THE DEVELOPMENT OF RISK DISCLOSURE IN ANNUAL REPORTS IN THE NETHERLANDS FROM 1970 TO 2015.

(1)

THE DEVELOPMENT OF RISK DISCLOSURE IN ANNUAL

REPORTS IN THE NETHERLANDS FROM 1970 TO 2015.

Silke Hoekstra - S2527316

Msc. Accountancy

Prof. dr. A. de Jong

20-06-2018

(2)

3 Personal information

Name

Silke Hoekstra

Date of birth

21-05-1995

Student number

2527316

E-mail

s.a.hoekstra@student.rug.nl

E-mail (alternative)

s.a.hoekstra1@gmail.com

Study program

Accountancy & Controlling

Supervisor

Prof. dr. A. de Jong

Second assessor

Dr. S. Mukherjee

Abstract

This research investigates the development of risk disclosure in annual reports in the Netherlands from

1970 to 2015. This research is based on annual reports that were collected using five-yearly data. This

research is a descriptive study on annual reports of listed companies in the Netherlands. In this thesis I

investigate the changes that can be found in relation to risk disclosure in annual reports in the period from

1970 to 2015, the causes of these changes are as well investigated. It can be concluded that risk disclosure

has increased during the period of this study. This is mainly due to the introduction of a Corporate

Governance Code in 1997 and again a new code in 2004. Finally, some recommendations are given for

further research and for business.

(3)

4 Acknowlegement

Since February 1st I have been working on this thesis at EY in order to graduate for the Master Accountancy

& Controlling. It has been an intensive process and I would like to express my thanks to some people for

their support and advice during the writing of this thesis. First of all I want to thank my supervisor Prof. Dr.

A. de Jong. I appreciate the time he took to give useful feedback and suggestions. I am also grateful to EY,

for giving me the oppurtunity to write my thesis within their company. Finally, I would like to thank my

friends and family for their support and in particular my dad, who helped me finishing this thesis.

Many thanks,

Silke Hoekstra

(4)

5

_Introduction

Nowadays the annual report and the reliability of it is of utmost importance. In 1978 the law on external financial accounts became applicable for Dutch limited liability companies, this was the first law that set requirements for the annual report. Due to several scandals, at the beginning of this century corporate governance gained a lot of attention. Think of the book keeping scandal of Ahold in 2003, or the well-known Enron scandal in 2001, which led to the bankruptcy of the Enron Corporation. The Parmalat scandal in 2003 can be seen as the final cause that has led to the introduction of the Corporate Governance Code in the Netherlands. This code was introduced in 2004. The purpose of this code was to prevent new scandals to happen.

The annual report is a document that is mandated to be produced every year. The annual report serves to provide useful information to users for better decision-making, among that information is risk management. Why do companies disclose risk management policies and instruments in annual reports? Partly because it is legally required, however most companies disclose more than the legal requirements nowadays (Amran, Bin, Hassen, 2009). Risks are present in nearly all firms’ financial and economic activities (Dionne, 2013). In the period from 1973 to 1994 the economic growth was declining. Where the growth rate of the GDP was 5% in the 1960s, it dropped to 2% in the 1970s (Van Zanden, 1997, pp. 212). The exchange rates fluctuated strong in the 1970s due to two oil crises. In 2000 there was the dot-com bubble. Companies are exposed to financial risks at all times, no matter what type of event happened during the years.

The risk disclosure in annual reports has changed in the period 1970 – 2015. For example, comparing the annual reports of Heineken of 1970 and 2015, a change in risk reporting can be found. In 1970 there is nothing written about the risks Heineken is facing, while in the annual report is stated that the export of Heineken is growing as well as the production in foreign countries. E.g. the export to the United States increased in 1970. Heineken also exports to countries in Africa and Asia. Not every country has the same currency as the Netherlands. This means that Heineken works with other currencies than the guilder. Fluctuations in these currencies is a risk Heineken is facing, also in the year 1970. When looking at the annual report of Heineken in 2015 it shows that a whole section is dedicated to risks. In this specific annual report Heineken explains which financial risks the company is facing, like credit risk, liquidity risk and market risk. Heineken explains as well how the company is managing these risks. It explains that credit risk is the risk of financial loss to Heineken if a customer or counterpart to a financial instrument fails to meet its contractual obligations, and it arises principally from Heineken’s receivables from

(8)

9

customers and securities (annual report Heineken 2015). In 1970 this risk was also relevant because Heineken also had receivables on the balance sheet. It is likely to assume that Heineken was dealing with these risks internally but it chooses not to report about the risk management in the annual report. When analyzing the annual reports of Heineken every 5 year in the period from 1970 to 2015 it stands out that Heineken starts to disclose about financial risks in 2000. Financial risks are relevant during all times but Heineken does not disclose until 2000. The questions that rise from this phenomenon is why and when did companies start to disclose more information about the financial risks they are facing?

It is therefore interesting to investigate the causes of changes in risk reporting and how risk reporting has changed. The aim of this study is to investigate the development of risk reporting in annual reports of Dutch firms in the period from 1970 to 2015. There are already many studies that focus on risk reporting. Beretta and Bozzolan (2004) for example investigate whether the size and industry of a company is associated with risk disclosure. They did not find a relationship between these variables, so there must be other reasons for companies to disclose about risk management. Linsley and Shrives (2006) conducted a study about risk reporting in annual reports in the UK. Abraham and Cox (2007) analyze the determinants of narrative risk information. Finally, Elshandidy and Neri (2015) examine the influence of corporate governance on risk disclosure. These examples are only a small selection from the available studies about risk reporting.

This study is focusing on the development of risk disclosure in annual reports, regarding Dutch stock market listed companies. Within this study I will try to find an answer on the question why risk reporting changed during the years from 1970 to 2015. Different countries have different motives for risk reporting. According to Elshandidy and Neri (2015) the strength of corporate governance within a country influences the risk disclosure. The existing literature about the differences in risk reporting between countries emphasizes the importance of the differences in the disclosure (Dobler, Lajili & Zéghal, 2011; Elshandidy, Fraser & Hussainey, 2014). It is therefore interesting to look at one specific country, in this case The Netherlands. The timeframe of this research is from 1970 to 2015, as during this period many events have occurred, that might have caused a change in risk reporting in the Netherlands. One of the explanatory factors of the change in risk reporting could be the corporate governance codes in 1997 and 2004 (Akkermans, van Ees, Hermes, Hooghiemstra, van der Laan, Postma and Witteloostuijn, 2007). The first corporate governance code in the Netherlands was introduced in 1997 by the committee Peters, named after the chairman of the committee (Committee on Corporate Governance, 1997). This corporate governance code was a private sector self-regulation initiative (De Jong, de Jong, Mertens and Wasley, 2005). In addition to the existing legislation on corporate

(9)

10

governance, a committee was composed to create a new corporate governance code. At the end of 2003 the Corporate Governance Code has been introduced by the committee Tabaksblat, named after the chairman of the committee. Listed companies are not obliged to comply with the code, but if they do not they must explain why, this is called comply or explain.1 Since the code of 2003, Dutch companies are required to include a risk section in their annual report. Is this code one of the determinants that has caused the change in risk reporting? Possibly, because these codes require detailed information concerning risk reporting.

