Rather than constantly worrying about the cost of repeat insurance claims, wastage of funds because of high stock levels, or the threat of cyber crime throwing the business into chaos,?doesn?t?it make good sense to reduce the likelihood of things going wrong in the first place? This is the art of risk management, where the motto is ?prevention is better than cure?. It?s a discipline applicable to any scale of business, but the first step is understanding the essentials of how it works.
?
As an SME you might well be asking yourself whether risk management is applicable or practical for your business. Risks differ between SME sectors. Food and beverage businesses with perishable goods; medical or clinical establishments with high value electronic equipment on which there is a huge reliance to provide continuity of services; schools and colleges that have potential liabilities to students, staff, and visitors ? the list goes ever onwards.
Risks also vary according to your distribution and service model. Internet based business models are exposed to risks that differ from businesses requiring an office/retail outlet and which hold valuable stock. Some businesses may have ongoing financial commitments (such as rent) even if they suffer business interruption that stops or reduces their ability to generate revenues.
Onshore and offshore SME businesses here in the GCC also have different considerations in the form of licenses, the particular legal system that applies, and the style of regulation.
Moreover, your business model, strategy, and marketplace expose you to business risks. In other words simply by being in business exposes an SME to risk. A few examples of the risks which might resonate with you as an SME are likely to include:
? Cash flow. Customers and clients not paying in a timely manner (resulting?in monies being due, however not accessible monies, as they?re needed for your own outgoings)
? Errors or omissions. By staff who may be required to fulfill multiple functions (resulting in customer dissatisfaction or loss, and reputational damage)
? Cyber attack. On your website, customer information, and/or banking information of your clients or customers (resulting in liability to customers for financial loss, breach of data privacy or protection).
Tackling the risks in five key steps
One of the advantages of risk management is that while the risks themselves may be diverse and complex, the process of tackling them can be crystallized into a relatively simple five step process. This can best be described as -
1. Assessing the key things that might cause an issue to, disrupt, and/or make your business fail. Focus on identifying the top five to ten items (these are your key identified downside risks). You do not need a huge list of risks, simply a representative one for your business.
Consider both internal and external causes of risk. For example:
? Economic downturn
? Outsourced invoicing with receivables being collected (and held by a third party)
? Reliance on one key person for your business to be successful
? Large values of stock held in one location (theft/fire/obsolescence risk).
Your internal staff and management team are better placed than any third party to identify the risks which specifically apply to your business. Third parties can however help by bringing cross-sector experience, deep industry knowledge, or by challenging the team to think more broadly.
2. For your top five to 10, record whether the issue identified in step one could possibly happen or might be likely to happen (likelihood). In addition, consider what the impacts would be (financial, business collapse, reputational damage, loss of licence, other). These are the possible impacts. Overall this is your risk assessment.
For some of your top five to 10, you might decide to accept these risks (they are unlikely or have a minimal impact). For others in your top five to 10 you might determine that they are likely, or would have an unacceptable impact. For these risks, continue to Step Three.
3. Determine what you can influence or change. Can you reduce the likelihood, or the impact, or both? Before embarking on action, factor in the cost against the benefit. Spending USD50,000 to manage a risk that might have a maximum consequence of USD5,000 and no reputational damage can never be considered to be good business sense. This will provide you with a risk management action plan. Make sure that you take action in a timely manner. Address actions proactively, before that risk has become a reality.
4. After review of what can be managed and makes good business sense to action, consider whether there are still risks that the business could not recover from, or might have difficulty in recovering from.
Can you transfer some of the risk, even if only the financial consequences to another party? Insurance is one such arrangement, and involves pooling funds from many to pay for the losses that some may incur. These are your risk transfer options. Remember however that the risk transfer will not be without cost.
5. If you opt to devote time to understanding your business risks, discuss these in your management team. Evolve your top five to 10 as you define or change your strategy; as you consider expanding into different markets or countries; if you are considering an IPO; as you become aware of external factors that impact your business changing. The investment that you may make in risk management does not need to be extensive to be effective. It does however need to be a living, evolving approach.
Is risk management worthwhile for you?
To conclude; is risk management for your SME:
? Possible?
? Practical?
? Worth the investment?
For your SME, only you can tell.
If you believe it could be, then make sure that the approach is scaled to your business, and is specific to your business.
Spin-off benefits that large corporate entities derive from investment in risk management include protection of business interests, and enhanced governance. Regulators, rating agencies and financiers derive comfort from any businesses able to identify, articulate, and manage the risks that might have a negative impact on business and revenues. For risk-managed companies, prevention is better than cure.
???????????????????????????????????????????
Audrey Weir is Chief Risk Officer with AIG MEA Limited, based in Dubai. Audrey brings to her role an in depth knowledge of risk and insurance earned over a 25 year career that spans the geographies of North America, Europe, and the Middle East. Audrey has held key risk and insurance management positions with global players such as PricewaterhouseCoopers, Fujitsu, Transport for London, and Aon. She commands an expansive career which crosses a wide array of sectors including Construction, Energy, Real Estate/Commercial Property, Financial Services/Institutions, Retail, Information Technology, and Transport. In addition to her corporate experience, Audrey spent six years as a University Lecturer, Careers Tutor, and Director of Studies in Risk Management.
Related posts:
- Risk management: Proceed with caution
- Lessons in risk management
- Lacklustre risk management
- AMAF hosts corporate risk management workshop
- Event: Credit Risk Management
Source: http://www.smeadvisor.com/2013/07/understanding-risk-management/
dallas fort worth airport texas tornados seattle seahawks new uniforms wisconsin recall wisconsin recall doris day buffalo sabres
No comments:
Post a Comment