Open access peer-reviewed chapter

Corporate Governance and ERM for SMEs Viability in Italy

Written By

Patrizia Riva, Maurizio Comoli and Ambra Garelli

Submitted: 09 January 2021 Reviewed: 17 February 2021 Published: 07 April 2021

DOI: 10.5772/intechopen.96688

From the Edited Volume

Risk Management

Edited by Muddassar Sarfraz and Larisa Ivascu

Chapter metrics overview

373 Chapter Downloads

View Full Metrics


Family Small and Medium-sized Enterprises (Family SMEs) in Italy have been asked by the new Insolvency and Crisis Code (IC-Code) to establish organizational, management and accounting bodies and tools appropriate to their nature and size. They need to be able to face early warning of company’s crisis and potential loss of going concern and to be able to implement strategies provided by the law to recover viability. The peculiarity of the Italian System is the joint existence of two levels of controls. A “downstream” one carried out by Auditors in charge of the accounting control and an “upstream” one carried out by the Supervisory Board in charge for the surveillance of directors’ behaviour. The board of statutory auditors (Collegio Sindacale), which has been defined as the watchdog distinguishing Italian corporate governance system, plays a fundamental role in reaching the goal. Its supervisory activities are played ex-ante over directors and are set with independence and competence. Auditors, instead, operate when everything has already been decided or even implemented concentrating on the accounting issues. The IC-Code sets up new corporate governance rules for a huge number of Family SMEs requiring the appointment of independent control bodies, Board of Statutory Auditors and Auditors and demanding therefore for more attention to risk monitoring and managing.


  • viability
  • going concern
  • corporate governance
  • board of statutory auditors (Collegio Sindacale)
  • auditors
  • internal audit
  • ERM
  • ESG risks
  • overlapping
  • insolvency directive (Directive EU 2019/1023)
  • IC-code
  • Italy
  • early warning system
  • SMEs
  • family firm

1. Introduction

In the current scenario Covid-19 pandemic has undermined many Family Small and Medium-sized Enterprises (Family SMEs) viability. Those entities are characterised by few formalisms and important decisions are mainly in the family hands. This can represent an important element of weakness and can lead to situations of serious difficulty both for the family, which increasingly finds itself having to guarantee company commitments with its personal assets, and for the workers who risk being overwhelmed by the consequences of an unmanaged crisis [1, 2]. The work focuses on factors crucial to preserve going concern and to be able to intercept the signs of the crisis well in advance presenting the “italian way”. Companies urge to be able to face early warning of financial distress and to implement strategies provided by the law to recover viability [3, 4]. The new Italian Insolvency and Crisis Code (IC-Code) tries to answer those needs requiring Family SMEs to implement external and independent control systems that make it possible to identify the major risks and to deal with them in time and in a more rational way.

Some of these tools are known internationally – such as the introduction of compulsory audits - while others are typical of the Italian national Corporate Governance system. The peculiarity of the Italian System is the joint existence of two levels of controls. A “downstream” one carried out by Auditors in charge of the accounting control and an “upstream” one carried out by the Supervisory Board in charge for the surveillance of directors’ behaviour. The last is the Board of Statutory Auditors (Collegio Sindacale) which has been defined as the watchdog distinguishing Italian corporate governance system. It plays a fundamental role in reaching the goal as its supervisory activities are played ex-ante over directors and are set with independence and competence. Auditors, instead, operate when everything has already been decided or even implemented concentrating on the accounting issues. The relevance of these two different roles is the subject of further study in the first part of the work, where, after having better defined SMEs viability, the two levels of controls are analysed and compared.

The appointment of independent control bodies required by the IC-Code entails the need for companies to pay greater attention to identifying risks and to monitoring and managing them. This is particularly true for family SMEs in which we often navigate on sight and strategies selection is based more on the entrepreneurial instinct of the founder and the family than on a structured analysis of what exists and possible options for the future. The second part of the work explores the theme on the Internal Control (IC) and Risk Management System (ERM). In this context a focus on ESG risk is proposed.


