Criminology- To what extent are prison suicides in the UK a Essay

Criminology- To what extent are prison suicides in the UK a consequence of prisons being used to accommodate too many people with mental health problems - Essay Example Insufficient mental health treatment is provided by those in charge in the prisons. Extremely harsh, terrifying, and bleak facts are also revealed by a research study lately about the ten most horrific prisons of all times in the world according to which prisoners irrespective of their histories are kept unacceptably jam-packed like animals. The UK prisons are also teeming with psychopath prisoners to some extent who have severe mental health issues like major depression, anxiety, paranoia, and suicide idealization. Overcrowding is blamed for 37% rise in prison suicide among inmates living together in prison systems which have no good management (Woodward 2008). Concerning the alarming situation that as many as 9 out of 10 prisoners in UK are subjected to deal with the rough consequences of depression, paranoia, drug or alcohol abuse, anxiety, and personality disorders, the claim that the rough prison atmosphere in UK might be the reason behind growing number of suicides reported by prison officials starts appearing to be valid and acceptable. â€Å"More than two-thirds of all men, women and children in prison have two or more mental health problems such as depression and anxiety† (PRISON REFORM TRUST 2010). The incidence of mental or personality disorders is really not that common among the normal population and this frequency of ill mental health gives rise to prison suicides which are becoming more frequent in UK now than ever before. There definitely exists a connection between overcrowding in jails and suicide attempts by prisoners. Jails in UK are under pressure from overcrowding and more often than not, they cave in to this pr essure with the result that the statistical data revealed by prison officials identifies that â€Å"the number of prisoners who killed themselves in jail rose significantly in 2007† (BBC

The Role Of Security Management Essay Example for Free

The Role Of Security Management Essay ABSTRACT Personal information security is usually considered a technical discipline with much attention being focused on topics such as encryption, hacking, break-ins, and credit card theft. Security products such as anti-virus programs and personal firewall software, are now available for end-users to install on their computers to protect against threats endemic to networked computers. The behavioral aspects related to maintaining enterprise security have received little attention from researchers and practitioners. Using Q-sort analysis, this thesis used students as end-users in a graduate business management security course to investigate issues affecting selection of personal firewall software in organizations. Based on the Q-sort analysis of end-users in relation to seven variables identified from review of the information security literature, three distinct group characteristics emerged. Similarities and differences between groups are investigated and implications of these results to IT managers, vendors of security software and researchers in information security area are discussed. ACKNOWLEDGEMENTS I would like to thank my supervisor Professor ____________ for his great supervision and guidance throughout the duration of my thesis project. I would also like to thank all colleagues for their help and support. Finally, I wish to thank my family for their continued support throughout the thesis. TABLE OF CONTENTS Page ABSTRACT†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦2 ACKNOWLEDGEMENTS†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.3 TABLE OF CONTENTS†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦..4 LIST OF ACRONYMS†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.5 CHAPTER 1 – INTRODUCTION†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦6 †¢ Statement of the Problem†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦7 †¢ Research Question†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦8 †¢ Significance of the Research†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦9 †¢ Design and Methodology†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.10 Q-Sort Analysis†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.12 †¢ Organization of the Study†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦14 CHAPTER 2- LITERATURE REVIEW†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦14 CHAPTER 3 – RESEARCH QUESTION FINDINGS†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.18 Data Analysis†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦..18 -Analysis of Results†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦26 -Limitations of the Study†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦..29 Chapter 4- SUMMARY AND CONCLUSIONS Summary†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦30 Conclusion†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.31 Recommendation†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦..33 REFERENCES†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦..34 LIST OF ACRONYMS Operational definition of these variables as it relates to the study are provided: Performance [PERF] : Refers to how well the software operates under various conditions (such as high traffic, types of data, port scans, etc.) Ease-of-use [EOU]: Refers to usability of the product (such as screen design and layout, access to features using tabs, buttons, etc.) Updates [UPDTS]: Refers to product updates at regular intervals after product has been installed and used Features [FEATR] : Refers to the number of program options and features available in software Reports [RPORT]: Refers to Intrusion Reports and log files generated by the firewall software Cost [COST]: Refers to price paid for the product (either as shrink wrapped package or as a download) Configuration [CONFIG]: Refers to setup and configuration after product has been installed Support [SUPPRT]: Refers to availability of online help and technical support either by phone or e-mail Installation [INSTLL]: Refers to initial installation of the product. Chapter 1 – INTRODUCTION Security describes a process of protection from any harm. It also describes the countermeasures put in place by that process. Harm may indicate a loss of confidentiality, integrity, and availability. Security management focuses on preventing harm resulting from both random acts of nature and intentional strategic actions (Schechter, 2004). Security is considered to be a very important issue while developing complex personal information systems (Mouratidis et al., 2002). Security is a major concern in todays digital era. The Internet offers a low cost, but insecure means of reaching people. Owing to the ubiquity of the Internet, it is difficult to control and trace intrusions or attacks by unauthorized people, hackers, etc. Electronic commerce applications need secure mechanisms for accurate user identification, accessing sensitive database, storing and transmitting sensitive information, etc. Personal identification numbers (PINs), passwords, smart cards and digital certificates are some of the means normally used for this purpose. However, these means do not really identify a person, but only knowledge of some data or belonging of some determined object (Sanchez-Reillo et al., 1999), e.g. public key infrastructure (PKI) cannot assure identity of the maker of a transaction, it can only identify the makers computer. An imposter can easily masquerade as a legitimate user and defraud the system. Information must be readily available in organizations for making decisions to support the organizational mission. Murphy, Boren, and Schlarman (2000) state that due to increased connectivity and the urgency to exchange information and data among partners, suppliers, and customers on a real time basis, the need to protect and secure computer resources is greater than ever. As a result, this has created the possibility of exposing sensitive corporate information to competitors as well as hackers who can now access organizational computer resources from remote sites. Statement of the Problem The potential loss of such information to an organization goes beyond financial losses and includes the possibility of corrupted data, denial of services to suppliers, business partners and customers, loss of customer confidence, and lost sales. Security in business processes (i.e., maintaining proper authentication, authorization, non-repudiation, and privacy) is critical to successful e-business operations. Enabling business functions over the Internet has been recognized as a major component for the success of businesses and, by mitigating risks in a cost-effective manner, security is now being viewed as a component of business operations (Deise, Nowikow, King, Wright, 2000). Decisions about information systems made by managers are vital to the success, and even survival, of a firm (Enns, Huff, Golden, 2003). Despite increased security threats, organizations have traditionally allocated very little of the total IT budget to information security. Forrester Research estimates that in Fortune 500 companies, the average amount of money as a percent of revenue that is spent on IT security is 0.0025 percent or slightly less than what they spend on coffee (Clarke, 2002). Organizations must evaluate and prioritize the optimum mix of products and services to be deployed for protecting confidentiality (maintaining privacy of information), integrity (maintaining information is not altered in transit), and availability (maintaining access to information and resources) of corporate assets. The decision to deploy certain technology is based on variables such as the organizational business model, level of risk, vulnerability, cost, and return on investment (Highland, 1993). There are several ways in which information can be protected. One method to safeguard information is by using controls. The concept of controls can be applied to financial auditing as well as technical computer security. General controls include personnel, physical and organizational controls as well as technical security services and mechanisms (Summers, 1997). Computer security controls can be hardware or software-based and may include biometric devices, anti-virus software, smart cards, firewalls, and intrusion detection systems that can be used to build the enterprise security infrastructure. Additionally, these controls may be preventive, detective, or corrective. Research Question This paper will focus on one such computer security control Personal Firewalls. Firewalls intercept traffic and make routing and redirection decisions based on policies. Some firewalls can also inspect packets and make transformation and security decisions; therefore, they are critical components in maintaining security in organizations. There are different types of firewalls, such as hardware, software, enterprise, and personal firewalls. Personal firewalls are client-based solutions that are installed on desktop/laptop computers and may be administered individually from a central location. Successful selection and adoption of firewalls (enterprise as well as personal) is based on various factors, some of which are technical while others may be behavioral. This exploratory study looks at the new genre of personal firewalls and, based on the review of the literature, attempts to answer the following research questions: 1) What are the factors that could result in successful selection of personal firewalls in organizations? 2) What are the empirical evidence to support deployment of firewall software? Significance of the Research The study hopes to shed light on behavioral aspects of information security, which may be tied to perceptions of end-users who may influence technology selection in their organization. This will provide empirical evidence to an area that has been identified as lacking in research (Dhillon Blackhouse, 2001 Troutt, 2002) and provide directions and guidance for future studies. Another significance of this study is to look at end-user perception is that it may affect how well the user does his or her part in staying vigilant to combat threats posted by hackers to organizational assets. The end-user may be a conduit to organizational data being compromised. Proper software selection as well as positive user attitude and motivation for using the software are therefore important to ensure ongoing use of personal firewall software. Kettinger and Lee (2002) address the fact that the proliferation of personal computing and individualized software, and popularity of the Internet in organizations have resulted in users playing an important role in driving IT implementation. Their study found that for users selecting their own IT applications (such as desktop software programs), there is greater user satisfaction after implementation. Grantham and Vaske (1985) also state that positive user attitudes are important predictors in continued system use. This is especially important for personal firewall use because computers are at risk at all times when connected to the Internet. In reference to software selection, Chiasson and Lovato (2001) emphasize: Understanding of how users form perceptions of software innovation would help software designers, implementers and users in their evaluation, selection, implementation and ongoing use of software. However, with the exception of some recent work, there is little research examining how a user forms his or her perceptions of innovation overtime (p. 16). The area of information security as it relates to maintaining confidentiality and integrity of data stored on personal computers can benefit from identification of factors that would make it possible to safeguard corporate assets that are at risk as a result of remote data access by employees. Software selection for deployment on company computers cuts across different user levels in terms of knowledge and level of expertise of the user. Selection of software therefore must be done to accommodate all types of users ranging from novices to experts. The latter category of users may have higher tacit knowledge of tasks to be able to compensate for the interface without realizing it (Gery, 1997). Organization of Study The purpose of this paper is to investigate self-referent perceptions of end-users, and use Q-Sort analysis to investigate factors affecting deployment of security firewall software in organizations. The paper is organized as follows: review of research on information security is presented to the reader along with extraction of variables from the literature that may determine firewall deployment in organizations; The Q-Sort Factor Analysis method used for the study is explained and the research design is provided; Along with data analysis, results of the study are then explained, which is followed by discussion and applications to practice. Due to the nature of research design used in this study, limitations are also explained. Research Design and Methodology Subjects in this exploratory research study were 31MBA students enrolled in a security and Control of Information Systems course. The students came from different backgrounds, such as finance, liberal arts, nursing, and computer science. From a business perspective, the course examined implications of information security risks faced by organizations. Although technical issues of security, such as authentication, authorization, and encryption that make electronic commerce sites successful in processing business transactions securely were also explored in the course, the primary focus in the course was from a business perspective. There was no structured lab work during class, but to gain a better understanding of security issues, students were expected to complete hands-on exercises outside class. During initial weeks, topics covered included the PWC model, TCP/IP vs. OSI models, network, e-mail, database security, digital certificates and signatures, risk assessment, and privacy issues. Also, during Week 5, students had been previously tested on the topics using short-answer type questions to determine learning competency of factual information and applications related to information security in organizations. The test score counted towards 15% of overall course grade. With coverage of the aforementioned topics, it was safe to assume that students had knowledge of current security issues facing organizations in todays economy. Because there is no consensus on the common body of knowledge acceptable for all security professionals, and since this was an exploratory study, the study was conducted in a controlled environment with ahomogenous population of students to minimize confounding by extraneous variables. Using MBA students as surrogates for professionals or executives in reference to use and evaluation of technology has also been found to be acceptable (Briggs, Balthazard, Dennis, 1996). The hands-on firewall assignment in this course covered installation, configuration, and use of one standard personal firewall software (ZoneAlarm). After students had a chance to use the software, they were asked to participate in the study. No class discussion was conducted on results of the firewall tests in case it affected students perceptions about the software, which could have influenced their response. Therefore, the data reflected individual student perception without class discussions. Students were given instructions to visit a Web site that explained the nature of the study and provided information on how the Q-sort statements should be sorted. This was important since students are more used to completing questionnaires in a survey format that use Likert scale, open-ended, or closeended questions (such as those used during end of term class evaluation of instruction), but may not be familiar with the peculiarities of the Q-sort procedure. To reduce data errors and extract usable data, instructions were presented in detail before the respondents were shown the statements for the study. Q-Sort Analysis Q-sort analysis uses a technique for studying human subjectivity (Stephenson, 1953; Brown, 1980; McKeown Thomas, 1988). It is useful in exploratory research and a well-developed theoretical literature guides and supports its users (Thomas Watson, 2002). Q-sort methodology is suited for small samples and relies on theories in the domain area being researched to develop items for analysis. A disadvantage of the Q-sort methodology is that it is not suitable for large samples, and it forces subjects to conform to certain expectations (such as fitting responses within a normal distribution). Brown (1986) suggests that 30 to 50 subjects are sufficient for studies investigating public opinion. Q-sort uses an ipsative (self-referenced) technique of sorting participants statements about subjective conditions. It is a variation of factor analysis technique that uses Q-methodology theory to analyze correlation measure (Brown, 1980). Respondents to Q-sort studies are required to sort statements into predefined normal distribution type scale in which a fixed number of items fall under each category. The rankings provide clusters of perceptions of individuals consensus and conflict, which can be used to place individuals with similar characteristics into groups for further study, hi the past, the Q-sort technique used index cards for sorting, but now Web-based data collection programs (such as WebQ) are common. Initially the statements are presented to respondents in random order, and each respondent organizes statements into predefined categories. To view entered data, the respondent also can update statement rankings to see where the statements fall under each category. One advantage of using the WebQ method is that data submission errors are reduced since the program verifies that the statements are sorted according to predefined requirements. Figure 1. WebQ questionnaire Adapted from: Brown, 1980. In this personal firewall study, the statements were to be classified by respondents as Most Important (+2), Important (+1), Neutral (O), Less Important (-1), and Least Important (-2). To provide a forced distribution that is expected in the Q-Sort methodology, respondents were given instructions to identify one statement as Most Important, two statements each as Important and Less Important, and three statements as Neutral. The instrument used is shown in Figure 1 Chapter 2-LITERATURE REVIEW In the area of information security, research has often lagged practice. Dhillon Blackhouse (2001) have stressed the need for more empirical research to develop key principles for the prevention of negative events and therefore to help in the management of security. Despite known vulnerabilities in applications and operating systems, companies continue to deploy software to stay competitive, and steps taken to secure products and services are knee-jerk reactions to media stories that are more reactive than proactive in nature. Most IT managers lack a coherent framework and concrete methodology for achieving enterprise security. A security plan that includes technology, personnel, and policies would be a much better approach to developing an enterprise security strategy. One such model is the Enterprise security Framework Price Waterhouse Coopers (PWC) model. The PWC model is comprehensive because it addresses the entire enterprise of security architecture. The model emphasizes information security strategies within the organization using a holistic rather than apiecemeal approach. The framework is based on four pillars: security vision and strategy, senior management commitment, information security management structure, and training and awareness. Within the pillars are decision drivers, development, and implementation phases. Firewalls are placed in the development phase since they are used to provide interpretation of corporate standards at the technical level. For a detailed discussion of the PWC model, the reader is referred to Murphy, Boren, and Schlarman (2000). Firewalls can be considered a last line of defense in protecting and securing information systems. Wood (1988) provided a context for information security systems planning and proposed that reactive and incremental improvement approaches to address security are harbingers of a more serious problem. Other factors identified in Woods model are the lack of top management support, information overload, insufficient staffing, and limited resources. Straub and Welke (1998) advocate using deterrence, prevention, detection, and recovery security action cycle to mitigate systems risk and use prioritized security controls. Data on computer crimes is often under-reported because companies are not willing to risk public embarrassment and bad publicity. Most companies choose to handle these incidents internally without keeping documentation or reporting to local, state or federal authorities (Saita, 2001). There is a need for unbiased empirical studies in the information security area that will provide insight into problems affecting todays technology dependent corporations and industries. With a strong need to collect and analyze computer security data, the CSI/FBI Computer Crime and security Survey is published yearly (see http:// www.gocsi.com). This study provides descriptive statistics but does not attempt to identify relationship between variables, as is expected in analytical surveys. Also, results reported in this annual survey have been identified by the publishers themselves to be potentially misleading due to the limited number of respondents and their accuracy as a result of anonymous nature of the surveys. These results have also been called into question because of lack of statistical or scholarly rigor and self-serving interest (Heiser, 2002). Despite these limitations, the CSI/FBI survey provides a useful role in comparison of yearly data for similar parameters. The area of human computer interface provides a link between the user and software applications. User satisfaction is a function of features, user interface, response time, reliability, installability, information, maintainability, and other factors.†If a products user interface catches a users attention and is simple to learn and use, and has the right price and features, then the product may gain competitive advantage (Torres, 2002, p. 15). The theory of user interface design and user involvement in completing task-based actions related to Internet and security software has been substantiated by two studies in which user interaction with peer-to-peer software (Good Kerkelberg, 2002), and PGP software (Whitten Tygar, 1999) were examined. Good and Krekelberg (peer-to-peer study) found that applications connecting to the Internet need better usability and software design to maintain integrity of information stored on a users computer. In this study, individuals assumed responsibility of keeping firewalls operational at all times. This contributed in large part to maintaining effective enterprise security. Whitten and Tygar (PGP study) found that user errors are a significant portion of computer security failures, and further concluded that user interfaces for security programs require a usability standard much different from other consumer software. (Although this study is not directly concerned with user satisfaction, but is more focused on factors that affect deployment rather than development of end-user software in a specific area, some factors may be directly tied to user satisfaction as will be shown by correlational analysis). Due to increasing mobile and off-site access by employees using cable modems, DSL connections, and wireless devices to access corporate resources, personal firewalls are a necessary component to maintain overall enterprise security in an organization. Because of the nature and availability of personal firewall software, most companies choose to acquire it rather than develop it in-house. Software acquisition that results in productivity gains and strategic advantage is of critical concern to organizations, and factors that relate to these benefits must be correctly identified and understood for software acquisition decisions (Nelson, Richmond, Seidmann, 1996). Purchase of commercial software includes identifying requirements, evaluating packages from different vendors, configuring, installing, and evaluating it either as server or client-based solution. This may further involve requirements acquisition that leads to product selection (Maiden, Ncube, Moore, 1997). As a method of selection, professionals in charge of evaluating personal firewall software could draft a feature requirements document, and evaluate vendor products by comparing available features as well as using demonstration versions of software. This would be followed by user experience with the software. As mentioned earlier, the need for user involvement in information systems has been considered an important mechanism for improving system quality and ensuring successful system implementation. It is further believed that the users satisfaction with a system leads to greater system usage (Baroudi, Olson, Ives, 1986). The requirements for software though must be as measurable as possible to enable product selection and may also use repertory grids in which stakeholders are asked for attributes applicable to a set of entities and values for cells in an entity-attribute matrix. This would produce representation of requirements in a standardized, quantifiable format amenable even to statistical analyses (Maiden, Ncube, Moore, 1997). In relation to the security area, Goodhue and Straub (1991) found company actions and individual awareness to be statistically significant in a study of perceptions of managers regarding controls installed in organizations. Chapter 3 – RESEARCH QUESTION FINDINGS Data Analysis Q-Sort analysis is a type of inverse factor analysis in which the cases (subjects) rather than statement variables (features) are clustered. As recommended by Brown (1980), a procedure that arranged statements based on responses of a single individual was used for data analysis. The responses involved statements of opinion (also called Q-sample) that individuals rank-ordered based on the feature requirements in personal firewall software. The arrayed items (Q-sort) from the respondents were correlated and factor-analyzed. The factors indicated clusters of subjects who had ranked the statement in the same fashion. Explanation of factors was then advanced in terms of commonly shared attitudes or perspectives. A review of security literature (Hazari, 2000; Northcutt, McLachlan, Novak, 2000; Scambray, McClure, Kurtz, 2001; Strassberg, Rollie, Gondek, 2002; Zwicky, Cooper, Chapman, Russell, 2000) was used to extract the following statement variables relating to requirements in persona l firewall software: performance, ease-of-use, updates, features, reports, cost, configuration, and support. Table 1. Participant ranked scores Variable Mean SD PERF 4.45 0.77 EOU 3.39 1.08 UPDTS 3.23 0.88 FEATR 3.03 0.93 RPORT 3.00 1.03 COST 2.97 1.20 CONFIG 2.55 0.85 SUPPRT 2.35 0.98 INSTLL 2.00 0.89 Prior to conducting the Q-sort analysis, ranked scores of all participants (before identifying factor groups) on each statement variable were calculated for preliminary descriptive statistics. These are shown in Table 1, where a mean score of 5 = Most Important and 0 = Least Important). Correlation between the nine feature variables shows a low level of correlation between statements. This indicates there is a high degree of independence between the statement categories as used in the analysis. This finding is important since it supports the assertion that the statements represent relatively independent factors obtained from the review of the literature. In the correlation matrix shown, Table 2 shows significant correlation (p 0.05) between cost and updates, cost and reports, ease-of-use and performance, ease-of-use and updates, and installation and support. Table 2. Correlation matrix between variables COST FEATR EOU PERF INSTLL UPDTS RPORT CONFIG SUPPRT COST 1.00 -0.21 0.27 0.18 -0.13 -0.43 -0.49 -0.08 -0.10 FEATR 1.00 -.29 0.35 -0.16 0.06 -0.17 -0.13 -0.25 EOU 1.00 0.44 0.00 -0.37 -0.27 -0.20 -0.04 PERF 1.00 -0.10 -0.11 -0.13 0.13 -0.14 INSTLL 1.00 -0.13 -0.04 0.18 -0.53 UPDTS 1.00 0.26 -0.15 0.17 RPORT 1.00 1.00 0.03 CONFIG -0.24 SUPPRT 1.00 As mentioned earlier, in Q-factor analysis, the correlation between subjects rather than variables are factored. The factors represent grouping of people with similar patterns of response during sorting (Brown, 1980; Thomas Watson, 2002). Following guidelines for Q-factor analysis, eight factors were initially identified with eigenvalues 1 (an eigenvalue is the amount of variance in the original variable associated with the factor). These factors and their percentage of variance are shown in Table 3. Table 3. Eigenvalues of unrelated factors Eigenvalues % Cumul.