Business risk


Business risk in Balkans – a reminder for managers


Risk is part of every day’s life, especially for those who run a business in Balkan. Besides usual and well known business risk categories Serbia’s enterprises experience illegal competition from grey economy, cheap imports, corruption and not very business-friendly legislation what makes surviving even more difficult. Some risks can only make small harm on business and could be controlled easily, but others may endanger its very existence.

Past decades brought significant increase in complexity and level of business risk which was due to higher business dynamics (IT advancements and frequency of making business decisions) and globalisation (interdependence of firms and markets). Indeed, in today’s “speedy world”, a company can expect sudden changes in its business environment any time. This is why a “plan B” must be on the table before a risk strikes, otherwise a company may find itself losing competitiveness, market share or even worse.

Managing strategy in many ways comes close to managing risk. Therefore, the process must start with analysis of current business situation and environment in order to carefully judge what would be the quantity and intensity of acceptable risk. A company should choose only those activities, projects and ventures that could be successfully controlled with available resources.

In order to recognise various business risks one must first learn where and what to look for. Some of them may be known to you from before but others hide in bushes or simply sit hardly detectable in the middle of the road. Keep in mind that risk is not a privilege of big firms as it predominantly feeds on your activity and environment, not size.

I operate in Balkan where most of local companies can be classified as SMEs according to the EU standard (up to 250 employees and/or annual turnover under €50m). Unfortunately many business owners and managers believe that probability and impactability of risk come down with a size of enterprise. As a result, they rarely approach business risk in a structured manner – meaning no formal analyses or dedicated meetings are practiced. “Fire-fighting” prevails over prevention.

Let me remind you of some of the most common risk categories. I will start with a financial risk which is the most usual cause of SME bankruptcies. It includes lack of current funds to pay budget items, taxes and creditors which is usually caused by company’s inability to collect money from its debtors. For example, in Serbia one can expect to receive funds from debtors in 4-6 months on average, however in some cases it goes up to a year. Otherwise, a company can go to court with uncertain outcome. Collapse of one company or its systematic delay of payment to creditors may pull many members of the same supply chain into trouble. Unfortunately there is little difference in behaviour between private and state owned enterprises. It is therefore up to a creditor to provide enough working capital! Everybody complain about it, but little changes. Keep in mind that financial risk affects all companies thus must be treated properly. Only those with daily focus on cash flow from the very top may survive.

If you deal with foreign partners don’t forget about currency risk as sometimes well planned and executed sale can turn into unplanned loss.

Next to a financial stands commercial risk or inability of an enterprise to sell enough goods or services at a price that at least covers all costs. This category includes successful market placement of goods and services and depends on overall competitiveness (both product and market placement ability of a company), supply and demand. A recession or market stagnation may reduce demand and cut margins; or customers’ interest may change due to sudden innovation; or your brand suffers as a result of a new dominant competitor. In Serbia, additional risks come from the “grey economy” competitors who don’t pay duties, taxes and/or VAT as well as cheap imports, especially of those goods that have been subsidised at the source country. Don’t expect any help from the state, apart from fighting the grey economy with doubtful success.

Another aspect of commercial risk is loss of reputation. It can happen as a result of something that a company does, or loss of its critical product attribute or wrong doing of its employee or any other connected person. Imagine if your company appeared in the news in negative context. Would key customers, suppliers, even employees stay with you? What would be the impact on future revenues?

Supply chain interruption includes incidents with individual suppliers as well as potential collapse of a major input source market. It manifests itself as inability of suppliers to meet your demand in quantity and/or quality of supplies on a short or long term what could, at worse, force you to cease operations. How vulnerable are you?

Operating risk relates to a potential malfunction of any resource which is essential for running critical operating activities and could therefore result in production arrest and interruption of product and service delivery to customers. It covers everything from people to machinery and buildings. As for most companies people being the key operating resource, their culture, organisational structure and interpersonal relationships have major impact on this risk. It usually manifests in productivity, quality, delivery and service support failures.

For those industries which are predominantly functioning via projects (e.g. construction) the most common is project risk. However it doesn’t mean that this risk couldn’t be found in other industries. It includes risks to plant, equipment or technology, loss of key personnel, interruption in project finance, poor planning and/or project management and manifests in delays and budget overruns. Pay special attention to new projects as all planning stage inefficiencies usually turn into real problems soon.

As soon as you start setting up a business you will come under safety and security risks. Safety doesn’t affect only employees but all other people on your sites and beyond (e.g. those in the neighbourhood who might be affected by your activity) and expands even to users of your products and services. Security risk covers premises, workplace, people, equipment, information, intellectual property and technology.

Owning and operating of specific technology can be critical for your business model what takes us to technology risk. It covers search for innovation, implementation, exploration, maintenance and upgrades.

As the importance of creating, processing and using information becomes critical for business, we must recognise information system risk. It includes technology (software and hardware), data, operators (programmers, maintenance and support staff) and users. Malfunctioning of a part or complete information system could block a whole business. Imagine if you run a factory and its controlling software collapses or try a week of selling without accounting software. It could also cause your non-compliance with certain rules and standards. Another story is about losing critical information that could be a source of your competitive advantage or customer data being hacked. What would it mean for your reputation and brand?

Let me close this list with compliance risk. It relates to current laws, regulation, standards, procedures and contractual obligations and occurs as a result of weak organisational structure, failure of employees to adhere to internal procedures or simply any other human factor. In such a situation one may encounter a corrupted official, especially in this region. Or an apparatchik might ask for a ‘favour’ to speed up your case through the bureaucratic system. Even though it appears as pragmatic choice momentarily, it actually grabs you into a long-term sick and very costly relationship, apart from business ethics.

Each of the above risks, if materialise, can break your well planned budget if not recognised and mitigated in time. Besides avoiding and/or reducing impact of unfavourable events on business and protecting people, assets, revenue and profit, subscribing to risk management practice enables your organisation to better understand the benefit and value of implementing formal business procedures. Organised risk management increases confidence of employees in the safety and security of their workplace as well as customers’ confidence in the quality and integrity of your products and services.

At the end I suggest that you answer following questions in order to briefly assess your current situation.

  1. Do you have a formal process of monitoring changes in business environment and evaluating their impact?
  2. Do you have a formal process for identification, evaluation and mitigation of risk?
  3. Is risk management integral part of your operations and projects?
  4. Have you established a formal procedure for each major business process?
  5. Do you periodically assess employees’ compliance with established business procedures?
  6. Do you believe that your business is too risky?

After reading my reminder (the list of risks is not exhausted) I sincerely hope that your enterprise, irrespective of its size, adopt and implement principles of systematic and organised risk management as soon as possible (if not done already).


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: