Three Ways Business Owners Can Evaluate Financial Risk

Financial risks can be mitigated by good internal controls and procedures.

A businessman carrying a closed laptop walks outside a building while looking at his phone.
(Image credit: Getty Images)

Financial risk can come in many forms. It could be an outside party that gains access to your bank account or a lawsuit that could bankrupt your business. Alternatively, it could be a high-access employee embezzling funds or a poor business decision made without adequate research. 

Because there are a variety of ways your business’ financial health could be threatened, you need to see where your weak points are. Here are three areas that are especially important to investigate as you evaluate your company’s potential financial risks.

1. Check in with your employees

Employees can be both your greatest defense against risk and your greatest weakness. As a result, you’ll need to employ both training and oversight to reduce employee-related risk.

Subscribe to Kiplinger’s Personal Finance

Be a smarter, better informed investor.

Save up to 74%

Sign up for Kiplinger’s Free E-Newsletters

Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.

Profit and prosper with the best of expert advice - straight to your e-mail.

Sign up

When hackers are trying to steal your information, seldom is it a dramatic “hack into the mainframe” Hollywood stereotype. It’s far easier to get what they want by tricking your employees into clicking a link or volunteering valuable information. And with hackers becoming more sophisticated in their social engineering exploits, training is more important than ever. 

On at least an annual basis, you should evaluate your employee training procedures. Anyone who has access to sensitive company and financial information should be taking part in regular financial risk training. You could also look into newsletters that send information on current scams so your employees can recognize phishing attempts and other malicious tactics. 

Just recently, a friend of mine told me that more than half of his employees received a text supposedly from the company’s president. The texts asked the employees to purchase online gift cards, supposedly for a client who was suddenly coming into town. Thankfully, the employees in his small business easily recognized that the text message wasn’t in the president’s writing style. With larger employee pools, however, there’s a higher chance that at least one person will fall for it.

2. Assess your technology

Electronic delivery of information has mostly taken over mail and fax delivery systems. While the convenience and efficiency can’t be denied, electronic delivery does carry risks of interception. Making sure your technology has sufficient protection is therefore something you should evaluate regularly.

If you or your employees send sensitive information via email, are the attachments password-protected at a minimum? Are the fintech programs you use secure and trustworthy?

Even if you have tech security measures in place, you still must confirm that your employees are using them. Make sure supervisors regularly emphasize the importance of continued adherence to policy.

In my experience, the most flagrant disregard for security procedures sometimes comes from executives and owners. So if you want your entire staff to practice diligence in security protocols, lead by example. When staff who are copied on sensitive emails see their bosses and supervisors use encryption without fail, it encourages them to follow suit. 

On the upside, technology can be used to reduce financial risk when making major business decisions. AI has played an especially important role in this regard. For example, the demand planning features of supply chain management systems can prevent businesses from mistiming investments in inventory and equipment. In nearly any sector you can name, AI’s data analysis and pattern recognition capabilities can help companies sidestep financial risk.

Kiplinger Advisor Collective is the premier criteria-based professional organization for personal finance advisors, managers, and executives. Learn more >

3. Have at least two sets of eyes

Micromanaging is generally considered a negative trait in the business realm. In an ideal world, you should be able to hire exceptional employees and leave them to their own devices. Unfortunately, a lack of oversight can cause major problems and leave you open to great risk.

If you have employees with substantial power over finances and billing, ensure that someone is periodically checking their work. Even if that person is at a similar or lower rank, having that second set of eyes is vital.

First of all, it highly discourages embezzlement. There are all sorts of ways to siphon off small amounts of money that don’t raise red flags on summary financial statements. For example, an office manager can place a supply order and purposely overpay the invoice. When the supplier refunds the overpayment, the office manager cashes the check and keeps the cash. If no other person looks at the bank statement or compares the supply invoice with the original payment, it’s a scam that’s easy to get away with.

Another reason to have additional eyes on finances is to discover errors. Even stellar employees are only human, and they’re bound to make the occasional mistake. In severe cases, you may be dealing with individuals who aren’t great employees. You don’t want to detect their incompetence in their role only after the situation has become a catastrophe.

Should your business have high-responsibility areas of finance that are running unchecked, you need to get a review system in place, stat. No one person should have absolute control over all the finances. 

Identifying your company’s vulnerabilities

Some amount of risk is inherent in running a business. Without it, there would be no reward. Yet prudent business owners will strive to keep that level of risk to a minimum. 

Most of the time, financial risks can be mitigated by good internal controls and procedures. Once you identify your vulnerabilities, you can take steps to shore up your defenses and prevent disaster.

Related content


The information provided here is not investment, tax or financial advice. You should consult with a licensed professional for advice concerning your specific situation.

Angela Ruth

Angela Ruth is Co-Founder of Due, a financial service helping people plan retirement on their terms.