The purpose of this descriptive study is to determine what changes can be distinguished in the risk disclosure in annual reports and which factors cause these changes. This leads to the following two research questions: What changes can befound, related to the risk disclosure, in annualreports from 1970 to 2015 as well as what causes these changes? In order to answer these research questions, it is important to get an understanding about what risk reporting is, and in order to get an idea about the possible causes for the changes, different aspects need to be investigated. Such as the law on annual accounts (1970), and the two corporate governance codes that have been introduced in the Netherlands in 1997 and 2004, as these codes might have had an influence on the risk reporting of companies.

1.1 Scientific contribution

Risk reporting is an interesting subject to research because risk reporting is becoming more and more important for organizations nowadays. As mentioned before a great number of studies are focused on this subject. There are several studies that are based on one specific country, like the UK (Linsey and Shrives, 2006) or Malaysia (Amran, Bin and Hassan, 2009). Therefore, it is interesting to investigate what the determinants are thatcause the change in risk reporting from 1970 to 2015 in the Netherlands. Previous literature tried to find an explanation for risk reporting differences. Mostly, the focus is on differences between risk reporting nowadays. For example, research looks at country and cultural differences and firmcharacteristics (Abraham and Cox, 2007, Elshandidy, Fraser and Hussainey, 2013). Other studies do not focus on the development of risk reporting during a certain period, they focus mostly on one or more years after the implementation of The Corporate Governance Code or IFRS (Mertens and Blij, 2008; Deumes and Knechel 2008; Deumes, 2000). This research has a different angle, it investigates the change in risk reporting in annual reports over a lengthy period of 45 years, and specifically in the Netherlands. Therefore this research tries to find an explanation for the change in risk reporting during

(10)

11

those years, considering the different aspects that might affect the change. The results of this study could provide useful information regarding the understanding of changes in risk reporting over time.

1.2 Practical Relevance

Besides the theoretical contribution of this thesis, the outcomes of this study are also relevant in practice. The aim is to understand the changes in risk reporting during the period. Investors but also other stakeholders like suppliers or employees, are interested in risk reporting to improve their decisions based on annual reports (Solomon, Norton and Jospeh, 2000). It is therefore interesting to understand the demand of these stakeholders concerning risk reporting. If we understand that demand, firms can use this knowledge and anticipate to it.

1.3 Thesis outline

This thesis continues as follows: first a chapter is dedicated to the theories that apply to this research, next the Dutch settingwill be introduced and discussed. After that the methodology chapter describes the methods used for this research, followed by the results. That last chapter contains also the further analysis of the research. Finally, this thesis will end with a conclusion and discussion chapter.

(11)

12

2

Literature review

This chapter will elaborate the concepts that are related to the disclosure of financial risks and the theories that are associated with this topic. First of all the concepts: annual report, risks, risk management and risk reporting will be explained. Secondly the literature about risk disclosure will be reviewed and finally the theories that this research is based on, agency theory and stakeholder theory, will be discussed.

2.1 Annual report

In this study the development of risk disclosure in Dutch annual reports will be examined. It is therefore necessary to determine what is meant by the term annual report. An annual report is “a document produced each year by limited liability companies (and other companies) containing the accounting information required by law” (Weetman, 2010). When examining an annual report, it is obvious that it consists of more than the accounting information, there is also a lot of non-financial information given. The financial information in an annual report consists at least of the company’s balance sheet, profit and loss accounts and the cash flow statements. The non-financial information usually consists of a statement of the executive board, including a description of all events that affected the performance of the company in the past year and a outlook towards the coming year. Most of the time the annual report also includes a corporate governance section, in which a company explains whether they are in compliance with the Dutch Corporate Governance Code or their gender balance. The annual report always contains an auditor report, the auditor’ opinion regarding the degree of independence of the accounting and the final statement of the accountant. The report also includes a risk section, where the risks the company is facing, are explained. Most of the times the way to manage these risks is also explained. The annual reports nowadays contain considerable more information than the annual reports in 1970. For example, the annual report of Heineken in 1970 consisted of 51 pages versus the report of 2015 with 159 pages.

2.2 Risk

The central subject of this study is risk disclosure. Therefore, the term risk needs to be defined. Risk is a difficult term to define, for there are a lot of definitions.

Pre-modern ideas of risk were based on the occurrence of natural events, like natural disasters (Lupton, 1999). The industrial revolution (1750) was the cause of the transition to the calculation of probabilities and led therefore to a different idea of risk (Linsley and Shrives, 2006). Contemporary definitions of risk are based on the modern view, it takes into consideration both positive and negatives outcomes. Different

(12)

13

definitions are used in different situations. In everyday language risk is defined as threat or danger, in finance textbooks risk is often defined as sets of circumstances which can be quantified and to which probabilities can be assigned to sets of circumstances (Watson and Head, 2001). Uncertainty on the other hand, implies that probabilities cannot be assigned to sets of circumstances. This means that risks, like for example the chance that the dollar/euro rate is dropping, can be quantified and uncertainty’s, like the occurrence of a natural disaster cannot be quantified.

The definition of risk according to Committee Of Sponsoring Organizations (COSO) in 2004 is as follows: “Events can have negative impact, positive impact, or both. Events with a negative impact represent risks, which can prevent value creation or erode existing value.” This definition is in accordance with the pre-modern view of risk, it does not take into consideration the positive aspect of risks. The definition used in this study is from the COSO framework of 2016 that says, “ risk is the possibility that events will occur and affect the achievement of strategy and business objectives”. The reason for using the 2016 COSO definition in this study is that this definition is a modern one, it takes into consideration the positive and negative aspects of risks (Linsley and Shrives, 2006).

In order to measure the impact of risks, the terms likelihood and impact are important (Emanuels and de Munnik, 2006). Likelihood represents the possibility that a given event will occur (Deloitte, 2012). Impact refers to the extent to which a risk event might affect the company (Deloitte, 2012). Different types of risks can be identified, following the model developed by the Institute of Chartered Accountants in England and Wales (1988), this model includes six categories:

- Financial risks - Operations risks - Empowerment risks

- Information processing and technology risks - Integrity risks

- Strategic risks

This study focuses on financial risks alone, as financial risks have a direct influence on the loss of value of assets and liabilities (Cabedo and Tirado, 2004). Financial risks ‘relate to possible losses owing to financial

market activities’ (Jorion, 2007). The financial risks this study focusses on are interest rate risk, exchange

(13)

14

Interest rate risk is ‘the exposure of an institution to movements in the interest rate’ (Gietzen, 2017). Liquidity risk is ‘the risk that an institution is unable to meet its immediately outstanding obligations’ (Gietzen, 2017). Exchange rate risk is a risk that exists when a financial transaction is denominated in a

currency other than that of the base currency of the company (Levi, 2005). Credit risk is ‘the potential that a bank borrower of counterparty will fail to meet its obligations in accordance with agreed terms’

(Basel Committee on Banking Supervision, 2000).

The reasons for focusing on financial risks only in this study, are 1. these risks are of all times and 2. it is therefore interesting to investigate how financial risk disclosure has developed over the years, and 3. due to the fact that most companies disclose about financial risks versus little about other risks, a lot of literature is available. Lajili and Zeghal (2005) for example found in their research that companies mostly disclose about financial risks, not about other risks. In addition, Linsley and Shrives (2005) conducted a study in the UK that came to the very same conclusion, namely that financial risks are the most frequent types of risks that are disclosed. So, I conclude that financial risks are the most frequently discussed types of risk in annual reports and therefore make a solid source of information for this study.

2.3 Risk management

The history of modern risk management goes back to 1955 – 1964 (Dionne, 2013). At first risk management was associated with the use of insurances to protect companies from losses associated with accidents (Harrington and Niehaus, 2003). Later risk management emerged to the development of planning activities and risk prevention or self-protection activities. In the 1980s the use of derivatives became popular and also the financial risk management gained interest. In the 1980s the development of internal risk management models and international regulations started. Due to various scandals and many bankruptcies, like Enron, resulting from poor risk management, the SOX regulation was introduced in the US in 2002 (Dionne, 2013). Two years after the enactment of the Sarbanes Oxley Act in the U.S., the Netherlands introduced their own standards, the Corporate Governance Code of 2004.

Centralized risk management is useful to any corporation that has exposure to financial risks (Jorion, 2007). Gaining insight about the financial risks a firm is facing, may provide the firm a competitive advantage. Understanding the risks that might be a threat to the firm is important, as understanding these risks makes it possible to manage and control these risks. It is reasonable to claim that companies have more risk related information available then they choose to disclose. As mentioned before in the annual report of Heineken in 1970 risks are not mentioned, in the annual report of 2015 an extensive risk section is available. Financial risks are relevant during all times, also for Heineken. Heineken was

(14)

15

managing its risks internally but apparently choose to not disclose about it in 1970’s. At some point Heineken made the decision to disclose about the financial risks the firm is facing. It is interesting to investigate what the drive was for this change.

Risk and risk management are two closely related terms. Risk management is not only about managing the risks, but also frequently used in a broader sense. According to Power (2004), risk management started to gain interest within private companies in the mid-1990s. Due to several scandals, like Ahold, Enron and Parmalat, corporate governance and in particular risk management gained a lot of attention. In 1992 COSO introduced the Internal Control – Integrated Framework (ICIF). This framework includes recommendations and guidelines concerning the internal control system within companies (Gupta, 2009). Another reason for the increased interest of companies in risk management is the increasing complexity and changes in the world markets, the need for risk management has therefore become more and more important (Amran et al. 2009).

Risk management is, according to Emanuels and de Munnik (2006), “The system that enables management to identify, analyze and manage the relevant risks, the risks which can adversely affect the objectives of the organization”. There are several frameworks, like ISO 13000 and the COSO ERM framework, that can be implemented with regard to risk management. Next the COSO ERM framework will be explained, as it is the most frequently used framework when it comes to risk management models (The Institute of internal Auditors, 2008 p.27).

2.4 COSO

As mentioned above a commonly known risk framework is COSO. COSO set up a project in 2001 to develop a framework because of the need for it, due to increasing concern and focus on risk management (COSO, 2004 p. 5). The Enterprise Risk Management (ERM) is the framework that was introduced in 2004. This framework can be seen as a renewed framework, as in 1992 a first draft was published by the COSO committee followed by updates later on. The first report included recommendations and guidelines concerning the internal control within an organization. In reality the framework of 2004 can be seen an expansion of the report of 1992 (Paape, Freriksen and Swagerman, 2006).

(15)

16

According to COSO (in 2004) risk management is:

‘Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.’ (COSO, 2004, p.2).

The COSO ERM framework is focused on the achievement of companies objectives, divided in four categories: - Strategic – are the goals aligned with the mission?

- Operations – are the resources used effective and efficient? - Reporting- is reporting reliable?

- Compliance – are we in compliance with applicable laws and regulations? The framework itself consists of 8 interrelated components:

Internal environment – The internal environment of the company includes the tone at the top of an

organization, how the basic response is to risks and how to deal with risks. It also includes the risk appetite in general and the ethical values of an organization (COSO, 2004).

Objective setting - Events can affect the goals and strategy of a firm, it is important that management

has a process that identifies the objectives (COSO, 2004).

Event Identification – The company has a risk framework in place that identifies the risks and

opportunities (COSO, 2004).

Risk Assessment - It is important for management purposes to identify the risks in order to measure the

possible impact of the risks and how they should be managed (COSO, 2004).

Risk Response – This is the part where management selects risk - responses, avoiding, accepting,

reducing or sharing risks- and act to manage these risks (COSO, 2004).

Control Activities – Within the company policies and procedures are integrated in order to ensure the

(16)

17

Information & Communication – This component is about how relevant information is identified,

processed and communicated (COSO, 2004).

Monitoring – The monitoring process makes sure that the process is optimally effective and that

improvements are identified (COSO, 2004).

All these components are derived from the way management runs an enterprise and are integrated into the management process (COSO, 2004). The components are displayed in the figure below. On top of the cube the four objectives are displayed which represent the goals a company. All the components and objectives are interrelated, they should be seen in full relation to each other. This cube, as shown in figure 1, tries to make clear to the user that the risk environment can be classified as a whole (the entire cube), but also in parts (category level, component level and at each level of the company).

2.5 Risk reporting

The increasing complexity and changes in the market calls for more risk reporting in non- financial sectors (Dobler, 2008). In 1998 the Institute of Chartered Accountants in England and Wales (ICAEW) published a discussion paper, called Financial Reporting of Risk – Proposals for a statement of Business Risk. This was the first of three documents that were issued because the ICAEW noted the risk information gap. As a response three discussion papers were issued (1998, 1999 and 2002) stimulating directors to report more and better about risks (Linsley and Shrives, 2006). In 2004 the International Accounting Standards Board (IASB) came up with a publication of a new International Financial Reporting Standard (IFRS), IFRS 7 Financial Instruments: Disclosures. This new standard came into force in 2007 for listed companies in the EU and it required companies to report about risks. The Corporate Governance Code of 2004, where one of the requirements is a separate risk section, is also an example of the increasing attention for risk reporting.

(17)

18

Risk reporting is ‘risk-related disclosures, which imply information on the distribution of future cash flows’ (Dobler, 2008). Risk reporting consists of two factors, internal risk reporting and external risk reporting. This study is focusing on the external side of risk reporting in annual reports, and also on the verifiable risk reporting information; namely the risk reporting disclosed in annual reports.

There is much literature available concerning risk reporting. Abraham and Cox (2007) and Linsley and Shrives (2006) for example, did a study about risk reporting in UK firms. Abraham and Cox (2007) find that listed companies in the UK disclose more than non-listed companies. Linsley and Shrives (2006) find a positive relation between the quantity of risk disclosure and firm size. These studies are one-year studies. In the literature there are also studies performed that are multiple year studies. For example, Rajab & Handley-Schachler (2009) find that the quantity of risk disclosure has increased during the years from 1998 – 2004 because of accounting regulating and accounting institutes’ recommendations.

2.6 Risk disclosure

The annual report of companies is one way used to disclose information. The annual report consists of financial and non-financial disclosure. Risk disclosure is part of the non-financial disclosure. Risk disclosure is important to investors, investors need to understand the risks of a company. In order to understand these risk, information is needed (Dobler, 2008). In 1997, in the United Sates the SEC required companies to disclose about market risks. In the United Kingdom, the Operating and Financial Review, introduced in 1993 recommends about the key risks. In 1998 the Combined Code on Corporate Governance required listed companies to implement an internal control system. Also in the Netherlands a Corporate Governance Code was introduced in 1997. This code contains recommendations to increase transparency about policies and accountability. What stands out is that in the period around the mid-1990s risk disclosure started to gain interest.

Risk disclosure is ‘the communication of information concerning firms’ strategies, characteristics,

operations, and other external factors that have the potential to affect expected results’ (Beretta and

Bozzolan (2004, p. 269). According to Linsley and Shrives (2006, p. 389) risk disclosures have been judged to be risk disclosures if the reader is informed of ‘any opportunity or prospect, or of any hazard,

danger, harm, threat or exposure, that has already impacted upon the company or may impact upon the company in the future or of the management of any such opportunity, prospect, hazard, harm threat or exposure’. This definition is a very broad definition, compared to the definition given by Beretta and

Bozzolan (2004). Central to this study is the financial risk disclosure and therefore the definition of Beretta and Bozzolan (2004) suits best.

(18)

19

Why do companies disclose about the risks they are facing? Partly because it is mandatory but also because of other factors. Despite the fact that disclosure requirements get more strict, companies remain to disclose information on a voluntary basis (Watson, Shrives and Marston, 2002). According to the agency theory, which is explained below, managers can choose to disclose additional voluntary information to satisfy the needs of the shareholders, to convince them about their good behavior. According to Meijer (2002) there are several advantages of risk disclosure. It can have a positive effect on the cost of capital and it can increase the credibility, it can establish improved relationships with investors. Risk disclosure can also have positive effects on internal control (Meijer, 2002). The disadvantages of risk disclosure is related to the increased possibility of lawsuits and of course the competitive disadvantage.

In the Netherlands companies are obliged to fulfill the requirements of the Dutch legislation, which includes the Corporate Governance Code and IFRS. The legislation about risk reporting states what companies are obliged to disclose. The requirements for risk disclosure are explained in chapter 3.

2.7 Agency theory

Agency theory can be seen as one of the key explaining theories in accounting. This theory addresses the problems that arise when a separation of ownership and control within a company occur. The agency problem is referring to the difference in interest between the agent and the principal (Jensen & Meckling, 1976). In the most common case of the agency theory the owners of a company are the principals and the management directors are the agents (Jensen and Mackling, 1976; Fama and Jensen, 1983; Morris, 1987).

One aspect of the agency theory is that both the principle and the agent have their own interests and therefore they will seek to maximize their individual utility (An, Davey and Eggleton, 2011). This may result to situations where the agent does not act in de best interest of the principal. The amount of risk disclosure in the annual report of companies is the amount of information, that is communicated to all its stakeholders. Managers have more information available than the information that is disclosed. Why do managers not disclose all available information? Is this because of competition purposes? This difference in knowledge is called information asymmetry. Information asymmetry is the second concept of the agency problem. Information asymmetry is referring to the problem that the management of an organization is better informed and thus has better and more information than the shareholders and other stakeholders.

(19)

20

There are several solutions to the agency problem. For example, compensation agreements and debts contracts. These agreements and contracts try to align the interest of the agents and the principals. These contracts also require the managers (agents) to disclose relevant information in order to monitor them (Healy and Palepu, 2001). This way both the concepts of the agency problem are addressed. Another way for reducing agency problems is the board of directors, the role that the board has, is to monitor management on behalf of the owners (the principals). Also, Healy and Palepue (2001) argue that a solution for the information asymmetry problem is that managers should be required to fully disclose their private information. Full disclosure may reduce agency costs, and requires less monitoring. Therefore reducing the information asymmetry problem.

So, disclosure reduces the agency and the information asymmetry problem. In this research about risk disclosure, information asymmetry is a key concept. Managers have more information than the owners of a firm. The managers should disclose information in the annual report in order to reduce this information-asymmetry-gap. The reduction of information asymmetry leads to several benefits, like a reduction in the cost of capital. In the study of Dhaliwal, Li, Tsang and Yang (2011) information asymmetry is measured by the cost of capital. When disclosure increases the cost of equity decreases, which means a reduction in information asymmetry.

