economic
and social objectives. BCC di Napolis economic objectives were
identied by the general director and formalised into specic risk
return indicators. These economic objectives are then examined
and approved by the chairman and board of directors. To increase
its capital, its main economic objective is growth in the number
of members/shareholders, as this is the banks only source of new
money. The interview with the general director and the analysis
of the internal operational plan showed that in 2009, the bank had
two targets for the number of members/shareholders. The rst was
quite cautious (2900 members by the end of 2010); the other more
optimistic (3400 members by the end of 2010). It is worth noting
that BCC di Napoli is actually achieving its economic targets (Strate-
gic Plan, 2012). By the end of 2011, BCC di Napoli had increased its
membership to 3164, with a total of D 7326,500 in capital.
On the other hand, BCC di Napolis social purposes are dened
by its local community. All members of the board of directors drew
attention to the role of local rms and people in dening the banks
social purposes. They are actively involved in the objective-setting
process, which is a distinguishing feature of BCC di Napolis modus
operandi and the ethical nature of its banking activities. In this
regard, clarifying that BCC di Napoli does not have its own social
purpose, one member of the board said:
To promote the economic and social development of the
Neapolitan community, we do not have to identify the social
purpose of the bank because BCC di Napoli does not have its
own social purpose. Our role (the role of the bank) is just to
help our members and local people to achieve what they want
to achieve, if their projects are relevant for the growth of our
region.
To meet the needs of the local community, in 2009,
the head of the branch4 collected data from local people
(members/shareholders and external clients) from the different
municipalities in which BCC di Napoli operates to determine their
social priorities. In the following quote, he explains how local people are actively involved in the objective-setting process:
On the basis of our knowledge of the Neapolitan region and considering the instructions of the Board of Directors, the strategic
planning function and I identied a list of 21 social needs of our
community, grouped into 10 categories. To gather information
from the shareholders/members, I distributed a questionnaire
by email. On the other hand, to collect data from the external
people, I interviewed 350 external clients, with the help of two
cashiers, to understand how BCC di Napoli could support local
development. (head of the branch)
Once all of this information was gathered from the different
respondents, the social needs were aggregated in the order of priority expressed by the Neapolitan community, as described in the
following list from the Strategic Plan 2011:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Local rms (including start-ups)

Artisans and farmers
Occupation
Environment
Combating crime
Health
Education
Immigrants
Culture
Sport
For the sake of clarity, the ten above-mentioned headings are

briey addressed below in order to explain in more detail the different aspects of the banks social activity.
To facilitate the development of the local community, BCC di
Napoli provides nance to rms that operate in the local area,
including start-up rms, which have specic funding needs in
terms of their business growth due to the small size of their operations. As the local economy is to some extent at least based on
handicrafts and agriculture, BCC di Napoli gives money to artisans
and farmers, a particular set of clients who are self-employed people and who traditionally lack access to nance due to the absence
of nancial and patrimonial guarantees. Providing nance to local
This bank has just one branch, which is located in Naples.
productive activity also allows the bank to increase or safeguard

the regional occupation level. The bank also favours investments
that safeguard the external environment, avoiding or minimising
adverse impacts due to operations on soil, water, and other natural resources used by the affected communities, as well as new
projects that enable innovation in the healthcare sector.
BCC di Napoli supports education through its cooperation with
a local university. This cooperation involves scholarships, opportunities for students, and open access to the bank in order to develop
project work. The activity of BCC di Napoli is also oriented towards
nancial investments that promote cultural heritage (i.e. properties
and sites of archaeological, historical, cultural, artistic and religious
signicance, unique environmental features, and cultural knowledge) so as to increase and protect for future generations the value
of the local community.
In general, BCC di Napoli does not nance rms that are directly
or indirectly related to criminal organisations, thereby contributing to removing crime from the economy of the region. The bank
also gives money to immigrants, since social groups coming from
a foreign country are often among the most vulnerable segments
of the population. Hence, the bank seeks to help them achieve a
satisfactory quality of life.
Finally, the social purposes of BCC di Napoli are achieved by
reserving some funding for sports associations and athletics activities.
The Board of Directors and the strategic planning function discussed this classication of social needs to determine the direction
for BCC di Napoli, as conrmed by the following quote from the
interview with the chairman:
Our role is just to ensure whether or not they are reasonably
consistent, from an economic perspective, with our ability to
handle the related risks, to ensure that our bank is able to full
these needs and support the local community.
Nonetheless BCC di Napoli still has to operate as a bank, and
according to the regulations for nancial intermediaries (Basel III,
which will be discussed in the following section), it has to be
compliant with the supervisory constraints dened on both the
European and Italian level. Therefore, BCC di Napoli has to prioritise
its economic targets in those cases in which the economic and social
purposes of an investment project are likely to conict. During the
interviews, the chairman provided us with a clear explanation of
the divergence between economic and social aims of investment
projects and how the bank manages these circumstances (as well
as handles the related risk):
We have to comply with the measures of a banks nancial
strength, based on the relationship between a nancial rms
core equity capital and total risk-weighted assets. In other
words, we must have a Tier 1 capital ratio of 8%. Occasionally
this generates some divergences between economic and social
purposes, as for example, when we provide funds to artisans.
As you probably know, this is a category of clients who belongs
to the non-bankable people to which credit is usually denied by
traditional large banks, as these occupations imply a high probability of default on the credit granted. Ignoring economic targets
and paying attention only to the social value of the investments
would lower our Tier 1 capital ratio, with negative consequences
on our economic results and regulatory restrictions. However,
we want to provide nance to artisans. . .we do it because this
is our mission and this is what the Neapolitan community is
expecting from us. This is our second priority in terms of purposes. Hence, we achieve both economic and social purposes by
balancing the risk of giving money to artisans with funding other
investments that are more safe and have a lower risk prole.
To reduce the overall exposure to risk, we also aim to increase
the number of our members/shareholders, thus increasing the

