GRA 6293 Governance, Risk, and Compliance (GRC)

GRA 6293 Governance, Risk, and Compliance (GRC)

Course code: 
GRA 6293
Law and Governance
Course coordinator: 
Morten Kinander
Leon Bogdan Stacescu
Course name in Norwegian: 
Styring, risikohåndtering og compliance
Product category: 
MSc in Law and Business
2023 Spring
Active status: 
Level of study: 
Teaching language: 
Course type: 
One semester

Corporate governance is a growing area of academic research, as well as a growing area of concern for regulators, investors, and firms. The aim of the course is to provide an overview of recent developments in corporate governance and corporate governance regulation, followed by a more detailed analysis of governance, risk management and compliance issues in the financial industry.

The interest in corporate governance issues has been stimulated by the governance scandals in the early 2000s, but also by the increasing role of institutional investors, large-scale privatizations, increasingly integrated financial markets, and concerns for stakeholder welfare.

We discuss the shareholder value and the stakeholder view of corporate governance. We examine the various combinations of ownership and control, and the key potential conflicts between various stakeholders. An important place will be given to the role of leverage and the associated conflicts between shareholders, debt holders and other stakeholders. We then analyze the need for regulation, as well as the main corporate governance rules adopted in Norway and other countries.

The financial crisis of 2008-2011 revealed a dire need for improving risk management and regulation in the financial sector. Both European and US legislators have since produced a large body of rules that financial firms are expected to comply with. As a consequence of increasingly strict demands and requirements from legislative, regulatory and supervisory authorities, most new jobs created within the financial services sector are within the risk and compliance sector. Bankruptcies within the financial sector have also shown the commercial significance of loss of licenses due to breaches of financial rules and regulations. Forced mergers, nationalizations and large fines have also affected investors and tax payers.

Financial regulation applies to all who do business within the financial sector, investment firms, banks of all sizes, pension funds, insurance companies, etc., and it includes rules pertaining to the organisation of firms, to investment advice, to conflicts of interest, to product designs and to selling, to mention just a few. Working in the risk and compliance department in a financial firm presents also challenging governance issues, where management and leadership skills are key.

Regulatory risk is closely related to the underlying commercial and financial risks of the financial institution. This demands understanding of financial risk models, as well as insight into the firms’ exposure.

The course will include considerable teaching on the technological developments within Fintech and Regtech as tools for making supervision of the financial industry more efficient.

The course will also address the issues of socially responsible investment and ESG-issues in the corporate governance of firms and the investment policies of financial institutions. 

As the governance of investment banks and other financial institutions have been heavily regulated by the EU in the aftermath of the financial crisis, the legal aspects of the course will mainly be concerned with EU/EEA-law, and the students will acquire familiarity with the most important relevant EU laws.

Learning outcomes - Knowledge

The course will provide students with an understanding of the main corporate governance issues and the reasons for corporate governance regulation, risk management regulation and compliance requirements.

This course will teach students how to handle two forms of risk; regulatory and financial. It will also – through working with experienced practitioners – enable students to evaluate the set up, organisation and management of compliance departments within bank, insurance and securities sectors. To be a successful compliance officer or risk controller, it is key not only to have an overview of the legal rules and financial models, but also to be have managerial skills and an understanding of the special role that such persons play in the firms.

By the end of the course the students will have:

  • an overview of the key issues and recent developments in corporate governance, as well as corporate governance codes.
  • an understanding of the moral hazard issues that affect governance, and be aware of their effects on shareholders, managers, directors, debt holders, employees and other stakeholders. They will also be aware of the reasons for corporate governance regulation and its limitations.
  • acquired a practical knowledge about key regulatory and compliance issues affecting financial institutions
  • acquired more specialized knowledge of corporate governance issues in the financial sector. They will learn about the issues of delegated monitoring, risk shifting and the too big to fail problem. They will understand how those basic economic problems affect financial regulation. They will also have a detailed knowledge of recent developments in financial regulation, such as capital requirements and the associated risk models.
Learning outcomes - Skills

By the end of the course the students should be able to:

  • read and understand regulatory documents.
  • analyze real-life governance issues. They should be able to understand and describe the sources of corporate governance problems in financial and nonfinancial firms, their implications on firm performance as well as on outside stakeholders, and to find realistic solutions to those problems.
  • apply their understanding of recent developments in corporate governance to specific situations, such as:
    - Setting up corporate boards of directors and communicating the duties of those directors.
    - Managing portfolios based on environmental, social and governance (ESG) criteria.
    - Working with real-life governance and ownership data to examine firm performance and find ways to improve it.
    - Setting up and managing compliance departments in financial institutions.
    - Implementing minimum capital requirements and other risk management instruments in financial institutions.
General Competence

By the end of the course, students should have the following general competence:

  • be able to understand and analyze the ethical problems involved in corporate governance. They should also be able to understand and communicate their short- and long-turn implications for the stakeholders of financial and nonfinancial firms.
  • be able to have a precise communication with the other stakeholders involved in the firm.
  • be able to communicate the key points of governance issues, governance regulations, risk management and compliance issues to people without a governance background. They should also be well equipped to follow the fast development of the governance field.
Course content
  1. Corporate governance: shareholder value vs the stakeholder view
  2. The moral hazard problem
  3. Ownership and control. Owner types: families, financial institutions, governments, “ownerless” firms.
  4. Key agency conflicts:
    1. Shareholders vs managers
    2. Majority vs minority shareholders
    3. Shareholders vs debt holders
      1. Asset substitution
      2. Underinvestment
      3. Moral hazard in financial intermediation.
      4. Applications to the financial industry
    4. Shareholders vs stakeholders
      1. Employee ownership and co-determination
      2. Corporate social responsibility
      3. Socially responsible investment
  5. Corporate governance codes
  6. The need for financial regulation
  7. Financial firms and investment banks (Finansforetak og verdipapirforetak)
  8. Regulatory risk:
    1. Organisational requirements: Mifid II
    2. Conflicts of interest
    3. Conduct of business rules
    4. Product development
    5. Anti Money Laundering – FATCA
    6. Market Abuse Regulation
    7. Sustainable finance
  9. The task of the risk controller/manager
  10. Risk models and capital requirements


Teaching and learning activities

The course will be taught through lectures, online materials (lecture notes, examples, quizzes on itslearning), class discussions, case presentations, discussion groups on itslearning focused on several selected examples, etc.

Software tools
No specified computer-based tools are required.
Additional information

Please note that while attendance is not compulsory in all courses, it is the student’s own responsibility to obtain any information provided in class.

This is a course with continuous assessment (several exam components) and one final exam code. Each exam component is graded by using points on a scale from 0-100. The components will be weighted together according to the information in the course description in order to calculate the final letter grade for the examination code (course). Students who fail to participate in one/some/all exam elements will get a lower grade or may fail the course. You will find detailed information about the point system and the cut off points with reference to the letter grades when the course start.

At re-sit all exam components must, as a main rule, be retaken during next scheduled course.


All courses in the Masters programme will assume that students have fulfilled the admission requirements for the programme. In addition, courses in second, third and/or fourth semester can have specific prerequisites and will assume that students have followed normal study progression. For double degree and exchange students, please note that equivalent courses are accepted.


Deviations in teaching and exams may occur if external conditions or unforeseen events call for this.


Exam category: 
Form of assessment: 
Written submission
Support materials: 
  • BI-approved exam calculator
  • Simple calculator
  • Bilingual dictionary
  • Digital resource: Lovdata Pro (Digital Exam Mode)
  • Book: Erling Christiansen og Bjarne Rogdaberg (eds), "Materialsamling i børs- og verdipapirrett"
  • Compilation of laws
3 Hour(s)
Exam code: 
GRA 62931
Grading scale: 
Point scale leading to ECTS letter grade
All components must, as a main rule, be retaken during next scheduled course
Exam category: 
Form of assessment: 
Group (3 - 4)
Group presentation of cases. (Based on two written submissions)
Exam code: 
GRA 62931
Grading scale: 
Point scale leading to ECTS letter grade
All components must, as a main rule, be retaken during next scheduled course
Type of Assessment: 
Continuous assessment
Total weight: 
Student workload
Prepare for teaching
12 Hour(s)
Case preparation.
Student's own work with learning resources
79 Hour(s)
Includes preparation for class.
36 Hour(s)
Including any case presentations.
Group work / Assignments
30 Hour(s)
3 Hour(s)
Sum workload: 

A course of 1 ECTS credit corresponds to a workload of 26-30 hours. Therefore a course of 6 ECTS credits corresponds to a workload of at least 160 hours.