EMERALD_MD_MD558821 814..833 Enterprise risk management implementation in construction firms An organizational change perspective Xianbo Zhao School of Engineering and Technology, Central Queensland University, Sydney, Australia, and Bon-Gang Hwang and Sui Pheng Low Department of Building, National University of Singapore, Singapore, Singapore Abstract Purpose – The purposes of this paper are to: first, identify the critical drivers for and hindrances to enterprise risk management (ERM) implementation in Singapore-based Chinese construction firms (CCFs); second, interpret the critical drivers and hindrances in tandem with organizational change theories; and third, provide possible strategies to strengthen the drivers and overcome the hindrances. Design/methodology/approach – A questionnaire survey was conducted and responses were received from 35 experienced managers in CCFs operating in Singapore. Findings – A total of 13 drivers and 25 hindrances with significant influence were identified. Of them, “improved decision-making” was the top driver, while “insufficient resources (e.g. time, money, people, etc.)” was the most influential hindrance. Research limitations/implications – As the survey was performed with the Singapore-based CCFs, there may be geographical limitation on the identification of the critical drivers for and hindrances to ERM implementation. The sample size was still small, despite a relatively high response rate. Practical implications – Specific strategies were identified to strengthen the drivers for ERM implementation and overcome the hindrances to ERM implementation. Originality/value – This study present the theoretical rational behind the critical drivers for and hindrances to ERM implementation. As few studies have attempted to investigate ERM in construction firms, this study contributes to the literature through interpreting ERM implementation from an organizational change perspective. The identification of the drivers and hindrances and the managerial implications provide practitioners and academics with valuable information as well as a clear understanding of how to consolidate ERM programs and overcome the hindrances. Keywords Risk management, Organizational change, Driver, Construction firm, Hindrance Paper type Research paper 1. Introduction According to the International Organization for Standardization (ISO), risk is defined as “effect of uncertainty on objectives” (ISO, 2009, p. 1). Project risk management (PRM) has been emphasized in construction firms because these firms typically depend on construction projects to earn revenues and profits (Zhao et al., 2014). However, construction firms are also exposed to the risks outside projects (Low et al., 2009), which are likely to impact both project objectives and corporate objectives. Thus, a global view to identify systemic risks was recommended for construction firms venturing into overseas markets to replace project-only risks (Zhi, 1995). In recent years, a paradigm shift has occurred in the way companies view risk management, and the trend has moved toward a holistic view of risk management The current issue and full text archive of this journal is available at www.emeraldinsight.com/0025-1747.htm Management Decision Vol. 52 No. 5, 2014 pp. 814-833 r Emerald Group Publishing Limited 0025-1747 DOI 10.1108/MD-02-2014-0082 814 MD 52,5 (Gordon et al., 2009). As the fundamental paradigm in this trend, enterprise risk management (ERM) has attracted worldwide attention (Liu et al., 2013). The Committee of Sponsoring Organizations of the Treadway Commission defines ERM as “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives” (COSO, 2004, p. 2). Afflicted with various risks, construction firms have been considered as prime candidates for ERM implementation (Zhao et al., 2013b). Implementing ERM in construction firms can be seen as a gradual organizational change because the management in these firms has been accustomed to PRM and needs to adapt to ERM. This study aims to interpret ERM implementation in Chinese construction firms (CCFs) based in Singapore from an organizational change perspective. The specific objectives are to: first, identify the critical drivers for and hindrances to ERM implementation in Singapore-based CCFs; second, interpret the critical drivers and hindrances in tandem with organizational change theories; and third, provide possible strategies to strengthen the drivers and overcome the hindrances. 2. ERM 2.1 Drivers for ERM implementation ERM adoption has been compelled by a series of legal compliance and corporate governance requirements (Kleffner et al., 2003; Liebenberg and Hoyt, 2003). Some of these requirements are the mandatory laws or regulations, while others are non-mandatory reports or standards that create public pressures and benchmarks for sound management practices (see Table I). In addition, as ERM can increase firm’s value, the three main rating agencies, i.e. S&P, Moody’s and Fitch, have recognized a company’s ERM system as a factor in their rating methodology (Gates, 2006; Liebenberg and Hoyt, 2003). Although compliance and corporate governance requirements have driven firms to adopt ERM, firms also carried out ERM for potential benefits (Pagach and Warr, 2011). Such benefits should be convincing and can exceed the significant costs associated with initiating an ERM program (Hallowell et al., 2013). A total of 11 potential benefits of ERM (D04-D14) are identified from the literature review, as Table II indicates. These potential benefits may also drive ERM implementation in construction firms. In addition, Liebenberg and Hoyt (2003) believed that a broader scope of risks from globalization, market and greater risk interdependence, as well as the advances in information technology (IT) could drive companies to adopt ERM. Because of the external factors and benefits, the board and senior management would embrace ERM. Gates (2006) indicated that the board request was a primary driver for ERM implementation. 