Operational Risk Escalation and the Theory of Planned Behaviour: An Empirical
Analysis of UK Call Centres
Cormac Bryceª*, Rob Webbᵇ, and Carly Cheeversᶜ
ª Economics and Finance Department, Centre for Risk and Insurance Studies, University of
Nottingham, United Kingdom.
̛ᵇ Department of Law, Economics, Accounting and Risk, Glasgow Caledonian University, United
Kingdom.
ᶜ School of Psychology, University College Dublin, Ireland.
Draft – Not to be quoted or used without prior approval from the authors
1
Abstract
The paper investigates operational risk reporting behaviour and policy dissemination in the
selling of financial products by a major British insurance company’s call centres. The
analysis of the predispositions of call centre employees to escalate operational risks within
their working environment will be measured using the Theory of Planned Behaviour (TPB)
(Ajzen, 1991). The empirical analysis indicates that the effects of ‘Attitude’ and ‘Perceived
Behavioural Control’ uniquely and significantly affected an employee’s intention to escalate
operational risk events. Furthermore, the education and training provided to employees has
enabled them to better report operational risk losses/events due to increased certainty of their
operational risk losses/events knowledge. This current study provides a foundation for future
research looking at the measurement of ‘people risk’ and the effectiveness of internal audit as
the current third line of defence (IOR, 2010) in supervising it.
Key Words: Operational Risk, Risk Escalation, Theory of Planned Behaviour, Internal
Audit.
2
1.0
Introduction
Fundamental changes in economic and regulatory environments, increasing globalisation and
corporate restructuring have all had a large impact on the magnitude and nature of operational
risks confronting the financial services industry (Jobst, 2007). Operational risk itself is a
relatively new concept within financial services and has been defined as ‘the risk of loss
resulting from inadequate or failed internal processes, people, and systems or from external
events’ (BCBS, 2004a). Prominent corporate crises and severe operational failures resulting
in the restructuring or collapse of the affected financial institutions (for example NatWest,
Allied Irish Bank, Societe Generale and Barings) has given rise to an increased emphasis on
operational risk and external risk reporting - not only from bank regulators but also from
auditors and rating agencies (Sundmacher, 2006; Helbok and Wagner, 2006; Dobler, 2008).
In addition, the recent financial crisis which witnessed large losses in both financial and nonfinancial companies has been partly attributed to operational risk failures.
Research has
suggested that this may be due to financial institutions failing to provide or obtain adequate
risk disclosures – which has emphasised the need for transparent disclosure of financial
information to all relevant stakeholders (KPMG, 2008; Linsley and Shrives, 2005, 2006).
As a result, the importance of operational risk and internal risk disclosure is becoming
increasingly acknowledged by regulators (KPMG, 2008). For example Basel II (and its
replacement Basel III) and the upcoming Solvency II detail the minimum capital
requirements, supervisory review and market discipline for both banks and insurances
companies respectively. In addition Basel II introduced the now well established Advanced
Management Approach (AMA) where banks became heavily reliant on Value at Risk (VaR)
techniques to measure the loss distribution and calculate regulatory capital with the result that
the industry witnessed an increase in data collection in the area of operations (Wahlstrom,
2006, Helbok and Wagner, 2006; Chernobai et al, 2011; Sundmacher, 2006, Bryce et al
3
2011). With Basel II increasing the amount of internal data collection required it is the
collection of this data that is driving both the reliability and validity of the models – which
then determines capital requirements. It is therefore imperative that the quality and capture of
the data is both accurate and a main priority for operational risk managers (Bryce et al, 2011;
Embrechts et al, 2003). However the complexity of capturing such data should not be
underestimated as the holistic nature of operational risk within financial institutions makes
the task of data capture extremely challenging – and is reliant on individuals.
It can therefore be conceived that a lack of understanding or lack of reliable data at the
business levels of institutions will result in a lack of risk escalation and mitigation.
Unfortunately for the financial services sector, the existence of a one size fits all approach to
these problems is elusive. Despite this, the IOR (2010) proposed a three lines of defence
approach which outlines realistic common guidelines for the governance of operational risk
management within financial institutions. The first line of defence involves day to day risk
management, in accordance with agreed risk policies, appetite and controls, at the operational
level. It is the execution of these policies, processes, procedures and controls as set out by the
second line of defence which the first line of defence has difficulty implementing into their
‘business as usual’ activities. This point was highlighted in a recent paper by Bryce et al
(2011) in the case of a call centre manager not being able to make any sense of the
operational risk escalation process, which in turn led to ineffective escalation of risk events to
the second line of defence. The third line of defence is internal audit - accountants have
increasingly been asked to rectify the call centre control frameworks of large financial
institutions in the wake of breaches of Financial Services Authority conduct in Payment
Protection Insurance (PPI) mis-selling (For example FSA, 2009b).
The current paper examines an important part of the second line of defence – risk escalation
within a call centre environment. The rapid development in the 1990’s of call centres as a
4
distribution vehicle for financial services has made them a vital element of a financial
institutions distribution portfolio (Glucksman, 2004, Malthora and Mukherjee, 2004). This
growth has been attributed to technological advances, along with substantial cost reductions
and efficiency savings, which have become part of an overall strategy to increase
performance (Bryce et al, 2010). However these so called efficiency savings are not without
their consequences, as call centres have borne the brunt of the blame in the mis-selling of
PPI, leading to £1.9bn in claims being paid out in 2011 alone (FSA 2012). Since 2005 there
has been an increased regulatory focus on PPI and as it continues to attract scrutiny the
relevance of retail product distribution in the financial services sector should not be
underestimated (PWC, 2007). It can therefore be conceived that a lack of understanding at the
business levels of an institution will result in a lack of potential risk escalation, mitigation,
regulatory incompliance and indeed data collection. In addition, as the call centre is a
regulated distribution vehicle for financial institutions it provides great scope for the
reporting and escalation of operational risk by staff and managers.
Drawing on the determinants of operational risk and the nature of operational risk disclosures
in international institutions respectively (Sundmacher, 2006; Chernobai et al 2011; Bryce et
al, 2011), the main aim of this paper is to investigate operational risk reporting behaviour and
policy dissemination in the selling of financial products by a Major British Insurance
Company. The paper is structured as follows. In Section 2 we discuss the importance of the
risk escalation process to the measurement and management of operational risk whilst
acknowledging the psychological constructs of decision making. Section 3 will establish the
methodology employed in this primary research. In Section 4 the results will be discussed
with Section 5 concluding the paper with limitations and areas for future research.
5
2.0
Operational Risk and the Importance of Risk Escalation
The importance of the financial services sector to the UK economy, which accounts for over
8% of GDP (TheCityUK 2012) has been highlighted by the large sums of capital that the
Government has been willing to place in ailing banks. Key to reducing the probability that
past issues will not be repeated is to ensure that institutions have increasingly robust risk
management disclosure systems. Institutions now widely acknowledge that operational risk is
strategically important and exhibits characteristics fundamentally different from those of
other risks. However, given that the term ‘operational risk’ is relatively new in financial
institutions, research in this area – while increasing – remains limited (Jobst, 2007).
Overall responsibility falls not only on regulators but on the institutions themselves.
Regulators have been aware of issues regarding external disclosure for many years and UK
authorities have endorsed all major new international regulations including the International
Financial Reporting Standards IFRS 7 (2007). Although not specific to operational risk
disclosure or banks per se, the adoption of IFRS 7 has generally been reported to have a
positive effect on the quality of external reporting for large banks (see Ernst & Young 2008;
Hodgeon and Wallace, 2008; Nelson et al, 2008; Bischof, 2009). More sector specific
regulation has also been endorsed in the UK including the Insurance sectors IFRS 4 requiring
similar disclosure as the Capital Requirements Directive (CRD), Basel II, and Solvency II
(BCBS, 2001, 2003, 2004a, 2004b, 2005a, 2005b). As a result the regulation of financial
institution external disclosures has evolved substantially to reflect this (see KPMG, 2008;
PricewaterhouseCoopers, 2008; Ernst & Young, 2008 for industry led research and Linsley
and Lawrence, 2007; Linsley and Shrives, 2005, 2006; Bischof, 2009; Helbok and Wagner,
2006 for the academic research).
