How to cite:
Franciskus Antonius Alijoyo, Ivonne Bonita, and Kevin Bastian
Sirait (2021). Evaluation of Risk Management Maturity of a
Fintech Firm in Indonesia. Journal Eduvest. 1(12): 1478-1487
E-ISSN:
2775-3727
Published by:
https://greenpublisher.id/
Eduvest – Journal of Universal Studies
Volume 1 Number 12, December 2021
p- ISSN 2775-3735 e-ISSN 2775-3727
EVALUATION OF RISK MANAGEMENT MATURITY OF A FINTECH
FIRM IN INDONESIA
Franciskus Antonius Alijoyo
1
, Ivonne Bonita
2
, and Kevin Bastian Sirait
3
1
Faculty of Economics, Parahyangan Catholic University, Indonesia
2
Center for Risk Management and Sustainability, Indonesia
ARTICLE INFO ABSTRACT
Received:
November, 26
th
2021
Revised:
December, 17
th
2021
Approved:
December, 19
th
2021
This study identified the risk management maturity status,
revealed the major sources of the firm risk management
maturity, issues in running quality risk management of a
financial technology firm in Indonesia, and recommended
enhancements. It used the Risk and Insurance
Management Society – Risk Maturity Model to evaluate
the risk management maturity status. To get detailed
information about the risk management implementation,
the researchers also did observations and interviews. This
study confirmed that the firm was in ad-hoc status. The
firm was overconfident of their previous success in
implementing risk management and careless in
transforming the risk management concepts into real
practices. Thus, they lost their ability to decide
appropriate decisions in handling the risks that they faced.
As a result, they could not run effective and efficient
management. Detail findings and recommendations on
the risk management maturity of the firm are provided in
this article.
KEYWORDS
Fintech Firm, Issues In Risk Management, Risk Management
Maturity Status, Risk Maturity Model
Franciskus Antonius Alijoyo, Ivonne Bonita, and Kevin Bastian Sirait
Evaluation of Risk Management Maturity of a Fintech Firm in Indonesia 1479
This work is licensed under a Creative Commons
Attribution-ShareAlike 4.0 International
INTRODUCTION
Financial technology (fintech) has a crucial role in today’s economic system.
This new technology erases the boundary of financial institutions, markets, and new
service providers and enhances the quality of their services (Barbu, Florea, Dabija, &
Barbu, 2021; Makina, 2019; Zhang & Kim, 2020). Thus, a fintech firm can be defined as
a company engaged in financial services that uses technology to accelerate and facilitate
aspects of the financial services it provides. By providing various products and services
with fast access, fintech firms will help the growth of the national economy (Narayan,
2020; Ozili, 2018; Saksonova & Kuzmina-Merlino, 2017).
However, fintech firms are a kind of company with a high risk (Chaudhry,
Ahmed, Huynh, & Benjasak, 2022; Jianping Li, Li, Zhu, Yao, & Casu, 2020). The risks
that the company needs to consider include the threat of cybercrime and cybersecurity
(Adeyoju, 2021; Kareem, Duhaidahawi, Zhang, & Abdulreza, 2020). Thus, fintech firms
need to run an effective and efficient risk management system, since risk management is
crucial in running a company (Junkes, Tereso, & Afonso, 2015). It helps the company to
determine the right decision to make for its future (Aven, 2016). In addition, good risk
management will help the company maintain its financial health and enhance its
competitiveness (Otero González, Durán Santomil, & Tamayo Herrera, 2020; Silva
Rampini, Takia, & Berssaneti, 2019; Susanto & Meiryani, 2018).
Not all companies have a good risk management system. Some of them may have
a very mature risk management program, while the others may have an unplanned risk
management program (Linshan Li, 2018; Sennewald, 2011). The level of risk
management maturity has a great impact on the companies’ financial health (Mohammed
& Knapkova, 2016; Otero González et al., 2020). In addition, the level of risk
management maturity also may affect the company's performance (Ekwere, 2016;
Hartono, Wijaya, & Arini, 2019).
