Parts I and II of this mini-series dealt with the concept of risk as it applies to the valuation of companies and identified a number of risks which investors are sensitive to and which affect their perception of risk. I advocated that anyone wishing to sell his or her company or raise equity should identify the particular risks involved and manage them, to the extent possible, well prior to entering into discussions with potential investors.

This article outlines some of the common steps that owners of businesses can take to manage risk, thereby maximizing valuation, as well as increasing the chances of a successful transaction.

• Managing risk starts with knowing your company well: are there any skeletons in your corporate closet? Try to catalog the ten most important risks facing your company and list them from an investor's perspective. Some examples of types of risk and how you might handle them include:

• Client Risks: If one client accounts for more than 10-15 percent of your sales or a similar percentage of your profits, try to diversify away from that client. Generally, it is in your interest to sign your clients up on long-term contracts, assuming the contracts are favorable.

• Financial Risks: (a) leverage: if your company is highly leveraged, it might make sense to pay down some of that leverage, switch from variable to fixed rate financing or enter into a new, long-term loan with your bank. (b) exchange risk: If your company exports and imports, the chances are that it is has risks associated with currency fluctuations. Would your profits be greatly diminished by a currency fluctuation? Try matching your imports and exports in the same currency, to diminish that risk, or consider purchasing a currency hedging contract.

• HR Risks: Do your best to ensure that your staff are well motivated and planning to stay for the long-term. Do they have adequate financial incentives (eg. bonuses or equity) to ensure that motivation and do they have appropriate non-compete and confidentiality clauses in their contracts?

• Disasters: There are certain types of risk against which it may make sense to insure, such as professional liability or against natural disasters. You may also consider "key man" insurance, which can bring your company cash flow in the event of an interruption being caused by the death or disability of the CEO or another key member of the management teams. Also, you need to ask whether you have an appropriate disaster recovery plan in place, for your IT and other systems.

Of course, any step pertaining to risk management generally also has its costs. You need to carefully analyze the cost/benefit of each risk management option you are considering. If you have not taken steps to deal with certain types of risk, an investor may want to include the costs for risk management into the operating costs of the company when determining the valuation.

One of the best ways to protect yourself is to have your house in order. This helps to ensure the accuracy of financial statements, tax returns and other reporting systems in the company, thereby serving as an early warning system in identifying unusual patterns that could increase your company's risk (from overstocking of inventory to delayed collection of receivables, to name a few). Investors will look at the quality of your systems in diagnosing risks and the capacity of your company to take action (eg. more effort to collect receivables).

I am not advocating that you run a risk-free business. There is no such thing. What I am advocating is that you take the time to systematically identify possible risks and develop strategies for dealing with them. Business is all about taking intelligent risks.

My previous column (Part I of this series) dealt with risks in the valuation of companies, stressing in particular that the higher the risk associated with a company, the lower the value of that company. This is not static: investors' perceptions of risks constantly evolve as they assess a company and the valuation process is consequently also evolving in tandem. In the context of privately-owned companies, few things are more crucial than the due diligence process, when an investor reviews - in detail - all of a company's title documents, financial records, contracts, etc. Because of this, it is in the interests of all owners to identify and manage risks well in advance of engaging in serious discussions with investors.

So what types of risks are we talking about? There is always the risk of a surprise, but here are just some of the types of risks about which investors are usually cautious:

• Client risks: Is a company's client list well diversified, or does one client represent a disproportionate volume of revenues or profitability? What are the chances of losing the most profitable client(s)?

• Technological or industry risks: What are the chances of a company being left behind by technological change? What other industry-related risks are there (eg. changes in the business model in the industry?)

• Competitive risks: What is the probability of competition intensifying, whether through the entry of significant new players, or renewed efforts from existing players?

• Financial risks: How high is the leverage of the company and what are the chances of default? If a company is listed on a stock exchange, what are the chances of a hostile takeover? What are the possible effects of currency exchange rate fluctuations on the company's profitability? In the event of a change of control, what rights do the company's banks or financiers have? What is the risk that there may be a mis-statement in the financial statements or tax returns?

• Human resources risks: What are the chances of losing key staff? How difficult would they be to replace? Is there an ample supply of blue collar labor? What are the chances of staff costs escalating rapidly? Does the company have one or more unions covering its labor pool? What risks might this entail? Does the company have unfunded pension obligations? Do staff members have stock options that might have an acceleration clause regarding certain events such as a change of control? Will there be any extraordinary severance payments in the event of a change of control? Has the company regularly paid its social security and payroll taxes? If management receives a big payout under a liquidity event, will their motivation be diminished?