6
However, the internal risk escalation and reporting systems within an institution have now
become as important as the external disclosure of risks - which underpins the robustness of
data for external disclosure. For the purposes of this study operational risk escalation can be
defined as ‘the internal process by which real or potential operational risks are reported in a
manner that complies with agreed institutional policy’. This is of particular importance in the
first line of defence where the majority of risk exists (IOR 2010). For example, Turner and
Pidgeon (1997) argue that operational risk reporting systems can in principle be designed to
capture risks as they ‘incubate‘, thus enabling a pro-active management of risks. Systems
should be designed to allow efficient risk escalation and allow for the raising of awareness of
any risks to a second line of defence - who should then be equipped with the necessary skills
and authority to manage them.
This process of risk escalation and internal reporting is fundamental to the management of
operational risk, a consequence of which is the collection of relevant internal loss data for
risk capital modelling purposes. Wahlstrom (2006) argues that without an effective and
transparent escalation process it is very difficult for operational risk managers in the second
line of defence to measure, assess, control or manage the risks within an institutions business
environment. Further adding that “operational risk is about employees’ judgements” finding
that staff competence was one of the key issues in the management of operational risk.
Kingsley et al (1998) and (Andersen, 1998) both concur with Wahlstrom believing that
people are arguably the most important resource but also the major contributor to operational
risk - the lack of management, training and/or competence causing some of the largest
operational risk losses experienced by financial institutions. Wahlstrom concludes that by
focusing on staff an institution could reduce operational risk significantly, for example
respondents in Wahlstrom’s (2006: 509) study claimed that:
“people who work in the banks might want to cover up their own mistakes i.e. not to report
certain types of operational risk.”
7
Wahlstrom’s findings provide an interesting insight into the attitude of the people who are
involved in the fundamental operational risk escalation process, and the affects that they may
have on the process should their desires not be aligned with those of risk policy. Failure in the
escalation process whether it is due to poor internal processes, systems or a lack of
determination, willingness, or ability of staff will have serious implications for financial
institutions.
As Hood et al (1982: 158) put it:
“complex systems can only function efficiently if all incentives to hide information about errors are removed so
that near misses and minor malfunctions can be fully analysed and discussed so as to head of major
malfunctions”
This mantra is one that was displayed by operational risk managers investigated by Bryce et
al (2011) as they became more proactive in their approach towards raising awareness of risk
escalation and reporting to the first lines of defence within their institution. It was believed at
the time that this raising of awareness would instil a culture of ‘disclosure’ as opposed to
‘concealment’ for the reasons outlined above. Employees are obviously key to all financial
institutions, and are considered one of the four causal factors of operational risk events
McConnell (2008). The consideration of people as an underlying cause of risk (now termed
people risk) is deeply rooted in people being the most important asset in the service oriented
business of financial institutions.
Surprisingly the subject of ‘people risk’ has received little attention and has been traditionally
overlooked in terms of research coverage from both the industry and academic research (see
Flouris and Yilzman, 2010). The current research aims to begin a discussion in this area by
examining the behaviour of call centre employees utilising the theory of planned behaviour.
As this has not been previously explored it may be particularly important in quantitative and
qualitative risk compliance and management.
8
2.1
Operational Risk Escalation and the Theory of Planned Behaviour
The theory of planned behaviour has a long history within the literature on human behaviour
and has been utilised in many varied situations - from deciding to take illegal drugs to how an
individual votes in an election (see Ajzen 1991 for an early review of the theory). It seems an
ideal starting point in order for us to begin to explain and understand risk reporting and
escalation in a call centre environment.
For example, although people’s attitudes and
behaviour are strongly related they are not directly correspondent and a variety of influences
must be considered when making predictions regarding behavioural reactions to risk
escalation (Spence and Townsend, 2006).
The Theory of Planned Behaviour (TPB) (Ajzen, 1988, 1991) is considered to be one of the
most useful and widely used conceptual frameworks in order to link attitudes and behaviour.
TPB disaggregates an individual’s intention to perform a behaviour into three factors theorising that an individual’s intention to behave in a certain way is jointly derived from the
aggregation of three components: ‘attitude’ (ATT) towards performing the behaviour; the
‘subjective norm’ (SN) which is a measure of the perceived degree of pressure from external
sources to perform the behaviour in question (Dennison and Shepherd, 1995). SN is
developed from normative beliefs – which are concerned with the probability that ‘referent’
individuals, or your line manager will approve or disapprove of performing a behaviour. As
stated by Ajzen (1991) the subjective norm is thus obtained ‘by asking respondents to rate the
extent to which ‘important others’ would approve or disapprove of their performing a given
behaviour’ such that SN relates to the employee’s perception of the opinions of others about
the escalation of the event that is the influence of others close to the employee (Bhattacherjee,
2000). Third it is postulated that an individual’s level of perceived behavioural control (PBC)
over the outcome influences intention. Essentially this means that the more an individual
‘perceives’ that they will obtain a favourable outcome then the more likely it will positively
9
influence their intention to complete the action. Ajzen (1991) brings these three concepts
together to conclude that:
‘as a general rule, the more favourable the attitude and subjective norm with respect to a behaviour, and
the greater the perceived behavioural control, the stronger should be an individual’s intention to perform
the behaviour under consideration’
TPB has not been utilised in a call centre setting – however, operational risk events and their
escalation within call centres would seem an ideal environment to utilise the TPB mainly
because: operational risk management has risen in prominence over the past decade; financial
institutions now have operational risk executives reporting to the Board; escalation and
efficient management of key risk events will help satisfy both internal and external
stakeholders. It has been argued in the recent work of Bryce et al (2011) that operational risk
managers are now pro-active in educating business line functions (call centres as first line of
defence) in the importance of risk awareness as a means by which to create an environment in
which risk events are escalated. This will affect the three motivational drivers within the TPB
model and increase the intention of an individual reporting an event. Previous research has
implemented TPB in the investigation of ‘acceptance’ and ‘adoption’ of new
technology/information processing (Liao et al, 1999; Lin, 2006; Shim et al, 2001; Lin 2010).
The importance of links between these previous studies and this current research will have
importance as it is this ‘acceptance’ and ‘adoption’ of operational risk escalation processes
that Bryce et al (2011) emphasise as best practice for risk management and regulatory
compliance moving forward.
2.2
Using the theory of planned behaviour in call centres
We now turn to the relationship of TPB and call centre behaviour of individuals in order to
develop our hypotheses.
In the case of escalating of operational risk events all three
postulates (ATT, SN, PBC) will combine as Ajzen discusses and will be shaped by the
financial institutions culture, philosophy and the managerial ability to create a trusting
10
environment in which to escalate events.
It has been argued that creating the ‘right’
environment within financial institutions should rest with the chief executive officer and the
executive board and filter down through the organisation (see Hempel and Simonsen, 1999;
Bryce et al, 2011; IOR, 2010 and Blunden and Thirlwell 2010).
All three postulates of the model will be affected by the culture and philosophy emanating
from their line managers, divisional managers and executive directors.
