A Wider View On Risk.

Introduction.

Risk has frequently been perceived by companies to be those types of losses which are easily visible to the proverbial “naked eye”. Many are not and often do not enter a company’s thought process until such time as it suffers a loss as a result of such a style of occurrence. The reason for this is that losses from these sources are both rare and intangible. They are nevertheless important and can have a profound effect on a company’s future well-being. The style of risks involved often produce no discernible cost impact to the business, though can adversely affect a company’s long-term future. They are also largely uninsurable, though nevertheless controllable. Martin Fessey of F M Global, a leading global insurer, has been quoted as saying,” Companies should be looking to identify the unthinkable event”

The categories of risk.

There are numerous categories of ‘hidden risk’ and the commentary beneath follows a review of some of the most important types which can affect a business. The commentary encapsulates key areas of concern and internal policies a company might implement to avoid or mitigate the worst effects of them.

A)Loss of reputation

An obvious example of this style of risk is poor design or manufacture of products. Companies such as British Leyland in the 70's suffered a catastrophic problem, due to the reliability of their vehicles. The end result was a marked loss of market share and ultimate failure of the company. Often companies fail to ensure that their products are 'road tested' before being launched. A solution to this issue is to have a mandatory regime of extensive trials before a product is launched. The alternative is to select either some of the existing client base or one particular territory as a test bed, prior to formal launch of the product.

The other fashion in which this style of risk can operate is when one part of the organisation acts outside accepted practice. This was the case with Arthur Anderson and the Enron scandal, which brought about the demise of the company. The solution to such a style of problem is to create a corporate structure whereby there are regular detailed reviews carried out at the core operating level of a company.

B) Risk of devolved responsibility

This can affect companies through the reckless behaviour of either individuals or groups of people within company structures. This was the case with Barings bank and the Leeson debacle. Lack of central management control allowed a rogue trader to bring about the bank's failure. The resolution to such an issue, is to have clear and enforced operating guidelines built in to the company structure and to ensure that they are steadfastly adhered to at all times.

C) Risk of market changes

Companies often fail to look far enough into the future as regards strategy, in order to secure the long term existence and in turn growth of the organisation. One example of this risk failure, occurred in the British motor cycle industry, which failed to bring in new technical advances to their product range. The end result was that British companies such as Triumph, lost their battle for survival against better quality Japanese products. The solution to this style of failure is through market research and programmed product development.

D) Loss of key personnel

Some companies such as Laura Ashley relied crucially on the pioneering activities of one individual. Upon the death of the company founder, the stores group suffered from a less than adequate product range and thereafter failed in its battle to remain a dominant force on the high street. The group had never foreseen a time when it would be without its founder. Though one has to say that it is difficult to replace such a retail icon, the group never went on the search for a replacement. The key to continued success for such a company is to appreciate that it relies almost solely on one individual and to employ sufficient resource such as a team of head-hunters, to find a suitable replacement and thereafter groom the new incumbent before the departure of the existing personnel.

E) Changes in government legislation and tax regime

Companies must be aware of planned future legislation and changes to tax regimes, which might act against their better interests. The obvious example of this are changes to corporation tax which have occurred most recently. Several large corporate concerns have already re-domiciled to so called “tax havens”. One must ask the question, as to whether it would not prove economic for large oil companies to re-domicile themselves, in light of past and presumed future windfall taxes. The financial services industry has suffered large additional costs due to the creation of the F.C.A. The latter was a body created to oversee the financial services industry, though arguably, it will never achieve its aim of eradicating fraud as individuals will always find ways around rules and regulations. Some companies such as Merrill Lynch found a solution to this issue, by assigning all of their operational losses to the U.K., in order to avoid corporation tax for a considerable period of time. This was done as an attempt to make substantive savings relative to their operational cost structure.