Since the fintech firm has a critical role in the economy and no study has been
conducted to specifically explore the risk management maturity level of the fintech firms
in Indonesia, this study aimed to identify the risk management maturity of a fintech firm
in Indonesia. This study identified the risk management maturity status and revealed the
major sources of the firm's risk management maturity, issues in running quality risk
management of a financial technology firm in Indonesia. Then, based on those
identifications, some recommendations were proposed for enhancements.
RESEARCH METHOD
This study was conducted in an Indonesian fintech firm registered in Bank
Indonesia. Since the fintech firm that was taken as the setting of the study did not allow
the researchers to expose its name, the researchers named the firm Firm X in this study.
The company used the ISO 31000 standard as their point-of-reference in implementing
Enterprise Risk Management. The researchers selected 19 respondents to collect the data.
Those respondents were selected by using the purposive sampling technique. Those 19
respondents consisted of seven respondents from the top management level, and the other
twelve respondents were from the middle management level. To collect the study's data,
the researchers developed a questionnaire based on the risk management maturity model
Eduvest – Journal of Universal Studies
Volume 1 Number 12, December 2021
1480 http://eduvest.greenvest.co.id
developed by The Risk and Insurance Management Society (RIMS, 2006). The score
from the questionnaire results was calculated based on the following steps and formula:
a. Each competency driver's maturity score is obtained by calculating the average
score for all readiness indicators belonging to the specific competency drivers. It
is determined by applying the formula 𝐶𝐷𝑖 = 1 𝑁 ∑ 𝐼𝑥, 𝑛 𝑥=1. In which 𝐶𝐷𝑖
represents the maturity score of competency driver 𝑖, 𝐼𝑥, represents the average of
the participants' score of readiness indicator 𝑥 that is associated with competency
driver 𝑖, and 𝑁 represents the total number of readiness indicators that belong to
the specific competency driver.
b. The firm's risk management maturity score is obtained by averaging each
competency drivers' score. It is obtained by applying the 𝑀 = 1 𝑁 ∑ 𝐶𝐷𝑖 𝑛 𝑖=1.
Where 𝑀 represents the firm's maturity score, 𝐶𝐷𝑖 represents the maturity score
of competency driver 𝑖, and 𝑁 represents the number of competency drivers
within the RIMS RMM.
c. The maturity score is then matched with the risk management maturity intervals
as suggested by RIMS RMM. The intervals are given as follows: (1) Non-
existent: 𝑀 < 1, (2) ad-hoc: 1 ≤ 𝑀 < 2 , (3) initial: 2 ≤ 𝑀 < 3, (4) repeatable: 3 ≤
𝑀 < 4, (5) managed: 4 ≤ 𝑀 < 5, and (6) leadership: 𝑀 = 5. In which, 𝑀 represents
the firm's risk management maturity score.
d. The questionnaire result was categorized by following the Risk and Insurance
Management Society Risk Management Maturity level as shown in Table 1.
Table 1. The RIMS RMM maturity level and its interpretation
Score
Level
Interpretation
0
Non-existent
The firm's recognition of ERM is limited. The firm's ERM
implementation is either insufficient or none, and there is no
risk management framework within the firm, including risk
indicators, risk measurement, and objectives.
1
Ad-hoc
The level of risk management within the firm is in a primitive
stage. The implementation of risk management depends on
certain individuals' actions by using improvised procedures
and minimum knowledge of the process.
2
Initial
The risks are managed in silos, and there is little aggregation
of risk or risk integration. In which the lack of discipline
accompanies the processes.
3
Repeatable
The framework of risk assessment is in place, and the board
of directors conducts the risk overview. The implementation
of risk management is established and conducted repeatedly.
4
Managed
The implementation of ERM is established in the firm, and
each aspect of ERM is integrated and harmonized, along with
its measurement and controls. The ERM procedures and their
principles are communicated and understood by the firm.
5
Leadership
Within the strategic level of the firm, the risk-based
discussion is already taken place. Moreover, risk tolerance
and appetite are understood within executive management and
the board of directors and accompanied by alerts to inform the
top management if the risk threshold is exceeded.
Source: RIMS (2006).
The researchers also did interviews to collect data about the major sources of the
Franciskus Antonius Alijoyo, Ivonne Bonita, and Kevin Bastian Sirait
Evaluation of Risk Management Maturity of a Fintech Firm in Indonesia 1481
firm risk management maturity and the issues in running quality risk management. They
interviewed the 19 respondents of the study, one by one. In addition, to support and
confirm the data from the interviews, they also conducted observations. The researchers
observed the implementation of the risk management system that the fintech firm had.
The results of the interviews and observations were analyzed qualitatively.
RESULT AND DISCUSSION
Based on the purposes of the study, there were three major findings in this study.
The first finding is about the fintech firm's risk management maturity level. The second
one is about the major sources of the firm risk management maturity. The third finding is
about the issues in running quality risk management. The followings are the detailed
findings of the study.
The fintech firm risk management maturity level
The questionnaire results show that the risk management maturity level
of firm X was at the ad-hoc level. This can be seen from the score of the questionnaire
that was 1.765. Based on the risk management maturity level criteria shown in Table 1, if
the score is below 2, it is categorized as ad-hoc level. It means that the implementation of
risk management of firm X is dependent on the actions of particular individuals with the
minimum knowledge of risk management. Table 2 shows the detailed result of the
questionnaire.
Table 2. Firm X Risk Management Maturity Level
No
Aspect
Mean
score
Category
1.
Adoption of ERM-based approach
2.015
Initial
2.
ERM process management
1.537
Ad-hoc
3.
Risk appetite management
1.182
Ad-hoc
4.
Root cause discipline
1.647
Ad-hoc
5.
Uncovering risks
1.880
Ad-hoc
6.
Performance management
2.073
Ad-hoc
7.
Business resiliency and sustainability
2.025
Initial
Firm X Maturity score
1.765
Ad-hoc
Based on the interpretation of the risk management maturity level in Table 1. In
general, the result of the questionnaire indicates that Firm X implemented its risk
management depending on the actions of certain individuals by using improvised
procedures and minimum knowledge of the process. Thus, in general, Firm X is obliged
to fix its views on the importance of risk management. From the results found, it can be
seen that Firm X has not given optimal attention to the planning and implementation of
risk management within the company. This is something that can endanger the existence
of the company. Weak risk management of a company has been empirically proven to
harm various vital things in the company. Implementing good risk management will
positively impact the financial health of a company (Ebenezer & Omar, 2016; Hasan,
Rahmadini, Indonesia, & Indonesia, 2021; Sinurat & Siregar, 2019). The financial factor
is very vital in the company's performance. Therefore, poor implementation of risk
management is proven to weaken the company's performance and vice versa (Alsaadi,
2020; Setiawaty, 2016). In other words, it can be said that weak risk management will
affect a company's performance (El Shal & Kadery, 2021; Sedana & Dewi, 2017).
Therefore, it can be assumed that Firm X also tends to experience problems in its
Eduvest – Journal of Universal Studies
Volume 1 Number 12, December 2021
1482 http://eduvest.greenvest.co.id
performance if they do not immediately improve the quality of their risk management in
terms of planning and implementation.
The major sources of the firm risk management maturity level
Based on the interviews and observations, this study found three main sources
that caused Company X's level of risk management to be at the Ad-Hoc level. First, the
attitude and perspective of employees who are apathetic towards the implementation of
ERM. The success of the implementation of risk management is strongly influenced by
the attitude of all employees towards policies regarding risk management that apply in the
company. If all employees understand and comply with the policies regarding risk
management that apply in the company, the policies are likely to be implemented well
and achieve success (Braumann, 2018; Jianguo & Qamruzzaman, 2017). However, if all
employees do not comply with the applicable risk management policy, it will be difficult
for the policy to achieve success as expected (Eniowo, Onafadejiadeniyi, &
Ogundejititobiloluwa, 2018; Pratono, 2018).
