The SME guide to dealing with risk

In 2010, at 5am on Friday, April 1, the police knocked on my door. They asked me to step outside and look at a big black cloud in the distance. The cloud hung above my warehouse which had caught fire and was burning to the ground.

Rewinding the tape, in designing our business, myself and my senior colleagues had identified and accepted a number of risks specific to our production processes – the turning of nappy and paper sludge byproducts into industrial absorbents. These included inhalation risks for operators and fire risk. The fire which destroyed my warehouse wasn’t a black swan – a totally unexpected event. We had correctly identified a potential risk.

Taking risk seriously

Having been brought up near Hebden Bridge, I was acutely aware of the devastating consequences, in asbestosis, working in a fibre-laden atmosphere could bring. When setting up the factory, my colleagues and I ran a risk assessment with the help of some Spanish experts who deemed nappy and paper fibre as safe and intrinsically different to asbestos. Nevertheless, we designed the process to operate under a vacuum in order to reduce dust emissions and insisted on operators wearing (unpopular) breathing masks.

We didn’t stop there. Drying our products at 800 degrees Celsius obviously created a fire danger and we installed sprinkler systems, operator  procedures and training and an ingenious fitter built the process control system that allowed us to produce closely specified absorbents from variable raw materials with automatic cut off.

Despite all this, the fire still happened. Nobody was injured, but the warehouse was destroyed. The insurance company paid out, but it was a close shave!

After due consideration, my colleagues and I decided to outsource production. Yes, this meant reducing control and some profitability, but the risk reduction it offered was substantial. We sold the process equipment and the driers and contracted the purchasers to manufacture to our specifications.

Five years later, the company to whom we sold the driers experienced a dust explosion and fire which killed four people.(1) 

The aftermath of the blast in the village of Bosley (Chris Neil/Sunday Telegraph/PA)

It was not the driers we sold to them which caused their fire but drying cellulose fibre is a risky activity and the consequences, if you did not adequately deal with the risk, can be severe. 

Risk can be avoided. But if you do that, then then very little happens. On the other hand, if you accept risk, you need to run a rigorous exercise in evaluating the alternatives and in risk assessment and mitigation.

Ways of risk mitigation in SMEs

  1. Outsourcing
    If you’re in a position to effect it, outsourcing may reduce control and profitability but it can substantially reduce risk. In some industries SMEs can be the victims of outsourcing. For example, as a subcontractor in the construction industry you either plan for the boom and bust cycles or you don’t survive. The average life of a subcontractor in the UK construction industry is nine years.

  2. Diversification
    In the SME Stories interview posted with Jan Cernik last week, he described how when he got let down by the administrators of his bank when it went bust, he spread his risk between three banks – albeit at the price of increased administration and higher borrowing rates. Similarly with sales or suppliers. It is conventional wisdom that concentration of your sales beyond 30% of total sales with any single customer is risky.

    But the temptations to concentrate on your biggest customer or to increasingly source from the most competitive supplier are probably also the most common sources of exposure to risk. Contracts with powerful customers or suppliers to protect against abuse of dependency are often difficult for an SME to enforce.
  3. Insurance
    Most companies insure their assets and maybe their key men. Insurance against loss of profits provides some protection. But the value of each should be rigorously assessed. When a serious claim is to be made, employment of your own loss adjustor to negotiate with the insurance company’s loss adjustor pays dividends.

  4. Back-ups
    Systematic back-ups are common risk reduction measures in IT systems. Can back-ups be organised in any other part of your business e.g. training of replacement back-ups for critical staff absence?

  5. Risk Assessment
    Risk assessment should be carried out on identified risky operations and risk management reports should be an obligatory part of every operational or board meeting. Review of decisions, designs and implementation by outside experts could be used.

  6. Training
    Staff, contractors and suppliers should be trained in risk avoidance and risk response should be incorporated into staff performance assessments.

1) Press Association 2019

Leave a Reply