Enterprise risk management and company ethics: the case of a short-term insurer in southafrica

Размещено на http://www.allbest.ru/

Размещено на http://www.allbest.ru/

Enterprise risk management and company ethics: the case of a short-term insurer in southafrica

Krishna K. Govender (South Africa), R. Hassen-Bootha (South Africa)

Abstract

The aim of this study was to investigate the relationship between enterprise risk management (ERM) and company ethics, so as to understand the central role of risk management in improving company ethics. A 5-point Likert scale questionnaire was used to survey all 122 employees of an insurance organization. The level of ethics was measured by posing questions on the integrity, trustworthiness, and level of respect for top management, middle management, and non-management. The overall Cronbach's alpha for the instrument measuring the level of ethics was 0.865, indicating that the instrument was highly reliable.

The relationship between ERM controls and the level of ethics was determined using regression analysis, which produced aF value of 0.268 (p-value 0.607), which implied that there is no relationship between ERM controls and the level of ethics. It was also ascertained that ethics and compliance-related issues are not fully embraced by the organization. This implied that the insurance company is at a level of “nominal” risk management with uncoordinated, top-down risk management activities. corruption integrative management

Since ethics risk exposure resulting from poor corporate governance has been identified by the Institute of Risk Management as being a key contributor to many business failures in South Africa (and internationally), the exploratory findings can stimulate the leadership to institute polices to mitigate poor governance and risk as this will benefit all stakeholders.

Keywordscorporate governance, organizational risk, financial services, organizational culture

INTRODUCTION

In South Africa, the exposure to corruption during the administration of former President Jacob Zuma, which is commonly referred to as “state capture”, and the recent highly reported incidents of corporate misconduct, has focused the spotlight on ethics in both the public and private sectors. The plethora of companies that suffered major financial losses and reputational damage due to corruption and lack of ethics included VBS Mutual Bank in what has been dubbed “The Great Bank Heist” (Motau, 2018), South African Airways, with its board of directors implicated in state capture (Government of South Africa, 2018), DSTV admitting to price-fixing (Competition Commission, 2017), Steinhoff (Vegter, 2017), Eskom (National Treasury, 2018) and African Bank (Myburgh, 2016). Senior members of these organizations were found guilty of unethical conduct including extortion, price-fixing, abuse of power, insider trading and fraud, negligence and maladministration (Kirsten et al., 2017).

Recognition of the importance of ethics in business and the need for corporate governance led to the development of the King Codes onCorporate Governance, which were developed for the Institute of Directors - Southern Africa (IODSA), by a committee chaired by a retired judge and corporate governance expert, Professor Mervyn King. The most recent code referred to as King IV, which was released in 2016, intended to foster an ethical environment and culture within organizations, improve trust between stakeholders, create an adequate and effective control environment, enhance company performance and value creation, ensure all organizations are good corporate citizens, and that the business is seen to be legitimate (IODSA, 2016).

The implementation of Enterprise Risk Management (ERM) can often be reduced to a mere compliance or “tick-box” exercise, which raises the question of whether ERM implementation is effectively addressing risks, such as poor company ethics. The above examples of some of the failed South African companies have one common feature, namely, failure by the relevant Board committees to manage risk. From an international perspective, the American Commission of Inquiry into the financial crisis of 2008 stated that, “dramatic failures of corporate governance and risk management at many systematically important financial institutions were a key cause of this crisis” (FCIC, 2011).

1. LITERATURE REVIEW AND THEORETICAL BASIS

Enterprise risk management (ERM) is rooted in a theoretical foundation of systems thinking, where an organization is viewed holistically as a complex system of separate, but interrelated processes, parts or components (Kim, 1999). Moeller (2011) asserted that ERM is concerned with decision-making, as it is naturally connected to business functions through shared risk exposures and synergistic relationships within the organizational structure. As companies grow, these relationships increase in complexity, until no individual division can easily be insulated from the risks affecting other divisions in the organization. ERM is defined as “a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, to identify potential events that may negatively affect the entity, and manage risk to be within its risk appetite” (Curtis & Carey, 2012, p. 2).