2. SMEs viability

Suitable corporate governance is a fundamental prerequisite for maintaining business viability as it allows mapping and a greater awareness of risk management which structurally characterise the corporate context, so they can be understood at an early stage to seek to prevent and if necessary deal with crisis factors [5]. It is important to note that the concept of business viability is formulated and central to Directive (EU) 2019/1023, most commonly known as the Insolvency Directive, and is specified as a distinctive concept (there is an explicit introduction to the concept of a “viability test”) to define and rank companies in order to assess their resilience and ability to deal with issues while also finding sustainable solutions to them [6].

The issue of setting up appropriate organisational structures, i.e. the implementation of a corporate governance model which is consistent and proportionate to the business reality, is a particularly sensitive one in the case of family SMEs [7]. In these companies, the formalisation of decision-making processes is often seen as dispossession and a way to reduce the family’s decision-making powers [8, 9, 10, 11, 12]. In the world of SMEs, there is a widespread belief that the idea of control systems and the professional contribution of administrative- and control-type skills is only a cost and not, on the contrary, an important support to achieve objectives [13]. The widespread style of entrepreneurship that characterises the Italian productive sector, but also of many other countries, leads to the existence of a very high number of small businesses typically run by one or a small number of people who over time identify completely with the company they founded, thus becoming themselves the absolute centre of their entrepreneurial creature. It’s a business governance model that often struggles to change even when the business gains market recognition and thus the size of the company grows at the same pace as the complexity which is to be managed [14]. The fear of opening up their management model and listening to instructions from others who introduce new and different skills in many cases wins out, despite the numerous external stimuli [15].

With the introduction in the Italian legislation of the Insolvency and Crisis Code (IC-Code) [16], which will coincide with the timelines indicated in the Insolvency Directive, but which precedes it in terms of its conception, the issue of “organisational structures” is highlighted for all companies including SMEs [17]. It introduces in particular a modification of the law which “requires entrepreneurs to establish an appropriate organisational, management and accounting structure proportionate to the nature and size of the company, which would also pursue the timely detection of a company crisis and the loss of going concern, as well as to take immediate action to adopt and implement one of the instruments provided for by the law to overcome the crisis and recover viability”.

The legislation underlines and strengthens the tasks and duties which already existed in the Italian Civil Code and codes of conduct issued by professional organisations. But the most significant feature in the legislation is the obligation to appoint supervisory and audit bodies in SMEs, which to date had only been touched on marginally on the issue of governance. In particular, the acknowledgment of the control role of the Board of Statutory Auditors – a characteristic figure in the Italian context - and that of Auditors through the significant widening of the range of companies required to appoint them, is undoubtedly revolutionary. The compulsory introduction of independent professionals should lead, as a consequence, especially in family businesses, as most Italian companies are, on the one hand to a greater focus on processes and on the other hand to a more regular reporting of company figures and a more formal implementation of budgeting and planning systems.


3. The role of the board of statutory auditors

In order to protect stakeholders, the Board of Statutory Auditors manages an extensive system of controls related to, first of all, compliance with the reference standards for the preparation of financial statements and, second, compliance with the law and the Articles of Association [18]. Of particular importance is overseeing the timely implementation of mandatory requirements in the event of significant losses, such as to jeopardise business viability [19]. Originally, the “control of the financial statements” was included tout court among the duties of the Board of Statutory Auditors pursuant to Article 2403 of the Italian Civil Code; subsequently, this concept was replaced by the “audit”, understood as a function distinct from overseeing. The Board of Statutory Auditors may also perform the audit, but only in smaller companies and only if the Board is composed of auditors who are members of the appropriate register. Above all, however, in a situation of going concern, it is the responsibility of the Board of Statutory Auditors to monitor the conduct of the directors. They therefore check if there is an effective dashboard of indicators and if it is reliable and if it can therefore allow them, among other things, to monitor the risks taken by the company, the actual and projected performances. It is indeed necessary for the Board of SA to calculate with constant frequency the parameters and thresholds identified in the new IC-Code to check if there are signs of the beginning of a crisis phase and a risk for company viability.