% 1 11.56 37.28 37.28 2 6.03 19.45 56.73 3 3.91 12.61 69.34 4 2.98 9.61 78.95 5 2.14 6.92 85.87 6 1.93 6.23 92.10 7 1.43 4.61 96.71 8 1.02 3.29 100.00 Factors selected were rotated to maximize the loading of each variable on one of the extracted factors while minimizing loading on all other factors. Factors selected for rotation are usually identified by taking those with eigenvalue greater than one (Kline, 1994). However, in this study, the more rigorous Kaiser rule of selecting factors whose eigenvalue is at or above the mean eigenvalue (in this case 3.85) was used. Factors 1,2, and 3, which represented almost 70% of total variance in data, were then subjected to principal component analysis with varimax rotation. Following rotation, a Factor Matrix indicating defining sort (i.e., respondents in agreement) identified three factor groups with similar pattern of responses. The correlation of individual respondents with factors is shown in Table 4 below. Table 4. Factor matrix of respondents (* indicates defining sort) Q-Sort 1 2 3 1 02386 -0.0398 0.8988 2 0.0227 0.1971 0.8158* 3 0.4975 -0.3790 0.5458 4 0.8575* -0.2912 0.0811 5 -0.2639 0.0196 0.7993* 6 -0.0614 0.7524* -0.2289 7 0.4014 -0.1587 0.4678* 8 0.1367 0.0728 0.9054* 9 0.5351 0.1183 0.6886* 10 0.5065 0.3263 01754 11 0.5351 0.3357 0.6886 12 0.8192* 0.7321* 0.1035 13 -0.6495* 0.3450 -0.0844 14 -0.0464 0.8598* 0.5845 15 0.6535 0.0127 0.3053 16 0.2052 0.2324 0.2452 17 -0.1340 0.4049 0.9512 18 0.7553* 0.5865 0.2987 19 0.2431 0.4049 0.6946 20 0.5983* 0.5865 -0.0334 21 0.4660 0.6533* 0.4573 22 0.5672* 0.1057 -0.3342 23 0.3501 -0.1001 0.8195 24 0.1008 0.9240* 0.0038 25 0.3329 0.0999 0.7194 26 0.2254 0.6545* 0.1329 27 0.7660* 0.1246 0.5677 28 -0.1210 -0.3611* 0.2308 29 0.3850 0.7032* 0.0144 30 0.4656 0.5605 -0.3196 31 -0.1987 0.8988* 0.2470 % explained variance 21 22 26 From Table 4 it can be observed that for Factor 1, respondents 4, 12, 13, 15, 18,20,22, and 27 were in agreement and are highly loaded on this factor. Similarly, respondents 6, 10, 14, 16, 21, 24, 26, 29, and 30 were in agreement in Factor 2, and respondents 5,7,8,9,11,17,19, and 23 were in agreement in Factor 3. The statements in which these three factor groups were ranked are shown in Table 5. Table 5. Ranked statement totals with each factor No. Statement Factor 1 Factor 2 Factor 3 1 COST 0.31 5 0.91 2 -1.45 9 2 FEATR -0.45 7 0.10 5 0.70 2 3 EOU 0.91 2 0.63 3 -0.55 6 4 PERF 1.26 1 1.72 1 1.80 1 5 INSTLL -1.92 9 -0.31 6 -0.63 7 6 UPDTS 0.52 3 -0.54 7 0.61 3 7 RPORTS 0.03 6 -1.28 8 0.55 4 8 CONFIG -1.07 8 0.12 4 -0.17 5 9 SUPPRT 0.41 4 -1.34 9 -0.87 8 Table 6 shows correlation between the factors. Similar to the findings earlier about variable independence, the factor groups also show a high degree of independence. Table 6. Correlation between factors Factor 1 2 3 1 1.0000 0.3218 0.2970 2 0.3218 1.0000 0.2298 3 0.2970 0.2298 1.0000 The normalized factor scores for each factor were examined next. This provided ameasure of relative strength of importance attached by a factor to each statement on the scale used during sorting. Tables 7(a), 7(b), and 7(c) show these scores. Table 7(a). Normalized Factor 1 score No. Statement z-score 4 PERF 1.258 3 EOU 0.910 6 UPDTS 0.542 9 SUPPRT 0.409 1 COST 0.314 7 RPORT 0.032 2 FEATR -0.454 8 CONFIG -1.071 5I INSTLL -1.922 Table 7(b). Normalized Factor 2 score No. Statement z-score 4 PERF 1.717 1 COST 0.905 3 EOU 0.626 8 CONFIG 0.116 2 FEATR 0.102 5 INSTLL -0.313 6 UPDTS -0.535 7 RPORT -1.276 9I SUPPRT -1.343 Table 7(c). Normalized Factor 3 score No. Statement z-score 4 PERF 1.805 2 FEATR 0.702 6 UPDTS 0.606 7 RPORT 0.553 8 CONFIG -0.170 3 EOU -0.547 5 INSTLL -0.632 9 SUPPRT -0.872 1I COST -1.446 From the Table 7(a) it can be seen that adherents of Factor 1 feel strongly in favor of statement 4 (Performance) and oppose statements 8 and 5. This indicates for Factor 1 group, performance is preferred over initial installation, setup and configuration of the product. The results of Factor 2 group are consistent with Factor 1; that is, performance of the product is the highest rated criterion. Ease-of-use also rated highly in Factors 1 and 2. Perceived ease-of-use in an information systems product has been shown to play a critical role in predicting and determining a users decision to use the product (Hackbarth, Grover, Yi, 2003). The largest dissension between Factor 1 and 2 groups involved statements 9 (Availability of Online Help), 7 (Intrusion Reports generated), and 6 (Regular Product Updates). The results of Factor 3 are consistent with Factors 1 and 2 with Performance criteria once again being highly rated. The most dissension between Factors 2 and 3 involved statements 1 (Cost) and 3 (Ease-of-use). The most dissension between Factors 1 and 3 involved statements 1 (Cost), 3 (Ease-of-use), and 9 (Availability of Online Help). Analysis of Results The Q-sort analysis classified subjects into three groups. Eight subjects were classified under Factor 1, and 10 subjects each were included in Factors 2 and 3. There were three subjects in the study that were not distinguished in any group. These subjects were excluded from further analysis. The classification into factors gave a better idea of group characteristics. Since Factors 1 and 2 were similar and shown to include subjects who considered Performance, ease-of-use, and Availability of Online Help as the most important characteristics, this group can be considered to be comprised of non-technical users who place more emphasis on the product performing as expected in achieving goals for security. Factor 3 subjects emphasized technical characteristics and were more interested in number of features in the product, updates to the product on a regular basis, intrusion reports generated by personal firewalls, and setup/configuration of the product after installation. This group had c haracteristics of technical users. The normalized factor scores provided a measure of relative strength of importance attached by factors to each statement on the scale used during sorting. As mentioned earlier, adherents in Factor 1 felt strongly in favor of statement 4 (Performance) and opposed statements 8 (Setup/configuration) and 5 (Installation). The results of Factor 2 are consistent with Factor 1, that is, Performance of the product is the highest rated criterion. ease-of-use also rated highly in Factors 1 and 2. The largest dissension between Factor 1 and 2 groups involved statements 9 (Availability of Online Help), 7 (Intrusion Reports generated), and 6 (Regular Product Updates). The most dissension between Factors 2 and 3 involved Statements 1 (Cost) and 3 (Ease-of-use). Results of Factor 3 were consistent with Factors 1 and 2, with Performance criteria once again being highly rated. The largest dissension between Factors 1 and 3 involved statements 1 (Cost), 3 (Ease-of-use), and 9 (Availability of Online Help). Extreme differences between all factors appeared in Cost, Intrusion Reports generated, and Availability of Online Help. There was only one statement, Performance of the product, that showed consensus among all factors; that is, it did not distinguish between any pair of factors, which indicates Performance of the desktop firewall software is an agreed upon criterion irrespective of group characteristics. The managerial implications of this study can be assessed at the level of selecting appropriate software for use on computers in organizations to maintain security. There is evidence of user satisfaction being a useful measure of system success (Mahmood et al., 2000). While the end-user may not purchase individually preferred software for installation on company owned computers, the user can influence decisions for selection by making known to IS managers the features that would contribute to regular use of security software such as personal firewalls. Given access of these machines to corporate resources, appropriate and regular use of software would contribute to maintaining enterprise security. For technical professionals (e.g., programmers) who install firewalls on their desktop, programs could emphasize the statements that are defining characteristics shown in Factor 3. For an industry that has non-technical professionals (such as Factor 1 and 2), other non-technical characteristics of the product could be emphasized thus achieving maximum effectiveness in program deployment. Increased awareness should minimize user related faults, nullify these in theory, and maximize the efficiency of security techniques and procedures from the users point of view (Siponen, 2000). The results of this study could also benefit vendors who develop software for end-users. In this study it was found that performance of the software is the most important factor that affects selection of software, irrespective of group characteristics. Due to project deadlines and market competition, software is often shipped without being fully tested as secure, and standard industry practice is to release incremental service packs that address security issues in the product. In a case of security software, this may adversely affect the reputation of a vendor once its products have been shown to have high vulnerability to being compromised. The findings of this study could provide a better understanding of importance of personal firewall security software on organizational client computers. The decision to install an information system necessitates a choice of mechanisms to determine whether it is needed, and once implemented, whether it is functioning properly (Ives, Olson, Baroud i, 1983). More research needs to be done in the area of selection of software for implementation on users computers that are owned by corporations and given to employees for off-site work. This can include regular employees vs. contractors who may connect to employer and client networks from the same computer. If the findings are to have wider applicability, qualified industry professionals and security officers responsible for maintaining secure infrastructure in corporations should be included in the analysis. The study provides management and security professionals a basis for making decisions related to enterprise security. It provides personal firewall vendors an insight into feature requirements of the personal firewall market, and provides academic researchers interested in security, a more focused approach on various dimensions of security software from the behavioral perspective. Future studies could be industry and product specific in order to assess differences in selecting general- purpose software versus security specific products. In many cases, management has looked at the need for implementing information security programs and products as a necessary encumbrance, something akin to paying taxes or insurance premiums (Highland, 1993). But organizations are increasingly becoming aware of the potential for legal exposure via lawsuits, and are deploying countermeasures (such as personal firewalls) to reduce vulnerability and mitigate risk. The chief information security officer in todays organizations should have the responsibility of managing organizational risks by using empirical models and analysis to determine strategies for protecting corporate assets. Firewalls are the last line of defense in the corporate network and therefore play a critical role in information security. With personal firewalls being a new product genre, this study was conducted since there is no research available that specifically looks at determinants for selection of security software in a corporate environment to protect organizational assets. As the information security field evolves further, decisions for security software acquisitions need to be researched further. Selection and deployment of appropriate firewalls can make a significant difference in an organizations enterprise security strategy. It is therefore also important to understand the variables (as shown in this study) that may affect decisions to select and deploy personal firewall software in a corporate environment. Limitations of the Study Due to the exploratory nature of this study, there are several limitations. The sample used in the study comprised of all students enrolled in a security course at the same university, and was further limited to the firewall topic among a wide range of technical and behavioral information security topics. Students worked with only one type of firewall software and characteristics of this particular program may have heightened their awareness of certain strengths and weaknesses in the software. Since the purpose of information security implementation in an organization is to support business objectives of the organization, information security departments are sometimes placed under the chief financial officer recognizing the direct relationship between information assets and monetary assets. Software acquisition decisions may therefore be made by the finance department with limited input from the IT department. The purpose of this study was to explore an important topic for research on information security and determine operant subjectivity in a field where empirical research is severely lacking. The Q-sort technique itself is suitable for small sample populations (Thomas Watson, 2002), but the correlations obtained in smaller samples tend to have considerable standard errors (Kline, 1994). The exploratory nature of this study was not intended to prove some general proposition but to seek a better understanding of group characteristics that directly relate to maintaining a secure network environment (in this case by deploying personal firewalls to plug possible vulnerabilities that might exist in a network through use of computers by employees either on-site or at remote locations). The perceptions of end-users will therefore guide the selection and deployment of security technologies in an organization to provide a secure corporate environment. Chapter 4- SUMMARY and CONCLUSIONS Summary In the area of information security, research has often lagged practice. Dhillon Blackhouse (2001) have stressed the need for more empirical research to develop key principles for the prevention of negative events and therefore to help in the management of security. Despite known vulnerabilities in applications and operating systems, companies continue to deploy software to stay competitive, and steps taken to secure products and services are knee-jerk reactions to media stories that are more reactive than proactive in nature. Most IT managers lack a coherent framework and concrete methodology for achieving enterprise security. A security plan that includes technology, personnel, and policies would be a much better approach to developing an enterprise security strategy. One such model is the Enterprise security Framework Price Waterhouse Coopers (PWC) model. The PWC model is comprehensive because it addresses the entire enterprise of security architecture. The model emphasizes information security strategies within the organization using a holistic rather than apiecemeal approach. The framework is based on four pillars: security vision and strategy, senior management commitment, information security management structure, and training and awareness. Within the pillars are decision drivers, development, and implementation phases. Firewalls are placed in the development phase since they are used to provide interpretation of corporate standards at the technical level. For a detailed discussion of the PWC model, the reader is referred to Murphy, Boren, and Schlarman (2000). So it is important reason to look at end-user perception as it may affect how well the user does his or her part in staying vigilant to combat threats posted by hackers to organizational assets. The end-user may be a conduit to organizational data being compromised. Proper software selection as well as positive user attitude and motivation for using the software are therefore important to ensure ongoing use of personal firewall software. Kettinger and Lee (2002) address the fact that the proliferation of personal computing and individualized software, and popularity of the Internet in organizations have resulted in users playing an important role in driving IT implementation. Their study found that for users selecting their own IT applications (such as desktop software programs), there is greater user satisfaction after implementation. Grantham and Vaske (1985) also state that positive user attitudes are important predictors in continued system use. This is especially important for personal firewall use because computers are at risk at all times when connected to the Internet. In reference to software selection, Chiasson and Lovato (2001) emphasize: Understanding of how users form perceptions of software innovation would help software designers, implementers and users in their evaluation, selection, implementation and ongoing use of software. However, with the exception of some recent work, there is little research examining how a user forms his or her perceptions of innovation overtime (p. 16). The area of information security as it relates to maintaining confidentiality and integrity of data stored on personal computers can benefit from identification of factors that would make it possible to safeguard corporate assets that are at risk as a result of remote data access by employees. Software selection for deployment on company computers cuts across different user levels in terms of knowledge and level of expertise of the user. Selection of software therefore must be done to accommodate all types of users ranging from novices to experts. The latter category of users may have higher tacit knowledge of tasks to be able to compensate for the interface without realizing it (Gery, 1997). Conclusions In this study, Q-methodology was used to define participant viewpoints and perceptions, empirically place participants in groups, provide sharper insight into participant preferred directions, identify criteria that are important to participants, explicitly outline areas of consensus and conflicts, and investigate a contemporary problem relating to desktop firewalls by quantifying subjectivity. Similar to other IT areas, security software selection and deployment in todays environment faces many challenges, such as staying current with new threats, project deadlines, implementation issues, and support costs. Quality drives customer satisfaction and adoption of software. Human factors are important in contributing to successful software deployment in organizations, especially when it relates to desktop software applications. Organizations are now viewing security and controls as business enablers and desktop firewall technology plays a critical role in safeguarding corporate assets. In a fast-paced area where the new generation of applications and services are growing more complex each day, it is critical to understand characteristics that affect selection of end-user security products in enterprises. This study addresses a small but important area of safeguarding enterprise information security by using personal firewalls. As has been previously noted, limited research exists beyond the current study that explores behavioral aspects of information security. This study holds importance for professionals tasked with evaluating and selecting security products for company wide deployment. As the area of information security gains increased importance due to the strategic role of technology in organizations, and current events impact areas such as disaster recovery and enterprise continuity planning, a study of end-users to determine their perceptions about selection of technology controls in organizations is critical for protecting organizational assets. More research needs to be done in the area of perception of users towards other security software (such as anti-virus, intrusion detection, virtual private network software, and encryption products), and, due to varying security needs in different industries, studies could also be industry and product specific. While the findings should be considered preliminary, the results raise interesting observations about issues uncovered regarding security perceptions of feature requirements in personal firewalls. Information security is a dynamic area and, in this environment, this exploratory study contributes to evolving research by identifying variables from theoretical literature and using an empirical technique to study issues that affect safeguarding vital assets of an organization from internal and external threats. Recommendation It is recommended that in order to provide better evidence of factors that affect deployment of technology tools that create awareness of security issues and produce better informed employees, research into behavioral factors also needs to be conducted to gain insight into programs and processes that will lead to the development of a robust enterprise security strategy. Information security awareness research has been mostly descriptive and has not explored the possibilities offered by motivation/behavioral theories, or the related theory of planned behavior and the technology acceptance model, specifically in the information security domain (Mathieson, 1991 ; Siponen, 2000; Legris, Ingham, Collerette, 2003). Since security has been deployed at the perimeter of electronic network and on servers by system administrators, the area of information security has ignored users of information systems since software developers are far removed from how the user will interact with security software. Human compliance with information security rules require an understanding of how people work and think (Highland, 1993). Lane (1985) considers the human factor to be the first and most important component of security and a critical part of the risk analysis process. This is especially true in personal firewall software since the burden of maintaining a secure environment is being shared by the user and the system administrator. REFERENCES Baroudi, J., Oison, M., Ives, B. (1986). An empirical study of the impact of user involvement on system usage and information satisfaction. Communications of the ACM, 29(3), 785-793. Briggs, R.O., Balthazard, P.A., Dennis, A.R. (1996). Graduate business students as surrogates for executives in the evaluation of technology. Journal of End-user Computing, 8(4), 11-17. Brown, S.R. (1980). Political subjectivity: Applications of Q methodology in political science. New Haven, Connecticut: Yale University Press. Brown, S.R. (1986). Q-technique and method: Principles and procedures. In W.D. Berry M.S. Lewis-Beck (eds.), New Tools for Social Scientists: Advances and Applications in Research Methods. Beverly Hills, CA: Sage Publications. Chiasson, M., Lovato, C. (2001). Factors influencing the formation of a users perceptions and use of a DSS software innovation. ACM SIGMS Database, 32(3), 16-35. Clarke, R. (2002, February). Forum on technology and innovation: Sponsored by Sen. BillFrist (R-TN), Sen. Jay Rockefeller (D-WV), and the Council on Competitiveness. Retrieved October 28,2003, from hap:/ /www. techlawjournal, com/security/ 20020214.asp Deise, M., Nowikow, C., King, P., Wright, A. (2000). Executive s guide to e-business: From tactics to strategy. New York: John Wiley Sons. Dhillon, G., Blackhouse, J. (2001). Current directions in IS security research: Toward socio-organizational perspectives. Information Systems Journal, 11(2), 127-153. Enns, H., Huff, S., Golden, B. (2003). CIO influence behaviors: The impact of technical background. Information and Management, 40(5), 467-485. Gery, G. (1997). Granting three wishes through performance-centered design. Communications of the ACM, 40(7), 54-59. Good, N., Krekelberg, A. (2002). Usability and privacy: A study of Kazaa P2P file-sharing. Retrieved November 12, 2003, from http:// www. hpl. hp. com/shl/papers/kazaa/ Goodhue, D.L., Straub, D.W. (1991). security concerns of system users: A study of perceptions of the adequacy of security measures. Information Management, 20(1), 13-27. Grantham, C., Vaske, J. (1985). Predicting the usage of an advanced communication technology. Behavior and Information Technology, 4(4), 327-335 Hackbarth, G., Grover, V, Yi, M. (2003). Computer playfulness and anxiety: Positive and negative mediators of the system experience effect on perceived ease-of-use. Information and Management, 40(3), 221-232. Hazari, S. (2000). Firewalls for beginners. Retrieved December 17,2003, from http://online.securityfocus.com/ infoc Heiser, J. (2002, April). Go figure: Can you trust infosecurity surveys? Information security, 27-28.us/1182. Highland, HJ. (1993). A view of information security tomorrow. In E.G. Dougall (ed.), Computer security. Holland: Elsevier. Ives, B., Olson, M., Baroudi, J. (1983). The measurement of user information satisfaction. Communications of the ACM, 25(10), 785-793. Kettinger, W., Lee, C. (2002). Understanding the IS-User divide in IT innovation. Communications of the ACM, 45(2), 79-84. Kline, P. (1994). An easy guide to factor analysis. London: Rutledge Lane, YP. (1985). security of computer based information systems. London: Macmillan. Legris, P., Ingham, J., Collerette, P. (2003). Why do people use information technology? A critical review of the technology acceptance model. Information and Management, 40(3), 191-204. Mahmood, M.A., Burn, J.M., Gemoets, L.A., Jacquez, C. (2000). Variables affecting information technology enduser satisfaction: Ameta-analysis of the empirical literature. IntemationalJournal of Human-Computer Studies, 52, 751-771. Maiden, N., Ncube, C., Moore, A. (1997). Lessons learned during requirements acquisition for COTS systerns. Communications of the ACM, 40(12), 21-25. Mathieson, K. (1991). Predicting user intentions: Comparing the technology acceptance model with the theory of planned behavior. Information Systems Research, 3(2), 173-191. Murphy, B., Boren, R., Schlarman, S. (2000). Enterprise security architecture. CRC Press. Retrieved November 2, 2003, from http://www.pwcglobal.com Nelson P., Richmond W. , Seidmann A., (1996). Two dimensions of software acquisition. Communications of the ACM, 39(1), 29-35. Northcutt, S., McLachlan, D., Novak, J. (2000). Network intrusion detection: An analysts handbook (2nd ed.). IN: New Riders Publishing. Saita, A. (2001, June). Understanding peopleware. Information security, 72-80. Siponen, M.T. (2000). A conceptual foundation for organizational information security awareness. Information Management security, 5(1), 31-41. Strassberg, K., Rollie, G., Gondek, R. (2002). Firewalls: The complete reference. NY: Osborne McGraw-Hill. Straub, D.W., Welke, RJ. (1988). Coping with systems risk: security planning models for management decision making. MS Quarterly, 22(4), 441-469. Zwicky, E., Cooper, S., Chapman, D., Russell, D. (2000). Building Internet firewalls (2nd ed.). CA: OReilly.

Lazy Lady :: Free Essay Writer

Lazy Lady It seems that the lazier people are, the more I can't stand them. One thing is for sure; I can't stand my mom. "Maxme or MOM" is how I would address her, or should I say have to address her. I would have preferred boss or master. Yes sir, she's the queen of them all. She could probably write a book titled What it Takes to be Lazy. In her case, I guess you could consider it a lifestyle but try not to compare her to Martha Stewart or anyone like that. My mom is lazy from the hairs on her head to the toes on her feet. Let me give you a little insight into this lazy, lazy, lazy lady. An average weekday morning for her consists of normally getting up to go to work. It's true that not very many people in today's society aren't morning people, but supposedly she's to be at work by 8:00am, but doesn't get out of bed till 7:30am. It seems to be a routine for her not to go to bed till about one o'clock that night, doing nothing out of the ordinary except for moping around the television surrounded with junk food. I believe this is what accounts for her not waking up on time. I wait and wait for what seems like hours as the time rolls by until she's all ready to go. Every day she makes up the same excuse that she's too scared to drive. She's had a license for about twelve years, as for me only one, yet she still requires me to drive her to work. When you compare our experience behind the wheel, it should be me shaking in my pants. Due to her laziness, I wind up being late to work or school each day. Upon arriving at work, Mom takes her sweet time getting to her desk, about as fast as a slug could cross a sidewalk. There's not much she does at work, or if you could even call it work, considering she is so damn lazy. She sure loves to call up relatives everyday. She chats with them for hours, very aware she is at work. She practically talks longer on the phone at work than at home. Amazingly, none of her fellow co-workers seem to care.

Comparing the College Cafeteria to Dinning below the Poverty Line :: Compare Contrast Comparison

Comparing the College Cafeteria to Dinning below the Poverty Line At the beginning of every school year I have to decide whether to get the $6000 carte blanche meal plan or the next smallest $5900 meal plan because I am required to have one of these two options as an on campus student. It's not a tough decision to go with the carte blanche because it is only $100 more for many more meals. The worst part is writing the check and imaging the money being moved from my account. But for the people of Jubilee Partners, a Christian intentional community in rural Georgia, meals have a much different focus. The people of Jubilee Partners intentionally live below the poverty line so that they will not have to pay federal taxes, a portion of which goes into the defense fund. This is just one of the many ways that they choose to live differently from the rest of the world. The thirty residents take turns to make the food that is eaten at their communal meals. During my stay I helped three Central American girls prepare an evening meal. As it was an evening meal, we were allowed to make something new rather than just use leftovers. Lunch always consisted of the preceding nights leftovers, fresh salad from the garden, bread, cheese, and peanut butter. If there were no leftovers, as there often were not, we only ate salad, bread, cheese, and peanut butter. As I looked around the small, simple kitchen, I wondered where were the large stainless steal pots and shiny stove that I was familiar with. The girls instructed me in broken English that I should make bread. With flour-covered arms I mixed and kneaded the dough in an old plastic bowl and smiled as I listened to the excited laughter and rapid Spanish that I could not understand. As Gabby showed me how to roll and form the loaves, I watched as the others make lasagna with synthetic meat from a government surplus. Meat was rare at Jubilee as it was expensive and much of the food they ate came from a food bank. Meat night, which was held once a week, was a special occasion anticipated by many. Standing in line in the Goshen College cafeteria, I examine the array of food spread before me trying to decide what I want. I had glanced at the menu board as my id was scanned but still am not sure what I am hungry for.

Cooperative Banks

WP/07/2 Cooperative Banks and Financial Stability Heiko Hesse and Martin Cihak  © 2007 International Monetary Fund WP/07/2 IMF Working Paper Monetary and Capital Markets Department Cooperative Banks and Financial Stability Prepared by Heiko Hesse and Martin Cihak1 Authorized for distribution by Mark W. Swinburne January 2007 Abstract This Working Paper should not be reported as representing the views of the IMF. The views expressed in this Working Paper are those of the author(s) and do not necessarily represent those of the IMF or IMF policy.Working Papers describe research in progress by the author(s) and are published to elicit comments and to further debate. Cooperative banks are an important, and growing, part of many financial systems. This paper empirically analyzes the role of cooperative banks in financial stability. Contrary to some suggestions in the literature, we find that cooperative banks are more stable than commercial banks. This finding is due to the lower volatil ity of the cooperative banks’ returns, which more than offsets their lower profitability and capitalization.This is most likely due to cooperative banks’ ability to use customer surplus as a cushion in weaker periods. We also find that in systems with a high presence of cooperative banks, weak commercial banks are less stable than they would be otherwise. The overall impact of a higher cooperative presence on bank stability is positive on average but insignificant in some specifications. JEL Classification Numbers: G21, P13 Keywords: financial sector stability, cooperative banks, commercial banks, savings banks Author’s E-Mail Address: [email  protected] org; [email  protected] rg 1 We are indebted to Klaus Schaeck for useful discussions during the early stages of the project. We also thank the following for their comments: Edward Al-Hussainy, Thorsten Beck, Ralf Elsas, Wim Fonteyne, Francois Haas, Patrick Honohan, Plamen Iossifov, Alain Ize, Barry Johnston, Luc Laeven, Eduardo Ley, Andrea Maechler, Paul Mills, John Muellbauer, Miguel Segoviano, Mark Swinburne, Alexander Tieman, and participants in an IMF seminar and a conference entitled â€Å"Public versus Private Ownership of Financial Institutions† in Frankfurt in November 2006. Contents Page I. Motivation and Literature Overview †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 3 II. Data and Methodology †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 6 A. Data †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ 6 B. Measuring Bank Stability†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ C. Methodology †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 8 III. Results†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 11 A. Decomposition of Z-Scores and Correlation Analysis †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 11 B. Regression Analysis †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ 14 IV.Conclusions and Topics for Further Research†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 18 References†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 35 Tables 1. Summary Statistics of Bank-Specific Variables in the Sample, 1994–2004 †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚ ¬ ¦ 20 2. Decomposition of Z-Scores for the Full Sample, 1994–2004 †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 21 3. Decomposition of Z-Scores for Selected Countries, 1994–2004†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ 2 4. Sensitivity of the Z-score Decomposition†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 23 5. Fitch: Long-Term Ratings: Distribution of the Banks in Sample†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 24 6. Correlation Coefficients between the Z-Score and Selected Key Variables, 1994–2004†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 25 7. Regression Results (Full Sample)†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 6 8. OECD Regressions with Governance Variable †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 27 9. Regression Results (Large Banks) †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 28 10. Regression Results (Small Banks) †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 29 11. Robust Regressions†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â ‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ 30 12.Quantile Regressions (Full Sample) †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. 31 Figure 1. Cooperative Banks: Retail Market Shares in Selected Countries†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. 3 Appendix I. Data Issues†¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦ 32 3 I. MOTIVATION AND LITERATURE OVERVIEW Cooperative (mutual ) banks are an important part of many financial systems. 2 In a number of countries, they are among the largest financial institutions when considered as a group.Moreover, the share of cooperative banks has been increasing in recent years; in the sample of banks in advanced economies and emerging markets analyzed in this paper, the market share of cooperative banks in terms of total banking sector assets increased from about 9 percent in the mid-1990s to about 14 percent in 2004. Cooperative banks are particularly numerous and large in Europe. The five largest cooperative banks in the European Union (EU) rank among the EU’s top 25 banking groups in terms of consolidated equity.Reflecting the cooperative banks’ focus on retail banking, their market share in retail business is even more substantial: for example, five EU member countries have more than a 40 percent market share of cooperative banks in terms of branch networks (Figure 1). In non-European advanced economies and emerging markets, the share of cooperative banks is generally lower, but there are several countries where they play a non-negligible role. 3 Figure 1. Cooperative Banks: Retail Market Shares in Selected Countries 70 Percent of all branches 60 50 40 30 20 10 Netherlands Finland Germany Portugal 0 Austria France Spain Greece ItalySource: OECD’s Bank Profitability Report; and authors’ calculations. We use the term â€Å"cooperative bank† to include also credit unions. The main distinctive feature of credit unions is that their customers are identical with members. In other cooperative banks, not all customers are members. For more background on institutional history and structure of cooperative (mutual) banking, see Fonteyne (forthcoming) and Cuevas and Fischer (2006). 3 2 4 The importance of cooperative banks—and in particular the implications of their specific nature for financial stability—has not yet received appropriate attention in the emp irical literature.The literature devotes disproportionately little attention to cooperative banks in comparison with commercial banks, smaller than would correspond, for example, to their market share. For example, only about 0. 1 percent of all banking-related entries in EconLit, a major database of economic research, relates to cooperative banking. 4 This contrasts with the share of cooperative banks, which account on average for about 10 percent of banking system assets in advanced economies and emerging markets, reaching as much as 30 percent in some countries in terms of assets (and even more in terms of branches—see Figure 1).Most of the EconLit entries devoted to cooperative banks deal with specific country cases or with issues relating to efficiency rather than those relating to financial stability. For example, Brunner and others (2004) analyze revenue and cost efficiency of cooperative banks in France, Germany, Italy, and Spain, finding that cooperative banks are no t less effective at managing revenues and costs than commercial banks. The regulatory framework, including the recent amendments, is also generally designed with commercial banks in mind.For example, the third pillar of the New Basel Capital Accord (Basel II)—which relies on extensive disclosure to ensure that banks are subject to market discipline—has significantly reduced effectiveness in the case of cooperative banks (Fonteyne, 2007). Cooperatives’ disclosure practices and requirements are substantially below those of commercial banks, especially listed ones. Even if disclosure were adequate, there are rarely markets that could exert effective disciplining pressure.Shareholder pressure cannot be relied upon and cooperatives do not rely much on interbank markets or debt issuance as sources of funds. Finally, loyal and insured retail depositors are not likely to exert an effective market disciplining effect either at an early enough stage. Macroprudential work on financial systems, such as the IMF’s Financial System Stability Assessment reports (FSSAs), Article IV staff reports, and the Global Financial Stability Report, as well as reports on financial stability published by central banks (for a survey, see Cihak, 2006) pay relatively little attention to cooperative banks.Fonteyne (forthcoming) cites the FSSAs for France and Germany as two reports that devoted some attention to cooperative banks; however, the references to cooperative banks in those reports focused on mutual support and deposit insurance mechanisms, efficiency, and financial sector consolidation issues, rather than on financial stability implications.Several authors have noted in passing the potential of cooperative banks to increase the fragility of financial systems. For example, commenting on a finding by Barth, Caprio, and A search of the EconLit database was carried out on June 15, 2006, looking for all entries that had â€Å"banks† or â€Å"bankingâ⠂¬  among keywords or in the abstract. A search was then run for those that referred to â€Å"cooperative banks,† â€Å"cooperative banking,† or â€Å"mutual financial institution(s). † 4 5Levine (1999) that a higher degree of government ownership of banks tends to be associated with higher fragility of financial systems, Goodhart (2004) interprets this result as perhaps indicating that the presence of any non-profit-maximizing banking entities may make financial systems more fragile. Goodhart does not elaborate on the underlying mechanism of this relationship between the presence of non-profit-maximizing entities and financial stability, but possible mechanisms are not difficult to envision in the case of cooperative banks.Cooperative banks’ stated objective is not to maximize profits, but rather their members’ consumer surplus; this is in some cases complemented by additional objectives that seek to contribute to the well-being of stakeholders o ther than member-consumers, such as employees. 5 If a cooperative bank’s pursuit of objectives other than profit maximization results in very low profitability, its balance sheet risks grow faster than its capital, leading to deteriorating solvency.If cooperative banks accept lower profitability as the price to pay for delivering financial services at below-market prices to retail clients, they may pull down the profitability of the banking system, with negative repercussions for other banks’ soundness. The literature’s verdict on cooperative banks’ role in financial stability is less than clear. Several papers suggest that cooperative banks may have more difficulties adjusting to adverse circumstances and changing risks.For example, Brunner and others (2004) note that the Swedish cooperative banking sector did not survive the crisis of the early 1990s in a cooperative form, as it faced high marginal costs of capital—the need to restore capital was a major factor in the decision to demutualize. Fonteyne (forthcoming) suggests that cooperative banks may be more vulnerable to shocks in credit quality and interest rates, because they are more focused on traditional financial intermediation than other institutions, and therefore have higher exposures to credit and interest rate risk.At the same time, several studies suggest that cooperative banks have generally lower incentives to take on risks. For example, Hansmann (1996) and Chaddad and Cook (2004) find that mutual financial institutions in the United States tend to adopt less risky strategies than demutualized ones. Whether cooperative banks have a positive or negative impact on financial stability therefore remains an empirical question. We address this question by analyzing individual bank data for major advanced economies and emerging markets. We examine two related issues:In addition, some authors have suggested that due to relatively less oversight by members, as opposed to owners in a commercial bank, managers in cooperative banks may be more likely to pursue their own goals (e. g. , â€Å"empire building†) rather than members’ interests, potentially hurting their stability. Fonteyne (forthcoming) discusses cooperative banks’ objective functions in more details and summarizes the relevant literature. 5 6 †¢ Cooperative banks’ soundness and resilience to stress. We test the hypothesis that cooperative banks are relatively weaker in responding to stress because of the features of their business model.Cooperative banks’ impact on other banks. We test the hypothesis that the presence of cooperative banks reduces the stability of other banks. As explained, this may be, for example, because the cooperative banks use their lower average cost of capital to pursue aggressive expansion plans that may weaken other financial institutions. †¢ The remainder of the paper is structured as follows. Section II introduces the data and variables used in the paper (characterized in more detail in Appendix I), and presents the estimation methodology. Section III presents the empirical results.Section IV sums up the conclusions, and suggests topics for further research. II. DATA AND METHODOLOGY A. Data Our calculations are based on individual bank data drawn from the BankScope database, provided by Bureau van Dijk. We use data on all commercial, cooperative, and savings banks in the database from 29 major advanced economies and emerging markets that are members of the Organization for Economic Cooperation and Development (OECD). 6 In total, we have data on 16,577 banks from 1994 to 2004, comprising 11,090 commercial banks, 3,072 cooperative banks, and 2,415 savings banks.Several general issues relating to the BankScope data need to be mentioned. First, the database, while being the most comprehensive commercially available database of banking sector data, is not exhaustive. Coverage varies from country to country; for most countries in our sample, the BankScope data cover 80 to 90 percent of the total banking system assets, and the coverage of cooperative banks is lower than for commercial banks (in particular, only a small number of cooperative banks is included in the United States). However, the coverage of our paper is still higher than in most banking studies (and in particular studies that focus on banks with particular features, such as large banks or banks that are listed on stock market), and even for cooperative banks our sample captures a majority in terms of total assets. We therefore believe the sample is comprehensive enough to make reliable inferences. 6 7 See Appendix I for a list of the OECD member countries.Also, our sample does not cover some specialized types of banking institutions, such as development banks or specialized investment companies (even though our analysis covers, for example, investment banking activities carried out by commercial banks on their balance sheet). 