Don’t let Brexit overwhelm the Local Elections!

The EU Referendum had taken up so much time and space in the media and elsewhere recently that it is easy to forget that there are other issues in politics and in life.

Local Councils, Police Commissioners, the Scottish Parliament, the Welsh and Northern Irish Assemblies, all matter and none of them are anything to do with the EU.  Whichever way you intend to vote in the Referendum should have no bearing on who you want to represent you on your local council, or whatever.  Please think about local issues, matters which local authorities, or whatever is relevant in your area, can control or influence.

Our future in or out of the EU is an important issue, but the quality of all our lives can also depend on the quality of the people we elect to serve on all these other bodies.

Make the most of your vote, on both days!

What is the biggest Risk threatening your business today?

Of course, the answer to that question has to be different for each business.  I could only give you a proper answer if I knew a lot about your business.

However, the Institute of Risk Management thinks that for most businesses today the biggest risk is the Supply Chain Risk.  You might have got all the risks within your business under control (well, you might!) but you probably have not much idea of how secure your supply chain is.

  •  What are the risks threatening your suppliers?
  • What could disrupt the supply?
  • What alternatives do you have?

Please do not think I am referring only to physical supplies.  Our IT services, financial services, and even large parts of our admin. are often provided by someone else.

This risk is becoming more serious because we are all becoming increasingly interdependent and because we tend to outsource many aspects of our businesses. These are not bad things in themselves, but they do make us all more vulnerable to anything affecting someone else.

It is therefore strange to notice that there is a difference between big businesses and small businesses in their attitudes towards the EU.  Because small businesses do not tend to export or import, they are less aware of the benefits of the EU and more aware of the cost of complying with EU regulations.  Big businesses often seem unaware of the problems faced by smaller ones.

The reason I am surprised and concerned is that we are all so interdependent.  What affects one affects lots of others.  If big businesses think small businesses do not matter, they need to think again.  They get a lot of their supplies, either directly or indirectly, from lots of small businesses.

And small businesses need to think that anything damaging big businesses will have effects on them somewhere down the line.

So have a look at your supply chain.  What are the risks?  What can you do to manage them?

Have a word with me if you want to go into this further.

How can big businesses manage their external risks?

I have written about the need for big businesses to recognise three categories of risk: operational, strategic and external, and I have written about the ways in which the first two categories need to be addressed.  In this article I will deal with the third category.

External risks are particularly difficult to manage because of their unpredictability, but ignoring them is not the best approach.

  1. As with other risks, the first step is to identify them.
  2. The next step is to ask “What if…”
  3. Then different possible strategies for dealing with such an eventuality must be examined and an appropriate one (or more) chosen.


One difficulty to be recognised throughout is that various assumptions will have to be made as to what exactly might happen and how it would affect the business.  There would also need to be assumptions as to how other organisations or individuals would react.

One approach is to conduct a series of “war games” from time to time to test the business’s ability to respond and to learn lessons before being tested in real life.  Sometimes these can be highly realistic, but often they have to be confined to desk-top exercises.

Whilst no method is foolproof, organisations are generally strengthened by conducting any such exercises.

Beware! Pfishing is getting more dangerous.

I have warned before about the dangers of opening dunious e-mails and especially the links and attachments in them.  Well they seem to be getting cleverer and more harmful than ever.

I am grateful to Will Howell of CTA Systems for this latest advice.

The pfishermen copy the name of a genuine e-mail contact of yours, so you are most likely to trust it.  The malware that will come onto your computer is likely to be ransomeware.  That means it will lock your computer until you pay for a password from the pfishers.

How can you detect it?

They probably will not have copied the full e-mail address of your real contact, just the name.  Do look for the full address by hovering your cursor on the name, without actually opening it.  Also, try ‘phoning them or even sending an e-mail to their correct address – DON’T use the Reply facility!



What risks do the Panama Papers pose to you?

You may think that the fuss about the revelations of offshore funds, tax havens and money laundering have nothing to do with you. (That is assuming you are not one of the people named.  If you are, the risks are different).

I can detect two areas in which the present obsession with David Cameron’s finances can affect all of us, regardless of the rights and wrongs of his actions.

  1. Firstly, the focus by the media and politicians on this issue risks becoming a distraction from other issues which really do affect us all, including:
  • The steel industry
  • The junior doctors strikes
  • The refugee crisis
  • ISIS

Any of those issues could affect you and me far more than whatever the Prime Minister does with his money.

Linked with this is the risk that people will allow their opinion of David Cameron and therefore their decision on the EU Referendum.  Should our future in or out of Europe be determined by our views on tax avoidance?

  1. Secondly, the obsession with the Prime Minister and other world leaders and celebrities risks drawing attention away from the fact that some of the revelations indicate that big-time tax evasion was going on, and that there was even more serious criminal activity, such as laundering the proceeds of the Brinx Matt robbery and other crimes. We should be far more concerned about the implications for all of us.

Let us focus on the issues which really affect all of us in the short and long terms, and not be carried away by the current hysteria over one issue, not that anything I have said justifies the PM or anyone else if they have behaved dishonestly, but I am still concerned about the risks I have mentioned.

Who is interested in Risk Management?

I hope the answer is You are!  The main reason I like to think you are interested is that you want to be in control of your business and want to know there is a means of dealing with whatever may happen.

But who else is interested in how you manage your risks?

You may never be asked the question in in way that specifys “Risk Management”, but you might well be asked something like:

  • how do you deal with Risk in your business?
  • how do you deal with – (insert a particular risk)
  • how is your business managed
  • what management systems are there in your business?
  • give evidence of governance in your business.

Being able to show that you have a Risk Management system in place would be one way of at least partially satisfying such a questioner.  Another way would be to show you had had a Risk Survey in the recent past and had at least begun to implement the recommendations.

So who is going to ask such questions?

Usually someone providing finance for your business, but not only them:

  • a bank
  • a funding agency
  • an investor
  • your insurers
  • a business you want to partner with
  • an organisation you want to submit a tender to

How easily could you impress them?

Would a little help help?

You know where to find me.


The Risks of a Brexit

Many people say they would like the facts about the EU rather than a lot of arguments from the two sides.  I can sympathise to a large extent, but unfortunately I do not think they are going to get what they want, for two reasons.

  • Neither side is going to give totally opinion-free information.
  • In any case we are dealing with risks, largely unquantifiable.

I call my business JHM Risk Management Services because I aim to help people and organisations manage their risks.  I do not offer guarantees of outcomes.  If I could do that, I would call my business JHM Certainty Management  Services.

So regarding the EU, the best way I can help you, I think, is to set out the issues to be addressed in the event of a Brexit and to ask you to consider the likelihood of a best- or worst-case scenario and of something in between.

If the UK left the EU there would have to be negotiations to establish the framework for a new relationship.  The only alternative would be to cease all contact with the EU and all the member states, which is so unlikely as to be disregarded.  I set out below what I imagine would be the things the Out Campaign(s) would want to see.  This is what I expect would be the Best Case Scenario from their point of view.

  1. An end to our contribution to the EU budget. This is not a forgone conclusion.  The EU might demand some contribution in return for agreeing to certain of our other demands.
  2. The British Government to determine the rules for migration to the UK from the EU.
  3. The EU to continue to permit British citizens to travel, trade and work anywhere in the EU without restriction.
  4. Free trade in goods and services in both directions.
  5. The UK to determine its own version of Human Rights.
  6. The UK to determine its own version of the Social Chapter, so that companies who fail to meet EU standards regarding Health & Safety or Employment Rights would not be prevented from trading in the EU.
  7. Continued and increasing cooperation in fighting crime and terrorism.
  8. Continued and increasing cooperation in intelligence operations against countries outside the EU posing a threat to the UK or any member state.
  9. Continued and increasing cooperation in dealing with immigration, illegal and legal, from outside the EU including the refugee issue.
  10. Permission to fish in EU waters.
  11. The right to ban or restrict fishing in British waters by people from EU countries.
  12. Exemption from EU regulations regarding climate change and the environment including recycling and waste management.
  13. The elimination of “red tape”.
  • It must be acknowledged that many of the above are in the interests of the EU as much as of the UK. For many, however, there would presumably be a need to compromise.
  • An optimistic view would be that most of these things could be achieved within a year or two with good will on both sides.
  • The pessimistic view is that a Brexit would destroy good will and lead to obstruction and pettiness even where such attitudes were contrary to the interest of the EU or its member states.
  • It is hard to see how “red tape” could be eliminated for businesses trading with the EU even if the UK was not a member. There would presumably be a desire for accountability and evidence of compliance with such regulations as applied, even if some could be waived.

So I conclude with these three pieces of advice from a Risk Management perspective:

  1. Ultimately each of us will have to take a view on the likeliness of the UK obtaining all, most, some or none of these things in a post-exit negotiation.
  2. Even if you assume the ultimate outcome would prove satisfactory, you need to think about the time it would take to achieve it and the effects the uncertainty and any temporary disruption would have on our economy or other aspects of life.
  3. We also need to accept that staying in is not a risk free option. The future of the EU itself is uncertain as is the likelihood of further immigration, integration or undesirable interference in our lives by EU institutions, regardless(?) of the Prime Minister’s recently negotiated improvements.


Why do senior managers find it so hard to manage cyber security?

Many people in the IT industry and management consultants have often commented on the poor management of the cyber risk as compared with other risks in the business.  A recent survey by Bay Dynamics presented at an RSA conference in San Francisco set a number of factors.  They sound familiar to me, so perhaps they are relevant to you.

  • Experts present the information to managers in cyberspeak and nobody likes to admit to not understanding.
  • Experts fail to give quantitative information so it is not possible to make rational judgments balancing the risk with the cost of reducing it.
  • Experts offer solutions which are not affordable or practical.

Does any of this sound familiar?  Speak to me or someone at Metanoia Business Services Ltd.

Go to

Or give me a ring on 01925 445215

We speak English and address your business problems, matching solutions to the risk and to your resources.  Don’t take my word for it.  Let us give you a quote.  Or just have a chat.  It won’t cost you anything and it might save you a lot.

Is there a lesson for Risk Management in the Easter story?

Did Jesus take sensible measures for his own safety or did he walk right into trouble?
[See St.Luke Chapter 19 verses 29 to 35 and Chapter 22 verses 24 to 30.]
Jesus is expecting trouble and has made some secret preparations. When he sends his disciples to collect the donkey, and later when he sends them to prepare for the Passover supper, he gives them specific things to say and to look out for.  The owner of the donkey and also the host for the Passover supper, have obviously been told to expect him and it is all planned to draw as little attention as possible.  St.Luke shows that Jesus death was inevitable and had been foretold many times, but he was keeping control of events up to the right time.  He did not blunder in blindly.
So in planning our lives so as to take control of the risks, we are following a good precedent.