amount of capital, and consequently the Tier 1 capital ratio.
Once we claried how BCC di Napoli manages potential divergences between economic targets (which in some areas are
required by existing regulations) and value creation for the local
community, we asked for a broader explanation of the link between
economic and social objectives and the ERM process.
The strategic planner specied that the aspirations inherent in
the strategy-setting process need systematic implementation to
protect value for stakeholders and to manage (rather than minimise) the related risks faced by the bank. He claried during the
interview:
The point is that organisational purposes and risks are intertwined. One does not exist without the other and they must be
considered together. That consideration takes place throughout
our strategy formulation phase by identication of alternative
ways to pursue the identied objectives; this is most important
when strategy is being executed and monitored.
In this regard, the risk controller claries that achieving strategic
objectives and facing related risks also depends on determining
whether or not the risks are within the organisations risk appetite,
i.e. its willingness to accept risks. Conversely, any expression of risk
appetite must be preceded by the discussion of strategies and must
be linked to those objectives.
During the interviews, both the strategic planner and risk controller remarked that developing an appetite for risk is not an end
in and of itself, but a strategic tool for the pursuit of organisational
objectives, which are translated into day-to-day decision-making
processes. One of the main purposes of risk appetite is to provide the basis for further discussion of an organisations inclination
to face different kinds of risk when its objectives and strategies
change.
5.3. The operationalisation of the ERM system in BCC di Napoli
To fully embed the ERM system in BCC di Napoli, decision makers
must know what kinds of risk, and how much, is acceptable when
pursuing both economic and social objectives. The development of
a risk appetite framework for BCC di Napoli, which dates back to
2009, shapes the organisations ongoing attitude towards risk and
thus represents a strategic priority. The risk controller claries as
follows: We dene risk appetite as the amount and type of risk we
are willing to accept in the pursuit of our objectives, both economic
and social.
BCC di Napoli, along with other traditional large banks, has to
comply with the rules set out in the regulatory regime issued at
the European level (Basel II and Basel III, starting in 2013). This
regulatory regime provides a set of metrics that enter de jure into
the risk appetite statement, such as Tier 1 or total capital ratios.
Nevertheless, the relevant regulatory discipline for risk appetite
is Pillar 2 of the Basel II framework, which is made up by two
componentsthe internal capital adequacy assessment process
(ICAAP) and the supervisory review and evaluation process (SREP).
BCC di Napoli denes its risk appetite framework, which is in compliance with regulatory instructions, according to the following
structured approach:
Otherthese tend to be predominately qualitative in nature and

therefore require judgment in interpreting requirements and
assessing compliance. (Examples include maintaining compliance with legislative and regulatory requirements, and adhering
to privacy and information security regulations).
2) Establish and regularly conrm risk appetite, as dened by
drivers and self-imposed constraints to limit or otherwise inuence the amount of risk. Specically, drivers can be regarded as
objectives that imply risks, which BCC di Napoli must accept to
generate the desired nancial returns (Operational Plan, 2011).
On the other hand, self-imposed constraints represent quantitative and qualitative statements that restrict the amount of risk
BCC di Napoli is willing to accept. For each category of selfimposed constraints, BCC di Napoli has a set of quantitative
and qualitative key measures, which are regularly reviewed and
updated, and approved by the Risk Committee and the Board of
Directors. (Riskiness Measure Report, 2010).
3) Translate risk appetite into risk limits and tolerances that guide
BCC di Napoli in its risk-taking activities (Riskiness Measure
Report, 2010). Risk limits are quantiable levels of maximum
exposure that BCC di Napoli will accept, and are established only
for risks that are nancial and measurable, such as credit and
liquidity risk. Risk tolerances are qualitative statements about
BCC di Napolis willingness to accept risks that are not necessarily quantiable and apply to those risks for which BCC di Napoli
does not have direct control (such as legal and reputational risk).
The bank also communicates risk limits and tolerances through
policies, operating procedures and limit structures.
4) Regularly measure and evaluate the banks risk prole against
risk limits and tolerances, ensuring appropriate action is taken
in advance of risk prole surpassing risk appetite. (Operational
Plan, 2011).
BCC di Napolis risk appetite framework, which was developed
according to the regulatory requirements of the National Supervisory Authority (i.e., Banca dItalia), is still deeply shaped by the
banks ERM philosophy. This implies that the denition of risk
appetite in turn inuences (and benets from) the banks culture
and operating style. Although BCC di Napolis risk appetite relates
to the pursuit of its organisational objectives, which come from
the top, operational management may have implicit feelings and
beliefs about the organisations appetite for risk in practice, and
discussion of those feelings may lead to the development of a more
cohesive risk strategy.
As emphasised in an interview with its risk controller, BCC di
Napoli has an implicit and not formalised risk appetite, which is
embedded in its risk management culture, as well as in its direct
commitment to the social growth of the local region. About this,
the risk controller said:
Our risk appetite is dened by a formal framework developed in
our internal procedures and also incorporates a soft component,
related to our risk culture. We dont want to minimise all risks
that BCC could take in the future but we also want to assume and
manage as much as we can those risks that the bank must take
to meet its members needs as well as to sustain local growth.
1) Dene the risk capacity by identifying regulatory constraints

that restrict its capacity to accept risk (Strategic Plan, 2011). BCC
di Napolis regulatory constraints are classied as:
Once it has dened its risk appetite, BCC di Napoli identies

risks that may affect its banking activities. The interviews with the
risk controller and members of the Board of Directors claried that
risk identication includes both the existing and emerging risks. In
particular, the risk controller said:
Financialthese tend to be quantitative in nature and therefore

easier to interpret. (Capital ratios and liquidity metrics are examples of nancial regulatory constraints).
While some fear that the attempts to capture such risks, ambiguously dened emerging risks, may trap banks in a long series
of stress tests and scenario planning, we agree that a broader

Table 3
The main risks and responsibilities in BCC di Napoli.
Risk
Responsibility for the risk
Credit risk
Liquidity risk
Market risk
Compliance risk
Strategic risk
Concentration risk
Operational risk
Crime risk
Credit risk controllers
Compliance ofcer
General director and strategic planning
Concentration Risk Committee
Risk controller
Prevention of Crime Risks Committee
perspective on plausible risks, even if remote, could have a signicant systemic impact that would be highly benecial.
At the same time, risk identication in BCC di Napoli is an iterative process, which requires both a bottom-up and top-down
approach. On the one hand, the scenario analyses from both the
risk controller and the Board of Director, who have a more comprehensive view of BCC di Napolis activities, specify a plausible
range of risks that the bank has to take and, consequently, dene the
role and responsibilities for the management of each kind of risk.
On the other hand, the risk identication process in BCC di Napoli
also refers to the information provided by the credit risk controller,
the compliance ofcer, the Supervisory Committee and the Money
Laundering Committee. As emphasised by the chairman, Due to
their previous experience, executives bring more to the discussions. They make valuable observations particularly because they
sit on other boards and can bring different perspectives. All the
interviews conrmed that all people involved in the risk identication process are encouraged to be creative and communicative. The
following is a quote from the risk controller during one corporate
meeting:
There is no computer that can churn out a list of emerging
risks. We are a few people and we have a lot of ideas. All of
you may have an idea about the risks that may occur that we
havent thought about, or each of us [the risk controller and
the Board of Directors] may focus on the wrong things or miss
something small; other perspectives help highlight the risks of
todays bright ideas.
Table 3 shows the main risks that affect BCC di Napolis activities
and the organisational functions involved in the management of
those risks.
However, a further distinction should be highlighted in the
above categories. The management of some of the above risks is
mandatory, while the management of others is voluntary. According to European and Italian law, BCC di Napoli manages credit
risk, liquidity risk, market risk, compliance risk, strategic risk, concentration risk, strategic risk and operational risk. Each of these
risks is measured, monitored and managed by a specic organisational function/committee within BCC di Napoli. Although not
prescribed by law, BCC di Napoli also identies, measures, monitors
and manages crime risks through a specic committee. In general,
this category of risk encompasses a number of types of crime; however, BCC di Napoli considers only money laundering, bribery and
fraud risk management as relevant to its banking activities. Table 4

