Running a Risky Business
Roselina Mahmood
For those who say starting and running a business is “high risk,” they couldn’t be any more correct. For 22 years I’ve served as managing director of a security business. My employees operate in a risky environment where our cash in transits—known as CITs—are robbed, or robberies are attempted, on a reasonably frequent basis. One event made me re-think how I operate my business, and it taught me how to become a better leader in the process.
On 29 August 2008, one of my teams was picking up and delivering cash to a client when they were ambushed by an armed gang. With great sadness we learned that a member of our staff had been killed during the robbery. We all knew this particular security officer well, and the subsequent emotional impact of his death affected the entire company. The morale was very low and the fear of continued attacks heightened as they became more common throughout Malaysia.
As is often the case in life and business, we sometimes fail to realize our shortfalls until a tragedy forces us to reassess our way of business. It was up to me to ensure that my business and staff was as protected as they could be from unexpected crises. After conducting a thorough inquiry of the event, I came away with some insights that helped me teach my staff how to prepare for and respond to these types of events.
Improving Staff Training
One of the main lessons I learned was that we not only had to protect our high-value cargo to a higher standard, but we also needed to provide better training, awareness, threat intelligence, equipment and leadership to our guards. We had to equip these men and women with the appropriate knowledge to ensure their safety is always the first priority. Like in any business, the more you educate key players, the more efficient they become. Sticking to the Right Priorities
Sudden, unbudgeted changes in any company can severely impact the operational cash flow. For us to move forward, we had to make changes to any priorities that didn’t support our operational staff in high-risk environments. I began by drawing on internal resources and examining how we could best utilize existing equipment and knowledge. I also re-wrote and re-instituted our standard operating procedures to deal with the newest threats, and spent funds so our staff had the best protection.
Maintaining Continuity
The most important lesson we learned was that a business continuity plan (BCP) must not only be in place, it must be reviewed and managed as a living document. In alignment with this plan, we established a committee that automatically activated during crisis mode and followed the established plan. Finally, to maintaincontinuity in my business, we now conduct quarterly “mock runs” on the BCP and assess its success and shortfalls. Afterward, we make the necessary corrections.
Building a Budget
When it comes to preparing my company for emergencies, a crisis management budget must be set. By building this budget—a percentage of our revenue earned—we know we will have enough funds set aside for emergencies. I added this cost into the general operating budget. With our budget secure, we now know that we will be able to effectively manage any crisis without disrupting the business.
In the end, I learned that you can never be too careful when it comes to protecting the people in your business. While I had to learn this lesson the hard way, it has given me a great opportunity to prepare my company—and the people supporting it—for anything that life or business throws our way.
