June 21, 2022 - At the heart of our free market system is that businesses take risks to earn an outsized reward.  No business is risk free. So, every business needs to be able to identify and manage potential risks on an ongoing basis. Some can be mitigated through various strategies while others are inherent and outside the business’s control. Knowing what can be managed is key. 

The finance area is often tasked with risk mitigation. But, many small to midsize companies don’t have the resources or a finance executive to oversee a regular risk review.

To get you thinking about business risk, we show various types of risks below and concepts around them.

General Business Risks

All businesses face general risk in the form of macroeconomics and market forces. These tend to fall outside the realm of being risks that can be directly mitigated or managed but leaders need to keep a pulse on them. 

Market risk

Changes within the milieu in which you operate can affect the industry. For your own company, market risks relate to your ability to get products/services to market on time, to adapt to marketplace changes, and even more fundamentally, whether there is a market for whatever your company offers. Startups that fail to do deep market research sometimes find out too late that demand just isn’t there.

Market risk can also come from failure to keep a close eye on competitors, both how they market their business and what new products or services they are introducing that could present problems (or highlight opportunities) for your own business.

Economic Risk

Business leaders must always have an eye out for macro conditions in the economy. They need to know about interest rates, the status of inflation, foreign events of concern, and how they will impact their operations. Having someone monitoring your internal financials and trends against outside conditions can help spot issues before they get too large.

Ownership Risks

Every business is owned by someone or a group of individuals or entities. And in each case, this group is risking their monetary or sweat equity investment. There is no cookie-cutter approach to how ownership should work and business owners should reflect on their situation. 

Capital Risk

This is the ultimate danger for owners and/or investors. They are putting up money with no guarantee of success. While this risk can’t be avoided, it can be addressed and decisions made on possible mitigation strategies. An owner may choose to bring in more investors to spread the risk of loss or seek other financing alternatives through debt lenders.

Complacency Risk

Sometimes companies can feel like they are in the perfect groove, but this brings its own type of risk–complacency. Business leaders should be monitoring competitors and listening to their customers or they run the risk of resting on their laurels. Looking ahead and avoiding the “lifestyle business” trap, understanding employee development, and putting succession plans in place for critical roles are important.

Company-Specific Risks

All companies face the following set of risks but these are usually company-specific in their nature and have ways of being mitigated. 

Credit Risk

Many companies extend credit to customers. If customers don’t pay as agreed, the company may incur additional costs for collection, suffer cash flow delays, or, in the worst case, have to write off that receivable. The use of credit agencies to help grant and monitor credit for customers is always a good idea. Strong collection processes and other internal monitoring are also critical.

Liquidity Risk

If cash flow isn’t sufficient to meet short-term expenses, the company may have to dip into capital reserves or convert other assets into cash to cover expenses. Cash flow problems can result from inadequate billing or accounting practices, a loss of customers, or marketplace disruptions like those caused by today’s supply chain inconsistencies. Having a backup plan such as a line of credit with a bank can help. Regular reviews of cash flow predictions well out into the future is also a best practice.

Operational Risk

Many things can disrupt the flow of business operations. Operational risks include those associated with people, processes, systems, legal and compliance issues, and external events such as a natural disaster. These risks can present in the form of hiring or workforce management difficulties, mistakes or fraudulent activities, failure to meet regulatory requirements, lawsuits, or breakdowns in production or technology systems.

Companies risk fines or other sanctions if they are not compliant with agencies like the Occupational Safety and Health Administration (OSHA) or the Environmental Protection Agency (EPA).

You can’t control all of these risks, but in order to maintain business continuity, you must plan ahead. Some risks are insurable while others require backup plans like those found in business continuity plans. Understanding how to mobilize third parties to help is also important.

Security and Fraud Risk

Data breaches, identity theft, and other technology crimes are a greater risk to businesses today than ever before. The IT department needs to work closely with its accounting team to ensure adequate investments in security are being made. 

Loss of Assets Risk

Exposure from loss of assets covers a wide range of common risks such as property damage to your facility, losses due to theft, data breaches, other cyber-crimes, and leadership errors and omissions. And businesses also face potential risk from legal issues such as intellectual property theft or customer disputes. Insurance can cover many of these risks but installing strong policies and procedures can help the business avoid the loss altogether or at least minimize the damages.

You Can Hire a Fractional CFO to Identify and Mitigate Risk

Hiring a fractional CFO or controller can be a strategically smart risk management investment. A fractional CFO can help identify and discuss mitigation for all types of risks by working with your leadership to assess your company’s current status, identify specific areas of concern, and advise on policies and practices you can implement to reduce risk.