It is worth noting that statutory auditors are professionals who act autonomously and independently, including vis-à-vis the shareholders who elected them. The Board of Statutory Auditors verifies compliance with its independence both after its appointment and annually thereafter, reporting its findings to the Board of Directors. They accept the appointment when they judge that they can devote the necessary time to the diligent performance of their duties, as required by the 2020 Italian Corporate Governance Code. It is in fact a challenging position the performance of which, in addition to their skills, requires to play a number of tasks. An indispensable component of their work is, therefore, a commitment and the possibility of taking part in the activities of the Board of directors and, if they have been appointed, of the committees (i.e.: Control and Risk Committee) set up within it and of interacting with the other key players in corporate governance, including Auditors and the Internal Auditor, who, when appointed, is responsible for setting up and monitoring the Internal Control and ERM system. The remuneration of the statutory auditors is commensurate with their skills, competence, the commitment required and the size and sector characteristics of the company. As for all independent auditors, it must be determined ex-ante by the shareholders’ meeting and cannot be changed for the duration of the mandate [20].

For the system to work, a significant and structured dialogue among the parties involved in the process [21] must be developed, which should ideally take place: a) on a daily basis among the directors, the managers and the Internal Auditor; and b) periodically, but not intermittently, between these parties - in particular the directors appointed in the Control and Risk Committee and the Internal Auditor - and the corporate control bodies that is the Board of Statutory Auditors (or the Sole Statutory Auditor in case of sitting alone appointment).

The 2020 Italian Corporate Governance Code devotes space to the issue of coordination among control bodies. In particular it establishes that the Board of Directors shall define the principles concerning coordination and information flows among the various entities involved in the internal control and the risk management system in order to maximize the efficiency of the system itself, reduce activities duplication and ensure effective conduct of the tasks of the control bodies. As part of their activities, the Statutory Auditors may ask the internal Auditor to carry out checks on specific areas or corporate operations [20]. Moreover, the law provides that the Board of Statutory Auditors and Auditors must promptly exchange information related to the performance of their respective duties.

The Board of Statutory Auditors has the fundamental function of a communications hub as it manages and drives information flows to ensure their efficient circulation and to oversee the timely identification of any threats to business viability [17]. The Board of Statutory Auditors is, in fact, the central hub in the information flow system; it simultaneously plays the role of “recipient, researcher and source of information” [22]. The law establishes the obligation of the Board of Directors to report to the Board of Statutory Auditors at least quarterly in listed companies and at least every six months in unlisted companies, with an initial flow of information which is essential for the effective performance of the control functions over the administration. The Board of Statutory Auditors, however, is the recipient of a more complex information flow, i.e. not only “downstream” from the Board of Directors but also “upstream” due to the information flows coming from the auditors and from the internal audit function. On its own initiative, it can also set in motion information channels to obtain the information needed for the exercise of its supervisory function [23]. It thus assumes in fact the function of coordinator of the numerous players in the system of internal corporate controls.


4. The role of auditors

During the year, the auditor verifies that the accounts are duly kept and the company’s transactions in the book entries are recorded properly. To do this, they collect evidence related to the transactions and compare it with the contents of the financial statements [17]. In their report, they illustrate the findings of their checks and express their professional opinion. The audit report is related to actual accounting documents, i.e. the financial statements and the consolidated financial statements, if they have been prepared. It also contains the auditor’s conclusions on the existence of going concern, indicating any uncertainties related to events or circumstances that may give rise to significant doubt, but this is done only with the precise purpose of assessing the fairness of the criteria used to prepare the financial statements figures.

