Spend all your time at work fighting fires? Proactive risk management can help douse the flames and get you ahead of the game.
For as long as procurement has been a profession, risk management has largely been seen as a data collection exercise, undertaken at alarmingly infrequent intervals. Often, it was nothing more than a checked box to indicate assumed compliance, with no deeper insight or follow-up.
But as the reach of procurement extends beyond savings, compliance and performance. The profession touches almost every facet of a company, and mitigating risk is increasingly being seen as the fourth pillar of the profession. To be truly successful, risk management requires robust insight into all links of a supply chain – a task that has often been insurmountable.
How can you properly manage your company’s risk as supply chains go global? And who should be responsible for ensuring you’re ahead of issues before they arise?
Procurement teams have the potential to drive big changes on a global scale. If you’re not successfully navigating your risks then you’ll struggle to join the ranks of the world leaders.
Proactive vs Reactive
Whether caused by bankruptcy, politics or even severe weather events, risks to your supply chain come in all shapes and sizes, so it’s not completely unreasonable to be overwhelmed. Preparing for every single eventuality is a daunting task that seems to stop procurement professionals in their tracks.
As such, many people start on the back foot, considering the risks only when their bottom line has already been affected. However, if you understand your risk profile – the types of threats that will have the biggest impact on your business, whether they’re physical, logistical or reputational – then you’ll be able to develop proactive risk mitigation plans that can keep your business flowing seamlessly through strikes, shut downs and storms.
Successful risk management in action
At riskmethods, we combine advanced AI technology with human support to offer comprehensive risk management solutions for our customers. We train our AI using over 5 million articles relevant to their unique risk profiles, to allow us to give our clients the visibility into what the current and future risks are for their business and offer insight into the underlying threats in their supply chain – so they can take action before it hits.
For example, when Hurricane Harvey hit Texas in 2017, it made landfall three times in six days, causing $125 billion in damages and sending a third of Houston underwater. As the storm began making news, we were able to use our technology to create storm projections for our customers that narrowed down the affected location as the storm approached. This alerted them to the risk of damage or delays, and allowed them to contact any suppliers or manufacturers within the impact zone before the storm arrived.
As a result, they were able to take action to create proactive mediation plans for their impacted suppliers with outstanding orders before the storm even hit the ground, successfully navigating potential shutdowns that could have impacted their supply chain for weeks to come.
In an elite enterprise, this active monitoring of new and emerging threats means that while it may not be financially possible for all enterprises to have crisis management teams on hand, ready to pounce at the first hint of trouble, they will have contingency plans in place. This increases your ability to react faster and could potentially give you the leg up on your competition.
Where is risk management going in the future?
The next procurement transformation is taking the profession from a singular discipline to a cross-organisational centre for increased collaboration and supplier transparency.
Risk management is set to go hand-in-hand with this transformation to alleviate the risks within an enterprise, bringing another tool to the table for CPOs to leverage and creating a competitive differentiation for enterprises. While this direction may seem like common sense going forward, the reality is that it’s only in recent years that its importance has really been acknowledged.
Those who continue to think of risk as someone else’s problem will soon find themselves falling behind.
riskmethods was one of the sponsors for the Big Ideas Summit Chicago 2019, with Bradley Paster delivering an ace keynote too. Don’t worry if you missed out, you can still sign up to access all the great content. Register now by clicking here.
We are living in exponential times. While that fact makes it exceedingly exciting to be alive right now, it also comes with a lot of procurement related issues. Let’s examine a few facts, and see if you can realise where I am going with this:
In 1984, there were 1,000 internet capable devices.
By 1992, there were 1,000,000.
In 2008, there were 1,000,000,000.
Today it is estimated at 30,000,000,000.
Last year, 4 exabytes (4.0 x 10^18) of unique information was generated, which is more than the previous 5,000 years in total!
It is estimated that there will be 70 billion connected devices by 2025.
NTT Japan has successfully tested a fiber optic cable that pushes 14 trillion bits per second down a single strand of fiber
Technical obsolescence is accelerated with technologies becoming obsolesced in as little as 3 years!
The Exponential Risk in Your Tail Spend
Let’s talk about third-party risk management. In procurement we need to focus on getting the correct supplier/provider/adviser at the best total cost, delivering the right level of quality and service levels.
To most people, this means that we are living in exponential times. But to a procurement person it means “oh no, I need to look at all of my supplier relationships because of the possible threat of risk.” The issue with this logic is we don’t know what we don’t know. And that means we have probably done little to no research/cyber security/risk assessment on our tail spend, let alone on every supplier in our critical spend.