F) Changes in investor perception

Most companies rely heavily on their existence and continued survival on the flow of funds from investors. Should the investors pull the proverbial ‘plug’, then the company’s future viability is at risk. This has been the case with business class only airlines, whose backers have declined to offer further ongoing funds, which has resulted in the companies being forced into bankruptcy. An astute company foresees various future trading probabilities and acts to ensure that it has investor backing to see it through difficult times. One has to accept that during recessions or depressions, it may prove extremely difficult to secure continued funding for operations, though nonetheless, measures can be taken in an attempt to avoid the worst aspects of this risk. The aim would be to secure funding on a long-term basis, which provides the company with an effective overdraft facility.

G) Changed in economic environment

Often companies fail to foresee future economic trends and as a result fail. Estate agents have in the past been particularly subject to economic cycles. Down turns in economic cycles have brought about a number of casualties. Such companies must ensure that they create sufficient capital resource in the good times to ride out the bad, or conversely, ensure that they can easily reduce their fixed cost base. The easiest option is to reduce labour costs, though cutting staff may well have an adverse effect on staff morale. The alternative solution is to restrain growth in economic boom times, in order to avoid contraction in downturns.

H) Disappearance of key raw materials

Many companies fail to see a time when key raw materials instrumental to their continued survival, cease to be in easy supply. Arguably, the oil industry has traditionally relied too heavily on existing reserves and is failing to reinvest profit in seeking new and alternative forms of power. Should this continue to be the case, the companies concerned will fail in the longer term.

I) Climatic change

This subject has been a main talking point of recent times and will no doubt become an increasingly important factor to which companies must react, in order to ensure their continued survival. The airline industry is already subject to a substantive governmental debate concerning the issue. Though it may not be easy for the sector to take action to avoid the problem altogether, the warning signs are clearly present and accordingly they must show public authorities and to some extent the public a like, that they are taking this issue seriously. The alternative is a long-term increase in governmental regulation and taxation and decline in passenger numbers.

J) Discrimination

With governments playing an ever increasingly dominant role in this arena, companies have to become more aware of their responsibilities. Even minor incidents such as comments made by company’s employees can lead to actions being brought against them which in turn can lead to fines. The company's responsibility in this field must be to take disciplinary action against any individual found to be responsible of such infringements and also engender a culture whereby staff / directors are constantly aware of their respective responsibilities. The most obvious form of discrimination is that of racial abuse.

K) Compliance

With the creation of such bodies as the F.C.A. in the U.K., the rules and regulations to which companies are subject, have become increasingly onerous. Many companies have specifically employed individuals to ensure that they comply with the regulations as in force. Failure to comply can mean fines and in the worst cases, forced closure of the company. Many companies argue against such draconian measures, though it appears likely that the future will hold more not less regulations. With this in mind, those companies without any such resource will need to create structures or employ external expertise which will enable them to comply with the compliance regime and future regulatory changes.

L) Contingency planning

This is an area of increasing importance to companies, particularly as supply lines are becoming ever shorter and inventory levels are kept at minimal levels. Given circumstances whereby there is damage to part of an assembly line, the absence of a key component can bring production to a complete standstill. Whilst business interruption can be insured against, failure to provide retailers with an uninterrupted supply of a product particularly when new, can bring about a loss of reputation which in turn may cause the company long-term loss of credibility with its’ client base. In such circumstances, it may be possible to solve problems by either having an external source of key components available should the primary source dry up, or to have the ability to replace key plant and equipment at very short notice.

A further potential problem could exist whereby key components which are externally sourced, cease to be available. This could for example, be as a result of a loss at the suppliers’ premises, war or a strike by the latter's employees. These styles of problems can often be resolved by ensuring that the respective company has more than one supplier for key elements of its production process.

M) Corporate responsibility

This factor is increasingly important, bearing in mind the ever more widespread dissemination of information. One key area of concern which has arisen recently is the usage of child labour in the production of clothing destined for the U.K. market. Another is the fact that many commercial drivers frequently exceed the hours allowed by regulations laid down by government. Sometimes taco graphs have been intentionally disconnected, in order that drivers are not shown to exceed their permitted hours. A key sign of the increasing importance which the U.K. Government has attached to this has been evidenced by the corporate manslaughter legislation.

