The most important recommendations on business protection in Ukraine for 2019

Risk management and asset protection are the top priority for any business in Ukraine. How to do that right? Here are the recommendations by Mykola Siutkin, the founder of S&P Investment Risk Management Agency.

In our everyday life, we constantly think about risks, even when we do not realize that. Risk management is our response to situations in which we can suffer or when something can go wrong… Everything happens not as it should on a regular basis! Automobile accidents, other accidents, thefts, unexpectedly bad weather, and so on. To be successful, you need to program yourself for tracking and managing risks.

The success and efficiency of each company depend on how well it manages its unique risks. From detection and evaluation – to minimizing and controlling threats. These threats may be related to financial uncertainty, legal obligations, management, accidents, unlawful actions of competitors or public authorities.

We have a specific business environment in Ukraine: actions of both market players and controlling bodies are unpredictable. Competitive wars and unfair cooperation remain the main “trends” of the season. Recently, we attribute criminal proceedings against foreign businesses in Ukraine to threats of a high level of complexity. As part of such proceedings, there is often a blockage of the business activities of a company – with the arrest of its accounts, assets and the prohibition of any financial transactions.

Recently, after the lifting of the moratorium on inspections, inspection bodies have become more active. That actualizes additional business and financial risks connected with blocking economic activities or significant additional payments – taxes, fees, fines, cancellation of licenses and permits, and so on.

In other words, there are big risks to business in Ukraine and they are probably specific to our country. The risk of saving assets and business altogether has been and still remains the main thing. Therefore, the risk management strategy should be an integral part of any managerial, legal or business decision in our country. Protection of assets, commercial information, intellectual property, and financial reporting is the top priority for any business in Ukraine.

Risk Management: How to Integrate It to the Company Strategy?

The process of risk management, like any other company policy, should be prescribed in the company’s rules and procedures – only in this case, it will become mandatory for employees. To ensure that policies and procedures don’t become “papers from the archives”, in addition to their development and approval, it is necessary to conduct an implementation process for a new model. The success of implementing it depends mainly on the manager. For some managers, it’s enough to only develop the process on paper, while others strive to make the new system fit the company and make it the norm. The implementation process can be painful and prolonged sometimes. This is so, as it is necessary that each employee understands in detail how its functionality changes, how decision-making procedures change. For this, you need to train staff: tell, show, and explain.

Since the overall number of risks is enormous – from the workplace security to computer threats –own procedure and protocol are developed for each type of risk. These are general rules: what types of decisions there are and in what cases they should be taken, taking into account the identified risks, and who identifies and performs risk assessment (an internal or external adviser), and so on. All these are the procedural moments which have to be set up in a company. The whole risk detection process will not exist without them. In our practice, we mainly deal with business and reputational risks. These are the most up-to-date issues in Ukraine.

In general, our company deals with the following risks:

• Business risks.
• Investment risks.
• Financial risks.
• Reputational risks.
• Legal risks.

Risk Management Strategy: the Most Important Things

There is no single and universal strategy for any type of business risk. Every risk management strategy is tailored to the specific case, and tools and methods for minimizing risks will be different in each situation.

The risk management strategy includes several stages. So, we determine the following stages of risk management while providing assistance to our clients:

• Modeling and identifying existing and/or potential risks;
• Analyzing and assessing risks;
• Selecting tools for risk management;
• Building a strategy for minimizing risks;
• Implementing our already developed risk minimization strategy.

The final stage is assessing the results achieved and adjusting the risk strategy.

All these elements assemble into a strategy to reduce unique risks for a company.

At the first stage, we not only detect the existing risks for our client company but also model possible future risks which may arise as a result of future decisions. After identifying or simulating the possible risks, we move on to the analysis stage.

Risk analysis reveals threats and identifies weaknesses in the company. This process is based on facts and includes:

• characteristics of assets;
• identification of threats and weaknesses of the company;
• analysis of control and business decisions;
• determination of the probability of certain consequences;
• determining the risk degree;
• others.

As a result of the risk analysis, a company or its manager receives a list of assets under risk, risk types and the analysis of what the company should do to strengthen its weaknesses.

A tip from the business practice

It is extremely important that risk analysis and assessment are mandatory elements of any business or managerial solution in each company in Ukraine. Risk assessment is a systematic process of evaluating control methods and their compliance with potential operational and reputational threats identified during our risk analysis. Risk assessment should include: collecting information and data, identifying risks, assessing the significance and probability of risks, creating a risk management plan, and implementing this plan.

Any risk management plan will have no effect unless it is documented in the policies and procedures of your company. We believe that something which is not written does not exist at all. Internal policies and procedures should determine how you reduce the identified risks. Next, they must be reported to all employees for further implementing the strategy.

Business Protection from Risks in Ukraine in 2019. The Most Important Recommendations

In 2019, the main risk factors in Ukraine are elections of the President and the Verkhovna Rada. As a result, total changes in all spheres may happen: from changing political players to a complete changing the vector of state development in general.

Recommendation №1. Risk management will be an important competitive advantage.

We have stated and will continue to state that a business will be successful if it uses risk management regardless of the positioning of political forces in the state. A risk management system integrated into the decision-making process is a real competitive advantage. Companies around the world take risks but use new business opportunities and models, which makes it possible to avoid unnecessary risks, especially when it comes to new countries and markets. Current realities are a market for strong players, and risk is part of this game. Companies which take risks as part of their business process will always be ahead. These companies will have fewer problems than those which work in the old-fashioned way.

Here is an example: a manager has to make a decision and approve a strategy to protect assets or reputation. In most companies, the decision is made on the basis of recommendations of the relevant department – legal, security or PR – which has this field of activity within its competence. The solutions offered by individual departments are intrinsically correct but are often limited by narrow-profile areas. At the same time, any important business decision will affect more than one of the company’s business areas. For example, a bank decision to dispute a client may be correct from a legal and financial perspective. Still, it can be absolutely wrong from the point of view of reputation and protection of business from the license loss. Moreover, both company executives and heads of departments often don’t even see the causal link between their decision-making and the consequences. Especially in those cases when the consequences come not in the area which was the subject of the decision.

Recommendation №2: Think about narrowing the planning horizon

Elections, the possible change of political players, heads of the state and law enforcement agencies, lifting the moratorium on inspections are going to violate long-term strategic planning of companies.

Recommendation №3: Timely and prompt response to incidents/conflicts will be a priority for business.

Attacks on business were not uncommon in 2018. There were also suspends of economic activity via seizures of accounts and assets and the removal of primary documents and data during searches and other investigative actions. Unfortunately, these actions not only have influenced the reputation and financial performance of companies but have also generally affected the business climate in Ukraine. All the loud cases and conflicts which have arisen in Ukraine in recent years have pushed business to the understanding that each company must have strong risk management and a crisis management plan. The prompt and timely response of the company to incidents/conflicts regardless of their sources should be among the main business functions.

In 2019, incident and conflict management will become a major and fundamental business need in Ukraine.