Next Article in Journal
Classification of Benign and Malignant Renal Tumors Based on CT Scans and Clinical Data Using Machine Learning Methods
Previous Article in Journal
The Smart Governance Framework and Enterprise System’s Capability for Improving Bio-Business Licensing Services
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Informatics
Volume 10
Issue 2
10.3390/informatics10020054
informatics-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Risk-Based Approach for Selecting Company Key Performance Indicator in an Example of Financial Services

by
Olegs Cernisevs
1,*,
Yelena Popova
2 and
Dmitrijs Cernisevs
1
1
Research Department, SIA StarBridge, LV-1050 Riga, Latvia
2
Regional Economy and Economic Policy, Baltic International Academy, LV-1019 Riga, Latvia
*
Author to whom correspondence should be addressed.
Informatics 2023, 10(2), 54; https://doi.org/10.3390/informatics10020054
Submission received: 17 March 2023 / Revised: 16 May 2023 / Accepted: 29 May 2023 / Published: 19 June 2023
Browse Figure
Versions Notes

Abstract

:
Risk management is a highly important issue for Fintech companies; moreover, it is very specific and puts forward the serious requirements toward the top management of any financial institution. This study was devoted to specifying the risk factors affecting the finance and capital adequacy of financial institutions. The authors considered the different types of risks in combination, whereas other scholars usually analyze risks in isolation; however, the authors believe that it is necessary to consider their mutual impact. The risks were estimated using the PLS-SEM method in Smart PLS-4 software. The quality of the obtained model is very high according to all indicators. Five hypotheses related to finance and five hypotheses related to capital adequacy were considered. The impact of AML, cyber, and governance risks on capital adequacy was confirmed; the effect of governance and operational risks on finance was also confirmed. Other risks have no impact on finance and capital adequacy. It is interesting that risks associated with staff have no impact on finance and capital adequacy. The findings of this study can be easily applied by any financial institution for risk analysis. Moreover, this study can serve toward a better collaboration of scholars investigating the Fintech activities and practitioners working in this sphere. The authors present a novel approach for enhancing key performance indicators (KPIs) for Fintech companies, proposing utilizing metrics that are derived from the company’s specific risks, thereby introducing an innovative method for selecting KPIs based on the inherent risks associated with the Fintech’s business model. This model aligns the KPIs with the unique risk profile of the company, fostering a fresh perspective on performance measurement within the Fintech industry.

1. Introduction

The fifth wave of innovations led to the digitalization of company operations and, consequently, the entire economy. The challenges of business process management have yet to be extensively researched, although the digitalization of the economy is frequently discussed in scientific literature [1,2,3,4,5,6]. According to Verhoef [7], the analysis of the discussed digital formation must take a multidisciplinary approach because it is only seen from the perspective of management and finance, or as a transformational issue.
All economic actions that rely on digital resources or are significantly improved by their use, including digital technologies, digital infrastructure, digital services, and data, are included in the digital economy. All producers and consumers—including the government—who use these digital tools for commerce are subject to this [8]. At the G20 meeting in 2020, this definition was provided as a component of the OBSE report. The report’s authors specifically mentioned financial and insurance services as examples of services that are entirely available online.
The exchange of cryptographic assets is a type of utility that can be considered in addition to financial services as digital. The exchange of cryptocurrencies can be categorized as an entirely digital service, even though it is not a financial service according to EEA laws [9].
In areas such as accounting, marketing, entrepreneurship, and production, the digital transformation of the economy has unveiled new challenges for managing participating companies [10,11,12,13,14].
The state of the enterprise or its processes can be objectively measured at any time if we consider a particular case of digital transformation, where all aspects of the business have undergone such a transformation and the entire business cycle is in the digital space [15,16,17]. This is because all indicators of such an enterprise at any given time are digitized and accessible. Key revenue indicators (KPIs) for the business include those [18,19]. KPIs offer unbiased metrics for an organization over a predetermined time frame. However, even though the management implications of digital transformation are being actively researched, the key indicators still need to be put forth, where they could be used to immediately identify (on the spot) the specific business states from the perspective of management and aid in immediate decision making [18,19].
The current key financial indicators (KPIs) are criticized as unsuitable for the economy’s digital transformation. This lack of availability is demonstrated by the fact that these metrics need to accurately depict the state of the business and offer the required level of process transparency for effective strategic and tactical management [19].
In the past, businesses have used key financial indicators to look back at their past performance in order to predict the future performance or maintain control over regulatory indicators [20,21,22,23,24]. The authors believe that in order for these KPIs to be in line with the realities of the digital transformation of the economy, it is necessary to increase their use in predicting how the situation will develop in order to create trigger actions based on them that will correct the current situation and, if necessary, prompt the correction of the measures themselves and the tasks that the enterprise uses.
According to Horváth and Szabó [25], digitalization is the automation of procedures using information technology. Digitalization, which can be understood as using digital technologies and data (digitized and natively digital) to generate revenue, improve businesses, and replace/transform business processes (not just digitize them), necessitates new ways of speaking and collaborating in the workplace [10]. Therefore, the role of information technology as a manufacturing process rather than as an auxiliary tool is expanding [13,26,27,28]. Scholars are confident that there are problematic issues with KPIs determination [6,13,28,29]. The authors contend that if information technology is referred to as a production process, transparent metrics are required to assess its efficacy and to identify, similarly to financial indicators, the actions that should be taken to remedy the present situation.
The authors point out that a methodology is needed to identify a list of necessary and sufficient KPIs for each specific business or process due to the multiplicity and frequent uniqueness of processes in each particular business or its portion.
The authors used a multidisciplinary approach to identify how the managerial, financial, and technological aspects of exclusively providing services in the digital space affect the risks of the company and how these risks can be mitigated by immediately identifying KPIs that measure these risks and choosing a course of action based on the values of the chosen KPIs. They used the example of the cryptocurrency exchange business to illustrate their point.
There also investigated how these risks can be mitigated by immediately identifying KPIs that measure these risks and by defining a course of action based on the values of the chosen KPIs.
The research’s objective was to examine the risk factors that affect the choice of key performance indicators. This study is the first step in developing the methodology of choosing key performance indicators for each unique company using a risk-based approach.
The practical value of this research is in developing the methodology of the key performance indicators selection for the particular business by analyzing the key risk indicators of that business. The authors present a novel strategy used to enhance key performance indicators (KPIs) for Fintech companies, proposing using metrics derived from the company’s specific risks, thus introducing an innovative method for selecting KPIs based on the inherent risks associated with the business model of Fintech. This model aligns the KPIs with the company’s unique risk profile, providing a novel perspective on performance measurement in the Fintech industry.
Another novelty of this article is in considering the risks not as separate issues but in combination, which allows for seeing not only the interrelation between different groups of risks but also estimating their mutual impact on company performance. The usual case of considering these risks is not in combination but separately.
This research has a particular scientific value since it shows the relationship between key performance and risk indicators. It develops the methodology of this specific relationship definition for any company using digital approaches.
The practical value of the research is significantly higher: stakeholders such as banks, financial institutions, crypto-currency exchangers, and other institutions can use the results of this study to understand the issue of the general acceptance of information technologies through the key performance indicators selection; it allows them to select company financial indicators based on the specificity of their business, which may use electronic automatic management systems.

2. Materials and Methods

Business continuity planning has become crucial in the digital economy because operations must always be conducted online [30]. Key risk indicators (KRIs) also assist in determining the likelihood of unfavorable situations that could impact a company’s business continuity [31]. By using key risk indicators, an organization can keep track of changes in risk and receive timely information about systemic and one-time events that may be connected to crisis situations that directly or indirectly impact an enterprise’s ability to carry out its operations.
KRIs, therefore, characterize and identify risks that have a significant manifestation in the business or deficiencies in control systems. They can be used alone or in conjunction with other fixed events associated with certain risks of the enterprise, such as balance sheet losses, audit results, and registration of customer complaints and suggestions.
Using fixed KRIs is not feasible due to the constant shift in risk events. Regularly reviewing these KRIs is necessary to safeguard the company from operational, reputational, and other risks. When the company has a thorough knowledge of the risks, it can accurately identify and choose the right risk indicators and consistently track performance using key performance indicators (KPIs) and other technologies that facilitate this process.
Therefore, the authors believe that, in order to choose process-grounded key performance indicators, it is necessary to analyze the enterprise’s risks, identify key risk indicators, and then choose key performance indicators describing the processes that lower risks in the identified areas. The risk indicators are closely connected with key performance indicators. Control and management of KPIs is required to decrease the company’s risks.
The authors attributed the companies’ risks to the following groups:
  • Governance Risks—The risk that the company’s rules, processes, and mechanisms, important for oversighting and decision making, function improperly. Governance risks relate to the directors’ decisions regarding board leadership, composition, and structure. Governance risks are associated with the resourcefulness and robustness of the company’s procedures for compliance with the relevant framework of laws, including the quality of reporting lines [23].
  • Operational Risks—The risk that the company experiences a loss due to inadequate or failed internal processes, people, systems, or external events [32,33].
  • Human Resources Risks—The risks that human resources pose on the company’s operations [34].
  • Health and Safety Risks—The risk of the company being exposed to a health and safety hazard that may result in harm, injury, death, or illness of an employee in a specific workplace [35].
  • Financial Risks—The risk a company may face that results in the possibility of losing money on an investment or business project [36].
  • Cyber Risks—This risk includes hardware and software failures, spam, viruses, malicious attacks, and other ICT matters [37].
  • Capital Adequacy Risks—Risks arising from the firm’s capital position, the adequacy of capital to support the level of current and anticipated business activities, and the access to further capital [38].
  • Environmental/External Risks—Risks arising from economic events that are out of the control of the corporate structure [39].
  • Law and Regulation Risks—The risk that the firm suffers financial, reputational, or litigation damage through failure to monitor, control, and eliminate or substantially reduce regulatory compliance risk [40].
  • Strategic Risks—The risk of loss arising from adverse business decisions that are poorly aligned to strategic goals, failed execution of policies and processes designed to meet those goals, and inability to respond to macroeconomic and industry dynamics. Strategic risks are also those risks associated with operating in a specific industry [41].
  • Financial Crime Risks—The risks that arise from the failure to prevent financial crime, money laundering, and market abuse [42].

2.1. Risk, Threats and Vulnerabilities

The effectiveness of the risk-based strategy depends on an accurate understanding of the risk to which the Fintech company is exposed. In this case, the risk is viewed as an inherent risk, or the risk one must take before adopting and implementing any processes, policies, controls, or other steps to lessen it. Before preparing for the interviews with the representatives of companies operating on the financial markets for risk assessment, the authors analyzed how risk might occur, keeping in mind two risk elements: vulnerabilities, or weaknesses that could be exploited for risk purposes, and threats, or outside forces that try to take advantage of company vulnerabilities [31,32,37,43,44].
The effect of the threat or vulnerability and the likelihood of the threat or vulnerability are the two factors that are used in the calculations for both threats and vulnerabilities. Whereas the likelihood of threats or vulnerabilities occurring during the reporting period is based on objective data, the effect of threats is determined by the expert assessment of risk managers.
Impact describes the kind and extent of damage that would result from exposing one or more vulnerabilities. Any risks that the authors outlined above could result in this harm. The combinations of likelihood and impact determine the inherent risk for the entity/person/process, etc. The authors proposed classifying list of threats and vulnerabilities, elaborated by the authors, according to effect and probability of the threat and vulnerability revealed within the aforementioned risks; the classified risks can be further utilized in questionnaires for financial institutions.
The risk analysis begins by determining the possible improper issues in the entity functioning. These drawbacks need to be compared to a probability metric that gauges the possibility that the event will occur.

2.2. Methods

Preliminary research was conducted to identify the components and indicators of the model. For this purpose, the authors interviewed 5 distinct financial and Fintech companies in the European Union. The authors employed risk element-specific questionnaires for these interviews.
The criteria for these companies’ selection are the following:
  • The respondent is a company registered in the European Union;
  • The company is regulated or supervised by the financial company supervisor;
  • The company has a risk management department or risk professionals;
  • The company is involved in the payment business;
  • Each risk event represents a threat or series of threats that exposes a company’s current vulnerabilities. The proper values of the vulnerabilities must be used to evaluate the threat impact or likelihood of the risk event.
The semi-structured interviews were conducted in 2017 and 2022. The model’s elements and indicators were collected during this time period, where 5 companies were interviewed.
The following criteria were prepared by the authors within the Table 1 for assessing the impacts of the threats and vulnerabilities by the participating companies:
The authors presented Table 2 with the following criteria to respondents to gauge the probability of threats and vulnerabilities:

2.2.1. Risk Calculation

In accordance with [45], the risk was calculated as follows:
I R = I m L
where:
  • IR—inherent risk;
  • Im—the impact of the risk;
  • L—the likelihood of the risk.
The probability and effect of the inherent risk were calculated by the authors as the average of the likelihood and impact of each threat and vulnerability combination that made up the risk. The final threat and vulnerability were calculated as the average of all factors involved in the computation, including threats, vulnerabilities, impacts, and likelihoods if the same risk generates multiple threats and vulnerabilities (Source: the formula developed by the authors).
I m = i = 1 n ( T i i + ( V i 1 + V i 2 + + V i m ) m ) n 2
where:
  • Im—the impact of the risk;
  • Tii—threat impact per each of the threats within the risk group;
  • Vi—vulnerabilities impact;
  • m—number of vulnerabilities per risk group;
  • n—number of threats per risk group.
L = i = 1 n ( T l i + ( V l 1 + V l 2 + + V l m ) m ) n 2
where:
  • L—the likelihood of the risk;
  • Tli—threat likelihood per each of the threats within the risk group;
  • Vl—vulnerabilities likelihood;
  • m—number of vulnerabilities per risk group;
  • n—number of threats per risk group.
The impact and likelihood was calculated based on the following classification (Table 3):
Inherent risk value interpretation—numeric ranges are as follows: very low (VL) is from 0 to 5, low (L) is from 5.01–10, medium (M) is from 10.01 to 15, high (H) is from 15.01 to 20, and very high (VH) is from 20.01 to 25.
For the simultaneous analysis of several statistical relationships, the researchers primarily used two methods for structural equation modeling (SEM): partial least squares structural equation modeling (PLS-SEM) and covariance-based structural equation modeling (CB- SEM) [46,47,48]. The PLS-SEM methodology was selected since this methodology is more effective for the small data samples, which are used for exploratory and confirmatory types of research, and does not put forward the requirements for data normal distribution. [49,50].
A practical causal-predictive analysis can be performed using PLS-SEM, which also explains the variance in the independent constructs [47,48]. PLS-SEM enables forecasting the behavior of an unusual entity by combining a regression-based path analysis and analysis of the most crucial components [51]. This method can also define mediating and moderating effects and illustrate direct and indirect relationships [52]. Most researchers working in cutting-edge fields favor this approach [46].
The PLS-SEM technique takes into account both an inner and an outer model. The outer model takes into account the relationships between the latent variables and their reported indicators, whereas the inner model takes into account the relationships between independent and dependent latent variables. Latent variables, also known as constructs, are variables that cannot be evaluated directly.
The same ground was applied to key performance indicators as it was to financial and capital adequacy risks. As a result, other risk groups determine the model assumptions that might impact them. Given that the risk groups mentioned above reflect both internal and external processes, the authors decided that internal processes should be represented by the risk groups chosen for the modeling:
  • Governance risk;
  • ICT risk;
  • Operational risk;
  • Financial crime risk;
  • Human resources risk.
The first group of hypotheses (H1–H5) related to financial risk:
H1. 
Governance Risk has a direct impact on company KPI.
H2. 
ICT Risk has a direct impact on company KPI.
H3. 
Operational Risk has a direct impact on company KPI.
H4. 
Financial Crime Risk has a direct impact on company KPI.
H5. 
Human Resource Risk has a direct impact on company KPI.
The second group of hypotheses (H6–H10) related to capital adequacy risk:
H6. 
Governance Risk has a direct impact on company KPI.
H7. 
ICT Risk directly impacts company KPI.
H8. 
Operational Risk directly impacts company KPI.
H9. 
Financial Crime Risk directly impacts company KPI.
H10. 
Human Resource Risk has a direct impact on company KPI.

2.2.2. Model Estimation Using the SmartPLS Software

Three steps made up the PLS-SEM analysis in SmartPLS:
  • The validity of the outer paradigm or construct was assessed. The research included looking into the indicator loadings for the theoretically determined constructs and evaluating the model’s validity and dependability. Additionally, it was established how many iterations would be necessary for SmartPLS to finish the evaluation.
  • The inner model (structural model) assessed how the categories related to one another. The coefficient of determination (R2), standardized path coefficients (B), and impact size (f2) were used to accomplish this.
  • A broad evaluation of the model (overall model evaluation) was conducted to determine how well the model fits the data. This can be accomplished in SmartPLS by applying the SRM exact fit parameters.
The authors used the following values, mentioned in the Table 4, for model evaluation in the software SmartPLS:
Poor dependability is indicated by values less than 0.5, and loading with a CR of less than 0.5 should be removed from the dataset. However, in this research, each loading had a design confidence greater than 0.5; therefore, they were all incorporated into the model loadings.

3. Results

3.1. Preliminary Research

The authors created a list of common threats and vulnerabilities in the payments sector. The aforementioned lists were created in collaboration with the risk experts of the chosen businesses. There are clear differences between the respondents engaged in the section on capital adequacy:
  • Banks (credit institutions) pay the government for funds that serve as guarantees for the customer deposits that they take. The government will use these funds to reimburse the customer funds in case of the bank’s bankruptcy. As a result, the only factor affecting capital adequacy is the liquidity of bank funds [69].
  • Customers’ funds must be protected by financial institutions (also known as electronic money institutions or payment institutions), and, in the event of bankruptcy, they must be reimbursed from these segregated funds accounts [70,71,72,73].
  • Companies that exchange cryptocurrency assets and other kinds of businesses mentioned in the second payment directive [72] are not legally required to separate customer funds, but they still face capital adequacy risks [74].
The capital adequacy goal is the same for all kinds of businesses, despite variations in the nature of the risk and its control methods. The authors contend that, because all business types use the same capital adequacy risk assessment criteria, it can be assumed that the tasks involved in risk management are comparable.
According to the respondents, all other criteria (risk groups) apply to all businesses, making it possible to evaluate corporate risks using the same lists of threats and vulnerabilities, impact, and likelihood criteria.
Threats and vulnerabilities were evaluated according to their capacity to address all risk groups in the preliminary definition of the threats and vulnerabilities. Table A1 of Appendix A contains the final list of threats, whereas Table A2 of Appendix A contains the final list of vulnerabilities.
The respondents who participated in the interviews filled out the likelihood and impact values of threats and vulnerabilities. The interviews’ threat impact estimations were recorded in Table A3 of Appendix A, and the threat likelihood was recorded in Table A4 of Appendix A. The interviews’ vulnerabilities impact estimations were recorded in Table A5 of Appendix A, and the threat likelihood was recorded in Table A6 of Appendix A.
According to the methodology, the authors determined the risk associated with each threat faced by each respondent, after which they computed the average number for each risk group and respondent. Table A7 in Appendix A serves as a record of the ultimate results table. These results were used as a data source for the PLS-SEM analysis in SmartPLS.

3.2. Outer Model Evaluation—Construct Validity

The relationships shown by the collection of hypotheses served as the foundation for the model created with the SmartPLS software. Since such a boundary value is acceptable for exploratory research, SmartPLS 4.0’s application of PLS-SEM led to the selection of indicators of latent variables with loadings > 0.60 as the first step (see Table 4). Since all of the latent variable values were greater than 0.60, they were all considered in the model.
All loading weights for each variable were greater than 0.6, so they were all considered.
The values of the construct validity metrics for the outer model, which are composite reliability (CR) and average variance extracted (AVE), were all within the necessary bounds (see Table 4), and are listed in Table 5. A high dependability and internal consistency values were shown for each construct. The composite reliability was >0.984, and the average variance extracted was >0.942, indicating that the considered variables accurately represented the latent constructs intended for measurement.
The discriminant validity assessment, which identifies the differences between the constructs within the model, is considered necessary for outer model estimation. The Fornell–Larcker criterion and the heterotrait–monotrait ratio of correlations are two commonly used techniques to assess the discriminating validity in PLS SEM (HTMT).
The Fornell–Larcker criterion is the most common measure for assessing the discriminant validity in PLS-SEM. In some situations, the Fornell–Larcker criterion is considered weaker, more prone to error, and ineffective [75,76]. A more stringent standard is the heterotrait–monotrait ratio of correlations (HTMT) approach [62]. Hair et al. [76] suggested using HTMT [63] rather than the Fornell–Larcker technique due to its exaggerations when detecting discriminant validity. However, it is also advised to consider the model’s setting and the researcher’s level of conservatism when evaluating the discriminant validity [77].
Cross-loads demonstrated that each indicator had the highest loads in the construct initially intended to measure, and that the results fully satisfied the Fornell–Larcker criterion (see Table 6). All hidden variables fulfilled the HTMT requirement (see Table 7). There is no risk of any kind that will demonstrate an absence of discriminant validity.
The cross-loading indicators show the perfect discriminate validity of the factors.
An indicator of the degree of multicollinearity in regression analysis is the variance inflation factor (VIF). In a multiple regression model, multicollinearity occurs when there is a correlation between several independent factors. Examining the variance inflation factor (VIF) values (see Table 8), which should not be greater than 3.3, allows for an examination of multicollinearity [65,66,67]. For this model, the highest variance inflation factor (VIF) was 2.665. As a result, multicollinearity is apparently not an issue.

3.3. Evaluation of the Inner Model (Structural Model). Verifying the Hypotheses

The inner model uses the coefficient of determination (R2), standardized path coefficients (β), and impact size (f2) to characterize the relationships between the constructs. Fewer than the permitted 10 iterations—7—were completed before the study was terminated [47,63].
As stated, we first looked into the model using the relationships specified in the model’s framework (see Figure 1).
In the present study, the R2 values for the constructs “Capital Adequacy Risk” and “Financial Risk” as the target variables of the model were of the greatest interest. The latent variables of the model explained that about 61.5% of the other types of risks affect the capital adequacy risk, and 32.0% of the other types of risk affect the financial risk (see Table 9). This is a relatively high level of R2, indicating that the research determined the key factors that can influence the financial and capital adequacy for Fintech companies and, most likely, in businesses of comparable size and infrastructure.
Only five of ten hypotheses regarding the precise relationship between risks and other factors were confirmed (see Table 10). At the same time, it was found that governance risk has the biggest overall impact on capital sufficiency risk (β = 0.742 ± 0.722), and that cyber risk has the smallest overall impact (β = 0.119 ± 0.802).

3.4. Overall Model Assessment

Without a comprehensive model evaluation, a PLS-SEM study cannot be finished. Unfortunately, this estimate did not perform excellently; the result of the standardized root means squared residual (SRMR) was 0.089, whereas the necessary value is 0.080. This difference is not terrible though, so it is still worth taking into account the findings of this research.
Given these details, we can conclude that the task has been completed and the exploration has been successfully conducted, with a clear grasp of its limitations and future research directions. Therefore, given the relationship between various types of risks and financial and capital adequacy risks, we will explore some opportunities in the discussion section.

4. Discussion

The research results show that human resources risks (staff risk) do not correlate with the financial and capital adequacy risk. Assessing and addressing the possible risks associated with having a workforce is known as human resources risks. These risks are linked to employee behavior and how the company recruits, retains, and manages employees and other kinds of workers. Despite the numerous articles where scholars define the importance of labor force management for the management of the company, this research shows that, based on the evaluations of five Fintech companies working in different fields and countries and further model evaluation, risk related to labor force—inadequate management or absence—does not have a direct effect on the financial results of the company.
Another result of the research is related to governance risk. The governance risk shows a strong correlation with the capital adequacy risk. This result emphasizes that despite the high digitalization of the Fintech business, the major influence on the company’s financial results is as a result of the company governance. In other words, it is not the effectiveness of the IT systems of the company but the effectiveness of the governance provided by the company’s managerial board that plays a major role.
The authors of this research show that KPIs have an obvious relationship with KRIs. Scholars distinguish KPIs and KRIs. KRIs are used to identify the possible risks, whereas KPIs evaluate the company performance. Even now, many businesses use these terms interchangeably. KPIs are frequently made to provide a broad overview of organizational success. Thus, even though these metrics might not be able to provide sufficient early warning signals of a developing risk, they are crucial for trend analysis and performance monitoring. KRIs emphasize just the opposite.