Second, company X shows no interest in implementing and developing ERM to
its full potential because its executives have experienced a series of successes from its
inception to early 2019. Leadership has a crucial role in the operations of a company. The
attitude of the company's leaders will affect the attitude of the employees as a whole
(Farahnak, Ehrhart, Torres, & Aarons, 2019; Inayah & Balqiah, 2017; Khuwaja, Ahmed,
Abid, & Adeel, 2020). Therefore, if the company's leaders do not consider risk
management important, other employees will most likely not care about risk management
(Gantz & Philpott, 2013). So, if we look at the case that occurred in Firm X, the
unsuccessful implementation of risk management is most likely due to the leader's
attitude who does not care about the risk management policies that apply in the company.
Third, the company's scope and attitude to risk (for example, risk appetite,
tolerance, and capacity) are not in the internal control mechanisms and detailed
procedures. The concept of ERM is not embedded in the company's business activities
and decision-making of its executives. The implementation of risk management must be
an integral part of the company's activities, especially decision-making (Zhu, Haugen, &
Liu, 2021). This is because one of the objectives of risk management is to assist the
leadership in determining policies so that these policies do not endanger the company's
position (Karunathilake et al., 2020; Merkelbachm & Daudin, 2011). However, from the
findings of this study, it can be said that Company X ignores risk management in its
activities and decision making, which of course, has the potential to harm the success of
the company itself.
The barriers and challenges of implementing effective ERM
Based on the results of Firm X's risk management maturity and the participants'
information on the company's internal ERM status, it is found that the main obstacles to
the implementation of the company's internal risk management are highly concentrated
on the company's attitude and perception of understanding and embracing. The concept of
ERM affects the quality of the integration of ERM with company activities and decision-
making. The company's primary task of implementing a risk management mechanism is
to comply with Indonesian financial technology regulations rather than creating and
protecting its value through ERM.
Therefore, X Company's indifference to the implementation of risk management
has brought a series of challenges in realizing the overall and integrated ERM process
within the company. They are: (1) the implementation of internal ERM within the
company is entirely based on the experience and intuition of employees integrating risk
Franciskus Antonius Alijoyo, Ivonne Bonita, and Kevin Bastian Sirait
Evaluation of Risk Management Maturity of a Fintech Firm in Indonesia 1483
management mechanisms into departmental activities, (2) the lack of integration and
cooperation between corporate departments when implementing the ERM process, (3) the
lack of risk management within the company experts to help the company adjust the
department’s views and standard operating procedures from the perspective of risk
management, (4) lack of knowledge and familiarity with ERM tools to use risk
management, (5) insufficient risk reporting and recording in most departments, and (6)
The company has incomplete information on the nature of risks (for example, the scale,
impact, and triggers of the risk) because the flow of risk-oriented information in all
company management is below average.
In other words, the problems that occur in Firm X are mostly at the
implementation level, and these kinds of problems are common in a company (Fraser &
Simkins, 2016). For this reason, Firm X is obliged to improve the quality of its risk
management implementation by increasing the awareness of all employees of the
importance of risk management for the existence and development of the company. This
should start from company leaders who can provide examples of the correct
implementation of risk management. They must also provide examples of how to
implement risk management correctly and prove that it is important to do this. When
leaders give good examples, the other employees normally will follow those good
examples (al-Baradie, 2014; Gächter & Renner, 2018; Hetland, Hetland, Bakker, &
Demerouti, 2018). With the ability of leaders to set an example for other employees, it is
hoped that the implementation of risk management will become a culture within the
company.