While there are conflicting views and approaches to ERM, there is still mounting pressure from external sources such as banks and rating agencies to add ERM to their rating methodology and credit risk assessments (Jabbour& Abdel-Kader, 2016). According to Sandford(2015), “the financial scandals in the aftermath of the American tech bubble and the housing bubble, led to the passing of sweeping legislation and the call for greater financial transparency and rigorous scrutiny of large corporations.” The Ethics, Risk and Compliance functions of an organization suddenly took center stage, with their areas of responsibility now being widely expanded, in the struggle to regain public trust.

Narisimhan (2017) highlighted the current trend of the increasing scope of governance, risk and compliance frameworks to include ethics and value management, quality management, information security management, and business continuity management. This researcher devised a broader three-dimensional model for governance, risk and compliance, which encompassed Risk” as a business attribute.

Because of the credit crisis, which highlighted systemic failures in risk management within the failed financial service businesses, a global study was conducted by Pricewaterhouse Coopers (2008) to understand if ERM matters relevant to the insurance industry. Jabbour and Abdel-Kader (2016) found that various change agents influenced the decision by insurance companies to implement ERM processes. In addition, institutional pressures, some being coercive and others normative, were found to differ in character and magnitude over time in relation to the adoption of ERM. Gradually, ERM developed into a fully-fledged management function and permeated business functions, which were not previously accepted as being relevant to risk management (Jabbour& Abdel-Kader, 2016). From an insurer's viewpoint, an ERM program provides an integrated and comprehensive assessment of all material risks arising from its operations; presents a rigorous framework that facilitates an objective and consistent approach to manage risks across business units; serves as a common language and view of risk throughout the enterprise to derive a realistic risk profile; and aligns its risk profile with its business strategies and risk appetite and allows for calculated risks to be taken to proactively seize opportunities.

Brooks and Dunn (2018) note that ERM is often practiced as a superficial exercise aimed at identifying risks associated with events, rather than being used to identify ethics-related causality. While ERM can uncover many risks, in practice there is no in-depth examination to assess the underlying ethics risks and ethics-related risk causes.

There is a range of benefits associated with an organization being perceived as ethical, inter-alia, increased customer loyalty; greater investor confidence; ease of access to capital; and the ability to attract top talent (Schoeman, 2015). In order to cultivate an environment in which employees will support one another in pursuing their goals ethically, it is important to establish and maintain an ethically strong culture in the workplace (Chun et al., 2013).

In Transparency International's annual Corruption Perception Index report, South Africa is ranked number 71 out of 180 countries (Transparency International, 2018). However, despite this relatively good ranking, corruption is still regarded as a significant problem in South Africa (Kirsten et al., 2017). Thus, all organizations are required to put measures in place to guard against unethical conduct, and manage ethics in the workplace effectively (Schoeman, 2015).

According to the King Code, ethical risks and opportunities should be incorporated in the risk management process, while a code of ethics and/ or a general code of conduct, plus ethics-related policies, should be implemented. The Board is responsible for putting measures in place to ensure adherence to the standards it has set and for measuring this adherence (IODSA, 2016). Management is required to make many decisions daily, ranging from selection of vendors for various services to dealing with customers, and some decisions are not simple choices between “right” and “wrong” but `neutral' from a moral perspective and require strategizing, not ethical deliberation (SOSU, 2016). When decisions involve choices that can negatively affect people within or outside of an organization, businesses require leaders who are able to choose ethically and put people ahead of profits.

