INTRODUCTION

Lately, various studies related to gender diversity have emerged. In this regard, Larraz et al. (2019), after analyzing a group of Spanish companies, discovered that there were inequalities between men and women beyond the salary gap. Likewise, when studying the financial system, García-Meca et al. (2014) point out that the incorporation of women on the board of directors improves business governance, supporting the idea of establishing gender quotas.

In this sense, the composition of corporate governance is fundamentally directed at the strategic decision-making of companies (Bektur & Arzova, 2020). This is where diversity, risk management, and control come together since, according to Tran et al. (2020), entities with greater participation of women in management positions tend to show more risk-averse behavior.

Furthermore, Kamalnath (2018) mentions that it is possible to put aside “groupthink” on boards of directors only when female directors are considered outside and independent of the administrative governance of the entity, as well as diversity of race, education, and others, They can bring similar benefits.

In this regard, this study aims to analyze the impact of board diversity on the adoption of risk management and control practices of Chilean companies that are listed on the stock exchange and issue publicly offered securities during the period 2015-2019. describing the most critical risk management practices used in Chile and the world, the levels of diversity in Chilean and global boards, and determining the impact of board diversity on adopting risk management and control practices.

DEVELOPMENT

According to Tresierra et al. (2016), the composition of an entity's board of directors has become critical because gender diversity has been gaining ground within corporate governments (Mendoza et al., 2018). For this reason, interest has been generated in studying risk-taking differences between female and male leaders (Hurley & Choudhary, 2020). In addition, the bankruptcy of some companies at the beginning of the year 2000 and the financial crisis that occurred at the end of the last decade are added, promoting the need to strengthen risk management standards (Muhammad et al., 2020).

Board composition as a risk management mechanism

The concept of diversity has taken different tones regarding the scope of its effects, especially when it ventures into the participation of the female gender, where, according to Ionescu et al. (2018), it consists of a requirement when making decisions to achieve financial performance sustainability.

The purpose of a board is to create a harmonious environment. In this space, trust, transparency, and accountability abound to cooperate with the entity regarding its long-term investments, financial stability, and integrity of its businesses (Organization for the Economic Cooperation and Development, 2016). Likewise, Wang et al. (2015) mention that good corporate governance helps reduce risk and increase the value of a company.

Furthermore, the places with the highest rates of female representation on boards are Europe at 22,6%, Oceania at 20,8%, and Africa at 18,8%, followed by North America at 14,5%, Asia at 7,8% and Latin America at 7,2%, where, according to the information provided by Grant Thornton (2019), during 2019 there was an increase of 5% compared to 2018 in terms of women occupying executive positions around the world.

Likewise, according to a report from the World Economic Forum (2020), Iceland remains the country with the best levels of gender equality, managing to close the gap by 88%. The United States, for its part, has made efforts to include constitutional amendments, laws, and executive orders, such as the Employment Discrimination Act of 1967, which prohibits discrimination against individuals aged 40 years or older (Noe et al., 2013).

Indeed, various studies have explored the benefits that diversity on boards brings. For example, Tran et al. (2020) explain that when gender equality is promoted on the board of directors, women show a tendency to be more disciplined and democratic, as well as to increase the distribution of information, collective intelligence, and participation in committee meetings (Nadeem et al., 2019).

Similarly, Arnaboldi et al. (2020), through the study of European financial institutions, demonstrate that cultural diversity is a factor to be taken into account when measuring the impact on performance because diversity on the board of directors helps reduce the risk in companies that are more open to receiving people of different nationalities.

On the other hand, Arenas et al. (2020), when studying 585 Chilean entities between the years 2015-2017, found that age has a considerable impact in some cases, a situation opposite to gender and nationality diversity, which do not represent a more significant impact on the functioning of the board. Furthermore, Bruna et al. (2019) explain that no evidence corroborates the relationship between risk-taking and women on boards.

On the other hand, Nadeem et al. (2019) explain that the existence of women on the board of directors can reduce the risk of a company, not because they are risk-averse, but because they tend to manage risk through group dynamics in directories better.

The leading international standards for risk management and control

Brito (2018) states that risk management is a relatively modern trend. Risk is the probability that an event will occur, and this will negatively affect the fulfillment of the objectives established by an organization (Committee of Sponsoring Organizations of the Treadway, 2013). Risk management, for its part, corresponds to all those activities that coordinate to direct and control those risks that organizations face (International Organization for Standardization, 2018).

Regarding risk management, the Committee of Sponsoring Organizations of the Treadway (COSO) has an Integrated Enterprise Risk Management Framework whose main contribution is integrating risk management with strategy formulation, corporate governance, and culture organization (Prewett & Terry, 2018).