ATT will be
influenced by whether the individual has a positive attitude towards the rationality of
reporting a risk event – that is – do they believe that it is something that needs reporting (as
opposed to too much officialdom). The individual needs to convince themselves that it is
rational to control for the specific event and obviously this will have an element that is
internal to the individual but will be mainly reliant on the institution to ‘convince’ the
individual of the value of behaving in a certain way. Drawing on previous research the
attitudinal beliefs of ‘perceived usefulness’ was incorporated into the current study (see Davis
et al, 1989; Lin, 2010; Shiu et al, 2011). This is defined as the extent to which call centre
employees believe that the escalation of risk events will enhance their organisations overall
management of operational risk. Therefore we apply ‘Perceived Usefulness’ in the
measurement of ATT. The initial or formed ATT will then be tested along with the SN – the
expectation of the individual to receive a positive response from their line manager when
escalating a risk event.
In relation to this study the work by Bryce et al (2011) and Hain (2009) suggests that
institutions are encouraging open and honest escalation and as such we would expect SN
would be for an individual to perform the event and escalate the risk. However this is stated
with a caveat. Work by Bryce et al (2011), Moosa (2007), Power (2007) and Hain (2009)
have reported that such ‘bottom-up’ escalation structures rely on information provided by
employees which may not be forthcoming particularly if: it was their fault; if a capital charge
11
to a particular unit (namely their own) will increase due to the report; or if they feel
discrimination from others. In addition, there are external regulatory requirements which may
or may not further enforce the employee’s perception of the positive attitudes of their line
manager of reporting a risk event. A positive SN would go some way to allaying our fears
regarding these issues.
PBC represents the individual’s perception of the ease or difficulty in performing the
behaviour in question to a successful conclusion - which in this case is the escalation of an
operational risk event. Venkatesh and Brown (2001) and Pavlou and Fygenson (2006) have
indicated that the ‘ease of use’ affects the control that a participant has over a specific
behaviour. Dickinson (2001) highlights in research related to Enterprise Wide Risk
Management (EWRM) that the delegation of responsibility will empower those closest to risk
events allowing for swift rectification of incidents. Should an employee perceive obstructions
to their ability to report the event, the variable may have a major influence on intention to
escalate an event. In the case of operational risk management it is therefore important to
ensure that the process of escalation remains streamlined for ‘ease of use’ and speed of event
mitigation/rectification. However, it must be noted that Ajzen and Madden (1986) highlight
the importance of opportunities necessary for performing a behaviour when discussing PBC.
In the case of operational risk escalation the unpredictability and infrequency of operational
risk events may limit PBC’s influence on intention.
Bandura (1986) highlights the importance of ‘self-efficacy’ or in this current study the
competence of staff to escalate events as a key determinant of PBC. More recent studies have
also highlighted the importance of self-efficacy in determining behaviour and it is for this
reason that self-efficacy is considered within the PBC construct (see Eden and Aviriam,
1993; Saks and Ashforth, 2000; Ma and Liu, 2005; Chan and Lu, 2004). More recently PBC
has been further disaggregated to include a lower level construct of ‘controllability’ as well as
12
‘self-efficacy’ (Ajzen, 2002). As highlighted by Ajzen (2002) ‘controllability’ refers to the
control over the behaviour (escalation of an operational risk event) and the extent to which
escalation is in the control of the call centre employee.
Given the above discussion, our hypotheses follow the assertions of Ajzen (1991) in that:
H1:
Attitude (ATT) - positively affects intention to escalate operational risk events
H2:
Subjective Norm (SN) - positively affects intention to escalate operational risk events
H3:
Perceived Behavioural Control (PBC) - positively affects intention to escalate
operational risk events.
2.2.1 Additional factors within the study environment
As explained, our research uses the theory of planned behaviour to increase our
understanding of the variables impacting intention to escalate operation risk events in the call
centre environment. However, we include a variety of additional cognitive factors in order
to better predict variance in behavioural intentions and/or actual behaviour (see Spence and
Townsend, 2006; Ozcaglar-Toulouse et al 2006). Given the exploratory nature of this study
and the importance of the call centre environment to financial institutions we include
environmental characteristics relevant to a call centre and test whether or not they are
significant in intention to escalate operational risks (Malhotra and Mukherjee, 2004).
First, we examine the volume of calls within a call centre, and more importantly the
perceived level of volume by the call centre staff. Bryce et al (2011) believe that given call
centre staff are not risk managers that high levels of call volume will influence ATT, SN and
PBC and as a result their intentions and behaviour to escalate risk events (Bryce et al, 2011
see also Power 2005). Further, it has been reported by the FSA (2009a,b) that call centre staff
are less likely to follow organisational protocol if monetary remuneration incentivises
individuals to operate against protocols - a view that has been corroborated by the recent PPI
13
debacle in some of the largest financial institutions in the UK. As a result we also test an
additional hypothesis.
H4.
Perceived call centre volume negatively impacts intention to escalate operational risk
events.
If we consider the standardised hierarchical structure within a financial services call centre as
discussed in, amongst others Bryce et al (2011), Deery et al (2002), Taylor (1998), and
Taylor and Bain (1999) employees are made up of two categories. Call centre operatives who
deal directly with call traffic and team leaders who have management responsibility of over
these operatives This division of labour is of particular importance as it is mainly operatives
who escalate to team leaders, and team leaders who report risks from the operative level to
their embedded risk officers within the organisational structure.
H5.
Call centre team leaders are more likely to escalate operational risk than their
operatives within call centres.
It has also been recognised that there is a particular skew towards females in call centres
(Belt, 2002, Belt et al, 2000; Durbin, 2006; Mulholland, 2002). The role of gender is well
documented in the context of risk behaviour, with past research indicating that women
perceive risk to be greater than men in a given situation and select less risky alternatives
(Eckel and Grossman, 2008; Spigner, et al, 2003; Flynn, et al, 1994 Jianopokolos and
Bernasek, 1998; Powell and Ansic, 1997). This perceived gender profiling within the labour
structure of call centres may therefore be of interest should females diverge from their male
counterparts in the current study. As a result, the current study will test for gender bias
within the first line of defence - as detailed by the IOR (2010), so as to identify discrepancies
in behavioural intention.
H6.
Gender significantly affects behavioural intention to escalate operational risk events
14
A further factor that may prove significant within a call centre environment is the level of
staff ‘churn’ or turnover of staff within a centre. Malhotra and Mukherjee (2004) highlight
the effects of ‘churn’ on a companies’ ability to ensure quality of service delivered by its
staff. It is considered that call centres with large amounts of new staff within the structure
would undoubtedly lead to a dilution in policy dissemination and understanding, and more
specifically working knowledge of risk practices and protocols within an institution – thus
affecting behaviour.
H7.
Call centre employees with less than a year’s experience negatively impacts intention
to escalate operational risk events.
The paper also takes account of training and education. Obviously, the level, relevance and
quality of training will impact on the success of policy dissemination and understanding.
Institutions will partake in role specific training and education as they aim to actively
disseminate key processes and job expectations as well as values in terms of the above
mentioned culture and philosophy. The increase in staff training which is key to core
operational risks is an attempt to create a more open and aware culture and also reduce the
probability of an event occurring (Bryce et al, 2011; Power, 2005; Blunden and Thirwell,
2010). The quality of training offered to staff has been considered by Schlesinger and Heskett
(1991) in the context of the ‘cycle of failure’ within call centres. The ‘cycle of failure’ claims
that dissatisfaction amongst staff results in high staff turnover, which in turn results in poor
training and rewards by the organisation, thus resulting in poor performances by staff. The
relationship between characteristics in the labour structure and their affects on intention to
escalate operational risk is therefore tested with the following hypotheses:
H8.
Training and education positively impacts intention to escalate operational risk
events.
H9.
Training and education positively impacts attitude to escalate operational risk events.