Stress related injuries are becoming ever more commonplace in the work environment and increasingly being publicised by the media. This becomes worse in economic down-turns when companies lay off or make staff redundant. It has an adverse effect on the remaining staff, increasing their workload and increasing the number of stress related injuries. Management needs to keep in touch with its workforce and avoid over burdening them.

Companies need to adapt their structures, in order to provide specific management responsibility for general corporate policy, which would act to minimise or eradicate problems from occurring. Failure to do so can only result in companies becoming ever more engrossed in defending actions brought against them, resulting in valuable management time being unnecessarily squandered.

N) Money laundering

With increasing awareness of this issue, legislative regimes have become ever tighter. Often, companies can become subject to money laundering without even being aware of it. The answer must be for companies to audit their financial regimes on a regular and transparent basis, so that irregularities can be brought to the attention of the senior management/regulatory authorities and resolved.

O) Financial risk

Though it sounds easy in principle to protect a company's asset base from a decline in the value of its investments or to prevent it from depositing its funds in a failing bank, in reality it is far more difficult. Often the facts only become known, after capital assets have been irretrievably lost. Any company wishing to protect itself against such problems must use due diligence in order to ensure that invested or deposited assets are only kept with companies and banks which have high credit ratings. Further still, companies must keep these companies credit ratings, under regular review.

P) Infiltration into companies IT and back-up systems

With an increasing number of companies reliant on I.T. systems to run the core activities of their businesses, failure can have a catastrophic consequence on the company's profitability and continued existence. It is currently estimated that 34% of U.K. companies are totally reliant on their I.T. systems. After 9/11, various companies including the largest insurance brokers, came to realise that their reliance on a single site computer information storage system made them particularly vulnerable, should it suffer catastrophic failure or worse still, be destroyed in its entirety. As a result, various companies have created back-up centres, from where their I.T. systems can be driven, should the main systems fail. Many companies though, still operate without any proper back-up systems. To employ modern day terminology, 'resilience' needs to be built into a company's systems. Other than having offsite back up centres, operating systems need to be so assembled, that sufficient hardware exists for the immediate replacement of an item, should it fail.

The other issue, which is increasingly important, is the ability of hackers to enter companies I.T. systems and either remove or alter data or implant viruses. The most famous case in this regard was the U.K. citizen who managed to penetrate the Pentagon's internal systems and access confidential files. Consequent to a hack into its’ systems, EasyJet faced claims totalling circa £18bn. P.W.C. have estimated the annual cost to U.K. companies to be £10 billion per annum in 2009 compared to £5 billion the year before. The survey found that 92% of companies had been subject to hackers trying to access their computer systems. The cost of these incidents varied between £280K and £690K per incident. P.W.C.’s survey found a worsening trend. Though companies may not be able to prevent misuse of their systems, they can nevertheless ensure that they are protected by the most recent firewall systems and separate their systems into subdivisions, each with its’ owns access point. By segregating sections of the I.T. system, such action makes it much more difficult for a hacker to penetrate the company's entire computer network.

Some companies have tried to avoid the problem by transferring to a “cloud” base system, whereby a third party is responsible for administering a company’s software operating platforms. Though the latter may seem to be an attractive alternative, there is still the possibility that someone may try and access the host’s software systems. This has recently occurred with Google, where Chinese hackers penetrated their systems. It is also perfectly possible that the authorities could close down a cloud-based storage system, should they believe there to be a crime committed.

Though it may not be possible to create a fail-safe system, there are certainly measures which a company can undertake, in order to minimise this risk. Failure to fully understand this risk would not only result in a loss of turnover, though also incur the company concerned substantive reputational damage.

Q) Risk of mergers and acquisitions

Companies are frequently subject to either takeover bids or are involved in mergers with other companies. Carrying out 'due diligence' exercises on target companies is critical to the success of any such deal. Often in the rush to secure ‘the deal’, due diligence exercises are kept to the bare minimum, in order to speed up the process. Though this may well ensure the completion of the process, it also brings with it inherent risks. Given such a situation, potential pitfalls can be overlooked. In the merger of Lloyds TSB with HBOS, there was such a rush to conclude the deal, that major toxic debt belonging to HBOS was overlooked.