In addition, this organization has an Integrated Internal Control Framework, which divides it into five components: control activities, risk management, and evaluation (Hume, 2012). Thus, it is established that risk assessment is a process carried out to identify and evaluate those risks that may undermine the achievement of objectives. About control activities, firms should have policies and procedures to implement the guidelines established by senior management and mitigate risks (COSO, 2013).

On the other hand, the Control Objectives for Information and Related Technologies (COBIT) correspond to a framework for the governance and management of information technologies (Information Systems Audit and Control Association, 2018), which includes all areas involved with information technologies, also taking into account that the interested parties can be both inside and outside the organization (Velásquez et al., 2015).

ISO 31000:2018 corresponds to a standard for risk management that provides guidelines to identify and mitigate risks that affect the fulfillment of objectives, with a final goal that risk management is internalized throughout the organization (ISO, 2018).

From an international perspective, risk management has significantly risen as a component of Internal Control, led by COSO with its Integrated Internal Control Framework (Cedeño & Morell, 2018). However, each entity operates in different scenarios. Therefore, it is necessary to understand its environment to determine in which context risk management will be applied (Lizarzaburu et al., 2019).

The use of the COSO model has positively impacted the firms that implement it. In China, Kam et al. (2020) suggest that the control activities component contributes more to innovation than risk assessment. In the United Kingdom, a study found that good risk management is positively related to better performance, and results are maximized when a committee on the board is dedicated to risk (Muhammad et al., 2020).

As indicated by Silva et al. (2020), COBIT is a good and bad example of IT governance, alluding to the fact that the framework is not wrong but needs some adaptations. As for COSO in its enterprise risk management version, it can improve firms' internal control (Udeh, 2020). Prewett and Terry (2018) refer to the framework lacking explanatory guides. ISO 31000, for its part, is classified as a disappointing standard due to aspects such as lack of clarity or because it can lead to making illogical decisions (Leitch, 2010).

Chilean regulation regarding board diversity and risk management

In Chile, the first regulation regarding Corporate Governance was General Standard (NCG) No. 341, issued by the Commission for the Financial Market (CMF) (Godoy et al., 2018), a standard that was replaced in 2015 by NCG No. 385 (Moraga & Ropero, 2018). NCG N°385, within the section on Social Responsibility, Sustainable Development or equivalent function, requires reporting the effect of the policies implemented on the dissemination of diversity within the organization (SVS, 2015a), as well as NCG N°386, which requires reporting on the composition of the board in matters of gender diversity, nationality, age, seniority, and salary gap (SVS, 2015b).

At the same time, the 5th “Impulsa” study carried out by PwC et al. (2020) exposes the lack of gender diversity among the boards of directors of Chilean companies since, of the 728 director positions in the 100 companies in the study, only 10% of the management positions are occupied by women.

Regarding the legal field, article 1 of the Political Constitution of the Republic of Chile was modified by establishing legal equality between the female and male gender, replacing “men” with “people” and formalizing that both men and women are equal before the law (Government of Chile, 1999).

Furthermore, Law 19.759 explicitly points out exclusion based on race, sex, and age, among others, as acts of discrimination contrary to the law (Government of Chile, 2001). For its part, Law 20.348 introduced the concept of equal remuneration into the legal system, modifying the Labor Code to indicate that men and women who perform the same job must receive equal remuneration (Government of Chile, 2009a).

In 2009, Law 20,393 established in its fourth article that legal entities must have a crime prevention model (Government of Chile, 2009b). Thus, existing risk management models can be a minimum floor for the crime prevention required by law (Artaza, 2013).

On the other hand, regarding the degree of compliance with NCG No. 385 in open corporations, 33% of companies still need to implement risk management practices, 81% of companies do not meet quarterly with the unit of risk management, and 61% do not apply international standards such as COSO or COBIT (PwC and Universidad de los Andes, 2016).

Finally, considering NCG No. 385 of 2015 is more demanding than NCG No. 341 of 2012, there needs to be a higher level of adoption of practices related to a good board of directors by Chilean companies listed on the stock exchange. (Moraga and Rossi, 2019). For this reason, Arenas et al. (2021) suggest that the regulator consider making the application of NCG No. 385 mandatory.

Formulation of Hypotheses

In order to meet the objective of this research and, under the assumption that board diversity influences risk management and control, the following hypotheses are established:

H1: Board diversity positively and significantly impacts the adoption of risk management and control practices.

