International Journal of Financial Research

In the rapidly evolving and increasingly volatile global business landscape, robust governance mechanisms are no longer a matter of best practice but are essential for organizational sustainability, resilience, and long-term value creation. At the heart of effective enterprise risk management (ERM) lies not only the sophistication of risk identification and mitigation processes, but also, critically, the unfettered structural independence of the risk management function. This conceptual paper examines the structural and behavioral impediments to ERM independence under prevailing corporate governance models. It analyzes three common reporting structures for the ERM function: reporting to senior management, reporting to the Chief Executive Officer (CEO), and a hybrid model of reporting to the Board of Directors with a “dotted line” to the CEO. This study contends that each paradigm, based on agency theory and corporate governance principles, harbors intrinsic conflicts of interest that undermine the impartiality, authority, and overall efficacy of Enterprise Risk Management (ERM). The CEO's impact on performance evaluations and compensation, even in a dotted-line relationship, is seen as a substantial threat to behavioral independence. Consequently, this paper develops a conceptual framework for an optimal reporting structure. It posits that true independence is only achievable when the ERM function reports directly and exclusively to the Board of Directors or a dedicated Board Risk Committee. Furthermore, the framework asserts that the remuneration, budget, and resources of the ERM function must be determined at the Board level, completely insulated from management’s influence. This proposed model, termed the “Unfettered Guardian” framework, is designed to align the ERM function with the Board’s oversight duty, ensuring it serves its primary purpose as an objective guardian of shareholder value and long-term organizational sustainability.