details the different varieties of risk that BCC di Napoli manages,
classied in terms of their likelihood and impact, which determines
how such risks are prioritised.
Credit risk and the liquidity risk are the most important risks
that BCC di Napoli has to manage, because its activities include providing loans to both members/shareholders and external clients.
However, concentration risk should be considered, due to the fact
that BCC di Napoli carries out its activity only in the Neapolitan
region. With reference to the operational risk, BCC di Napoli is a
young bank, and consequently, its procedural actions are still being
dened.
Furthermore, BCC di Napoli does not specically take market
risk into account, as it explicitly avoids investment in speculative
activities.
As for reputational risk, it concerns the potential for negative
publicity and, consequently, the potential damage to brand value
arising from the banks poor social and environmental practices,
including its association with socially and environmentally problematic projects or clients.
This means that BCCs social risks are those of their clients, which
are basically related to the disruption of operations, environmental
and legal issues, health and safety for workers, and market devaluation due to social or environmental liability.
The bank faces the risk of negligence in assessing the actual and
potential environmental risks of clients projects, liability for the
misrepresentation of environmental risks posed by their clients, or
as a direct responsibility in cases where the bank is the owner of
an enterprise that caused environmental or social problems. This
implies that a clients failure or lapse in handling social and environmental considerations and risks can hurt that clients business,
which can in turn hurt the bank that supported it, leading to a failure to achieve the strategic objectives (both economic and social)
previously identied.
Hence, to avoid the social risks, each investment project is
thoroughly assessed to ensure that its nancial and operational
sustainability are not undermined by any adverse impacts on the
environment and/or society.
BCC di Napoli is relatively safe from the crime risk, as its internal
procedures involve a complex set of controls intended to minimise
this risk.
5.4. The responsibility for Enterprise Risk Management in BCC di
Napoli
The risk controller is the coordinator of the ERM process and
ensures that all relevant internal procedures are observed by the
different functions. The risk management team within BCC di
Napoli receives a complex set of risk indicators monthly from each
of the different organisational functions involved in the management of the specic risks. Once the different reports are collected,
the risk management team aggregates the data into a dashboard
to generate a complete view of the overall risk exposure. Every
month (until 2013, every three months), the risk controller reports
the overall risk exposure to the Board of Directors. However, while
Table 4
Risks map of BCC di Napoli.
Likelihood
Impact
Incidental
Frequent
Likely
Possible
Unlikely
Rare
Minor
Moderate
Major
Credit risk
Market risk
Compliance risk
Crime risk
Reputational risk
Strategic risk
Concentration risk Operational risk

Liquidity risk
Extreme
10
the dashboard emphasises key risk indicators, it is only regarded as

a diagnostic control tool that scans for anything that might indicate
a potential problem.
In other words, the risk management process in BCC di Napoli
not only includes different quantitative tools and measurement
techniques (as required by law) to calculate and minimise those
risks that can be measured in numbers, i.e. hard risks, it also requires
active involvement. According to the risk controller,
We calculate hard risk ex ante and we allocate the regulatory
capital accordingly. We feel that the measurement of risks, no
matter how regular and detailed, cannot adequately reect the
risk exposure of the bank as a whole.
As discussed in the interviews with members of the risk management team, the ERM process in BCC di Napoli benets from the
active participation of all people who are involved in risk management activities at different levels of the organisations. Initially,
investment projects are screened by the preliminary ofce, which
is responsible for the assessment of legal and procedural aspects,
which are then assessed by the risk controller and, nally, are
approved or rejected by the Board of Directors. What emerges is
that, in addition to the inclusion of all employees within the organisation, the risk management process is grounded in at least three
lines of screening, i.e. the preliminary ofce, the risk controller and
the Board of Directors. The chairman described the importance of
this:
This allow us to ensure that the roles and responsibilities for
the risk management in BCC di Napoli are effectively shared
within our organisation but, at the same time, are formally and
informally governed so that no one process could be managed
by a single person/function. This eliminates the possibility for
one element to have so much power as to bypass both formal
and informal controls, in such a way that places individual needs
over those of the bank as a whole.
In BCC di Napoli, people are actively involved in risk management processes; they are not merely compliant with procedures.
Instead, they point out any situations not covered by the procedures and take note when anomalies occur. On the other hand, the
personal commitment of different risk experts is crucial because it
is on the basis of the alerts provided by the different functions that
the risk controller decides how the bank should operate in specic
circumstances.
Also, the ERM process is mainly informed by the personal background of the people who are involved in the process, especially in
the evaluation of qualitative data that cannot be reduced to numbers, which is called soft information in BCC di Napoli. In this regard,
the risk controller said:
We meet monthly to assess non-measurable and nonquantiable risks. We also have frequent informal discussions
on external events that may potentially impact our performance. We have recently recognised that such an approach
could make the bank relatively safe because it reduces surprises;
however, it is impossible for us to predict the future or anticipate
catastrophic circumstances. But, anyway, no one can!
The risk controller recognised that the active involvement of all
employees, their previous experience and their direct commitment
to BCC di Napolis aims are the most important tools for managing
operational risk:
My experience suggests that in most of the cases, operational
risk is related to human behaviour and the ability to learn from
previous mistakes. In my opinion, these are the most important drivers that ensure the effectiveness of an ongoing risk
management process.
5.5. Credit risk management in BCC di Napoli

The most important risk for BCC di Napoli is credit risk. The
credit risk ofcers calculate quantitative risk indicators for each of
the major lending areas and aggregate them into an overall risk
of the credit portfolio, which is in a detailed report and submitted
to the chief credit ofcer. During the interviews, the chief credit
ofcer emphasised that, despite the role of regulation in dening
the risk management practices and procedures that BCC di Napoli
is required to comply with,
the difference between BCC di Napoli and the other traditional
large banks is that the management of credit risk goes beyond
how to secure our (the banks) money and aims to evaluate
whether or not we are going to provide funding with social value
in our region. To this end, the credit risk management process
in BCC di Napoli has some particularities related to the purposes
we want to achieve.
These peculiarities relate to the credit risk assessment process;
one is the fact that BCC di Napoli screens both nancial and nonnancial aspects of investment projects. The rst step in the risk
assessment process veries whether the project is consistent with
the banks risk appetite and evaluates its economic protability in
terms of risk-return ratios. To this end, the personal and nancial
guarantees that a client is able to provide play an important role
(Internal Procedure on Lending Process, 2010). However, to assess
the risk of each loan, BCC di Napoli also considers additional information, including the reputation and integrity of the entrepreneur
and the trust relationship with the bank, as well as an evaluation of
the environmental, occupational and cultural benets of the project
for the Neapolitan region. Both the risk manager and the credit risk
controller give great importance to the role of qualitative information in assessing the risk of each loan. Indeed, the risk controller
emphasised the particular role of such information, which in the
view of BCC di Napoli, can be regarded as a sort of additional guarantee. More specically, the credit risk controller said:
Additional information on the entrepreneur (including his or her
reputation, legal position and objectives for economic activity)
is crucial. We of course need traditional nancial guarantees, but
this additional information allows us to assess the social relevance of our investments for the local area. Such information
is additional because large banks usually do not pay attention
to such dimensions; however, given our mission, we do not
consider it to be secondary or minor.
In this regard, due to the fact that BCC di Napolis activity is based
on long-term trust relationships between itself and its clients, management benets from a high level of information.
As there are no standard procedures related to the evaluation
of information falling into the category of additional guarantees,
responsibility falls to the chairman and the Board of Directors. As
the chairman and the Board of Directors are responsible for the
achievement of BCC di Napolis social purposes, they are actively
involved in the evaluation of investment projects to ensure that
the bank puts money into projects that have social value for the
local community. However, to remain aware of non-quantiable
risks, they rely on the experience-based judgment of the risk controller, who is also involved in the selection of investment projects.
BCC di Napoli also benets from the knowledge and experience of
the people involved in risk management at different levels, who
contribute to BCC di Napolis strategic choices. A member of the
Board of Directors provided an example of this:
Last year, we had to decide whether or not to give money to a
rm that operates a plastic recycling business, a business that
in our region is often controlled by criminal organisations (i.e.,
Camorra). The chairman, the Board of Directors, the general