Most companies have entered into multi-year agreements with their critical spend suppliers. This is in an effort to secure the best total cost of ownership and allow ample time for their suppliers to retool, ramp up and to get to know them in order to meet their service and quality requirements.
Therefore, despite quarterly business reviews (QBRs), it can possibly be as long as one to 10 years since that contract and relationship has been assessed (if ever) for real third-party risks.
Getting to Grips with your Supply Chain
I speak with CPOs on a daily basis and every one of them admits that they do not have a perfect grasp of their third parties, let alone their fourth-, fifth- or sixth-level parties. When was the last time you asked a supplier (especially in the tail) if they ever subcontract? Or whether their third parties, or fourth, have been reviewed for cyber risk? Or any risk at all for that matter?
Do you know whether your fourth parties are using human slavery? If every device is updated for the latest virus check? Whether employees are charging their phones through their devices, or if they are permitted to insert USBs into their computers from an unknown source?
How do we know if our fourth-level parties have a proof of mining to avoid conflict minerals? When was the last time we even checked our own staff for complying with strong cybersecurity norms?
The Cyber Risks Within Your Organisation
Just recently at a convention for hackers, cables that looked like Lightning cables were modified with extra hardware that gave hackers remote access to devices. Here’s how they work:
“O.MG cables are indistinguishable from the real thing, and they even come with the iconic adhesive binding rings you’ll find wrapped around new Apple cables. The [modified] cables act normally, too, letting you charge your devices via USB or transfer files from your iOS devices.
Neither your PC nor your connected devices will ever notice that anything is amiss. Short of dissecting the cable to look for the extra hardware, the only way to detect that you’re using an O.MG cable is when you realize, after the fact, that your device was exploited.
And even if you happen to catch an attacker running a terminal window on your PC remotely, O.MG cables include a kill switch that disables the implanted hardware, thus destroying any possibility to track down the attack’s origins.”
‘These Dummy iOS Lightning Cables Let Hackers Remotely Access Your Devices’, Lifehacker, August 2019
Apple would have you believe that your iPhone is very secure, until you add your first app. For example, when traveling recently I downloaded an app to play Dominoes (the game, not the pizza). This is seemingly innocent, but since I was on a long flight, I actually read the privacy information.
Check out some of the following extracts from the Terms & Conditions and Privacy Information:
FM GAMES App is a gaming application that may utilise your personal data. You also consent to FM GAMES’s cookie policies, as described herein.
Types Of Data We Collect: We collect personal data and non-personal data about you.
Location and Distance Information: When you use the FM GAMES App, we will collect your location to determine your distance from other users (“Distance Information”) through the GPS, Wi-Fi, and/or cellular technology in your Device. Your last known location may be stored for the purpose of calculating Distance Information between you and other users.
Messages: When you send a message we may retain the message for archival purposes or as otherwise allowed by law.
Purchases: We collect information necessary to complete purchases. This may include, among other things, your name, credit card information, billing information, address, telephone number, and email address.
Third Party Service Providers: We may share your Personal Data with third party service providers
When I tried to turn off location services, this was not allowed, so I discarded the app. If this is the case with a gaming app for my phone, can you imagine the angst my home screen caused our IT folks?
Would you know if you had been hacked?
If I charge my phone through my computer, imagine what I am opening up for hackers to get to? How many of you reading this are using public Wi-Fi? What about Starbucks, or at the airport? Many of us will pass through at least one on the way to the Procurious Big Ideas event.
Did you connect to the seemingly innocent Wi-Fi? Would you know if you were hacked? If you haven’t heard about the reporter whose email was hacked on an airplane while using the airline app while working on a story about the FBI and Apple, take the time to do so.
The hacker read nearly everyone’s email on the plane. They then pulled the reporter aside when they landed to discuss the security, or lack thereof, of his phone while using public Wi-Fi, even if was at 35,000 feet.
The Fallability of Passwords
If this isn’t enough, consider what anyone can do with your passwords. Take for example my login for Amazon. If you were able to see my screen while I was logging in, this is what you could do.
Then, if in Chrome, right click and click on Inspect.
By merely highlighting the password and writing the word “text,” you will see my password. It is that easy if someone is “looking at your email” as you are logged in.
So, there you go. This is my Amazon password and I have now changed it since I wrote this post (but don’t tell my kids). This is the most basic level of cyber protection you can get, but even at a personal level with my own “research,” we are so out of our league, especially when dealing with technology obsolescence.
