Identifying and Balancing Risk and Reward Name one of the biggest strategic risks and one of the biggest financial risks that you face in your business or industry, and briefly ex

© Strayer University. All Rights Reserved. This document contains Strayer University Confidential and Proprietary information and may not be copied, further distributed, or otherwise disclosed in whole or in part, without the expressed written permission of Strayer University.

JWI 531 (1202) Page 1 of 8

JWI 531: Financial Management II

Week Two Lecture Notes

© Strayer University. All Rights Reserved. This document contains Strayer University Confidential and Proprietary information and may not be copied, further distributed, or otherwise disclosed in whole or in part, without the expressed written permission of Strayer University.

JWI 531 (1202) Page 2 of 8

DEFENDING YOUR CASTLE What It Means Risk management is the practice of identifying, quantifying, ranking, and planning for risks. These tasks most often fall within the responsibilities of senior financial leaders, including the CFO. Because businesses face a wide range of risks, including those that are a normal part of operating in a competitive market, as well as economic and environmental crises, risk managers must work closely with operators and other leaders to locate these risks and build plans to protect the organization as much as possible. Why It Matters

• There is no risk-free business. Your competitors want to attack your castle and take your customers. Finance leaders must help strategy leaders to quantify the impact of potential game- changing moves from competitors, and develop and fund the defenses needed to protect against these attacks.

• Without sufficient protections in place, the occurrence of even a single high-impact risk event could topple the entire organization.

• The risk management model has to be financially viable, balancing the cost of risk protection

against other business expenses. It also has to allow the company to operate and take appropriate risks without unduly limiting its ability to compete.

“Risk comes from not knowing what you’re doing.”

Warren Buffett

© Strayer University. All Rights Reserved. This document contains Strayer University Confidential and Proprietary information and may not be copied, further distributed, or otherwise disclosed in whole or in part, without the expressed written permission of Strayer University.

JWI 531 (1202) Page 3 of 8

THE CHALLENGE AND OPPORTUNITY FOR MANAGERS

One of the biggest challenges managers face is not being sufficiently prepared to deal with the downside impact when risk events occur. If only we knew what troubles were on the way and when they would strike, it would be so much easier to run our businesses. Think about it. If we could accurately predict how much the company will sell and what the costs are to produce and deliver our products, then we would simply need to do the math to figure out if we have a viable business model. The reality, of course, is quite different. A lot can go wrong in any business, including economic collapse, one of your key suppliers or customers going out of business, unfavorable currency fluctuations, changes in regulations, and the rise of a new competitor. In Jack’s 5-step strategy framework, these are the focus of step #4 – the threats lurking around the corner that keep you up at night. Of course, the opportunities come from moving beyond the fear of a risk event. It’s the willingness to face the risks that could upset the business, and balance those against the rewards that await if the business succeeds. If you’re not willing to take any risks, then you might as well close up shop now. Winning businesses build defenses. Just like castles of olden times were built with strong walls and deep moats to keep out attackers, businesses must assess the threats they face and make plans for how they can protect against them. To develop strong defenses, finance leaders help their colleagues quantify risks. In doing so, they must address four interconnected questions:

1. What are the types of risk that my business faces?

2. How serious would the impact be if the risk event were to actually occur?

3. What is the likelihood that the risk event will occur?

4. If the risk event does occur, what safeguards can be put in place, and at what cost, to mitigate the negative impact?

The role of the CFO and senior finance leaders is not to fear the risk, but to plan for the risk in ways that protect the company without being unduly restrictive to those operating the business.

© Strayer University. All Rights Reserved. This document contains Strayer University Confidential and Proprietary information and may not be copied, further distributed, or otherwise disclosed in whole or in part, without the expressed written permission of Strayer University.

JWI 531 (1202) Page 4 of 8

YOUR STARTING POINT

1. If someone asked you about the risks your company faces, what would you say? Could you list

all the risks, and explain both the likelihood of them occurring as well as the steps being taken to mitigate those risks?

2. What are the risks you face from your competitors?

3. What are the risks you face from economic or environmental factors?

4. What are the top three threats to your company?

5. How much risk does your company need to take in order to win?

6. How could you reduce one or more risk factors in a meaningful way?

© Strayer University. All Rights Reserved. This document contains Strayer University Confidential and Proprietary information and may not be copied, further distributed, or otherwise disclosed in whole or in part, without the expressed written permission of Strayer University.

JWI 531 (1202) Page 5 of 8

RISK AND CONTROL It’s Impossible to Grow without Taking Risks When it comes to risk management, Jack says, “The only time you should take risks is when risk is needed to win, but if you want a company that embraces (sensible) risk you have to build a culture that rewards it.” Our readings for this week present an excellent overview of risk from both the external forces (chapter 4) and the internal forces (chapter 5). In introducing this topic, Bragg presents a synopsis of the relationship between the CEO and CFO:

“The CEO is typically more concerned with expanding the business and building competitive advantages. This means that the CFO may be left with an ongoing analysis of the downside – what could go wrong with the business…This does not mean that the CFO should be the corporate doomsayer. On the contrary, consider the reverse – identifying risks so well that the company can launch initiatives in new areas that competitors might consider excessively risky.”

The CFO Guidebook, p. 15 Risk Categories and Activities A risk can be defined as an event that interferes with the ability of the business to achieve its objectives. While risks fall into many categories, they typically include hazard risks, such as floods and other natural disasters, operational risks, such as supply chain disruptions, and financial risks, such as exchange rate fluctuations and defaults (pp. 22-23).

“The types of risks to which a business is subjected will vary considerably by company, since risk is based on such factors as geography, industry, product type, employee relations, and so forth. Thus, the risk mix is unique to every business.”

The CFO Guidebook, p. 23 But the biggest risk that companies face is something that’s nearly always the same.

“The most dangerous type of risk is strategic risk, which interferes with a company’s business model. A strategic risk undermines the value proposition which attracts customers and generates profits. For example, if a company’s business model is to be the low-cost provider of a product and a competitor from a low-wage country suddenly enters the market, the company will find that its value proposition has been destroyed.”

The CFO Guidebook, p. 23

Bragg summarizes the following activities (pp. 24-29) as the primary stages in risk management. Taken together, these create the foundation for risk planning.

• Risk Identification – which risks are most applicable to your business? • Risk Quantification – what is the downside cost if the risk event occurs? • Risk Ranking – what is the frequency and severity of the risk event? • Risk Profile – how can the main risks be categorized to focus attention on particular types of risk?

© Strayer University. All Rights Reserved. This document contains Strayer University Confidential and Proprietary information and may not be copied, further distributed, or otherwise disclosed in whole or in part, without the expressed written permission of Strayer University.

JWI 531 (1202) Page 6 of 8

Risk Planning Business leaders, leveraging all of the above, must make decisions about the threats the risk poses and how they should plan. Regardless of the type of risk, the options fall into three categories (p. 30):

1. Mitigate the risk – take proactive steps to minimize the likelihood of the risk event occurring and the impact if it does occur

2. Accept the risk – recognize that this is part of doing business, and the upside potential is worth the downside costs

3. Transfer the risk – purchase insurance to offset all or most of the anticipated cost of the risk event Toward the end of chapter 3, Bragg presents an overview of some of the most common types of risks businesses face. You don’t have to digest every detail of this, but do take a look. It not only provides a sampling of real risks that real companies face all the time. It also presents options for how these risks can be managed. Internal Risk and Control It’s easy to think about risk as a purely external force. Indeed, this is what the vast majority of business leaders think about when they discuss risk. They use tools like SWOT and PESTEL to categorize those risks and to attempt to build strong economic moats to defend against them. But as Bragg explains in chapter 4, there are risks that can come from inside the camp. Sometimes, these risks are threats from willful and malicious activity such as fraud, but this is rare. Much more common are the risks that come from lack of control. This includes budgets that aren’t adhered to, lack of oversight on quality that leads to runaway expenses, and poor management of financial resources. As you read this chapter, think about the controls that your organization has to ensure that internal operations have the appropriate oversight they need. Key Takeaways In closing the chapter (pp. 62-63), Bragg presents us with a succinct set of guidelines and themes for managing risk. These are:

ü Help every employee develop a deep knowledge of the business so they can spot anomalies and red flags.

ü Embed controls into the infrastructure of the business to catch mistakes and overly aggressive moves that could be reckless.

ü Set boundaries on activities that limit what managers and operators are authorized to do. ü Establish reasonable performance targets that drive growth, but do not tempt employees to

engage in risky behaviors in order to meet excessive goals.

© Strayer University. All Rights Reserved. This document contains Strayer University Confidential and Proprietary information and may not be copied, further distributed, or otherwise disclosed in whole or in part, without the expressed written permission of Strayer University.

JWI 531 (1202) Page 7 of 8

SUCCEEDING BEYOND THE COURSE

As you read the materials and participate in class activities, stay focused on the key learning outcomes for the week and how they can be applied to your job.

• Explore the role of risk management in business Start reading the Risk section in the 10-K reports of companies you are interested in following and perhaps even investing in. How do they describe the risks they face and the steps they are taking to mitigate those risks?

• Identify the most common risks that businesses face and how these impact growth and stability How do managers and business leaders in your own organization manage risk? Where are the biggest threats coming from? Are they internal or external? How do these impact your organization’s growth? If you participate in strategy and planning meetings with your team, how are risk issues presented? If they’re not, ask a few questions about risk. If you phrase it properly, this should not be seen as a focus on the negative, but a healthy reality check. Remember, for every risk your organization faces, it’s very likely your competitors are facing similar risks. These can be opportunities for you to take market share away from them. Remember, risk management is a strategic tool. Embrace it. Discuss it. Leverage it.

• Examine the risk-management tools that CFOs and other finance leaders use to mitigate risk and maximize growth Review the course materials and especially the chapters on Risk (chapter 3) and Control (chapter 4) from the textbook. If you have been able to build a connection with a senior financial manager in your organization, ask them to explain:

o The risk events they worry about most o The tools they use to mitigate risk o The level of risk tolerance that is acceptable for the business to compete and win

© Strayer University. All Rights Reserved. This document contains Strayer University Confidential and Proprietary information and may not be copied, further distributed, or otherwise disclosed in whole or in part, without the expressed written permission of Strayer University.

JWI 531 (1202) Page 8 of 8

ACTION PLAN To apply what I have learned this week in my course to my job, I will…

Action Item(s) Resources and Tools Needed (from this course and in my workplace) Timeline and Milestones Success Metrics