Auditor functions are, therefore, limited to expressing a professional opinion on the fairness of the financial statements, and comply with auditing standards published in the European Union Official Journal. The functions are in no way comparable to the supervisory functions attributed to the Board of Statutory Auditors by the Italian Civil Code. Specifically, the auditor – unlike the Board of Statutory Auditor – does not participate in Board of Directors meetings and does not oversee the directors behaviours, nor the appropriate organizational, management and accounting structures and tools. Such as appropriateness – or even existence - of the internal control system and the corporate risk mapping system. The auditor cannot express an opinion on the interim accounting situation. The auditor does not assume the role of a corporate information “hub”, but rather contributes as a supplier of specific information only on the accounting figures already processed. In short, the auditor’s checks are ex-post on the actual accounting documents prepared by the company, while the Board of Statutory Auditors oversight role is more complex, in that it is an ex-ante systemic guarding role and it works from a forward looking perspective.


5. The Internal Auditor (IA) and the Internal Control (IC) and Risk Management System (ERM)

The Internal Control (IC) and Risk Management System (ERM) consists of the processes executed by the Board of directors, managers and other corporate structure entities to: i) provide a reasonable assurance on the reliability of the financial statement figures; ii) achieve compliance with organisational conduct, i.e. compliance with the law and regulations in force; and iii) achieve greater awareness of business risks and allow continuity in achieving operational efficacy and efficiency objectives [17]. The Internal Control and Risk Management System is basically represented by the lines of action and by the control and procedure system adopted by the management to achieve the efficient and orderly conduct of corporate activities basing choices on reliable data and consciously monitoring the important risks. The internal control system must be seen as the process put in place by the company to achieve a reasonable assurance that the corporate goals will be achieved. It supports the company in identifying and analysing the risks connected to achieving those goals. It allows management to stay focused on the business and achieve its objectives in compliance with the regulations. It is, in short, made up of the rules, procedures and organisational structures aimed at allowing the identification measurement, management and constant verification of the main company risks.

More specifically – focusing on the issue of risk and therefore on the Enterprise Risk Management model – it ensures that the directors have activated an appropriate process to define business and governance objectives which are consistent with the corporate mission and are in line with the levels of risk appetite (i.e. with the overall exposure to risk the organisation is willing to accept) and acceptable risk (satisfactory residual risk after mitigation measures of the individual risk situations). It is divided into three phases: identification of the events, risk assessment and identification of response to the risk itself. The ERM supports the organisation in identifying the risks associated with the adopted strategy and, if necessary, alternative strategies. In assessing the potential risks that can arise from a specific strategy, the underlying critical assumptions are considered. The risk management process monitors and provides valuable information on changes in the assumptions and their effect of achieving the strategy. Pursuing every strategy entails risk that can change depending on the context dynamics. At times the risk is so important that an organisation may want to review the strategy chosen or possibly replace it with another one characterised by a more appropriate risk profile.

In most Italian family SMEs – but not only Italian ones –, the system described above is not implemented at all, or its implementation is insufficient or self-referential.

In this regard, the introduction of the IC-Code represents a considerable element of discontinuity because obliging significant external controls on these entities means forcing these entities to put their administrative and accounting processes in order or strengthen them. Undoubtedly, in many cases this cannot but lead to a greater focus on the internal control system, and therefore to the introduction in their staff of internal – or even outsourced figures initially – figures with skills typical of Internal Auditors.

The introduction of a risk mapping and assessment process takes on particular relevance in small and medium enterprises as it allows them to make more informed decisions. In fact, the risks identified must be analysed and acknowledged in terms of importance, thus allowing management to focus on those that have a higher future probability of occurring and which thus have a greater impact. This also allows enterprises to identify responses which are more structured and not random ones to each identified risk. A risk can be accepted if it is in line with the sustainable risk, or can be avoided by, say, transferring it to third parties through an insurance policy, or even reduced with interventions using the internal control system or, finally, shared through partnership agreements to reduce the impact in the event a negative event occurs.

