Private Equity and Risk Management – Nitty Gritty or Big Picture?


March 23, 2017

The role of the risk manager overseeing quoted assets is difficult to transfer to private equity. For illiquid assets risk management can add the most value before investing starts, i.e., designing and communicating the investment strategy. Risk management in private equity needs to deal with the big picture, the portfolio, and should not get lost in details.


As I argued in one of my previous blogs, private equity risk management remains underdeveloped and more about assuring regulatory compliance than adding value to the investment process. A few months ago, I was approached by an executive search firm looking for somebody to build up an institutional client’s risk management function for private equity. What struck me was the job description: their client is looking for a ‘strategic thinker’ who is ‘analytical and detail focused’. Of course these traits are not irreconcilable but, to be frank, everybody has a preference for one over the other. Clearly a risk manager who is not ‘analytical and detail focused’ is a difficult sell, but can this function really add value in private equity by focussing on the nitty gritty?


What Role for a Private Equity Risk Manager?


My experience suggests that the main reason why private equity firms bother with risk management in the first place is regulatory compliance, not because they are convinced of its benefits. As I have argued some time ago, regulation, while being well-intended, has been more detrimental to the advancement of risk management practices in private equity and has resulted in what is essentially a denial of service attack, flooding a thinly resourced function with disclosure requests that have little value for supporting the investment process.


In fact, based on discussions in various industry working groups, I cannot escape the conclusion that – on top of the complicated technical questions – there is still confusion and debate over the role of a risk manager in private equity. Not too long ago, most would have argued that risk managers should concern themselves with the details of individual investments. Indeed, as consultants regularly observe, the most sophisticated risk management approaches are usually applied to low-level, mainly, operational risks, whereas – in particular in private equity – the big picture of investment risk is dealt with simplistically or not at all. However, private equity risk practitioners increasingly realize that managing risks has more beneficial impact on the portfolio level.


What is so specific about private equity as an asset class? By definition, private equity assets are not publicly traded on an exchange. Here investing is a negotiated process; in fact, it needs to be emphasized that approaches followed are non-standardised. As there is no trading that could efficiently rebalance a portfolio, the typical risk management tools do not work. Because of private equity’s non-standardisation and the extreme uncertainty its tools for transferring risks are less developed and risk managers face fundamental obstacles.


Private equity belongs to the cash-flow assets, i.e., assets that usually cannot be traded profitably and where investors are mainly exposed to the uncertainty regarding the timing and amounts of cash-flows. While you can change the risk before the private investment is done, absent of an illiquid market it is not really possible afterwards. The main risk management tool is striking an appropriate portfolio balance, where the upside of some investments needs to compensate for losses from others. The focus of risk management shifts from active portfolio management to planning portfolios according to desired risk/return profiles and respecting liquidity constraints ex-ante. Over the long time horizons relevant for such assets any forecasting is extremely imprecise, which contributes to the perception that risk management has little to contribute.


Do something different?


What value risk management can add to private equity investing? As institutionalised risk management is a late-comer to private equity, one school of thought is to focus this energy to the areas not covered so far, which – basically by definition – are areas where little value was seen before, e.g. non-financial operational risks or additional responsibilities such as compliance. Protecting against operational risks is uncontroversial, but appears to me over-prioritized (an opinion that is certainly worth another debate), whereas managing investment risk and notably private equity’s risk and return relationship appears to be rather neglected.


According to the ‘add value by doing something different than investment management’ philosophy, risk managers are supposed to deal with the nitty gritty and the downside only. But this is taking a narrow definition of risk. What is ‘downside’? Clearly losing money will kill a firm fast. But for a private equity firm not achieving the stated return objectives and underperforming results also results in death, just marginally slower. Just considering the downside makes little sense particularly in the case of venture capital, where few transactions with high upside need to compensate for many failures. If a fund is having too few hits, no amount of protecting the other assets will make a difference. Just viewing their responsibility as protecting against losses puts risk manager into the role of the Cassandra, expressing in his/her second opinion of all the things that may go wrong in the course of the deal’s lifetime. Maybe one gets listened to once, but after a while the risk manager is taking the role similar to that of a clinical thermometer that stops at 35% Celsius, issuing a warning on everything, and thus not consulted any longer.


I recall a conference in 2007 (those were the days…) where a venture capital fund of funds’ managing director declared that if ‘we hear a general partner talk about risk management we walk away from the deal!’ She did not elaborate, but in my eyes that makes perfect sense, at least for the typical smaller and medium-sized private equity funds: on the fund level portfolios are simply too small and uncertainty is too high to effectively deal with risks, whereas limited partners can diversify the largely idiosyncratic operational risks away. In other words, fund managers should focus on the upside whereas institutional investors are far better able to build balanced portfolios according to targeted risk / return ratio. Unfortunately, regulation has gone the opposite way, forcing fund managers to engage in (ineffective) risk management while giving institutional investors a false sense of security that risks were already dealt with downstream.


Police the investment function?


One expectation – particularly entertained by regulators and the public who view investment managers with a general mistrust – is that risk managers take the role of a ‘policeman’. Mathematical approaches typical of investment management do not lend themselves well to private equity risk, where data is so much scarcer. For non-quoted assets valuations are no prices and highly judgmental. Unlike in the case of publicly quoted assets, risk managers mainly have to work with data researched and provided by their investment team – there is no independent source of information, at least not for acceptable costs. Therefore, there is no market that serves as an objective reference point. Consequently, it comes down to the question of trust: whose opinion do you trust more – the risk manager’s or that of the investment team? In an environment characterised by high uncertainty and in-transparency, trust in the investment managers’ competence is the basis of successful investing. That the industry has grown significantly over the last two decades while trust is not a scalable commodity appears to be the root of the various regulatory initiatives. But trust will not be won by policing investment managers.


In this context, ‘veto-powers’ to reject investment proposals are discussed quite often, but behind closed doors risk managers always admit that they were never able to exercise them – probably because the evidence justifying this ‘nuclear option’ is in all regularity too shaky. I daresay that these powers would not be exercised more than once. Due diligences are expensive – when embarking on them the investment decision is already made in principle, unless something completely unforeseen comes up. Here risk managers try to position themselves as the ‘über-investment manager’, respected by peers in the investment field because of his/her experience and track record. But I would also question the wisdom of risk management participating (i.e., shadowing) the due diligence, a practice some risk managers are increasingly pushing through within their organisation. Firstly, it is increasing due diligence expenses and risk managers become as much involved with the deals as the investment managers. Secondly, and being slightly sarcastic, if the risk manager’s judgment is superior to that of the investment manager, why do not switch responsibilities? Lastly, how significant can the impact possibly be? Wellington once said “Napoleon was worth 40,000 men on the battlefield but he was just one man who could not be everywhere at once” – risk managers certainly cannot be everywhere and on individual deals their impact will not be worth ’40,000 men’.




If you google ‘failure of risk management’ you get about 36 million hits. Apparently for every hiccup a risk manager was to blame. However, businesses have to take risks and, as the world is complex, fail regularly – even state-of-the art and competent risk management cannot guarantee that businesses succeed and the attempt to make them ‘fail-safe’ is a dead-end. Particularly in investments, risk management is about systematically striking a balance where risks are consciously taken in order to achieve a return. It is the nature of the game that this goes occasionally the wrong way. Unfortunately, the mind-set in our society is that every failure has to be one’s fault and blame needs to be clearly allocated.


Where does this leave us? In my view some points stand out: the role of the risk manager overseeing quoted assets is difficult to transfer to private equity. For illiquid assets risk management can add the most value before investing starts, i.e., designing and communicating the investment strategy. Risk management in private equity needs to deal with the big picture, the portfolio, and should not get lost in details. The question is what role is there for risk management in private equity as part of the corporate governance? There is certainly also a role in monitoring the investment strategy’s implementation and communicating necessary adjustments to stake-holders, but forcing – as many seem to expect – risk managers to police the investment side is neither creating value nor does it lead to a stronger acceptance of this role.



PS: did I take the position? I was tempted, but at one point I was told that after a change in ownership the recruitment was ‘delayed’ and never heard of it ever since. Apparently the new management did not (yet!) see a lot of value in this function.

Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedIn