Identifying and assessing risk

The guidance below is drawn from Section 1.7 of Treasury's Guidelines for Contracting with NGOs.

Risk may arise from overall contract or funding processes as much as from a particular contract or relationship. Managing risk is part of managing contracts, in both government agencies and non-government organisations (NGOs).

Agreements usually involve many risks:

• project outcomes may include unintended negative effects
• quality and quantity of service delivery may vary
• value for money must be balanced against avoiding waste and fraud
• organisations must be capable of providing ongoing delivery (see section 1.11)
• fiscal risk
• control risk
• reputations may be affected or political controversy may arise
• legal risk.

When assessing risk it is important to remember:

• the party best placed to manage the risk should also bear the risk
• some organisations are more willing to accept risk than others
• government agencies should not bear all the risk, and need to assess whether the parties they deal with can bear some
• community organisations (including Maori organisations) may be less able to manage risk than either commercial firms or government agencies.

Expecting community organisations to bear most of the risk could lead to:

• NGOs being reluctant to sign agreements
• reduced NGO viability
• NGOs behaving unexpectedly as they seek to manage risk.

The Office of the Auditor-General's guide Managing funding to non-government organisations – from principles to practice states:

• The goal:
  It is important to focus on what you are trying to achieve, including the relationship that the public entity wants to achieve with NGOs. Process should not dominate at the expense of the outcome.
• Simplicity and proportionality:
  The funding arrangements should be as simple and as practical as possible, considering the amounts involved and the complexity and level of risk. It is appropriate to consider compliance costs for both parties, and to seek to reduce them where possible.
• The context:
  The arrangements need to fit with the context of the funding, including any more general relationships that the third party has with the entity or with other relevant government or public entities.
• Well-managed risk taking:
  Public entities need to identify risks in or around the funding arrangement and consider what steps might be needed to manage those risks. This does not mean being overly risk averse; the key is to get the right balance between risk and expected benefit, and to do so consciously.
• Understanding each other:
  The needs and standards of NGOs, for example, in accountability or transparency, may be quite different from those of the public entity. An NGO might have unique obligations to constituent groups or members. The arrangement is likely to be more constructive if each party understands the needs of the other and the consequences for them.