What should be noted is the fact that the proper operation of the Internal Control (IC) and Risk Management System (ERM) involves several corporate governance parties (Figure 1) [20].

Figure 1.

Map of relevant administration and control roles in a going concern situation.

The first party in the system is the Board of Directors, which has an interest in basing its decisions on robust data. To best achieve this purpose, it is useful that a Control and Risk Committee composed of non-executive and independent directors (IA) is identified within the board itself when possible and considering the size of the board in an SME, with the task of supporting, with appropriate preliminary activities, the Board of Directors assessments and decisions. Tailoring the issue to family SMEs we can say that the simple introduction of a sole independent director in SMEs can have a considerable impact in this regard.

Secondly, especially in cases where it is not possible to set up committees within the Board of Directors, the figure of the Internal Auditor (IA) is primary. Once identified, he or she assumes a central role in the internal control process as the main person responsible for the implementation, operation and monitoring of the system itself. He or she must be included in the company’s organisational chart, directly under the Board of Directors as it reports directly to the Board and is responsible for verifying that the Internal Control (IC) and Risk Management System (ERM) is appropriate and that, consequently, the accounts and the information made available in general are complete and reliable. As mentioned above, it is precisely this figure that, in our opinion, will take on significantly greater importance with the introduction of the new IC-Code regulations.

Thirdly, of course, the Board of Statutory Auditors is an active party in the Internal Control and Risk Management System, albeit with a different vantage point, namely with a senior role within the control system. As mentioned above, the Board of Statutory Auditors oversees the appropriateness of the organisational structures and therefore also the effectiveness of the internal control and ERM by interfacing with the Board and the Internal Auditor. It should be underlined that this role is explicitly recognised in new 2020 Italian Corporate Governance Code.

Finally, it should be added that, if present, the Auditor too will appreciate the setting up of an effective Internal Control and Risk Management System as it will allow them to reduce detailed analyses by relying mainly on walk through procedures and consistency checks for the pursuit of their objectives.


6. Monitoring ESG risks in SMEs

It is worth noting that in October 2018 the Committee of Sponsoring Organizations of the Treadway Commission (COSO) developed, in collaboration with the World Business Council for Sustainable Development (WBCSD), the guidelines “Environmental, Social & Governance - Enterprise Risk Management. Applying enterprise risk management to environmental, social and governance related risks” for the application of Enterprise Risk Management also to Environmental, Social & Governance risks (hereinafter “ESG risks”).

ESG risks concern the following issues: environmental, such as climate change, pollution and the protection of natural resources; social, such as the defence of human rights and working conditions or relations with local communities; governance, such as remuneration policies, the composition of the board of directors, control procedures and conduct in terms of compliance with laws and ethics.

In recent years, media and investor attention on environmental and social issues has increased considerably, making it more and more important to manage these risks, also in view of increasingly ESG-oriented national and international legislation. Institutional investors themselves are showing increasing interest in responsible investment and the way companies are addressing social and environmental changes to achieve long-term, sustainable growth. ESG has also been addressed at the regulatory level. This is the framework of Legislative Decree 254/2016 which, by introducing “non-financial reporting”, requires, albeit currently only for large, listed companies, to disclose annually, among other aspects, risks and policies adopted in the environmental, social, personnel, human rights and anti-corruption fields. It is our opinion that the spread of a general and shared focus on these issues is set to bring them into SMEs reporting and language. The process of integrating ESG issues into these settings will probably be more gradual and, as usual, at the beginning acting on a voluntary basis by following the reference benchmark represented by listed companies.

However, the increasing disclosure of ESG issues highlights the lower attention recognized to ESG risk management, even in larger companies, compared to the concern with more checked out operational, strategic and financial risks.

According to the World Business Council for Sustainable Development (WBCSD), the main reasons for this are: i- the difficulty in quantifying ESG risks in monetary terms, as they are long-term risks with uncertain impacts; ii- the lack of knowledge of the ESG risks which characterise a company and the scarcity of cross-functional collaboration between the risk manager and those dealing with sustainability; iii- the fact that ESG risks are often managed by a team of specialists and seen as separate or at least less important than strategic, operational and financial risks.

The COSO [24] and WBCSD Guidelines therefore propose the redesign of the following specific objectives:

  1. Governance & Culture: increase the Board’s and management’s awareness of ESG issues, promoting a culture of collaboration across functions;

  2. Strategy & Objective: anticipate short, medium and long-term ESG risks already in the business strategy and objectives definition phase;

  3. Performance: identify and assess ESG risk and related treatment measures based on risk severity;

  4. Review & Revision: develop indicators to alert management to changes that impact on risks and treatment measures;

  5. Information, Communication & Reporting: identify the information to be communicated internally and externally, involving every level of the organisation.

It is our opinion that these are valuable indications necessary for an effective assessment of business viability. They can therefore be addressed when SMEs are called upon to implement new or renewed internal control and risk management systems to take account of the IC-Code indications. It is worth noting that the Italian Organism Business Reporting (OIBR) has recently set up a Study Group to assess the inclusion of non-financial indicators, including ESG, in the parameters for assessing and identifying corporate crises for early-warning purposes provided for by the IC-Code.


7. Risk of overlapping and possible remedies

To be efficient and effective, the system of controls and their distribution among the various players that make it up, with different roles, functions and responsibilities, must necessarily reduce areas of overlaps and systematically structure the methods of interaction between the various players involved. The control functions can be described by identifying three different levels of subdivision:

  1. First level controls – these manage and define the “line” controls of the operational processes, i.e. the checks carried out both by those who perform a given activity, and by those who have direct supervisory responsibility for it: in other words, these are the analytical accounting, management, budgeting, planning and reporting systems that allow the administration and control of the business activities;

  2. Second level controls, which monitor the correct conduct of the risk assessment and control process put into place by management, ensuring consistency with corporate goals and meeting organisational segregation criteria sufficient to allow effective monitoring;

  3. Third level controls, whose goal is to assess the overall functionality of the company’s internal control system.

It is precisely on the latter that the activities of the parties mentioned in the previous paragraphs are concentrated. Polycentric control systems, like those described, present areas for improvement, but overlapping is a risk that, like other risks, must be monitored, can be reduced and, in some cases, can be an opportunity. This objective can and must be pursued by means of instruments necessarily operating ex-ante and involving all the bodies involved, which are asked to pay specific attention and be aware of potential issues and of the need/opportunity to manage them.

The following tools can be used:

  • the definition of a language common to the general internal control system and risk management;

  • the definition and adoption of harmonized methodologies and instruments;

  • the integrated planning of activities seeking to limit redundancies and duplication, focusing on areas of greater complexity or risk;

  • the management of the company in line with the objectives defined by the Board of Directors, fostering the taking of fully informed decisions, based on the awareness of risks and the necessary safeguards for their monitoring.

As far as control roles and functions are concerned, integration can only be achieved with the establishment of procedures that facilitate an in-depth exchange of information between the various players and the planning of an integrated activities plan. The text of 2020 Italian Corporate Governance Code is also working in this direction, taking an important step forward. On the one hand, the document stresses the centrality of the Board of Directors as the entity responsible for the internal control and risk management system. On the other hand, it goes further by recognising the need for structured coordination between the various parties involved to avoid inefficiencies and duplications. This implies to formulate and set up procedures that allow periodic and systematic exchanges of information among all the parties involved in various capacities and tasks in the system.

Recommendation included in the 2020 Italian Corporate Governance Code for listed companies and those aiming to be listed represent a relevant benchmark for all companies, regardless of their size, called to comply in the next future with the IC-Code.