Kosdrosky (2015) mentions that a company may have an ethics policy, which on its own will do little to prevent bad actions by staff members. Thus, various tools for measuring ethics and compliance are suggested. Kaminski and Robu (2016) concur that managers are often being left to figure out what specific controls are required to address regulatory requirements. They also highlight the ongoing struggle of financial institutions with fundamental issues in their control environments, such as management's compliance literacy, accountability, performance incentives and the risk culture.

In South Africa, insurers are regulated by the Financial Sector Conduct Authority (FSCA) and the Prudential Authority (PA), both of which define how companies should conduct business. The Prudential Standard GOI 1: Framework for Governance and Operational Standards for Insurers, states that insurers are the absorbers of risk from the economy and thus it is essential that their risks are managed prudently and professionally. The Governance and Operational Standards (GOIs) also establish the minimum requirements from the Prudential Authority, for an insurer's approach to risk management and control.

The Companies Act (Act 71 of 2008) requires that a registered company's annual financial statements be audited, and prohibits any material misstatement or misrepresentation of financial information. There is therefore a strong legal and regulatory incentive for companies to be ethical and to manage their risks.

Principle 4.1 of the King IV code that deals with risk management states that, “The governing body should govern risk in a way that supports the organization in setting and achieving its strategic objectives.” The King code therefore brings together the principles of ethics and risk management, since they share common objectives relating to the triple bottom line which requires accounting methods to extend beyond just measuring profits, and include social and environmental measures.

This broadens the scope of business objectives to include not only the shareholders of a company, but all stakeholders (Edwards, 2018).

According to Demidenko and McNutt (2008, p. 10), ERM is positioned as a key enabler of an organization's ethics, its strategy and performance. These researchers have devised a risk governance maturity ethical framework, consisting of a maturity scale and criteria. The lowest level of risk governance and ethical maturity objectives is the level where there is lack of structure, duties, and responsibilities. At this level, risk management (RM) activities depend on individual initiatives and verbal knowledge. The next stage is where there are nominal RM structures, duties and responsibilities at the top level. The third level is where there are consistent RM structures, duties and responsibilities at the top and middle levels; and the last level is where RM is embedded in the enterprise management.In this study, the researchers used the risk governance maturity ethical framework scale to determine the risk governance ethical maturity of the short-term insurance company.

It is against the above background that the primary aim of this research is to investigate the relationship between enterprise risk management (ERM) and company ethics, with the intention of understanding risk management as playing a more central role in improving company ethics. The objectives of the study were to establish the level of individual ethics; address the integrity, trustworthiness, and respect of the top, middle non-management staff; create a baseline against which to test whether company controls had any effect on internal ethics; establish the respondents' level of ethics outside of the workplace; and determine perceptions of ERM controls and ERM effectiveness in the organization

2. METHOD

To collect data for this study, a survey questionnaire was developed using a 5-point Likert-scale, where 1 = Strongly disagree and 5 = Strongly agree. To establish the level of individual ethics, the questions addressed the integrity, trustworthiness, and respect of the top, middle non-management staff. To create a baseline against which to test whether company controls had any effect on internal ethics, questions were also formulated regarding the respondents' level of ethics outside of the workplace. General questions were also developed to determine perceptions of ERM controls and ERM effectiveness in the organization.

As a pilot study, the questionnaire was administered to a sample of five (5) highly qualified and experienced individuals in the insurance company, including executives, in order to determine whether the questions provided sufficient coverage of all the areas to be addressed through the aim and objectives. Another phase of the pilot study involved administering the questionnaire to a sample of 10 insurance company employees. All the feedback received was taken into consideration in preparing the final survey instrument, resulting in some minor amendments to the final questionnaire.

The final questionnaire comprised 59 questions used to classify the “Level of ethics”, “Level of ERM controls”, and “ERM effectiveness”. The questionnaire was self-designed, based on various previously developed and tested questionnaires, which aimed to determine issues pertaining to ethics, risk and governance in organizations.