Recommendation
Considering the findings of this study, the researcher recommends several things
that can later be used as alternative efforts to increase the risk management maturity of
Firm X. First, Firm X must build awareness and ownership of risk management for all
employees. In detail, this includes: (1) building awareness and understanding of the
proper implementation of risk management at the top and middle management levels by
way of continuous executive direction, (2) building the board's commitment to leadership
and ownership risk-taking so that risk management is carried out effectively, a systematic
approach based on integrated risk management principles, frameworks and processes, and
(3) awareness building on risk management for all employees by conducting training,
focus group discussions, and risk management competency certification for personnel,
and at a later stage, in establishing risk ownership at all levels of company management,
it is advisable to link their performance indicators with risk management.
Second, it is necessary to reorganize the company's priorities and objectives in
implementing risk management. Given that the implementation of ERM is carried out
according to the ISO 31000 standard, what needs to be done is (1) to establish risk
management policies and standard operating procedures from the level of the strategic
decision-making process to the level of operational business processes, (2) to ensure that
all elements of risk management are linked to indicators key performance of employees,
and (3) realizing the consistent and continuous implementation of the three pillars of the
ISO 31000 standard, namely principles, frameworks, and risk management processes.
Third, it is necessary to integrate the implementation of the ISO 31000 standard
into all aspects of company X, which include: (1) alignment of the company's ERM
program with its objectives, with the aim that all employees understand the importance
and relevance of risk management to company sustainability, (2) implementation of
management processes risk explicitly into the company's strategy in achieving its
Eduvest – Journal of Universal Studies
Volume 1 Number 12, December 2021
1484 http://eduvest.greenvest.co.id
objectives so that employees understand the criticality and importance of risk
management in the company's strategy and build strong risk ownership, (3) certainty of
the availability of resources in implementing risk management to the company, (4)
implementation of periodic evaluations of company performance based on the identified
risks and their impacts, (5) regular communication of company policies and their position
and focus on managing and overcoming the identified risks, and (6) periodic evaluation
of the progress of risk management implementation within the company.
CONCLUSION
The ERM maturity assessment results show that X company's ERM maturity is at a
temporary level. This means that Company X is in a state of incompetence and
incompetence, unable to use ERM methods to protect and create company value.
Especially in terms of regulatory compliance, the company has fulfilled all regulations
and requirements imposed by regulatory agencies on enterprise risk management.
However, in terms of performance, the quality and effectiveness of the company's ERM
process are below the standard. Although Company X has adopted the ISO 31000
standard as a guide for the implementation and integration of ERM processes in its
activities, its risk management department's role is only to deal with legal risks, while its
IT department manages the company's general risks. Therefore, the company's limited
scope and awareness of the necessity of applying risk management hindered the quality
and effectiveness of its ERM process in the overall identification and management of
risks.
The fundamental reason for company X's low ERM maturity is its indifferent
attitude towards the concept and role of its internal risk management. Since regulatory
requirements and regulations drive the implementation of ERM, the definition and
interpretation of risks and ERM are not clearly stated and presented in the company's
internal control mechanisms and procedures. Therefore, the company's risk-related
information flow is limited because it is only passed to two departments (ie, risk and IT
departments)
Since this research is a case study method, the specific conditions of Firm X are
different from other fintech companies in Indonesia or any other part of the world.
Therefore, the results and recommendations are valid for the fintech companies of
particular interest in this research. Therefore, further research involving more companies
is needed to reveal the average level of ERM maturity in Indonesia's fintech industry and
the obstacles and challenges that hinder fintech companies from improving their ERM
maturity. It intends to increase the generalizability of future research results when
assessing the ERM maturity level of fintech companies and their industries. In addition,
for every financial technology company that uses the ISO 31000 standard as a guide, it is
recommended to consider applying an ERM maturity model that is clearly designed
according to the requirements and specifications of the ISO 31000 standard to evaluate
and improve its ERM effectiveness and maturity level.