8. Results, limits and further researches

The work has proposed an examination of the “Italian way” to face Family SMEs financial distress situations. As described it is characterized by the introduction of the Board of Statutory Auditors which has a central role in identifying possible hazards to business viability. Its control ex-ante, as a matter of fact, allows the independent professionals involved in this special Board to interact in time with Directors - which in Family SMEs are usually are Family members - detecting signal of crisis and helping them to become aware of their relevance and potential impact. It is therefore asked to family SMEs to walk through this new path albeit implementing tools proportionate to the company’s complexity. The aim is the development of a full awareness of corporate risks, the construction of a map that identifies and explicitly represents them so that they can be brought to the Family members attention and can be better monitored.

The importance of a constant constructive dialogue between experienced independent professionals and family members involved in the management of the company has been highlighted. The more the dialogue takes place before and when the decisions are taken the more the possibility of a positive influence will be high and therefore the more the probability of taking risks unknowingly will be reduced. For this to be possible, however, it is necessary on one side that independent professionals are able to use a convincing language and on the other side that family members are willing to listen their voices without feeling subjected to their presence. Experts ability to bring value, by focusing attention to the critical issues of choices and therefore forcing deeper and more rational reflections by tracing the intuition to a more structured and complex decision-making grid need to be recognized in the field.

Another point which resulted here emphasized is the necessity, when different control roles are defined, to reduce areas of overlaps and systematically structure the methods of interaction between the various players involved. This is essential to be able to convey clear and consistent messages and finally to reach efficacy of controls themselves. It is a relevant consideration as the proper operation of the Internal Control (IC) and Risk Management System (IC and ERM) involves, as seen in details in the chapter, several entities of corporate governance and consequently a risk is structural due to the increase of the complexity to manage.

A first limit of the work can be considered the qualitative approach of the analysis. Indeed this is a descriptive work that aims to provide a first analysis of the new Italian legislation that will come into force on 1st September 2021. It will be possible in the very near future to verify whether what is here described will actually bring benefits to Family SMEs. It will be possible to collect data and to proceed with the measurement of the effects of the introduction of the mechanisms examined, in particular of the Statutory Board, on the ability to promptly intervene and avoid or at least to face situations of financial economic distress at an earlier stage.

A second limit could be considered the lack of explicit international comparisons. In this regard, however, it should be reported that the researches carried out has allowed to detect that no similar mechanisms have been introduced in other Western countries. It will be therefore interesting, in future researches, to widen and to go deeper with this part of the analysis. In particular it will be certainly necessary to consider, with reference to the European context, if the implementation of the EU Insolvency Directive, which emphasizes the need to provide early warning tools in national legislation, will lead in the near future to the introduction of corporate governance rules comparable to the Italian ones.

Moreover the work highlights that the “Italian way” introduced by the IC-Code provides some financial specific indexes to be monitored by both the Directors and the Statutory Board, but some non-financial information are also taken in consideration. Some of these can be considered forward-looking and can be traced back to the categories of Governance information. It is our opinion that monitoring a more complete ESG information dataset could have an effective assessment of business viability. Future research could explore the possible inclusion of non-financial indicators, including ESG, in the parameters to identify corporate crises for early-warning purposes provided for by the IC-Code.


