Company Size As a Moderating Variable on Enterprise Risk Management Disclosure of Banking Companies in Indonesia

Purpose: This research aims to review the relationship of the board of commissioners, the ownership concentration, the audit committee meetings, and the risk management committee with enterprise risk management disclosure moderated by the company size. Method: The population for this study was 46 banking companies listed on the Indonesia Stock Exchange (IDX) from 2017 to 2019. The sample selection was carried out using the purposive sampling technique, which resulted in 39 companies with 117 analytical units performed using documentation techniques. Data were analyzed using moderating regression analysis based on Ordinary Least Square (OLS). Finding: This research showed that the board of commissioners and audit committee meetings positively affected the enterprise risk management disclosure. In contrast, the ownership concentration and risk management committee did not affect the enterprise risk management disclosure. The company size can moderate the influence of the board of commissioners and audit committee meetings but cannot moderate the effect of the ownership concentration and risk management committee. The findings prove that companies with a good board of commissioners and a competent audit committee can trigger companies to disclose enterprise risk management broadly. Novelty: This study adds company size as moderating variable. Based on the investment concept, high-risk high return and low-risk low return. When the company wants to get big returns, the company will face big risks as well. It is directly proportional to companies with large sizes, and the bigger company, the higher the company’s risks. It is also related to the disclosure of the risks.


INTRODUCTION
Signal theory explains that the implementation and disclosure of Enterprise Risk Management (ERM) is one of the signals the company gives to investors and shareholders in the implementation of good corporate governance. The enterprise risk management disclosure in a company's report also explains that the company has made more transparency in providing information to all stakeholders; often difficult for stakeholders to assess complex financial risks in a company, so disclosure of risk management is necessary. Enterprise risk management disclosure can avoid the occurrence of information asymmetry so that a good relationship between the company and its stakeholders.
Implementing corporate risk management helps control management activities and allows the company to minimize unfavorable risks. Risk is an unforeseen situation related to any action carried out by the company, and the company should always prepare every business for the risks that will arise. One of the important parts of the company that holds and plays an important role in the risk management process is management accounting. Accounting can assist in identifying market exposure, calculating the balance related to various risk response methods, measuring a company's potential for certain risks, detecting certain hedging products, and evaluating programs (Manurung & Kusumah, 2016). Managing risk is a fundamental problem in the global business environment, so many companies go bankrupt. Stakeholders and policymakers claim that more oversight of the various business risks they face ensures they acquire the financial capital and other resources necessary to effectively implement their strategies and operations (Gouiaa et al., 2020).
Banking companies must disclose the company's risk management following existing regulations. The enterprise risk management disclosure in the company's report explains that the company has tried to be more transparent in providing information to all stakeholders because the application of risk management can predict events that have the potential to affect the company's activities. For companies whose names have been badly in the eyes of the public because they are caught up in cases that have been experienced, making disclosures of risk management is expected to help restore public trust in the company.
Research conducted by (Gunawan, 2020) said that the higher the proportion of board members, the higher the quality of control and selection of information and the openness of information on risk management. Many directors allow the company not to be dominated by management in exercising their role more effectively. The research outcome is also following a study conducted by (Daniel Zeghal & Meriem El Aoun, 2016;Dedi Ardianto, 2014;Deffi, Leni Siti Rukmana & Aspirandi, 2020;Gouiaa et al., 2020;Maingot et al., 2013;Rivandi, 2018;Sari et al., 2019). The larger number of board of commissioners can be an extensive resource and provide more opportunities to supervise the board of directors. Knowledge, information, and ideas will also be shared more widely, making finding the right solutions and resources to identify and address the risks easier. The outcome of this research is also relevant to the study conducted by (Puspawardani & Juliarto, 2019). A large number of board of commissioners is predicted to have more incentive in providing supervision at the time of corporate risk disclosure practices so that no information is hidden. Furthermore, the large number of board of commissioners can also influence voluntary disclosure decisions and broad disclosure of enterprise risk management.
Research conducted by (Desender, 2010) states that a high ownership concentration will increase demands on identifying and mitigating risks. Concentrated ownership has a strong influence on controlling management and can also strengthen the role of effective supervision. Controlling shareholders or most companies with the ownership concentration can influence a company's policy or decision-making (Desender & Lafuente, 2011). Companies with large numbers of shareholders will consistently disclose ERM in their annual reports.
Research conducted by (Pertiwi & Husaini, 2017) argued that the audit committee members held more often meetings, which would support the implementation of risk management and reduce problems and risks in financial reporting. And conversely, the fewer audit committee members held meetings, the more difficult of audit committee members to discuss the risks faced by the company. Research by (Oktavia & Isbanah, 2019) also explained that internal management could be well structured with an audit committee in the company. It can execute supervision of the course of risk management to prevent management from acting opportunistically, resulting in losses felt by the owner of the company, the principal.
Research conducted by (Maulina & Nurbaiti, 2018) risk management committee is not the same as an audit committee. Then, the company will conduct a disclosure of risk management information. It suggests that companies with separate risk management committees with audit committees are more independent and focus more on oversight and risk assessment to improve risk management disclosures. Companies with RMC can spend more time, effort, and capacity assessing internal controls and addressing the different types of risks the company may face (Deni & Riswanto, 2019;Miftakhurahman, 2015;Pamungkas, 2017).
Some of the studies mentioned above try to investigate enterprise risk management disclosure, reflecting that many researchers want to examine which factors influence the companies disclosing their risk management. Research on the board of commissioners, the ownership concentration, audit committee meetings, and risk management committee on enterprise risk management disclosure shows different results, so a moderating variable is needed, namely size, to overcome this inconsistency. Based on the investment concept, high-risk high return and lowrisk low return. When the company wants to get significant returns, the company will face big risks as well. It is directly proportional to companies with large sizes. The bigger company so, the higher the risks faced by the company. It is also related to the disclosure of the risks.
The theories used in this study are the agency theory and the legitimacy theory. Agency theory related to the agency relationship is a contract between two parties, namely the principal and the agent, to carry out some activities on behalf of the principal as a decision-maker within the company. This theory explains that a conflict happens because the interest differences between the agent and the principal cause an agency conflict. The focus of the legitimacy theory is the interaction between companies and society. Organizational legitimacy can be thought of as a company's wants or seeks from the community and what the society gives to the company. Therefore, to reduce the legitimacy gap, the company must identify its activities and the ruling public to provide legitimacy to the company.
The existence of risk management disclosures in company reports shows that companies have tried to be more transparent in providing information to all stakeholders. Still, some banking companies in disclosing risk management are only to cancel the obligation to disclose risk management. Therefore, this study aims to analyze determining factors that influence the disclosure of company risk management moderated by company size. The urgency of this research theoretically expected to be able to verify Agency Theory, Signaling Theory, and Legitimacy Theory with empirical evidence of the effect of the board of commissioners, the ownership concentration, audit committee meetings, and risk management committee on enterprise risk management disclosure with a moderating variable of firm size.