The target population comprised 122 employees of a short-term insurer. Since the target population was low, all members of the population were surveyed. Upon receiving permission from the relevant heads, the employees were informed via e-mail about the purpose of the survey and advised that a questionnaire would be sent to them via an e-mail link. The data was captured using Microsoft Excel and regression analysis was performed using the Logistic regression procedure in Real Stats 2003.xla, which is free software available for Microsoft Excel.

3. RESULTS

Only 56 of the 122 employees targeted completed the survey, which yielded a response rate of approximately 46%. Almost 40% of the participants were managers, while the majority were in operations. The largest single category of respondents (23.2%) had been employed by the company forless than one year, with 21.4% being employed between three and five years; 17.9% for less than five years.

The level of ethics was measured by posing questions on the integrity, trustworthiness, and level of respect for top management, middle management, and non-management. For eligibility to participate in the study, respondents were asked whether they understood the meaning of ethics, and all the respondents either agreed or strongly agreed that they understood the concept. The overall Cronbach's alpha for the instrument measuring the level of ethics was 0.865, indicating that the instrument was highly reliable.

Table 1 presents the participant's perception of the level of integrity, trustworthiness, and respect by top management, middle management, and non-management.

Table 1.Perception of Integrity, trustworthiness, and respect by position

Source: Research data.

It is evident from Table 1 that with respect to integrity, trustworthiness and respect, the top management rated the CEO and/or the board of directors highly (4.6 on a 5-point measurement scale). The middle management participants, on the otherhand, `agreed' that top management led by example, since the average score was 3.9.

Regarding responsibility for ethics in the organization, both top and middle management participants `agreed' that they had greater responsibility for ethics, than those who reported to them, which implies that the top and middle management participants had integrity, trustworthiness, and respect.

Table 2.Perception of the level of ethics

Source: Research data.

It is evident from Table 2 that the “top” management participants rated their superiors highly (4.4), on their level of ethics and this was affirmed by middle managers and even non-managers who`agreed' that their superiors were ethical, with ratings of 3.8 and 3.7, respectively.

Table 3 that reflects the levels of ERM controls, by position in the company, reveals that top managers, middle managers, and non-managers neither agreed nor disagreed that ERM controls were sufficient at the organization. Respondents were alo unaware of the `tip-off' line for reporting incidents of misconduct and they neither agreed nor disagreed that the controls at insurer were good enough to address ethics risks.

Table 4 shows that all levels of management `agreed' that ERM was effective at the company (overall rating of 3.8). However, middle managersand non-managers seemed ambivalent regarding the risk management processes of the company.

Table 3.Perception of ERM controls

Table 4.Perceptions of ERM effectiveness

Table 5.Relationship between ERM controls and level of ethics

Source: Research data.

The relationship between ERM controls and the level of ethics was determined using regression analysis and, as is evident from the results presented in Table 5, there is no evidence of a relationship between ERM controls and the level of ethics.

4. DISCUSSION

According to Schoeman (2015), there is a major responsibility on all organizations to put measures in place against unethical conduct and to effectively manage ethics in the workplace. Management, therefore, has more responsibility for ethical conduct than their subordinates (Demidenko& McNutt, 2008). Before measuring the levels of ethics, the researchers first measured integrity, trustworthiness, and respect. Although all respondents `agreed' that their superiors demonstrated integrity, trustworthiness, and respect, the results reveal that different levels of employees perceived their superiors differently. Top managers rated their superiors highly (4.6), whereas the average rating by middle managers was 4.0, and 3.7 by non-managers. It is concluded that top managers did not perceive themselves as having more responsibility for ethics than their subordinates.

