Risk mangement in digital business model transformation

August 31, 2021
Research
Tutorial
Role
Demo
Use case
Product
Decision Augmentation
Academy

Introduction

The concept of business model design gained significant attention over the last years, as companies like Apple and Uber disrupted whole industries and generated tremendous returns offering not just new products or services but designing new concepts of doing business. Two key features characterize an essential portion of these business model designs: They are enabled by digital technology and embedded in complex inter-organizational networks. In such ecosystems, firms do not solely rely on internal innovation and value creation endeavours. Instead, they are involved in innovation activities with partners and thus are highly dependent on resources and contributions of suppliers, vendors of complementary offerings, consumers, and other actors (Adner 2006). The emergence of the Internet of Things (IoT) creates a global network of connectivity that are enabled by standardized and interoperable formats and connecting heterogeneous digitized objects via the internet. Also, traditional industries, like for instance the German energy industry, are therefore encouraged to combine digital and physical components into novel value propositions. The accelerating interdependence between innovation partners, however, has not only created new business opportunities but also introduced essential new risks. Such risks are not sufficiently covered by traditional approaches of risk management. 

This paper addresses this critical gap by offering important insights from digitally enabled business models in the German energy industry that can guide practitioners in managing the process of digital business model transformation.  To explain how managers should treat risks related to digital business model design together with multiple partners, this paper analyses a specific digital business model design in the energy sector – the VPP. As a result, a new multi-step framework for the strategic management of risks in digital business model design is proposed.

Business Model Design in the IoT

As digital technology is combining atoms and bits to turn digital and physical components into novel products, ubiquitous computing enables the interconnection of multiple devices (Iansiti and Lakhani 2014). In particular, the Internet-of-Things (IoT) has a strong potential to transform products, services and whole industries (Manyika et al. 2015) since it constitutes a “[..] dynamic global network infrastructure with self-configuring capabilities based on standard and interoperable communication protocols where physical and virtual “things” […] use intelligent interfaces and are seamlessly integrated into the information network […]” (Vermesan and Friess 2014b).This allows the connection of heterogeneous digitized objects that are integrated into the Internet. Companies like Nest, SmartThings or Axeda, for instance, link billions of devices worldwide. Moreover, established firms like General Electrics and Cisco have started to develop and offer numerous IoT-based products and services, increasingly extending to all areas of everyday life. More and more, smart, connected products are questioning the traditional logic of how value is created and captured, offering firms new possibilities for business model designs (Porter and Heppelmann 2014).

In the context of digital business models, diverse devices and IT infrastructures allow multiple actors to interoperate and distribute value creation across various companies. These relations link suppliers, software startups, integrators and customers and enable new logics to create mutual value. Thus, to successfully design and deploy the business model, a firm must clarify which resources it has to acquire from its business partners and which main activities these partners perform and attract and maintain effective and efficient relations to the key collaborators (Chesbrough 2007). Due to the rapid transformation of the technological and competitive environment, business models require regular monitoring and therefore have themselves become a new subject of innovation (Osterwalder and Pigneur 2010)

Even firms in traditional industries, such as the German energy sector, are realizing the disruptive potential of digital innovations. For instance, the Fraunhofer Institute for Integrated Circuits is currently offering its OGEMA 2.0 (Open Gateway Energy Management 2.0) open source framework, enabling the development and implementation of all kinds of systems, components and apps for energy and facility management. Moreover, start-ups like Next Kraftwerke leverage digital technology to create and implement new business models for VPPs. 

However, as digitization redefines all elements of doing business such as customer interactions, deployment of resources and economic modes (Jong and van Dijk 2015), it also gives birth to new risks for the actors in novel ecosystems.

How the IoT Transforms the Energy Industry

In the past, the success of German energy supply companies resulted from the ownership of big centralized power plants that mass-produced electricity for many households and industrial customers. In this business environment, energy providers were able to gain competitive advantages particularly by building on the economies of scale. This business model, however, comes increasingly under siege from the shift towards decentralization of production, ecological consciousness of customers (e.g. de-carbonization and the so-called “German nuclear exit”) as well as the liberalization of energy markets. Realizing this dramatic change and addressing it by the innovation strategy becomes therefore crucial for firms competing in energy markets. Especially the municipal utility companies that used to rely heavily on conventional (fossil) power plants are currently facing significant disruption through increasing capacity additions of renewable energies. For these companies, an innovative response aimed to compensate the loss of market share is the offering of consultancy services and new storage solutions for the fluctuating renewable power supply. This change means much more than merely new business activities: It leads to a fundamental transformation of the underlying business model. To describe and highlight the relevance of digitization (and the resulting new business models) for the energy industry lessons from other sectors can be drawn. Therefore, many other industries deliver cautionary examples for underestimating the impact of digitization on existing business models like the print industry, the music industry, or streaming services. In consequence, many digitization-driven innovations evolve in the energy industry over the last years such as Smart Home and Smart Grid solutions. The chance to use