director, the Prevention of Crime Risks Committee, the risk controller and the chief credit ofcer were called to evaluate the
proposal. Thanks to their personal relationship, one member of
the Prevention of Crime Risks Committee provided more personal information about the entrepreneur, giving more details
about his moral conduct and responsiveness in doing business.
This member also referred to some public information that we
had previously ignored. In the end, we required more information from the entrepreneur and nally put money into his
project. At the end of the year, this rm was proclaimed by the
Italian Environmental Association as a benchmark for rms that
operate in the plastic recycling business.
However, the Board of Directors is involved in the evaluation of
every project, even small loans. Although the internal procedure on
lending process (2010) states that the Board of Directors authorises the head of the branch to grant loans up to the amount of
2000D , after the proper evaluation of the credit risk controller.
For his part, the credit risk controller claried that, apart from
the formal administrative procedure, the lending process for small
loans is exactly the same as for larger loans in terms of the evaluation of both nancial and social aspects as well as the additional
information required. Also, although members of the Board are not
responsible for checking the box for the grant of a loan, the credit
risk controller usually evaluates small loans with the chairman or
another member of the Board. In this regard, he claried as follows:
We are conscious of the deep-seated problems of crime that
have plagued Naples for years. This is one of the main threats
for our activity. Our unique way to moderate the related danger is being transparent with clients, members and above all, in
aspects of our internal processes.
The interview with the head of the branch conrmed that the
activities related to the funding of small loans are not carried out
only at the lower level of the bank; he provided an example of four
requests for funding received in 2010 (from 1500D to 2000D ) from
two young local rms operating in the clothing industry:
Such rms provided patrimonial collateral, but they were not
willing to give detailed information about the destination of the
money. I personally had a chat with all of them to understand
their purposes, but they endured in their vagueness and I, in
agreement with one member of the Board of Directors, decided
to not fund them. Two weeks later, the newspaper showed a
number of criminal actions related to specic criminal organisations. Does this suggest something? . . . We will never know
but . . . Im very happy with how our bank makes decisions.
The above example also highlights another peculiarity of the
ERM process in BCC di Napoli, which concerns the credit monitoring process. BCC di Napoli monitors the destination of the funding
once a loan is granted to ensure that the money is actually invested
in projects with social purposes. The chairman explained that to
monitor the destination of the funding provided by BCC, the bank
not only provides nance, but is actively involved in project design
as well as in the implementation of the projects that the community
needs to grow. Additionally, each member of the Board of Directors emphasised that if the project is relevant for the sustainable
development of the community, BCC di Napoli is willing to accept
delays in payment due to temporary difculties for its clients. This
was conrmed by one of BCC di Napolis clients who said that BCC
does not modify the interest rate for the loan granted.
To promote local growth, BCC di Napoli has recently issued
D 2000,000 in three-year bonds, which can only be purchased by
people from Naples. These bonds are to be used only within the
Neapolitan community, and they are primarily intended to fund
11
small businesses, artisans and start-ups in the Neapolitan area.

According to the chairman, we will be more accountable and we
will provide the community with information on our website about
the customers well give the money to. They will be clean businesses, young people who have business ideas but, unfortunately,
nd the doors of nance closed. BCC di Napoli also devotes a portion of its earnings to charitable causes that are not strictly related
to BCC di Napolis banking activities, including health, education,
environmental protection, employment and reduction of the black
economy. In this regard, although BCC di Napoli is required by law
to comply with the duty of benecence, the bank does not spend
only the required minimum on charity purposes. Its goal is to trigger a virtuous circle whereby the citizens of Naples invest in BCC
di Napoli, which then nances local companies, and the benets
come back to the city in the form of local development and jobs.
5.6. The role of BCC di Napolis professional network

BCC di Napolis ERM system benets from the control activities
of the internal audit function as well as from the supervision of
the external audit for credit cooperative banks. Such activities are
carried out at the network level, with the aim to ensure that all
cooperative banks operate in line with the driving principles of the
Italian Cooperative Network, to achieve both economic and social
purposes.
The internal audit function of all the banks within the network
of cooperative banks (including BCC di Napoli) is outsourced at the
regional level. However, Federcasse, the Italian federation for credit
cooperative banks, allows for procedures, timing and types of control to be customised in ways that take into account the specic
characteristics of each bank.
To elaborate, the internal audit function evaluates BCC di
Napolis ERM system through both external controls and activities
in loco. The former consist of processing data from the quarterly
supervisory reports on risk management, while the latter relates
to assistance given to the management and the Board in drafting
internal rules and procedures. In particular, as a result of meetings
in loco and accurate analysis of nancial statements and internal documents, the internal audit function denes a preliminary
audit process for BCC di Napoli. This function analyses the different
risks identied by management, focusing on the different tools and
techniques for controlling and managing the hard risks, thus quantifying a score for residual risk. After a discussion with the Board of
Directors and the risk controller, a master plan is prepared, which
indicates priorities for action. The following quote from the risk
controller provides an overall picture of the role of the internal
audit function from the broader perspective of its role within the
network of cooperative banks:
The internal audit activities are not properly outsourced, as they
are carried out outside the bank but inside the network of cooperative banks, on the basis of specic standards for such banks.
However, although the standards are specic for cooperative
banks, as they take into account the social purposes that all
BCCs (and BCC di Napoli) aim to achieve, last year they obtained
certication of alignment to the international standards for professional audits.
Hence, thanks to the network of cooperative banks, BCC di
Napoli integrates economic constraints with social purpose, as
characterised by a exible organisational structure with features of
traditional large banks. On the one hand, the internal audit serves
to orient BCC di Napoli to the ERM process to achieve economic
and social purposes. On the other hand, it provides an additional
element of transparency for its clients, as it is compliant with international standards.
12
In addition, to ensure the effectiveness of its ERM system, BCC

has opted for a voluntary external audit provided by PricewaterhouseCoopers (and Deloitte, starting with the 2012 nancial
statement). This represents a further attempt to be transparent and
accountable to the local community, the goal of which is to attract
new members/shareholders to BCC di Napolis network through
the legitimisation of its activities and high reputation within the
Neapolitan community.
BCC di Napoli also benets from the external audit specically
for credit cooperative banks provided by Federcasse. This audit
activity is a different form of control, which aims to ensure that
there is no speculation and that banking activities are carried out
in accordance with the mutuality principle. Thus, the external audit
aims to ensure the BCC di Napolis ERM system enhances its effectiveness in helping to meet its duality of purpose.
6. Discussion
This section discusses how an ERM system can help organisations that aim to achieve a duality of purpose (both economic
and social). To this end, we are going to answer the key research
questions by elaborating on the case study analysis and combining
the peculiarities of the business model of credit cooperative banks
developed in Section 2 with the ERM issues dened by the existing
literature in Section 3.
Existing literature (e.g. Arena et al., 2010) has shown that ERM is
not a standardised process; rather, it represents a context-specic
system, which differs from rm to rm and needs to be embedded
in organisational values, structure and purposes. Accordingly, the
rst research question pertains the way in which credit cooperative
banks operationalise ERM. The case study elucidates that BCC di
Napolis ERM system is operationalised through a twofold order of
activities, which are performed jointly.
The rst order of activities refers to the specic set of metrics
that enter de jure into the risk management system of all banks
(i.e. Tier 1, total capital ratios, the internal capital adequacy assessment process (ICAAP) and the supervisory review and evaluation
process), according to the regulatory regime issued at the European level (Basel III). Hence, BCCs, along with other traditional large
banks, manage their risk through a systematic process that denes
their objectives according to their risk appetite, identies risks, and
monitors and controls all the risks that may impact their banking
activities, using different risk measures and indices.
This case study also shows that the operationalisation of the
ERM process is built within the business model of credit cooperative institutions, which benet from the ethos of proximity to their
borrowers and by the access to local information that this proximity implies. In fact, the ERM process encompasses a different
order of activities based mainly on human behaviour in, for example, the collection and analysis of soft information about clients
values and their purposes for each investment project. In addition, there are formal and informal discussions between employees
about the risks and the trust relationships between the banks
members/shareholders and external clients. In so doing, the bank
facilitates access to nance for local rms (including start-ups),
artisans, and those entrepreneurs who may not in practice have
access to loans from other banks. The above-mentioned activities
are not prescribed by law and they go beyond what is required
by the internal procedures about risk management. Such activities
are exclusively related to the internal environment, which is permeated by the commitment of all individuals to the social purposes
that the bank aims to achieve.
Considering the operationalisation of the holistic system for risk
management in BCC di Napoli enables us to answer the second
research questionhow the governance structure of credit coop-
erative banks shapes ERM. Many researchers (Paape and Spekl,

2012; Demidenko and McNutt, 2010; Beasley et al., 2008; Nocco
and Stulz, 2006; Liebenberg and Hoyt, 2003; Lam 2011), semiregulatory bodies (Casualty Actuarial SocietyEnterprise Risk
Management Committee, 2003; COSO, 2004) and several professional associations (The Institute of Risk Management, 2015;
The Institute of Internal Auditors, 2009; The Global Association
of Risk Professionals, 2008) have examined ERM from a governance perspective. Most of them (Beasley et al., 2008; COSO, 2004;
Liebenberg and Hoyt, 2003; Lam, 2011), in studying the effectiveness of risk management systems, have suggested the introduction
of standardised governance models and the appointment of specic
members of the senior management team to embed risk strategy
throughout the enterprise, as well as to oversee the ERM process.
It is well known that the business model of credit cooperative
banks is based on a lean governance structure (Tarantola, 2009),
with restricted numbers of employees to minimise costs. Such
banks do not have numerous personnel at the senior management
level and as such, often do not appoint specic members to manage risks in complex organisational functions (i.e. chief risk ofcer
or chief nancial ofcer), as is suggested by recent literature and
semi-regulatory bodies. However, credit cooperative banks are still
able to implement effective ERM processes through the active participation of all people involved in risk management activities at
different levels of the organisation.
In BCC di Napoli, the Board of Directors is responsible for dening both the economic and social objectives of the bank and is also
actively involved in the evaluation of investment projects, including small loans. Moreover, at the executive level, the employees
involved in risk management provide information as it relates to
their specic functions and also about activities that go beyond
their own work. Because of the importance of experience to risk
management, employees personal commitment to the banks purposes, their knowledge about the local region and, sometimes, their
personal relationships with the clients, they are encouraged to
participate in risk identication, as well as the different phases
of the risk management process. The risk controller coordinates
the process by ensuring that information ows both bottom-up
and top-down between the Board of Directors and the executive
level, and more generally acts as a trait dunion by monitoring all
the information that is diffused and shared between different risk
management functions. However, the risk controller is not only
responsible for overseeing the ERM process but is actively involved
in the process, as he also helps the Board of Directors select investment projects. Hence, the organisational structure of the credit
cooperative bank, which relies on the direct commitment of all
members, shapes its ERM practices in terms of roles and responsibilities that are less structured, less formalised but, as they are
allocated either implicitly or explicitly between all people involved
in risk management, much more embedded within the bank itself.
Moreover, the fact that all people within the organisation share
banks purposes serves to support and sustain the effectiveness of
the risk management process.
To answer the third research question, we clarify how ERM
allows credit cooperative banks to achieve their performance, both
economic and social. The holistic system for risk management,
which is fully embedded throughout the organisation, allows such
banks to achieve their economic and social aims. An ERM system
helps cooperative banks to dene objectives that are consistent
with their risk appetite, using not only nancial measures and
sophisticated techniques but also considering important soft information, which helps to dene the projects such banks are prepared
to fund. In doing so, the ERM system is able to help cooperative
banks meet their economic purpose.
The ERM process in credit cooperative banks is aided by the
active role played by the BCC network. Indeed, most local banks
outsource certain functions to the network so that they may benet from economies of scale that each of them is too small to
generate internally. In this way, the network reduces the costs
of banking activities, thus positively contributing to the economic
performance of each bank. Moreover, belonging to a credible network reduces the problem of the brand of a cooperative bank,
because it implies the effective mutuality of the system, which
increases consumer condence. In this way, cooperation at the network level stimulates each banks economic returns and growth of
social value.
Taking these considerations into account in our analysis, we can
extrapolate some lessons about how the ERM process helps organisations to achieve both economic and social ends. It is well known
that, for all organisations, an ERM system begins with setting clear
objectives. According to the business model of credit cooperative
banks, the interests of all members are of main concern, rather than
external shareholders, because the focus is to maximise benets to
members (which are not necessarily economic in nature) rather
than to maximise short-term shareholder value. This implies that
in the credit cooperative banking system, objective identication
includes two dimensionseconomic and social, which are the two
elements in such banks duality of purpose.
In this specic organisational context, the ERM process takes
into account (and is directed by) the interests of all stakeholders,
both internal and external, who dene the social purposes of the
bank. It also attempts to manage risks in such a way that considers the needs of all stakeholders without automatically prioritising
one over another. In this way, ERM helps such banks to grow the
local community as a whole. However, as with all banks (irrespective of their capital structure), cooperative banks do need to earn a
minimum rate of return on capital to grow their business.
Literature and practice recognise that, for an effective ERM system, strategy and risk appetite must be aligned. In other words,
management should consider the entitys risk appetite in evaluating strategic alternatives, setting related objectives and developing
mechanisms to manage related risks. What emerged from our study
is that the ERM system that developed in this credit cooperative
bank is informed by a risk appetite that draws on preliminary analyses, in addition to traditional economic and nancial ones, to assess
all aspects of risk.
ERM is a process that permeates the organisation, encompassing all of its different functions, thus integrating ERM strategy
with leadership from the Board of Directors. The recent literature highlights the synergies between corporate governance and
ERM that are often achieved through organisational culture. Crossfunctional cooperation, open communication across a network and
willingness to take risks can be integrated throughout the whole
organisational structure to ensure effective governance. The aforementioned aspects represent some of the main characteristics of
cooperative banks business model that inuence ERM implementation. Hence, the ERM process in credit cooperative banks relies on
(and benets from) the active participation of employees in dening practice and rules before they are implemented, so as to create
a shared holistic culture of risk management. This integrates an
organisations behavioural norms and traditions with the ways in
which they identify, understand, discuss and act on risks.
It is well acknowledged that a holistic system for risk management has to consider both nancial and non-nancial risks,
including those aspects that are non-quantiable. A particular feature of credit cooperative banks is their strong local presence and
the proximity to clients, which allows them to have a more comprehensive understanding of the needs and overall risk prole of
their customers (including additional guarantees), so as to mitigate
asymmetric information. By performing a complete evaluation of
each specic investment project and balancing between different
risk factors, the ERM process allows credit cooperative banks to give
13
money to people to whom credit is often denied due to their lack of