15
3.0
Research Design and Methodology
A pilot survey methodology was constructed and validated to test the research model and
hypotheses. This survey was piloted on ten call centre staff of various positions within a call
centre which was then not considered within the final analysis. Respondents were asked to
assess logical consistencies, the format of the survey and its design in order to ensure validity
and reliability of results of the main survey. In order to measure the variables an online
survey of closed questions (see Appendix A) was considered most appropriate as it offered
call centre employees the ability to participate with minimal disruption to their daily duties 1.
The questionnaire comprised of 28 questions with a definition of operational risk provided
from Solvency II legislation prior to the survey to ensure all respondents understood the
terminology.2 All TPB and additional construct questions were measured on a seven point
likert scale (ranging from +3 strongly agree to -3 strongly disagree (recoded 1-7), see
Appendix A for more details) where appropriate. These questions were pseudo-randomly
mixed together (Poulter et al, 2008) with other items as part of a larger project investigating
people risk management within financial services. The institution under observation offered
customer services as well as insurance sales through three call centres which totalled over
£40 million in revenue for the period 2011/2012.
The survey returned 67 complete questionnaires which represents a 50% response rate for the
total population (2 call centres) which is considered high relative to other studies (Poulter et
al, 2008; Hsu and Chiu, 2004), and though small in size it is still representative of the overall
sample under investigation (Malhotra and Mukhejee, 2004). Demographic information on the
1
It should be noted that the institution under observation gave employees an extra 20 minute break in order
to complete the survey. A decision which the authors believe drastically increased the respondent rate and
therefore validity of this current research.
2
It is envisaged that this survey will be implemented across multiple institutions from different sectors of the
financial services environment; therefore it is important that terminologies remain constant throughout and
do not get replaced by idiosyncratic institutional definitions.
16
respondents is provided in Table 13 below, not surprisingly females dominated the sample
with the majority of respondents being call centre operatives, as opposed to team leaders/
managers. All participants were assured of anonymity both from the researchers but also from
their employees in order to ensure participants answered questions honestly and truthfully,
thus reducing respondent bias. Analysis was conducted via PASW version 18 with regression
analysis conducted to assess the performance of the TPB.
*(Insert Table 1 Here)*
4.0
Empirical Results and Discussion
The mean, standard deviation and Cronbach alpha for each construct are given in Table 2
below. The results show that respondents have a positive attitude towards escalating risk
events, perceive a degree of peer/social pressure, and perceive moderate difficulties in
engaging in the behaviour. Overall, intention is varied and strong. The items within each
construct display good to adequate internal reliability (Nunally and Bernstein, 1994;
Cronbach, 1970) as indicated by the Cronbach alpha values in the final column on the right.
Given these alpha values, items within each construct are averaged for each respondent and
used as variables for regression analysis.
*(Insert Table 2 Here)*
The relationship between all of the scales was examined using Pearson’s correlations prior to
the multivariate analyses. The original aspects of the Theory of Planned Behaviour model,
that is, behavioural intention, attitude, subjective norm and perceived behavioural control
were all significantly positively associated with one another (see Table 3 below). The
3
The business sensitivity and confidentiality of the financial services institution meant that the authors were
prohibited from collecting any specific demographic info that could allow for a respondent to be identified
specifically. As such the collection of demographics aside from gender focussed on job specific criteria.
17
strength of the associations ranged from very strong between perceived behavioural control
and subjective norm (r=.74) to strong between the rest of the scales.
*(Insert Table 3 Here)*
4.1
Multivariate analysis
A hierarchical multiple regression analysis4 was conducted to examine the applicability of the
original TPB model in this context (see Table 4 below). Model 1 included the three TPB
independent variables: attitude; perceived behavioural control; and subjective norm. This
model was significant F(3.63)=21.67, p<.001 and the three variables explained 48.4% of the
variance in behavioural intention (due to the small sample size, the adjusted R² will be used).
Attitude and perceived behavioural control uniquely contributed to the variance in behaviour
intention, with attitude making the largest contribution (=.490).
As a result of the
multivariate analysis H1 and H3 were supported, and the results confirmed that call centre
staff intentions towards the escalation of risk events rely upon their attitudes towards the
behaviour and the ease or difficulty required in order to enact it.
The TPB performed adequately within the current study and the acceptance of PBC as a
significant construct rejects the Theory of Reasoned Action (TRA) in this context (Ajzen and
Fishbien, 1980). The importance of call centre staffs attitudes, in this case ‘perceived
usefulness’ towards the escalation of risk events cannot be understated. The move towards
education and training of staff in non-risk management positions, with a discussion of the
importance of risk escalation as part of a larger process of risk measurement (loss data
collection and modelling) and risk management (control and mitigation) is a step in the right
direction. This empirical analysis corroborates the qualitative work of Bryce et al (2011) who
4
Examination of Tolerance, VIF and Condition Indices indicated no violations of multicollinearity or collinearity
for all elements of Table 4.
18
first highlighted this directional change from operational risk management teams.
The acceptance of H3 suggests that the existence of perceived barriers to behavioural
enactment are relevant. As PBC is constructed from various decomposed elements such as
self-efficacy, ease of use, and controllability it is therefore important that the empowerment
of staff as described by Dickinson (2001) is not considered a ‘silver bullet’ for EWRM. A
lack of understanding in the capabilities of staff at these levels could in itself be an
operational risk, or more specifically a ‘people risk’. This will be especially the case if
hierarchical structures are designed from a bottom-up perspective. As a result, participants
were asked to rate the likelihood of there being plenty of opportunities to report operational
risk losses/events in the next twelve weeks (should they arise).
Interestingly, 37% of
employees answered that it was either very likely, likely, or somewhat likely that there would
be plenty of opportunities to report risk losses/events (n=25, 37.3%), while almost one fifth
of employees stated that it was somewhat unlikely, unlikely or very unlikely (n=13, 19.4%)
with the majority of 43.3% actually answering ‘neither/nor’ (n=29). In this context it further
corroborates the requirement of a more detailed understanding of what employees consider
their risk exposures to be, how this perception fits within organisational perception, and the
barriers to understanding these exposures within their working environment.
The study rejects H2 finding that subjective norm did not make a significant positive effect
on behavioural intention. The rejection of this hypothesis may have commonalities with the
findings of Tan and Teo (2000) but are in contrast to those of Bhattacherjee (2000) who
reported significant SN results. This may be due to what Conner and Armitage (1998)
believe is failure to consider all relevant social factors. It may well be that the failure to
account for regulatory compliance in the SN construct could be relevant - particularly as 71%
19
of the sample considered regulatory compliance to be of importance to their current role
within the institution.
*(Insert Table 4 Here)*
Under closer investigation it was found that team leaders/managers scored significantly
higher on subjective norm than the members of their team, in this case operatives (t (65)=2.78, p<.01). Vallerand et al (1992) suggest that SN is less pertinent in measuring intention,
as ‘what others think’ is a more remote concept. However it is clear that the significance in
variation between call centre operatives and team leaders/managers may be due to different
pressures or reporting structures, thus requiring further investigation. This would be
particularly important if these additional pressures potentially led to an increase in the
intention to escalate operational risk events throughout call centre teams. The internal
demands of matching output objectives imposed by call centre team leaders/managers may in
this case take precedence over the requirement of risk escalation from operatives (see Deery
et al, 2002; Kinnie et al, 2000). As discussed earlier this has been brought sharply into focus
by the recent PPI mis-selling within the UK financial services5. The misalignment of
financial targets with risk management protocol, which has been found to be accentuated by
the mixed messages of team leaders and supervisors (FSA, 2009a,b) in particular cases.