7 Second, BankScope gives the specialization (status) of a bank in the sample (commercial, cooperative, and savings) in the current year. Therefore, it is for instance likely that the commercial bank subset contains some banks that have been cooperative or savings banks in earlier periods.Where information was available, we adjusted the status of a bank accordingly. For example, France was subject to a banking reform in June 1999 in which all savings banks were converted into cooperative banks. The Alliance & Leicester (United Kingdom) as well as First National (Ireland) Building Societies were demutualized and were stock market listed in 1997 and 1998, respectively. Given the large number of banks in the sample, it was not possible to individually check potential changes in specialization over time. However, we do not think that this limitation of the BankScope dataset biases the results.Third, our analysis is based on unconsolidated bank statements. Ideally, we wou ld have opted for consolidated statements whereby the parent company integrates the statements of its subsidiaries. However, given that about 90 percent of BankScope observations for the selected countries and periods are based on unconsolidated data, we focus on results based on unconsolidated data. Nonetheless, we have also performed the same calculations with consolidated data, and obtained very similar results (available upon request). In addition to the bank-by-bank data, we also use a number of macroeconomic and other system-wide indicators.Those are described in more detail in Appendix I. B. Measuring Bank Stability Our primary dependent variable is the z-score as a measure of individual bank risk. The zscore has become a popular measure of bank soundness (see Boyd and Runkle, 1993; Maechler, Mitra, and Worrell, 2005; Beck and Laeven, 2006; Laeven and Levine, 2006; and Mercieca, Schaeck, and Wolfe, forthcoming). Its popularity stems from the fact that it is directly related t o the probability of a bank’s insolvency, i. e. , the probability that the value of its assets becomes lower than the value of the debt.The z-score can be summarized as z? (k+ µ)/? , where k is equity capital as percent of assets,  µ is average after-tax return as percent on assets, and ? is standard deviation of the after-tax return on assets, as a proxy for return volatility. The z-score measures the number of standard deviations a return realization has to fall in order to deplete equity, under the assumption of normality of banks’ returns. A higher z-score corresponds to a lower upper bound of insolvency risk—a higher z-score therefore implies a lower probability of insolvency risk. For banks listed in liquid equity markets, a popular version of the z-score is distance-to-default, which uses stock price data to estimate the volatility in the economic capital of the bank (Denmark National Bank, 2004). 8 (continued†¦) 8 One issue relating to the use o f z-scores for analyzing cooperative banks is whether the zscores are a fair measure of soundness across different groups of institutions, in particular given that cooperative banks are much less focused on returns and profitability than commercial banks.We think that the z-score is an objective measure, as all banks (cooperative, commercial, and savings), face the same risk of insolvency in case they run out of capital. This is exactly the risk captured by the z-score, which has the same methodology for any type of bank. If an institution â€Å"chooses† to have lower risk-adjusted returns, it can still have the same or higher z-score if it has a higher capitalization. C.Methodology We start by two preliminary steps: a decomposition of observed differences in z-scores into the underlying factors (capitalization, returns, and volatility of returns), and a calculation of correlation coefficients between z-scores and other variables of interest. The main part of our approach is to test the two hypotheses outlined in the introduction (Section I) using regressions of z-scores on a number of explanatory variables. We estimate a general class of panel models of the form z i , j ,t = ? + ? Bi , j ,t ? 1 + ? I j ,t ? 1 + ? ? s Ts + ? ? s Ts I j ,t ? 1 + ? ? s Ts Bi , j ,t ? 1 + ?M j ,t ? 1 + ? ? j C j + ? ? t Dt + ? i , j ,t where the dependent variable is the z-score z i , j ,t for bank i in country j and at time t; Bi , j ,t ? 1 is a vector of bank-specific variables; I jt ? 1 are time-varying banking industry-specific variables in country j; Ts , Ts I j ,t ? 1 and Ts Bi , j ,t ? 1 are the type of banks and the interaction between the type and some of the industry-specific variables as well as bank-specific variables, respectively; M j ,t , C j , and Dt are vectors of macroeconomic variables, country, and yearly dummy variables, respectively; and ? i , j ,t is the residual.To distinguish the impact of bank type on the z-score, we include two dummy variables. T he first dummy variable takes the value of 1 if the bank in question is a commercial bank, and 0 otherwise; the second one takes the value of 1 for savings banks, and 0 otherwise. If cooperative banks are relatively weaker than commercial (or savings) banks, the first (second) dummy variable would have a positive sign in the regression explaining z-scores. For most cooperative banks, however, market price data are not available. This paper therefore relies on the specification of the z-score that relies only on accounting data. At the systemic (country) level, we want to examine cooperative banks’ impact on other banks and the hypothesis that the presence of cooperative banks lowers systemic stability. For this reason, we have calculated the market share of cooperative banks by assets for each year and country and interacted it with the commercial bank dummy. For example, a negative sign of the sum of the coefficients of the cooperative banks’ market share and its inte raction with the commercial bank dummy would indicate a decrease in commercial banks’ stability (in their z-scores).In addition to these key variables of interest, the regression includes a number of other control variables, both on individual bank level and on country level. Appendix I provides a description of the variables. To control for bank-level differences in bank size, asset composition, and cost efficiency, we include the bank’s asset size in billions of U. S. dollars, loans over assets, and the cost-income ratio. Also, to control for differences in structure of banks’ income, we calculate a measure of income diversity that follows Laeven and Levine (forthcoming). The variable measures the degree to which banks diversify from traditional lending activities (those generating net interest income) to other activities. To further capture differences of cooperative banks in their business orientation, we interact the income diversity variable with the coope rative bank dummy. Controlling for these variables is important because there are differences in these variables between cooperative banks and the other groups. For example, commercial banks are on average larger than cooperative banks throughout the sample period.Similarly, the asset size of cooperatives is less volatile than for commercial banks but significantly more volatile than for savings banks. We want to adjust for the differences in these variables to ensure that we capture the â€Å"pure† impact of the bank’s legal form (commercial, cooperative, or savings) on stability. 10 Table 1 shows the summary statistics of the bank-specific variables by type of bank. On the country level, we also adjust for the impact of the macroeconomic cycle by including a number of macroeconomic variables (GDP growth rate, inflation, the real long-term interest rate, and exchange rate appreciation).To account for cross-country variation in z-scores caused by differences in market concentration, we include the Herfindahl index, defined as the sum of squared market shares (in terms of total assets) of all banks in the country. 11 9 The income diversity measure is defined as 1 ? (Net interest income ? Other operating income ) . Higher values of Total operating income the variable correspond to a higher degree of diversification. 10For completeness, we have also tested whether the impact of bank-specific variables such as asset size is different for the different types of banks (by multiplying the asset size with the relevant dummy variables), but this has not led to any significantly robust results. We do not have a strong prior on the impact of the Herfindahl index, because the existing literature contains two contrasting views on the relationship between concentration and stability. For example, Allen and Gale (2004) put forth theoretical arguments why more concentrated markets are likely to be more stable, and Beck, 11 (continued†¦) 0 In separate regres sions, we account for the quality of corporate governance in a country, using a popular indicator by Kaufmann, Kraay, and Mastruzzi (2005). The authors provide six governance measures (voice and accountability, political stability, government effectiveness, regulatory quality, rule of law, and control of corruption). We average the six measures across the available years (2004, 2002, 2000, 1998, and 1996) into one single index per country. The governance indicator should capture cross-country differences in institutional developments that might have an effect on banking risk.All bank-specific and macroeconomic variables, the Herfindahl index, and the cooperatives’ market share and its interaction with the commercial bank dummy are lagged to capture possible past effects of these variables on the banks’ risk. We also test for the robustness of the lagged effects by restricting the explanatory variables to contemporaneous effects. Across the whole sample, most observatio ns of the z-score are found in the 20–80 range; however, there are some extreme observations, resulting in the sample range being from -81 to 14,811 with an average of 57.This leads to the question whether to eliminate observations at the extreme end of the z-score distribution. On one hand, we are interested in situations of instability, and therefore would like to include extreme observations; on the other hand, some of the extreme observations may be due to very specific, one-off events, or sometimes data errors. To assess the robustness of our results with respect to the outliers, we have done all the calculations both for the full sample and for a sample that excludes the most extreme outliers.To keep the presentation succinct, this paper presents results for a sample that eliminates the 1st and 99th percentile from the distribution of the z-score. The results for the full sample including those extreme outliers are available from the authors; the main conclusions are th e same for both approaches. To further assess the robustness of the results with respect to the selected sample, we estimate the same regression for different country samples, and different bank size samples. We start with the widest sample that includes all OECD countries (except Slovakia, for which the BankScope contains no data on cooperative banks).We then estimate the same regression for the Euro area (EU12),12 and for countries where the cooperatives’ market share Demirguc-Kunt, and Levine (2005) provide empirical results consistent with the view that more concentration is associated with more financial stability. Contrary to these findings, for example, Boyd and de Nicolo (forthcoming) and Mishkin (1999) suggest that too concentrated systems can be characterized by increased risktaking behavior by banks. 12 We have also carried out all the estimates for EU15 countries (EU12, Denmark, Sweden, and the United Kingdom).The results have not been substantially different from those for EU12 and are therefore not reported here. Nonetheless, they are available from authors upon request. 11 exceeds 5 percent in our sample (Coop5). 13 As regards the robustness with respect to bank size, we estimate the regressions separately for large and small banks. We also test the robustness of our results with respect to the estimation methods. We start by pooled ordinary least squares (OLS) and fixed effects estimates, followed by a robust estimation technique, and a quantile regression.The robust estimation technique assigns, through an iterative process, lower weights to observations with large residuals, thereby making the estimation less sensitive to outliers. The quantile regression allows to address the question whether the factors that cause high fragility are systematically different from the factors that cause medium or low fragility. We would like to stress that our analysis is based on individual banks’ z-scores. The impacts calculated from the estim ated regressions are average impacts per bank.This approach provides a baseline assessment of stability and is frequent in the literature. However, to arrive at a more complete assessment of systemic stability, one needs to look also at correlation of losses across defaults and losses given default—a topic for further research. III. RESULTS A. Decomposition of Z-Scores and Correlation Analysis A preliminary analysis shows that the cooperative banks’ z-scores are on average significantly higher than for commercial banks (and slightly, but insignificantly, higher than for savings banks), suggesting that cooperative banks are more stable than commercial banks.Interestingly, this is not because of capitalization or profitability—those two are on average weaker for cooperative banks than for commercial banks. The result is driven by the fact that the cooperative banks’ standard deviation of returns is much lower, resulting in the high zscore (Tables 2 and 3). Why do we find the low volatility of returns over time in cooperative banks? A plausible explanation is that the cooperative banks use the customer surplus as a first line of defense in weaker times.Cooperative banks pass on an important part of their returns to customers in the form of surplus. Indeed, their stated objective is not maximization of profits, but rather maximization of the consumer surplus. This leaves the cooperative banks with relatively low average return ratios in normal years. However, in weaker years, they are able to extract some of the consumer surplus, thereby mitigating the negative impact of stress on returns. 13 The Coop 5 countries are Austria, France, Germany, Italy, Japan, Netherlands and the United Kingdom. 12We are therefore observing a lower variability of returns in cooperative banks than in commercial banks (and about the same as in savings banks). 