nancial guarantees. In this way, such members of the community
are no longer excluded from the nancial system.
As a result of our analysis, we argue that BCCs ERM system
works as a holistic system that helps these organisations during each step of their activity in identifying the potential tension
between economic and social purposes that may arise from banking
operations. On the one hand, the ERM system avoids diminishing
economic performance by highlighting the social risks that exceed
its risk appetite. On the other hand, it ensures that each organisation
does not take nancial risks in such a way that might compromise the achievement of social performance. In these cases, BCCs
ERM system suggests corrections to the procedures adopted by the
bank, re-directs the denition of banking objectives, and denitively allows the bank to balance both its economic and its social
riskiness.
BCCs ERM system relies on the three key principles of ethical
banks, which all contribute to dening the architecture of the ERM
system. BCCs ERM is conceived to ensure the banks responsibility
for decision making regarding the placement of assets as well as
the nal destination of deposited funds, so as to avoid the risk
that investments do not satisfy the interests of both shareholders
and depositors (afnity principle). BCCs ERM system, taking into
account social riskiness, allows the bank to make investments
choices in accordance with the mission of promoting local territories and also encourages the bank to be accountable for the
effects of its activities on the local community (responsibility
principle). Further, BCCs ERM jointly monitors the effects of social
performance on the economic targets, helps the bank to perform
its activity through a close proximity to customers, and avoids
nancial exclusion, which often impacts immigrants, women, and
the very young and very old people to whom credit is usually
denied (integrity principle).
Moreover, the operationalisation of BCCs ERM system
designed according to the key principles of ethical banks is also
practically shaped by the four distinguishing features of cooperative banks (mutuality principle, membership concept, democratic
principle, and network cooperation) in terms of what services should
be offered to which clients, stakeholder commitment within and
beyond the specic organisation, formal and informal procedures
shared within the company, and collaboration with other companies belonging to the network, thus tapping into both nancial
resources and technical assistance.
The ERM process helps credit cooperative banks to manage their
risks by considering social development as an end rather than a
means to achieve their economic purpose. The ERM process enables
credit cooperative banks to pursue their social purposes and also
observe their duty of benecence, as required by law. In other
words, ERM systems can be regarded as a tool that assists rms
to protect shareholder value and also increase bottom-line profitability.
7. Conclusions
The aim of this paper is to explore how the implementation
of ERM practices helps dual-purpose organisations, which aim to
achieve both economic targets and social value, deal with risk. To
this end, we chose to consider credit cooperative banks because
recent studies dene such organisations as ethical banks (San-Jose
et al., 2011), which do just that. The results of our analysis elaborate
upon the peculiarities of how a holistic system for risk management works in a specic organisational context, BCC di Napoli, from
which lessons about ERM systems in dual-purpose organisations
are extrapolated.
This paper contributes to the literature in many ways. It
addresses the existing lack of evidence about how ERM systems
14
work within organisations that aim to achieve both economic profitability and social value. Through an in-depth description of a
credit cooperative bank, this study claries how a specic set of
ERM practices enables organisations to balance and manage the
risks associated with its duality of purpose so as to add value to
stakeholders. This study also enriches literature on ethical banks by
providing an in-depth description of how such banks deal with risk
in practice, with particular reference to issues of nancial exclusion.
In demonstrating how ERM systems help credit cooperative
banks to achieve their economic and social purposes, this research
suggests important practical implications for banks in many countries that want to promote economic growth in local territories.
What emerges from the case analysis is a way forward to a different set of practices that allow such banks banks that frequently
deal with subjects and rms that are more risky than those that
the large commercial banks are prepared to fund to handle riskiness in a fashion not solely designed to increase their nancial
results. Indeed, by performing the proper identication, measurement, monitoring, and control of risks other than the traditional
ones, as well as jointly considering them, they are able to prevent
and/or mitigate all events that might have a negative effect on their
economic prot, as well as causing a detriment to the local community. In so doing, by reducing the probability of failing to reach the
economic targets and as a means of realising the ultimate social
purposes, these banks may achieve higher added social value for
stakeholders.
From this perspective, this research is of interest not only to
other credit cooperative banks, but also to many other types of
socially-oriented businesses. Although such organisations are typically small and have highly localised impacts on society, they are
numerous and many of them would benet from understanding
how a cooperative bank manages risk. In following this approach
to operationalising ERM practices, other businesses could explicitly
acknowledge the social value of their activities, thereby balancing
their advantages and their related risks in such a way as to select
and promote those activities that create higher benets for the local
community. This research, in elucidating how a lean governance
structure shapes ERM, suggests to social-oriented organisations
a way of enhancing the governance of risk through the effective
participation of all people involved in risk management activities
at different levels of the organisations. Moreover, the study sheds
light on the need for formal and informal information ows, both
bottom-up and top-down throughout the rms, which enable a
shared culture of risk management.
In this way, this research also provides a possible solution to the
inefciencies inherent in conventional risk management systems
adopted by traditional nancial and non-nancial institution, as
revealed by the recent nancial crisis.
This paper focuses on credit cooperative banks as ethical banks.
It would be interesting for future research to explore how ERM
could help other kinds of banks (i.e. not specically ethical banks)
achieve their social purposes as well. Also, because recent literature
has noted a lack of research on issues related to micro companies,
the black economy and groups excluded from the traditional nancial system, further research could investigate how ERM practices
could support organisations operating in the area of micronance.
Acknowledgements
The Authors would like to acknowledge for the comments
on earlier version of this paper received from Professor Robert
W. Scapens (University of Manchester) and want to give him
special thanks. The Authors are really grateful to the advices
received during the 10th Interdisciplinary Perspective on Accounting Conference (Cardiff, 1113 July, 2012), and during the 5th
European Risk Research Network Conference (Luxemburg, 1314

