Managing Risk in the Private Equity Industry Middle Market with Interim Executives

This post has already been read 413 times!
0 Flares Twitter 0 Facebook 0 0 Flares ×

Managing Risk in the Private Equity Industry Middle Market with Interim ExecutivesMiddle market private equity (PE) firms face the same risks as any organizations in the venture capital and investment industry, regardless of whether they specialize in real estate, growth capital, mezzanine financing, leveraged buyouts, fund of funds or specialized situations. The six primary risks fall soundly, surprisingly not into the financial arena but into the operations realm with risk management demand heaviest in:

  • Technology,
  • Third Party,
  • Fraud and Misconduct,
  • Cyber Security,
  • Compliance, and
  • Crisis Management.

Each of these high-risk areas is big business in and of themselves, and PE companies can’t afford to be fully into these practices while, at the same time, not being able to afford to not be excellent managers of risk categories. Fortunately, this Catch 22 conundrum has a solution. Interim executives: Interim executives from each of these industries are ideally suited for stepping in and quickly developing risk management strategies, implementing them and transferring their knowledge and capabilities to internal management-level professionals for sustainable results — and they’re also available to step back in at any time to address new risk management challenges.

Technology Risk Management

Technology risk management (TRM) core practices include anticipating disruption, identifying information security weaknesses (i.e., through cloud services, cyber threats, email and investor information breaches, etc.) and finding threats (through data analysis, then escalating the issues through to resolution. The PE industry isn’t known for utilizing best practices in TRM, yet doing so is becoming increasingly important, so the TRM gap gets wider and wider in the industry.

The good news is two-fold. Most middle market PE firms don’t have pressure on them to go into the business of TRM in a big way because their vulnerabilities are fewer and smaller than those of the giants, and interim executives who can instill TRM best practices don’t need to be PE savvy, just technology risk experts. TRM subject matter experts ideally should also be rooted in operational excellence (OpEx), because TRM is an operations function and the practices an OpExpert™ can instill will come with greatly enhanced sustainability. Look to practitioners of TRM in the following industries to find the best of the best: healthcare, manufacturing, other financial services, government, and transportation.

Third-Party Risk Management

When a middle market PE company outsources services to a third-party (3P) vendor — to reduce costs, increase delivery time, meet demand volume, grow their footprint and/or deal with regulatory challenges, for example — TRM demand increases and there are additional opportunities for the PE company to be compromised legally, face regulatory and compliance problems, suffer performance breakdowns, damage their reputation, increase financial risk and more. It’s unlikely the 3P organizations will manage the PE organization’s risk as diligently as needed.

Again, an ideal solution to this challenge for middle-market PEs is to infuse their operations with the experience of a 3P risk expert, an executive who has managed and mitigated risk from business networks of all types that use 3Ps as a standard operating procedure. And again, this interim exec doesn’t need to be a PE expert; an OpEx focus will deliver sustainable strategy and implementation. Furthermore, this interim exec will be on the cutting edge of 3P risk because that is all they deal with, ensuring crystal clear comprehension and solution capability. Execs who practice 3P risk management in the following industries will serve you well: banking, banking, and banking.

Fraud and Misconduct Risk Management

Middle market PE firms get no break from exposure to fraud and misconduct risk just because they aren’t the giants. The sheer nature of the industry — the complexity of transactions, cut-throat competition, 3P involvement, asset structures, tight operating structures, limited transparency if any, and investor demand and activism to name a few — leaves well-hidden doors wide open for illegal activities including but not limited to: false reporting, asset absconding and misallocation, bribery and other corruption. The third out of six core risks, this one can strike anywhere in the PE firm’s operations at any time, or many places simultaneously.

The appropriate interim executive to bullet-proof a PE firm against fraud and misconduct is one who has exclusively practiced fraud/misconduct risk identification and management in the highest risk industries: private businesses in banking, manufacturing, healthcare, education and retail. If the executive has experience integrating or participating in operations centers of excellence, even better as that individual will deliver strategies and solutions with long, evolving, healthy life spans.

Cyber Security Risk Management

PE organizations deal in assets, and that makes them very attractive to cyber attackers because injuring a PE company has the potential for huge-harm snowballing. Whether the people who want to cause harm are employees, competitors, disgruntled ex-3Ps or dissatisfied investors, middle market PEs have to assume they are at as much risk as the giants and implement a robust system of prevention, continuous improvement, ongoing detection and effective iterative responses to the cyber attack.

An interim exec with the credentials of a chief information security officer (CISO) is the ideal choice for designing and deploying a sustainable risk management program for you in this area of risk. Again, a strong OpEx ethic and capability will give you the best operational platform and practices for ongoing effective cyber risk management success. You can’t go wrong with an interim exec from any of these backgrounds: healthcare, other financial services, manufacturing, government and legal.

Compliance Risk Management

Rules, regulations, and laws for the PE industry vary widely from nation to nation, but every nation has them, and compliance with them is both the secret to sustainable success and the biggest threat for being put out of business. At any given time, the list of areas for potential (big) regulatory pitfalls might look something like this: co-investing, fee and expense disclosure, expense and investment allocation and shifting, valuation and transparency. Middle market PE firms can hardly go into the compliance business in a big way because that’s all they’d end up doing.

Enter the interim Chief Compliance Officer (CCO). Oddly, compliance is a touchy-feely area of risk management. The regulators want to know that your firm is committed to integrity in the area of compliance. An interim CCO with influence and stature in your industry is the very best temporary addition to your compliance risk management effort. In fact, of the core risk areas, this is the one where an industry insider is a must have. This individual can readily establish your firm’s reputation for high compliance making it easier for your team to maintain high ethics in both practice and reputation.

Crisis Management of Risk Management

Take a look at all five of the areas of risk above. Each of them is prone to causing big crises in middle market PE firms. For each risk management effort in these five areas, have the interim execs produce the following crisis management tools:

  1. Risk-specific assessment,
  2. Risk management playbook,
  3. Incident response and mitigation plan,
  4. Pre-incident test of 2 and 3, and
  5. Ongoing review, testing and management of 1 through 3.

Reconnect with each of your interim execs periodically and perform a re-assessment, then adjust the management plans and the crisis management strategy. Consider bringing in one additional crisis management interim exec for these efforts from any one of the following industries: food, automotive manufacturing, government or pharmaceuticals. They’ll have crisis management pedigrees that will be spot on for you.

At the end of the day…

It costs, on average, 36% less to onboard and compensate an interim executive for the same amount of time and contribution of a permanent hire. It makes sense because you’re in the middle market PE business, not the risk management business, but you have to do the business of risk management. The temporary employee of the 21st century that can do the best work for you in the area of risk management comes from the C-suite of other companies, not competitors, who are in the risk management business.

See our Infographic: Outlook for the Private Equity Middle Market 2018 here

If you liked this article, we'll be happy to send you one email a month to let you know the newest edition of the MetaOps/MetaExperts MegEzine has been published. Just fill the form below.