14 In other words, our calculations suggest that the consumer surplus can be viewed as the first line of defense for cooperative banks, in a similar way as profits are the first line of defense for commercial banks. However, there are some important differences. First, consumer surplus is a very complex concept to measure. We are not able to observe consumers’ surplus on a consistent basis; even though we can make inferences about it from the pattern of returns.Second, while undistributed profits can be relatively easily used to replenish capital, extracting consumer surplus is one more step removed from capital and requires time. To address the idea that cooperative banks are less able to raise capital in situations of stress, we have also examined volatility in cooperative banks’ capitalization compared with commercial banks’ capitalization (even though volatility in capitalization is not a part of the z-score calculation). The results only onfirm our findings about z-scores, because cooperative banks also have a significantly lower volatility of capitalizati on. The finding that cooperative banks have higher z-scores is novel, but not inconsistent with the existing literature. The empirical papers on the subject note that cooperative banks have lower reported returns, but they find no compelling evidence that the lower returns would be due to a less effective management of revenues and costs than in commercial banks (e. g. , Brunner and others, 2004; and Altunbas, Evans, and Molyneux, 2001). 5 If the lower returns were due to inefficiencies in cooperative banks’ operation, then it would be difficult to argue that there are cushions that can be used in weak times. However, the finding that cooperative banks have lower returns with the same efficiency suggest that there are cushions that can be used in situation of stress, an idea that is consistent with our finding. 16 We also find no evidence for our sample that cooperative banks are less efficient than commercial banks in terms of the cost-income ratio (Table 1).To assess the ro bustness of our findings, we have also tried some alternatives to the standard definition of the z-score (Table 4). The underlying idea behind these alternative approaches (which have to our knowledge not yet been discussed in the literature) is that the standard An additional explanation of the lower volatility of returns can be the networks that cooperative banks form to provide a safety net. However, these support mechanisms are typically triggered only in extreme stress, and are therefore likely to explain only a small part of the observed difference in the volatility of returns. 5 14 The finding about lower returns is in contrast with previous observation by Valnek (1999), who finds that mutual building societies in the United Kingdom have higher returns and risk-adjusted returns on assets than commercial banks. In a recent paper, Mercieca, Schaeck, and Wolfe (forthcoming) estimate an equation for z-scores in a sample of small European banks, including small cooperative banks, but their estimated slope coefficient for a cooperative bank dummy is insignificant. 16 13 deviation underlying the z-score gives only a part of the information about the behavior of zscores.In particular, when assessing stability, we are much more interested in the downward spikes in returns on assets (ROAs) and z-scores than in the upticks. Table 3 has four panels, corresponding to four alternative variables that we have investigated, in particular: †¢ We have defined downward (upward) volatility of ROA as the sample average of the difference between the bank-specific ROA per year and its mean of ROA if the ROA is below (above) the bank-specific mean. Table 4 indicates that both downward and upward volatility of ROA are higher for commercial banks than for cooperative and savings banks.Comparing the absolute values within each bank type shows that the commercial banks' downward volatility of ROA is higher than its upward volatility. This finding does not hold for cooperative and savings banks. Similarly, we have defined the downward (upward) volatility of the z-scores as the sample average of the difference between the bank-specific z-score per year and its mean of the z-score if the z-score is below (above) the bank-specific mean. We cannot observe any statistical difference in the downward (upward) volatility of the z-scores.Furthermore, the downward (upward) volatility of the capitalization is defined as the sample average of the difference between the bank-specific equity-to-assets ratio per year and its mean of the capitalization if the equity-to-assets ratio is below (above) the bankspecific mean. The downward (upward) volatility of capitalization is lower for cooperatives than for commercial and savings banks. Commercial banks’ z-scores have a higher frequency in the lower distribution of the zscores than cooperative and savings banks.This supports the previous results of lower average z-scores for commercial banks during the sample period . †¢ †¢ †¢ Overall, the above robustness checks support the findings for the simple z-scores. 17 To further assess the robustness of our findings, we can also look at measures of financial soundness that are alternative to the z-scores. An obvious alternative are ratings by rating agencies. Table 5 presents a distribution of long-term credit ratings by the Fitch Ratings for cooperative banks and commercial banks in the 29 advanced economies and emerging markets.The overall conclusion is that at least on the first look there does not seem to be a major difference between the ratings for cooperative banks and commercial banks. For both groups, for example, about 90 percent of institutions have investment grade long-term credit 17 We have also calculated a modified z-score, defined as capitalization plus the ROA over the absolute value of the downward volatility of ROA. Results for this modified z-score confirm that on average, cooperative banks are more stable than comm ercial banks, reinforcing the findings from the above robustness tests.The results do not change qualitatively whether we use the absolute value of downward/upward deviation from the mean for the volatilities of the ROA, z-score and capitalization measures, or whether we use the squared downward/upward deviation from the mean. 14 rating (defined as BBB- or higher). It should be noted, however, that the distribution of ratings for cooperative banks is highly influenced by the ratings for German cooperative banks, all of which were given the same (A+) rating. This limits the usefulness of ratings for further, econometric analysis.In the next section, we will therefore focus on the z-scores. Before discussing the regression results, we provide correlation coefficients between the zscore and selected key variables in Table 6. Here, we differentiate between all the banks in the sample and large (small) banks that have assets larger (smaller) than US$1 billion. Similar to the findings fro m the decomposition of the z-score in Table 1, commercial banks tend to have lower z-scores than cooperative and savings banks in all model specifications.Also, both the cooperative bank dummy and the z-score are positively correlated across the different samples. While there is no evidence that the cooperative market share per country and year is negatively correlated with the z-scores of all commercial, cooperative and savings banks, we do find a significantly negative correlation between the z-scores and the interaction term of the share of cooperatives and commercial bank dummy in all models as hypothesized previously.A stronger cooperative sector is associated with higher commercial banks’ risk. Since correlation findings do not necessarily reflect causal relationships and do not account for other control factors, we now turn to the panel regressions. B. Regression Analysis Table 7 presents pooled OLS and fixed effects estimates for the z-scores in the full sample of ban ks in OECD countries, in the Euro zone (EU12), and the countries where the cooperatives’ market share exceeds 5 percent (Coop5). 8 All panel regressions include clustered standard errors (by bank), year and country dummy variables. Our main focus in discussing the results is on the two hypotheses outlined in the introduction, namely that cooperative banks are weaker and that their presence reduces the stability of other banks. All the pooled OLS regressions provide strong evidence that cooperative banks have higher z-scores than commercial and savings banks.The estimated signs of the commercial bank dummy and savings bank dummy are negative in all the pooled OLS and fixed effects regressions (and significant at the 10 percent level in all but one the regressions). That is, cooperative banks appear less likely to become insolvent than the other two bank types. This 18 In general, it is not possible to identify the commercial and savings bank dummies in the fixed effects regres sions since they are not time-varying. Since we have changed the status of a few banks as discussed before, we could in principle identify the bank dummies.But we do omit the commercial and savings bank dummies in the fixed effects estimations, as only a few dummies are time-varying, and therefore the coefficients and p-values might not be very meaningful. 15 is in line with the findings from the decomposition of the z-score in the previous section. It strengthens the previous findings, because the conclusion about higher z-scores in cooperative banks holds even if we adjust for other explanatory factors, such as the fact that cooperative banks are typically more retail-oriented than commercial banks.As regard the impact of a higher presence of cooperative banks on banking stability, the first approximation is provided by the estimated slope coefficient of the â€Å"share of cooperatives† variable, which is positive and significant in all but one specification. Based on this estimated slope coefficient, we can say that a higher share of cooperative banks increases stability (measured by z-score) of an average bank in the same banking system. It is important to stress, however, that this is only an average effect based on all the commercial, cooperative, and savings banks in the sample. 9 To analyze in more detail the cooperative banks’ impact on other (e. g. , commercial) banks, one needs to analyze the sum of the coefficients of (i) the share of cooperative banks and (ii) the interaction of the share of cooperative banks with the other bank (e. g. , commercial bank) dummy. Looking again at the estimates in Table 7, and focusing on commercial banks, we find that a higher market share of cooperative banks has a significantly negative effect on commercial banks’ risk in the pooled OLS model for OECD countries.This would be consistent with the hypothesis that a higher presence of not-profit-maximizing cooperative banks could pull down the sou ndness of commercial banks. This could be because cooperative banks â€Å"over-pay† for deposits or â€Å"under-charge† for assets, or because the commercial banks get crowded out of the retail market and have to turn to markets that are more volatile. 20 However, this finding does not hold for the other model specifications. There is thus some, but limited, evidence in support of Goodhart’s (2004) hypothesis in the full sample. 1 The other explanatory variables have the expected signs. In particular, we find that larger banks tend to have lower z-scores, perhaps because they engage in riskier activities than smaller banks (and reflecting a relatively higher risk aversion of small banks). Also, banks with higher loan-to-asset ratios tend to be riskier (even though this result is valid only for the 19 If we measured a â€Å"portfolio z-score† of the banking system, it would increase even more than the average zscore, due to the simple fact that a higher ma rket share of cooperative banks means a higher share of banks with higher -scores. However, our approach in this analysis is derived from individual bank z-scores. To examine the hypothesis that cooperative banks over-pay for deposits or under-charge for loans, we have calculated the implicit deposit and lending rates for the commercial and cooperative banks, defining the implicit deposit rate as total interest rate expenses over deposits and the lending rate as interest rate income over loans. Based on this calculation, there is no significant difference for deposit rates, but there is some evidence that cooperative banks charge lower lending rates than commercial banks (9. percent compared with 13. 2 percent). 21 20 For savings banks, the impact of a higher cooperative bank share is insignificant and not reported in Table 7. 16 OECD sample as a whole, but not necessarily in the EU12 and Coop5 sub-samples). Banks with higher loan portfolios on their balance sheets relative to their total assets might be more likely to experience problems with non-performing loans and thus be riskier. Finally, inefficient banks in terms of their cost-to-income ratio are less likely to cover their costs when hit by adverse shocks, so they tend to be riskier.The evidence on the effect of bank concentration on individual bank risk is mixed and unclear in the pooled OLS and fixed effects regressions. The results from the income diversity variable and its interaction with the cooperative bank dummy support the above hypothesis. Overall, an increase in diversity (which could be interpreted as less focus on the traditional lending business) tends to increase banks’ risk; however, cooperative banks tend to become more stable if they diversify their activities (sum of the coefficients of the income diversity variable and its interaction with the cooperative bank dummy).This result can be explained by the fact that commercial banks are about 30– 40 percent more diversified than cooperative banks (both in the whole OECD sample and the EU12 and Coop5 sub-samples—see Table 1). Because of their stronger focus on the lending (retail) business, cooperative banks’ stability improves from an increase in diversification of their activities; in contrast, a further move away from retail business in commercial banks, which have already a relatively higher share of other (wholesale) activities, results in decreasing stability (z-scores).Table 8 presents the OECD pooled regressions with the governance indicator constructed by Kaufmann, Kraay, and Mastruzzi (2005). As expected, banks in countries with a higher level of institutional development are on average less risky than banks in countries which lack the same governance quality. From a comparison of Tables 7 and 8, the governance indicator does not have a significant impact on the estimated slope coefficients for the commercial and savings bank dummies, suggesting that cooperative banks are not mo re or less sensitive to governance problems than the other types of banks.However, this finding has to be taken with a grain of salt, because we use the overall quality of governance in the country as a proxy for corporate governance in the individual banks, on which there are unfortunately no direct cross-country data. To assess the robustness of our results, we have also estimated models for large and small banks, n addition to the full sample regressions. 22 Table 9 replicates the previous regressions on the OECD, EU12, and Coop5 countries only with large banks, defined as those that have assets larger than US$1 billion.The commercial bank dummy is significantly negative in the In addition, to account for systemic importance, we have also estimated a weighted regression, weighting the different observations by total assets. The results, which were not substantially different from those for large banks in Table 8, are available from the authors upon request. 