2.2 Hindrances to ERM implementation In addition to the driving factors, ERM implementation is faced with hindrances, which increased the difficulty in fully adopting ERM. In a survey, 70 percent of the North American respondents considered ERM as their most challenging issue (CFO/Crowe, 2008). As shown in Table III, 36 factors (i.e. H01-H36) hindering ERM implementation are identified from studies relating to ERM in various industries. Because of these hindrances, the percentage of firms adopting or implementing ERM was relatively low. Liu et al. (2011) reported that only 14.7 percent of the CCFs operating overseas had fully implemented ERM. 815 ERM implementation 2.3 ERM in construction firms In construction firms, ERM and PRM are approaches to dealing with risks at different level, with different goals (Liu et al., 2011). ERM deals with risks at the firm level and focusses on the strategic, operations, reporting, and compliance objectives of a firm (COSO, 2004), while PRM handles risks at the project level and focusses on project objectives (Liu et al., 2011). Actually, project objectives are within the corporate objectives, serving as the main elements of operational objectives of a construction firm because the operation of a construction firm mainly depends on the construction projects that it is engaged in (Zhao et al., 2013a). PRM is still necessary and should not be considered as a hindrance to implementing ERM in a construction firm. PRM has been considered as one of the nine project management knowledge areas (PMI, 2008), and is critical to the success of projects and the survival of construction firms. Hence, ERM cannot replace the role of PRM. In fact, PRM is an integral part of ERM because project risks are within the entire risk profile of a construction firm and ERM should be implemented at all levels of a firm, including the project level (Zhao et al., 2013a). Effective PRM practices, which properly deal with project risks, can contribute to ERM effectiveness throughout a firm. In turn, ERM Initiatives Description Sarbanes-Oxley Act (SOX) in USA Enacted in 2002 as a reaction to major scandals including those affecting Enron and WorldCom, the SOX requires management and the external auditor to report on the adequacy of the company’s internal control over financial reporting in Section 404 New York Stock Exchange (NYSE) Corporate Governance Rules In 2004, the NYSE adopted corporate governance rules that require the Audit Committees of its listed companies to discuss policies concerning risk assessment and risk management, including major financial risk exposures and the steps that management has taken to monitor and control such exposures UK Corporate Governance Code The UK Corporate Governance Code 2010 aims at the companies listed in the London Stock Exchange. The Listing Rules require public listed companies to disclose how they have complied with the code and explain where they have not applied the code Basel II Basel II, initially published in 2004, is to create an international standard that banking regulators can use when creating regulations about how much capital banks need to put aside to guard against the types of financial and operational risks banks face Dey Report in Canada The Dey Report, commissioned by the Toronto Stock Exchange, requires companies to report on the adequacy of internal controls CoCo Report in Canada The CoCo Report, namely the “Guidance on Control” produced by the Criteria of Control Board (CoCo) of the Canadian Institute of Chartered Accountants, specifies reporting on risk assessment and risk management ISO 31000:2009 ISO 31000:2009 provides generic guidelines intended to promote the adoption of consistent processes so as to ensure the risk is managed effectively, efficiently and coherently across organizations Table I. Regulatory compliance and corporate governance requirements 816 MD 52,5 R ef er en ce s C od e D ri v er s fo r E R M im p le m en ta ti on 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 S u m D 01 L eg al an d re g u la to ry co m p li an ce re q u ir em en ts | | | | | 5 D 02 N on -m an d at or y re p or ts or st an d ar d s | | | | | 5 D 03 C re d it ra ti n g ag en ci es ’ re q u ir em en ts | | 2 D 04 R ed u ce d ea rn in g s v ol at il it y | | | | | | | 7 D 05 R ed u ce d co st s an d lo ss es | | | | | | 6 D 06 In cr ea se d p ro fi ta b il it y an d ea rn in g s | | | 3 D 07 Im p ro v ed d ec is io n -m ak in g | | | | | | | | 8 D 08 B et te r ri sk re p or ti n g an d co m m u n ic at io n | | | 3 D 09 In cr ea se d m an ag em en t ac co u n ta b il it y | | | | 4 D 10 G re at er m