DEPLOYING RISK MANAGEMENT IN SME MANAGEMENT

Sikiru SALAMI ACA, ACSI

ICANPROFESSIONAL YAHOOGROUP

Entrepreneurship Seminar

OPENING QUOTE:

■ And the struggling pharmaceutical SME failed

■ How a fledgling Audit Firm put its owners in BIG TROUBLE

CASE STUDIES ON RISK

MGT FAILURES

Why Small Businesses Crumble So Soon

What is it about RISK?

Risk as a cause – e.g. fire, theft, fraud

Risk as a likelihood – probability of occurrence

Risk as an object – the objects that constitute the risk, e.g., factory, aircraft, ship, young male drivers

Risk as an action – taking a risk by doing something or not doing something

Risk is a condition in which there is a possibility of an adverse deviation from a desired outcome that is expected

Risk is all pervasive of all human endeavour

SCARED OF RISK?

RISKS FACING SMALL BUSINESSES

TYPES OF RISK

Credit Risk: The risk of loss arising from loan default or unpaid account receivables

Operational Risk: The risk of loss resulting from inadequate or failed policy, processes and systems or from external events

Market Risk: The risk of loss resulting from adverse movements in the market prices, interest rate, equities, commodities, or currencies.

Liquidity Risk: The risk of loss to an entity arising from its inability to meet its obligations as they fall due.

Legal Risk: The risk of loss arising from inability to enforce a contract against a counterparty, or unfavourable legal proceedings.

Compliance Risk: The Risk of loss arising from breach of regulatory requirements

Strategic Risk, Reputational Risk etc.

TYPES OF RISK (cont’d)

Enterprise Risk Management (ERM)

ERM deals with risks and opportunities affecting value creation or preservation

ERM “is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”

Source: COSO Enterprise Risk Management– Integrated Framework. 2004. COSO.

COMPONENTS OF ERM FRAMEWORK

Benefits of ERM Implementation

Aligning risk appetite and strategy

Enhancing risk response decisions

Reducing operational surprises and losses

Improving overall risk rating

Improving deployment of capital

Complying with regulatory changes

Improving shareholder value

Facilitating long term survival

Risk Assessment Process

Identify relevant business objectives.

Identify events that could affect the achievement of

objectives.

Determine risk tolerance.

Assess inherent likelihood and impact of risks.

Evaluate the portfolio of risks and determine risk

responses.

Assess residual likelihood and impact of risks.

Risk Assessment (Cont’d)

Risks are analyzed, considering likelihood and impact, as a basis for determining how they should be managed

Risks are assessed on an inherent and a residual basis.

RISK MAP

“Risk = (Probability of event occurring) X (impact of event occurring)”

5 LOW MED HIGH EXT EXT 4 LOW MED HIGH HIGH EXT 3 LOW MED MED HIGH HIGH 2 LOW LOW MED MED MED 1 LOW LOW LOW LOW LOW

LIKELIHOOD 1 2 3 4 5 CONSEQUENCE

L x CScore 0 - 5 = LowScore 6 - 10 = MediumScore 12 - 16 = HighScore 20 - 25 = Extreme

Risk Response Actions

Accept = monitor

orAvoid = eliminate (get out of the situation)

▪ Mitigate = institute controls

▪ Share = partner with someone (e.g. insurance)

▪ Residual risk (unmitigated risk)

Business Continuity Planning (BCP)

BCP is a roadmap for continuing operations under adverse conditions such as fire incident, server crash etc.

Important documents should be duly protected with a back up facility and kept in an offsite facility.

KSF for an Effective ERM Implementation

Implementation Challenges

Concluding Quote“For firms to succeed in this increasingly global

and competitive marketplace, risk management

must become a state of mind. A systematic and

proactive enterprise-wide approach to managing

risks is essential to making risk management an

integral part of the company’s DNA”

-NURAG SAKSENA –CRO, Freddie Mac

“There are risks and costs to a programme of

action; but they are far less than the long

range risks and costs of comfortable

inaction”

-John F. Kennedy