September, 2012), and acknowledge the feedback gathered during
the 6th European Risk Research Network Conference (Naples,
56 September, 2014). The Authors also wish to thank Professor
Jane Broadbent and Professor Richard Laughlin for their valuable advices, and the anonymous referees for their important
suggestions.
References
Ahrens, T., Chapman, C.S., 2007. Management accounting as practice. Account.
Organ. Soc. 32 (12), 531.
Anthony, R.N., 1965. Planning and Control Systems: Framework for Analysis.
Graduate School of Business Administration, Boston.
Arena, M., Arnaboldi, M., Azzone, G., 2010. The organisational dynamics of
enterprise risk management, accounting. Organ. Soc. 35 (7), 659675.
Arena, M., Arnaboldi, M., Azzone, G., 2011. Is enterprise risk management real? J.
Risk Res. 14 (7), 779797.
Arnaboldi, M., Lapsley, I., 2011, Enterprise risk management and budgetary
control: a management challenge, Chartered Institute of Management
Accountants, Research executive summary series, 7, 6, 1-5.
Ayadi, R., Llewellyn, D.T., Reinhard, S.H., Emrah, A., Willem, P., 2010. Investigating
Diversity in the Banking Sector in Europe: Key Developments, Performance
and Role of Cooperative Banks. CEPS Paperbacks http://ssrn.com/
abstract=1677335.
Baker, T., 2004. Risk, insurance, and the social construction of responsibility. In:
Baker, T., Simon, J. (Eds.), Embracing Risk. University of Chicago Press, Chicago.
Barbu, T., Vintila, G., 2007. The emergence of ethic banks and social responsibility
in nancing local development. Theoretical Appl. Econ. 12, 2934.
Beasley, M.S., Clune, R., Hermanson, D.R., 2005. Enterprise risk management: an
empirical analysis of factors associated with the extent of implementation. J.
Account. Public Policy 24, 521531.
Beasley, M., Pagach, D., Warr, R., 2008. Information conveyed in hiring
announcements of senior executives overseeing enterprise-wide risk
management processes. J. Account. Auditing Finance 23, 311332.
Busco, C., Riccaboni, A., Scapens, R.W., 2006. Trust for accounting and accounting
for trust. Manage. Account. Res. 17 (1), 1141.
Buttle, M., 2007. Im not in it for the money: constructing and mediating ethical
reconnections in UK social banking. Geoforum 38 (2), 10761088.
Committee of Sponsoring Organisations of the Treadway Commission (COSO),
2004. Enterprise risk managementIntegrated Framework, Executive
Summary & Framework.
2013. Integrating the triple bottom line into an enterprise risk management
program, Ernst&Young.
2014. Improving Organisational Performance and Governance.
Caldarelli, A., Fiondella, C., Maffei, M., Span, R., Zagaria, C., 2011. Ethics in risk
management practices: insights from the Italian mutual credit cooperative
banks. J. Co-op. Account. Report. 1 (1), 518.
Casualty Actuarial SocietyEnterprise risk management Committee, 2003.
Overview of Enterprise risk management,.
Catturi, G., 2007. La valorialit aziendale. Cedam, Padova.
Christensen, J.H.E., Hansen, E., Lando, D., 2004. Condence sets for continuous-time
rating transition probabilities. J. Bank. Finance 28 (11), 25752602.
Collier, P., 2009. Accounting for Managers: Interpreting Accounting Information for
Decision-Making, Third ed. John Wiley & Sons, Chichester.
Cowton, C., Thompson, P., 2001. Financing the social economy: a case study of
Triodos Bank. Int. J. Nonprot Voluntary Sector Mark. 6 (2), 145155.
Cowton, C., 2010. Banking. In: Kolb, R.W. (Ed.), Finance Ethics: Critical Issues in
Theory and Practice. John Wiley & Sons, Chichester, pp. 325337.
Davis, P., Worthington, S., 1993. Cooperative values: change and continuity in
capital accumulationthe case of the British Cooperative Bank. J. Bus. Ethics 12
(11), 849859.
De Clerck, F., 2010. Ethical banking. Netw. Soc. Finance, 1632.
De Graaf, G., 2006. Discourse and descriptive business ethics. Bus. Ethics 15,
246258.
De la Cuesta-Gonzlez, M., Munz-Torres, M.J., Fernndez-Izquierdo, M.A., 2006.
Analysis of social performance in the Spanish nancial industry through public
data. A proposal. J. Bus. Ethics 69 (3), 289304.
Demidenko, E., McNutt, P., 2010. The ethics of enterprise risk management as a key
component of corporate governance. Int. J. Soc. Econ. 37 (10),
802815.
European Commission, 2011. A Renewed EU Strategy 20112014 for Corporate
Social Responsibility, Communication from the commission to the European
Parliament, the Council. The European Economic and Social Committee and the
Committee of the Regions, Bruxelles, 25/10/2011.
Financial Reporting Council (FRC), 2005. Internal Control: Guidance for Directors
on the Combined Code, available at www.frc.org.uk/corporate/internalcontrol.
cfm.
Fraser, I., Henry, W., 2007. Embedding risk management: structures and
approaches, managerial. Auditing J. 22 (4), 392409.

Fraser, I., Simkins, B.J., 2010. Enterprise Risk Management: Todays Leading
Research and Best Practices for Tomorrow Executive. John Wiley and Sons,
Hoboken, NJ.
Frigo, L.M., Anderson, R.J., 2011. Strategic risk management: a foundation for
improving enterprise risk management and governance. J. Corporate Account.
Finance, 8188.
Gordon, L.A., Loeb, M.P., Tseng, C.Y., 2009. Enterprise risk management and rm
performance: a contingency perspective. J. Account. Public Policy 28 (4),
301327.
Groeneveld, J.M., De Vries, Y.B., 2009. European Co-operative Banks: First Lessons
From the Subprime Crisis. Working Paper Economic Research Department,
Nederland.
Harner, M., 2010. Ignoring the writing on the wall: the role of enterprise risk
management in the economic crisis. J. Bus. Technol. Law, 4558.
Hoyt, R.E., Liebenberg, A.P., 2011. The value of enterprise risk management:
evidence from the U.S. insurance industry. J. Risk Insurance 78 (4), 795822.
International Finance Corporation, 2007. Financing Environmental and Social
Opportunities in Emerging Markets, www.ifc.org.
ISTAT, 2012. Annuario Statistico Italiano 2011, Roma.
Kay, A., 2006. Social capital, the social economy and community development.
Community Dev. J. 41 (2), 160173.
Kimbrough, R.L., Componation, P.J., 2009. The relationship between organisational
culture and enterprise risk management. Eng. Manage. J. 21 (2), 1827.
Lam, J., 2001. The CRO is here to stay. Risk Manage. 48 (4), 1620.
Landsman, W.R., Peasnell, K.V., 2013. The changing landscape of banking and the
challenges it poses for accounting and nancial reporting. Account. Horiz. 27
(4), 757773.
Liebenberg, A.P., Hoyt, R.E., 2003. Determinants of enterprise risk management:
evidence from the appointment of chief risk ofcers. Risk Manage. Insurance
Rev. 6 (1), 3752.
Linsley, P.M., Shrives, P.J., 2006. Risk reporting: a study of risk disclosures in the
annual reports of UK companies. Br. Account. Rev. 38 (4), 387404.
Lundqvist, S.M., 2014. An exploratory study of enterprise risk management pillars
of ERM. J. Account. Auditing Finance 29, 393429.
Magnan, M., Markian, G., 2011. Accounting, governance and the crisis: is risk the
missing link? Eur. Account. Rev. 20 (2), 215231.
Martin, D., Power, M., 2007. The End of Enterprise Risk Management.
Aei-Brookings Joint Center for Regulatory Studies.
McShane, M.K., Nair, A., Rustambekov, E., 2011. Does enterprise risk management
increase rm value? J. Account. Auditing Finance 26 (4), 641658.
Mikes, A., 2009. Risk management and calculative cultures. Manage. Account. Res.
20 (1), 1840.
Mikes, A., 2011. From counting risk to making risk count: boundary-work in risk
management. Account. Organ. Soc. 36 (45), 226245.
15
Milano, R., 2010, Ethical Finance in Europe Following the Basel II Agreements 21,
1725.
Moeller, R.R., 2007. COSO Enterprise Risk Management: Understanding the New
Integrated Erm Framework. John Wiley & Sons, Hoboken, New Jersey.
Nocco, B.W., Stulz, R.M., 2006. Enterprise risk management: theory and practice. J.
Appl. Corporate Finance 18 (4), 820.
Otley, D.T., Berry, A.J., 1994. Case study research in management accounting and
control. Manage. Account. Res. 5 (1), 4565.
Paape, L., Spekl, R.F., 2012. The adoption and design of enterprise risk
management practices: an empirical study. Eur. Account. Rev. 21 (3), 533564.
Potito, L., 2014. Economia Aziendale. Giappichelli, Torino, 13 pp.
Power, M., 2007. Organized Uncertainty: Designing a World of Risk Management.
Oxford University Press.
Power, M., 2009. The risk management of nothing. Account. Organ. Soc. 34 (67),
849855.
San-Jose, L., Retolaza, J.L., Gutierrez-Goiria, J., 2011. Are ethical banks different? J.
Bus. Ethics 100 (1), 152173.
Scapens, R.W., 1990. Researching management accounting practice: the role of
case study methods. Br. Account. Rev. 22 (3), 259281.
Scholtens, B., 2006. Finance as a driver of corporate social responsibility. J. Bus.
Ethics 68 (1), 1933.
Soin, K., Collier, P., 2013. Risk and risk management in management accounting
and control. Manage. Account. Res. 24 (2), 8287.
Spira, L.F., Page, M., 2003. Risk management: the reinvention of internal control
and the changing role of internal audit. Account. Auditing Account. J. 16 (4),
640661.
Tarantola, A.M, 2009. Cooperative banks and competition: local vocation and
governance issues, address by the Deputy Director General of the Bank of Italy.
Tekathen, M., Dechow, N., 2013. Enterprise risk management and continuous
re-alignment in the pursuit of accountability: a German case. Manage.
Account. Res. 24 (2), 100121.
Testo Unico Bancario, D.Lgs. 1 settembre 1993, amended 2007.
Vigan, D., Nicolai, D., 2006. CSR in the European banking sector: evidence from a
sector survey, A Research Project within the EUs Sixth Framework
Programme, Working Paper.
Wahlstrm, G., 2009. Risk management versus operational action: Basel II in a
Swedish context. Manage. Account. Res. 20 (1), 5368.
Weitzner, D., Darroch, J., 2010. The limits of strategic rationality: ethics, enterprise
risk management, and governance. J. Bus. Ethics 92 (3), 361372.
Woods, M., 2009. A contingency perspective on the risk management control
system within Birmingham City Council. Manage. Account. Res. 20 (1), 6981.

Managing Risk in Credit Cooperative Banks: Lessons From A Case Studyadele

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Managing Risk in Credit Cooperative Banks: Lessons From A Case Studyadele

Uploaded by

Copyright:

Available Formats

Management Accounting Research 32 (2016) 115

Contents lists available at ScienceDirect

Management Accounting Research

Managing risk in credit cooperative banks: Lessons from a case study

risk events, including nancial and non-nancial ones, to minimise

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

Commission, 2011; Scholtens, 2006; De la Cuesta-Gonzlez et al.,

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

training, accounting, marketing, product development and representation).

3. Enterprise Risk Management literature: emerging issues

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

principals (i.e. stakeholders) interests are met by the diligent and

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

Chairman and Board of Directors

stakeholders. However, these interviews did permit us to obtain a

Collecting and analysing evidence in this way allowed us to

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

Regulation of credit cooperation

Strategic plans (20092015)

tem, thanks to the role of the network, combines the traditional

5.2. Mission and objectives

who typically maintain long-term trusting relationships with the

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

Local rms (including start-ups)

For the sake of clarity, the ten above-mentioned headings are

This bank has just one branch, which is located in Naples.

productive activity also allows the bank to increase or safeguard

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

the number of our members/shareholders, thus increasing the

Otherthese tend to be predominately qualitative in nature and

1) Dene the risk capacity by identifying regulatory constraints

Once it has dened its risk appetite, BCC di Napoli identies

Financialthese tend to be quantitative in nature and therefore

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

Responsibility for the risk

Credit risk controllers

fraud risk management as relevant to its banking activities. Table 4

Concentration risk Operational risk

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

the dashboard emphasises key risk indicators, it is only regarded as

5.5. Credit risk management in BCC di Napoli

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

Camorra). The chairman, the Board of Directors, the general

small businesses, artisans and start-ups in the Neapolitan area.

5.6. The role of BCC di Napolis professional network

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

In addition, to ensure the effectiveness of its ERM system, BCC

erative banks shapes ERM. Many researchers (Paape and Spekl,

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

money to people to whom credit is often denied due to their lack of

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

European Risk Research Network Conference (Luxemburg, 1314

A. Caldarelli et al. / Management Accounting Research 32 (2016) 115

You might also like