Your Business Doesn’t Have To Be So Risky

One of the big fears people have about having their own business is that it is risky. And that’s true.

I don’t want to minimize that, because you’re taking a risk to put your economic welfare in your own hands. (You’re also taking a risk, and I would argue a bigger one, to put your economic well-being in someone else’s hands, but that’s for another article!)

What’s also true is that taking risks to have your own business can be reduced by the choices you make. And having your own business has big benefits.

In your business, you have 3 kinds of risk: 1) risks you can prevent, 2) risks you can reduce, and 3) risks you have little control over.

Let’s clean things up right away by looking at #3. Examples of risks you have no control over are external to your company. They include the weather (if you have a weather-affected business), or other companies popping up that do the same thing.

Risks you have little control over can’t be prevented. But they can be identified, and the sooner you can do so, the better. Then you can decide what to do to minimize their effects. Make a list of potential external risks and include what you plan to do to monitor them part of your overall strategy.

For example, keeping an eye on other companies popping up that do the same thing can include regular internet searches and consistently following through on news you may hear through your contacts of a new company on the scene. Depending on what you learn, you can decide if this new company provides you with:

· New ideas for offerings you can create

· Opportunities for collaboration and joint ventures

· Greater clarity for your own marketing, to help prospects distinguish you as a provider.

Some risks you can prevent by getting insurance, or obtaining legal advice. Relatively easy solutions can do the trick.

Next we’ll look at the first kind of risk, #1: risks you can prevent. We’re talking about risks within your own company. For example, you’ll want to ensure that your processes are clear, so that everyone involved can follow them with a minimum of errors or time wasted in confusion.

These are the easiest risks to manage, but not everyone does so because procedures aren’t sexy. They are, though, the backbone of providing a consistent product or service that your clients can rely on.

You can manage these preventable risks by monitoring and guiding people and processes toward the standards of quality you set. Create a procedures manual and test it out, to ensure everyone knows what to do. Add a step for quality testing, to see if the procedures are clear and being followed.

Finally, the second kind of risk, #2: risks you can reduce, are the most fun. These are risks you voluntarily take so that you can improve your outcomes. For example, a bank takes on risk when it lends money. You may take on risk when you spend time researching a new possibility for an offering.

This kind of risk is strategic. The risk itself isn’t in itself undesirable. The flip side of this kind of risk is opportunity. Managing these risks effectively increases the possibility of gain. Reaching out to a potential new client group that is large and potentially lucrative is a risk you may want to take for the high potential income.

Minimizing risks takes some thinking and planning. First, how can you minimize the risk before you begin? In our example, you can get to know your new group of prospective clients really well. Do research. Talk to them. Really invest in understanding what their problems are and how you might be able to help solve them. Get to know them personally: build relationships.

Decide how you’re going to manage the risk factor once your risky venture with this new client group is underway. Track your progress. Is your investment paying off? Don’t get stuck with the same strategy if it’s not working. Make adjustments quickly. Change direction as you learn more, if it’s warranted.

As a general rule, make the scale of your effort to prevent or reduce a risk consistent with its consequences. If the consequences are major, spend more time and energy than if the consequences are minor. There may even be risks you can ignore, because they’re really unlikely and have minor consequences.

Risk management is part art, part science. These risk management strategies can help you take on bigger risks, with bigger rewards for everyone. It’s worth putting energy into thinking things through before you begin to invest time and energy.

Taking calculated risks, making good decisions around what’s probable and what you’re willing to do, is a good way to keep the risk factor in your business to a minimum. Your business doesn’t have to be so risky.

Risky Business

Investors instinctively understand the importance of performing legal and financial M&A due diligence. Things tend to come off the rails though when it comes to performing an operations due diligence. Most investors simply don’t understand the role of operations due diligence and the result is that most M&A failures can be traced back to an ineffective operations assessment. Legal and financial due diligence are performed to determine the legal and financial status of a business at a point in time, typically the day a deal is closed. Operations due diligence on the other hand is determines the ability of the business to sustain its operations over time. It asks: Are there potential operations risks that could cause a future failure of the business? Investors rely on their attorneys and CPA’s to perform their legal and financial due diligence, but often attempt to perform the operations due diligence themselves instead of involving someone with risk assessment expertise. Worse, they perform a partial risk assessment by looking at management or sales or strategy, etc. but fail to assess the entire enterprise.

The recent bankruptcy of the Solyndra solar company has now become the poster child for un- sustainable businesses. Without delving into the politics of the bankruptcy or all of the possible reasons for the failure, it is fair to say that the investors in Solyndra, including the US Government, failed to effectively assess the operations risks that could impact Solyndra’s ability to sustain its operations.

The following are just two examples of the operations risks Solyndra faced. First; former employees have stated publicly that they were throwing out as much as $100,000 worth of defective solar cells each day. If this is true than an effective operations due diligence should have identified the high cost of quality as a potential risk to the sustainability of the business. Identifying that risk would have allowed investors to insist that a mitigation plan be put in place to reduce or avoid these costs. Second; as part of their marketing plan Solyndra was pursuing a proprietary product design. As the price per watt for standard solar panels began to drop, particularly those manufactured by their Chinese competition, Solyndra wasn’t able to make corresponding reductions in the price per watt of their proprietary products that would allow them to remain competitive. The inability of Solyndra’s products to compete has been attributed to commoditization of the standard panels and to unfair competitive practices by the Chinese. The reasons for the bankruptcy are not important to this discussion though. An effective operations due diligence would have identified the operations risks and their potential impact on the sustainability of the business.

We can assume that the Solyndra investors had a sufficient number of attorneys and accountants. Neither the quality risk nor the competitive risk in these examples would have been apparent in a legal or financial due diligence though and an effective operations due diligence was never performed.

Unfortunately, just as many investors misunderstand the role of operations due diligence, many businesses don’t yet understand the importance of implementing a formal risk management program and resist providing the funds for risk management activities. Solyndra should have identified their own operations risks and developed mitigation plans to avoid them. Businesses that manage their risk improve their sustainability. If it is important for investors perform a risk assessment as part of their due diligence, isn’t it also important that a business perform proactive risk assessments on a continuing basis?

With the release of ISO 31000:2009 (Risk Management Principles and Guidelines on Implementation) some businesses are starting to implement risk management programs in earnest. Unfortunately, even in these businesses, risk managers often have trouble justifying the funds to support their activities because senior executives have trouble justifying the cost of the program because it is difficult to measure the benefits of improved sustainability.

An effective risk assessment whether performed by an investor during the M&A process or as a proactive self assessment by a business must assess risk across all operations of the business. It is not sufficient to say we looked at the management team or the sales department, etc.