Regarding the level of ethics, top management was rated highest overall (4.4), middle managers (3.8) and non-managers (3.7). It is interesting to note that middle managers and non-managers tended to be neutral on whether they would ignore or transgress policy, if there was no risk of being caught, and on whether they found anything wrong with exploiting loopholes in company policy.

zational culture of integrity are employee comfort and freedom to speak up about any unethical behavior that they witnessed, and feeling assured that the company would address the misconduct that had been identified. The results of this study indicate that the hierarchical structure at the company does not allow employees to approach the board directly with any ethical concerns. These results indicate that the insurer is still at the `nominal level' of the Risk Management (RM) structure proposed by Demidenko and McNutt (2008), with uncoordinated top-down RM activities, especially at middle management and non-management level. According to the Edwards (2018) five levels of maturity, ERM at the insurer can be classified under `Defining', where it is established, but not embraced by the organization, and the organization operates tactically. Therefore, at this level there is still a risk to organizational integrity and ethics.

The results of this study also indicate that overall, the respondents at different management levels rated ERM controls at the company as being low, with ratings of 2.9, 3.1, and 3.1 by top, middle and non-management participants, respectively. Respondents at all management levels were not aware that the insurer had a tip-off line for reporting misconduct. They were also neutral on the presence of `checks and balances' to detect fraud in the organization, or on whether the organization's risk management program helps to identify all ethics risks. These results indicate that at the research organization, risk management activities are uncoordinated. A study by Pricewaterhouse Coopers (2008) conducted during the credit crisis reported that many of the worst-affected companies had established what they believed to be robust and sophisticated ERM programs.

Hoerger and Currell (2012) suggested that the Top and middle management, as well as non-man- two biggest factors in establishing the organi- agers, rated ERM effectiveness at the company as

being relatively high (4.1, 3.8 and 3.7, respectively). Top managers and non-managers also tended to neither “agree nor disagree” that the company's risk management processes needed improvement. These are conflicting results, and the conclusion that can be drawn is that the organization is still at the “nominal” level of the RM structure (Demidenko& McNutt, 2008) with uncoordinated, top-down RM activities.

No relationship could be established between ERM controls and the level of ethics at a research organization. This is due to the uncoordinated nature of ERM at the organization.

CONCLUSION

The aim of this study was to explore the relationship between enterprise risk management and company ethics at a short-term insurance company in South Africa. The level of ethics at the organization, level of ERM controls, and levels of ERM effectiveness were determined and thereafter, the relationship between ERM controls and ethics was investigated.

The findings indicate that integrity, trustworthiness, and respect at the organization deteriorates at lower management levels. Middle managers and non-managers tended to be neutral on whether they would ignore or transgress policy if there was no risk of being caught, and whether they found anything wrong with exploiting loopholes in company policy.

Respondents at all management levels were not aware that the organization had a “tip-off” line for reporting misconduct. The findings on ERM effectiveness were conflicting, with respondents rating ERM effectiveness as being high, even though they neither “agreed nor disagreed” that they knew the risk management process of the company.

Since the findings did not reveal any relationship between ERM controls and the level of ethics in the organization, it is possible that this is attributed to the uncoordinated nature of ERM at the organization and low levels of ethics. There is a need for a longitudinal study to further examine the relationship, after implementing of ERM controls. The ERM program at the short-term insurer can benefit from the five HGP principles developed by the ECI (Edwards, 2018). These principles included the following: Strategy, Risk management, Culture, Speaking up, and Accountability. Clear and consistent lines of accountability should be established to enable the organization to hold itself accountable when wrongdoing occurs. Although “whistle-blowing” had been introduced as an anti-fraud measure, it is evident that this is not well communicated in the organization. This should be addressed and assurance should be given that there will be no victimization of “whistle blowers”, since this will be totally anonymous.

Even though there is an ERM unit at the research organization, employees are not aware of its functions and value to the organization. Top management should get ensure that the ERM unit gets proper support, both in structure and resources. The ERM unit should also arrange regular risk management training for all staff, to sensitize them of the importance of ethical risks.

An ERM framework that is closely aligned with the principles of COSO ERM, should be adopted, because the principles clearly address the “tone” of an organization and the achievement of the desired culture regarding its ethical values. Furthermore, clear and visible action is to be taken when ethical misconduct is identified across all levels of an organization.

