Corporate Governance Practices and Disclosure of Risk Management Sharia Bank in ASEAN

. The risks faced by Islamic banks are similar to conventional banks. Therefore, Sharia Banks must also carry out risk management disclosures. This study aims to examine the effect of governance, including the Sharia Supervisory Board, Independent Commissioner, Audit Committee, Risk Committee, the doubling of the Sharia Supervisory Board Position, and the frequency of meetings on the quality of risk management disclosures. The population is Sharia Banks in ASEAN; samples are selected purposively according to the data's completeness that can be accessed through the capital market website. Risk management disclosures are measured using the index of completeness of risk items revealed. Data analysis was performed using multiple regression analysis. The study found that the number of audit committees and meeting frequency had a significant and positive effect on the quality of risk management disclosures. The number of Sharia supervisory boards has a significant effect on the negative coefficient. Other governance variables do not affect risk management disclosures.


Introduction
In 2015, ASEAN countries entered into an era of mutual agreement with the ASEAN Economic Community (AEC) or the ASEAN Economic Community (AEC).ASEAN (Association of Southeast Asian Nations) is an association of countries in Southeast Asia with ten members, namely Indonesia, Malaysia, Thailand, the Philippines, Singapore, Brunei Darussalam, Vietnam, Laos, Myanmar, and Cambodia.Along with the existence of the AEC, banks in ASEAN have an increasingly important role.Banks (including Islamic banks) have a dominant role in developing a country's economy (Ghosh, 2018).
Islamic banking has developed in ASEAN since 1973 with the operation of the Philippine Amanah Bank.Furthermore, ten years later (1983), the Islamic Bank of Malaysia was established, and in 1992 the Bank Muamalat Indonesia was born (Nugroho, 2020).During the economic crisis in 1997-1998, Islamic banks showed higher resilience compared to conventional banks.An example is Bank Muamalat Indonesia (BMI), which has performed better than conventional banks.This condition proves that Islamic banks are more "survive."Is the resistance to the crisis in a Sharia Bank caused by the inherent characteristics of a Sharia Bank that must comply with Sharia regulation?What risk management is carried out by Sharia Banks to anticipate changes in the global market?
The implementation of corporate governance has a close relationship with risk management.Two risk management approaches are widely applied in Indonesia, namely Enterprise Risk Management (ERM) created by COSO and risk management as stipulated in ISO 31000 (2009).ISO 31000: 2009 is a Risk Management process adapted from AS/NZS 4360 (2004).Its implementation includes: First, the company's risk management strategy must be supported by an integrated framework of responsibilities and functions that move from board level to operational level management, which covers all aspects of risk.Second, the board of directors (or executive committee, if applicable) must approve the company's risk strategy and risk appetite, taking into account its risk tolerance, overall business strategy, and management experience and internal controls in each business unit.
Third, the framework should incorporate the board (or executive committee) as the primarily responsible body, a dedicated risk management group, and various support and control functions.All must have clear responsibilities and measurable performance goals.Fourth, day-to-day responsibilities for risk monitoring, risk measurement, and risk evaluation must rest with a specialized risk management function close to the independent business unit -that reports to the board (or executive committee).Fifth, the risk management function's role must ensure compliance with approved risk policies and establish specific limits related to market, credit, liquidity, and operational risks arising from daily activities.
It must ensure that exposures are within agreed limits, well understood and evaluated before transactions; monitored on an ongoing basis; and reported on a timely basis to senior management.Sharia banks that face more risk than conventional banks need the attention of various groups.
Like conventional banks, Islamic banking also needs to manage risk to report the implementation of risk management.Risk management reporting can be done by disclosing risk management in financial statement notes.It is hoped that with this disclosure, users will be able to participate in monitoring and anticipating the risks faced by Islamic banks (Utami, Nugroho, Mappanyuki, & Yelvionita, 2020) Research conducted by Vilanova ( 2007) explains that risk management information is beneficial for stakeholders.Therefore, risks must be disclosed promptly to meet stakeholders' interests (Nugroho, Wicaksono, & Utami, 2018;Utami, 2000).Disclosure is an important aspect considered by investors because there is picture of the company's state and its performance in the future (Ali, 2006).They are not mistaken in predicting the state of the company in the future.
The National Committee for Governance Policy (KNKG) states that disclosing risk management information in a company is considered necessary because disclosing these risks can make decisions to overcome them.This guideline also describes several ways for the company to achieve sustainability by implementing transparency, accountability, responsibility, independence, fairness, and equality, which are the basic principles of implementing Good Corporate Governance.Safieddine (2009) suggests that an essential role in risk management is corporate governance under sharia.Stakeholders use corporate disclosure in the decision-making process (Thijssens, Bollen, & Hassink, 2015;Utami, Nugroho, & Farida, 2017).Banks with a good information system can face risks, especially if the company's governance is not good (Morrison, 2004;Pernamasari, 2018).Hidayah, Badawi, &Nugroho (2019), andSoltani (2014), states that good corporate governance can help prevent corporate scandals, fraud, and potential corporate civil and criminal liability.
Many studies discuss risk management disclosures (Sari & Sholikhah, 2019;Tulung, Saerang, & Pandia, 2018).These studies were conducted at companies listed on the Indonesia Stock Exchange and conventional banks.Research on risk management disclosure in Islamic banks, so far, was carried out by Amran et al., (2017), andDarmadi (2013), who examined the role of corporate governance in the disclosure of financial risks in Islamic banking.Sharia banking faces more risks than conventional banking.For this reason, research is needed on the disclosure of risk management in Islamic banking in Indonesia by taking all types of risk, not just financial.This is strengthened because Islamic banks have a reputation risk as a bank that carries the name of sharia and the risk of compliance with sharia.So, this study aims to investigate the effect of corporate governance on Islamic banking disclosure in Indonesia.Corporate governance measures such as the number of commissioner boards, independent commissioner boards, audit committees, independent audit committees, and sharia supervisory boards can assist companies in implementing risk management disclosures.Thus, they can influence the disclosure of risk management in Islamic banking.

Literature Review
Agency theory is a contract that involves company owners (principals) and managers (agents) (Fama, 1980;Jensen & Meckling, 1976;Watts & Zimmerman, 1978).The owner entrusts the management of the company to the manager (agent).Agency problems arise when each party wants to maximize their respective interests (Jensen & Meckling, 1976).
In an agency contract, the owner does not have much access to company management, so a report/information from the manager is required in the form of a financial report.When the manager does not provide all the information required by the owner, there will be an assimilation of information between the two (Jensen & Meckling, 1976;Satibi, Utami, & Nugroho, 2018).To ensure the required managers report information, the role of corporate governance mechanisms to protect owners' rights over the information should be obtained.
In principle, in Islamic banking, the agency not only occurs between owners and managers but also with other stakeholders, including customers (especially sharia-based customers), managers and recipients of Islamic bank social funds (in the form of zakat (alms giving), infaq, fines, and non-halal incomes).In Islamic banks, in essence, the agency theory is applicable between managers and the community related to operations and products and the distribution of social funds, which all should comply with sharia.Therefore, Islamic banks are expected to be able to provide adequate transparency in the form of fair disclosures.Principles of good corporate covernance implementation for Islamic Commercial Banks and Sharia Business Units must be managed using transparency, accountability, responsibility, professional (professional), and fairness, which are summarized in the definition of corporate governance.Corporate governance has an important role in risk management; if the corporate governance is not implemented properly, it will cause an economic crisis, such as the emergence of several business risks, including in the banking world (Rivai & Ismal, 2013).
Risk management plays a vital role in ensuring the realization of GCG principles within the company.Risk management was created to help companies deal with various uncertainties in achieving corporate performance targeted by stakeholders.The success of management in achieving performance is determined by the success of management in managing the risks inherent in each of the company's business activities.Companies that understand and manage risk well are companies that can attract investors (Gond & Piani, 2012;Utami & Tatang Ary Gumanti, 2014).Risk management plays a role in providing reasonable assurance of the achievement of organizational goals, providing protection to officeholders against the possible adverse effects caused by risk (Arena, Arnaboldi, & Azzone, 2010).Kedir & Knapkova (2016) and Olson & Wu (2008), in their research, said that risk management identifies and manages risks that will affect the achievement of the desired value by the company.Two risk management approaches widely applied in Indonesia are Enterprise Risk Management (ERM) created by COSO, and risk management as stipulated in ISO 31000.ISO 31000: 2009 is a risk management process adapted from AS / NZS 4360: 2004.ISO 31000 can encourage companies to manage risk proactively, facilitateg the level of accountability in decision making by balancing costs to avoid threats and seize the opportunities and benefits derived from implementing risk management.Risk management must comply with the principles and guidelines that have been determined in order to ensure its effectiveness in supporting the successful implementation of risk management in a company.
The main goal of risk management is to eliminate the possibility of low income earned by the organization and help the organization optimize its capital and ownership structure.So it can be said that risk management is an element that helps determine the success of GCG implementation in a company (Disemadi, 2019).
Company risk information is used as a tool for careful and precise decisionmaking.The company is expected to be able to manage the disclosure of risk-related information in a company.The information disclosed is not only positive information , but also the negative one, related to aspects of risk management.Bank Indonesia Regulation Number 13/23/PBI/2011 Article 5 mentions several risks that must be disclosed by Islamic banking, namely: credit risk, market risk, liquidity risk, operational risk, legal risk, reputation risk, strategic risk, compliance risk, and yield risk.Investment returns and risks.Risk management is a series of methods and procedures used to measure, identify, and control risks arising from Islamic banking business activities.
The implementation of good and correct risk management will support the realization of GCG through more prudent and realistic business planning by considering possible risks, provisions, allocation of capital based on risk levels, and the implementation of an effective internal control system.
The board of commissioners has a role to supervise the operations in a company.The supervision carried out by the board of commissioners is expected to streamline one of the ways to manage risk, namely by managing it and disclosing risks in a financial report published annually.A large number of commissioner boards will create a mix of capabilities among its members to increase the accuracy of supervision and control of company management.Thus, a large number of commissioners is expected to improve the quality of information disclosure (Nugroho & Nezzim Bararah, 2018).
The implementation of corporate governance will run well if the independent commissioners understand and carry out their duties properly in supervising, directing, and evaluating the implementation of corporate governance and strategic bank policies (Nugroho & Nezzim Bararah, 2018).The more independent board of commissioners is, the better the supervision of the company's operational activities.An independent board of commissioners will act fairly in monitoring and reporting management's operational activities.Thus, the number of independent commissioner boards will affect the risk management disclosure (Ha1) An audit committee needs to be considered in healthy company management (Rahmat, Iskandar, & Saleh, 2009).The audit committee has the primary function of bridging shareholders, stakeholders, and the commissioner board with control activities carried out by management, internal auditors, and external auditor funds (Deborah, Todd, & Travis, 2008).The audit committee has a role in realizing GCG in the company by carrying out its duties following the principles of GCG itself.Platonova, Asutay, Dixon, & Mohammad (2018) examined the risk management disclosures in Islamic banking through GCG principles.
The audit committee's role in examining internal audit reports is to review the ability of company management members to be responsible for errors or fraud that cause losses to the company (Barua, Rama, & Sharma, 2010).Meanwhile, the audit committee and independent audit committee take steps in disclosing company information by examining and supervising the financial reports preparation, so that these reports include financial reports, as well as company information that stakeholders and shareholders can use.Thus, the number of audit committee (Ha2) and audit committee's meeting frequencies (Ha3) will affect risk management disclosure.
The Sharia Supervisory Board (DPS) has the task of providing advice and advice to directors and supervising company activities to comply with sharia principles (Nurkhin, Rohman, Rofiq, & Mukhibad, 2019).The function of DPS includes protecting customers' savings from the risks related to the asset side of Islamic banks.In Islamic banks, there is a risk of compliance, which includes obeying Indonesian laws and regulations and Islamic laws.To supervise this, a DPS is required to provide input, check, and oversight of the sharia compliance (Imaniyati, Nu, & Jamilah, 2019;Isnaini, 2018;Nurhisam, 2016).
The Sharia Supervisory Board is an independent body tasked with directing, consulting, evaluating, and supervising the activities of Islamic banks to ensure their compliance with Sharia principles as determined, among others, by fatwa.This task is performed at least once a month.Apart from the number of DPS members, the frequency of regular meetings held by DPS can determine the level of management supervision.Thus, the number of DPS (Ha4) and DPS' meeting frequencies (Ha5) also will affect RMD.Bastomi, Salim, & Aisjah (2017) examine Islamic banks' governance and risks in Indonesia from 2008 to 2016.This research confirms that the number of board meetings and the number of risk monitoring committee meetings negatively affect the risk of Islamic banks.Meanwhile, other Islamic bank organs, such as the board of commissioners and the sharia supervisory board, do not affect the risk of Islamic banks.This study also proves that the risk of Islamic banks is influenced by the number of risk monitoring committee meetings, which are a proxy for the effectiveness of the risk monitoring committee.Thus, the number of Risk Monitoring Committee (Ha6) and Risk Monitoring Committee's meeting frequencies (Ha7) also will affect RMD.

Methods
The population used in this study are all Sharia General Banks in ASEAN.The population of Islamic banks in ASEAN is 32 banks, including 11 Islamic Commercial Banks in Indonesia, 18 Islamic banks in Malaysia, 1 Islamic Bank in Singapore, 1 Islamic Bank in Brunei Darussalam, and 1 Sharia Bank in the Philippines.Other Sharia Banks in ASEAN.The sample is selected by the purposive sampling technique based on the following criteria: (1) having financial reports that can be accessed at least 2015-2018, (2) conducting disclosures related to elements of the GCG structure, and risks.
The dependent variable in this study is the level of corporate Risk Management Disclosure (RMD).The level of risk management disclosure is measured by calculating the items of each risk disclosed in the annual report of each Islamic bank.Each risk has several disclosure items.If these items are found in the annual report, it means that they are assigned a value of 1, and 0 otherwise.The risk disclosure items disclosed are in accordance with the prevailing laws in ASEAN countries, including: Credit Risk, Market Risk, Liquidity Risk, Operational Risk, Legal Risk, Reputation Risk, Strategic Risk, Compliance Risk, Return Risk (Rate), and Investment Risk (Equity Investment Risk).
The independent variable in this study is the Sharia Bank GCG mechanism.The GCG practice proxy is measured by the number of the Board of Independent Commissioners (KI), the number of the Audit Committee (KA) and their meeting frequencies (FR_KA), the number of the Sharia Supervisory (DPS) and their meeting frequencies (FR_DPS), and the number of risk monitoring committee (KPR) and their meeting frequencies (FR_KPR).
Based on the research of causality design, the analytical method used is multiple regression analysis.

Results and Discussions
Table 1 reports a description of the research variables to obtain an overview of the minimum, maximum, mean, and standard deviation values.
Based on table 1, it is known that the sample is 71.In the dependent variable Risk Management Disclosure (RMD), the minimum score is 30, the average score is 74.37, and the highest score is 100.This indicates that the RMD level of Islamic commercial banks in ASEAN relatively high, amounting to 74.37%.In the independent variable of the Sharia Supervisory Board, the highest number of members is seven people, the lowest is two people, and the average is three people, with the highest meeting frequency of 30 times, the lowest is never at all, and the average is 11 meetings per year.In the independent variable of the audit committee, the highest number of members is seven people, the lowest is two people, and the average is four people, with the highest meeting frequency of 38 times, the lowest is four times, and the average is 12 meetings per year.For the independent variable of the risk monitoring committee, the highest number of members is seven people, the lowest is two people, and the average is four people, with the highest meeting frequency of 59 times, the lowest is two times, and the average is 11 meetings per year.The highest number of independent commissioners is six people, the lowest has no independent commissioners, and the the average number is 3 independent commissioners.After seeing the description of the research variables, a classic assumption test is first carried out so that the research model is BLUE (Best Linear Unbiased Estimate), and an assessment of the suitability of the model is carried out by looking at the F test and adjusted R2 values.All of these results as described in table 2.
Based on table 2, it can be concluded that the research data has been normally distributed and free from autocorrelation.Also, based on Table 2, it is known that the significance value of F is 0.000.This value is below the alpha of 0.05; thus, simultaneously, all independent variables in this research model affect the dependent variable.R square value is 0.810.This means that the independent variables contained in the research model are able to explain the dependent variable by 81%, while other variables beyond the model determine the rest (19%).The high R square value indicates that the research model is fit or suitable.To test the research hypothesis, it can be seen coefficients of variables (β) and significant values (p-value) , which are presented in Table 3. KA Frequency (0.042).The Sharia Supervisory Board (DPS = 0,000) affects risk management disclosure by Islamic commercial banks in ASEAN.Still, the direction of the regression coefficient is negative, which means that the more DPS, the lower the level of risk disclosure.This is not in line with the theory, explaining that the more DPS, the more transparent or the higher the RMD.The empirical results show that the regression coefficient is negative.It can be interpreted that the more SSB, the smaller the risk, so there is no need for much disclosure about risk.The empirical results of this study contradict the study of Darussamin, Mara, Ghani, & Mara, (2018), concluding that the more supervisory boards, the higher the level of disclosure.Asif et al., (2017) revealed that the functions of the Sharia Supervisory Board involve providing fatwas, conducting sharia audits (ensuring bank products run according to sharia law), calculating zakat and so on.The board's ultimate goal is to maintain the credibility of the Islamic bank industry and increase stakeholders' trusts in Islamic banking products and activities.
The frequency of SSB meetings did not show any significant effect, the results carried out showed a value (0.115) so that the meeting frequency of SSB did not have a significant effect on risk management disclosure at Islamic commercial banks in ASEAN or did not support Ha5.According to (Faozan, 2103), the effectiveness of DPS affects the information disclosure.Thus, the more frequent SSB meetings are held, the better the supervisory function will be performed by DPS, especially related to sharia compliance and disclosure quality.However, the data in the descriptive statistics of this study show that, on average, SSB holds 11 meetings per year.That is, SSB at Islamic commercial banks in ASEAN only holds a meeting once a month, The number of audit committees and the frequency of audit committee meetings affect Risk Management Disclosure with a significance value of (0.045) and (0.042), respectively.Thus, these results support Ha2 and Ha3.This result is in line with a study by Faozan (2013), stating that an audit committee, whose function is to improve the integrity and credibility of financial reporting, cannot operate properly if without supports from all company's elements.
The number of Risk Monitoring Committees and the frequency of risk monitoring committee meetings (0.726) based on the results of this study do not affect risk management disclosure with significant values of (0.193) and (0.726), respectively.Thus, these results do not support Ha6 and Ha7.The risk monitoring committee is influenced by the culture, economy, regulatory environment, and social context in which these banks operate (Wajdi Dusuki, 2008).The different regulations in various ASEAN countries can influence the results of this study.In Malaysia, for example, the regulation separates the risk monitoring committee from the audit committee.This separation is expected to generate a more effective operation.The number of independent commissioners also has no effect on Risk Management Disclosure with a significance value of (0.683), so it does not support Ha1.The ineffective function of independent commissioners in companies as a monitoring tool is due to the fact that the appointment of independent commissioners is only to comply with corporate governance rules and does not pay attention to competence and commitment to upholding good governance.The supervisory and monitoring function is weak due to the lack of communication and coordination of the commissioner board, which resulted in the nonoptimal functions of the board (Faozan, 2013).

Conclusions
Sharia banking faces more risks than conventional banking.For this reason, research on the disclosure of risk management in Islamic banking in Indonesia is needed by taking all types of risks, not just financial ones.This risk is strengthened due to its sharia compliance responsiblity.This study aims to investigate the effect of Corporate Governance on Islamic banking disclosure in Indonesia.This research shows that the number of audit committees and the frequency of audit committee meetings have a significant and positive effect on Risk Management Disclosure.So, The more the Audit Committee and the higher the meeting frequency, the higher the risk management disclosure.The number of Sharia Supervisory Boards has a negative effect on risk management disclosure by Islamic commercial banks in ASEAN.With the increasing number of supervisory boards, the risk is getting lower, so several aspects that are not disclosed.
The frequency of SSB meetings does not affect risk management disclosure.The frequency of the Sharia Supervisory Board meetings has no impact on the level of disclosure.This is due to the very minimal number of meeting frequencies.The number of Risk Monitoring Committees and the frequency of risk monitoring committee meetings do not affect risk management disclosure.Meanwhile, the risk monitoring committee is influenced by the culture, economy, regulatory environment and social context in which these banks operate.Therefore, the study among ASEAN countries diversifies the roles and functions of the Risk Monitoring Committee so that it is unable to explain variations in risk management disclosures.