Proactive vs. Reactive Risk Management

Today, most companies, especially small and medium sized businesses perform reactive risk management. That is, when a key customer or vendor fails, it is an “all hands on deck” emergency to replace the revenue or key part of the supply chain.

This is due, in large part, to two main causes. First, the death of a business is usually a drawn out process which takes weeks to months. Second, the tools available for businesses to manage their risk are based on accounting principals which, by design are backwards looking. To practice proactive risk management, businesses need a tool which will enable them to be future focused.

For the purposes of this post, when we refer to risk, we mean the probability of a financial loss due to the failure of a customer, vendor or partner and not a catastrophic loss due to force majeure, project execution etc. which are also common point of discussion related to business risk. These types of risk are impossible to foresee and make insurance companies a lot of revenue.

“When beggars die there are no comets seen” (Julius Caesar (II, ii, 30-31))

Business failure is a process, not an event. The bigger the business, the longer the process. For instance, it was two years from groundbreaking to bankruptcy for Solyndra. In that interim period of time there was a lot of positive news: $500M government loan, rising sales, and even an IPO filing. But, I bet, if you were in Solyndra’s ecosystem of customers, vendors and partners, there were a lot of clues. If these clues were communicated in a way that was transparent, a lot of the damage in Solyndra’s wake could have been minimized.

“I’m digging in the dirt, To find the places I got hurt, Open up the places I got hurt.” (Peter Gabriel, Digging in the Dirt)

Accountants are sort of archaeologists. In fact, the four primary financial statements are all rear view mirror tools. Accountants dig through all of the financial transactions in a given period of time (in the past) and provide a window into a company’s financial fitness through the balance sheet, income statement, cash flow statement and statement of changes in equity. All of these tools analyze past events and have little if any future predictive value. Most small and medium businesses don’t freely share accurate financial statements and the business world is littered with examples of companies with stellar financial statements failing or behaving badly. Therefore, credit tools and risk tools which utilize or depend upon data from these financial statements are close to useless.

“You can never plan the future by the past.” (Edmund Burke)

From a risk management perspective, it’s hard to be proactive when you’re looking in the rear view mirror. As we discussed before, all of these decisions are basically trust evaluations. Imagine if all of Solyndra’s customers, vendors and partners had the ability to rate Solyndra’s performance and share the data either publicly or privately? Could they have eliminated or minimized their losses?

Crowdsourced business ratings can provide a meaningful tool for evaluating a company’s future performance. Especially when participation is maximized and data comes from the various aspects of the business (not just payment history) including a company’s performance as a partner and service provider. A bad rating from a vendor may not cause you to pull a company’s credit line, but it may prompt a conversation or cause you to modify payment terms. A yellow flag in the future is always better than a red flag in the past.