The Board of Commissioners
The board of commissioners' size is several things that affect the supervision of the implementation of risk management systems to ensure that the company develops an effective risk management plan. The Agency's Theory suggests that the board of commissioners could influence management to increase disclosure rates. The existence of the board of commissioners can play an important role in monitoring a manager's performance and limiting his opportunism, thereby reducing agency conflicts between managers and shareholders. It is expected that more board members will have more optimally monitoring risk disclosure practices and not withhold information. The board of commissioners will influence the enterprise risk management (Abbas et al., 2021;Oktavia & Isbanah, 2019;Pratama et al., 2020;Ratna et al., 2019;Wijayanti & Ariani, n.d.).

H 1 : The Board of commissioners positively influences enterprise risk management disclosure The Ownership Concentration
Based on the Agency Theory perspective, the ownership concentration can reduce information asymmetry. Controlling shareholders often have more power to demand companies exercise more transparent control over companies to avoid the consequences of losses they may face. Therefore, the ownership will be able to influence enterprise risk management disclosure in a company will become more widespread (Abbas et al., 2021;Adam et al., 2016;Agista et al., 2017;Handayani, D.B., Yanto, 2013;Wijayanti & Ariani, n.d.) and (Ode et al., 2014).
H 2 : The ownership concentration positively affects enterprise risk management disclosure

The Audit Committee Meetings
The audit committee is proxied by the number of committee meetings. Audit committees that conduct monitoring through audit committee meetings can minimize the occurrence of financial reporting problems. The higher the frequency of meetings, the more actively the audit committee monitors the company's risk management to improve efficiency in communicating company information. Regular audit committee meetings encourage audit committees to disclose more risk information. According to Agency Theory, as the supporting committee of the board of commissioners, the audit committee is predicted to influence the disclosure practices of enterprise risk management within the company. According to the explanation, a good company audit committee will affect enterprise risk management disclosure and become more widespread. This study is in line with research (Abbas et al., 2021;Oktavia & Isbanah, 2019;Pratama et al., 2020;Wijayanti & Ariani, n.d.) dan (Pertiwi & Husaini, 2017).

