THE first few months of 2011 have presented some real challenges to societies in our part of the world. From a business perspective there are still knock-on effects being felt, and will be for a while yet, from floods, cyclones and earthquakes. These events cause reflection on what’s really important, personally and in business.
These events are natural, beyond our control, and pose threats to lives and business. There are many other events, however, that can be just as devastating to life and business, which are sometimes beyond our control but able to be avoided, mitigated or minimised.
In business we start up, grow and exit, and these stages carry risk. To start a business involves one of the biggest risks of all. If you leave a well-paid job to start up a business you risk your own money (or that of backers) to finance it. To grow a business you risk the funds required for growth as well as the livelihoods of those you employ.
To exit a business you’ve worked hard to build, you risk leaving it in the hands of others. Business owners and entrepreneurs are, probably by their nature, less risk-averse than those who are happy to work for someone else and let them take the risk. Being prepared to take a risk is necessary if business start-up and growth is to occur, but what is also necessary to succeed is the ability to avoid as much mishap as possible through well thought out ‘risk management’.
We can’t know all the potential risks we face, but we can certainly take steps to learn from those who have studied the subject.
Risk management – a term often linked to major corporations as a corporate governance requirement – is a useful process that SMEs can adopt to improve their chances of sustained and successful longevity.
There have been several major natural disasters in recent months – floods in Queensland, Cyclone Yasi, and the devastating Christchurch earthquake. As most of the losses relating to these events are covered by insurance, the bigger risks to businesses are the less obvious risks not claimable through insurance policies. To assist you in avoiding losses, or to enable you to better recover from a loss, we believe that risk management is more important to your business now than ever before.
What is risk management?
In this context, risk management is simply a process that considers what can go wrong within a business, or a particular transaction. Risks come from a variety of sources but usually reside in the following categories: commercial and contract; regulatory and compliance; business process; financial; human resources; and IT, environmental and OH&S.
The last time you entered a new supply contract or considered expansion of some type, did you consider the myriad risks that would fall under each of these categories? Well done if you did; don’t feel bad if you didn’t because most businesses would not have.
A risk management process includes the following steps.
• Identify the risk: what can happen, how can it happen, where can it happen and why can it happen?
• Analyse the risk: how likely is it, and what are the consequences?
• Evaluate the risk: what controls exist today, what else could be done, and can the risks be ranked?
• Treat the risk: identify the options, evaluate the options, implement risk treatment and monitor risk treatment.
The following actual examples provide context for the impact of poor due-diligence.
1) Company uses its own accountant to review the financials of a potential JV partner. Transaction proceeds only to find out six months later that a long-standing employee of the target business had been defrauding the business, small amounts over many years resulting in an $800,000 adverse impairment in enterprise value.
2) Company acquires a business without checking its OH&S history. On integration of the Work Cover policy, poor claims experience for the acquired company results in a $180,000 premium increase.
3) Company signs a new supply agreement with a major customer. On review of the agreement, the company has provided a full commercial indemnity in favour of its supplier, voiding its insurance coverage and exposing its own balance sheet.
4) Company acquires a business without understanding its workplace culture. Months after the transaction is completed, the (new) owner receives a complaint from a former employee for workplace bullying and sexual harassment resulting in a $30,000 statutory penalty.
Issues of this nature are a regular occurrence. Don’t become a statistic of the future, ask for help when your business is looking to change.
Sue Hirst is director of business consulting firm CAD Partners CFO On-Call. Contact Sue on 1300 36 24 36 |chanelh@cfooncall.com.au