H2: The diversity of the board of directors has a positive and significant impact on formalizing a risk management and control process.

H3: Board diversity has a positive and significant impact on staff protection.

H4: Board diversity positively and significantly impacts the diversification of job opportunities.

H5: Board diversity positively and significantly impacts the formalization of salary policies.

Methodology

The research was of the descriptive-correlational type. Descriptive, since it seeks to know the characteristics and properties of the group subjected to analysis (Hernández et al., 2014). Correlational because it seeks to find associations between variables without necessarily having a causal relationship between them (Bernal, 2010).

Furthermore, the research corresponds to the non-experimental type since the study variables are not manipulated. However, only their behavior is observed within its context, where the approach to be applied is longitudinal because data that covers different areas will be compiled. periods of time (Hernández et al, 2014).

The data are extracted from secondary sources, specifically the Data Bank (Bernal, 2010) available on the CMF website, to which companies listed on the stock exchange and under its supervision must report the application of NCG No. 385 as of December 31 of each year.

On the other hand, the level of adoption of the 22 practices related to Risk Management and Control of NCG No. 385 has been considered the dependent variable, and different types of diversities are independent variables. Regarding the control variables, the sector of activity to which the companies belong is considered according to the activity code reported to the Internal Revenue Service (SII), and their size is measured according to the level of sales reported in their financial statements.

Finally, the regression models proposed are based on the degree of adoption of the risk control and management category (G° Adopt Cat. CGR), as well as each of the principles 3a Risk Control and Management Process (G ° Adoption 3a PCGR), 3b Personnel Protection (Adopt. G° 3b PP), 3c Labor Opportunities (Adopt. G° 3c OL) and 3d Salary Policies (Adopted. G° PS) considered in this category.

H1: G° Adopt. Cat. CGR_xi (*) = ß₀ + ß₁ Gender Diversity_it + ß₂ Nationality Diversity_it + ß₃ Age Diversity_it + ß₄ Industrial sector_it + ß₅ Size of the company_it + €_it

Dependent variable replaced by:

H2: G° Adopt. 3a PCGR_xi

H3: G° Adopt. 3b PP_xi

H4: G° Adopt. 3c OL_xi

H5: G° Adopt. 3d PS_xi

For H2, H3, H4, and H5, only the dependent variable changes, maintaining the model in the definition of independent variables as well as in the definition of the control variables.

Results

The population studied corresponds to a total of 236 open and closed corporations that reported to the CMF about the adoption of corporate governance and social responsibility practices regarding compliance with NCG N°385 and N°386 during the 2015-2019 period.

On the other hand, regarding the economic sector, table 2 shows that 6,36% of the entities correspond to the primary sector, 34,32% to the secondary sector, and 59,32% to the tertiary sector, which were classified into each subsector according to the line of economic activities that comprise them.

Table 3 shows the classification of entities according to their size, where the selection parameter corresponds to annual sales in UF, with 12,71% microenterprises, 5,51% small companies, 4,24% medium-sized companies, and 77,54% classified as large companies.

Descriptive Statistics

Table 4 shows the degree of adoption of NCG No. 385 in category 3; adherence corresponds to 41,19% during 2015-2019, where there was a degree of adoption of 37,24%, 39, 84%, 41,67%, 43,10%, and 44,43% for the years 2015, 2016, 2017, 2018, and 2019, respectively, demonstrating a gradual increase in the acceptance of the principles of category 3. The degree of total adoption by principles a), b), c), and d) correspond to 48,54%, 62,69%, 29,07%, and 18,31%, respectively, showing a high percentage of incorporation of the practices of principle b) and low percentage of principle c).

As for table 5, it shows that, in relation to the female presence on the boards of directors, the proportion of women amounts to 7,44%, which is quite far from the presence of men, with an average proportion of 92,56%. Regarding nationality, the presence of Chileans on the board amounts to an average proportion of 88,75% versus 11,25% of foreigners. Regarding the age range, those who are between 51 and 60 years old and between 61 and 70 years old predominate, equivalent to 29,43% and 30,78% respectively.

Regression analysis

In this section, the results obtained from the regressions between the independent variables of gender, nationality, and age are explained, with the dependent variable adopting control and risk management practices, using the industrial sector and the company's size as control variables. Firstly, it is observed that not all the coefficients obtained shown in Table 6 have statistical significance, nor are both control variables significant for all models.

Likewise, the results presented in Table 6 reflect that gender diversity has a positive and significant impact at a level of ρ≤0,05 in models 1, 2, 4, and 5. It is observed that nationality has a positive and significant impact in models 1, 2, 3, 4, and 5 at a level of ρ≤0,05. Regarding the age variable, it is observed that the proportion <30 has a negative impact at a significance level of ρ≤0,01 in models 1, 2, and 3; the proportion between 41-50 has a negative and significant impact at a level of ρ≤0,05 for model 2. Finally, the proportion >70 has a positive and significant incidence at the level of ρ≤0,05 for model 4. Continuing with the control variables, the size of the companies presents a ρ≤0,05, so it is considered statistically significant for all models. The economic sector, on the other hand, presents statistical significance at a level of ρ≤0,05 in models 3 and 5 for secondary activities, while a ρ≤0,01 is observed for primary activities in model 4.

As an indicator of the reliability of the models, the adjusted coefficient of determination for models 1, 2, 3, 4, and 5 corresponds to 25,80%, 18,00%, 34,00%, 12,30%, and 11,70%, respectively, demonstrating that the independent variables are explained by the diversity of gender, age, and nationality in these percentages. Likewise, the ANOVA test for models 1, 2, 3, 4, and 5 yields a significance level of 0,00 ≤ 0,05; therefore, the regressions obtained have statistical significance.

Discussion of results

Based on the information obtained from the analysis of the data, it is shown that there is a degree of adoption of the practices set out in category 3 of NCG No. 385 of 41,19% for the period 2015-2019, being in a range of medium adoption, a situation similar to that presented by Arenas et al. (2019) where the degree of adoption of the category is 34,7%, 40,0% and 42,1% for the years 2015, 2016 and 2017 respectively. Although there has been an increase in the integration of standard practices, the growth has yet to be significant, demonstrating that there is still work to do regarding adopting risk management and control practices.

About the diversity of the board, of an average of 7,66 members, 7,44% are women, 11,25% are foreigners, 6,82% are between 30 and 40 years old, 30,78% are between 61 and 70 years old, and 17,24% are over 70 years old. This situation contrasts with some countries such as Norway, where, in 2015, 46,70% of its board of directors already had women (Saona et al., 2019). However, the Chilean case is somewhat similar to the Brazilian case, where great diversity is not observed in age, gender, and nationality (Koitiro & Toshiro, 2018).

For their part, the regressions carried out reflect that gender, nationality, and age diversity explain only a part of the adoption of risk control and management practices, according to the coefficient of determination obtained, which is relatively low, with variables that have influence and that are not contemplated in this study. Thus, the results are similar to those presented by Bruna et al. (2019), who indicate that the presence of women on the board of directors does not influence the levels of risk adoption, at least in a group of French companies. However, Tran et al. (2020) points out that there is a relationship between gender diversity and companies' risk management.

Regarding the coefficients obtained individually, their levels of statistical significance indicate that the variables studied have an impact on the adoption of risk control and management practices, except gender diversity in section d) of category 3 of NCG No. 385 and specific age ranges, results that can be supported by the research of Arnaboldi et al (2020), who point out that cultural diversity on the board of directors tends to reduce the risk in those entities that have a greater willingness to receive members of other nationalities.

CONCLUSIONS

The results of this research contribute to achieving the proposed objectives and answering the proposed hypotheses. Similarly, the degree of risk control and management practices adoption for 2015-2019 is medium. However, a promising outlook is observed regarding the integration of these practices. Furthermore, a tendency towards homogeneity is observed on the board due to the high presence of male Chilean members aged between 51 and 70.

Regarding the regressions, their results lead to partially accepting H1, H2, H4, and H5 because it is observed that the gender and nationality variables, as coefficients within the models, have a positive and significant impact. However, their determination coefficients are low, so the variables have little influence on adopting risk control and management practices. For its part, for H3, there is a significant and positive impact only in the proportion of foreigners on the axis. No positive and significant incidences are generated in any of the axes for age diversity, rejecting H1, H2, H3, H4, and H5 for the type of age diversity.

In this context, this research contributes to the academic literature because the heterogeneity of possible results is corroborated when analyzing the impact of Board diversity on the adoption of different corporate governance practices. Even more, the low degree of diversity on the Boards and its low impact on adopting risk management and control practices confirms the need to establish critical masses on the Boards, either through the Quota Law or the adoption standards.

Finally, thanks to the research carried out, adherence to NCG No. 385 occurred slowly, mainly because the standard does not stipulate in its content the obligation to adopt its practices by entities' securities issuers, nor does it influence boards of directors to open the doors to diversity, therefore, finding heterogeneous boards will be difficult, especially if there is a lack of interest on the part of companies to participate in this change.

IR