Is your risk management process ready for collaboration and merger?

Too much to lose 

Collaboration and merger are hot agenda items in all sectors, and in particular the NHS, as well as police and fire and rescue services at this point in time. By their nature any collaboration or merger, whether at the preparation, execution/transition or go live stage presents a heightened risk profile and exposure to differing risks, coupled with increased scrutiny from stakeholders. 

However, one of the biggest risks that often goes unrecognised is the fact that during this exceptional headline grabbing activity all organisations involved will still need to get on with delivering the day job – ensuring business as usual, which for many public sector organisations involves protecting the public and saving lives. All too often, however, the business as usual is forgotten and the focus on it is lost at all levels within the organisation and the wheels do come off. The inevitable melt down that follows will jeopardise all that has been worked for and more than likely threaten the success of the merger itself as regulatory or public/media interest increases causing at the minimum a significant further distraction and at worst an unassailable mountain of concern to climb including 'do we really want to be associated with this organisation?'

Any organisation planning a collaboration and merger needs to consider carefully whether their risk management capability, capacity, systems and process are up to the job of reporting on business as usual and the new programme/project arrangements. Are the current processes geared up to pin-point existing and new areas of risk and importantly when they do how will the organisation respond? 

As well as the effectiveness of risk mitigation, merger related and business as usual, all too often risks are ignored or they are thought to be tackled by the act of writing some woolly mitigation in a risk register. Unfortunately writing it down doesn’t mean it will be done. Of course risk registers themselves can become blockers – they can create risk blindness…it’s all in there but you just can’t see it. 

My favourite analogy is what if you asked the director of finance for an update on the financial position and they dropped a copy of the general ledger on the boardroom table responding 'it's all in there somewhere!' So a risk register (as useful as they are) is like a ledger, it needs analysing, interpretation and reporting to aid understanding. 

During the early stages of any significant event such as merger or collaboration organisations need to take time to review their risk management arrangements: identification, assessment, mitigation, monitoring and reporting, as well as the surrounding governance. 

Make sure your risk management is up to the job a head, and ensure that the organisation(s) with whom you are intending to merge do the same. It would be a dreadful waste of resources if they didn’t check too and suffered a significant failure, thus wasting your time and resources as well as theirs. Maybe an agreed and joint approach to managing risk of the transaction is the start of the collaboration or merger...after all there is too much to lose if it goes wrong.

If you would like further information on any of the points raised, please contact Matthew Humphrey or your usual RSM contact.