Running the risk numbers: do you know what your project contingencies add up to? If not, it’s time to take control
29 June 2015
As a senior executive, you know that all your long-term major projects have a risk contingency built into the budget and contracting structure. Sometimes it’s as much as 20% of the total costs, sometimes much less. But like risk itself, it’s always there.
Given this, try asking yourself a couple of questions. First, if you totted up all the contingencies across all your projects, do you know how much money you’d find was tied up in risk cash? If your business is of a significant size, it’s probably several hundred million pounds – maybe more.
Second, if all this cash really is a contingency against risks coming about, why do we rarely see any of it ever come back to the business? In other words, when did you last see a project return the contingency because the risks didn’t happen?
If the answer is ‘never’, you need to take a closer look at your company’s processes for addressing projects risks. Not just the way you assess and quantify the risks that may affect each individual programme. But also the way you manage, govern and police the resulting contingencies – not just within each project, but across the entire project portfolio.
The challenge of assessing, costing and controlling risk contingencies is faced by industries with long-term, high-value programmes involving significant risks, ranging from public infrastructure to major construction projects. And we’ve had a steady flow of clients approaching us to discuss how they manage their risk contingencies, all voicing a shared feeling that there must be a better way.
They’re right: there is. And to turn it into reality, companies first need to step back and reassess the entire way in which they think about and approach risks on major projects.
Why? Well, traditionally, risk assessment and quantification have been tackled within project siloes, using a very engineering-based mindset – almost as if these processes were part of the project itself. The result has often been a fragmented approach that varies widely between projects, in turn meaning that contingencies vary widely as well, and usually end up getting quietly subsumed into the overall project budget. At the same time, projects in general have continued to tend towards overruns on cost, time, or both.
All these issues point to a need for fresh approaches, both at the project and portfolio level. On individual projects, there’s often a need for greater rigour around risk assessment, including more explicit accountability and sign-off processes, and a more holistic perspective that looks not just at financial but also time risks – reflecting the fact that, for some customers, missing delivery milestones can be the biggest driver for increased risk costs. There’s also scope to apply new methods to improve the accuracy of risk quantification: we’re increasingly using a range of risk and actuarial analysis approaches adapted from other sectors to provide alternative view of risk to corroborate or challenge traditional risk estimates.
In parallel, at the portfolio level, a major focus for companies should be creating greater consistency and transparency in their contingency assessments across different projects. This is especially important for major groups with a wide range of large, long-term projects, where the same risks may affect multiple programmes. This portfolio approach enables risks to be offset between projects, and – by overlaying risks across all projects and understanding their impact over time – makes the overall risk profile more sustainable and potentially reduces the aggregate cost of contingency.
For companies that get these various elements right, the rewards are significant. Not only do they get clearer visibility into the cash tied up in risk contingencies across their projects, and a corresponding improvement in their ability to manage that money and make trade-offs. They also reap major benefits on individual projects, including not just cost savings but also better delivery against timescales and improved customer/stakeholder management.
What’s more, companies are increasingly coming round to the view that the natural corollary of a portfolio approach to risk quantification is a single point of ownership and accountability for risks across all projects. It’s a role analogous to the Chief Risk Officer in financial services. And while the CFO or some other member of senior management may currently be fulfilling it as an adjunct to their main role, there can be strong arguments for splitting it out as a separate position.
The fact is, risk doesn’t sit neatly in project siloes, but is an overarching fact of life for any business running multiple long-term programmes. Maybe it’s time to recognise this in the processes and structures used to manage and quantify it. And then maybe – when a particular risk doesn’t happen – some of that contingency money will actually come back.