REFERENCES
Adeyoju, Ademola. (2021). Cybercrime and Cybersecurity: FinTech’s Greatest
Challenges. SSRN Electronic Journal, 1–5. https://doi.org/10.2139/ssrn.3486277
al-Baradie, Raidah S. (2014). Encouraging the heart. International Journal of Pediatrics
and Adolescent Medicine, 1(1), 11–16.
https://doi.org/https://doi.org/10.1016/j.ijpam.2014.09.008
Franciskus Antonius Alijoyo, Ivonne Bonita, and Kevin Bastian Sirait
Evaluation of Risk Management Maturity of a Fintech Firm in Indonesia 1485
Alsaadi, Nasser. (2020). The Impact of Risk Management Practices on the Performance
of Construction Projects. Estudios de Economia Aplicada, 39(4).
https://doi.org/DOI: http://dx.doi.org/10.25115/eea.v39i4.4164 Volumen:39-4
Aven, Terje. (2016). Risk assessment and risk management: Review of recent advances
on their foundation. European Journal of Operational Research, 253(1), 1–13.
https://doi.org/https://doi.org/10.1016/j.ejor.2015.12.023
Barbu, Cătălin Mihail, Florea, Dorian Laurenţiu, Dabija, Dan Cristian, & Barbu, Mihai
Constantin Răzvan. (2021). Customer experience in fintech. Journal of Theoretical
and Applied Electronic Commerce Research, 16(5), 1415–1433.
https://doi.org/10.3390/jtaer16050080
Braumann, Evelyn C. (2018). Analyzing the Role of Risk Awareness in Enterprise Risk
Management. Journal of Management Accounting Research, 30(2), 241–268.
https://doi.org/10.2308/jmar-52084
Chaudhry, Sajid M., Ahmed, Rizwan, Huynh, Toan Luu Duc, & Benjasak, Chonlakan.
(2022). Tail risk and systemic risk of finance and technology (FinTech) firms.
Technological Forecasting and Social Change, 174, 121191.
https://doi.org/https://doi.org/10.1016/j.techfore.2021.121191
Ebenezer, Olalere Oluwaseyi, & Omar, Wan Ahmad bin. (2016). Risk Management and
the Financial Performance of Commercial Banks in Nigeria : A Literature Review
Revisited. IOSR Journal of Economics and Finance, 7(2), 14–19.
https://doi.org/10.9790/5933-0702031419
Ekwere, Nsikan. (2016). Framework of Effective Risk Management in Small and
Medium Enterprises (SMESs): a Literature Review. Bina Ekonomi, 20(1), 23–46.
https://doi.org/10.26593/be.v20i1.1894.23-46
El Shal, Bahaa, & Kadery, Mona. (2021). Organizational Project Management Maturity
Effect on the Relationship Between Entrepreneurial Orientation and Organizational
Performance in Egyptian Organizations. Journal of Business and Management
Sciences, 9(1), 36–49.
Eniowo, D. Olushola, Onafadejiadeniyi, O., & Ogundejititobiloluwa, Y. (2018). The
Effect of Employees ’ Orientation on Risk Management in Leigh and Lloyd Mining
Firm. International Journal of Business and Management Invention, 7(4), 20–27.
Farahnak, Lauren R., Ehrhart, Mark G., Torres, Elisa M., & Aarons, Gregory A. (2019).
The Influence of Transformational Leadership and Leader Attitudes on Subordinate
Attitudes and Implementation Success. Journal of Leadership & Organizational
Studies, 27(1), 98–111. https://doi.org/10.1177/1548051818824529
Fraser, J. R. S., & Simkins, B. J. (2016). The challenges of and solutions for
implementing enterprise risk management. Business Horizons, 59(6), 689–698.
https://doi.org/10.1016/j
Gächter, Simon, & Renner, Elke. (2018). Leaders as role models and ‘belief managers’ in
social dilemmas. Journal of Economic Behavior & Organization, 154, 321–334.
https://doi.org/https://doi.org/10.1016/j.jebo.2018.08.001
Gantz, Stephen D., & Philpott, Daniel R. (2013). Chapter 3 - Thinking About Risk
(Stephen D. Gantz & Daniel R. B. T. FISMA and the Risk Management Framework
Philpott, Eds.). https://doi.org/https://doi.org/10.1016/B978-1-59-749641-4.00003-5
Hartono, Budi, Wijaya, Deo F., & Arini, Hilya M. (2019). The impact of project risk
management maturity on performance: Complexity as a moderating variable.
International Journal of Engineering Business Management, 11,
1847979019855504. https://doi.org/10.1177/1847979019855504
Hasan, Nida Nadya, Rahmadini, Fatia, Indonesia, Universitas, & Indonesia, Universitas.
(2021). terhadap Risiko Perbankan Application Risk. 1(2), 67–84.
Eduvest – Journal of Universal Studies
Volume 1 Number 12, December 2021
1486 http://eduvest.greenvest.co.id
Hetland, Jørn, Hetland, Hilde, Bakker, Arnold B., & Demerouti, Evangelia. (2018). Daily
transformational leadership and employee job crafting: The role of promotion focus.
European Management Journal, 36(6), 746–756.
https://doi.org/https://doi.org/10.1016/j.emj.2018.01.002
Inayah, Asty Khairi, & Balqiah, Tengku Ezni. (2017). The influence of leadership style
on organizational culture. Accounting & Business Conference 2017, 405–421.
Jianguo, Wei, & Qamruzzaman, Md. (2017). Management Practice : A case study of the
financial sector in Bangladesh. The Cost and Management, 45(November).
Junkes, M. Bernadete, Tereso, Anabela P., & Afonso, Paulo S. L. P. (2015). The
Importance of Risk Assessment in the Context of Investment Project Management:
A Case Study. Procedia Computer Science, 64, 902–910.
https://doi.org/https://doi.org/10.1016/j.procs.2015.08.606
Kareem, Hayder M., Duhaidahawi, Al, Zhang, Jing, & Abdulreza, Mustafa S. (2020).
Research in Business & Social Science Analysing the effects of FinTech variables
on cybersecurity : Evidence form Iraqi Banks. International Journal of Research in
Business and Social Science, 9(6), 123–133.
Karunathilake, Hirushie, Bakhtavar, Ezzeddin, Chhipi-Shrestha, Gyan, Mian, Haroon R.,
Hewage, Kasun, & Sadiq, Rehan. (2020). Chapter Seven - Decision making for risk
management: A multi-criteria perspective. In Faisal I. Khan & Paul R. B. T.
Methods in Chemical Process Safety Amyotte (Eds.), Advanced Methods of Risk
Assessment and Management (Vol. 4, pp. 239–287).
https://doi.org/https://doi.org/10.1016/bs.mcps.2020.02.004
Khuwaja, Uzair, Ahmed, Kaleem, Abid, Ghulam, & Adeel, Ahmad. (2020). Leadership
and employee attitudes: The mediating role of perception of organizational politics.
Cogent Business & Management, 7(1), 1720066.
https://doi.org/10.1080/23311975.2020.1720066
Li, Jianping, Li, Jingyu, Zhu, Xiaoqian, Yao, Yinhong, & Casu, Barbara. (2020). Risk
spillovers between FinTech and traditional financial institutions: Evidence from the
U.S. International Review of Financial Analysis, 71, 101544.
https://doi.org/https://doi.org/10.1016/j.irfa.2020.101544
Li, Linshan. (2018). A Study on Enterprise Risk Management and Business Performance.
Journal of Financial Risk Management, 07(01), 123–138.
https://doi.org/10.4236/jfrm.2018.71008
Makina, Daniel. (2019). 14 - The Potential of FinTech in Enabling Financial Inclusion
(Daniel B. T. Extending Financial Inclusion in Africa Makina, Ed.).
https://doi.org/https://doi.org/10.1016/B978-0-12-814164-9.00014-1
Merkelbachm, Maarten, & Daudin, Pascal. (2011). From Security Management To Risk
Management: Critical Reflections On Aid Agency Security Management And The
ISO Risk Management Guidelines. Security Management Initiative, 59.
