3 tips to mitigate risks while scaling up

October 15, 2021

By Adriana Amato


With the fast pace of growing a profitable business, it’s easier than you think to get blindsided by data breaches or financial mismanagement which can leave your entire company at risk. Here we share insights from three of Australia’s best legal, financial and privacy experts on how to protect your business from the worst.

The business world is full of pearls of wisdom. Sayings like, ‘The devil’s in the detail’ and ‘Watch the pennies, and the pounds will look after themselves’ offer advice which we all hope to follow.

There are plenty of examples, however, of well meaning and innovative Australian businesses that have been caught up in corporate blunders that have thrown their businesses to the scrap heap. This is the result of legal challenges, financial ruin and shattered customer trust brought on by not paying attention to the little things that matter.

Regardless of whether you’re a large or small business, the cracks can materialise from similar areas of mismanagement, born of the, ‘It can’t happen to me’ philosophy.  

To help you take control and ease your worry, here we share three insights from our recent Weel webinar from three of Australia’s most experienced legal, financial and privacy experts on how to protect your business from the worst.

Special guest, Marion Hemphill, General Counsel and Chief Privacy Officer at Australian Red Cross Lifeblood joins Weel's Sales and Partners Manager, Cale Bulgin, and Jay Gilden, co-founder of Openly, an Australian innovator of tools to help make self management of privacy easier. 

Their combined experience sheds light on:

  • What can go wrong when trying to scale your business
  • Best practices for preventing customer data leaks and payment fraud 
  • Tips to help small businesses stay in control while expanding 

1. When disaster strikes, having the right people in the room is important for quick decision making.

Marion Hemphill: ‘In 2016, Australia Red Cross Lifeblood was splashed across the newspapers for what they were calling Australia's biggest privacy breach. It was sort of a near miss in that it was only one person that accessed that data, and it wasn't a person with nefarious intent. There were, however, many donors who had given us some personal information held in an insecure environment. 

‘So, we had to turn this around from something that could have been quite bad into a positive. We had to minimise the risk for our business but be transparent.’

A war room with the right people

It’s important to stop and set up a war room of key people to diagnose your problem. Like muscle memory, which you can kick in when you need it, you have to have a plan to begin with to know who will be in that war room, which frees up your brain to start solving the problem.

The problem solver is not the same as the commander

You don't want the person who's going to be solving the problem to be the person running the meeting. You almost want the person who's got the most free time in a scenario to be the one that's actually responsible for the command and control aspect of dealing with an event.

2. Keep your end purpose front of mind, regardless of lenient legal privacy obligations 

Jay Gilden: ‘The Small Business exemption within the Privacy Act basically says if your turnover is less than $3 million, in most cases, you don't have to comply with the Act. 

‘This can be trap though, if you’re wanting to scale beyond this threshold. The scariest example we’ve seen was a start up which built its business on sharing personal data based on the under $3 million exemption, but investors dropped off like flies when they saw it was impossible to scale. You don’t want to have to spend hundreds of thousands of dollars trying to undo how your business runs.’

The pub test

Consider if each decision you make was on the front page tomorrow; ask yourself if it would be acceptable to show your clients. If you're doing things that feel a bit uncomfortable, you probably shouldn't be doing them.

For Openly, a privacy and tech company, their standards are much higher than others by nature of what they do, but it’s important to establish across the organisation what your acceptable risk level is.

3. Financial transparency and fraud protection can be achieved by leveraging technology

Cale Bulgin: ‘We see way too often one or two corporate debit or credit cards, typically held by the directors or the founders, shared across the business, which opens it up to all sorts of risk. We genuinely have customer stories where employees have defrauded businesses of tens of thousands of dollars. 

‘Supplier payment management is also a minefield when scaling. Typically, businesses are engaging a lot more suppliers, particularly in the software and subscription space. I've seen too many businesses who have overpaid suppliers due to poor, or just a general lack of, implemented approval processes.' 

Weel is an essential tool for protecting finances

Weel can solve these issues, offering businesses access to as many virtual expense cards as needed for anyone on staff, to be bound by strict rules on how much can be spent and on what. This can be tracked digitally in real time, reassuring finance managers. 

Weel's virtual cards can also be set up to only allow payment to one or two suppliers, thereby preventing payment errors.

How to protect yourself from financial fraud and poor expense management

Take a look at Weel and see how an online, centralised approach to expense management removes bill paying problems and protects your business from fraud. Book a Weel demo today and take the power back.

azul expressive wave