4.2
Additional influences on TPB in contextual setting
The perceived level of call centre volume by the respondents was considered moderate to
high by 84% of the sample. There was no significant effect of perceived call centre volume
on intention - as a result H4 was rejected within the study. With the sample disaggregated by
job role (operative/team leader) H5 was also rejected as there was no significant positive
effect of job role in intention to escalate risk events. However, participants were asked how
5
The institution under investigation was in no way involved in the mis-selling of PPI
20
likely was it that they would choose to report operational risk losses/events in the next twelve
weeks (if they arose). Figure 1 below indicates the likelihood of reporting risk losses/events
by call centre associates and by call centre managers/team leaders. It indicates that those in
more senior positions appeared to be more likely to report these losses than the call centre
associates. Indeed, 80% of the more senior staff answered that they were likely to some
extent to report risk events (n=16), compared to just over half of the call centre associates
(n=29, 51.1%).
*(Insert Figure 1 Here)*
It must also be pointed out that gender (H6) had no significant effect on behavioural intention
or any of the other constructs of the TPB. It is therefore worthwhile in noting that although
previous research (Jianakoplos and Bernasek, 1998; Powell and Ansic, 1997; Eckel and
Grossman, 2008; Spigner, et al, 1993; Flynn, et al, 1994) has suggested divergence based on
gender, we find no support for this - thus supporting the work of Brown et al (2003) and
Schubert et al (1999). Although this may seem a minor point of discussion the ramifications
of such significance could have been particularly interesting as gender specific variations are
yet to be isolated within operational risk management. With call centres predominantly made
up of females (see Belt, 2002, Belt et al, 2000; Durbin, 2006; Mulholland, 2002), as was the
case in this current study, any such significance would require bespoke gender specific
alterations to training and employee development.
Participants were asked to rate how much they agreed with the statement ‘I am sure of my
knowledge and understanding of what operational risk losses/events are’ on a 7 point scale
from 1 “Strongly Agree” to 7 “Strongly Disagree”. Just over one quarter of employees agreed
or strongly agreed with this statement (n=18, 26.8%), while 17.9% agreed somewhat (n=12).
Over one quarter of employees disagreed to some extent with this statement (n=17),
21
indicating they were not sure of their knowledge and understanding of operational risk
losses/events. Almost one in three answered ‘neither/nor’ to this statement. A Spearman’s
Rank correlation indicated that answers on this item were strongly negatively related to
employees’ agreement with the item ‘The education and training that have been provided
enables me to better report operational risk losses/events’ (r=-.573, p<.01).
This indicates that employee’s agree that education and training incentivises individuals to
report operational risk losses/events. This may be linked with increased certainty of their
operational risk losses/events knowledge, which may require further investigation. The
results also indicate the existence of constructs not accounted for in this current study, with a
variance of 51.6% that remains unaccounted. The TPB allows the inclusion of additional
components in order to more accurately predict variance in behavioural intentions and/or
actual behaviour and a variety of cognitive factors have been examined alongside the TPB
model with this aim (Spence and Townsend, 2006; Ozcaglar-Toulouse et al 2006). One such
cognitive construct which could be open for utilisation within TPB is that of uncertainty
developed by Urbany et al (1989). This was highlighted by Bryce et al (2011) in the case of a
call centre manager not being able to make any sense of the operational risk escalation
process, and may well be an area for future research.
*(Insert Table 5 Here)*
From Table 5 above it is evident that H8 and H9 are both accepted in the current study, with
‘Education and Training’ clearly being a significantly important factor for all constructs
within the TPB. Under closer investigation and with PBC and ATT constructs disaggregated
to create a specific ‘ease of use construct’ (see Appendix A for scale) a Spearman's rank
correlation (r = .520, p<.001) highlighted a strong positive relationship between perceived
ease of use of the escalation process and the education and training being offered . As such,
22
those who consider it an easy system do tend to agree that their training has enabled them to
better report risk losses/events thus supporting the work of operational risk training
programmes at the lower levels of institutions as discussed in Section 2.2.1.
Although H5 was rejected the significance of ‘job role’ was also apparent when results were
disaggregated according to ‘ease of use’ and ‘capability of participant’. It was clear that team
leader/managers perceived the process to be easier and considered themselves to be more
able to report events should they have arisen. It may well be that the organic promotion
within the labour structure of the institution under investigation can account for some of this
significance as some team leaders originally held operative positions within the institution. In
the rejection of H7 the effects of ‘churn’ do not negatively affect intention to escalate
operational risk events in the same way as service quality (Malhotra and Mukherjee, 2004).
However, it is evident that employee retention may indeed improve the reporting of
operational risk events. A spearman's correlation was statistically significant (r=.292,
p<.05) when investigating the ‘length of time a participant has been with the institution’ and
‘the education and training that have been provided enables me to better report OR events’.
Interestingly, and not a direct area of investigation within this study the importance of
‘having a good risk management track record’ is clearly worth noting, particularly as it has
the strongest positive relationship with behavioural intention of all questions detailed within
Table 3.
5.0
Conclusions, Limitations, and Future Research
The aim of the study was to examine the cognitive predisposition of call centre employees to
escalate and report operational risk events within their working environment. We found no
significant divergences in this predisposition as modelled through the TPB across gender,
employee type, or perceived volume of calls received by call centre staff. What is evident
23
from the study is that the over reliance on employee empowerment and autonomy as a means
by which to improve transparency, and risk escalation is no guarantee of a more robust risk
framework. In fact as highlighted by Section 4.2, a failure to ensure the effective
dissemination of education and training within the call centre workforce can in itself be
deemed a precursor to the creation of ‘people risk’, one of the four root causes of operational
risk.
On the topic of creating risks by over reliance on a particular method or process, it must be
noted that this process of risk escalation is by its very existence a by-product of the
identification of risks by call centre operatives. If the loss-data collected from these
escalations goes some way to building the foundations of a robust risk model which
determines exposure to operational risk then the validity and internal reliability of these
calculations must be validated. This therefore calls into question the over reliance in
operational risk measurement in an attempt to meet pillar 1 of Basel and Solvency
compliance regulation at the expense of operational risk management within pillar 2. The
evidence from this current study suggests that organisations can no longer assume that a ‘one
size fits all’ approach to operational risk management and more specifically the management
of people as a means by which to reduce ‘people risk’ will enhance their organisation.
Take for example the assumption that once staff have received their basic introductory
training they are therefore an effective manager of risks within their own work environment.
If this was the case then why does this current study identify that over 55% of participants
were unsure in some way of their knowledge and understanding of what operational risk are.
The disconnect between what operational risk managers, accountants, and regulators consider
as best practice (through the implementation of processes, systems, and procedures) in the
second and third lines of defence and what is actually replicated at the first line of defence
24
(business levels) requires further investigation. This is of particular importance if the role of
internal audit in the third line if defence is to effectively back-test the applicability of controls
within the business environment.
In the context of the TPB it is believed that the strength and importance of attitude towards
behavioural intention in the model along with the perceived behavioural control warrants
modest acceptance of the TPB in this contextual setting. The exploratory nature of this study
and the lack of unique significance of subjective norm require further examination given the
divergences in SN between call centre operatives and team leaders.
Although the insurance company under investigation creates revenue above £40m (2011/12)
based on its call centre provision it is important to highlight that this is not the only method of
delivering financial services within financial institutions. An area of future research could
look at the multiple business lines within a financial institution using the Basel defined matrix
(Basel 2003) to ascertain if convergence or divergence in the dissemination and
implementation of operational risk policy (in this case risk escalation) exists throughout an
institution/s. With 71.7% of staff suggesting that regulatory compliance is important within
their current role the effect of different legislative acts (Basel II Vs Solvency II) may also
provide for interesting analysis particularly as the fundamental Basel II banking
methodologies are considered to be fully implemented whereas Solvency II is yet to be fully
implemented within insurance companies.