Based on the agency theory it is expected that the companies disclose more information about risk reporting in order to reduce the existing information-asymmetry gap.

2.8 Stakeholder theory

The stakeholder theory is another key theory in accounting. This theory was first introduced in the book Strategic Management: A stakeholder Approach, by Freeman in 1984. This theory explains the relationship between a company and its stakeholders. The theory states that an organization depends on all its stakeholders, and should therefore disclose information to all those stakeholders, and not only to its shareholders (Freeman, 1984). According to Freeman (1984), a stakeholder is “any group or individual that can affect or is affected by the achievement of a corporation’s purpose”. Stakeholders of a firm for example are customers, employees, suppliers, investors, lenders, government and society overall. Since organizations have to take into consideration all of its stakeholders, so it needs to have an explicit strategy for dealing with those stakeholders. E.g. stakeholders, like suppliers, can set requirements for risk disclosure, and by doing so, influence the companies policy on risk disclosure.

(20)

21

The theory has been widely used in previous research on disclosure studies (Amran et al., 2009; An. et al., 2011). Different stakeholders of firms are advocating the use of additional disclosure next to the financial disclosure, because the traditional financial section does not meet the needs of the stakeholders anymore (Amran et al. 2009). Based on the stakeholder theory it is expected that stakeholders are interested in the disclosure about risk reporting in annual reports. Shareholders for example want information about the long term strategy of a firm and the competition. Lenders may want to know more about the risk appetite a firm is following (Beretta and Bozzolan, 2004), in order to predict losses. Customers will want to know how products or services can possibly be affected by events, and what a company does to minimize that risk. All in all information is key for making decisions. Stakeholders will try to get as much information as possible in order to benefit. I conclude that the determinants that are the drivers for the change in risk reporting, are based on the stakeholder theory.

As mentioned before, stakeholders are interested in the risk disclosure and due to the increasing demands of stakeholders it is expected that firms are disclosing more about the risks they are facing during the years. The increasing demands can partly be explained by the increasing complexity and changes in the world market (Amran et al. 2009).

(21)

22

3

Dutch setting

In this chapter the Dutch setting will be introduced. Several events that happened in the Netherlands, like the oil boycott in 1973, the crisis in 1979, the financial crisis in 2008 and the overall impact of currency risks are interesting aspects to take into consideration when investing the change in risk reporting in the Netherlands. Besides of that, law changes and corporate governance codes might be factors that have influenced changes in risk reporting.

3.1 Dutch economy

After World War II the Dutch economy was growing rapidly. At the start of the period of this study, in 1970, the Dutch economy was still growing. But during the 70s the growth stabilized, from 1973 until 1979 the growth of the Dutch economy was declining and between 1979 and 1987 the growth was at the lowest point, due to the recession that was going on in the Netherlands. The oil crisis of 1979 was one of the main reasons for this recession. From 1987 onwards, the Dutch economy started to grow again (Van Zanden, 1997). During the 1990s the economy was pretty much booming, partly because of the German reunification of East and West Germany, with only slight dips in performance in 1993 (Schenau, CBS, 2001).

In both 1973 and 1979 an oil crisis occurred in the Netherlands. In 1973 there was a shortage of oil, due to a boycott of the OPEC countries towards the Netherlands, this shortage led to increasing oil prices. For a short period of time, gasoline had even to be rationed. 2 This oil crisis benefited the oil and gas industry for a short period of time, but in the end, it led to austerity. A vast decrease in trust in the economy followed, another result was that stock market prices plummeted (Van Zanden and Griffiths, 1989). The oil crisis in 1979 again led to high prices in oil, which can be seen as one of the causes for the recession that was present in the Netherlands in the 1980s. Quite a lot of companies went bankrupt as a result, this crisis also led to a high level of inflation and unemployment (Van Zanden and Griffith, 1989). The Dutch economy had then to deal with two factors; the declining demand, due to inflation and the increase of the real interest (van Zanden and Griffiths, 1989).

The financial crisis of 2008, that got momentum with the failure of the Lehman Brothers on September the 15th_{, had a huge –unforeseen- impact on the economy of the Netherlands. Mind you, not even Soros}

(22)

23

grasped the depth and width of this crisis (G. Soros, The New Paradigm for Financial Markets, 2008). It did not only lead to the failure of one of the largest banks of the Netherlands (ABN Amro had to be nationalized), it also crippled the ING, that had to be saved by an injection of capital of some 28 billion Euro’s. The outcry of the then Dutch minister of Finance, W. Bos, some companies are “too big to fail’, became famous. Furthermore, the policy of austerity, adopted by that same Dutch government, in the years after, had a very damaging effect on the Dutch economy.

Being a very open economy, the Netherlands have always been, very vulnerable to changes in currency rates. In 1971 an attempt was made in order to maintain stable rates between the US dollar and the European currencies, which failed. In 1972 the increasing tension resulted in a closer co-operation within the EG, this project was called the snake. The most important focus of this set up was to reduce the fluctuation in currency rates between de different European currencies. The UK, Italy and France left ‘the snake’ rather quickly. Politicians in the Netherlands were focused on stabilizing the currency rates with the main trade partners, Germany and Belgium. In 1973 the period of fixed currency rates came to an end, because of the end of the Bretton Woods system. After that a period of extreme fluctuation in exchange rates followed.

The guilder had a strong effective exchange rate in the period 1971-1979. This was not beneficial for the competitive position of the Netherlands. As a result of the strong guilder labor costs and paired with that the prices, steadily increased. The increasing unemployment level as well as the increasing export prices and the decreasing export market share, raised questions within the Netherlands. Wasn’t it time to devaluate the guilder in order to reduce the unemployment? The answer of the Dutch government was negative, they had two arguments for this. (i) Extreme fluctuations in exchange rates with the German mark and the Belgian franc would not benefit trade with these countries. More importantly, the argument that (ii) by revaluation (along with the German Mark) the Dutch government hoped to prevent inflation and break the wage-price spiral. (Van Zanden, 1997).

In the period 1973-1979, inflation in the Netherlands was not or hardly higher than inflation in the period 1968-1973. Inflation in other countries did increase. Inflation rose sharply in the countries with a weak exchange rate (UK, Italy, France and USA). In Germany and the Netherlands, inflation actually declined. Between 1979 and 1985 the competitive position of the Netherlands, partly due to austerity, improved very quickly. Relative prices and wage costs declined sharply; exports rose, leading to a significant increase in the share on the world market from 1979 onwards.