Research Limitations

Data from five distinct types of Fintech companies were used in the study. In terms of size, the degree of digitalization, and customer service strategies, we believe that other types of Fintech companies will have similar influencing risks with respect to the financial and capital adequacy risks. However, they were not considered by the authors, which can be seen as a limitation of this study.
The group of factors selected to establish the model construct also poses a restriction. Although the authors made an effort to take into account all potential indicators, it is still possible to broaden the set of indicators used, add additional variables, or use a different technique for data analysis.
Additionally, survey errors, particularly coverage and sampling errors, are a component of sampling studies. There will almost certainly be a difference between the sample and the general community. The findings of a single sample research cannot be regarded as representative if a large-scale randomized study has not been carried out. In such circumstances, numerous sample studies carried out by various authors can yield representative results.
It should be emphasized that the types of risks involved in this study limited the way in which the model could be interpreted. The authors decided that internal processes should be represented by the internal risk groups chosen for the modeling because the risk groups mentioned above reflect both internal and external processes. This decision can be seen as a limitation of this research because internal processes should be represented by internal risk groups.

5. Conclusions

The authors analyzed the key risk indicators of the business and the correlations between the company’s risk indicators with the purpose of developing the methodology for the key performance indicators selection. By choosing suitable KPIs based on observations of the business events specified by the risk parametrizations, the digitalization of the financial services industry, or Fintech, puts forward the requirements for digitalizing the company’s management processes.
The model’s elements and indicators were identified through the preliminary research. The authors interviewed five financial and Fintech companies in the European Union for this reason. Together with the risk specialists of these companies, a final risk elements list was created and grouped within the questionnaires. The risk components evaluations, based on the above-mentioned questionnaires, were used as a data source for the model. Taking into account the sensitivity of the data regarding their risks, the interviewees consented to participate under the condition of anonymity.
The authors agree that a larger sample size would contribute to the robustness of the results. A larger sample would help to capture a broader range of perspectives and experiences, thereby increasing the reliability and generalizability of the findings. This could involve expanding the number of financial and Fintech companies interviewed or including a more diverse set of participants, such as regulators, industry experts, or academics.
However, the purpose of the research was to evaluate the novel concept of selecting KPIs based on the five distinct categories of Fintech business models represented by risk indicators. The goal was to gain rich insights from a smaller number of participants rather than aiming for statistical representativeness. This approach allows for a detailed exploration of the risk factors and their impact on finance and capital adequacy in specific contexts. It would be beneficial for future studies to consider both qualitative and quantitative approaches. This would provide a more comprehensive analysis by combining in-depth interviews with a larger survey or data analysis, ensuring a balanced and well-rounded investigation.
Within this research, the model was constructed based on the risk types, representing the internal processes of the company. The authors considered the following groups of risks: governance risk, ICT risk, operational risk, financial crime risk, and human resources risk, and their impact on finance and capital adequacy. The model verified the correlation of the risk, representing internal processes toward the financial risk and capital adequacy risk. The authors assume that financial and capital adequacy risks are connected to the financial KPIs of the company. The study was carried out using PLS-SEM in SmartPLS 4.0 software.
The research shows that all the risks considered in the model, except for staff risk, correlate with the financial and/or capital adequacy risk. Approximately 61.5% of the other categories of risks that affect capital adequacy risk and 32.0% of the other types of risks that affect financial risk were explained by latent variables in the obtained model. The primary factors influencing the different risk types that impact financial and capital adequacy risk were identified in this study. These data could be used to create manual or automated KPI selection and evaluation models for Fintech firms or other businesses with comparable degrees of digitalization.
Despite the lack of a definitive correlation between staff risk and financial or capital adequacy risk, since the related hypothesis was rejected, this element significantly influenced the creation of the model. Events pertaining to these categories of risks must be excluded from the final model construction and calculation.
As a result, this research identified the crucial elements influencing the growth of KPIs based on financial and capital adequacy risk.
Stakeholders in this procedure include all divisions of Fintech companies. The outcomes can be used as a foundation for initiatives that seek to automate performance results. The purpose of this study was to demonstrate that the unified methodology for Fintech’s risks brings additional benefits, apart from the risk management efficacy itself: the ability to select KPIs based on the unique business model of Fintech. The authors devised an innovative approach to selecting comprehensive KPIs, covering all aspects of the exact Fintech business model.
All divisions of Fintech companies are stakeholders in this procedure. The obtained results can be used as a foundation for initiatives oriented toward automating the performance results analysis.

Author Contributions

Conceptualization, O.C.; methodology, Y.P. and O.C.; software, D.C.; validation, O.C., Y.P. and D.C.; formal analysis, O.C.; investigation, O.C.; data curation, Y.P.; writing—original draft preparation, O.C.; writing—review and editing, Y.P.; visualization, D.C.; supervision, Y.P. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

Data is contained within the Appendix A.

Conflicts of Interest

The authors declare no conflict of interest.

Appendix A

Table
Table A1. The list of threats.
Table A1. The list of threats.
Threat GroupThreatGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime Risks
1 Ecosystem pollutionAir pollution XX
2 Ecosystem pollutionEnvironmental accidents XX
3 Extreme weather eventsEarthquake XX
4 Extreme weather eventsFlooding XX
5 Extreme weather eventsHurricane XX
6 Extreme weather eventsLightning XX
7 Extreme weather eventsHeat waves XX
8 Extreme weather eventsFire XX
9 Ecosystem pollutionWater scarcity—Lack or insufficient supply of water XX
10 Market riskPublic policy change—Pollution control regulations X
11 Market riskShifting sentiment—Changes in consumer preference for certain products X
12 Remote workPandemicXXXXX
13 Company cultureHarassment X
14 Company cultureDiscrimination X
15 Company cultureEavesdropping X X
16 Humane resourceIllegal import/export of software XXX
17 Humane resourceIllegal use of software XXX
18 Humane resourceMaintenance error XX X
19 Humane resourceMisuse of resources XX X
20 Humane resourceOperational support staff error XXXX
21 Humane resourceStaff shortage XXXX
22 Humane resourceStaff mistakes XXXXXX
23 Manipulated dataMalware X XX
24 SupplyUse of software in an unauthorized way X
25 Manipulated dataCommunications infiltration X
26 Manipulated dataMisrouting or rerouting of messages X X X
27 Manipulated dataUnauthorized use of software X
28 Manipulated dataUnauthorized use of storage media X
29 Manipulated dataWillful damage X XXXX
30 Remote workMasquerading of user identity X X
31 Remote workNetwork access by unauthorized persons X X
32 Remote workRepudiation (e.g., of services, transactions, sending/receiving messages) X X
33 Remote workUse of software by unauthorized users X
34 CommunicationDamage to communication lines/cables X XX
35 CommunicationFailure of communications services X X
36 CommunicationFailure of network components X
37 CommunicationTraffic overloading X
38 CommunicationTransmission errors X
39 CommunicationUse of network facilities in an unauthorized way X
40 HardwareAir conditioning failure X XXX
41 HardwareBomb attack XXX
42 HardwareDeterioration of storage media XXX
43 HardwareHardware failure X
44 HardwareIndustrial action X
45 HardwareTheftXXXXXX
46 SupplyFailure of power supply X
47 SupplyPower fluctuation X
48 SupplySoftware failureXXXXXXX
49 Customer-related threats—CustomerClient works in high-risk sector X
50 Customer-related threats—CustomerUBO of the company works in high-risk sector X
51 Customer-related threats—CustomerRepresentative of the private individual works in high-risk sector X
52 Customer-related threats—CustomerClient family member of politically exposed person X
53 Customer-related threats—CustomerUBO family member of politically exposed person X
54 Customer-related threats—CustomerClient representative family member of politically exposed person X
55 Customer-related threats—CustomerClient representative associated to politically exposed person X
56 Customer-related threats—CustomerClient associated to politically exposed person X
57 Customer-related threats—CustomerClient representative politically exposed person X
58 Customer-related threats—CustomerClient foreign politically exposed person X
59 Customer-related threats—CustomerUBO foreign politically exposed person X
60 Customer-related threats—CustomerClient representative foreign politically exposed person X
61 Customer-related threats—CustomerClient domestical politically exposed person (PEP) X
62 Customer-related threats—CustomerUBO domestical politically exposed person (PEP) X
63 Customer-related threats—CustomerClient representative domestical politically exposed person (PEP) X
64 Customer-related threats—CustomerCompany incorporation type X
65 Customer-related threats—CustomerConcealment of beneficial ownership X
66 Customer-related threats—CustomerShell company X
67 Customer-related threats—CustomerShell bank X
68 Customer-related threats—TransactionsHigh turnover X
69 Customer-related threats—CustomerReliable bad adverse media X
70 Customer-related threats—CustomerNon-reliable bad adverse media X
71 Customer-related threats—CustomerReceived request to freeze customer’s UBO (FIAU, MFSA, police, court, etc.)X X XX
72 Customer-related threats—CustomerReceived request to freeze customer’s UBO (FIAU, MFSA, police, court, etc.)X X XX
73 Customer-related threats—TransactionsReceived request to monitor customer’s transaction (FIAU);X X XX
74 Customer-related threats—TransactionsInformation request (FIAU, MFSA, police, court)X X
75 Customer-related threats—TransactionsSTR/STA submitted regarding the customer or their UBO;X X
76 Customer-related threats—TransactionsSTR/STA submitted regarding the customer’s UBO;X X
77 Customer-related threats—CustomerCustomer in the terrorist listX X XX
78 Customer-related threats—CustomerCustomer UBO in the terrorist listX X XX
79 Customer-related threats—CustomerCustomer representative in the terrorist listX X XX
80 Customer-related threats—CustomerSanctions on the customer X XX
81 Customer-related threats—CustomerSanctions on the customer shareholders or UBOs X XX
82 Customer-related threats—CustomerSanctions on the customer representative X XX
83 Customer-related threats—CustomerIdentity fraud X XX
84 Customer-related threats—CustomerNon-identified parties account usage X
85 Customer-related threats—CustomerFalse/incorrect personal data X
86 Customer-related threats—CustomerFalse/incorrect personal data of UBO, or authorized/representative persons. X
87 Customer-related threats—CustomerFalse/incorrect personal data of customer representative X
88 Customer-related threats—CustomerCustomer issue bearer shares X
89 Customer-related threats—CustomerComplex ownership structure and opaque business structures (e.g., non-transparent, with several layers) X
90 Customer-related threats—TransactionsTax evasion X
91 Customer-related threats—TransactionsLocal criminal groups X
92 Customer-related threats—TransactionsDrug trafficking X
93 Customer-related threats—TransactionsFraud and misappropriation X
94 Customer-related threats—TransactionsCorruption and bribery X
95 Customer-related threats—TransactionsSmuggling X
96 Customer-related threats—TransactionsTheft and receipt of stolen goods X
97 Customer-related threats—TransactionsArmed robbery X
98 Customer-related threats—TransactionsLiving on the earnings of prostitution X
99 Customer-related threats—TransactionsUsury X
100 Customer-related threats—TransactionsIllegal gambling and violations of the Gaming Act X
101 Customer-related threats—TransactionsHuman trafficking X
102 Customer-related threats—TransactionsArms trafficking X
103 Customer-related threats—TransactionsSmuggling of persons X
104 Customer-related threats—TransactionsUnlicensed financial services X
105 Customer-related threats—TransactionsTerrorism and terrorist financing—Raising funds from criminal activities X
106 Customer-related threats—TransactionsTerrorism and terrorist financing—Raising funds from legal activity X
107 Customer-related threats—TransactionsSexual exploitation, including sexual exploitation of children X
108 Customer-related threats—TransactionsCounterfeiting currency X
109 Customer-related threats—TransactionsEnvironmental crime (illegal fishing, logging, dumping, mining, constrictions) X
110 Customer-related threats—TransactionsMurder, grievous bodily injury X
111 Customer-related threats—TransactionsCounterfeiting and piracy of products X
112 Customer-related threats—TransactionsKidnapping, illegal restraint, and hostage taking X
113 Customer-related threats—TransactionsExtortion X
114 Customer-related threats—TransactionsForgery X
115 Customer-related threats—TransactionsPiracy (i.e., maritime) X
116 Customer-related threats—TransactionsInsider trading and market manipulation X
117 Customer-related threats—TransactionsUnauthorized (unlicensed) commercial activity X
118 Customer-related threats—ProductProduct risk—SEPA payments X X
119 Customer-related threats—ProductProduct risk—SWIFT payments X X
120 Customer-related threats—ProductProduct risk—money send X X
121 Customer-related threats—ProductProduct risk—payment cards X X
122 Customer-related threats—ProductProduct risk—card purchases X X
123 Customer-related threats—ProductProduct risk—card cash withdrawal X X
124 Customer-related threats—ProductProduct risk—card credit voucher X X
125 Customer-related threats—ProductProduct risk—cor. accounts payments X X
126 Customer-related threats—ProductProduct risk—cash operations X X
127 Customer-related threats—ProductProduct risk—transaction to cryptocurrency X X
128 Customer-related threats—ProductProduct risk—transaction to gambling X X
129 Customer-related threats—ProductProduct risk—transaction received from sanctioned country X X X
130 Customer-related threats—ProductProduct risk—transaction sent to sanctioned country X X X
131 Customer-related threats—ProductProduct risk—transaction sent/received to/from sanctioned entity. X X XX
132 Customer-related threats—ProductProduct risk—transactions sent to high-risk country (high AML, terrorism, criminal, corruption/bribery level) X X X
133 Customer-related threats—ProductProduct risk—transactions received from high-risk country (high AML, terrorism, criminal, corruption/bribery level) X X X
134 Customer-related threats—ProductProduct risk—transaction counteragent is included in terrorist list X X XX
135 Customer-related threats—GeographicCustomer’s geographical location is in country with comprehensive sanctions X X X
136 Customer-related threats—GeographicUBO of the customer geographical location is in country with comprehensive sanctions X X X
137 Customer-related threats—GeographicCustomer representative geographical location is in country with comprehensive sanctions X X X
138 Customer-related threats—GeographicCustomer’s geographical location or their financial connections is in high-risk country (high AML, terrorism, criminal, corruption/bribery level) X X X
139 Customer-related threats—GeographicUBO of the customer’s geographical location or their financial connections is in high-risk country (high AML, terrorism, criminal, corruption/bribery level) X X X
140 Customer-related threats—GeographicCustomer’s representative geographical location or their financial connections is in high-risk country (high AML, terrorism, criminal, corruption/bribery level) X X X
141 Customer-related threats—GeographicGeographical location of institution, branches X X X
142 Customer-related threats—CustomerFace-to-face identification X X
143 Customer-related threats—CustomerIdentification by distributor X X
144 Customer-related threats—CustomerNon-face-to-face identification X X
145 Customer-related threats—TransactionsTransaction initiated in the shop X
146 Customer-related threats—TransactionsTransaction initiated remotely X
147 Customer-related threats—TransactionsTransaction initiated by PISP X
148 Credit riskUnallowed overdraftsXX X X
149 Credit riskUnallowed overdrafts with reservesXX X X
150 Market riskRecession X X
151 Market riskPolitical turmoil X X
152 Market riskChanges in interest rates X X
153 Market riskTerrorist/pirates attacks X X X
154 Market riskWarXXXXXXX
155 Market riskStrikes XXX X
156 Unsystematic riskRegulators finesXX X XX
157 Unsystematic riskProduct supply suspensionXX X XX
158 Unsystematic riskLaw casesXXXX XX
159 Market riskProduct price change on the market/product not competitiveXX X X
160 ComplianceProduct area of use violenceXX X X
161 ComplianceProduct licensor regulation violationXX X X
162 ComplianceCurrent product does not correspond to new regulators normsXX X XX
163 CompliancePayment systems regulation violenceXX X X
164 CompliancePartner due diligence absenceXX X XX
165 ComplianceSign agreement with the out-source without prior approval from regulatorXX X X
166 ComplianceUse of cloud solutions, rendered services not in accordance with EBA regulation X XXX
167 ComplianceDo not support PISP, AISPXX XXX
168 ComplianceDo not apply SCA in accordance with normsXX XXX
169 ComplianceFinancial institution operates below the minimum regulatory capital ratios or with negative own fundsXX X X
170 ComplianceCorrespondent bank deducts funds without approval from customer funds segregation account X X X
171 ComplianceThe customer “Right to Be Forgotten” was not realizedXXXXXX
172 ComplianceThe customers data were shared with GDPR violationXXXXXX
173 ComplianceBreach of payment card data XX XXX
174 ComplianceDisclosure of protected health informationXXXX XX
175 ComplianceNot appointed or trained data protection officer XXXXXX
176 ComplianceNot easy to identify and/or no data upon customer request available X X X
177 ComplianceThe business continuity plan not testedXX X
178 ComplianceThe ICT risk not assessed and/or reportedX X
179 ComplianceGovernance risk not assessed and/or reportedX
180 ComplianceOperational risk not assessed and/or reportedXX
181 ComplianceHuman resource risk not assessed and/or reportedX X
182 ComplianceHealth and safety risk not assessed and/or reportedX
183 ComplianceFinancial risk not assessed and/or reportedX X
184 ComplianceCapital adequacy risk not assessed and/or reportedX X
185 ComplianceEnvironmental/external risk not assessed and/or reportedX
186 ComplianceLaw/compliance risk not assessed and/or reportedX
187 ComplianceStrategic risk not assessed and/or reported X
188 ComplianceFinancial crime risk not assessed and/or reportedX X
189 ComplianceThe compliance officer was not assignedX X
190 ComplianceThe MLRO was not assignedX X X
191 ComplianceThe risk officer was not assignedX X
192 ComplianceThe internal auditor was not assignedXXXXXXX
193 ComplianceBoard director shortageXXXX X
194 ComplianceBoard directors not approved by regulatorsXXXX X
195 ComplianceSenior management not approved by regulators (if applicable)XXXX X
196 ComplianceUnresolved/unassessed conflict of interestsXXXXXXX
197 Change riskImplementation of the new distribution channels without POG approvalXXXXXXX
198 Change riskImplementing new requirements to customers without POG approvalXX XXXX
199 Change riskImplementing new product/service or their changes without POG approvalXX XXXX
200 Change riskImplementing new/variation of tariffs before prior customer approvalXX X X
201 Change riskImplementing new/variation of tariffs without POG approvalXX X X
202 Change riskElimination of the product/services before prior customer’s approvalXX X XX
203 Change riskElimination of the product/services without POG approvalXX X XX
204 Change riskCountry/audience change without POG approvalXX XXXX
205 Change riskCountry/audience elimination before prior customer’s notificationXX XXXX
206 Change riskNo execution of the regulatory changes in the requested time periodXX XXXX
207 Reputational riskPoor customer support serviceXX
208 Reputational riskLack of secure e/m banking platformXX XXX
209 Reputational riskFraud and corruption related to the financial institutionXXXX X
210 Reputational riskUnreasonable account block or product unavailabilityXX X X
211 Reputational riskUnclear/incorrect information to the customers (tariffs, extracts)XX X
212 Reputational riskHosting country reputation
213 Reputational riskNegative review on social mediaXX
214 Reputational riskUnreasonably long customer onboardXX XXXX
215 Reputational riskUnreasonably long customer request processingXX X XX
216 Reputational riskLow shareholders trustX
217 Reputational riskProduct functioning errorsXX XXX
Source: generated by the authors.
Table
Table A2. The list of vulnerabilities.
Table A2. The list of vulnerabilities.
VulnerabilityGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime Risks
Absence of clear and comprehensive governance policyX
Lack of information exchange between departmentsXX X
Lack of strategy plan or its actualizationX
Lack of record keeping of the board decisionX
Lack of board decision notification to the staffX X
Lack/improper policies/procedures describing internal processesXXXXXXX
Lack of the procedure/policies/reports approval procedure by the boardX
Lack of financial reportingXX X XX
Lack of job descriptionsXXX X X
Absence of the critical skills management procedureXXX
Critical skills shortage XX X X
Lack of/insufficient staff training XX X X
Lack of the product oversign and governance/change controlX X
Failure to adhere to the company’s policies or procedures XXXXXXX
Failure to enforce policiesXXXXXXX
Failure to stack to the distributors/out-source company approval procedure X X
Lack of an exit strategy for co-operation with distributors/out-source companies X X
Failure to protect prices with the distributor/out-source company X X X
Failure of distributor/out-source company/supplier to supply service X XX X
Lack of a business continuity plan or its insufficiencyXXXXX
Failure to diversifyXXXXXXX
Unsupervised work by suppliers or cleaning staff X X
Lack of security awareness XX X
Poorly documented software X X
Lack of monitoring mechanismsXX XXXX
Inadequate or careless use of physical access control to buildings, rooms, and offices X X
Lack of physical protection for the building, doors, and windows X
Location in an area susceptible to flood and fire X X
Unprotected storage X XX X
Insufficient maintenance/faulty installation of storage media X
Lack of periodic equipment replacement schemes X
Susceptibility to humidity, dust, and soiling X X
Susceptibility to temperature variations X X
Susceptibility to voltage variations X
Unprotected communication lines X
Poor joint cabling X
Lack of identification and authentication mechanisms X X X
Unprotected sensitive traffic XXXX X
Inadequate network management X
Lack of care at disposal X X
Complicated user interface X X
Lack of audit trailXX XX X
No or insufficient product/software/process testing X XX X
Poor password management X
Unclear or incomplete specification for developers X XXXX
Uncontrolled downloading and using software XX
Well-known gap in the software/process still in covering X XXXX
Wrong allocation of access rights X XX X
Insufficient or irregular water supply X X
Inappropriate CDD/EDD procedure X X
Inappropriate cash management XXX XX
Failure to identify risk-related eventsXXXXXXX
Failure to identify beneficiary/customer X X X
Failure to report to supervising organizationsXXXXXXX
Failure to respond/communicate with the regulatorsXXXXXXX
Lack of incident-reporting mechanismXXXXXXX
Lack of staff stress relief possibilities and trainings X
Bad ergonomics of the work place
Bad or absent noise control
Poor housekeeping X
Missing or insufficient lighting
Missing or expired or not verified extinguishers/fire-extinguishing mechanisms X
Correspondent bank stability risk X X X
Failure to define product prices in accordance with the market X
Failure to manage assets volatility risk X
Lack of liquidity X X X
Staff fraud X X
Staff mistakes X XX X
Incorrect accounting/business model application X X X
Internal processes incompliant with current legal norms and regulationsXXXXXXX
Lack of or improper customer funds segregation/capital rate calculation mechanism X X
Failure of the management to review and evaluate capital adequacy/customer funds segregation assessments and strategiesXX X X
Failure to define and control segregated funds access from the side of the correspondent bankXX X X
Poorly described and managed suppliers’ invoices payments procedure X X X
Lack of or improper overdraft management procedure X X X
Lack of or improper company liabilities management procedure X X X
Lack of or improper data privacy procedureXXXXX
Lack of a data protection officer or roleXXXXXX
Source: generated by the authors.
Table
Table A3. The list of threats impacts per respondent.
Table A3. The list of threats impacts per respondent.
Governance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime Risks
Respondent 1Respondent 2Respondent 3Respondent 4Respondent 5
100034000002300000220000022000003400
200034000002300000220000022000003400
300044000004400000440000022000004400
400044000004400000220000033000004400
500034000003400000320000033000003400
600024000002400000230000023000002400
700043000004300000430000022000004300
800055000005500000550000055000005500
900033000003300000330000022000003300
1000020000002000000200000020000002000
1100030000003000000300000030000003000
1243434005443400444340044434004343400
1300500000040000004000000300000050000
1400500000040000004000000400000050000
1500304000020300002020000302000030400
1600134000013400001240000224000013400
1700434000043400004340000334000043400
1804104000410400031040004204000410400
1903105000210300021030003303000310500
2005254000525400042440004344000525400
2104434000343400033330004343000443400
2205453540545354043434304343430545354
2303034000303400030340004044000303400
2400004000000400000030000004000000400
2500005000000400000040000004000000500
2603004040200303020030303003030300404
2700004000000400000040000004000000400
2800003000000300000030000003000000300
2905044440404444040444404044440504444
3001004000100400010030002003000100400
3105005000400400040040004004000500500
3204004000400400040040004004000400400
3300004000000400000040000004000000400
3403034000303400030340003034000303400
3504004000500400050040005004000400400
3600004000000400000040000004000000400
3700004000000400000040000004000000400
3800003000000300000040000004000000300
3900004000000400000030000003000000400
4003045300304430030242002023200304530
4100055500005550000555000055500005550
4200055500005550000444000044400005550
4300004000000400000040000004000000400
4400004000000400000040000004000000400
4524144403314440231343023134302414440
4600004000000400000030000003000000400
4700004000000400000030000003000000400
4825155552515555251353525135352515555
4900000020000003000000300000030000002
5000000020000003000000300000030000002
5100000020000002000000200000020000002
5200000020000004000000400000040000002
5300000040000004000000400000040000004
5400000040000004000000400000040000004
5500000040000004000000400000040000004
5600000040000004000000400000040000004
5700000040000004000000400000040000004
5800000040000004000000400000040000004
5900000040000004000000400000040000004
6000000040000004000000400000040000004
6100000040000004000000400000040000004
6200000040000004000000400000040000004
6300000040000004000000400000040000004
6400000030000003000000300000030000003
6500000040000004000000400000040000004
6600000010000001000000100000010000001
6700000040000004000000400000040000004
6800000040000004000000400000040000004
6900000030000003000000300000030000003
7000000020000003000000300000030000002
7120030353004045300303530030352003035
7220030353004045300303530030352003035
7320030343004044300303430030342003034
7420000042000004200000420000042000004
7520000053000005300000530000052000005
7620000053000005300000530000052000005
7720030354003035200303520030352003035
7820030354003035200303520030352003035
7920030354003035200303520030352003035
8000030350003035000202500020250003035
8100030350003035000303500030350003035
8200030350003035000303500030350003035
8300020230002024000202400020240002023
8400000030000002000000200000020000003
8500000030000003000000300000030000003
8600000030000003000000300000030000003
8700000030000003000000300000030000003
8800000040000004000000400000040000004
8900000030000003000000300000030000003
9000000050000005000000500000050000005
9100000050000005000000500000050000005
9200000040000004000000400000040000004
9300000040000004000000400000040000004
9400000040000004000000400000040000004
9500000040000004000000400000040000004
9600000040000004000000400000040000004
9700000040000004000000400000040000004
9800000040000004000000400000040000004
9900000040000004000000400000040000004
10000000040000004000000400000040000004
10100000040000004000000400000040000004
10200000040000004000000400000040000004
10300000040000004000000400000040000004
10400000030000003000000300000030000003
10500000050000005000000500000050000005
10600000050000005000000500000050000005
10700000030000003000000300000030000003
10800000030000003000000300000030000003
10900000020000002000000200000020000002
11000000020000002000000200000020000002
11100000030000003000000300000030000003
11200000020000002000000200000020000002
11300000020000002000000200000020000002
11400000020000002000000200000020000002
11500000020000001000000100000010000002
11600000020000001000000100000010000002
11700000030000003000000300000030000003
11803000030400004040000404000040300003
11903000030400004020000203000030300003
12004000040400005010000101000010400004
12104000040400004010000101000010400004
12204000040400003010000101000010400004
12305000050400005010000101000010500005
12403000030300003010000101000010300003
12504000040400004040000404000040400004
12605000050500005010000101000010500005
12703000030400004040000404000040300003
12803000030500005050000505000050300003
12905050050505005050500505050050505005
13005050050505005050500505050050505005
13105030350503035050303505030350503035
13205030350503035050303505030350503035
13305030350503035050303505030350503035
13405030350503035050303505030350503035
13504040050404005040400404040040404005
13604040050404005040400404040040404005
13704040050404005040400404040040404005
13804040040404004040400404040040404004
13904040040404004040400404040040404004
14004040040404004040400404040040404004
14103010030301003030100303010030301003
14204000020400003040000304000030400002
14305000040500004050000405000040500004
14405000040500004050000405000040500004
14500000020000002000000100000010000002
14600000030000003000000300000030000003
14700000040000004000000100000010000004
14844040403303030110101011010104404040
14944040403304040110101011010104404040
15001040000303000020200002020000104000
15101040000103000010300001030000104000
15201030000304000020200002020000103000
15305050040404004020200302020030505004
15454555545455554545555454555545455554
15504530300111010011101001110100453030
15655050555505055550505555050555505055
15735030343403034450404445040443503034
15834350543335054333505433350543435054
15942040403204040320404032040404204040
16054050502203030330303033030305405050
16154050503304040330404033040405405050
16233050543405054340505434050543305054
16334040403404040340404034040403404040
16442030343203034320303432030344203034
16542030304203030420303042030304203030
16602035300203530030353003035300203530
16732044404304440110111011011103204440
16832044404304440220222022022203204440
16953050504305050220202022020205305050
17005030300103030010101001010100503030
17142443403144340314434031443404244340
17242444403244440324444032444404244440
17344044404404440110111011011104404440
17433540432234043223404322340433354043
17542135304213530421353042135304213530
17604004040400404040040404004040400404
17742003003100300310030031003004200300
17840005004000500400050040005004000500
17930000003000000300000030000003000000
18033000003400000340000034000003300000
18130300003030000303000030300003030000
18230000003000000300000030000003000000
18330030003004000300400030040003003000
18430000303000040300004030000403000030
18530000003000000300000030000003000000
18630000003000000300000030000003000000
18730000003000000300000030000003000000
18840000044000004400000440000044000004
18940400004040000404000040400004040000
19050400055040005504000550400055040005
19140400003040000304000030400004040000
19244443444444344444434444443444444344
19333320203332020333202033320203332020
19432310102231010223101022310103231010
19532310101111010111101011110103231010
19642544433254443325444332544434254443
19734343442324344232333423233343434344
19833032342303234230323423032343303234
19933032343303234330323433032343303234
20033030303303030330303033030303303030
20133040404404040440404044040403304040
20233030342303034230303423030343303034
20333030342303034230303423030343303034
20433032341303234130323413032343303234
20533032341303234130323413032343303234
20643054544405454440545444054544305454
20745000003500000350000035000004500000
20842034303203430440444044044404203430
20934350502223030222303022230303435050
21024004041200303120030312003032400404
21143000043300003330000333000034300004
21200000000000000000000000000000000000
21323000002200000330000033000002300000
21424043442101211210121121012112404344
21544030343403034340303434030344403034
21621000001100000110000011000002100000
21744045404304540430454043045404404540
Source: generated by the authors based on the respondents’ completed questionnaire.
Table
Table A4. The list of threats likelihood per respondent.
Table A4. The list of threats likelihood per respondent.
Governance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime Risks
Respondent 1Respondent 2Respondent 3Respondent 4Respondent 5
100011000001100000110000011000001100
200011000001100000110000011000001100
300022000002200000110000011000002200
400022000001100000220000022000001100
500045000002200000220000033000002200
600034000003300000330000022000003300
700033000002200000110000011000002200
800032000002200000220000022000002200
900021000001100000110000011000001100
1000030000002000000200000020000002000
1100030000002000000200000020000002000
1244444004444400444440044444004444400
1300300000010000002000000200000010000
1400300000010000002000000100000010000
1500303000030300001010000101000030300
1600111000011100001110000111000011100
1700222000022200002220000222000033300
1803303000330300022020002202000330300
1903303000330400022020002202000330300
2003333000424300032330002232000333300
2104444000221200011110001111000222200
2203333340312222032222203222220333332
2303033000203300020220002022000303300
2400001000000100000010000001000000200
2500001000000100000010000001000000300
2601001010100101010010101001010200202
2700001000000100000010000001000000200
2800001000000100000010000001000000200
2903033330203332020222202022220202222
3004004000300300020020002002000300300
3103003000100100010010001001000200200
3201001000300300020020002002000300300
3300001000000100000010000001000000200
