This paper studies enterprise risk management (ERM) systems within private firms, and examines how firm size influences risk settlement decisions inside micro, small, medium and large unlisted corporations. This paper contributes to the literature with an empirical analysis of whether private firms consider it worth managing risk using formalized organization and procedures, even if this is not imposed by any mandatory rule or by self-regulation. Submitting a questionnaire to a sample of Italian unlisted companies, it is found that 67% of respondents have no risk management department and only 10% are planning to create one. It seems that formalized risk-management systems amongst private entities are not widespread. It is likely that significant opportunities remain, especially for medium and big organizations, to strengthen underlying processes for identifying and assessing the key risks that the entity normally faces.
Keywords: Enterprise risk management, unlisted companies, small-micro-medium entities, SMEs.