As small-to-midsize business (SMB) leaders, we’re constantly evaluating the nuanced trade-offs between accepting risk and removing risk from our organizations’ operations. Shrewd SMB leaders can accurately identify and measure the risks their businesses face and develop strategies to mitigate them. These actions are alive in all businesses, but the stakes are often higher in SMBs because miscalculations can be more impactful due to the smaller scale of the business. As a result, it’s critical for SMB leaders and executives to understand and avoid common pitfalls associated with risk management. Below, we’ve highlighted five common mistakes SMB executives make which must be taken into account for risk management strategies to be successful.
5 Common Risk Management Mistakes SMB Executives Make
1. We Try to Prevent Events Rather Than Consequences
It’s human nature to try to predict the one or two events that could come become reality and cause significant damage to a business. The issue here is that events of this nature rarely occur. Even a when considering a risk that has a high probability of occurring, it’s nearly impossible to predict when it will occur.
To help avoid the trap of trying to predict risk events, evaluate the potential consequences of risk events, from common to rare. By laying out and rating potential outcomes you’ll likely find that consequences tend to be common across many risk events, but they just vary in magnitude, making it more cost effective to focus on mitigating the consequences instead of the events themselves.
2. We Use the Past to Predict the Future
Many SMB leaders look to the past to understand what risks their organizations might face in the future. At face value this makes sense because with any failure in business you want to understand what happened to safeguard against it. A root cause analysis can lead to operational improvement when specific risk events occur internally in your organization; however, many SMB leaders try to perform a deep dive on external risk events in order to develop risk mitigation strategies.
This can create serious strategy miscalculations because it’s impossible to understand everything that led to a specific external event with hopes of preventing it in the future. Instead SMB executives must focus on developing strategies that counteract impacts from risk events using tools and information that are readily available, rather than using past risk events to predict the future or design their risk mitigation strategies.
3. We Think About What We Should Do Instead of What We Shouldn’t
In the business world, actions are celebrated more than inaction. Mainly because the results of inaction is hard to measure and verify – e.g., it’s hard to write a book about something that didn’t happen because a company didn’t do something. On the other hand, actions create excitement and validation of thought, which can lead SMB executives to focus solely on what should be done to reduce risk, not what should be avoided to reduce it.
Choosing not to do something is often a more powerful risk management strategy because you can reduce risk without introducing new ones. Consider a company that’s evaluating a launch of a new product in an emerging market. Entering could significantly increase the company’s operational and financial risk exposure; however, waiting and letting your competitors enter the market first will significantly reduce your own market entry risk. As an SMB leader you must always consider what you shouldn’t do just as much as what you should.
4. We Don’t Recognize That Psychological Risk Doesn’t Align With Mathematical Risk
Understanding the mathematical value of risk is a powerful tool because it allows SMB leaders to calculate, visualize and weigh risks their businesses face. Calculated risk values can be used to tell a story to drive strategic conversations, convince stakeholders, and build a risk management plan. Using risk mathematics to describe risk is an important and necessary heuristic in risk management; however, it’s important to recognize that psychological risk almost never aligns with mathematical risk, and using mathematics alone can lead to additional risk exposure.
Consider two different risk scenarios that have an equal probability of occurring and impact to the business. Next consider that the first scenario carries much more benefit to your business than the second. Each risk scenario will be viewed differently depending on the psychological risk tolerance of each stakeholder.
5. We Believe Operational Efficiency Doesn’t Allow for Redundancy
All successful SMBs make operational efficiency (OE) a primary focus in their overall business strategies. After all, OE is a critical variable in maintaining your edge against the competition, though there’s always a point where the risks created from driving OE outweigh the marginal benefit of increased OE. Increasing OE is often described as the reduction of waste in an operational system. Waste could be overly robust inventory levels, or cumbersome or redundant processes. An SMB that’s solely focused on reducing these “wastes” to zero could unknowingly increase their risk exposure.
Consider a vital process that’s tied heavily to revenue generation. Traditionally all the operational processes and input variables are carefully reviewed and optimized to ensure no waste is present to minimize costs and increase profit margin. By focusing on removing all waste or redundancy, it can create a process that offers little protection to variability generated by even the most basic risk event. The takeaway here is that, in many cases, redundancy that protects against risk exposure is not waste even though it may be viewed that way in the traditional sense. The impacts of removing redundancies must be carefully considered in any SMB risk management strategy.