Mohammed, Hamdu Kedir, & Knapkova, Adriana. (2016). The Impact of Total Risk
Management on Company’s Performance. Procedia - Social and Behavioral
Sciences, 220, 271–277. https://doi.org/10.1016/j.sbspro.2016.05.499
Narayan, Seema Wati. (2020). Does fintech matter for Indonesia’s economic growth?
Buletin Ekonomi Moneter Dan Perbankan, 22(4), 437–456.
https://doi.org/10.21098/bemp.v22i4.1237
Otero González, Luís, Durán Santomil, Pablo, & Tamayo Herrera, Aracely. (2020). The
effect of Enterprise Risk Management on the risk and the performance of Spanish
listed companies. European Research on Management and Business Economics,
26(3), 111–120. https://doi.org/https://doi.org/10.1016/j.iedeen.2020.08.002
Franciskus Antonius Alijoyo, Ivonne Bonita, and Kevin Bastian Sirait
Evaluation of Risk Management Maturity of a Fintech Firm in Indonesia 1487
Ozili, Peterson K. (2018). Impact of digital finance on financial inclusion and stability.
Borsa Istanbul Review, 18(4), 329–340.
https://doi.org/https://doi.org/10.1016/j.bir.2017.12.003
Pratono, Aluisius Hery. (2018). Does firm performance increase with risk-taking behavior
under information technological turbulence?: Empirical evidence from Indonesian
SMEs. Journal of Risk Finance, 19(4), 361–378. https://doi.org/10.1108/JRF-10-
2017-0170
Saksonova, Svetlana, & Kuzmina-Merlino, Irina. (2017). Fintech as Financial Innovation
– The Possibilities and Problems of Implementation. European Research Studies
Journal, 20(3), 961–973. https://doi.org/10.1021/ja00368a049
Sedana, Ida Bagus Panji, & Dewi, Ni Made Indah Purnama. (2017). Efektivitas
Manajemen Risiko Dalam Mengendalikan Risiko Kredit Di Pt Bank Rakyat
Indonesia. E-Jurnal Manajemen Universitas Udayana, 6(8), 244607.
Sennewald, Charles. (2011). Effective Security Management (5th ed.).
https://doi.org/https://doi.org/10.1016/C2009-0-63531-5
Setiawaty, Agus. (2016). Pengaruh Mekanisme Good Corporate Governance Terhadap
Kinerja Perbankan Dengan Manajemen Risiko Sebagai Variabel Intervening.
Kinerja : Jurnal Ekonomi Dan Manajemen, 13(1), 17–24.
Silva Rampini, Gabriel Henrique, Takia, Harmi, & Berssaneti, Fernando Tobal. (2019).
Critical Success Factors of Risk Management with the Advent of ISO 31000 2018 -
Descriptive and Content Analyzes. Procedia Manufacturing, 39, 894–903.
https://doi.org/https://doi.org/10.1016/j.promfg.2020.01.400
Sinurat, Andreas Mulatua, & Siregar, Sylvia Veronica. (2019). The effect of risk
management on firm financial performance. Proceedings of the 33rd International
Business Information Management Association Conference, IBIMA 2019:
Education Excellence and Innovation Management through Vision 2020, 2(3),
9818–9827.
Susanto, Azhar, & Meiryani. (2018). The importance of risk management in an
organizations. International Journal of Scientific and Technology Research, 7(11),
103–107.
Zhang, Lin Lin, & Kim, Ha Kyun. (2020). The influence of financial service
characteristics on use intention through customer satisfaction with mobile fintech.
Journal of System and Management Sciences, 10(2), 82–94.
https://doi.org/10.33168/jsms.2020.0206
Zhu, Tiantian, Haugen, Stein, & Liu, Yiliu. (2021). Risk information in decision-making:
definitions, requirements and various functions. Journal of Loss Prevention in the
Process Industries, 72, 104572.
https://doi.org/https://doi.org/10.1016/j.jlp.2021.104572
