Business Model Risk


Business Model Risk: The Forgotten Risk Type

Sustainable business models that demonstrate adequate profitability over long horizons are key to a healthy market economy. This applies to firms and organizations of any size and in any sector. But how do we determine what is sustainable and how can we tell a risky business structure from a stable one?

On the small-scale end of the size spectrum we have the domain of startups and SME’s. Here, the ability to bring new ideas to the market is deemed vital for renewing economic activity and creating jobs, especially in times of technological change. Yet we know that small firms have very high failure rate. Many of their business ideas and models will never graduate into an actual, long lived, business. The need to understand the factors behind successful small enterprises has definitely seen its share of research over the years. One of the recent trends is to focus on business model systematics, a good example being a recent European Commission policy brief.

On the large-scale end of the size spectrum, business models have received recently (negative) attention in the banking sector. The financial crisis and its aftermath has raised questions on the ability of financial services firms to effectively manage the business model risks associated with their sprawling business lines. In fact the banking supervision arm of the European Central Bank has just raised banking business model risks (and the associated profitability outlook) as a high priority issue for review in the course of 2016.

These two worlds come together in the debate around fintech. I have argued here, that risk managers have their work cut out irrespective of the financial services platform they chose to back in the upcoming future. Whether working as “disruptors” or “incumbents” risk managers need to get serious about developing capability around business (model) risk. Alas, a quick review suggests that the whole business model risk subject is still in an embryonic stage and only very few guiding references exist. We can therefore with some fairness denote business model risk as the forgotten risk type. The greenfield nature of this risk topic makes work in this area both challenging and exciting.

Assuming we have now compelling motivation to look into this issue deeper, we need to decide how to go about a suitable risk framework:

“How does one go about assessing the risks associated with a given business model in a systematic way?”

Using the standard risk jargon, how do we go about identifying, measuring and managing business model risk?

The Business Model Canvas

Seasoned and impatient risk managers should resist the temptation to dive straight in and try to statistically regress a collection of profit metrics against macro variables. Such an approach is a dead end as a long term risk framework. We can always do this exercise, and we will get some insights. But it will not illuminate us very much about what is going on in the inner workings between the firm and its clients. In fact, we are likely to end up with operational risk model style disillusionment, where the industry has an apparently sophisticated measuring framework in place, yet we know very little about what is happening on the ground. The outcome is that the machinery is not really fit for purpose for answering real life “what if” questions.

Instead, lets try the following:

“The core idea for a business model risk framework is to establish an information schema for business models and then work on identifying the weaknesses of the different elements and the linkages comprising the model”

Luckily we do not need to start from scratch regarding the first part (a business model description schema). Over the decades lots of people have toiled over how to create business model schemas. Currently there is some excitement in startup quarters about a simplified version of a business model, the so-called Business Model Canvas

The Business Model Canvas

The Business Model Canvas

The BMC schema is built around 9 categories (components) which need to be specified in order for the business model to become concrete. For example Customer Segments captures the segmentation of the potential client base using demographic, geographic, economic etc attributes.

Revenue Streams and Cost Structure are two of the elements as expected. When thinking about the risks or threats to these profitability components, we now posses a set of interlocked elements that can help us trace potential weak links. For example, Value Proposition is a core element: The firm product or service must create a distinct value proposition for its customers. Such value is somewhat difficult to quantify, yet it is clear that e.g., business volume critically hinges on this measure.

Before getting on with the risk job, we need to introduce an element missing in the original proposal, namely Competitors. It may be also psychologically useful to rearrange the components to emphasize that we are only handling customer centric models!

A client centric business model

A client centric business model

In our summary graphical depiction of the business model, the firm (or business line) is indicated as a set of elements centered on the customer. Activities and Resources, are followed up by Distribution Channels and Client Relationships. These four elements help realize the Customer Value Proposition. In turn this entices Customers to generate the Revenue Stream, which then gets distributed through the Cost Structure (arrows) to support the firm operations. Key external parties are the Partners and Competitors of the firm.

We are now ready to start developing the second part: a risk identification framework.

Identification of Business Model Risk

Read more in our Open Risk White Paper: Identification Framework