Although the benchmarking of an institution/s business lines is by no means a new
phenomenon, the measurement variables on which this benchmarking would be based
certainly are (ATT, SN, PBC, BI). This would in effect allow for the cross-pollination of
policies and procedures within particular business lines that were deemed to be most effective
in producing behavioural intention. In this current study ATT, SN, and PBC are considered as
25
homogenous in their internal construction, a larger sample with more specific questions
would allow for the decomposition of each of these explanatory constructs and the
significance of each to be determined in this current context.
The current research has also identified uncertainty and the determinants of uncertainty as an
area which requires greater investigation. Although the current model produced 48% variance
(R²adj) it must be the ambition of future studies to ascertain and provide additional
explanatory variables for inclusion within the TPB aside from those provided by ATT, SN
and PBC. This may well be one of the first exploratory studies to quantitatively identify the
existence of ‘people risk’. Given the dearth of previous research in the field one of the key
requirements in future studies would be qualitative data to corroborate statistical analysis.
This triangulation of data eluded this current study and is recognised as a limitation within its
methodology.
26
Appendix A
Gender
Institutional Role
Call Volume
Length of Service with
Institution
Length of Service in Current
Role
Intention (INT)
Attitude (ATT)
Subjective Norm (SN)
Perceived Behavioural Control
(PBC)
Training and Education
Regulatory Compliance
What is your gender? (Male, Female)
What is your role in this institution? (Call Centre Associate, Call Centre
Manager/Team leader, Operational Risk Manger)
How would you describe the volume of calls handled at your call centre
on a daily basis? (+2 Extremely High to -2 Extremely Low)
How long have you worked for this institution? (Less than 6 Months,
More than 6 months but less than a year, 1-3 Years, Over 3 but less than 5
years, Over 5 years
How long have you worked in this role? (Less than 6 Months, More than
6 months but less than a year, 1-3 Years, Over 3 but less than 5 years,
Over 5 years
I intend to report operational risk losses/events in the next twelve weeks
should they arise (+3 ‘ Strongly Agree’ to -3 ‘Strongly Disagree’)
I plan to report operational risk losses/events in the next twelve weeks
should they arise (+3 ‘ Strongly Agree’ to -3 ‘Strongly Disagree’)
I want to report operational risk losses/events in the next twelve weeks
should they arise (+3 ‘ Strongly Agree’ to -3 ‘Strongly Disagree’)
How likely is it that you will choose to report operational risk
losses/events in the next twelve weeks should they arise?
(+3 ‘Very Likely’ to -3 ‘ Very Unlikely’)
Overall, I think that reporting operational risk losses/events is...?
(+3 to -3)
Very Effective – Very Ineffective
Very Wise - Very Foolish
Very Beneficial- Very Harmful
Very Rewarding – Very Punishing
Most people i know would report operational risk losses/events (+3 ‘
Strongly Agree’ to -3 ‘Strongly Disagree’)
People that are important to me would think that i should report
operational risk losses/events (+3 ‘ Strongly Agree’ to -3 ‘Strongly
Disagree’)
People that are important o me would approve of me reporting
operational risk losses/events (+3 ‘ Strongly Agree’ to -3 ‘Strongly
Disagree’)
**If I wanted to I could easily report operational risk losses/events (+3 ‘
Strongly Agree’ to -3 ‘Strongly Disagree’)
**For me to report operational risk losses/events is easy
(+3 ‘ Strongly Agree’ to -3 ‘Strongly Disagree’)
There are likely to be plenty of opportunities for me to report operational
risk losses/events in the next twelve weeks should they arise (+3 ‘
Strongly Agree’ to -3 ‘Strongly Disagree’)
**I would be able to report operational risk losses/events should they
arise (+3 ‘ Strongly Agree’ to -3 ‘Strongly Disagree’)
I have control over my choice to report operational risk losses/events (+3
‘ Strongly Agree’ to -3 ‘Strongly Disagree’)
The education and training that have been provided enables me to better
report operational risk losses/events (+3 ‘ Strongly Agree’ to -3 ‘Strongly
Disagree’)
I would like more information in order to understand my institution's
operational risk policy (+3 ‘ Strongly Agree’ to -3 ‘Strongly Disagree’)
Having a good risk management track record is important to me (+3 ‘
Strongly Agree’ to -3 ‘Strongly Disagree’)
How important do you believe regulatory compliance to be in your
current role? (+2 ‘Important’ to -2 ‘Unimportant’)
** Denotes questions used to create the ‘Ease of Use Scale’ in Section 4.2
27
Tables and Figures
Table 1.
Demographic Characteristics of Respondents (n=67)
Demographic Characteristic
Gender
Male
Female
Table 2.
Frequency
%
30
47
45
55
Role within the Institution
Call Centre Operative
Call Centre Manger/Team leader
47
20
70
30
Length of time at the Institution
0<6 months
6 months ≥ 1 year
1 Year > 3 years
3 years ≥ 5 years
5 years +
5
8
25
10
19
8
12
37
15
28
Length of time in current role
0<6 months
6 months ≥ 1 year
1 Year > 3 years
3 years ≥ 5 years
5 years +
6
8
29
11
13
9
12
43
16
19
Descriptive Statistics and Cronbach alpha
Behavioural Intention (BI)
Attitude (ATT)
Subjective Norm (SN)
Perceived Behavioural Control (PBC)
Table 3.
No of items
Range
Scale Mean (S.D.)
Cronbach alpha
4
4
3
5
1-7
1-7
1-7
1-7
5.00 (1.70)
5.30 (0.92)
4.95 (1.24)
4.77 (1.12)
.916
.826
.900
.845
Pearson’s correlations between original TPB items and uncertainty and effort
Behavioural Intention
Attitude (ATT)
Attitude
Subjective
Norm
.66**
.50**
Perceived
Behavioural
Control
.62**
-
.68**
.64**
-
.74**
Subjective Norm (SN)
Perceived Behavioural
Control (PBC)
** Correlation significant at the P<0.01 level (2 tailed)
-
28
Table 4.
Results of Multivariate analysis
B
S.E.
B

t
p value
Part
correlation
Attitude (ATT)
0.905
0.232
0.490
3.905
0.0002***
0.35
Subjective Norm (SN)
Perceived Behavioural
Control (PBC)
-0.193
0.197
-0.142
-.981
0.331
-0.09
0.626
0.207
0.414
3.027
0.004**
0.27
Model
R²
R²adj
.508
.484
*** p<.001, **p<.01. *p<.05
Table 5.
Spearman’s Rho Correlations within the TPB
Behavioural intention
Attitude
The education and
training that have
been provided
enables me to
better report
operational risk
losses/events
.40**
.39**
I would like more
information in order
to understand my
institution's
operational risk
policy
Having a good
risk management
track record is
important to me
How important do
you believe
regulatory
compliance to be in
your current role?
.38**
.65**
.38**
.37**
.70**
.32*
.62**
.32*
.70**
.39**
Subjective Norm
.59**
.17
Perceived Behavioural
.50**
.37**
Control
**
Correlation is significant at the p<0.01 level (2 tailed)
*
Correlation is significant at the p<0.05 level (2 tailed)
Figure 1.
Likelihood of reporting Operational risk Losses/events
29
References
Ajzen, I., and Fishbein, M. (1980) Understanding Attitudes and Predicting Social Behavior.
New Jersey: Prentice Hall.
Ajzen, I. (1988) Attitudes, Personality and Behaviour, Chicago: Illinois Press.
Ajzen, I. (1991) The Theory of Planned Behaviour. Organizational Behaviour and Human
Decision Processes, 50, 179-211.
Ajzen, I., and Madden, T.J. (1986) Prediction of goal-directed behaviour: attitude, intention
and perceived behavioural control, Journal of Experimental Social Psychology, Vol 22, pp
453-474.
Ajzen, I. (2002) Perceived behavioural control, self-efficacy, locus of control, and the theory
of planned behaviour. Journal of Applied Social Psychology, Vol 32 (4), pp 665-683.
Andersen, A. (1998) Operational risk and financial institutions, London: Risk Books.
Bandura, A. (1986) Social Foundations of Thought and Action: A Social Cognitive Theory,
New Jersey: Prentice Hall.
Basel Committee on Banking Supervision (2001) Pillar 3 (Market Discipline) supporting
document to the new Basel Capital Accord, BIS.
Basel Committee on Banking Supervision (2003) Sound Practices for the Supervision and
Management of Operational Risk, Bank for International Settlements, February.
Basel Committee on Banking Supervision (2004a), Financial Disclosure in the Banking,
Insurance and Securities Sectors: Issues and Analysis, The Joint Forum, Bank for
International Settlements, May.
Basel Committee on Banking Supervision (2004b) International Convergence of Capital
Measurement and Capital Standards: A Revised Framework, Bank for International
Settlements, June.
Basel Committee on Banking Supervision (2005a) International Convergence of Capital
Measurement and Capital Standards – A Revised Framework, Bank for International
Settlements, November.
Basel Committee on Banking Supervision (2005b) Enhancing Corporate Governance for
Banking Organisations, Consultative Document, Bank for International Settlements,
Belt, V. (2002) A female ghetto? Women's careers in call centres. Human Resource
Management Journal, Vol 12 (4), pp 51-66.
Belt, V., Richardson, R., Webster, J. (2000) Women's work in the information economy: the
case of telephone call centres. Information, Communication and Society, Vol 3 (3), pp 366–
385.
30
Bhattacherjee, A. (2000) Acceptance of Internet Applications Services: The case of electronic
brokerages. IEEE Transactions on Systems, Man, and Cybernetics – Part A. Systems and
Humans, Vol 30 (4), pp 411–420.
Bischof, J (2009) The Effects of IFRS 7 Adoption on Bank Disclosure in Europe, Accounting
in Europe, Vol 6 (2), pp 167-194.
Blunden, T., and Thirwell, J. (2010) Mastering Operational Risk, London: Prentice Hall.
Brown Kruse, J., and Thompson, M.A. (2003) Valuing low probability risk: survey and
experimental evidence, Journal of Economic Behaviour and Organisation, Vol 50 (4), pp
495-505.
Bryce, C., Webb, R., Adams, J. (2011) Internal Loss Data Collection Implementation:
Evidence from a Major UK Financial Institutions, Journal of Risk Research, August, pp 1-16.
Bryce, C., Webb, R., Watson, D. (2010) The Effect of Building Society Demutualisation on
Levels of Relative Efficiency at Large UK Commercial Banks. Journal of Financial
Regulation and Compliance. Vol 18 (4), pp.333 – 355.
Chan, S.C., and Lu, M.T. (2004) Understanding Internet Banking Adoption and Use
Behavior: A Hong Kong perspective. Journal of Global Information Management, Vol 12
(3), pp 21–43.
Chernobai, A., Jorion, P., Yu, F. (2011) The Determinants of Operational Risk in U.S.
Financial Institutions. Journal of Financial and Quantitative Analysis, Vol 46 (6), pp 16831725.
Conner, M., and Armitage, C. J. (1998) Extending the theory of planned behavior: A review
and avenues for further research. Journal of Applied Social Psychology, Vol 28 (15), 1429–
1464.
Cronbach, L. J. (1970) Essentials of psychological testing (3rd ed.). New York: Harper &
Row
Davis, F.G., Bagozzi, R.P., Warchaw, P.R. (1989) User Acceptance of Computer
Technology: A comparison of two theoretical models. Management Science, Vol 35 (8), pp
982-1003.
Deery, S.; Iverson, R.; Walsh, J. (2002) Work relationships in telephone call centres:
understanding emotional exhaustion and employee withdrawal. Journal of Management
Studies, Vol 39 (4), pp 471-496.
Deery, S. and Kinnie, N. (2002) Call Centres and Beyond: a thematic evaluation. Human
Resource Management Journal, Vol 12 (4), pp 3-13
Dennison, C. M., and Shepherd, R. (1995) Adolescent food choice: an application of the
Theory of Planned Behaviour. Journal of Human Nutrition and Dietetics, Vol 8 (1), 9-23.
31
Dickinson, G. (2001) Enterprise risk management: its origins and conceptual foundation. The
Geneva Papers on Risk and Insurance, Vol 26 (3), pp 360-366
Dobler, M. (2008) Incentives for risk reporting – A discretionary disclosure and cheap talk
approach. The International Journal of Accounting, Vol 43 (2), pp 184-206.
Durbin, S. (2006) Gender, skills and careers in UK call centres. In Burgess, J. and Connell, J.
(eds), Developments in the Call Centre Industry: Analysis, Changes and Challenges. London:
Routledge.
Eckel, C., and Grossman, P.J. (2008) Forecasting risk attitudes: An experimental study using
actual and forecast gamble choices. Journal of Economic Behaviour and Organisation, Vol
68 (1), pp 1-17.
Eden, D., and Aviram, A. (1993) Self-Efficacy Training to Speed Reemployment: Helping
People to Help Themselves, Journal of Applied Psychology, Vol 78 (3), pp 352-360.
Embrechts, P., Furrer, H., Kaufman, R. (2003) Quantifying Regulatory Capital for
Operational Risk. Derivatives Use, Trading and Regulation, Vol 9 (3), pp 217-234.
Ernst and Young. (2008) IFRS 7 in the banking industry (retrieved July 31, 2011 from
http://www.ey.nl/?pag=808&publicatie_id=3155)
Flouris, T., and Yilmaz, A.K. (2010) The Risk Management Framework to Strategic Human
Resource Management, International Research Journal of Financial Economics, Vol 36, pp
25-45.
Flynn, J., Slovic, P., Mertz, C. (1994) Gender, Race, and Perception of Environmental Health
Risks, Risk Analysis, Vol 14 (6), pp 1101-1108.
FSA (2009a) Final Notice – Alliance and Leicester PLC, Financial Services Authority,
London: FSA.
FSA (2009b) Final Notice –Liverpool Victoria Banking Services Limited, Financial Services
Authority, London: FSA.
FSA (2012) Financial Services Authority Annual Report 2011/2012, London: FSA.
Glucksmann, M. (2004) Call configurations: varieties of call centre and divisions of labour.
Work, Employment and Society, Vol 18 (4), 795-811.
Hain, S. (2009) Managing operational risk: creating incentives for reporting and disclosing.
Journal of Risk Management in Financial Institutions, Vol 2 (3), pp 284–300.
Helbok, G., and Wagner, C. (2006) Determinants of operational risk reporting in the banking
industry. Journal of Risk, Vol 9 (1), pp 49-74.
Hempel, G.H., and Simonsen, D.G. (1998) Bank Management: Text and Cases, 5th Edition,
New York: Wiley.
32
Hodgeon, E., and Wallace, P. (2008) Accounting for Change: Transparency in the Midst of
Turmoil. London: PwC International.
Hood, C., Jones, D., Pidgeon, N., Turner, B., Gibson, R. (1992) Risk Management, in The
Royal Society Risk: Analysis, Perception and Management, pp 135-201. London: The Royal
Society
Hsu, M. H., & Chiu, C.M. (2004). Internet self-efficacy and electronic service acceptance.
Decision Support Systems, Vol 38 (3), 369-381.
IOR (2010) Operational Risk Governance Sound Practice Guidance, Institute of Operational
Risk, September 2010.
Jianakoplos, N.A., and Bernasek, A. (1998) Are women more risk averse?, Economic
Inquiry, Vol 36 (4), pp 620–630.