REFERENCES

1. Brooks, L. J., &Dunn, P. (2018). Business and Professional Ethics for Directors, Executives and Accountants. Cengage Learning. Retrieved from https://www.cen- gage.co.uk/books/9781305971455/

2. Chun, J. S., Shin, Y., Choi, J. N.,

& Kim, M. S. (2013). How does corporate ethics contribute to firm financial performance?

The mediating role of collective organizational commitment and organizational citizenship behavior.Journal of Management, 39(4), 853-877. https://doi. org/10.1177/0149206311419662

3. Competition Commission. (2017). DSTV Media Sales admits to price fixing and agrees to a settlement (Media Release). Competition Commission. Retrieved from http:// www.compcom.co.za/wp-content/ uploads/2017/01/DSTVpdf

4. Compliance and Ethics Institute. (2009). Risk Management Culture: The Linkage Between Ethics & Compliance and ERM. Global: Compliance and Ethics Institute. Retrieved from https://commu- nity.hcca-info.org/HigherLogic/ System/DownloadDocumentFile. ashx?DocumentFileKey=31851e23- e2c4-4e71-8a61-8e2ba117b679

5. Curtis, P., & Carey, M. (2012). Thought Leadership in ERM - Risk Assessment in Practice. Durham,

NC: COSO.

6. Deloitte. (2015). The Chief Compliance Officer: The fourth ingredient in a world-class ethics and compliance program. Deloitte Tohmatsu LLC. Retrieved from https://www2.deloitte.com/con- tent/dam/Deloitte/us/Documents/ risk/us-aers-download-the-full- report-the-chief-compliance-offi- cer-05012015.pdf

7. Demidenko, E., & McNutt,

P. (2010). The ethics of enterprise risk management as a key component of corporate governance. International Journal of Social Economics,

37(10), 802-815. https://doi. org/10.1108/03068291011070462

8. Edwards, C. (2018). What's the Triple Bottom Line? Business.Com. Retrieved from https://www.busi- ness.com/articles/triple-bottom- line-defined/

9. FCIC. (2011). The Financial Crisis Inquiry Report: Final Report of the National Commission on

the Causes of the Financial and Economic Crisis in the United States.Financial Crisis Inquiry Commission. Retrieved from https://www.govinfo.gov/app/de- tails/GPO-FCIC

10. Government of South Africa. (2018). South African Airways Briefs Parliament on progress in implementing turnaround strategy. South African Government. Retrieved from https://www. gov.za/speeches/saa-appears- public-enterprises-committee- 27-nov-2018-0000

11. Hoerger, M., &Currell, C.

(2012). Ethical issues in Internet research. In S. J. Knapp, M. C. Gottlieb, M. M. Handelsman, &

L. D. VandeCreek (Eds.), APA handbook of ethics in psychology, Vol. 2. Practice, teaching, and research (pp. 385-400). American Psychological Association.https:// doi.org/10.1037/13272-018

12. International Organization for Standardization (ISO). (2018).

The new ISO 31000 keeps risk management simple. Retrieved from https://www.iso.org/news/ ref2263.html

13. IODSA. (2016). KingIVReport on Corporate Governance for South Africa. Johannesburg: Institute of Directors. Retrieved from https:// cdn.ymaws.com/www.iodsa.co.za/ resource/collection/684B68A7- B768-465C-8214-E3A007F15A5A/ IoDSA_King_IV_Report_-_Web- Version.pdf

14. Jabbour, M., &Abdel-Kader, M. (2016). ERM Adoption in the Insurance Sector: Is it a regulatory imperative or business value driven? Qualitative Research

in Accounting and Management, 13(4), 472-510. https://doi. org/10.1108/QRAM-03-2015- 0035

15. Kaminski, P., &Robu, K. (2016).

A best-practice model for bank compliance. McKinsey & Company. Retrieved from https://www. mckinsey.com/business-functions/ risk/our-insights/a-best-practice- model-for-bank-compliance

16. Kim, D. (1999). Introduction to Systems Thinking. Waltham, MA: Pegasus Communications, Inc.

17. Kirsten, M., Wordsworth, R., &du Plessis, M. (2017). More Does Not Always Mean Better: Do More Comprehensive Ethics Management Programmes Result in Better Outcomes?African Journal of Business andEconomic Research, 12(2-3),149-152. Retrieved from https://

ir.canterbury.ac.nz/bitstream/

handle/10092/100862/More%20

does%20not%20always%20

mean%20Better%20Do%20

more%20comprehensive%20

Ethics%20Management%20Pro-

grammes%20result%20in%20

better%20outcomes%20(2017-12-

11)%20(002).pdf

18. Kosdrosky, T. (2015). The Building Blocks of Business Ethics. Stephen M. Ross School of Business. Retrieved from https://michi- ganross.umich.edu/alumni/divi- dend/fall2015/building-blocks- business-ethics

19. Moeller, R. R. (2011). COSO enterprise Risk Management: Establishing Effective Governance, Risk and Compliance Processes. Wiley Publishers. Retrieved from https://www.wiley.com/en-us/COSO+Enterprise+Risk+Managemen t%3A+Establishing+Effective+Go vernance%2C+Risk%2C+and+Co mpliance+Processes%2C+2nd+Ed ition-p-9780470912881

20. Motau, T. (2018). The great bank heist (Investigator's Report to the Prudential Authority) (Volume 1). Johannesburg: SA Reserve Bank. Retrieved from https://www.cor- ruptionwatch.org.za/wp-content/ uploads/2018/10/VBS-Mutual- Bank-The-Great-Bank-Heist.pdf

21. Myburgh, J. (2016). On the collapse of African Bank - AdvJF Myburgh. Retrieved 01 April, 2019, from https://www.politicsweb.

co.za/documents/on-the-collapse-

of-african-bank--adv-jf-myburgh

22. Narisimhan, S. L. (2017).

GRC 101 - an Introduction to Governance, Risk Management, and Compliance.Capgemini. Retrieved from https://www.cap- gemini.com/2017/10/grc-101-an- introduction-to-govern ance-risk- management-and-compliance/

23. National Treasury. (2018). Final Report: Forensic Investigation into various allegations at Transnet and Eskom. Chapter III: Report Relating to Eskom Investigations. Fundudzi Forensic Services. Retrieved from http://www. treasury. gov.za/comm_media/ press/2018/Final%20Report%20 -%20Fundudzi%20-%20 Eskom%2015112018.pdf

24. PricewaterhouseCoopers.

(2008). Does ERM Matter? Enterprise Risk Management in the Insurance Industry - A Global Study.PricewaterhouseCoopers.Retrieved from https://www. pwc.com/gx/en/insurance/pdf/ erm_survey.pdf

25. Sandford, S. (2015). Contradiction of Terms: Feminist Theory and Philosophy and Transdiscipli- narity. Theory, Culture & Society, 32(5-6), 159-182. https://doi. org/10.1177/0263276415594238

26. Schoeman, C. (2015). Ethics in the workplace. Johannesburg: SA Board for People Practices.

27. South-Eastern Oklahoma State University (SOSU). (2016).

Why Ethics Are Still Essential in Management. Retrieved from https://online.se.edu/articles/mba/ why-ethics-are-still-essential-in- management.aspx

28. Transparency International.

(2018). Corruption Perceptions Index.Retrieved from https://www. transparency.org/ru/cpi/2018

29. Vegter, I. (2017). Corporate corruption is not like government corruption. Daily Maverick. Retrieved from https://www.daUy- maverick.co.za/opinionista/2017- 12-12-corporate-corruption-is- not-like-government-corruption/

Размещено на Allbest.ru