3401011000101200010120001012000202200
3504101000320200022020002202000330300
3600001000000100000010000001000000200
3700004000000300000030000003000000300
3800001000000100000010000001000000200
3900003000000200000020000002000000200
4001011100202320020222002022200202220
4100022200001110000111000011100001110
4200011100001110000111000011100001110
4300001000000100000010000001000000300
4400003000000300000030000003000000300
4533333302322220111222011122202222220
4600001000000200000020000002000000200
4700001000000100000010000001000000200
4844444443424444332333433233343313334
4900000030000002000000200000020000002
5000000030000003000000300000030000002
5100000010000001000000100000010000001
5200000040000004000000400000040000001
5300000030000003000000300000030000001
5400000010000001000000100000010000001
5500000010000001000000100000010000001
5600000030000003000000300000030000001
5700000010000001000000100000010000001
5800000030000003000000300000030000001
5900000030000003000000300000030000001
6000000010000001000000100000010000001
6100000030000003000000300000030000001
6200000030000003000000300000030000001
6300000010000001000000100000010000001
6400000020000003000000300000030000001
6500000030000004000000400000040000001
6600000030000003000000300000030000001
6700000020000001000000100000010000001
6800000040000004000000400000040000002
6900000050000002000000200000020000002
7000000030000002000000200000020000002
7150050552002022200202220020222002022
7250050552002022200202220020222002022
7330030332002022200202220020222002022
7430000034000004400000440000042000002
7530000033000003300000330000031000001
7630000033000003300000330000031000001
7750050553003033300303330030331001011
7850050553003033300303330030331001011
7910010111001011100101110010111001011
8000050550004044000404400040440004044
8100050550004044000404400040440004044
8200010110001011000101100010110001011
8300030330003033000303300030330003033
8400000020000003000000300000030000003
8500000030000002000000200000020000002
8600000030000002000000200000020000002
8700000010000001000000100000010000001
8800000020000001000000100000010000001
8900000030000003000000300000030000003
9000000030000004000000400000040000004
9100000030000002000000200000020000002
9200000030000002000000200000020000002
9300000030000004000000400000040000004
9400000030000003000000300000030000003
9500000020000002000000200000020000002
9600000020000003000000300000030000003
9700000020000001000000100000010000001
9800000020000001000000100000010000001
9900000020000002000000200000020000002
10000000020000003000000300000030000003
10100000020000001000000100000010000001
10200000020000002000000200000020000002
10300000020000002000000200000020000002
10400000030000002000000200000020000002
10500000030000002000000200000020000002
10600000030000002000000200000020000002
10700000020000001000000100000010000001
10800000020000002000000200000020000002
10900000020000002000000200000020000002
11000000020000001000000100000010000001
11100000020000003000000300000030000003
11200000020000001000000100000010000001
11300000020000001000000100000010000001
11400000020000002000000200000020000002
11500000020000001000000100000010000001
11600000020000002000000200000020000002
11700000020000001000000100000010000001
11803000030300003030000303000030100001
11904000040100001010000101000010100001
12003000030300003010000101000010100001
12103000030300003010000101000010100001
12203000030300003010000101000010100001
12303000030300003010000101000010100001
12403000030300003010000101000010100001
12504000040400004050000505000050500005
12603000030300003010000101000010100001
12701000010300003050000505000050300003
12802000020300003040000404000040200002
12903030030505005020200202020020202002
13003030030505005020200202020020202002
13102020220505055020202202020220202022
13202020220505055020202202020220202022
13305050550404044020202202020220202022
13405050550303033030303303030330303033
13505050050404004040400404040040404004
13605050050303003030300303030030303003
13701010010303003030300303030030303003
13804040040303003030300303030030303003
13904040040303003030300303030030303003
14001010010202002020200202020020202002
14103030030101001010100101010010101001
14202000020500005010000101000010100001
14304000040300003050000505000050100001
14404000040100001050000505000050100001
14500000020000003000000100000010000001
14600000030000005000000500000050000005
14700000040000002000000100000010000001
14833030302202020110101011010101101010
14933030303303030110101011010101101010
15004040000303000030300002020000202000
15104040000202000020200001010000101000
15204040000303000030300002020000101000
15304040040101001010100101010010101001
15444444442222222222222211111111111111
15503330300111010011101001110100111010
15632040444304044220202211010111101011
15732040443304044220202211010111101011
15812240442224044222202211110111111011
15933030302202020111101011110101111010
16044040401101010110101011010101101010
16112020201101010110101011010101101010
16233040442202022330303322020221101011
16311010101101010110101011010101101010
16422040444403033330303322020222202022
16531030301101010110101011010101101010
16601033300202220010111001011100101110
16742044401101110110111011011101101110
16842044403403330110111011011101101110
16933030302202020110101011010101101010
17002020200101010010101001010100101010
17142444403333330222222022222202222220
17242444402222220222222022222202222220
17344044403303330110111011011101101110
17433440432222022222202222220222222022
17532132301111110333333033333302222220
17604004040300303040040404004040300303
17732003003200300320030032003002200200
17820002003000300400040040004002000200
17940000003000000400000040000004000000
18044000003300000440000044000004400000
18140400003030000404000040400004040000
18240000003000000400000040000004000000
18340040003003000400400040040004004000
18430000303000030400004040000404000040
18540000003000000400000040000004000000
18640000003000000400000040000004000000
18740000003000000400000040000004000000
18830000033000003300000330000034000004
18940400002020000404000040400004040000
19030300031010001202000220200021010001
19140400004040000404000440400041010001
19233333331111111111111111111111111111
19333330302222020222202022220201111010
19411110101111010222202022220201111010
19522220201111010111101011110101111010
19633333333333333222222222222222222222
19711122221112222111111211111121111112
19842042443203233110111111011111101111
19933032331101111110111111011111101111
20022020203303030110101011010101101010
20122020203303030110101011010101101010
20222020222202022110101111010111101011
20322020222202022110101111010111101011
20433032334404444110111111011111101111
20533032334404444110111111011111101111
20643032333303233110111111011111101111
20712000003300000440000044000004400000
20811011103303330220222011011101101110
20911110102222020111101011110101111010
21031003042100202210020211001011100101
21112000031200002330000322000022200002
21200000000000000000000000000000000000
21313000003300000430000033000003300000
21431033332102222110111111011111101111
21534030343303033440404433030331101011
21611000001100000220000011000001100000
21723033302202220330333044044403303330
Source: generated by the authors based on the respondents’ completed questionnaire.
Table
Table A5. The list of vulnerabilities impacts per respondent.
Table A5. The list of vulnerabilities impacts per respondent.
Governance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime Risks
Respondent 1Respondent 2Respondent 3Respondent 4Respondent 5
130000003000000300000030000003000000
233004003300400330040033004003300400
330000003000000300000030000003000000
430000003000000300000030000003000000
530300003030000303000030300003030000
633344443334444333444433344443334444
730000003000000300000030000003000000
833040443304044330404433040443304044
933304043330404333040433304043330404
1033300003330000333000033300003330000
1103304040330404033040403304040330404
1203304040330404033040403304040330404
1330004003000400300040030004003000400
1433344443334444333444433344443334444
1533344443334444333444433344443334444
1603004000300400030040003004000300400
1703004000300400030040003004000300400
1803040400304040030404003040400304040
1903044040304404030440403044040304404
2033344003334400333440033344003334400
2133344443334444333444433344443334444
2203004000300400030040003004000300400
2303304000330400033040003304000330400
2403004000300400030040003004000300400
2533044443304444330444433044443304444
2603004000300400030040003004000300400
2700004000000400000040000004000000400
2800304000030400003040000304000030400
2903044040304404030440403044040304404
3000004000000400000040000004000000400
3100004000000400000040000004000000400
3200304000030400003040000304000030400
3300304000030400003040000304000030400
3400004000000400000040000004000000400
3500004000000400000040000004000000400
3600004000000400000040000004000000400
3703004040300404030040403004040300404
3803344040334404033440403344040334404
3900004000000400000040000004000000400
4003004000300400030040003004000300400
4103004000300400030040003004000300400
4233044043304404330440433044043304404
4303044040304404030440403044040304404
4400004000000400000040000004000000400
4503044440304444030444403044440304444
4600044000004400000440000044000004400
4703044440304444030444403044440304444
4803044040304404030440403044040304404
4903004000300400030040003004000300400
5000300040030004003000400300040030004
5103340440334044033404403340440334044
5233344443334444333444433344443334444
5303040040304004030400403040040304004
5433344443334444333444433344443334444
5533344443334444333444433344443334444
5633344443334444333444433344443334444
5700300000030000003000000300000030000
5800000000000000000000000000000000000
5900000000000000000000000000000000000
6003000000300000030000003000000300000
6100000000000000000000000000000000000
6200004000000400000040000004000000400
6303040400304040030404003040400304040
6400040000004000000400000040000004000
6500040000004000000400000040000004000
6603040400304040030404003040400304040
6700040400004040000404000040400004040
6803044040304404030440403044040304404
6903040400304040030404003040400304040
7033344443334444333444433344443334444
7103000400300040030004003000400300040
7233040403304040330404033040403304040
7333040403304040330404033040403304040
7403040400304040030404003040400304040
7503040400304040030404003040400304040
7603040400304040030404003040400304040
7733344003334400333440033344003334400
7833344403334440333444033344403334440
Source: generated by the authors.
Table
Table A6. The list of vulnerabilities likelihood per respondent.
Table A6. The list of vulnerabilities likelihood per respondent.
Governance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime RisksGovernance RisksOperational RisksHuman Resources RisksFinancial RisksICT RisksCapital Adequacy RisksFinancial Crime Risks
Respondent 1Respondent 2Respondent 3Respondent 4Respondent 5
140000003000000400000040000003000000
244003005500400110030011003001100200
340000003000000400000040000002000000
430000001000000200000020000002000000
540400002020000303000030300002020000
642322332232223532433353243333223221
740000001000000200000020000001000000
811010121101012340303334030332102021
944403032220203334030433403042220201
1043300003330000444000044400002220000
1104403020330303033030303303030220201
1202202020220203033040303304030330301
1310002002000200100010010001001000100
1423322233332424333343333334332222221
1533322222222222322222332222232222221
1602002000300300010010001001000100100
1703003000400400010010001001000100100
1803030300201010040404004040400303030
1903024020302402030340403034040202301
2012222003323300422330042233002222200
2133333332334244433424443342443113221
2203003000200200010010001001000100100
2302302000120200033030003303000220200
2403004000300300030030003003000200200
2522042222204222220422222042222202221
2603003000200200010010001001000100100
2700003000000200000010000001000000100
2800204000020200001010000101000020200
2902023030202203020220202022020202301
3000003000000300000030000003000000300
3100003000000300000030000003000000200
3200202000010100001010000101000010100
3300303000020200002020000202000010200
3400002000000200000020000002000000200
3500003000000200000020000002000000200
3600002000000100000010000001000000100
3702004020200302020030202003020200301
3802223030222303022230302223030222201
3900003000000200000020000002000000200
4002003000200200020020002002000200200
4102002000200200030030003003000200200
4233034022202302220230222023022202201
4303033030202202040440304044030303301
4400004000000300000030000003000000300
4503033340303334030333403033340101311
4600023000002200000220000022000002200
4702022220202223020222302022230202221
4802022020303303030330303033030303301
4903003000200200020020002002000200200
5000300030020004002000400200040020001
5101110110334045011101101110110111011
5243322234332223433222343322233332221
5301010030101003010100301010030101001
5433333332222323222232322223231123111
5533333322222222222222222222221122121
5633322224432422443242244324222222321
5700300000040000004000000400000040000
5800000000000000000000000000000000000
5900000000000000000000000000000000000
6002000000200000010000001000000200000
6100000000000000000000000000000000000
6200003000000200000010000001000000200
6302030300204040040404004040400303030
6400030000004000000400000040000003000
6500030000002000000100000010000001000
6603030300304040030404003040400403040
6700020200002020000202000020200002020
6803033030403404040340404034040403401
6901030300103030010303001030300103030
7033333334323434432343443234343322321
7102000200100010010001001000100100010
7212020201101010110101011010101101010
7312020201101010110101011010101101010
7403030300202020020202002020200202020
7502020200203030020303002030300203030
7603030300303030030303003030300303030
7712222004233300423330042333004233300
7822222202222220222222022222202222220
Source: generated by the authors based on the respondents’ completed questionnaire.
Table
Table A7. Calculated risk per risk (threat) group and respondents. Source for PLS-SM data analysis.
Table A7. Calculated risk per risk (threat) group and respondents. Source for PLS-SM data analysis.
G1G2G3G4G5O1O2O3O4O5H1H2H3H4H5F1F2F3F4F5I1I2I3I4I5C1C2C3C4C5A1A2A3A4A5
122222222222222265555765562222223331
2222222222222222987781197782222223331
3433338544453333117666433335433354442
444443876674444444444111088102222223331
5222222222211666722222653352222223331
6222228766786567766671198793333344332
722222544452222255444987793333355443
843333554444222255444997895533456663
922222443342222233333988892222223331
10332224433332222665561098896655523331
11333323333222222433333222243333101010105
12323322222222222222223222222222910995
13222221111787222225644432222443331113996
1422222119999222221099993222222222121211118
15107445108335222221094463222210844623331
16998759986643333131397632222131297613141084
17107777654445444375555654447544444442
1897555885553222299666664449966599774
1966765767663222244444543334443365552
Source: generated by the authors.