  1. 1. Riva P., Provasi R., The ability of the turnaround index to assess going concern assumptions: evidence from its application to Italian listed companies, in Global Business & Economic Review, 2016, ISSN: 1097-4954
  2. 2. Riva P., Provasi R., Assessment of going concern for the Italian listed companies: an empirical study, in Review of Business & Finance Case Studies, 2015, ISSN: 2150-3338
  3. 3. Riva P., Provasi R., An Overview about Italian companies facing the financial and economic crisis. A cultural revolution, in International Journal of Economics And Business Research, 2014, ISSN: 1756-9850
  4. 4. Riva P., Provasi R., Accounting for debt restructuring in the current crisis. Italian experience by Italian legal conditions, in EKONOMSKA ISTRAžIVANJA, 2013, ISSN: 1331-677X
  5. 5. Parisi G., L’adeguato assetto organizzativo e il rafforzamento degli obblighi e dei doveri dell’organo amministrativo e di controllo dopo il D.Lgs. 14/2019, Available from
  6. 6. Stanghellini L., Mokal R., Paulus C. G., Tirado I., Contractualised distress resolution in the shadow of the law, Best practices in European restructuring, 2018, Wolters Kluwer
  7. 7. Riva P., Comoli M., The impact of the new Italian early warning system provided by the Ic-code on family SMEs governance, in Corporate Ownership and Control, Virtus Interpress, 2019, DOI:10.22495/cocv16i3art6
  8. 8. Anderson R. C., Reeb D. M., Founding family ownership and firm performance: Evidence from the SandP500, in The journal of Finance, 2003,
  9. 9. Stein L. C., Takeover threats and managerial myopia, in Journal of Political Economy, 1988,
  10. 10. Stein J. C., Efficient capital markets, inefficient firms: A model of Myopic corporate behaviour, in The Quarterly Journal of Economics, 1989,
  11. 11. James H., Owner as manager, extended horizons and the family firm, in International Journal of the Economics Business, 1999,
  12. 12. Anderson R., Sattar A., Mansi E., Reeb D. m., Founding family ownership and the agency cost of debt, in Journal of Financial Economics, 2003,
  13. 13. Colarossi F., Giorgino M., Steri R., Viviani D., A corporate governance study on Italian family firms, in Corporate Ownership & Control, 2008,
  14. 14. Di Toma P., Strategic dynamics and corporate governance effectiveness in a family firm, in Corporate Ownership & Control, 2012,
  15. 15. Songini L., Gnan L., Family involvement and agency cost control mechanisms in family small and medium-size enterprises, in Journal of Small Business Management, 2015,
  16. 16. Danovi A., Riva P., Azzola M., Avoiding bankruptcy in Italy: preventive arrangement with creditors, in Contemporary Issues in Finance: Current Challenges from Across Europe, Emerald, 2017, ISBN: 978-1-78635-907-0
  17. 17. Riva P., Corporate Governance Roles and Non Financial Information. Milano: Egea; 2020. 4: 274: 18: 19
  18. 18. Riva P., Danovi A., Comoli M., Garelli A., Corporate Governance in Downturn Times: Detectionand Alert – The New Italian Insolvency and Crisis Code, in Crisis management. Theory and practice, IntechOpen, 2018. Available from:
  19. 19. Difino M., Riva P., Ruolo, compiti e responsabilità del Collegio Sindacale. La rilevanza strategica dell’attività di vigilanza e l’organo di controllo nelle PMI, in I nuovi compiti degli organi sociali a cura di Riva P., Collana Crisi d’impresa diretta da Danovi A., Acciaro G., Il Sole 24 Ore, aprile 2019
  20. 20. Codice della Corporate Governance, Raccomandazione 30: 26, l. c):32
  21. 21. Riva P., Provasi R., Crisis and controls: the Italian model, in Corporate ownership & control, Volume 11, 2013
  22. 22. Caterino D., Poteri dei sindaci e governo dell’informazione nelle società quotate, Cacucci editore, Bari, 2012
  23. 23. Stampelli G., I flussi informativi nelle società quotate: poteri e doveri del Collegio Sindacale, rivista di Diritto Privato, saggi e pareri, 1/2017
  24. 24. Riva P., Provasi R., The Updated COSO Report 2013, Journal Of Modern Accounting And Auditing, 2015

Written By

Patrizia Riva, Maurizio Comoli and Ambra Garelli

Submitted: 09 January 2021 Reviewed: 17 February 2021 Published: 07 April 2021