Why Managing Risk in your Business is Vital for Long-Term Success

Risk-management

Managing a business is not always the easiest thing to do. Throughout the life time of your business, you will face challenges – some large, some small and how you deal with them can often be the difference between success and ultimate failure. These challenges that could hamper the longevity of your business are often called risks. What are the common risks in business? How will you manage risks to ensure your business is equipped to navigate them well? Let’s find out!

managing-risk

Source: https://www.pinterest.com/pin/492581277969794051/

“It’s not because things are difficult that we dare not venture. It’s because we dare not venture that they are difficult.” – Seneca

Business Risk Defined

Part of management is thinking of how you will mitigate the risks in your business. What does one mean by “business risk”?

The term business risk refers to the possibility of inadequate profits or even losses due to uncertainties e.g. changes in tastes, preferences of consumers, strikes, increased competition, change in government policy or obsolescence. Every business organization contains various risk elements while doing business.

Excerpt from https://en.wikipedia.org/wiki/Business_risks

Now there are five main types of business risk and they are the following:

  • Strategic Risk: These are risks associated with the operations of a particular industry. These kind of risks arise from

    1. The Business Environment: Buyers and sellers interacting to buy and sell goods and services, changes in supply and demand, competitive structures and introduction of new technologies.
    2. Transactions: Mergers and acquisitions, spin-offs, alliances and joint ventures.
    3. Investor Relations: Strategy for communicating with individuals who have invested in the business.
  • Financial Risk: These are risks associated with the financial structure of a particular industry.

  • Operational Risk: These are risks associated with the operational and administrative procedures of a particular industry.

  • Compliance Risk (Legal Risk): These are risks associated with the need to comply with the rules and regulations of the government.

  • Other risks: Risks like natural disasters (floods) and more, depending upon the nature and scale of the industry.

Excerpt from https://en.wikipedia.org/wiki/Business_risks

Risk in Practice

Let’s look at a short example. In the manufacturing business, one way risk is encountered is when the source of supplies fails to deliver necessary raw materials on time. This may lead to the delay of delivery of products to the customer and may cause losing that customer’s future orders, thus resulting in a loss in income.

What is Risk Management?

Every entrepreneur must learn how to manage business risks – no matter the industry he/she operates in. Potential problems that might be encountered during operation must be identified and mitigation plans must be put in place. We’ll get into the process of risk management shortly, but first – let us define what risk management is.

Risk management is the continuing process to identify, analyse, evaluate, and treat loss exposures and monitor risk control and financial resources to mitigate the adverse effects of loss.

Excerpt from http://www.marquette.edu/riskunit/riskmanagement/whatis.shtml

In the world of finance, risk management refers to the practice of identifying potential risks in advance, analysing them and taking precautionary steps to reduce/curb the risk.

Excerpt from http://economictimes.indiatimes.com/definition/risk-management

The Risk Management Process

Risk-Management-Procedure

Source: http://blog.espm.eu/wp-content/uploads/2011/02/Risk-Management-Procedure.png

The risk management process comprises the following sequence of procedures:

  1. Know Your Risk – identify the various risks that your business could face.
  2. Risk Assessment – assess the effects of the risks on your business.
  3. Planning – identify risk management strategies to implement in case the event occurs.
  4. Implementation – This involves implementing strategies that have been laid out to manage risks when they occur.
  5. Risk Management Evaluation – This is to evaluate the effectiveness of the techniques employed to define, assess and treat the risk.

Note: The risk management process can’t be a purely top-down process. For developed response plans to be effective and comprehensive, staff members from the appropriate departments need to be included in the planning meetings. This includes front-line staff where necessary.

How do you determine your risks?

Excellent tools exist to help you determine the forces likely to present risks to your business. One of these is Porter’s Five Forces model, which is a systematic look at elements of business that have the power to affect your company. Supplier power looks at how easy it is for your suppliers to raise prices and what factors in the economy might influence that action. Buyer power relates to the ability of your customer base to force you to lower your prices. Competitive rivalry examines the strength of your competition and how they can affect your business. Threat of substitution is the likelihood that your customers will find another source for your product or a different product that delivers the same results as yours. Threat of new entry involves new competitors and the development of new products. After examination of these forces you must also make a detailed list of more general financial, strategic, hazard and operations risks.

How do you evaluate the effects of risks?

Use scenario analysis as a tool to evaluate the potential effects of risks. For each identified risk on your list, develop a scenario describing what might happen and how much that event would cost your company. A good way of establishing a risk value is to take the percentage likelihood of the particular risk multiplied by the estimated cost it would represent. This allows you to rank the risks you identify according to their importance to your company.

Excerpt from http://smallbusiness.chron.com/risk-management-tools-techniques-4569.html

Why do you need to continually reassess your risk position?

Things change, and so do risks. Market conditions and volatility levels change, financial strengths of counter parties change, physical environments change, geopolitical situations change, and on-and-on. These changes can be rather sudden, or they can be creeping and hidden. Exposures to risks that result from business activities may also change. Effective risk management requires that one re-evaluate risks on an ongoing basis, and processes such as a Risk Audit should be built into the corporate risk management framework to assess both current and projected risk exposures. Forecasting future exposures is necessary since hedge decisions are often based on projected risk levels.

Hedging as a risk management strategy and it’s implications.

Transferring risks through hedge transactions or other activities is often an effective and advisable risk management technique, but risk mitigation strategy may largely depend on the hedge costs. Risk mitigation strategies also depend on the capacity of the firm to sustain risks and possible losses. Trading activities that are truly for hedging should not be avoided due to concern that trading could be misconstrued as ‘speculative’; however, various hedge instruments may not have the same cost effectiveness or appropriateness for every company and environment.

Reducing exposure to risks.

Risks arise from exposure. A commonly accepted definition of risk is ‘exposure to uncertainty’ (at least for that uncertainty for which one is concerned about the outcome). Reduce the exposure and you likely reduce the risk. The selected approach and structure of business activities can have a significant effect on the exposure & risk levels generated. Commercial agreements and transaction structures may result in transference or acceptance of risks with a counter party. Risk awareness in business processes and commercial activities can lead to opportunities to reduce current and future exposures. Billing currency for international purchases is an example of exposure effect.

What is the importance of creating a risk aware culture?

Educate the organization in practical aspects of risk management – this especially includes the most senior business executives and the corporate board of directors. Risk management responsibilities should be clear. Whether it is intuitive actions based on experience and expertise in risk management or whether it is a result of institutionalized risk policies and procedures, effective risk management is typically a key factor in successful businesses. Training and building awareness can lead to a risk management culture that will drive business success.

Excerpt from http://risklimited.com/risk-tips.htm

Risk Management: A Visual Representation.

I found this infographic from Sysop on risk management to be quite a good one. It outlines the fundamental considerations we have discussed above when it comes to managing risk.

risk-management-infographi

Risk Management: A Scenario.

To understand more about risk management procedures, it would be a great idea to go through an example. I’d like to share this from Scenario Planning about managing the risk of a natural calamity.

Lessons from the Volcano – A strategic risk management perspective

May 5, 2010 — Bernardo S. Sichel

It has been over two weeks since Iceland’s Eyjafjallajokull volcano blew, shutting down air traffic over Europe for more than a week.  The volcanic ash cloud created havoc for airlines and millions of  displaced passengers who were grounded due to this unlikely event (I was one of them, fortunate enough to be “stuck” at home and not at a client in the UK).  By some estimates, the airlines lost about $1.7 billion due to travel disruptions.

The volcano also affected several other industries in Europe and across the world, including: logistics, perishable foods and flowers, electronics, automotive, hotels and restaurants, and teleconferencing, among others.  The impact was negative on some industries, while other industries benefited from the kind of positive externality that happens only on rare occasions.

The situation prompted a few writers to call the volcano eruption a “Black Swan.”  These rare events have three distinct characteristics: a) they are outliers; b) they have an extreme economic impact; and c) they are predictable only in a retrospective way.  Since you can’t really predict a Black Swan, you can only prepare for such an event or withstand its impact by adding slack or flexibility to your operation.  But, was this really a Black Swan event? And what are the broader risk management lessons we can draw from the past few weeks?

Let me start by saying that I don’t believe this was a Black Swan event.  While airlines suffered massive losses, experts assess that the accumulated economic cost for Europe will be close to 0.1 percent of its gross domestic product.  This is almost a rounding error in national accounts.  Therefore, the event doesn’t pass a critical criterion for being considered a Black Swan.  And even if it did pass this criterion, the focus is on the wrong issue or event.  Was the Eyjafjallajokull blowing unpredictable and rare enough?  I am not an expert, but I understand that the last time this volcano erupted was in the 1820’s before aircrafts were even invented!  That qualifies as rare and fairly unpredictable.  But a prolonged disruption of air traffic is not (e.g. September 11, SARS, swine flu scare) and this should have been the right issue to focus on for the businesses affected by volcanic ash.

But not all is lost.  The events from the last three weeks are a fertile ground for risk managers and strategists to learn and better prepare their organizations to cover exposures and capture emerging opportunities from future disruptions of any type.  Here are a few lessons:

  • We need to think more expansively about emerging risks.  Emerging risks come from many unlikely places; and while this is obvious, we are still limited by our past “frames” and traditional sources to identifying new sets of risks.
  • We need to focus on the right set of issues for our organization.  While triggers may come from different sources (e.g. a volcano blowing in Iceland), focusing on the right set of issues (e.g. a disruption of air traffic in Europe) can help us map and better understand the risk management implications of rare and potentially high impact events on our organization.  In doing so, we need to explore how second and third order effects could play out.
  • We need to apply an expanded set of approaches and tools for unknown forces.  External forces fall into three categories: known, unknown, and unknowable.  Our risk management models are usually good only for the first category.  We need different approaches for the unknown and even the unknowable.  Scenario planning  is a technique that could give us a head-start by exploring how unknown forces may play out and how well prepared our organization is to withstand them.
  • We need to add some capacity or flexibility to our operations.  In a world of constant disruption and increasing volatility, we need to add some slack to organizations that have traditionally been operated with a just-in-time mentality.  While we may forgo some profits in normal times, we will be better prepared to withstand shocks and/or capture opportunities left by less prepared competitors.  At the very least, we should have a contingency plan in place in case disruptions happen due to external events or forces.

The  Eyjafjallajokull eruption was a natural disaster of great proportions.  But no one died, even if it affected many passengers, and companies suffered what they felt were mortal wounds due to the stoppage of operations.  We might not be so lucky next time (there is even talk of the Katla volcano erupting, which is larger and more dangerous than its smaller relative), so it’s time to reflect on how to better prepare our organizations for upcoming disruptions in what will likely be described by some as the next Black Swan event.

Excerpt from https://scenarioplanning.wordpress.com/tag/risk-management/

Better Risk Management: A Video

This video from Tony Ridley is well worth a watch. He touches on some really good risk management material that you will find interesting.

Wrapping it up!

Along the way, there will be a plethora of challenges that you will encounter before you can reach your desired business goals and outcomes. As a business leader, you must be prepared at all times for unexpected events that may affect your business, plan ahead for calamity and give your business/team the best possible chance to get through positively. Your risk management plan is an integral resource for this and when done well, can absolutely SAVE a business from ruin.

14 Responses

  1. Candice

    Yes, a risk aware culture is very important for the organisation. Most companies don’t have it though.

    • Russ-O-Matic

      I agree that creating a risk aware culture is vital for an organisation – especially since nothing is constant and the company is ever evolving. Thanks for stopping by! 🙂

  2. Evan

    Useful post. The way you’ve laid the post out makes it easy to read and digest. Thanks.

  3. Girish W.

    I find it very helpful to think about risk before working on a project to plan for the issues that can crop up unexpectedly sometimes.

    • Russ-O-Matic

      That’s very wise Girish. That way you go into battle much better equipped to deal with obstacles that arise.

  4. Pauline

    Okay wow – really great post there Russell. Very informative.

  5. Nick

    I am starting a business soon and will refer back to this article, very useful information.

    • Russ-O-Matic

      All the best with your new business Nick, glad you found the article useful. 🙂