(23)

24

The collapse of the system of fixed exchange rates and the inflation wave of 1968-1973, leaded to the oil crisis of late 1973. The international monetary system which had brought fixed exchange rates after 1945 and in which the dollar played the role of the key currency had already come under pressure in the 1960s due to the large shortages in the American balance. In August 1971 the curtain fell for the Bretton Woods system. Attempts to maintain stable exchange rates in other ways proved to be unsuccessful. From 1973, when these attempts finally failed, a period followed with great, sometimes even extreme, fluctuations in exchange rates, with the dollar especially speaking (Van Zanden and Griffiths, 1989).

Under the Bretton Woods system of monetary management, a system was provided for fixed exchange rates. A fixed exchange rate system is a system in which the value of a currency, in this case the dollar, is linked to the value of another value, in this case gold. Only the dollar was linked to a fixed amount of gold (“as good as gold”). All other currencies were linked to the American Dollar.

The system was designed in 1944 by 44 countries, including the Netherlands, in Bretton Woods. The system worked very well and helped the reconstruction of the economy after world war II. August 1971 was the end of the Bretton Woods system (Van Zanden and Griffith, 1989). Attempts to maintain stable currency rates in different ways failed.

The following graph presents the growth of the GDP in the Netherlands during the period 1970 – 2013. What can be concluded is that the economy was growing after the economic downturn in the 80s until 2001 with a minor dip in 1993. In 2000 the dot-com bubble exploded after a period of growing stock prices and high growth expectations. After that the Dutch economy started to grow again, until the financial crisis in 2008. This was a global financial crisis that had impact on a lot of economies.

(24)

25

The Dutch economy can be characterized by the great extent of international trade. In 1917 the export value was 0,4 billion euro. In 1970 33,3% of the GDP was export value. And this amount has only grown since.

The exposure to risk, currency risks in this case, depends on the impact of the risk and the amount of exposure to this risk. If a company is exporting to a country with little risk on changes in the currency rate with a great amount of goods to export, the risk the company is facing might be the same when with a lesser amount of goods in a country with a higher risk at changes in the currency rates. It depends therefore on these factors if the currency risks can be qualified as high within a company.

As mentioned before the main trading partners of the Netherlands are Germany and Belgium. As a result of the introduction of the euro in 2002, the currency risks between the Netherlands, Belgium and the Netherlands are no longer there. With the great fluctuations in the worldwide currency rates after Bretton Woods, the oil crises in 1973 and 1979, the dot-com bubble and the financial crisis in 2008 the Dutch economy had to deal with a lot of ups and downs. It is also reasonable to state that due to these factors Dutch companies are exposed to financial risks during the whole period of this study.

3.2 Law on external financial accounting (Wet op de Jaarrekeningen van

Ondernemingen)

In the 1970s the Dutch regulation regarding the financial reporting process underwent several changes. In 1968 a suggestion was made due to continuing debates about financial reporting and this led to the introduction of the Law on external financial accounting in 1970. This law came into effect in 1971 (Zeff, van der Wel and Camfferman, 1992). This was de first law that set requirements for the annual report. The law was introduced to give a further elaboration of the regulations for the financial statements. After several meetings and discussions, the law was introduced including strict guidelines (Zeff et al., 1992). This law required a financial audit for the first time and it increased the amount of information firms were obliged to disclosure (Zeff et al., 1992).

In July 1978, the fourth directive was approved and introduced, this directive had the aim to achieve uniformity in the administration and annual accounts of companies (Zeff et al., 1992). From this year on there was not a separation anymore between the limited liability and private company with respect to complying with this law. Both types of companies were now obliged to prepare an annual report according to this directive.

(25)

26

The fourth directive discussed the content of the annual report. Art. 2: 391 paragraph 1 BW states that the annual report "gives a true and fair view of the situation on the balance sheet date, the development during the financial year and the results of the legal entity and of the group companies whose financial data are included in its annual accounts ". An addition to this article arises from the IAS Regulation, which stipulates that: "the annual report contains, in accordance with the size and complexity of the legal entity and group companies, a balanced and complete analysis of the situation on the balance sheet date, the development during the financial year and the results. That analysis includes, where necessary, both financial and non-financial performance indicators, including environmental and staff matters ".3 In the second section of this law is stated that companies have to include a section which is focused on the future in the annual report.

3.3 Committee corporate governance (1997)

In 1996, the Dutch Corporate Governance Committee has been installed to compile a report about the issues that were present at that time within the corporate governance in the Netherlands. This was the first corporate governance committee in the Netherlands, the “Commissie Corporate Governance”, better known as “Committee Peters” named after the chairman of this committee: Jaap Peters. The topic corporate governance is a largely discussed topic at that time (Moerland, 1997). This code was a result of the ongoing discussion about governance in the Netherlands, and in particular the protection constructions.

The committee had as main topic enlarging the influence of individual shareholders. (De Jong, De Jong, Mertens and Wasley, 2001). Companies are encouraged, using the Corporate Corporate Code, to improve the influence of the individual shareholder (De Jong et al., 2010). This code has led to a report with 40 recommendations; these recommendations are there to improve the governance within Dutch companies. The committee expects that the companies are going to report about the compliance with the recommendations (Corporate Governance Code, 1997). If companies do not comply with the recommendations they are asked to explain why not (Corporate Governance Code, 1997). This code is based on self-regulation, no legislative changes are suggested based on this code (De Jong et al., 2010).

(26)

27

In the code is stated that capital providers need to gain insight about the financial risks the company is facing and how the companies are managing these risks (Corporate Governance Code, 1997). The code also provides examples for these financial risks, like currency-risks, interest rate risk and political risks (Corporate Governance Code, 1997). As a result one of the recommendations is as follows: “the board has to report about the risks associated with the strategy and about the mechanisms to manage the risks of a financial nature” Recommendation 21, Committee Corporate Governance, 1997).

3.4 Corporate Governance Code (2004)

In 2002 the Sarbanes-Oxley act was introduced in the US, this act was introduced as a response to the increasing number of restatements and financial scandals, as well as the declining trust of investor confidence (Jain, Kim and Rezaee, 2008). As a follow up the Netherlands presented the corporate governance code, better known as the Tabaksblatcode, named after the chairman of the committee, in 20044. As of the first of January of 2004 listed companies in the Netherlands are required to present a corporate governance code in their annual reports (Akkermans et al., 2007). This code is a step towards restoring public confidence in the procedures within Dutch listed companies (Corporate Governance Code, 2004). It focuses partly on improving the transparency and integrity of annual reports. The trust was damaged by the several scandals that occurred in the past, in particular the Ahold scandal.

In September 2004 a headline in the financial daily newspaper was “Corporate Governance Code triggers risk management. The code provides a boost to improve and professionalize risk management. Companies can use the COSO framework in order to improve its risk management. This framework has gained an international position and the Corporate Governance Code also refers to this framework.” The reactions to the introduction of the code were not all positive. A headline in the Financiële Dagblad on 9 August, 2005 states: “more than half of the rules are not useful”. And in October 2005 the paper states that “risk reporting is inferior, research shows that half of the Dutch listed companies insufficiently report on the internal risk management and control systems.”

(27)

28

The code describes the best practice provisions concerning several topics. One of the key elements of this code is the risk section. The code has been developed to ensure that listed companies improve the transparency of their annual reports (Akkermans et al., 2007).

The codes provides best practice provisions for five areas: - Compliance with and enforcement of the code - Management board

- Supervisory Board

- The shareholders and general meeting of shareholders - Financial reporting

The code includes 21 principles and 113 best practice provisions, all based on ‘the latest general views

on good governance’ (Corporate Governance Code, 2004). These principles and provisions work

according to the comply or explain principle (Corporate Governance Code, 2004). This means that initially a company has to follow all the principles and practices and if it does not follow a provision the company should explain why it does not comply with the code. Parts of this code are also included in the Dutch law. The law requires that in the annual reports the main risks and uncertainties are described, the law came into force on the first of October, 2004.

One of the best practice provisions is as follows: ‘The management board shall declare in the annual report

that the internal risk management and control systems are adequate and effective and shall provide clear substantiation of this. In the annual report, the management board shall report on the operation of the internal risk management and control system during the year under review. In doing so, it shall describe any significant changes that have been made and any major improvements that are planned, and shall confirm that they have been discussed with the audit committee and the supervisory board’ (Corporate

governance code, Best practice provision II. 1.4). The Corporate Governance Code requires a so-called in-control statement in the annual report.

The code also prescribes a best practice provision about an internal risk management and control system (best practice provision II. 1.3.). The best practice provision III. 1.6 states that the supervisory board shall supervise ‘the corporate strategy and the risks inherent in the business activities’. All provisions are in place to improve the quality and transparency of the risk reporting.

(28)

29

The subject of this study is the change in risk reporting. Therefore the focus is on the risk related parts of the corporate governance code. The code of 2004, as mentioned above, includes several best practices with respects to risks and the management of risks.

Since 2005 the code is revised annually by the Monitoring Committee Corporate Governance Code. This has led to an amendment of the code in 2008. In June 2008 the monitoring committee presented an evaluation report. This report included a proposal to adjust the code of 2004. One of the statements made in the evaluation report is that internal risk management has gained interest. The best practice provision II. 1.4, has been extended in the new Corporate Governance Code. A description of the main risks and a description of the design and effectiveness of the internal risk management and control system is now required (Corporate Governance Code, 2008). Best practice provision II 1.3 has not changed. In the code of 2008 is stated that the company should pay attention to the risk profile, including the risk appetite and the risk sensitivity. This requirement, the description of the main risks, is in accordance with the Dutch law in the Civil Code. In the Monitoring Committee Frijns report of 2007 the committee point out that the following topics need attention:

- The main risks related to the strategic objective of the company, as well as the attitude towards these risks (risk appetite)

- A description of the main strategic, operational, legal and regulatory requirements and financial reporting risks of the company

- A sensitivity analysis of the identified risks

The revised code required a more detailed explanation about the financial risks reported (Corporate Governance Code, 2008 (II. 1.5). One of the reasons for this revisions was the great difficulty that companies had with complying with this provision (Emanuels, 2017). After 2008, the Nivra noted that the reporting about financial risks had increased (Nivra, 2010).

3.5 IFRS

The International Accounting Standards Committee (IASC) was established in 1973 and that committee came up with International Accounting Standards in order to fill the gap between the US GAAP and the European GAAP. The IAS standards were developed and integrated in the legislation of different countries. In 2001, the IASC was succeeded by the International Accounting Standards Boards (IASB). The IASB continued the work of the IASB by developing International Accounting Standards (Van Beusichem et al., 2016). This resulted in the development of International Financial Reporting Standards (IFRS), that

(29)

30

became applicable on 1 January 2005. The International Financial Reporting Standards (IFRS) are an international set of financial reporting standards. All listed firms in the EU are obliged to comply with these standards. IFRS is an accounting method with the mission to enhance the quality of external financial reporting.5 The adoption of IFRS can be seen as one of the most biggest changes in reporting in Europe (Pagglietti, 2010).

IFRS 7, which included requirements for financial instruments is relevant for this study. With the introduction of IFRS 7, Sir David Tweedie, chairman of the IASB stated the following:

‘The Board believes that the introduction of IFRS 7 will lead to greater transparency about the risks that entities run from the use of financial instruments. This, combined with the new requirements in IAS 1, will provide better information for investors and other users of financial statements to make informed judgements about risk and return.’

In August 2005 “IFRS 7: Financial Instruments: Disclosures” requires disclosure about “the nature and extent of risks arising from financial to which the entity is exposed during the period and at the reporting date, and how the entity manages those risks.”6 This is translated into disclosure about credit risk, market risk, interest rate risk, liquidity risk and disclosure about hedge accounting. For each type of risk arising from financial instruments, an entity is instructed to disclose (a) the exposures to risk and how they arise, (b) its objectives, policies and processes for managing the risk and e the methods used to measure the risk and any changes in (a) or (b) form the previous period. IFRS is a very detailed standard with specific requirements for risk disclosure. The Dutch law requires extensive information about financial instruments. For some sub-topics, like IFRS 7.7 and 7.21. IFRS requires the same information as the Dutch law but in most cases IFRS requires more disclosure than the Dutch law.7 Soderstrom & Sun (2007) conducted a review on the existing literature about risk disclosure and the consequences of changing accounting standards. The authors conclude that generally a positive impact is found from the adoption of better accounting principles, IFRS included.

5 https://www.iasplus.com/en/standards/other/framework 6 http://ec.europa.eu/internal_market/accounting/docs/arc/2005-11-30-annex-ifrs7_en.pdf. Consulted on 23-05-2018. 7 http://www.ey.com/Publication/vwLUAssets/EY-vergelijking-irfs-met-nederlandse-wet-en-regelgeving-2015/$FILE/EY-vergelijking-irfs-met-nederlandse-wet-en-regelgeving-2015.pdf. Consulted on 23-05-2018

(30)

31

4

Research design

As stated in the introduction the aim of this research is to understand the changes in risk reporting during the period 1970 -2015. In order to get an understanding a descriptive study will be conducted. The method used, will be explained in this chapter.

4.1 Sample and data

Risk reporting is a relative new concept of the annual report. The development of risk disclosure started in the Netherlands in 1970, with the introduction of the Law on External Accounting. It gained more and more attention during the years due to several scandals and the increasing complexity of business. This research is limited to the Netherlands. The motivation for the Netherlands is that I am interested to get some understanding about the determinants that have caused a change in the risk reporting in the Netherlands. This is interesting because in the period of this study the economy of the Netherlands has undergone several changes, as mentioned in chapter 3. Two corporate governance codes have been introduced, the first one was introduced in 1997 and the second in 2004. All listed companies were obliged to follow these codes. One of the key elements in the code of 2004 was the risk section in the annual reports. In the annual report of Heineken of 2003 is stated that Heineken is aware of the discussion concerning the corporate governance code (Annual report Heineken, 2003). The report of 2003 is the first annual report of Heineken that includes a separate risk section, as required by the Corporate Governance Code. Based on the research of Akkermans et al. (2007) the conclusion is that companies disclosure much more detail about the corporate governance structure than before the introduction of the Corporate Governance Code. It is therefore reasonable to assume that these codes, and especially the code of 2004, has caused a change in risk reporting in the Netherlands. In 2005 IFRS became applicable for listed companies in Europe. IFRS requires very specific information regarding the risk section. The expectation is that IFRS has influenced the risk section in annual reports. Therefore, the questions used in order to analyze the annual reports are mainly based on the Corporate Governance Code (2004) and IFRS.

The period of this study is 1970 – 2015. This period is relevant because in this period a lot has happened with respect to the financial reporting of companies. In 1970 the law of external financial accounts has

(31)

32

been introduced and this was the start of changing environment of financial (risk) reporting. Akkermans et al. (2007) state in their research that a longer term study is needed in order to measure the impact of the Dutch Corporate Governance Code. This is also relevant in order to measure the impact of law of external financial accounting of 1970 and the Corporate Governance Code in 1997. In addition, this long period is also important in order to measure different changes in the risk reporting, in this way enough data is collected and therefore it can be compared.

The data used in this study consists of annual reports. Annual reports are reliable, accurate and easy to access. In addition, annual reports are commonly used date source, for example in the paper of Beattie, McInnes and Fearnly (2004). Financial companies are eliminated from this research. The financial industry is bound by different laws and regulations that might influence the outcome of this research. The companies that are used for this sample are selected based on the availability of the annual reports. There are sufficient Dutch companies that are listed throughout the whole sample period, but for a lot of companies the annual report was not available for all the selected years. The annual reports will be collected via the University of Tilburg. This university has an extensive library with many annual reports. The reports from 1970 – 2000 have been requested via this library. The remaining annual reports were available on the websites of the companies. The sample will consist of 10 companies.

The data used will consist of ten five-yearly cross sections from 1970 till 2015. This study is partly following the method used in de Jong, Sluyterman and Westerhuis (2011). The firm-specific data are hand gathered from each company’s annual report in the selected years. The data is gathered using a set of questions. These questions have been specific compiled for this study.

4.2 Descriptive study

The method used for this study will be a descriptive study. A descriptive study is a study that helps to explain differences in time by analyzing, in this case, annual reports. This study will follow the approach used in de Jong et al., (2011) and van Beusichem, de Jong, de Jong and Mertens (2016).

For this study the Internal Disclosure Index method will be used, similar to the ICD used in the paper of Deumes and Knechel (2008). The first step of this index is to identify which items have to be included in the index. Based on the possible determinants that might have caused the change in risk reporting a questionnaire has been developed. This questionnaire has been developed specific for this study.

(32)

33

The second step is to examine all the collected annual reports using the developed questionnaire. Each annual report is analyzed using the developed questionnaire.

The third step is to calculate a score for each item in the sample. The item equals the score 0 if the information asked is not present, and 1 otherwise. Some items have an additional score measurement, for example how many members the audit committee consist of or how many words are dedicated to the control statement. After that, all items will be summed up and that amount equals the total score. Each item is equally weighted. The results can be read as follows: if a company obtains a score of 0 it does not disclose any risk reporting, and if a company obtains the score 13 all items are disclosed.

The index disclosure used in this research is not exactly the same as the one used in Deumes and Knechel (2008). That research uses six components, all based on corporate governance codes. In this research corporate governance is also important, but different aspects are also included in this questionnaire. And the number of words used for, for example, the risk section is measured in this research, Deumes and Knechel (2008) do not mention that in their research. In this research I would like to get insight in the number of words used, because this it is expected that this varies a lot. According to Linsley & Shrives (2006) a content analysis can be performed using the number of words.

In comparable studies the index disclosure mostly three different scores can be obtained. 0 if the company should disclose about the aspect but it does not, 1 if the company discloses information about the asked aspect and -1 if the company does not disclose about something that is relevant for the organization. As mentioned in a previous chapter all companies faced financial risks during the whole period. Therefore, the score -1 cannot be obtained, all risks are considered relevant.

4.3 Variables

In order to answer the researchquestions, the following questionnairehas been developed. The change inrisk reporting will be measured by 13 questions. These questions are mainly based on the Corporate Governance Code (2004) and IFRS. Question 1, 2, 3, 10, 11, 12 and 13 are based on the best practices presented in the Corporate Governance Code of 2004. Question 4 (derivatives), 5 (credit risk), 6 (liquidity risk), 7 (market risk), 8 (hedge accounting) and 9 (interest rate risk) are based on the requirements of IFRS. Using these questions, I will be able to measure the change in risk disclosure and after that I will try to explain what caused these changes in risk disclosure. In table 1, which can be found at the end of this chapter, the questions used are displayed.

THE DEVELOPMENT OF RISK DISCLOSURE IN ANNUAL REPORTS IN THE NETHERLANDS FROM 1970 TO 2015.