Stephen Sumption Consulting

All businesses have an element of Risk attached to them, but Risk needs to be identified, recognised and managed in a way that is commercially viable and protects the business against serious damage to its chances of survival.

Identification and recognition of Risk are the first two steps and frequently occur in tandem.

Identification is clearly the starting point as an unidentified risk cannot be managed.  Identification also involves categorising Risk; the first three categories should be:

  • Risk about which nothing can be done and which are simply a part of life and business.  In most cases there may be something that could be done but it may not be either practical or economically viable to do so.  As a result many risks that appear to come into this category could arguably be considered to come into the next one.  In addition while action may be taken to mitigate a Risk it cannot be eliminated entirely.
  • Risk about which you choose to do nothing.  These are the risks which are inherent in the business that you run and are reflected in the returns of the business, or are risks where it is not considered necessary to do anything more than recognise their existence.
  • Risks that you decide you can and will do something about, either by mitigating the effects or frequency, or by transferring the risk to another.

Until this basic level of analysis has been carried out the business cannot start to recognise and deal with the risks it may be running.

Risk Reviews can be conducted, either before or after a claim.  These are intended to identify the root causes of a claim or potential claim, which can usually be found in the culture of the firm, the management or a combination of both.  The reviews are based on interviews, and because the purpose is to identify problem areas and explore suitable resolutions it is essential that those interviewed feel able to discuss concerns without inhibition.  It is for this reason that all interviews are carried out under “Chatham House Rules”.  We expect to be instructed by the Board rather than an individual.  In this way we work for the firm and not a faction of it, but a member of the board will need to be the principal point of contact.

The sort of issues and concerns that these interviews identify include:

  • The “bullying” senior manager who is forcing his staff to take short-cuts which increase the risk of negligence.
  • The business which has instituted a series of staff reductions and consequent amalgamation of roles to the extent that many of the safeguards and checks are now carried out by the same person.  This significantly increases the risk of fraud.
  • The decision to move into trading in a new currency or jurisdiction, without an appreciation of the change in the nature of the risk.  This may be of particular relevance to insurance where a claim could be jeopardised by an allegation of non-disclosure if insurers are not kept suitably informed.

If this rings true and you need an independent opinion, please give us a call.

Recent Case Studies