Literacy Study on Governance, Risk and Compliance (GCR) and Performance

In this research explains and explains how the impact of the implementation of Governance, Risk, and Compliance (GCR) and its impact on company performance, researchers conduct theoretical studies and previous literature studies where the theory used is Agency Theory which concerns the occurrence of information asymmetry and through Stakeholder Theory which explains how the relationship between the company and stakeholders. Governance, Risk, and Compliance (GRC) information shown to company stakeholders. where the theory used will help in explaining how the impact of implementing Governance, Risk, and Compliance (GRC) can improve company performance. This study will also examine previous research that provides an overview of the Implementation of Governance, Risk, and Compliance (GRC) and its impact on company performance. This research uses a qualitative descriptive approach by conducting theoretical studies and literature studies by conducting literature studies and collecting journals through websites and the internet. The research methodology used is purely through the analysis of existing literature and theoretical studies related to the topics discussed in the research, then researchers discuss and provide an overview of conclusions through theoretical analysis and research results that support to obtain good theoretical research results related to the themes discussed in the research. Through the results of theoretical studies and literature studies, results were found with conclusions The implementation of companies that apply the concept of Governance, Risk, and Compliance (GRC) in an integrated manner, and in accordance with the provisions and systematically in a sustainable manner will increase coordination power in each line of the company and create efficiency in company management which will have an impact on company performance.