The Role of Risks Management in Digital Business Model Transformation

Traditionally managers focus on risk management at the operational level, while its strategic role in the multi-partner business model design remains under-investigated (Calandro 2015). Traditional risk management techniques like VaR (Value at Risk) rely on quantitative and historic data and on predicting and controlling specific risk events. Thus, they provide little help for digital business model designs. As companies design their digital business models together with external partners, the accelerating interdependence on these partners makes new strategic approaches of managing risk indispensable.

New threats in digitally enabled ecosystems are often beyond the direct unilateral control of the innovator and related to the interdependence of suppliers, vendors of complementary products and services and other relevant actors. To address these risks, new risk management frameworks and tools are required. This is also particularly true for the German energy industry that is currently being dramatically changed by the digitization.

Framework for Managing Risk

From the in-depth analysis of both the best as well as the worst practices and experiences mentioned by the interview partners my research findings suggests a four-step framework for the management of risks associated with the co-innovation of business models with multiple partners particularly in the energy industry.


Step I: Mapping the Ecosystem 

The major challenge of this step is to realize and assess that the company is manoeuvring through the interplay of several interdependencies. Managers need to identify their ecosystem partners and their roles first. The actors participating in the digital business model design are, for instance, the providers of technical components, complementary products, and services as well as the marketer institutions and the customers.

At this stage, it is crucial to diagnose the interdependencies for each partnership that are relevant for the co-creation and functioning of the new business model. Managers apply the concept of interdependence to consider organizations as entities that rely on an exchange of resources with external organizations such as suppliers, competitors, or regulators (Katila et al. 2008). My research revealed three main sources of interdependence that are particularly salient in the VPP business model design: Regulation-driven interdependence, technological interdependence, and collaborative interdependence. 

First, regulatory requirements shape the interdependence of ecosystem relationships, especially in highly regulated industries like the German energy sector where the partners must apply directives for shut-down/response times or grid-operator requirements and certified guarantees of supply origins simultaneously. 

Second, the co-innovation of a digitally enabled business model bears critical technological interdependencies: To function appropriately software and hardware components from several providers must be made compatible and technologically integrated. In VPPs, this is especially important for the connectedness of all control devices in the complete system as well as for valid software codes for the linkage to the grid system operators of VPPs. 

Third, critical interdependencies become manifest in collaborative agreements that set mutual contractual obligations for actors as well as economic sanctions for failure to fulfil them. Since in the VPPs all customers are also suppliers of energy, the failure of performance caused by one actor may affect the whole ecosystem. For instance, if a vendor of hardware boxes does not deliver on time, the customers cannot be connected to the VPP in a timely manner from which in turn the whole business model suffers.

Step II: Risk Identification

Following the insights gained in step one, managers should identify distinct categories of risks that are associated with the innovative business model. First, there are typical risks of internal corporate R&D and product innovation projects (e.g. development of a new component). These risks can be treated with well-known technology and innovation management tools, such as the Stage-Gate® model. Another category of risks is related to the strategic environment of the company and its dynamics (e.g. market changes, appearance of new substitute technologies, changing regulations and governmental interventions, etc.). Those external risks, such as tightening of ecological regulations, can seriously affect the new ecosystem and its actors.

In addition to these two types of risks that are relevant for innovations, the third risk category is directly caused by the fact that multiple partners base the novel ecosystem on co-innovation activities. Such co-innovation risks can be divided into two subcategories: relational and performance risk (Das and Teng 1996). While relational risk refers to the “will” dimension of co-innovation, performance risk is primarily related to the “skill” dimension. Relational risk is particularly associated with opportunistic behaviour such as distortion of information and fraud. On the contrary, performance risk of co-innovation is particularly related to capability factors: Despite the willingness to co-innovate, firms might not be able to do so due to the lack of skills. For example, in the case of VPP, the developer of important software was not able to deliver the sophisticated and novel software. As a result, the software firm had to be replaced by another provider, which caused an essential delay and opportunity costs borne by all ecosystem actors as well as high transaction costs for search and negotiation borne particularly by the system integrator. My study has shown that managers should distinguish between different types of risks to be able to address them in an effective way.

Step III: Risk Assessment 

To map and assess risks, many companies deploy a risk response matrix. This popular managerial tool reflects two key risk dimensions – the potential impact, or magnitude, and the likelihood of a certain risk (Aabo et al. 2005). My research shows, however, that especially for the co-innovation of digital business models, such as VPPs, that rely on manifold interdependencies between diverse actors this approach to risk assessment must be expanded.

It must be considered that the risks faced by the given company can also affect other co-innovators who consequently might be hindered or even become unable to provide their specific contributions to the ecosystem. This is true for both internally caused risks (e.g. the risk of R&D failure in the focal company) as well as risks rooted in dyadic relationships with partners (e.g. the relational risk of fraud). Consequently, both risks can be contagious as they might affect not only the given dyadic relationship but seriously damage other interdependencies within the ecosystem and pass problems onto other partners in the value network, such as complementary innovators, intermediaries, or system integrators.

Hence, based on my research findings I assume that in new digital ecosystems an additional dimension for risk assessment must be considered: the outreach. This dimension reflects whether the impact of the given risk is local, dyadic, or systemic and therefore that risk does affect only the focal company, one or many of its dyadic partners or even the entire ecosystem.

Based on the key risk facets mentioned above the following risk radar can be suggested. The novel tool helps visualize and compare risks associated with relationships the company maintains to different co-innovators within the ecosystem. The five-point scale for three interdependencies with the given co-innovator shows their estimated degrees. For the two sorts of co-innovation risks as well as the strategic environmental risk (as far as it affects the relationship with the given co-innovator) the radar also assigns a risk rating on a five-point scale by combining both estimated magnitude of risk and the likelihood of its occurrence (Aabo et al., 2005). The risk outreach goes beyond the bilateral dimension and reflects the levels in the ecosystem that are affected by the risks embedded in the given co-innovation relationship.

Step IV: Integrate the Ecosystem

After identifying and assessing the interdependencies and risks, organizational decision-makers must be able to come up with a strategic action plan. For successfully managing the risks of digital business model designs, it is crucial to integrate selected partners in this process. Depending on the allocation of responsibility for mitigating risks and the decision whether those risks are manageable independently or collaboratively, I suggest the following risk matrix that helps draw detailed mitigation plans for specific types of risks.

In sum, the practical use of the proposed framework can be illustrated by the following example. As indicated above, an essential performance risk in setting up a VPP business model is technological complexity. The operator of a VPP needs to ensure the synchronization of the software layer, the hardware devices, and the transmission standards of the respective grid operators. Hereby, her co-innovation partners are the software vendors and the grid operator. The relationship with the grid operator is characterized by a high level of regulatory and technological interdependencies, the relation with the software provider by technological and collaborative interdependencies.

The findings reveal that the likelihood of the technological interdependency risk in setting up VPPs is high. Moreover, the outreach of this risk is systemic, as it affects the entire ecosystem. Without a functional software layer not even, a single power supplier — and thus, not even a single customer — can be connected. In this case, the regulation will not qualify the business model for going online on the grid. Also, the supplier of hardware boxes that allow communication and control of the decentral power plants will be affected, as its hardware is highly interdependent with the software. 

For the management of this sort of risk the most suitable approach is to “help them do it". Even if the VPP operator is not directly responsible for managing the risk, it must collaborate with the partners (e.g. cross-organizational teams) to support them mitigating the risk as the performance of all other partners (e.g. customers, power suppliers, software startups) relies on the prevention of this hazard. 

Conclusion

In sum, this paper reveals that digital business model designs do not only give birth to new business opportunities, but they also give rise to serious new risks. These risks result particularly from manifold interdependencies between the multiple partners who co-innovate the business model. Therefore, executives must identify, assess, and manage these risks in a strategic manner. To make digitally enabled ecosystems both profitable and sustainable, risk management calls for new strategies that transcend the boundaries of a single firm and build on collaboration between interdependent actors for the creation of mutual value. By applying such collaborative approaches to risk management, firms can strengthen the relationships with key partners and gain the ability to manage the complexity of co-innovation in setting up digital business models. Collaborative risk management thus must become an essential part of the new approach to the risk management in technology-driven industries

See references

Oiginal paper published in Journal of Business Strategy