Jobst, A. A. (2007). It’s all in the data - consistent operational risk measurement and
regulation. Journal of Financial Regulation and Compliance, Vol 15 (4), pp 423-449.
Kingsley, S., Rolland, A., Tinney, A., Holmes, P. (1998) Operational Risk and Financial
Institutions: Getting Started. Pp. 3–28 in Operational Risk and Financial Institutions.
London: Risk Books.
Kinnie, N., Hutchinson, S., Purcell, J (2000) Fun and surveillance: The paradox of high
commitment management in call centres. International Journal of Human Resources
Management, Vol 11 (5), pp 967-985.
KPMG, (2008) Financial Institution Risk Disclosure Best Practice Survey 2008: Costefficient ways to improve transparency exist, KPMG Finland (retrieved from
http://kpmg.fi/Binary.aspx?Section=1667&Item=4834 on August 1 2011)
Liao, S., Zhao, Y.P., Wang, H., Chen, A. (1999) The Adoption of Virtual Banking: An
empirical study. International Journal of Information Management, Vol 19 (1), pp 63-74.
Lin, H.F. (2006) Understanding Behavioural Intention to Participate in Virtual Communities:
An empirical study. Cyberpsychology and Behaviour, Vol 9 (5), pp 540-547.
Lin, H.F. (2010) Applicability of the Extended Theory of Planned Behaviour in Predicting
Job Seeker Intentions to Use Job-Search Websites. International Journal of Selection and
Assessment, Vol 18 (1), pp 64-74.
Linsley, P.M., and Lawrence, M.J. (2007) Risk reporting by the largest UK companies:
readability and lack of obfuscation. Accounting, Auditing and Accountability Journal, Vol 20
(4), pp 620-627.
Linsley, P.M., and Shrives, P.J. (2005) Transparency and the disclosure of risk information in
the banking sector. Journal of Financial Regulation and Compliance, Vol 13 (3), pp 205-214.
Linsley, P.M., and P.J. Shrives. (2006) Risk reporting: A study of risk disclosures in the
annual reports of UK companies, The British Accounting Review, Vol 38, pp 387-404.
33
Ma, Q., and Liu, L. (2005) The Role of Internet Self-Efficacy in the Acceptance of WebBased Electronic Medical Records. Journal of Organizational and End User Computing, Vol
17 (1), pp 38–57.
Malhotra, N., and Mukherjee, A. (2004) The relative influence of organisational commitment
and job satisfaction on service quality of customer-contact employees in banking call centres.
Journal of Services Marketing, Vol 18 (3), pp 162-174.
McConnell, P. (2008) People risk: Where are the boundaries?, Journal of Risk Management
in Financial Institutions, Vol. 1 (4), pp 370–381.
Moosa, A. (2007) Operational Risk: A Survey, Financial Markets, Institutions and
Instruments, Vol 16 (4), pp 167-200.
Mulholland, K. (2002). Gender, emotional labour and teamworking in a call centre.
Personnel Review, Vol 31, pp 283–303.
Nelson, B., Wohlmannstetter, G., Ferron-Jolys, M.C., Labuschagne, R. (2008) Focus on
Transparency – Trends in the Presentation of Financial Statements and Disclosure of
Information by European Banks, London: KPMG International.
Nunnally, J.C. and Bernstein, I.H. (1994) Psychometric Theory, (3rd edn), New York:
McGraw Hill.
Ozcaglar-Toulouse, N., Shiu, E., Shaw, D. (2006) In search of fair trade: ethical consumer
decision making in France. International Journal of Consumer Studies, Vol 30 (5), pp 502514.
Pavlou, P.A., and Fygenson, M. (2006) Understanding and Predicting Electronic Commerce
Adoption: An extension of the theory of planned behaviour. MIS Quarterly, Vol 301 (1), pp
115-143.
Poulter, D. R., Chapman, P., Bibby, P. A., Clarke, D. D., Crundall, D. (2008). An application
of the theory of planned behaviour to truck driving behaviour and compliance with
regulations. Accident Analysis & Prevention, Vol 40 (6), pp 2058-2064.
Powell, M., and Ansic, D., (1997) Gender differences in risk behaviour in financial decisionmaking: an experimental analysis. Journal of Economic Psychology, Vol 18, 605–628.
Power, M. (2005) The Invention of Operational Risk. Review of International Political
Economy, Vol. 12 (4), pp 577-599.
Power, M. (2007) Organised Uncertainty: Designing a World of Risk Management, London:
Oxford University Press.
PricewaterhouseCoopers. (2008) Accounting for change: transparency in the midst of
turmoil. A survey of banks’ 2007 annual reports, London: PWC
PWC (2007) UK Retail Banking Insights, PriceWaterhouseCoopers, March 2007, London:
PWC.
Spence, A., and Townsend, E. (2006). Examining consumer behaviour towards genetically
modified (GM) food in Britain. Risk Analysis, Vol 26 (3), pp 657-670.
34
Saks, A.M., and Ashforth, B.E. (2000) Change in Job Search Behaviors and Employment
Outcomes. Journal of Vocational Behavior, Vol 56 (2), pp 277–287.
Schlesinger, L., and Heskett, J. (1991) Breaking the cycle of failure in services. Sloan
Management Review, Vol. 32 Spring, pp 17-28.
Schubert, R., Brown, M., Gysler, M., Brachinger, H.W. (1999) Financial Decision Making
are Women Really More Adverse?, American Economic Review, Vol 89 (2), pp 381-385.
Shim, S., Eastlick, M.A., Lotz, S.L., Warrington, P. (2001). Journal of Retailing, Vol 77 (3),
pp 397-416.
Shiu, E., Walsh, G., Hassan, L., Shaw, D. (2011) Consumer Uncertainty Revisited.
Psychology and Marketing, Vol 28 (6), pp 584-607.
Spigner, C., Hawkins, W., Loren, W., (1993) Gender differences in perception of risk
associated with alcohol and drug use among college students. Women and Health, Vol 20 (1),
pp 87–97.
Sundmacher, M. (2006) Consistency of risk reporting in financial services firms. Working
Paper, University of Western Sydney.
Tan, M., and Teo, T.S.H. (2000) Factors influencing the adoption of Internet banking.
Journal of the Association for Information Systems, Vol 1 (5), pp 1-42.
Taylor, P., and Bain, P. (1999) An “assembly line in the head”: the call centre labour process,
Industrial Relations Journal, Vol 30 (2), pp 101-117.
Taylor, S. (1998) Emotional labour and the new workplace, in Workplace of the Future.
P.Thompson and C.Warhurst (eds). London:Macmillan.
TheCityUK (2012) Key Facts About UK Financial and Professional Services, April 2012,
London: TheCityUK
Turner, B,. and Pidgeon, N. (1997) Man Made Decisions, 2nd Edition, London: Butterworth
Heinneman.
Urbany, J. E., Dickson, P. R., and Wilkie W.L. (1989) Buyer Uncertainty and Information
Search. Journal of Consumer Research, Vol 16 (September), pp 208-215.
Vallerand, R.J., Pelletier, L.G., Blais, M.R, Brière, N.M., Senécal, C., Vallières, E.F. (1992).
The academic motivation scale: a measure of intrinsic, extrinsic, and motivation in education.
Educational and Psychological Measurement, Vol 52 (4), pp 1003-1017.
Venkatesh, V., and Brown, S.A. (2001) A Longitudinal Investigation of Personal Computers
in Homes. MIS Quarterly, Vol 25 (1), pp 71-102.
Wahlstrom, G. (2006) Worrying about accepting new measurements: the case of Swedish
bankers and operational risk, Critical Perspectives on Accounting, Vol 17 (4), pp 493-522.
35