Introduction
Today's business competition is becoming increasingly complex and broad along with the development of the age of information technology, globalization, and economic integration.The developing and integrated world market not only makes it easier for companies to conduct transactions between countries and develop only business / business, but also brings challenges for companies in achieving their goals to prosper shareholders.This condition indirectly encourages the company to always strive to increase its company value to achieve the goal of prospering shareholders.
According to (Sujarweni, 2021) performance is the result of an assessment of the work done, comparing the results of work against the standards set for each work done, and must be evaluated or measured periodically.Financial performance is the result of operational activities whose finances lead to better results for the underlying company's activities (Setiawan, Hasiholan & Pranaditya, 2018).Financial performance is an important indicator and factor that potential investors consider when investing in their shares.Financial ratios are needed to assess the results of a company's financial performance, because according to financial ratios it can explain the company's financial level, measure management efficiency, evaluate performance, and be an alternative method of verifying that financial information is used according to financial accounting for capital market classification or stock return forecasting (Wijaya & Khoironi, 2021) Governance, Risk, and Compliance is a combination of three concepts that work together to adjust the facts of activities throughout the company to function more effectively and efficiently, report more, and eliminate ineffective overlap (Maulana & Iradianty, 2022).In the implementation of these three concepts, GRC becomes an integral and continuous concept.If the company does not apply the GRC concept that is not integrated, it will cause weak coordination and lead to inefficiency in cost management which has an impact on company performance.Conversely, if the application is integrated, it can be a company resolution to weak qualifications in various industries and other commodities to support the country's economy and encourage the company's performance level (Habsyi et al., 2021).
Governance, Risk, and Compliance (GRC) is a term that refers to the concepts of governance, risk management, and compliance.When implemented effectively in a business, it can lower expenses, reduce inefficiencies, and improve communication within the company; GRC can help in ensuring the goals of a company and objectives are set more clearly, the corporate structure is improved, and the regulations are fixed are followed correctly.Strong GRC lays the foundation for future business expansion (Greenhalgh, 2020).When GRC requirements are ignored, space opens up for unethical business practices to proliferate (Haugh, 2019).The organization has improved its internal audit and risk management functions and budgets due to an increased focus on governance, risk, and compliance activities.The integrated GRC program was developed to improve the effectiveness and efficiency of risk and control functions are performed throughout the organization due to concerns regarding the overall costs associated with such activities (Handoko et al., 2020).
Governance, risk, and compliance (GRC) activities are fundamentally interconnected, and by establishing an integrated, common discipline around regulations, policies, risks, controls, and issues, relying on the same set of information, methodologies, processes, and technologies, leading organizations have demonstrated that they can make better use of information, improve operational efficiency, and provide greater transparency to legal risks, regulatory, operational, and overall business (Accelus 2012).But in reality the implementation of GRC has not been integrated, and cannot provide additional value for the organization.GRC silos that result in poor coordination, conflict, imbalance and cost inefficiencies (GRC Forum Indonesia 2020).
Governance, Risk, and Compliance (GRC) are three pillars that work together to ensure a company achieves its objectives (Spanaki and Papazafeiropoulou, 2016).Governance is a combination of processes established and carried out by directors, which are reflected in the organizational structure and the way they are managed and carried out to achieve goals (Rasmussen, 2018).Despite the growing importance of effective management, many healthcare providers are slowly adopting the GRC approach to be well integrated into business and management processes.Often in reactive mode, healthcare companies are stuck with minimal results for maximum effort.Meanwhile, risk management predicts and manages risks that have the potential to hinder the company from achieving its goals (Krause and Tse, 2016).Compliance with company policies, procedures, laws, and regulations.Strong and efficient governance is the key to corporate success (Arora and Sharma, 2016).In implementing integrated risk management and governance, the implementation of GRC is a solution and urges the need for the healthcare industry and its conglomerates to achieve regulatory compliance.Such as carrying out work and cost efficiency to avoid duplication of assurance processes carried out in governance, risk management, internal audit, compliance, control, and audit committees that can mitigate risks to a minimum level.This is to encourage the creation of reliable quality health services to provide a sense of trust to consumers and all stakeholders, and ultimately the company's value will increase.
The development of these three concepts, namely the application of GRC, into interrelated and closely related concepts.In a company, if GRC is not well integrated, this can result in weak coordination, costs not being managed efficiently, and negatively impacting the performance of the company itself.Conversely, if the three concepts are well integrated, this can be a way out for companies in facing challenges in various commodities and industries, boosting the national economy, and increasing their productivity (Anatasya &;Novita, 2019).In reality, the implementation of GRC is still siloed so that it does not provide optimal added value for the organization.Siloed GRC conditions are reflected in the form of weak coordination, conflicts/overlaps, gaps, and cost inefficiencies (GRC Forum Indonesia, 2020).
In the CRMS Indonesia survey (2022), in 2022 as many as 35.5% of companies do not have a mature strategy to implement integrated GRC, and as many as 1.4% of companies consider integration to be complex.Research on the implementation of integrated Governace, Risk, and Compliance (GRC) in Indonesia is also still very little.
In recent years, the application of GRC in the field of management has become the focus of the company's attention, hence the holding of Top GRC Awards.These activities can motivate companies to improve GRC implementation in Indonesia.Continuously develop performance based on the implementation of GRC trust to Maf'ul Taufiq: Literacy Study on Governance, Risk and Compliance (GCR) and Performance advance prolonged business development through improved procedures and implementation of integrated GRC regulations (Topbusiness 2021).The GRC maturity level survey conducted by OCEG (Open Compliance &; Ethics Group) in 2019 revealed that 14% of respondents have concretely combined GRC processes and technologies, 23% still have silos and the rest lack adequate GRC maturity.Another survey on CG Watch 2018: Hard Decisions Asia Faces Tough Choices in CG Reform published by the Asian Corporate Governance Association (ACGA) and CLSA Limited in 2018 revealed that Indonesia needs major improvements to keep pace with other Asian countries.Indonesian organizations' transparency practices have improved through the implementation of better accounting standards for financial reporting, there are still some irregularities in trading and insider trading, according to the findings (GRC Forum Indonesia, 2020).Because companies in all sectors have little ability to assess the effectiveness and impact/benefits of GRC implementation, the assessment must be carried out because it shows that GRC implementation work has a significant effect on the company's business performance (Republika, 2020).

Agency Theory
According to (Jansen and Meckling, 1976) states that agency theory is a contractual relationship that occurs between principals who use agents to carry out services according to the principal's interests.This led to the separation of ownership and control of the company.The separation of duties between the two parties in running the business will cause agency problems because of asymmetric information.This information asymmetry can occur when not all information obtained or known by the principal and agent is the same.Information asymmetry can cause problems due to the principal's difficulty in monitoring and controlling the actions of agents.When managers make inappropriate decisions and can cause losses to the company itself, then this will have an impact on the company's financial condition, of course if conditions like this continue then the company will not be able to make payments on its obligations back, and if it continues then the company may experience liquidation or even go bankrupt.

Stakehoders Theory
Stakeholders theory was first initiated by R. Edward Freeman in 1984 which states that, stakeholders theory is a modern concept, stakeholders as individuals or groups that can influence or be influenced by the achievement of organizational goals.Stakeholder theory explains how management meets or manages stakeholder expectations.This shows that the company is not an entity that only operates for its own interests but must be able to provide benefits for all its stakeholders.All stakeholders have the right to obtain information about the company's activities during a certain period that is able to influence decision making (Utomo, 2019).
Maf'ul Taufiq: Literacy Study on Governance, Risk and Compliance (GCR) and Performance Stakeholder Theory states that the company is not an entity that only operates for the benefit of the company, but must also provide benefits for stakeholders (shareholders, creditors, consumers, suppliers, analysts, employees, government, and other parties such as society that is part of the social environment) (Chariri & Ghozali, 2007).According to stakeholder theory, organizational management is expected to carry out activities that are considered important by stakeholders.In other words, the prosperity of a company depends on the support of its stakeholders.Stakeholders are defined as stakeholders, namely parties or groups with interests, either directly or indirectly to the existence or activities of the company, and because the group influences and is influenced by the company.This stakeholder group is the main consideration for companies in disclosing or not disclosing information in the annual report (Ihyaul, 2017).

Governance, Risk, and Compliance
GRC stands for Governance, Risk, and Compliance which was later adopted into the acronym GRC (Governance, Risk, and Compliance) in Indonesia.The term governance is used in place of the term governance to accommodate a wider scope.The National Committee for Governance Policy -KNKG (2019) stated that the term governance has a narrower meaning that only regulates relations between internal parties in the organization.Meanwhile, the term governance refers to more diverse stakeholder arrangements (internal and external).Conceptually, the idea of GHG was first proposed in 2003 by the Open Compliance and Ethics Group (OCEG).Based on the definition issued by OCEG, the objective of integrated GRC implementation is to achieve principled performance through handling uncertainty and acting with integrity that is the foundation of the organization.According to (Papazafeiropoulou & Spanaki, 2016), the term GRC was originally introduced in 2004 by Pricewaterhouse Coopers and has since become a widely emerging and important solution to the business needs of an organization.The following is a picture of the components of the implementation of Governance, Risk, and Compliance as follows:

Governance
Good Corporate Governance (GCG) is a healthy company management procedure that has been introduced by the Indonesian government and the International Monetary Fund (IMF).This concept is expected to protect shareholders and creditors in order to get back their investment.Indonesia began to implement GCG principles after signing a Letter of Intent (LOI) with the IMF, one of which is the inclusion of a schedule for improving the management of companies in Indonesia.In line with this, the National Committee for Corporate Governance (KNKCG) believes that companies in Indonesia have a responsibility to implement GCG standards that have been applied by international standards.According to Tunggal (2013) Corporate Governance is a system that regulates, manages and supervises the business control process to increase the value of shares, as well as a form of attention to stakeholders, employees and the surrounding community.Furthermore, according to the Forum for Corporate Governance in Indonesia / FCGI (2001) defines Corporate Governance as a set of regulations that determine the relationship between management stakeholders, creditors, government, employees and other internal and external stakeholders in relation to their rights and obligations, or in other words the system that directs and controls the company.

Risk (Risk Management)
Risk management is a step or approach that allows companies to assess, identify, monitor, and control business risks.Risk management allows all management parties to guide business activities back to the specified path and the company still needs to Maf'ul Taufiq: Literacy Study on Governance, Risk and Compliance (GCR) and Performance control the risk management involved.(Halim & Wijaya, 2020).Risk management is an activity carried out to identify, analyze and control risks that may occur in an activity or activity so that higher effectiveness and efficiency will be obtained (Darmawi, 2016).According to the Ministry of Finance of the Republic of Indonesia, Risk management is a systematic approach that involves identifying, evaluating, controlling, and monitoring risks that might affect the achievement of an organization's goals.The goal is to recognize potential problems or negative impacts that could arise from uncertainty or changes in the operational environment, and to take the necessary steps to mitigate risks or address their consequences.The following is a picture of the risk management process according to the Ministry of Finance of the Republic of Indonesia:

Compliance
According to the National Standardization Agency (BSN) compliance management is the processes, policies, and procedures implemented by organizations to comply with relevant laws, regulations, industrial standards, and internal policies.A compliance management system is a structured approach to managing regulatory and legal risks, as well as ensuring that organizations operate within legal boundaries.A compliance management system generally includes several components, such as policies and procedures, risk assessment, compliance monitoring and testing, training and communication, incident management and corrective actions.(https://bsn.go.id.:2021) According to (Wardana et al., 2019) obedience is a behavioral process that strengthens the values of obedience and loyalty, loyalty, regularity or it can be said that attitudes or actions are no longer considered or felt as a burden, but become a burden when they cannot be done as usual.Compliance management is designed to meet regulatory transparency requirements and legal reporting obligations (Gericke, Fill, Karagiannis & Winter, 2009).According to IBFG Institute (2017) the relationship between these three concepts begins with establishing compliance requirements through applicable regulations (Compliance, C).In addition, the risk of noncompliance arising from these requirements is managed by Risk Management (R).Finally, the risk management plan is implemented through corporate governance control (G).The process returns to the first part, evaluating the processing results that meet compliance requirements.

Company Performance
Company performance is the result of company activities or activities that can be a benchmark for the company's success (Apriliani and Dewayanto, 2018).But according to (Dewi, 2018), the company's performance is the performance produced by companies in the financial sector.Information about the company's performance is very important to be used by interested parties such as the government, society, creditors and shareholders.The government has an interest in terms of regulations and policies that will affect the company's performance, the public has an interest as consumers of the products produced by the company.Similarly, lenders who measure the feasibility of lending to companies through the performance produced by the company, and shareholders who expect good company performance in order to generate profits.If the company's performance is good, then the interested parties in the company can make the right decision.
Company performance is the result of work that can be achieved by a group of people in an organization or company, in accordance with their respective authorities and responsibilities in an effort to achieve company goals legally, does not violate the law and does not conflict with morals and ethics (Rivai, 2004) and (Basir, 2004)).The performance of a company can be measured through its financial performance.According to (Sucipto, 2003), financial performance is a determinant of certain measures that can measure the success of an organization or company in generating profits.According to (Helfert, 1996), company performance is a picture of the overall state of a company over a certain period of time, and is a result or achievement that is influenced by the company's operational activities in the benefits of its resources.Furthermore, (Srimindarti, 2004) defines performance as a general term used for part or all of the actions or assets of an organization in a period with reference to standard amounts such as past or projected costs using the basis of efficiency, accountability and management accountability.

Method
This research uses a qualitative descriptive approach by conducting theoretical studies and previous literature studies.This study discusses and reviews previous literature on the implementation of Governance, Risk, and Compliance (GRC) and its implications for company performance, previous theories and research are collected and analyzed and then researchers summarize and relate previous theories and Maf 'ul Taufiq: Literacy Study on Governance, Risk and Compliance (GCR) and Performance research with in-depth conclusions and studies.Theoretical sources are obtained through journals, books and research through accredited journal websites.This research will provide an overview of how the implementation of Governance, Risk, and Compliance and how it impacts company performance through theory and comparison with previous research.The research methodology used is purely through the analysis of existing literature and theoretical studies related to the topics discussed in the research, then the researcher discusses and provides an overview of conclusions through theoretical analysis and research results that support to obtain theoretical research results related to the themes discussed in the research.

RESULTS AND DISCUSSION
Study through Agency Theory (Jensen and Meckling, 1976) distinguish the problem between creditors and company management into two problems, namely: (1) investment and operating decisions remain with shareholders, debt is used by the company to pay dividends to investors causing the company to default, and (2) managers-shareholders, managers invest in projects with high risk, when the investment fails it will cause the company to default.Both of these things are very detrimental to the creditors.Based on these considerations, creditors need to make contractual agreements with prospective debtors to protect their interests.This contract agreement will later be adjusted to the conditions and situation of the company.(Bhojraj and Sengupta, 2003) argue that good corporate governance plays a role in suppressing the default risk assessment of the company being tricked by cutting agency costs through monitoring the performance of company managers so as to suppress information asymmetry in the company's operations.
In agency theory, shareholders expect the agent to take actions that will benefit the principal, but in general, what happens is that the agent's actions and decisions are not in accordance with the principal's wishes.Agency theory describes a separation of roles between agents and principals that has the potential to cause agency conflicts due to differences in interests.At this time, the implementation of Governance, Risk, and Compliance (GRC) is needed as a system that is able to direct the company through corporate governance, adequate mitigation of corporate risks, and compliance commitments to reduce the possibility of agency conflicts.So that with the implementation of Governance, Risk, and Compliance GRC in a company, the company's performance can continue to increase.

Study through Stakehoders Theory
This theory focuses on several major influences on companies, namely those that influence directly or indirectly.Stakeholder groups that can influence greater and greater disclosure of risk management practices.In theory Stakehoders, affirmed that stakeholders in principle have the right to receive information about the company's operational activities, especially those that have the potential to affect stakeholders' interests.Information Governance, Risk, and Compliance (GRC) shown to stakeholders Maf'ul Taufiq: Literacy Study on Governance, Risk and Compliance (GCR) and Performance is a manifestation of management's strong commitment to running the company through good governance, maintaining company management risks, and a reliable level of compliance.Therefore, the implementation Governance, Risk, and Compliance (GRC) in the company can be part of a positive signal to stakeholders in a company.The essence of stakeholder theory is based on the common belief that stakeholders are considered assets of the organization and managers must satisfy them (Zahid and Ghazali, 2017).The satisfaction of many stakeholders increases the goodwill of the organization.The organization can maintain its status and reputation in society, which ultimately increases its value.For companies that focus on sustainability, it is necessary to ensure that the business is able to manage business risks while meeting stakeholder expectations.In the context of stakeholder theory, it is established that effective corporate risk management practices and sustainability reporting increase economic value (Shad et al., 2019).

The relationship between the implementation of GRC and its relationship with company performance
According to (Haryono and Paminto, 2015), one way that can be taken so that companies can improve their company performance and how management can manage company resources more effectively and efficiently or efficiently, in other words, how management can manage its corporate governance well.(Haryono and Paminto, 2015) also revealed that corporate governance is one of the main keys in terms of increasing efficiency and economic growth as well as investor confidence.According to (Ullah et al., 2017), the existence of corporate governance is considered capable of increasing investor confidence and protecting investor interests.(Wiyuda and Pramono, 2017) stated that implementing Good Corporate Government can restore investor confidence to reinvest their capital and can also improve the financial performance of a company so as to produce good corporate governance.This is also supported by the results of previous research conducted by (Perdani, 2016) which states that there is an influence of Good Corporate Governance measured by using the board of directors, board of commissioners and audit committee on financial performance.
Supervision of good corporate governance applied to the company is expected to improve the company's performance both financially and operationally.Companies that implement good corporate governance will have a positive impact on the company, one of which will be able to improve the welfare of owners or shareholders through increasing the value of the company in the eyes of investors.Good corporate governance also encourages all internal and external factors in the company to better carry out its management.Good corporate governance is also the key to a company's success to generate profits.
Risk management is a set of procedures and methodologies used to identify, measure, monitor, and control risks that may arise from business activities.In relation to company performance, risk management is carried out to improve company performance.The implementation of good risk management will have an impact on achieving company goals in accordance with what is expected.In a company it is very difficult to avoid risk, therefore it is necessary to hold risk management because risk management greatly affects operational activities in the company, if risk handling in the company goes well, the activities carried out will experience convenience without obstacles that are influenced by risk.
Based on the explanation above, it can be concluded that companies that apply the concept of Governance, Risk, and Compliance (GRC) in an integrated manner, and in accordance with the provisions and systematically in a sustainable manner will increase coordination power in each line of the company and create efficiency in company management which will have an impact on company performance.

Conclusion
Agency theory describes the separation of roles between agents and principals who have the potential to cause agency conflicts due to differences in interests, so that the implementation of Governance, Risk, and Compliance (GRC) is needed as a system that is able to direct companies through corporate governance, adequate mitigation of company risks, and compliance commitments to reduce the possibility of agency conflicts.Therefore, with the implementation of Governance, Risk, and Compliance (GRC) in an integrated and sustainable manner in a company, company performance can continue to increase.
Through the Stakehoders theory, it is affirmed that stakeholders in principle have the right to receive information about the company's operational activities, especially those that have the potential to affect stakeholders' interests.Governance, Risk, and Compliance (GRC) information shown to stakeholders is a manifestation of management's strong commitment to running the company through good governance, maintaining company management risks, and reliable levels of compliance.Therefore, the implementation of Governance, Risk, and Compliance (GRC) in the company can be part of a positive signal to stakeholders in a company.
In this study, it has been explained how Governance, Risk, and Compliance (GRC) theoretically and based on a review of previous research literature related to the influence of GRC and its impact on company performance, the application of Governance, Risk, and Compliance plays an important role in anticipating the running of company activities that can improve company performance.