Skip to main content

In Focus: Risk Management for Start-ups

2026-07-03 During the 2025/2026 winter semester, Prof. Dr. Reinhard Schulte, director of the Institute of New Venture Management, focused specifically on risk management in newly founded companies as part of his research semester.

©Almut Schafner
We would like to explore the topic of Prof. Dr. Reinhard Schulte’s research through three questions

Small size, novelty, and rapid growth—startups, in particular, often face major challenges due to their unique characteristics. In your study, you examined solution-oriented strategies for risk analysis and risk management. What can startups do to improve their risk management?

When we, as a research unit at the Institute for Startup Management, turned our attention to the topic of risks in startups, it quickly became clear just how extensive the business research on risk management is. However, startups play hardly any role in this research. On the other hand, the risk management practices of large companies and corporations—established organizations with a high degree of division of labor—cannot simply be applied to young, rapidly growing companies. Startups are not simply “corporations in miniature.” That is why we have begun to systematically lay the groundwork for this field, exploring it both theoretically and empirically.

A few insights can already be drawn from this at the design level: Emerging companies should factor in the risks typical of startups even before they begin their development process. This applies to several levels. Financial planning is usually on startups’ agendas anyway, if only because of the pressure to successfully navigate funding rounds in order to maintain a steady cash flow. However, systematic risk management must go much further and, above all, take into account factors such as product development and scaling, market validation, channel diversification, and regulatory and personnel risks. A classic example is an overly sophisticated product that no one wants because it’s unaffordable. Especially in the early stages, survival also depends on how well uncertainty is managed.

Are there any advantages that startups might have over SMEs or larger companies when it comes to risk management?

Absolutely. What you’re implying is, of course, true at first glance: Large companies have advantages in risk management when it comes to resources, reserves, safeguards, and formalization. They can generally identify and distribute risks more systematically and better cushion them financially.

But there’s another side to the story. Because hierarchies are still flat and decision-making paths are correspondingly short, startups can often identify risks and respond to them more quickly. Unlike in highly bureaucratic companies with a strict division of labor, they find it easier to learn quickly from the market: Through concepts like customer involvement, MVPs, and iterative development cycles, they can identify market risks more quickly. They’re also quicker to pivot: When assumptions prove incorrect, startups can adapt their business model more easily and quickly. Whereas large companies are often paralyzed by formalized processes, existing structures, or internal politics, startups aren’t bound by the path dependencies of past decisions.

What insights or recommendations can policymakers and other supporters draw from your research?

For policymakers and intermediaries, it is first and foremost important to understand that startups are not just small versions of large corporations. Therefore, the approaches used for large companies cannot be applied to startups. My impression is that this message has already been well received. Now we must set out to put it into practice. This means, for example, integrating risk management early on into startup consulting or embedding iterative learning and market feedback more firmly into funding programs. For effective startup risk management, traditional control measures make little sense. It would be more sensible to reduce uncertainty through iteration. Policymakers and intermediaries can therefore be of greater help if they not only provide security but also foster the ability to experiment in a controlled manner during early phases and to learn from mistakes.

In all of this, it is important to think in terms of industry-specific categories as well, because sectors such as fintech, health, or deep tech have very different risk profiles and regulatory requirements.

Thank you very much for this in-depth insight at the topic of your research.