It important for any company involved in either merging or acquiring another company, to properly balance time frames involved in such processes, allowing enough time and resources being made available, to properly audit the target company's accounting records. Whilst a due diligence exercise may be a "one off", it is nevertheless crucial that the initiator company ends up with the right result. It is imperative that a key individual such a board director be given ultimate responsibility for ensuring that the due diligence exercise is carried out thoroughly and finalised in a suitable time frame. Though one has to accept that such an exercise will never reveal every hidden problem within the target company, the process should nevertheless be capable of ensuring that major potential problems or potential issues are identified. Though the costs involved in such a process can often be seen to be extremely high, the benefits substantially outweigh them.

R) Bribery

With legislation within the U.K. having been enacted in recent times, this issue is becoming ever more important. Beyond the pure risk of money being transferred in order to secure contracts as has been the case with BAE systems, the net has now been widened to include corporate entertaining and the like. Companies must be ever more aware of their responsibilities in this field. A miss placed step can all too easily badly tarnish a company’s record or end it with a regulatory fine and a court case.

S) Supplier ethics

As proven with Primark, people are becoming increasingly aware of companies sourcing their stock from suppliers who have poor employment conditions. The media especially, has highlighted this issue as a concern. Should companies not check their suppliers properly and be found to be sourcing supplies from “sweatshops”, the end result may be that customers will be disinclined to make future purchases from the company concerned. In Primark’s case, the company initiated an auditing process for all of its suppliers, in order to avoid the problem becoming a substantive issue.

T) Ageism

With changes in legislation as regards the age of retirement, employees are able to choose at which age to retire, though subject to the capability to being able to satisfy the requirements of the employment in question. This produces a situation where companies have to carefully review the personal circumstances of each employee, prior to enforcing retirement on them.

U) Diversification

The majority of companies operate on the basis of one or two key product ranges. Whilst in many cases it may be implausible for smaller companies to expand their product ranges, by so doing, it limits the possibility that should the sales of one particular product range fall or worse still fail altogether, that the company falters or even ceases trading. The more diversified a company’s operations become, the greater the possibility that it can ride out a storm in one of its’ key market sectors.

Conclusion.

Whilst risks of physical damage and ensuing interruption to a business can be protected by the purchase of insurance, the risks to which are reviewed within this commentary are largely uninsurable. This makes it all the more important for a company to give these styles of risk, ‘special attention’. Many companies have no structures in place to either identify these risks within their respective businesses, or worse still to try to mitigate or even eradicate them. Whilst insurable risks can be easily visible and identified the said risks are hidden away. The frequency to which these risks might ‘attack’ a company is limited, though this should nevertheless not reduce their importance.

Whilst an insurable risk may be ‘survivable’, the said types of risk may result in the termination of a company’s existence. In light of the fact that these issues are becoming ever more important, companies must devote an increasing level of resource to protect themselves. Whilst the global business model is being driven ever more towards a ‘big business’ scenario whereby companies consider that they can ride out storms due to their respective size, the latter fact in many ways acts to compound the effect. This has for example, been proved by product recalls by some of the largest vehicle manufacturers.

To eradicate these risks, specific responsibility needs to be given to a member of the company’s board. The individual must have sufficient resource available to them, to allow the company to properly protect itself against these risks. There also needs to be a structure in place whereby there are adequate reporting procedures through the company’s structure, in order that incidents are brought to the company’s board in a timely manner. It might well be best practice for the company concerned to create a committee drawn from various levels within the company’s structure, which would meet on a regular basis and review issues of concern and assist in identifying potential future problems. By direct reporting to a company’s board, this would allow any recommendations to be acted upon more swiftly than would otherwise be the case and ensure that such recommendations are not watered down between committee and board level.

After reading about what we can do for you, are you ready to get started? Do you have any questions?

Contact Us