References

  1. Suleiman, Z.; Shaikholla, S.; Dikhanbayeva, D.; Shehab, E.; Turkyilmaz, A. Industry 4.0: Clustering of Concepts and Characteristics. Cogent Eng. 2022, 9, 2034264. [Google Scholar] [CrossRef]
  2. Ardito, L.; Petruzzelli, A.M.; Panniello, U.; Garavelli, A.C. Towards Industry 4.0. Bus. Process Manag. J. 2019, 25, 323–346. [Google Scholar] [CrossRef]
  3. Vaidya, S.; Ambad, P.; Bhosle, S. Industry 4.0—A Glimpse. Procedia Manuf. 2018, 20, 233–238. [Google Scholar] [CrossRef]
  4. Tupa, J.; Steiner, F. Industry 4.0 and Business Process Management. Tehnički Glasnik 2019, 13, 349–355. [Google Scholar] [CrossRef] [Green Version]
  5. Alcácer, V.; Cruz-Machado, V. Scanning the Industry 4.0: A Literature Review on Technologies for Manufacturing Systems. Eng. Sci. Technol. Int. J. 2019, 22, 899–919. [Google Scholar] [CrossRef]
  6. Ribeiro da Silva, E.H.D.; Shinohara, A.C.; Pinheiro de Lima, E.; Angelis, J.; Machado, C.G. Reviewing Digital Manufacturing Concept in the Industry 4.0 Paradigm. Procedia CIRP 2019, 81, 240–245. [Google Scholar] [CrossRef]
  7. Verhoef, P.C.; Broekhuizen, T.; Bart, Y.; Bhattacharya, A.; Qi Dong, J.; Fabian, N.; Haenlein, M. Digital Transformation: A Multidisciplinary Reflection and Research Agenda. J. Bus. Res. 2021, 122, 889–901. [Google Scholar] [CrossRef]
  8. Pilat, D.; Hatem, L.; Ker, D.; Mitchell, J. A Roadmap toward a Common Framework for Measuring the Digital Economy; Publisher: OECD. Available online: http://www.oecd.org/sti/roadmap-toward-a-common-framework-for-measuring-the-digital-economy.pdf (accessed on 17 March 2023).
  9. Ertz, M.; Boily, É. The Rise of the Digital Economy: Thoughts on Blockchain Technology and Cryptocurrencies for the Collaborative Economy. Int. J. Innov. Stud. 2019, 3, 84–93. [Google Scholar] [CrossRef]
  10. Kraus, S.; Durst, S.; Ferreira, J.J.; Veiga, P.; Kailer, N.; Weinmann, A. Digital Transformation in Business and Management Research: An Overview of the Current Status Quo. Int. J. Inf. Manag. 2022, 63, 102466. [Google Scholar] [CrossRef]
  11. Cernisevs, O. Analysis of the Factors Influencing the Formation of The Transaction Price in The Blockchain. Financ. Credit. Syst. Prospect. Dev. 2021, 3, 36–47. [Google Scholar] [CrossRef]
  12. Buka, S.; Surmach, A.; Cernisevs, O. Analysis of Aspects of the Regional Economy in the Digital Economy, Using the Example of Financial Services. Rev. Econ. Financ. 2022, 20, 203–207. [Google Scholar] [CrossRef]
  13. Cernisevs, O.; Popova, Y. ICO as Crypto-Assets Manufacturing within a Smart City. Smart Cities 2022, 6, 40–56. [Google Scholar] [CrossRef]
  14. Popova, Y.; Cernisevs, O. Smart City: Sharing of Financial Services. Soc. Sci. 2022, 12, 8. [Google Scholar] [CrossRef]
  15. Cordoș, G.S.; Fülöp, M.T.; Tiron-Tudor, A. UK audit reporting practices in the pre-ISA700 (2015 revision) era. Asian J. Bus. Ethics 2020, 9, 349–370. [Google Scholar] [CrossRef]
  16. Fülöp, M.T.; Tiron-Tudor, A.; Cordos, G.S. Audit education role in decreasing the expectation gap. J. Educ. Bus. 2019, 94, 306–313. [Google Scholar] [CrossRef]
  17. Fülöp, M.T.; Topor, D.I.; Ionescu, C.A.; Căpușneanu, S.; Breaz, T.O.; Stanescu, S.G. Fintech accounting and Industry 4.0: Future-proofing or threats to the accounting profession? J. Bus. Econ. Manag. 2022, 23, 997–1015. [Google Scholar] [CrossRef]
  18. Maté, A.; Zoumpatianos, K.; Palpanas, T.; Trujillo, J.; Mylopoulos, J.; Koci, E. A Systematic Approach for Dynamic Targeted Monitoring of KPIs. In CASCON; IBM Corp: Riverton, WY, USA, 2014; pp. 192–206. [Google Scholar]
  19. Siedler, C.; Langlotz, P.; Aurich, J.C. Modeling and Assessing the Effects of Digital Technologies on KPIs in Manufacturing Systems. Procedia CIRP 2020, 93, 682–687. [Google Scholar] [CrossRef]
  20. Simons, R. Sistemi Di Controllo e Misure Di Performance; EGEA: Milano, Italy, 2004. [Google Scholar]
  21. Shin, J.; Kim, Y.J.; Jung, S.; Kim, C. Product and Service Innovation: Comparison between Performance and Efficiency. J. Innov. Knowl. 2022, 7, 100191. [Google Scholar] [CrossRef]
  22. John Behringer Using Key Risk Indicators to Recover, Improve or Maintain Institutional Performance; 2011. Available online: http://mcgladrey.com/Banking-Financial-Institutions/Using-key-risk-indicators-to-recover-improve-or-maintain-institutional-performance (accessed on 3 January 2021).
  23. Schmid, M.M.; Sabato, G.; Aebi, V. Risk Management, Corporate Governance, and Bank Performance in the Financial Crisis. SSRN Electron. J. 2011, 36, 3213–3226. [Google Scholar] [CrossRef] [Green Version]
  24. Meier, H.; Lagemann, H.; Morlock, F.; Rathmann, C. Key Performance Indicators for Assessing the Planning and Delivery of Industrial Services. Procedia CIRP 2013, 11, 99–104. [Google Scholar] [CrossRef]
  25. Horváth, D.; Szabó, R.Z. Driving Forces and Barriers of Industry 4.0: Do Multinational and Small and Medium-Sized Companies Have Equal Opportunities? Technol. Forecast Soc. Chang. 2019, 146, 119–132. [Google Scholar] [CrossRef]
  26. Paritala, P.K.; Manchikatla, S.; Yarlagadda, P.K.D.V. Digital Manufacturing- Applications Past, Current, and Future Trends. Procedia Eng. 2017, 174, 982–991. [Google Scholar] [CrossRef] [Green Version]
  27. Esmaeilian, B.; Behdad, S.; Wang, B. The Evolution and Future of Manufacturing: A Review. J. Manuf. Syst. 2016, 39, 79–100. [Google Scholar] [CrossRef]
  28. Da Silva, E.R.; Shinohara, A.C.; Nielsen, C.P.; de Lima, E.P.; Angelis, J. Operating Digital Manufacturing in Industry 4.0: The Role of Advanced Manufacturing Technologies. Procedia CIRP 2020, 93, 174–179. [Google Scholar] [CrossRef]
  29. Zhu, Z.; Dhokia, V.G.; Nassehi, A.; Newman, S.T. A Review of Hybrid Manufacturing Processes–State of the Art and Future Perspectives. Int. J. Comput. Integr. Manuf. 2013, 26, 596–615. [Google Scholar] [CrossRef] [Green Version]
  30. Bajgoric, N.; Moon, Y.B. Business Model for Digital Economy Era: A Framework Based on the Churchman’s Theory of Design Integrity. Int. J. Bus. Syst. Res. 2017, 11, 284. [Google Scholar] [CrossRef]
  31. Torabi, S.A.; Giahi, R.; Sahebjamnia, N. An Enhanced Risk Assessment Framework for Business Continuity Management Systems. Saf. Sci. 2016, 89, 201–218. [Google Scholar] [CrossRef]
  32. Wang, Y.; Li, G.; Li, J.; Zhu, X. Comprehensive Identification of Operational Risk Factors Based on Textual Risk Disclosures. Procedia Comput. Sci. 2018, 139, 136–143. [Google Scholar] [CrossRef]
  33. Kaddumi, T.; Al-Kilani, Q.A. Operational Risks and Financial Performance—The Context of The Jordanian Banking Environment. J. Southwest Jiaotong Univ. 2022, 57, 338–349. [Google Scholar] [CrossRef]
  34. Ibrahim, I.; Melhem, B. Impact of the Human Resources on the Risk Management and the Company Performance. Int. J. Econ. Manag. Sci. 2016, 5, 1–5. [Google Scholar] [CrossRef]
  35. Silva, J.L.; Navarro, V.L. Work Organization and the Health of Bank Employees. Rev. Lat. Am. Enfermagem 2012, 20, 226–234. [Google Scholar] [CrossRef] [PubMed] [Green Version]
  36. Zhang, Q. Research on Bank Financial Risk Control Mechanism Based on KMV Model. Front. Bus. Econ. Manag. 2022, 6, 241–244. [Google Scholar] [CrossRef]
  37. Varga, S.; Brynielsson, J.; Franke, U. Cyber-Threat Perception and Risk Management in the Swedish Financial Sector. Comput. Secur. 2021, 105, 102239. [Google Scholar] [CrossRef]
  38. Nguyen, Q.T.T.; Nguyen, S.T.B.; Nguyen, Q.v. Can Higher Capital Discipline Bank Risk: Evidence from a Meta-Analysis. J. Risk Financ. Manag. 2019, 12, 134. [Google Scholar] [CrossRef] [Green Version]
  39. Hummel, K.; Laun, U.; Krauss, A. Management of Environmental and Social Risks and Topics in the Banking Sector—An Empirical Investigation. Br. Account. Rev. 2021, 53, 100921. [Google Scholar] [CrossRef]
  40. Laeven, L.; Levine, R. Bank Governance, Regulation and Risk Taking. J. Financ. Econ 2009, 93, 259–275. [Google Scholar] [CrossRef] [Green Version]
  41. Kunz, J.; Heitz, M. Banks’ Risk Culture and Management Control Systems: A Systematic Literature Review. J. Manag. Control 2021, 32, 439–493. [Google Scholar] [CrossRef]
  42. Faccia, A.; Moşteanu, N.R.; Cavaliere, L.P.L.; Mataruna-Dos-Santos, L.J. Electronic Money Laundering, The Dark Side of Fintech. In Proceedings of the 2020 12th International Conference on Information Management and Engineering, Amsterdam, The Netherlands, 16–18 September 2020; ACM: New York, NY, USA, 2020; pp. 29–34. [Google Scholar]
  43. Smart, A.; Creelman, J. RBPM: Integrating Risk Frameworks and Standards with the Balanced Scorecard. In Risk-Based Performance Management; Palgrave Macmillan: London, UK, 2013; pp. 53–84. [Google Scholar]
  44. Cox, L. Some Limitations of “Risk = Threat × Vulnerability × Consequence” for Risk Analysis of Terrorist Attacks. Risk Anal. 2008, 28, 1749–1761. [Google Scholar] [CrossRef] [PubMed]
  45. Abid, A.; Gull, A.A.; Hussain, N.; Nguyen, D.K. Risk Governance and Bank Risk-Taking Behavior: Evidence from Asian Banks. J. Int. Financ. Mark. Inst. Money 2021, 75, 101466. [Google Scholar] [CrossRef]
  46. Dash, G.; Paul, J. CB-SEM vs PLS-SEM Methods for Research in Social Sciences and Technology Forecasting. Technol. Forecast. Soc. Chang. 2021, 173, 121092. [Google Scholar] [CrossRef]
  47. Chin, W.; Cheah, J.-H.; Liu, Y.; Ting, H.; Lim, X.-J.; Cham, T.H. Demystifying the Role of Causal-Predictive Modeling Using Partial Least Squares Structural Equation Modeling in Information Systems Research. Ind. Manag. Data Syst. 2020, 120, 2161–2209. [Google Scholar] [CrossRef]
  48. Hair, J.F.; Hult, G.T.M.; Ringle, C.M.; Sarstedt, M.; Danks, N.P.; Ray, S. An Introduction to Structural Equation Modeling; Springer: Cham, Switzerland, 2021; pp. 1–29. [Google Scholar] [CrossRef]
  49. Popova, Y.; Zagulova, D. UTAUT Model for Smart City Concept Implementation: Use of Web Applications by Residents for Everyday Operations. Informatics 2022, 9, 27. [Google Scholar] [CrossRef]
  50. Popova, Y.; Popovs, S. Impact of Smart Economy on Smart Areas and Mediation Effect of National Economy. Sustainability 2022, 14, 2789. [Google Scholar] [CrossRef]
  51. Mateos-Aparicio, G. Partial Least Squares (PLS) Methods: Origins, Evolution, and Application to Social Sciences. Commun. Stat. Theory Methods 2011, 40, 2305–2317. [Google Scholar] [CrossRef] [Green Version]
  52. Ringle, C.M.; Sarstedt, M.; Mitchell, R.; Gudergan, S.P. Partial Least Squares Structural Equation Modeling in HRM Research. Int. J. Hum. Resour. Manag. 2020, 31, 1617–1643. [Google Scholar] [CrossRef]
  53. Memon, M.A.; Ramayah, T.; Ting, H.; Cheah, J.H.; Chuah, F.; Cham, T.H. Pls-Sem Statistical Programs: A Review. J. Appl. Struct. Equ. Model. 2021, 5, i–xiv. [Google Scholar] [CrossRef]
  54. Widaman, K.F. Exploratory Factor Analysis and Confirmatory Factor Analysis. In APA Handbook of Research Methods in Psychology, Vol 3: Data Analysis and Research Publication; American Psychological Association: Washington, DC, USA, 2012; pp. 361–389. [Google Scholar]
  55. Hair, J.F.; Risher, J.J.; Sarstedt, M.; Ringle, C.M. When to Use and How to Report the Results of PLS-SEM. Eur. Bus. Rev. 2019, 31, 2–24. [Google Scholar] [CrossRef]
  56. Nunnally, J.D. Psychometric Theory, 2nd ed.; McGraw-Hill: New York, NY, USA, 1978. [Google Scholar]
  57. Kock, N. WarpPLS 5.0 User Manual; ScriptWarp Systems: Laredo, TX, USA, 2015. [Google Scholar]
  58. Wong, K.K.K. Mastering Partial Least Squares Structural Equation Modeling (Pls-Sem) with Smartpls in 38 Hours; iUniverse: Bloomington, IN, USA, 2019; ISBN 9781532066498. [Google Scholar]
  59. Peter, J.P. Reliability: A Review of Psychometric Basics and Recent Marketing Practices. J. Mark. Res. 1979, 16, 6–17. [Google Scholar] [CrossRef]
  60. Bagozzi, R.P.; Yi, Y. On the Evaluation of Structural Equation Models. J. Acad. Mark. Sci. 1988, 16, 74–94. [Google Scholar] [CrossRef]
  61. Fornell, C.; Larcker, D.F. Evaluating Structural Equation Models with Unobservable Variables and Measurement Error. J. Mark. Res. 1981, 18, 39–50. [Google Scholar] [CrossRef]
  62. Henseler, J.; Ringle, C.M.; Sarstedt, M. A New Criterion for Assessing Discriminant Validity in Variance-Based Structural Equation Modeling. J. Acad. Mark. Sci. 2015, 43, 115–135. [Google Scholar] [CrossRef] [Green Version]
  63. Hair, J.; Hollingsworth, C.L.; Randolph, A.B.; Chong, A.Y.L. An Updated and Expanded Assessment of PLS-SEM in Information Systems Research. Ind. Manag. Data Syst. 2017, 117, 442–458. [Google Scholar] [CrossRef]
  64. Chin, W.W. The Partial Least Squares Approach to Structural Equation Modeling. In Modern Methods for Business Research; Marcoulides, G.A., Ed.; Lawrence Erlbaum Associates: Hillsdale, NJ, USA, 1998; pp. 294–336. [Google Scholar]