• Supply risks: Does the company have an ample supply of raw materials and other inputs it needs to carry on business? What are the chances of disruption?

• Regulatory risks: Are any relevant laws or regulations changing in a way that could have an adverse effect? Are there any ambiguities in laws or regulations that could be construed by government authorities or third parties against the company?

• Environmental risks: Has there been any water, air, or land pollution associated with the product or the property used or owned by the company? An increasing number of legal jurisdictions have strict liability provisions which don't ask questions about how the pollution was caused: if the pollution is on your land, you may be liable to remove it, even if you did not cause it.

• Product liability risks: What are the chances of products being recalled, repaired or replaced? Similarly, if it is an advisory business, could there have been any errors or omissions that come back to haunt the company?

• Intellectual property risks: Does your company have strong and valid rights to its intellectual property? Does it own patents or trademarks, for example? When do these expire?

In Part III of this series (which will appear shortly), I will deal with the issue of how to deal with some of these risks, once they are identified.

Everything has its risks, even getting out of bed in the morning. But that is no excuse for not getting out of bed at all: you can also have a heart attack under the quilt, after all.

The same is true for companies. No company is risk-free and business owners need to identify and fully understand the specific risks facing their companies. This is fundamental to good management, building corporate value, and to any due diligence process a business owner may have with investors.

Investors as well understand that there is no such thing as a risk-free company. When they assess a company, they typically aim to do three things:

• Identify and understand the risks

• Verify whether management has a good understanding of the risks and an effective strategy for dealing with them

• Determine whether the risks may be effectively handled, either with management's strategy or with a strategy developed by the investors themselves

As an owner considering the sale of your company, the worst thing you can do is stick your head in the sand and pretend the risks do not exist - the "ostrich approach." You need to fully understand the risks and develop strategies to deal with them and mitigate their effects. And you need to be prepared to communicate with investors about those risks.

You may have been living with these risks for quite some time, and probably feel comfortable with most of them. The investor, on the other hand, is just getting to know your business and will have a tendency to look for "worst case" scenarios: any advisors retained by the investor are paid to identify risks, and their internal risk management procedures generally require that they map out worst case scenarios. It will therefore take an investor some time to begin to become comfortable with the risks involved with your business.

One of the reasons that there is so often a price gap between buyers and sellers of businesses is that the sellers may be much more comfortable or used to dealing with the risks in the business than the buyers. Similarly, different investors will have different perceptions of the risks involved in your business, which similarly explains why different investors may give differing valuations for your company.

As a business owner, you must appreciate that an investor does not know your company, and potentially not even your industry or even your country of operation - in short, that there are many things that they simply do not know and many things they need to become comfortable with. One of the aims of the Information Memorandum and Due Diligence should be to remove investors' anxiety as far as possible (but without giving a distorted picture of the company).

The riskier an investor thinks your business is, the higher the cost of capital they will apply to the valuation of your business, and the lower the price they will be prepared to offer. It is a basic rule of corporate finance that the price of an asset is inversely correlated with the risk associated with the asset.

Do not wait until you try to sell your business to implement these principles or risk management: the earlier you implement them the better.

So what are the types of risk associated with running a business, and how can a business owner reduce or manage risk? This will be the subject of the next syndicated column, "Managing risk to build corporate value (Part II)," which will appear shortly.

Over the past decade of operating my advisory firm, Euro-Phoenix, I have encountered relatively few instances where a financial advisory firm knowingly breached laws, industry or ethical standards; instances of overt contravention are relatively few and far between.

That does not mean that users of corporate finance advisory services should just assume that the issue of ethics is not important. Ethics are of paramount importance. Allow me to mention some areas where ethical issues can arise:

A.Potential conflicts of interest on due diligence of a buy-side mandate
Several years ago, Euro-Phoenix was working on the buy side of a cable TV mandate in Bulgaria. We uncovered some hidden liabilities on the target company. We did not hesitate for a second to disclose this to our client, knowing full well that we were eliminating the possibility of a success fee, but if you think about it, any advisor on the buy side of a mandate has a similar potential conflict.

B.Setting fees
Fee structures agreed with advisors should be fully aligned with the interests of their clients. For example, if you hire an advisor to buy a company for you, and offer him a success fee based on a percentage of the purchase price, your advisor may have a conflict of interest. The higher the purchase price he negotiates, the higher his success fee will be, which is likely to produce an undesirable result. In my experience, a pre-defined lump sum fee works best in such circumstances.

C.Collecting a fee on the other side of a transaction
Euro-Phoenix was once engaged in selling a major asset for a multinational corporation. We received four offers. Three of those offers came with an explicit bribe from the offering investors: help ensure that a particular investor obtains the asset, and work on driving the price down rather than up - and the investor would be willing to pay us a success fee even larger than that offered by our client. (When we expressed our concern to one particular investor, he hastened to add, "Don't worry - you can collect the success fee from your client as well!") Are you sure that your advisor will resist temptation? Some jurisdictions (eg. the UK) specifically forbid financial advisors from collecting fees on both sides of a transaction.

D.Where a financial advisor is also in the private equity business
Can you be sure that there are strong Chinese walls in place? I am aware of one situation where a private equity firm related to a particular financial advisory firm made an acquisition in the cable TV area. Whereas previously the advisory firm had had a vibrant business in the cable TV sector, to the best of my knowledge it never achieved another mandate in that sector, because the owners or managers of cable TV firms could not be fully confident that their confidential information would not end up in the hands of a competitor.

E.When a financial advisor also provides audit or other services to a client
In a number of Central European jurisdictions (eg. Croatia), it is forbidden by law for a firm that provides audit services to a client to provide financial advisory services or any other services to the same client. (The US, UK, and France, also have restrictive regimes, preventing audit firms from deriving non-audit fees from audit clients). The potential conflicts of interest are numerous. Obtaining a generous success fee on a corporate finance mandate could just provide the right incentive to be more "flexible" with respect to some sticky points in the audit.

I hope that the five illustrations above have at least given you pause for thought. The ethics of your advisors are at least as important as their knowledge and technical skills.

On the one hand one could say that selling companies is the same anywhere in the world, and there is some truth to this: intellectually, the concepts are the same, the steps in the process are the same, and the reasons for the success or failure of a transaction have common elements all over the world.

Having worked on transactions covering more than 40 countries, I can testify to these similarities.

And yet, on the other hand, there are distinct differences to doing deals in Central Europe. But it is hard to put my finger on exactly what these differences are. Perhaps it has something to do with the fifty years of Soviet occupation of most of the region.

During this era, there was no M&A industry in Central Europe; there was a general lack of financial, marketing and other skills; there was a prevailing value that "information was power," and one held his or her cards very close to the chest, only revealing the minimum necessary information. Without giving an exhaustive list of all the characteristics unique to Central Europe in contrast to North America or Western Europe, these include:

• Good information about companies is much harder to obtain. For example, fewer companies, even of comparable size, have sophisticated Management Information Systems.

• Regulatory regimes are not as developed. While most Central European countries have converged considerably with EU laws and institutions, there are often still gaps in enforcement or interpretation of regulations. The regime for collection of debts in Croatia, for example, is remarkably poorly developed.

• Tax laws in most Central European countries are typically not as well conceived, are changed much more frequently, and their enforcement is more uneven.

• The authorities perhaps have more discretionary powers, making it harder to predict risks.

• There is also a much more prevalent grey economy than in Western Europe or North America. This means there is a need to look very carefully at companies that are being purchased, doing a very thorough due diligence. It also means that if an investor buys a legitimately operating company, it may experience unfair competition from those that are not.

For anyone attempting to do a cross-border deal in Central Europe, there are also a great deal of significant cross-cultural elements to doing a deal. The cultures of every single Central European country are highly unique. This is of course just as true for Western Europe.

Language in cross-cultural deals is another potential dimension of complexity. Recently, for example, I was involved in one deal that was negotiated in four languages.

Deals in Central Europe are typically smaller - market size is typically small, and few companies have become global or even regional.

Transactions typically take longer, due to the additional elements of complexity posed by the aforementioned factors.

So, as you can see then, doing deals in Central Europe has a flavor of its own. I do not mean this as a negative point. Doing a smaller mid-sized deal can be more exciting and intellectually stimulating than much larger deals in more developed markets.

From the perspective of multinationals and private equity firms, because Central Europe is generally undergoing much faster growth than Western Europe - a fact likely to remain the case for the coming decade or two - the additional complexity may be worth the effort.

There is also a convergence taking place. Deal sizes in Central Europe are becoming larger, ever increasing numbers of people are conversant in English, tax laws and regulations are gradually becoming clearer and their enforcement more predictable.

I have seen a huge evolution over the past 20 years, but it will probably take at least another 20 years before Central Europe fully converges with Western Europe.