THE RISK IN NOT UNDERSTANDING RISK

 

How To Understand, Manage And Avoid Reckless Risk

 

            Risk. It’s amazing that so simple a four-letter word can be so complicated. There are risks with dire consequences and risks with negligible consequences. There is risk in every human enterprise; in every trade or endeavor. We take risks, in varying degrees (and sometimes unwittingly) every day or our lives. There is even risk inherent in getting out of bed in the morning. But what – on any level – does risk really mean? Can risk be tamed?

 

            The great Oxford Unabridged Dictionary virtually dismisses risk with a simple definition – To hazard; to endanger; to expose to the chance of injury of loss.

 

            But to better understand and manage any kind of risk requires a more precise understanding of it – in fact, a better definition is needed. The value of consciously understanding the nature of risk, particularly the risk of dire consequences, is that understanding delivers the greater promise of the wiser choice.

 

Risk, I believe, is pursuing a course of action the outcome of which depends for success on factors over which we have no control.

 

Degrees of Risk

 

            Obviously there are different degrees of risk, depending upon how great the opportunity to profit if you succeed, how dangerous if the risk you take portends the possibility of failure, how much is at stake if you fail. One classic misconception of risk suggests that the greater the risk, the greater the return. Not universally so. (For example, sometimes risk is necessary to minimize loss.) Sometimes, the kinds and degrees of risk overlap. And sometimes, the greatest risk of all is doing nothing, which is as much a decision as doing something. Choosing to not act is merely the obverse side of doing something, and should be considered in the same way as you would a risk in taking an action.

 

            Is that all there is to it? Of course not. It’s much more complicated than that, and the meaning is colored by context. When you buy a lottery ticket, you’re risking only a couple of bucks on the slender chance that you’ll make thousands of dollars. Not a risk worthy of the name (unless you’re playing with your rent money). When you risk a career – or maybe an entire firm – on the chance that an innovative tax shelter program is legal, or that a litigation strategy will keep your client out of jail, that’s a significant risk. When you gamble that you won’t get caught embezzling from your firm, or that your imaginative tax return won’t be audited, you risk jail or a fine.

 

When you falsify a tax return, you cannot generally control the possibility of being caught by an audit. Assuming an honest game, we can’t control a horse race or a ski jump or even a card game. When you write an article or a brochure you can’t control how it will be received by its intended audience. (writers, especially the best, live with this constantly.)When you invest, you risk your knowledge and intuition against that of the volatile securities market. When you advise a client in any matter of law or accounting, there is risk inherent in the accuracy of your advice. Yes, skill and experience can often mitigate the degree of control we might have over the outcome. With skill, judgment, and experience you can eliminate some – but not all – of the factors that are beyond your control.

 

Random and Statistical Risk

 

These and more risks are different in context and magnitude. A good mathematician can often statistically quantify the boundaries of risk, such as telling you that one in every hundred people will slip in the bathtub and break a bone, that depersonalizes it and tells you nothing to help you avoid it, but that’s only half way to understanding it. There is a caution, though, in using statistics alone to assess risk. A statistical – or actuarial – calculation that says one in every two hundred and fifty tax returns will be audited gives you a definition of possibility. But a random risk that says, for example, one in every thousand houses in America will be burglarized gives you no such safety, unless you can define why such houses are burglarized. Statistics are not particularly useful in random risk, simply because they are random, but the risk itself – and not the statistics – affords you the opportunity to take precautionary measures, simply because you know it could happen.

 

When a random risk is combined with a decision not to take an action in a situation (or even a potential situation), there is fuel for disaster. One example is seen in the Virginia Tech tragedy, in which a deranged student went berserk and killed a number of students and professors. It would appear that by assuming that, statistically, there was little likelihood that such an act could happen on their campus, they were not prepared to cope with the aftermath. The school was not prepared to warn students about the shooter on campus, nor to respond appropriately after the event. They could have assessed the possibility -- if not the probability -- that a crazed gunmen might kill students. Here, too, mathematicians might still have assumed that it was likely to happen somewhere, which might have warranted simple preparation. There was no crisis plan in place, no designated hierarchy of either practices nor authorities – and so every decision had to be synthesized in a vacuum and on the spot. This, despite the vast array of articles about crisis management that abound in every industry and management course. The potential danger is greater in doing nothing than in making a choice among potential actions. Apparently, the school administration saw the risk from an actuarial – or statistical -- point of view (calculating the number of such happenings and assuming that a serial shooter was unlikely to come to their school), when in fact the risk was a random event, which means that there is no statistical system that would serve to warn them other than to say it could happen. They took the risk that a mentally unstable individual would not act out on their campus, and so had no plan in place. The result was that as bad as the event itself was, it was made worse for lack of preparation.

 

By the same token, if we assume that our clients understand, appreciate, and cherish us, and don’t act to take steps to find out if they really do, we are risking that client relationship, as well as losing the opportunity to strengthen and cement our relationship.

 

 

Crisis Management

 

A superb article on the subject of crisis management by Richard Levick appears on The Marcus Letter. Another such brilliant article by Don Aronson and Bruce Heintz of Aronson/Heintz also appears in the Marcus Letter. I’ve written about it in several of in several of my books. Nor am I alone in having written dozens of internal memos on the subject for the firms I’ve worked for or consulted with. But is nobody listening?

 

            This failure to anticipate random risk, whether on a school campus or in a legal or accounting practice, leads me to believe that people are unwilling to face up to the fact that, despite the small probability of its happening in most schools, the possibility that it could happen somewhere was high. This, despite the fact that a great deal of preparation to deal with crisis is easily done , and not overwhelmingly expensive.

 

            Another consideration of risk lies in a tendency to ignore or distort reality, which can lead to a vast expectations gap. Recently, a survey of accounting firms by the Bay Street Group gives increased significance to the work by Aronson/Heintz. It uncovered the startling fact of the wide disparity between how accounting firm management perceives sees their own performance and how their clients see their performance. A sample of findings…

 

·        Asked why their organizations might change CPA firms, 80% of clients blamed poor client service; but only 34% of CPAs thought that was the reason for losing a client. 38% of clients said they might change because they weren’t getting the CPA firm’s best people, but only 9% of CPAs cited that as a possible reason.

·        In marketing, 11% of clients thought they might be persuaded by a firm’s website; 37% of CPAs planned to launch or increase a web site. This disparity exists in the full array of marketing activities.

 

In other words, there is great risk in client retention and management activities that are based upon guessing or inadequate information derived from poor surveys. For example, in the case of the risk of losing a client, you can use professional skills and assiduous attention to the client to be sure that you understand not only his needs, but the opportunities to improve relations inherent in understanding those industry factors that inform his business. You can make sure that you not only understand his needs, but that you have the skills to serve those needs. You can arm yourself with data to afford yourself the opportunity to not only avoid danger points in your relations with the client, but, as well, to see opportunities to improve that relationship. And because of the subtleties of surveying, as Aronson/Heintz wisely point out, it should be done professionally.

 

Decision Making in Risk Management

           

            Too often, we simply take risk for granted and go headlong into danger and chaos. It needn’t be so. Even in view of the elements of risk over which we have no control, there are still measures of protection that can be taken to reduce a measure of risk in any enterprise.

           

Is there protection against risk? Yes – to a larger degree than we may realize. There are at least five things you can do ….

 

·        Definition. Define the risk itself. Understand precisely what the risk is. Too often, we either ignore risk or look at it amorphously. Sometimes, we simply take for granted that our skills and experience will be able to cope with whatever risk is involved. It’s like throwing out a football and then running out to catch it. Sometimes it works, which gives license to continue to function in that mode. Until, with our eyes skyward and on the ball, we fall into a ditch. It’s worth the time it takes to consider the risk of any action in which a bad choice could be serious, and to assess the variables. In defining risk, you may find, as well, that much risk is multi-faceted – the action you’re considering may have several elements with different degrees of risk. Defining risk, and focusing systematically on it, frequently clarifies those factors that make risk more controllable.

·        Assess the risk in terms of the objectives. You know what you want to achieve. Are your chosen activities the best way to achieve those objectives? Are the objectives worth the risk? What are the alternatives? Here, the decision tree approach is useful. If we take path A, then this will happen. If we take path B then that will happen. Which result can we better live with? When the consequences of an action are significant, this approach can mitigate risk, and allow us to make intelligent choices.

·        Eliminate the variables. By defining the risk, you are able to define all the variables that affect the outcome, and find those areas that can be eliminated. Going to sea in foul weather for example, you can reduce a measure of the risk if you are sure that you have the skills in seamanship, and the safety equipment to diminish the danger, as well as the navigation and communication equipment to aid in quick rescue in case of mishap. In considering a legal strategy, the risk is tempered by knowledge, skills, and experience, all of which must be considered in any legal risk. And this is true, as well, in the world of accounting.

·        Decide. By taking each of the three previous actions, you have a better chance of understanding the nature of the risk of your enterprise, deciding whether you have the intellectual tools and experience to see you safely through the risk, and whether the risk is worth the prize.

·        Anticipate and Plan. A crisis management plan – a what if… plan – is simple and inexpensive. Disaster is random, but the potential is always there. As Aronson/Heintz point out, the risk of poor client service and losing a client exists in every practice. But most risk can be mitigated by professional client interviews. As the Bay Street Group study informs us, there is frequently a chasm between how professionals think their clients perceive them and what the clients really think. A crisis plan may be as simples as designating a crisis spokesperson to speak for the firm with a predetermined script, or it can be an elaborate one that anticipates what if… Nothing is more exciting than having the press call about a client in trouble, and having the call -- and the press questions -- answered by whoever in your office picks up the phone.

 

By following this path, you can build a crisis mechanism that includes a communications system to warn people. You can designate the hierarchy of responsibility, and be sure that responsibility for all measures of the risk are anticipated and covered. These measures are inherent in every corporate crisis plan. They should be inherent, as well, in every professional firm, as well as in every school and community plan.

 

At the heart of every crisis management plan is the recognition that crisis can happen, and that the likelihood of its happening in your business or community is not actuarial or otherwise statistical, but random, and that even a random disaster can be mitigated with simple preparation.

 

            The danger in not meticulously defining the risk inherent in an action and considering the consequence of being wrong is to magnify the risk.

 HOME