H 3 : The audit committee meetings positively affect enterprise risk management disclosure The Risk Management Committee
The risk management committee has different duties from the audit committee. Companies that form risk management committees can spend more time, energy, and the ability to respond to various risks a company may face, improve the quality of risk assessment and monitoring, and encourage companies to disclose risks. According to Agency Theory, there will be an information asymmetry in this case, and there will be parties who can reduce the agency's problems, including the risk management committee. The role of the risk management committee is beneficial for the company to maintain the stability of the implementation of the enterprise risk management disclosure, as the risk management committee oversees the implementation of the disclosure of company risk management information. According to the explanation, it can conclude that a good risk management committee will affect enterprise risk management disclosure in a company and will become more widespread. This research is in line with research (Abbas et al., 2021;Asmoro et al., 2016;Handayani, D.B., Yanto, 2013;Maulina & Nurbaiti, 2018;Miftakhurahman, 2015;Ratna et al., 2019;Wijayanti & Ariani, n.d.).
H 4 : The risk management committee positively affects enterprise risk management disclosure

The Company Size
Based on Legitimacy Theory, the company's large size will cause the company's enterprise risk management disclosure below. The board of commissioners seeks to reduce the legitimacy gap that exists so that the public can accept the company. So that the company size weakens or causes a negative influence on the relationship between the board of commissioners and enterprise risk management disclosure (Abbas et al., 2021;Adam et al., 2016;Handayani, D.B., Yanto, 2013;Wijayanti & Ariani, n.d.).

H 5 : The company size moderates (negatively) the influence of the board of commissioners on enterprise risk management disclosure
Shareholder control determines how the company operates, especially when management makes decisions or guidelines within the company. Based on Legitimacy Theory, the company's large size will cause the company's enterprise risk management disclosure below. The majority shareholders will urge management to be careful in disclosing the company's risk management. It aims so that the company's share price does not fall because if the stock price drops, this will be very detrimental to shareholders. So that the company size weakens or causes a negative influence on the relationship between the ownership concentration and enterprise risk management disclosure.
H 6 : The company size moderates (negatively) the influence of the ownership concentration on enterprise risk management disclosure Based on Legitimacy Theory, the company's large size causes the company's enterprise risk management disclosure to be below. The audit committee seeks to maintain corporate confidentiality so that the company's competitors cannot use the information against the company. So that the company size weakens or causes a negative influence on the relationship between the audit committee and enterprise risk management disclosure.
H 7 : The company size moderates (negatively) the audit committee meetings influence on enterprise risk management disclosure Based on the Legitimacy Theory, the large company size leads to the disclosure of the company's enterprise risk management because the risk management committee will advise the board not to do too much information about risk management. After all, a company's risk management is a company's strategy for developing the company so that the risk management committee weakens or causes a negative influence on the relationship between the audit committee and enterprise risk management disclosure.
H 8 : The company size moderates (negatively) the influence of the risk management committee on enterprise risk management disclosure

METHODS
The study used quantitative methods with hypothesis testing studies to test the influence of hypothesized variables in the study. This research will be tested using a deductive approach. Hypothesis testing is done by bringing up general ideas and then directed into particular ideas. The data used is an annual report which has been audited as secondary data. The company used as the research object is listed on the Indonesia Stock Exchange (IDX) and published an annual report in 2017-2019. The unit of analysis used is the annual report of banking companies listed in Indonesia.
The population of this study is banking listed on the Indonesia Stock Exchange (IDX) and publishes its 2017-2019 annual report. These companies were chosen because they need to implement ISO 31000 in their risk management process. In addition, ISO 31000 is expected to be a reference for investors, traders, and other capital market observers. In these investment choices, traders and capital market observers can understand the risks they will face if choosing a company to invest its capital as a consideration to assess the company's performance and look There are various ways to perform moderated regression analysis. Moderating regression analysis can be done through several tests: interaction test using Moderated Regression Analysis (MRA), absolute difference value test, and residual test. Moderation regression testing in this study uses the absolute difference value test. It is because the study uses a moderating variable. The absolute difference test is done by finding the standardized difference between the two independent variables in the study. Suppose the absolute difference between the two independent variables is significant. In that case, the variable is said to be able to moderate the relationship between the independent variable and the dependent variable. The following is the regression equation in this study: ERMD = α + β 1 BoC + β 2 OC + β 3 ACM + β 4 RMC + β 5 |BoC-SIZE| + β 6 |OC-SIZE| + β 7 |ACM -SIZE|+

