Table of Contents
PERCEPTION OF RISK. RISK MANAGEMENT IN SMES AND EFFECT ON PERFORMANCE: EVIDENCE FROM PALESTINE
Risk Management Process (RMP)
Types of Risks
Performance Measure in SMEs
Risk Management and Performance
Measuring Risk and RMP
Reliability test results
RESULTS AND DISCUSSION
Performance of SMEs
Applying formal/written risk management plan in SMEs in Palestine
Is there a relationship between implementing formal/ written risk management process and performance at SMEs in Palestine?
Discussion and Conclusion
Abstract This article provides an empirical evidence of risk and risk management in SMEs in Palestine and the effect of RM on its performance using several method for assessing risk, RM and performance for (N=330) SMEs participant in Ramallah. Most of SMEs in Palestine do not have a written and formal risk management plan. They mostly concern about Financial and Strategic risks, while Hazard and operational are the least concerned respectively. Performance in SMEs considered medium according to Performance Comparison Approach. SMEs with highest degree of written risk management plan have better performance. There is a positive correlation between the prospective of the owner/ manager of risk analysis and SMEs’ performance. Strategic and hazard risk analysis is positively associated with performance. The high level of risk mitigation the more SMEs tend to have better performance.
Keywords Risk, Risk Management Process (RMP), Small and Medium enterprises (SMEs) and Performance
Small and Medium Enterprises (SMEs) play very important role in most economics worldwide (Falkner & Hiebl, 2015). They form an essential source of new ideas and innovations (Sous, 2005). It is well-known that SMEs constitute the vast majority of enterprises around the world (International Organization for Standardization ISO, 2015). Berry, Rodriguez & Sandee (2010) argued that developing countries valued SMEs because of their potentials to grow into larger, more productive units and their ability to invest and adopt new technologies. For instance, in the EU, 99 percentage of economic activities can traced back to SMEs (Falkner & Hiebl, 2015). Classifications of SMEs depend on measures like fixed assets, registered capital, sales turnover or number of employees and sometimes type of industry or sector determines the classification (Sous, 2005). Palestinian center bureau of statistics (PCBS) based on the results of the economic surveys series for the years 1999 - 2003 defines SMEs in Palestine as all operating enterprises in the Palestinian economy that employ fewer than 50 people and have an operating surplus of at least $5,000 (MAS, 2005). However, Palestinian Monetary Authority (PMA) recently agreed on updated definition for the SMEs in Palestine, which employ no more than 35 workers and have an annual revenue of less than 7 million dollars (PMA, 2016). SMEs perceived as high-risk venture, Hartcher, Hodgson, & Holmes (2003) argued that entry and exist rates if SMEs supports this idea. Zacharakis ,1991 as cited in in Hartcher et al., (2003) said that 20% of new venture fail in the first year in USA and 66% fail within 6 years. SMEs may suffer of difficulties due to lack of strategic plans and risk management. Lavia, Lopez and Hiebl (2014) as cited in Falkner & Hiebl (2015) said that SMEs are usually seen as having simpler internal organization, profit less often fewer from economies of scale and have few access to wide range of resources. They considered unsuccessful for number of reason; the lack of a systematic risk management plan, over confidence based on cognitive biases and the failure of small business to move to a more professional management structure (Hartcher, et al., 2003). Risk management (RM) are ill-defined, therefore it causes difficulties to companies especially SMEs (Alquier & Tignol, 2006). Therefore, SMEs can improve their efficiency by the use of risk management (Leopoulos et al., 2006). Despite the few published literature on risk management in SMEs, in January 2016- the United Nations Industrial Development (UNIDO), the International Trade Center (ITC) and the International Organization for Standardization (ISO) lunched a handbook guide to help small and medium-sized enterprises (SMEs) had better manage potential risks. They issued “ISO 31000 – Risk Management” for SMEs to improve the identification of opportunities and threats, and effectively allocate resource for risk management (UNIDO, 2016). Lark (2016) along with Hartcher et al., ( 2003) agreed that implantation of risk management in SMEs is not formalized. SMEs leaders believing they are not big enough to warrant a proper risk management system (Lark, 2016).
The paper aims to investigate the perception and the involvement of risk and risk management of SMEs decision makers / rubber- stamp in Palestine and assess the effect of risk management perception and risk exposure on the SMEs’ performance using very sophisticated method for measuring risk management and performance.
Many authors agreed on the definition of risk as “uncertainty”. Chapman and Cooper, 1983 as cited in Verbano & Venturini (2013) argued that risk is the possibility of economic or financial loss or gain associated with pursuing a course of action. Tummala & Schoenherr (2011) added that risk defined as a combination of probability of frequency of occurrence of a defined hazard of the occurrence. Similarly, uncertainty comes from lack of complete information about the future (Elahi, 2013). However, many drivers increase the uncertainty (risk) as described by Elahi (2013) are: faster pace of change, increase complexity, globalization and global order.
Risk Management (RM) is a set of tools, actions and plans to identify, analyzing, measuring, treating, mitigating (eliminating) and controlling risks (Tummala & Schoenherr, 2011; Verbano & Venturini, 2013). Regda (2007) defined RM as a process that identify loss exposure faced by an organization and selects the most appropriate technique for treating such exposure ( as cited in Elahi, 2013).
Few scholars studied the application of RM in SMEs, for this reason many areas are still understudied, however, literature about this subject is increasing recently (Falkner & Hiebl, 2015; Verbano & Venturini, 2013). Applying risk management in SMEs can improve their efficiency (Alquier & Tignol, 2006). It also can help managers to identify significant risk that could jeopardize the success or the existence (Falkner & Hiebl, 2015), lead firms to reduce the uncertainty in the enterprise management, ensure continuity in production and trading in the market and reduce the risk of failure and to promote the enterprise external and internal image. (Urciuoli and Crenca, 1989 as cited in Verbano & Venturini, 2013). Both Elahi (2013); Verbano & Venturini (2013) agreed that RM would increase the efficiency. A playing better risk management plan lead to lower risk transfer costs, such as lowering insurance policy costs (Elahi, 2013).
Despite the importance of adapting RM into SMEs, they face some challenges that reluctant to adapt such methodology. Previous studies referred to these challenges: dealing with risk in SMEs is limited to the manager or the owner of the business (Falkner & Hiebl, 2015; Elahi, 2013), Risk management in SMEs is not stable overtime it depends on certain development (Falkner & Hiebl, 2015), where RM strategies are considered in SMEs, they are unlikely to be formalized (Hartcher et al., 2003). Sometimes cognitive biases and individuality prevent SMEs form applying RM, Hartcher et al., (2003) stated that a primary reason for owing a business is to avoid activities which threaten an individuals’ information “Comfort zone” and so the failure to implement risk minimization strategy. Similarly, Falkner & Hiebl, (2015) also described more reasons why SMEs may not adapt RM strategies such as culture, owner education level, age and gender. Different culture creates different risk behaviors compared to managers from developing countries, western managers takes more risks. Higher SMEs owner education positively related to adapting risk mitigation strategies (Falkner & Hiebl, 2015). A study by Gorzeń-Mitka (2015) concluded that there is no significant gender-related differences in the assessment of effectiveness of risk monitoring, risk analysis and ways of risk mitigation.
Risk Management Process (RMP)
Much available literature described basic risk management process (RMP). Falkner & Hiebl, (2015); Leopoulos et al., (2006) ; Verbano & Venturini, (2013) agreed on the same steps for Risk management process which are ( Risk identification, analyisis, mitigation, implentation and risk follow up and control). However a zero step considered as the preparatory step by Leopoulos et al., (2006) which is “Risk management objectives and plan”, requires defining the RM plan to be consistent with strategic business objectives and conducting context analysis. In this stage, resources, and process of RM plan are considered.
1. Risk Identification: this is the first step of RMP, which involves determinations of risks that might the project during its whole life cycle and documentation of their nature and characteristics (Champan & Ward 1997 as cited in Leopoulos et al., 2006). This step include several techniques such and methods such as systematic reviews of all data on business assets, activates and staff, financial statements which identify the sources of potential financial losses, using flowchart to analyze all operations or activities of the enterprises (Hollman & Zadeh, 1984 as cited in Falkner & Hiebl, 2015). Leopoulos et al., (2006) mentioned other techniques, for instance, brainstorming, structure interviews, expert opinion and other sophisticated techniques such knowledge management, which identify risk including the development knowledge bases that store “Risk history” of the company.
2. Risk analysis: aims to prioritize the identified risks by measuring risk severity, often referred to as exposure (Baccarini and Archer 2001 as cited in Leopoulos, Kirytopoulos, & Malandrakis, 2006; Hollman & Zadeh, 1984 as cited in Falkner & Hiebl, 2015). A common way to calculate exposure is to multiply the probability of a risk with the expected impact, (Leopoulos et al., 2006). However, Hollman & Zadeh, 1984 as cited in Falkner & Hiebl, (2015) described four risk probability measures (highly unlikely, unlikely, likely, highly likely). Expected impact measured as (negligible, significant, major, catastrophic). The most recent approach indicates that risk analysis divided in two faces: Quantitative and Qualitative. (Leopoulos et al., 2006). Roberts (2000) proposed that the use of quantitative risk analysis method for high exposure risk would increase the effectiveness of RM (as cited in Leopoulos et al., 2006). Both Leopoulos et al., (2006); Verbano & Venturini, (2013) said that threshold of acceptability must be defined to proceed the next stage. It is worthy mention that the first two steps named as “Risk Assessment” according to the review of (Verbano & Venturini, 2013).
3. Risk Mitigation: as named by Kahkonen, (1997) as cited in Leopoulos et al., (2006). Alternatively “Risk Treatment” as named by Verbano & Venturini (2013). This phase also called “Risk Handling” or “Techniques Selection Phase” (Hollman & Zadeh, 1984 as cited in Falkner & Hiebl, 2015). This phase includes treatment of unacceptable risk, which identifies the most appropriate action to reduce the risk (Verbano & Venturini, 2013). Risks are prioritized in terms of exposure; risk with high exposure should get the focus before other with lower one. Timing of risks is always a factor that should be taken into consideration (Leopoulos et al., 2006). However, some literatures separated another step following the mitigation phase, which is “Risk strategy Implementation”. Hollman & Zadeh (1984) as cited in Falkner & Hiebl (2015) argued that this step consists of implementing the chosen method to reduce or mitigate the risk. They suggest that all affected employees should be informed of the companies’ risk management objectives.
4. Risk follow up and control: this is the final step of the risk management, which is necessary for the assurance that plan is really executed, make sure that the assumptions and estimations are valid, review of the introduced techniqures and measures to ensure they meet current requirements (Hollman & Zadeh 1984 as cited in Falkner & Hiebl 2015; Leopoulos et al., 2006).
Types of Risks
The first step of the risk management (Risk Identification) requires the company to identify the types of risks (Falkner & Hiebl, 2015;Verbano & Venturini, 2013). However, Verbano & Venturini (2013) referred to four general types of risks than Falkner & Hiebl (2015) which were more specific in determining risk types for SMEs. According to Casualty Actuarial Society (2003) as cited Verbano & Venturini (2013) major types of risks are:
1. “Hazard Risk”, unexpected risk property damages, windstorms, natural perils, theft, crimes, personnel injuries, businesses interruptions, disabilities, diseases and liability claims.
2. “Financial Risk”, changing in prices, interest rate, foreign exchange, commodity price, liquidity risk (cash flow, opportunity cost and call risk), credit risk (default risk and downgrade), inflation, purchasing power and heading risk.
3. “Operational Risk”, business operations (Human resources, product development risk, capacity, efficiency, supply chain management, product failure and business cyclicality), empowerment (Leadership and ability to adapt changes), Information technology (relevance and availability), information/ business reporting (budgeting, planning, accounting information, pension fund, investment evaluation and taxation).
4. “Strategic Risk”, Reputation damages (trade mark/brand erosion, fraud and unfavorable publicity), competition, customer wants, demographic and social trends, technological innovation, capital availability and regularity and political trends.
Falkner & Hiebl (2015) stated the most frequently mentioned types of risks in SMEs in literature due to date, which are Interest risk, Row material risk prices risk, E-business and technological risk, supply chain risk, growth risk and management and employees risk.
Performance Measure in SMEs
The performance measurement literature highlights the characteristics of SMEs that differentiates them from larger organizations (Zeinalnzehad et al., 2010 as cited in Bititci, Firat, & Garengo, 2013). These characteristics include, lack of formalized strategy, operational focus, limited managerial and capital resources, and misconception of performance measurement (Garengo et al. 2005, Fuller-Love 2006 as cited in Bititci et al., 2013). Cocca & Alberti, (2010) said in order to develop Performance Measure System (PMS), first it is necessary to identify which are the characterizes of PMS that enable the company to effectively and efficiently measure and manage its performance. Bititci et al., (2013) summarized some general guidance as to the measures we should use to assess and compare the performance of different firms to compare the overall performance of different SMEs:
- Be balanced, including financial and nonfinancial measures.
- Include both lagging (such as traditional financial measures) and leading measures (such as employee satisfactions, investments in new equipment, personnel, markets and so on).
- Be based on a time series (e.g., indicating how profitability of an organization has changed over a period of time).
- Be sensitive to the contextual and environmental conditions the firms operate within and assess firms’ performances within this context.