22 17 pooled OLS estim ations (except the OECD sample). The previous result that a strong cooperative banking sector on average does not weaken the commercial banking sector is strongly supported in the regressions with large banks for all model specifications except the OLS OECD model.Table 10 gives the model findings for small banks (those with assets below US$1 billion). Small commercial banks tend to be riskier than small cooperative banks but there is no substantial evidence that an increase in the cooperative market share has a consistently and significantly negative effect on the smaller commercial banks’ individual risk. As a further sensitivity test, we estimated the models with the robust estimation technique, which assigns lower weights to observations with large residuals, to avoid the impact of outliers (Beck, Cull, and Jerome, 2005).The results in Table 11 support the main conclusion from the previous discussion. Finally, to address the question whether the factors that cause high fra gility are systematically different from the factors that cause medium or low fragility, we adopt quantile regression techniques. Table 12 gives the regression results at the 25th, 50th, and 75th percentiles of the OECD, EU12, and Coop5 countries. 23 The model setup is the same as for the full sample with the same variables included and the same outliers excluded (1st and 99th percentile of the distribution of the z-score).Based on the coefficients of the commercial bank dummy, the gap between the z-scores of commercial and cooperative banks tends to widen with the quantiles in the OECD, EU12, and Coop5 models, which suggests that the distribution of z-scores in cooperatives is much more skewed to the right: if one compares strong cooperative banks and strong commercial banks, the difference in z-scores is much bigger than for weak cooperative banks and weak commercial banks. A similar conclusion is valid also for the comparison of cooperative banks and savings banks, even though th e differences in their z-scores are generally smaller.Upon inspecting the sum of the coefficients of the cooperative share and its interaction with the commercial bank dummy, it appears that an increased presence of cooperative banks per country and year has a negative effect on the weakest commercial banks. In other words, commercial banks that already have low z-scores suffer more from a stronger cooperative sector than commercial banks with higher z-scores. Whereas the previous estimations did not provide any substantial evidence for a negative effect of a higher presence of cooperative 23The 50th percentile gives the median least square estimator which minimizes the median square of residuals rather than the average. In the generalized quantile regression, we estimate an equation describing a quantile other than the median. Specifically, we estimate the first quartile (25th percentile) as well as the 75th percentile. 18 banks on the average commercial bank’s stability, in stead there appears to be some (negative) effect on the weaker commercial banks. In all the regressions, restricting the explanatory variables to only contemporaneous effects does not change the main findings (tables available upon request).We also defined alternative z-scores as ln(1+(z/100)), but this did not affect the main conclusions. IV. CONCLUSIONS AND TOPICS FOR FURTHER RESEARCH The findings in this paper indicate that cooperative banks in advanced economies and emerging markets have higher z-scores than commercial banks and (to a smaller extent) savings banks, suggesting that cooperative banks are more stable. This finding, perhaps somewhat surprising at first, is due to much lower volatility of the cooperative banks’ returns, which more than offsets their relatively lower profitability and capitalization.We suggest that this observed lower variability of returns, and therefore the higher z-scores, may be caused by the fact that cooperative banks in normal times pass on most of their returns to customers, but are able to recoup that surplus in weaker periods. To some extent, this result can also reflect the mutual support mechanisms that many cooperative banks have created. The finding about the higher z-scores in cooperative banks is quite robust with respect to modifications in the measurement of volatility and z-scores.It also remains valid if one distills the â€Å"pure† impact of the cooperative nature of a bank, by using regression analysis and adjusting for differences in bank size, loan to asset ratios, income diversity, and other factors with potential impact on individual bank’s stability. Using the regression analysis, we also find that a higher share of cooperative banks increases stability (measured by z-score) of an average bank in the same banking system. The impacts differ by the groups of banks, however.High presence of cooperative banks appears to weaken commercial banks, in particular those commercial banks that are already weak to start with. This finding is consistent with Goodhart’s (2004) hypothesis that the presence of non-profit-maximizing entities can pull down stability of other financial institutions. This empirical result can be explained by the fact that a higher cooperative bank presence means less space for weak commercial banks in the retail market and therefore their greater reliance on less stable revenue sources such as corporate banking or investment banking.When interpreting the results, one needs to bear in mind some caveats relating to the z-score, such as its reliance on accounting data and its focus on capital and profits rather than, say, liquidity or asset quality. As a robustness test, we have therefore tried to include some possible alternatives to the z-scores, such as ratings. The available data suggest that the ratings of cooperative banks are not substantially worse than those for commercial banks; 19 however, the dominance of observations from one cou ntry (Germany) in the ratings database does not allow for a full-fledged cross-country analysis.Several issues not addressed in this paper could be analyzed in future research. One of them is corporate governance issues. As discussed in Fonteyne (forthcoming) or Cuevas and Fischer (2006), corporate governance issues in cooperatives are often more prominent than in commercial banks. Among these issues is the presence of an owner-less endowment, since members of cooperatives are only invested with the notional value of their shares and have no right to the accumulated capital. Furthermore, there is a collective action problem that might lead to empire-building by management.BankScope and similar databases do not contain institution-specific data on the quality of the corporate governance, but with a more detailed database, perhaps on a smaller sample, it may be possible to analyze this issue. Another issue for further research is the impact of networks on cooperative banks’ sta bility. Cooperative banks can realize important benefits by forming networks, as it allows the pursuit of economies of scale and scope, and the provision of a safety net or mutual support mechanism. However, a more complex structure can also create new challenges for stability.For example, Desrochers and Fischer (2005), in a cross-country survey on the level of integration of cooperatives, note that lateral contracts between cooperatives involve risks that counterparts will behave opportunistically to appropriate the rent generated by the alliance. The analysis based on individual banks’ z-scores, presented in this paper, provides a baseline assessment of systemic stability. To arrive at a more complex assessment, one should look also at losses given default and correlation of losses across defaults (Cihak, 2007).This issue goes beyond the scope of this paper, and is an important topic for further research. Finally, we have treated the share of cooperative banks as an exogeno us variable that impacts the z-scores. When longer time series become available, it might be possible and useful to test whether the share of cooperative banks is in fact endogenous with respect to the z-scores, i. e. , whether this measure of stability affects the share of cooperatives in a system. 20 Table 1. Summary Statistics of Bank-Specific Variables in the Sample, 1994–2004 (In percent, unless indicated otherwise) Assets (Billion USD) Mean Std. Dev.OECD Commercial Cooperative Savings EU12 Commercial Cooperative Savings Coop5 Commercial Cooperative Savings Loans to Assets Cost-Income Ratio Mean Std. Dev. Mean Std. Dev. Income Diversity Mean Std. Dev. 3. 78 1. 90 1. 90 32. 52 14. 41 6. 93 0. 57 0. 59 0. 63 0. 21 0. 14 0. 18 70. 27 72. 26 70. 03 44. 47 16. 91 32. 86 0. 33 0. 24 0. 24 0. 25 0. 19 0. 20 8. 94 1. 22 2. 65 43. 06 8. 14 6. 64 0. 43 0. 59 0. 58 0. 28 0. 14 0. 13 70. 10 71. 99 67. 09 42. 23 14. 30 13. 22 0. 39 0. 28 0. 23 0. 49 0. 19 0. 12 18. 06 1. 87 2. 02 79. 75 14. 47 4. 11 0. 50 0. 59 0. 58 0. 28 0. 14 0. 13 71. 79 72. 52 67. 55 43. 43 16. 87 10. 07 0. 34 0. 25 0. 24 0. 4 0. 18 0. 08 Source: Authors' calculation based on BankScope Data. Note: The 1st and 99th percentile of the distribution of the z-score variable is excluded. 21 Table 2. Decomposition of Z-Scores for the Full Sample 1994–2004 Z-score Equity to Assets (percent) ROA (percent) Standard deviation of ROA (% points) All banks Commercial Cooperative Savings Large banks Commercial Cooperative Savings Small banks Commercial Cooperative Savings 50. 0 60. 8 60. 1 12. 13 7. 19 9. 29 0. 94 0. 39 0. 55 0. 59 0. 28 0. 35 29. 6 46. 6 47. 3 7. 06 5. 62 5. 91 0. 69 0. 28 0. 48 0. 71 0. 37 0. 35 46. 5 56. 9 55. 4 11. 21 6. 84 7. 99 0. 90 0. 37 0. 53 0. 65 0. 1 0. 35 Source: Authors’ calculations based on BankScope data. Note: To avoid possible outliers in this sample, the 1st and 99th percentile of the distribution of each variable is excluded. Large (Small) banks are defi ned as having assets larger (smaller) than 1 billion USD. 22 Table 3. Decomposition of Z-Scores for Selected Countries, 1994–2004 Z-score Equity to Assets (percent) ROA (percent) Standard deviation of ROA (percent) Austria Commercial Cooperative France Commercial Cooperative Germany Commercial Cooperative Italy Commercial Cooperative Japan Commercial Cooperative Netherlands Commercial Cooperative UK Commercial Cooperative 28. 70. 9 15. 95 6. 83 1. 01 0. 45 1. 708 0. 122 44. 4 82. 2 13. 31 5. 44 1. 07 0. 29 0. 471 0. 067 25. 8 33. 5 4. 47 5. 43 -0. 16 -0. 04 0. 949 1. 001 30. 7 40. 3 11. 44 12. 89 0. 43 0. 88 1. 246 0. 465 37. 3 78. 8 12. 05 5. 08 0. 48 0. 28 1. 197 0. 124 17. 8 42. 1 10. 69 6. 64 0. 39 0. 58 2. 088 0. 223 33. 8 34. 3 11. 20 6. 02 0. 70 0. 39 0. 846 0. 407 Source: Authors’ calculations based on BankScope data. Note: To avoid possible outliers in this sample, the 1st and 99th percentile of the distribution of each variable is excluded. All selected count ries have a market share of cooperative banks higher than 5%. 23Table 4. Sensitivity of the Z-score Decomposition Bank type Commercial Cooperative Savings Return on assets Downward volatility (percentage points) Upward volatility (percentage points) Z-scores Downward volatility (percentage points) Upward volatility (percentage points) Equity to assets Downward volatility (percentage points) Upward volatility (percentage points) -0. 46 0. 38 -0. 19 0. 20 -0. 21 0. 21 -3. 79 3. 99 -3. 47 3. 85 -3. 78 4. 12 -1. 53 1. 69 -0. 53 0. 58 -0. 78 0. 81 Distribution of Z-scores (% of observations in banks of the same type) Less than 0 0. 37 0 to 10 13. 65 10 to 20 14. 74 20 to 30 13. 2 More than 30 57. 52 0. 62 9. 20 10. 72 13. 04 66. 42 0. 13 6. 38 9. 85 14. 80 68. 84 Source: Authors' calculation based on BankScope data. Note: To eliminate outliers, the 1st and and 99th percentiles of the distribution of the downward (upward) volatility variables were excluded. 24 Table 5. Fitch's Long-Term R atings of the Banks in Sample All Banks No. Percent 2 0. 17 16 1. 36 26 2. 21 72 6. 11 781 66. 30 77 6. 54 64 5. 43 40 3. 40 35 2. 97 29 2. 46 10 0. 85 2 0. 17 15 1. 27 4 0. 34 3 0. 25 2 0. 17 1,178 100. 00 Commercial No. Percent 2 0. 54 14 3. 75 23 6. 17 66 17. 69 53 14. 21 54 14. 48 39 10. 46 38 10. 9 28 7. 51 24 6. 43 7 1. 88 2 0. 54 14 3. 75 4 1. 07 3 0. 80 2 0. 54 373 100 Cooperative No. Percent 0 0. 00 1 0. 15 2 0. 29 2 0. 29 664 96. 37 9 1. 31 7 1. 02 0 0. 00 2 0. 29 1 0. 15 0 0. 00 0 0. 00 1 0. 15 0 0. 00 0 0. 00 0 0. 00 689 100. 00 AAA AA+ AA AAA+ A ABBB+ BBB BBBBB+ BB BBB+ B BTotal Note: All 637 cooperative banks in Germany have a Fitch rating of A+. 25 Table 6. Correlation Coefficients between the Z-Score and Selected Key Variables, 1994–2004 Commercial Bank Dummy Cooperative Bank Dummy Savings Bank Dummy Share Coop Share Coop* Commercial Full Sample OECD -0. 060*** 0. 026*** 0. 051*** -0. 041*** -0. 38*** Large Banks OECD -0. 225*** 0. 115*** 0. 147*** 0. 100*** - 0. 168*** Small Banks OECD -0. 047*** 0. 013*** 0. 050*** -0. 034*** -0. 105*** EU12 -0. 244*** 0. 178*** 0. 041*** 0. 128*** -0. 184*** Coop5 -0. 221*** 0. 137*** 0. 066*** 0. 068*** -0. 195*** Commercial Bank Dummy Cooperative Bank Dummy Savings Bank Dummy Share Coop Share Coop* Commercial EU12 -0. 340*** 0. 115*** 0. 236*** 0. 130*** -0. 241*** Coop5 -0. 288*** 0. 091*** 0. 208*** 0. 085*** -0. 245*** Commercial Bank Dummy Cooperative Bank Dummy Savings Bank Dummy Share Coop Share Coop* Commercial EU12 -0. 179*** 0. 160*** -0. 008*** 0. 098*** -0. 144***Coop5 -0. 155*** 0. 119*** 0. 001 0. 052*** -0. 141*** Note: * significant at 10%; ** significant at 5%; *** significant at 1%. 26 Table 7. Regression Results (Full Sample) OECD (1) Assets (-1) Loans/ Assets (-1) Cost-Income Ratio (-1) Income Diversity (-1) Income Diversity* Cooperative Bank Dummy (-1) Herfindahl Index (-1) Commercial Bank Dummy Savings Bank Dummy Share of Cooperatives (-1) Share of Cooperatives * Commercial Bank Dummy (-1) GDP Growth (-1) Inflation (-1) Exchange Rate Appreciation (-1) Real Long-Term Interest Rate (-1) Constant Observations R-squared Clustered by Banks Type -0. 026 (0. 000)*** -13. 123 (0. 00)*** -0. 185 (0. 000)*** -19. 299 (0. 000)*** 23. 107 (0. 000)*** -0. 005 (0. 000)*** -4. 79 (0. 029)** -2. 547 (0. 196) -0. 094 (0. 324) -0. 386 (0. 000)*** -0. 246 (0. 037)** 0. 44 (0. 006)*** 0. 043 (0. 009)*** -0. 398 (0. 004)*** 39. 898 (0. 000)*** 78,298 0. 103 14,025 OLS (2) -0. 013 (0. 023)** -3. 225 (0. 000)*** -0. 001 (0. 572) -1. 132 (0. 004)*** 3. 67 (0. 000)*** 0. 001 (0. 002)*** (3) -0. 027 (0. 073)* 3. 802 (0. 318) -0. 044 (0. 038)** -3. 4 (0. 155) 6. 877 (0. 184) -0. 005 (0. 005)*** -22. 685 (0. 000)*** -7. 437 (0. 003)*** 0. 278 (0. 033)** -0. 027 (0. 866) -0. 081 (0. 786) -1. 901 (0. 000)*** 0. 34 (0. 096)* 0. 597 (0. 145) 55. 966 (0. 000)*** 22,665 0. 112 3,239 OLS EU12 (4) -0. 043 (0. 000)*** -1. 996 (0. 347) -0. 009 (0. 076)* -0. 742 (0. 184) 4. 534 (0. 000)*** -0. 0 004 (0. 537) (5) -0. 019 (0. 001)*** 3. 461 (0. 349) -0. 078 (0. 000)*** -4. 12 (0. 107) 13. 418 (0. 004)*** 0. 001 (0. 643) -17. 143 (0. 000)*** -4. 314 (0. 080)* 0. 086 (0. 557) -0. 003 (0. 989) 1. 002 (0. 000)*** 0. 091 (0. 789) 0. 061 (0. 015)** -0. 006 (0. 987) 22. 558 (0. 000)*** 25,241 0. 106 3,723 OLS Coop5 (6) -0. 015 (0. 028)** 0. 882 (0. 705) -0. 008 (0. 032)** -0. 858 (0. 077)* 2. 585 (0. 001)*** 0. 005 (0. 000)*** 0. 114 (0. 01)*** 0. 019 (0. 699) -0. 14 (0. 001)*** 0. 133 (0. 009)*** 0. 068 (0. 000)*** 0. 184 (0. 000)*** 46. 652 (0. 000)*** 78,298 0. 058 14,025 FE 0. 127 (0. 007)*** -0. 101 (0. 093)* 0. 012 (0. 924) -0. 427 (