Version française/French version: LINK
Risk and return are linked, but high risk does not guarantee significant gains, especially for young companies. Defined as the effect of uncertainty on objectives, risk is calculated based on the likelihood of an event occurring and its positive or negative consequences. A rational approach allows for the identification, analysis, and mitigation of potential risks. This analysis helps prioritize critical risks and monitor them to ensure the effective execution of your business plan.
Risk and return are linked. But high risk does not always imply consistent return, especially for young companies.
An entrepreneur from the HEC incubator considered that there was little risk in starting a business since rarely a lot of money is invested, and as Nelson Mandela’s saying goes: « I never lose. I either win or learn. »
Like business angels and venture capital funds, investors take more risks with startups and SMEs. The rules of the game are clear: accept losing everything on the condition that there is a significant probability of achieving a considerable gain.
Definition and modeling of risk
According to the International Organization for Standardization, which establishes the ISO standards, risk is defined as “the effect of uncertainty on objectives” and can be measured by the formula:
Risk = Probability x Consequences
By combining the probability of an event occurring and its positive or negative consequences, risk can also have a positive potential.
In market finance, the risk or volatility of a company’s value is measured by the dispersion of return rates in relation to the expected return. This retrospective calculation is pointless for a company that is not publicly traded “continuously.” The investor’s risk then fluctuates between a total loss and a significant gain, at the cost of low liquidity for years.
The risk management guidelines defined by ISO are as follows:
- Identification of key risk factors.
- Analysis of the causes and consequences of these risks.
- Assessment of the potential impact of each risk factor.
- Estimation of your degree of control over each risk.
- Identification of: a) actions to prevent or mitigate this risk; b) indicators to monitor it; and c) person(s) responsible for managing this task.
Business Plan and risk factors
Many risk factors can impact your business plan. These may be operational risks related to the execution of your strategy, but you may also face contingencies such as:
- Human risk.
- Commercial risk.
- Technical risk.
- Competitive risk.
- Regulatory or intellectual property risk.
- Reputational risk.
- Fraud or malicious intent.
- Climate risk.
- Economic conditions.
- Political interference.
- Health risk.
- Risk of terrorism or armed conflict.
For example, competitive risk can be described as the intensification of pressure from traditional competitors or the emergence of new entrants in your market. Its consequence will be pressure on your margins. The mitigation could be differentiating your offer along with patents and trademarks to « protect your margins. »
How to analyze your critical risks?
To begin this work of analysis and prevention, you can identify the main risks and analyze their criticality, defined as the product of the probability of an event occurring and its impact.
You can then position each risk on a matrix, as shown below, where the most critical risks are those with the highest probability of occurrence and the greatest impact. At the other end of the spectrum, unlikely and low-impact events will have a low degree of criticality.
Discussions with your partners or advisors will allow you to reach a consensus on which risks to prioritize. It is not necessary to perform a fine quantification of probability or impact because, besides the fact that it is bold to quantify some events, this could lead you to overlook important risks.
The second table, devoted to risk mitigation, also applies ISO recommendations as it allows you to:
- Describe your critical risks;
- Anticipate their impact;
- Summarize mitigation actions for each risk;
- Indicate which person will manage them.
You can then represent and optimize your risk-return profile. This is useful for monitoring the progress of your business plan or positioning companies in an investment portfolio.
The 5 criteria for analysis are as follows:
- Management/Team: This concerns the management and your team’s dynamics.
- Business Model/Strategy: This analyzes the relevance of your business model, ranging from a hypothetical business model to a robust and scalable one.
- Marketing and Sales: This criterion describes the quality of your commercial policy, for example, in terms of growing the number of customers and reducing your customer acquisition costs.
- Product/Technology: This involves evaluating your technical developments in terms of R&D and industrialization.
- Momentum/Speed of Execution: This focuses on the famous momentum so valued by investors.
The combination of these criteria gives an overall performance score to be combined with the overall risk.
Once again, discussions with your colleagues are more important than the final result, as they help identify key areas for attention and mitigation strategies.
Risk is like fat: there is good fat, and it is necessary for economic activity. Good luck, therefore, in identifying your priority areas for risk management and implementing your business plan!
