Abstract

I identify and test the empirical implications of complexity theory to investigate the effectiveness of the firm s risk management program in monitoring compliance program activity I provide a direct link between the quality of Business Regulatory Compliance Unit which executes and oversees the compliance program implementation and the overall risk management quality of the firm I use a multi-method design incorporating survey questionnaires and econometric multivariate analysis of a sample of European firms I find a relationship between the risk management exposure of European firms and the quality of their internal control department I also find a strong relationship between earnings at risk for UK firms and asset-liability at risk for financial firms but only a weak relationship between cash flow at risk and internal audit quality for European firms The quality of internal compliance business units is strongly positively related to corporate performance over time