Combined assurance to enhance the efficiency and effectiveness of internal control: A study of risk management in banks

Download This Article

Ahmad Yusdarani Syamsudin, Lindrianasari ORCID logo

https://doi.org/10.22495/rgcv15i3p12

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Abstract

This study aims to understand perceptions of implementing combined assurance at XYZ Banking Company and evaluate its challenges and benefits. The combined assurance model integrates the company’s governance, risk management, and compliance (GRC) processes (Wibowo et al., 2022). The research method used is qualitative with a case study approach. Primary data was collected through in-depth semi-structured interviews with 24 informants selected through purposive sampling, consisting of two divisions: the internal audit division and the risk management division. The research findings indicate that the audit and risk management teams at XYZ Banking Company have a positive perception of combined assurance, although several areas still need improvement. The study also identified several obstacles in its implementation, such as differences in competencies, perspectives, and authority; overlapping duties and positions; sectoral egos; time and organizational structure constraints; lack of task segregation and dual control; and low awareness of the importance of risk management. In addition, there are other challenges, such as data security, regulatory compliance, ineffective evaluation and monitoring, and issues related to technology and infrastructure. Therefore, this study proposes a plan to overcome these obstacles and highlights the benefits of implementing combined assurance. The benefits include improved internal controls, minimized control weaknesses, and greater time and cost efficiency.

Keywords: Combined Assurance, Internal Control. Audit, Risk Management

Authors’ individual contribution: Conceptualization — A.Y.S.; Methodology — A.Y.S. and L.; Validation — A.Y.S. and L.; Formal Analysis — A.Y.S. and L.; Investigation — A.Y.S.; Resources — A.Y.S.; Data Curation — A.Y.S. and L.; Writing — Original Draft — A.Y.S.; Writing — Review & Editing — A.Y.S. and L.; Visualization — A.Y.S.; Supervision — L.; Project Administration — A.Y.S.

Declaration of conflicting interests: The Authors declare that there is no conflict of interest.

JEL Classification: G21, G30, G32, M42, M48

Received: 30.01.2025
Revised: 23.04.2025; 15.07.2025
Accepted: 11.08.2025
Published online: 13.08.2025

How to cite this paper: Syamsudin, A. Y., & Lindrianasari. (2025). Combined assurance to enhance the efficiency and effectiveness of internal control: A study of risk management in banks. Risk Governance and Control: Financial Markets & Institutions, 15(3), 148–156. https://doi.org/10.22495/rgcv15i3p12

Virtus InterPress

© 2003 - 2025 Virtus Interpress,
except Open Access articles

Gagarina 9, office 311-312, Sumy, Ukraine

+380-542-610360

info@virtusinterpress.org

About us

Books

Journals

For authors

CG Experts Repository

Virtus GCCG

to top