RESULTS AND DISCUSSION
The classical assumption Classical assumption testing includes a normality test performed using the Kolmogorov-Smirnov one-sample test. The normality test showed the data was normally distributed because its significance level (0.799) was more significant than 5%. In the multicollinearity test, the independent variables have a tolerance value of more than 0.10 and a VIF value of less than 10. It can deduce that the independent variable used in this study does not have multicollinearity problems. Furthermore, the run test as an autocorrelation test displays a significance value (0.776) greater than 5%. It can deduce that the regression model passed the autocorrelation test. To test heteroskedasticity, researchers used the white test. The chi-square value counted in this study was 5.537, with the chi-square table value being 9.488. The results of the White Test, which is the heteroscedasticity test showed that the chi-square value counted was smaller than the value of the chi-square table. It indicates that there are no symptoms of heteroscedasticity.

Descriptive Statistical
Descriptive statistical analysis provides an overview or description of data such as an average, standard deviation, variance, maximum, minimum, number, range, kurtosis, and skewness. This study used descriptive statistics to look at the average, minimum, maximum, and standard deviation values of each variable studied (Ghozali, 2016). The results of descriptive statistical analysis showed in Table 3

Regression Analysis
The multiple linear regression analysis is used in this study to test the influence of independent variables on dependent variables and moderation regression analysis and tests using Enterprise Risk Management Disclosure (ERMD); the board of commissioners (BoC); the ownership concentration (OC); the audit committee meetings (ACM); the risk management committee (RMC); and the company size (SIZE). Based on table 4, the regression equation can be formulated as follows: ERMD = 0,817 + 0,013BoC -0,004OC + 0,010ACM -0,002RMC -0,001|BoC-SIZE| + 0,004|OC -SIZE| -0,007|ACM-SIZE| + 0,005|RMC-SIZE| + e ........................ (2) The outcome of this research shows that the value of Adjusted R2 is 0.390. Up to 39% variation in enterprise risk management disclosure can be interpreted as a constrained variable that can be explained by the variables used in this research. In comparison, the remaining 61% can be explained by other variables. The results of the hypothesis test from the study are presented briefly in table 5.

Influence of the Board of Commissioners on Enterprise Risk Management Disclosure
The board of commissioners has a positive effect on the enterprise risk management disclosure. The results of this research show consistency with agency theory. The agency's theory suggests that the board of commissioners could influence management to increase disclosure rates. The results showed that more members of a company's board of commissioners could further influence risk management information. Therefore, the size of the board of commissioners may affect the enterprise risk management disclosure of banking companies. Companies with large board sizes will be more optimal due to better oversight of the company's risk management practices. With good oversight, the quality of enterprise risk management disclosure will grow. The results of this study agree with those (Gunawan, 2020) and (Puspawardani & Juliarto, 2019).

Influence of The Ownership Concentration on Enterprise Risk Management Disclosure
The ownership concentration has no significant effect on the company's risk management disclosure. The majority shareholders think that they can obtain more detailed information regarding the explanation of the implementation of corporate risk management directly from the management at the General Meeting of Shareholders (GMS). The majority shareholder submits the decision regarding the disclosure of the company's risk management to management because they think that management knows what things are good to disclose and what it should not disclose things for the good of the company. These results support previous research, which states that ownership concentration does not affect the company's risk management disclosures because the majority of shareholders rely on company management in terms of the management needed to grow company value (Kirana, 2017;Pangestuti & Susilowati, 2017).

Influence of the Audit Committee Meetings on Enterprise Risk Management Disclosure
The audit committee meetings positively affect the enterprise risk management disclosure. The results of this research show consistency with agency theory. The audit committee can boost the company's management to carry out various developments related to realizing the principles of good corporate governance. The role of the audit committee meetings will ultimately bring about a push for directors to be more open to the information available primarily to balance information that eventually has no indication for the company's directors to use more information they have for fraud. Regular audit committee meetings encourage audit committees to disclose more risk information. The outcome of this research is in line with those (Oktavia & Isbanah, 2019;Pertiwi & Husaini, 2017).

Influence of The Risk Management Committee on Enterprise Risk Management Disclosure
The risk management committee has no significant influence on the enterprise risk management disclosure. The outcome of this research does not fit with the agency's theory. The company's risk management committee is in charge of overseeing and evaluating the implementation of risk management strategies, methods, policies, and systems to advance the effectiveness of a company's risk management activities. The risk management committee should also monitor the potential risks facing the company. In this study, researchers found that the risk management committee did not fully guarantee that management would properly disclose the company's risk management performance. According to the researchers, because the risk management committee is only tasked with creating, proposing, and supervising the course of risk management within the company, the risk management committee does not oversee the enterprise risk management disclosure. The results of this research are in line with those (Maulina & Nurbaiti, 2018;Reformir, 2021;Sinaga et al., 2017).

Influence of the Board of Commissioners on Enterprise Risk Management Disclosure with Company Size as Moderation
Legitimacy theory can explain the influence of the company size on enterprise risk management disclosure. It can interpret this result that the company size can moderate the effect of the board of commissioners on the enterprise risk management disclosure. The large board of commissioners does not necessarily increase the level of enterprise risk management disclosure. These findings support the theory of legitimacy in which the board of commissioners in large companies does not want to disclose too much risk management carried out by the company because large companies must be better known by the public so that the board of commissioners will be more safely trying to minimize the legitimacy gap that exists by only providing disclosure of risk management safely so that the public can accept the company.

Influence of The Ownership Concentration on Enterprise Risk Management Disclosure with Company Size as Moderation
The company size cannot moderate the influence of the ownership concentration on enterprise risk management disclosure. Descriptive statistics show that the banking company sampled has varied sizes, small, medium, and large. The majority shareholder feels management better understands what it should disclose about the company's risk management in the annual report. The majority of shareholders do not care too much about the risk management disclosure of the company. The small number of companies does not affect the majority shareholder regarding disclosing the company's risk management. The majority shareholder thinks management is more professional in this regard. The majority shareholder assumes that it is easier to ask directly about the company's risk management at the General Meeting of Shareholders (GMS). Whereby asking directly to the management of the information obtained will be more detailed about explaining the application of the company's risk management. The majority shareholder submits the decision regarding the company's risk management disclosure to the management because the majority shareholder assumes the management knows what things are good to disclose and not be disclosed.

Influence of the Audit Committee Meetings on Enterprise Risk Management Disclosure with Company Size as Moderation
Legitimacy theory used as a reference can explain the influence of the audit committee meetings on enterprise risk management disclosure moderated by the company size. It can interpret this result that The company size can moderate the effect of the audit committee meetings on the enterprise risk management disclosure. With increased sales, the speed of money circulation is accelerating, resulting in high market value. Market capitalization resulted in the company is better known in the community, which led the company to become the trend center of other companies. These findings support the theory's legitimacy that audit committees on medium and small companies advise management to make fewer risk management disclosures. As long as it is qualified, it is considered sufficient. The audit committee in large companies does not want to reveal too much risk management done by the company because large companies will certainly become a trend center by other companies. The audit committee will further limit the information that comes out of the company because they do not want much information published, so competing companies can not use the information to get an opportunity to fight back against back company.

Influence of The Risk Management Committee on Enterprise Risk Management Disclosure with Company Size as Moderation
The company size cannot moderate the influence of the risk management committee on the disclosure of the company's risk management. The results of this study do not follow the legitimacy theory. According to this research, the company revealing enterprise risk management disclosure is not affected by the company size. The enterprise risk management committee does not determine the term enterprise risk management disclosure. Decisions about what should be disclosed in a company's business risk management disclosure are in the hands of the board of directors. Because the risk management committee is responsible under the auspices of the board of commissioners, the scope of the work of the risk management committee becomes limited. They can only conduct supervision and implementation of risk management within the company. They cannot determine what matters are disclosed about its risk management. The company size will not affect the relationship of the risk management committee to the enterprise risk management disclosure of a company if the risk management committee is still under the auspices of the board of commissioners.

CONCLUSION
The study's outcome provides empirical evidence that the board of commissioners and the audit committee meetings positively affect the enterprise risk management disclosure. However, the ownership concentration and risk management committee do not affect enterprise risk management disclosure. In addition, company size moderates the effect of the board of commissioners and the audit committee meetings on enterprise risk management disclosure. Besides that, the company size has not been able to moderate the relationship between the ownership concentration and risk management committee against enterprise risk management disclosure.