  65. Petter, S.; Straub, D.; Rai, A. Specifying Formative Constructs in Information Systems Research. MIS Q. 2007, 31, 623. [Google Scholar] [CrossRef] [Green Version]
  66. Hair, J.F., Jr.; Anderson, R.E.; Babin, B.J.; Black, W.C. Multivariate Data Analysis: A Global Perspective, 7th ed.; Pearson Education: Upper Saddle River, NJ, USA, 2010; ISBN 9780135153093. [Google Scholar]
  67. Hair, J.F.; Ringle, C.M.; Sarstedt, M. PLS-SEM: Indeed a Silver Bullet. J. Mark. Theory Pract. 2011, 19, 139–152. [Google Scholar] [CrossRef]
  68. Popova, Y.; Zagulova, D. Aspects of E-Scooter Sharing in the Smart City. Informatics 2022, 9, 36. [Google Scholar] [CrossRef]
  69. Van Greuning, H.; Bratanovic, S.-S.B. Capital Adequacy. In Analyzing Banking Risk, 4th ed.; A Framework for Assessing Corporate Governance and Risk Management; The World Bank: Washington, DC, USA, 2020; pp. 127–172. [Google Scholar]
  70. Greenacre, J.; Buckley, R.P. Using Trusts to Protect Mobile Money Customers. Singap. J. Leg. Stud. 2014, 59–78. Available online: http://www.jstor.org/stable/24872233 (accessed on 17 March 2023).
  71. Brener, A. Payment Service Directive II and Its Implications. In Disrupting Finance; Springer International Publishing: Cham, Switzerland, 2019; pp. 103–119. [Google Scholar]
  72. Polasik, M.; Huterska, A.; Iftikhar, R.; Mikula, Š. The Impact of Payment Services Directive 2 on the PayTech Sector Development in Europe. J. Econ. Behav. Organ. 2020, 178, 385–401. [Google Scholar] [CrossRef]
  73. Khalilzadeh, M.; Katoueizadeh, L.; Zavadskas, E.K. Risk Identification and Prioritization in Banking Projects of Payment Service Provider Companies: An Empirical Study. Front. Bus. Res. China 2020, 14, 15. [Google Scholar] [CrossRef]
  74. Fantazzini, D.; Calabrese, R. Crypto Exchanges and Credit Risk: Modeling and Forecasting the Probability of Closure. J. Risk Financ. Manag. 2021, 14, 516. [Google Scholar] [CrossRef]
  75. Dijkstra, T.K.; Henseler, J. Consistent Partial Least Squares Path Modeling. MIS Q. 2015, 39, 297–316. [Google Scholar] [CrossRef]
  76. Hair, J.; Hult, G.T.M.; Ringle, C.; Sarstedt, M. A Primer on Partial Least Squares Structural Equation Modeling; Springer: Cham, Switzerland, 2014; ISBN 1452217440. [Google Scholar]
  77. Ab Hamid, M.R.; Sami, W.; Mohmad Sidek, M.H. Discriminant Validity Assessment: Use of Fornell & Larcker Criterion versus HTMT Criterion. J. Phys. Conf. Ser. 2017, 890, 012163. [Google Scholar] [CrossRef]
Informatics 10 00054 g001 550
Figure 1. Structural model risk types relations. (Source: generated by the authors based on PLS-SEM in SmartPLS 4.0.)
Figure 1. Structural model risk types relations. (Source: generated by the authors based on PLS-SEM in SmartPLS 4.0.)
Informatics 10 00054 g001
Table
Table 1. Threat evaluation criteria for internal processes.
Table 1. Threat evaluation criteria for internal processes.
Risk GroupVery HighHighMediumLowVery Low
GovernanceMore than 50% of decisions are not delivered for final execution, which is a critical failure.
Making decisions too slowly results in crucial failures that make it impossible to carry out essential tasks. The impact threatens the initiative or organization’s continued existence.		A less than 50% failure rate occurs when choices are not delivered for final execution.
Failure to make choices results in the breakdown of crucial processes, which lowers performance. The initiative, activity, or organization’s survival is in jeopardy.		Decisions are not provided in time for the last execution.
Delays in making decisions have an effect on the company and lead to poorer performance, including missed goals. Although there is no threat to an organization’s existence, there may be a thorough evaluation.		Decisions are not provided in time for the last execution.
Delays in making decisions have an effect on the company and lead to poorer performance, including missed goals. Although there is no threat to an organization’s existence, there may be a thorough evaluation.		Minor failures of the internal procedure’s execution.
OperationalA widespread or protracted halt to activities:
-Inability to promote services effectively.
-Dangerous market share loss threat.		To handle operational issues, significant internal and/or external resources must be committed:
-Significant and/or ongoing business disruptions.		Implementing increased internal and/or external resources is necessary for handling operational challenges:
-More extensive or widespread organizational inefficiency (s).		Aggravation of the resources that must be dedicated to resolving practical issues:
-Minor inefficiencies in functioning.		Modest resources need to be committed to internal operational issues:
-Insignificant operational inefficiency.
Financial>EUR 990,000EUR 330,000.01–EUR 990,000EUR 160,000.01–EUR 330,000EUR 30,000.01–EUR 160,000<EUR 30,000
Human ResourcesProtracted unavailability of critical skills/personnel.Unavailability of critical skills of personnel.Unavailability of core skills affecting services. Minor impact to capability.Minor skill impact.
CyberDestruction or complete loss of >50% of assets.
Critical failure(s) preventing core activities from being performed. The impact threatens survival of the project or organization itself.		Extensive damage or loss of <50% of assets.
Breakdown of key activities leading to reduction in performance. Survival of the project/activity/organization is threated.		Damage or loss of <20% of assets.
Impact on organization resulting in reduced performance such as targets not being met. Organization’s existence is not threatened but could be subject to significant review.		Minor damage or loss of <5% of assets.
Some impact on business areas in terms of delays and system quality but able to de dealt with at operational level.
Minor damage or vandalism of assets.
Minimal impact on non-core business operations. The impact can be dealt with by routine operations.
Capital Adequacy>50% of the capital30–50% of the capital15–30% of the capital5–15% of the capital<than 5% of the capital
Financial CrimeExtreme consequencesHigh consequencesMedium consequencesLow consequencesMinor consequences
Source: generated by the authors.
Table
Table 2. Vulnerabilities evaluation criteria.
Table 2. Vulnerabilities evaluation criteria.
Very HighHighMediumLowVery Low
Event is expected to occur in most circumstances
90–100%.		Event will probably occur in most circumstances
60–90%.		Event is as likely to occur as to not occur
35–60%.		Event could occur at some point in time
10–35%.		Event may only occur in exceptional circumstances
0–10%.
Source: generated by the authors.
Table
Table 3. The use weights of components.
Table 3. The use weights of components.
Numeric ValueLetter AbbreviationTitle
1VLVery low/irrelevant
2LLow
3MMedium
4HHigh
5VHVery high
Source: generated by the authors.
Table
Table 4. Recommended assessment of PLS-SEM.
Table 4. Recommended assessment of PLS-SEM.
AssessmentDescriptionCriteria
Construct validity (outer model)
Number of iterationsSum of the outer weights’ changes between two iterations [52]5–10
Maximum number of iterations [53]300
Item reliability Indicators loadings (IL) [54,55,56,57]>0.70 (highly satisfactory)
>0.50≤0.70 (acceptable)
>0.40≤0.50 (week)
Convergent validity (the study variables represent the latent constructs intended for measurement, as demonstrated by convergent validity)Design reliability, a gauge of the scale components’ internal coherence [56,58]—(CR)>0.80 [59] (satisfactory)
>0.70≤0.80 (acceptable)
>0.60≤0.70 (an acceptable range in exploratory study is 0.60 to 0.70)
Average variance extracted (AVE)>0.5 [60]
AVE > 0.5 and CR ≤ 0.6 [61]
Discriminant validity Fornell and Larcker (F&L), in SmartPLS—divergent validity heterotrait: monotrait ratios (HTMT) [62,63]Confidence intervals should not contain a value of 1; values lower than 0.85 for conceptually different constructs and below 0.90 for similar constructs
Structural model (inner model)
Coefficient of determination The preferred number is a greater one [52,64]—R20.67 (substantial)
0.33 (average)
0.19 (weak)
Standardized path coefficients Identify the importance and the confidence intervals—B (β)from −1 to +1.
Effect size The strength of the connection between two variables in a population is measured by the effect size—f20.35 (strong effects)
0.15 (moderate)
0.02 (weak)
Variance inflation factorAn indicator of the degree of multicollinearity (VIF)VIF ≤ 3.3 [65,66,67]
Final model evaluation
Fit measures Standardized root mean square residual (SRMR)—the disparity between the observed correlation and the model-implied correlation matrix is known as the SRMR. As a result, it enables evaluation of the (model) fit criterion using the average magnitude of the discrepancies between observed and anticipated correlations [62].≤0.08
Developed by authors based on the [68].
Table
Table 5. Measurement values.
Table 5. Measurement values.
ConstructsCRAVEComposite Reliability (rho_a)
Cyber Risk0.9950.9811.005
Operational Risk0.9760.9120.995
Financial Risk0.9700.8940.980
Financial Crime Risk0.9890.9s541.073
Human Resource Risk0.9920.9681.004
Governance Risk0.9830.9350.994
Capital Adequacy Risk0.9860.9470.988
Source: generated by the authors on the basis of SmartPls 4.0.
Table
Table 6. Fornell–Larcker criterion.
Table 6. Fornell–Larcker criterion.
AMLCapital AdequacyCyberFinanceGovernanceOperationalStaff
AML 0.977
Capital Adequacy 0.2530.973
Cyber −0.657−0.2640.991
Finance 0.2550.490−0.1210.945
Governance0.1270.755−0.3440.3040.967
Operational0.4920.334−0.2580.5260.3110.955
Staff−0.311−0.1100.171−0.128−0.020−0.0040.984
Source: generated by the authors on the basis of SmartPls 4.0.
Table
Table 7. HTMT requirement.
Table 7. HTMT requirement.
AMLCapital AdequacyCyberFinanceGovernanceOperationalStaff
AML
Capital Adequacy 0.215
Cyber 0.6590.261
Finance 0.2320.4830.138
Governance0.1270.7560.3430.291
Operational0.4900.3150.2470.5290.299
Staff0.3250.1080.1680.1270.0530.046
Source: generated by the authors on the basis of SmartPls 4.0.
Table
Table 8. Inner model collinearity statistics (VIF).
Table 8. Inner model collinearity statistics (VIF).
Capital AdequacyFinance
AML 2.6652.665
Capital Adequacy
Cyber 2.1242.124
Finance
Governance1.3201.320
Operational1.5751.575
Staff1.1541.154
Source: generated by the authors on the basis of SmartPls 4.0. Background color: it shows that this row excluded from calculation.
Table
Table 9. Direct effects.
Table 9. Direct effects.
Risk Groupβf2STDEV2.5%97.5%
AML risk → Capital adequacy0.1500.0610.233−0.2290.680
AML risk → Finance0.0160.0001.614−0.6020.765
Cyber risk → Capital adequacy0.1190.0390.198−0.1790.592
Cyber risk → Finance0.0720.0060.294−0.4700.663
Governance risk → Capital adequacy0.7421.2020.2780.2231.223
Governance risk → Finance0.2180.0441.482−0.6740.995
Operational risk → Capital adequacy0.0130.0000.244−0.4670.433
Operational risk → Finance0.4470.0443.507−0.7320.950
Staff risk → Capital adequacy−0.0620.0050.393−1.1530.401
Staff risk → Finance−0.2000.0231.175−1.0991.177
Source: generated by the authors on the basis of SmartPls 4.0.
Table
Table 10. Result of hypotheses testing.
Table 10. Result of hypotheses testing.
Hypotheses Result of Checking
H1AML risk → Capital adequacyConfirmed
H2AML risk → FinanceNot Confirmed
H3Cyber risk → Capital adequacyConfirmed
H4Cyber risk → FinanceNot Confirmed
H5Governance risk → Capital adequacyConfirmed
H6Governance risk → FinanceConfirmed
H7Operational risk → Capital adequacyNot Confirmed
H8Operational risk → FinanceConfirmed
H9Staff risk → Capital adequacyNot Confirmed
H10Staff risk → FinanceNot Confirmed
Source: generated by the authors on the basis of SmartPls 4.0.
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Cernisevs, O.; Popova, Y.; Cernisevs, D. Risk-Based Approach for Selecting Company Key Performance Indicator in an Example of Financial Services. Informatics 2023, 10, 54. https://doi.org/10.3390/informatics10020054

AMA Style

Cernisevs O, Popova Y, Cernisevs D. Risk-Based Approach for Selecting Company Key Performance Indicator in an Example of Financial Services. Informatics. 2023; 10(2):54. https://doi.org/10.3390/informatics10020054

Chicago/Turabian Style

Cernisevs, Olegs, Yelena Popova, and Dmitrijs Cernisevs. 2023. "Risk-Based Approach for Selecting Company Key Performance Indicator in an Example of Financial Services" Informatics 10, no. 2: 54. https://doi.org/10.3390/informatics10020054

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop