Have you heard the one about…
- The solopreneur asked for their “Diversity Policy” as part of a bid qualification exercise.
- The embedded risk consultant asked to undertake fraud awareness training for a new expense system they can’t access.
- A contract worth <$5,000 where the advisor was asked to secure >$1m in liability insurance.
- The one-person company asked to provide their business continuity and crisis communication framework during onboarding with an MNC.
- A provider of two in-person training sessions required to fill out a >50-page due diligence questionnaire.
These recent examples (from my network and my own experience) could be the cause for rolled eyes. But they also present opportunities.
“Do you have something off-the-shelf?”
If I had a dollar – okay, maybe $100 – for each time I heard that phrase, I’d not be here! It indicates there is a significant market for more affordable risk content. Sometimes, the request is a function of immediacy. In other cases, it’s financial – “I don’t have an endless budget to spend on something customised, so I’ll take generic for now and work on it.” And yes, there are also the cynics, “I need to look more professional than is currently the reality.”
For the time- and budget-sensitive types, what to do? There is a dearth of options. Using freelancer sites for most medium or large organisations isn’t viable. And then there’s a chasm where the next step up is advisors (law firms, audit types, accountants, and risk management advisory firms). These folks are seldom set up to do simple productised transactions.
In many prestigious advisory firms, “commoditising IP” or entertaining the “off-the-shelf” requestor is treated like farting during a funeral – taboo but generating some amusement.
Back to the 5 examples
First, let’s consider how those of us smaller firms receiving these questions might use them to improve.
- Diversity in a one-person firm may appear challenging. But what is the aim of diversity? To have better ideas and provide opportunities for everyone. A solopreneur can do that. Surrounding yourself with a tribe of allies with whom you can share ideas for feedback and finessing. Solopreneurs also buy things – services, products, and subscriptions – and partner with others. You can allocate that spend intentionally to support a diverse group.
- Enduring training you can’t action is a chance to: a) assess the quality and methods of training instruction, and b) consider possible improvements to the expenses system. As an objective outsider, if it doesn’t make sense to you, it isn’t for those using the system. Those are valuable insights.
- What level of liability insurance is sensible? What is the actual value (and potential costs of failure) in your $5,000 assignment? If the cost of failure is really >$1m, then you’re undervaluing yourself.
- Having multiple back-ups of drives, different devices, working locations, and alike is feasible, even for one-person outfits. It forces a discipline that de-risks you, somewhat. Then you can think about trickier things, like redundancy and succession.
- The next questionnaire (on the next job) might be three pages or 10, but it’s always the same questions. So, better get to codifying the data requests. Having a simple spreadsheet from which I can copy and paste the proforma questions has saved much time. Creating a folder with all the disclosures, likewise.
Commoditised isn’t a dirty word
What about the medium and larger organisations that don’t need a bells & whistles service but have a simple itch to scratch?
In 2019, when I launched the prototype platform for Ethics Insight, we focused on various assessment tools – anti-bribery to modern slavery. The first users immediately came back and explained that having a “then what…” element would be helpful. So they’d identified the 20% of their program needing further work, but how to do that?
We started to create a library of content designed to help speed up implementation in the most common areas where people struggled to get affordable content. We’d also look at the outputs of each advisory project and see if we could anonymise and sanitise them. I was surprised how this “simplified” content quickly became the most useful thing for many people.
Other ideas:
- Develop a network of peers who can provide resources, guidance, and suggestions. Many formal and informal groups now offer forums for these discussions.
- Copying – go an find a document online from someone doing something similar to you and adapt it for your organisation. The challenge (plagiarism and IP theft aside 🤔) is determining if their content is any good and identifying what’s missing.
- Go beyond the first page of Google and find the disruptors cropping up (especially in LegalTech).
- Find a freelancer (high risk, but the ones who immediately say yes are generally the last ones you should use – gleaned from bitter personal experience).
- Share the love. Most of my current project work is helping development finance and impact investors upskill their investees with appropriate risk frameworks. Transferring knowledge to those who present risk is in your enlightened self-interest.
No bad questions
Simplifying and making risk guidance more accessible is a good thing. It’s the only way we can respond intelligently to the five scenarios I started with. Either by asking informed questions about why question X or Y was included or responding thoughtfully.
Bureaucracy and unthinking processes are inevitable in organisations. Think about the why behind each request. At worst, you’ll learn what NOT to do in the future, and at best, it’ll improve what you do (which is good for everyone).
Finally, if you’re in a position to upskill those around you, life gets easier!