In the era of BYOD (bring your own device) who knows what your staff is exposing your company to. If we take this one level further to our third parties, who out there is doing the exact same thing and exposing their company to the same risks I just showed you?
So, while we are going to discuss third-party risk management in my session at The Big Ideas Summit, this is just the icing on the cake. If I am just one of the hundreds of contractors, imagine what damage I could be doing to your risk profile.
The Art of Third-Party Risk Management
So, the long and short of it, we are living in exponential times and it is time we paid clear attention to all of our third-party relationships (and their third parties, etc.) along our supply chains or we are destined to be in for a large risk event. It isn’t a matter of if, but when it will happen. If technology obsolescence is happening faster all the time, then we need to stay educated and alert, not paranoid.
To overcome these obstacles, we need to have an effective third-party relationship management and framework. Successful third-party management programs should focus on the four cornerstones approach: contract and performance management, risk management, financial management and communication management. The risk aspect of the relationship framework needs to be addressed for both critical and non-vendor relationships, along with non-critical vendors.
I recently took SIG University’s Third Party Risk Management Certification Program and was amazed to learn how much risk we are exposed to within our contracts and the need for a strong third-party relationship framework with a focus on risk. For a framework to be successful, it must have strong governance and approved by senior management.
As a result of the 2008 financial crisis, there has been a renewed focus on the role of board of directors, the composition of the board, capabilities, accountabilities, and responsibilities for prudent acceptance and management of risk. This renewed focus has made it much easier to focus on third-party risk and to get strong governance in place to mitigate risks.
The most important lesson to leave you with is that third-party risk management is an art, not a perfect science. Having a framework in place to address and mitigate risk, escalate issues and seek resolution is the key to making strategic procurement decisions.
Dawn Tiura is the CEO and President of SIG, SIG University and Future of Sourcing and has over 26 years’ leadership experience, with the past 22 years focused on the sourcing and outsourcing industry.
In 2007, Dawn joined SIG as CEO, but has been active in SIG as a speaker and trusted advisor since 1999, bringing the latest developments in sourcing and outsourcing to SIG members. Prior to joining SIG, Dawn held leadership positions as CEO of Denali Group and before that as a partner in a CPA firm. Dawn is actively involved on a number of boards promoting civic, health and children’s issues in the Jacksonville, Florida area.
She is a licensed CPA and has a BA from the University of Michigan and an MS in taxation from Golden Gate University. Dawn brings to SIG a culture of brainstorming and internal innovation.
What does digital transformation mean for the procurement and supply chain profession? How will it help CPOs to mange risk in their supply chains?
The concept of digital transformation has been around for quite a while, ISM CEO Tom Derry argues. “In the late 90s we started doing reverse auctions and e-auctions. Not too long after that dynamic discounting began to enter the equation and FinTech platforms have also been around for a while. We’ve been embracing it but recently we’ve hit a pause in that innovation wave. And it seems like we’re on the brink of this next wave.”
How will digital transformation transform procurement and supply chain?
Digital transformation is the full impact or outcome of using data on elevated platforms to really reinvent what procurement and supply chain professionals are doing.
“In the source-to-settle process we typically identify 37 discreet steps” explains Tom. “And we think four technologies – procure-to-pay platforms, RPA, machine learning and IoT – will mean that all but eight or nine of those discreet tasks will be automated.” This, of course frees up time for humans carry out only the most important things like stakeholder management and supplier relationship management, the things that can only happen as a result of conversations between people.
Indeed, it is these soft skills that will galvanise the procurement and supply chain professions and make them step out into the future. When data is pointing you in different directions and the computers don’t know what to do, that’s when you step in.
Is supply management ready for change?
A recent survey revealed that only 6 per cent of CPOs possess the strategic leadership traits to lead digital and analytical transformations.
“I’d say there is a lot of discomfort. People don’t really understand the technologies we’re talking about and they don’t necessarily have the in-house skills,” says Tom.
“An interesting example is the technology that is currently being piloted in 30-40 per cent of large companies – RPA.” And yet most people don’t even understand what this technology is. “They think it means a robot from ‘lost in space’ when we’re actually talking about software code. The code fits into the gap between systems so imagine your ERP system, your spend analytics tool and any other systems you’re using. We’re typically trying to build reports by extracting data from these disparate sets of data, putting them in a data warehouse or a data lake, doing some analysis and running reports.
“RPA can automate most of that work so a human doesn’t have to go in and identify the data. RPA is good at doing routine, highly-defined processes.” This frees up the time of professionals so that, instead of spending half the day obtaining and cleansing the data, time can be spent on activities where there is real value-add. “The insights and the applications, for me, is the real opportunity.”
Selling the benefits of digital transformation
How does Tom advise managing those risk averse CPOs, who are reluctant to take the plunge with new technologies? Can you overcome that and sell the benefits to them?
“One of the biggest pay-offs for even the most risk averse CPOs is using digital tech to visualise the risk in your supply chain.
“I heard about a publicly traded pharmaceutical company in the states who did a risk analysis and claimed that anything less than $1M in spend is so small it’s immaterial. They wouldn’t even look at it. But it turned out they had $200,000 in spend on a coating for a consumer medication, which supported $2B in annual sales.
“[The plant in Japan that produced this coating] had a fire and they were at risk of losing all of these sales. If that doesn’t get the board’s attention, I don’t know what will. So when it comes to risk, that’s where the immediate benefits will be!”
When it comes to digital transformation, people know they need to be educated. “you have to get as smart as you can on what’s coming!” says Tom.
In our 10-part “Tuesdays With Tom” podcast series, Tom Derry discusses a broad range of critically important topics that every supply management professional should be across.
Are you responsible for sending your people into danger? In a new Procurious blog series, The World’s Deadliest Supply Chains, we investigate the most high-risk supply chains out there…
The sight of 1900 rolls of toilet paper would not usually excite your typical urban dweller, but when the consignment supplies a remote Antarctica camp of 350 people for the whole winter it’s a case of unfettered joy and – of course – relief.
most essential of household essentials was among the 3000 tonnes of provisions
and equipment delivered by the chartered US vessel MV Ocean Giant to New
Zealand’s Scott Base in January.
supply drop – which can take up to nine days to unload – included 200 kilograms
of coffee beans, 100 cans of peaches, a Toyota Landcruiser, two rowing machines
and a triple-glazed window.
to Antarctica New Zealand logistics manager Paul Woodgate, organisers need to
think of everything the isolated community might need, including spare parts for
water plants and heaters.
“We need supplies to keep the base clean, everyone
fed and warm, and the water flowing,” he told Maori Television.
routine, MV Ocean Giant’s delivery trip reflects the enormous task of supplying
myriad human needs to the frozen wilderness.
Antarctica might be known as the Lonely Continent, human activity abounds with
no fewer than 36 permanent scientific and research bases operating there. In
the summer months, many smaller facilities spring up too, all needing to be
supplied by the mother camp.
lurks underneath every crevasse and ice flow, in an environment in which temperatures
can fall to minus 90 degrees and winds can howl at more than 300 kilometres an
with Mt Everest, dozens of people have died on Antarctica’s icy expanses over
the years – not just derring-do explorers but workers charged with ensuring the
bases are supplied with thousands of items that city folk take for granted.
1976, 11 Argentinean airmen were killed when their plane crashed on a
reconnaissance mission over Drakes Passage. In a tragic postscript, a
helicopter dispatched to recover the bodies also crashed.
1971, a Hercules C-130 made a forced landing on a re-supply run to McMurdo
Station (the US base on Ross Island that hosts Antarctica’s largest community).
was injured. But the overseers of the US Antarctica program did their sums and
realised that salvaging the aircraft would cost $US10m, compared with the
$US38m replacement cost.
years after it went down, the Hercules was fitted with skis, flown out and
pressed into service once again. A testament, indeed, to the durability of the
so-called ‘workhorse of the skies’.
with the Argentinean incident a decade previously, the mission did not have a
happy ending: in December 1987 two US sailors died when a different Hercules crashed,
while conveying spare parts to the refurbished plane.
days, the supply chain is made safer with technological advances such as GPS
positioning, powerful ice breakers, carbon-fibre skis, freeze-proof laptops,
satellite phones and sealed, all-weather runways.
‘safer’ is by no means ‘safe’, with many mishaps happening in more recent
January 2016, helicopter pilot David Wood stepped from his aircraft and straight
in a crevasse on the Western Ice Shelf, while on a routine mission to re-supply
a fuel cache. He was rescued after four lonely hours, but subsequently died
death resulted in criminal charges being laid against Australia’s environment
departments and a helicopter contractor.
mitigate the ever-present dangers of Antarctica, governments are constantly
stretching the envelope to make the complex logistics requirements that much
a breakthrough flight, a Royal Australian Air Force Flight C-17A in September
2017 supplied Davis Station from Hobart and then returned to the Tasmanian
capital without landing at the base. The 10,000km round trip was made possible
by a difficult mid-air refuelling exercise.
plane air dropped nine tonnes of supplies – including fresh produce – to the
base, which is inaccessible by sea from April to October.
the next decade, Antarctica’s logistics needs will only expand as more nations
establish a presence there, if only to ‘fly the flag’ or with a view to claiming
dibs on potential large oil and gas reserves in the future.
notably, China has established three bases and three airfields, reportedly
spending more on its Antarctic program than any other country.
countries have territorial claims to Antarctica: Argentina, Australia, Chile,
France, New Zealand, Norway and the UK.
the Antarctic Treaty actually covers 53 countries, 29 having “consultative
status”, which allows them to carry out research.
20 airports dotted around Antarctica, helicopters and fixed-wing aircraft are
playing an increasingly prominent role – especially during winter months when sea
access isn’t possible and roads on the continent are out of action.
more time and advancing technology, carrying goods to remote locations in
Antarctica will only get easier,” says the Dubai-based Gulf Worldwide
“The logistics industry is preparing for advancement in this continent over the next few years.” But again, ‘easier’ does not imply ‘safer’ and logistics operators perennially need to be alert to the dangers. Like the Emperor penguins, Antarctica is not the type of wild environment that can ever truly be tamed.
If you’d like to read additional related content or get involved with thought provoking discussions check out the Supply Chain Pros group – a one stop shop for all your supply chain need
Procurement pros need to get better at managing risk. Because supply chain disruption can come from any angle, whether it’s caused by a supplier site failure, environmental or geopolitical factors, or even adverse weather…
If it’s not already, risk management should be a top priority for businesses. The consequences from not actively identifying, managing and mitigating supply chain risk can significantly impact an organisation’s profitability, not to mention brand reputation and potentially, its sheer existence.
riskmethods set out to determine the current “state of risk management and mitigation” in today’s global business ecosystem by surveying more than 250 senior procurement executives from across the globe. The study unveiled important findings around how prepared procurement leaders are to tackle rapidly evolving business environments brought on by new, more complex threats, and the current methodologies employed to manage risk in the supply chain. Here are four areas the survey explored, which indicate where procurement teams are failing in terms of risk management.
All senior procurement professionals identify ‘avoiding significant disruption to the supply chain’ as a top priority, but when survey respondents were asked whether their organisation had a significant disruption in the past 12 months, more than 47 per cent indicated that they had experienced between one and five.
Additionally, a surprisingly high 13 percent indicated that they had 20 or more significant disruptions in the past year. Arguably the most alarming statistic – 12 per cent of respondents did not even know whether there were any serious disruptions to their supply chain during this time.
This is a testament to the 12 per cent’s minimal visibility into their operations. According to this data, nearly all organisations faced a disruption in the past year, speaking to the prevalence and nature of supply chain threats at they continue to increase.
Improve ability to uncover risks
The current landscape has made it critical for procurement professionals to have real-time, thorough views into potential risk and their impacts to make well-informed purchasing decisions. Many organisations have implemented some form of tracking mechanism for risks, but how often the data is updated is another issue.
When we asked respondents about the frequency in which data is refreshed, less than one third of respondents answered continuously. This is an alarming percentage.
Risk monitoring in today’s digital business environment needs to be a 24/7/365 task. Organisations that aren’t receiving continuous updates are falling behind and can’t possibly be making the best decisions for their business.
The underlying cause of this lack of complete information is usually associated with traditionally highly manual processes. Not only is the manual approach an extremely tedious and time-consuming task, it also takes away resources from other critical objectives. Most importantly, it severely limits big-picture insights and increases the chances of a serious supply chain disruption. When survey respondents were asked what level of automation their organisation employed to refresh critical information, less than one per cent of respondents indicated that it is completely automated.
An additional 39 per cent indicated that they were in the low to moderate rage of automation, relying heavily on manual tools such as Excel in conjunction with some outside sources. A full quarter of respondents indicated that they have no automation capabilities at all and are completely reliant upon manual search.
Supplier risk impact assessments are key
Understanding a supplier’s potential impact on the business is key for procurement teams when it comes making purchasing decisions. For example, if a major supplier gets hit by a severe weather event which causes a delay in shipping, that could cause a ripple effect that halts production and eventually leads to a loss in revenue.
When survey participants were asked if their organisation had a mechanism in place for measuring the impact a supplier has on the business, almost half said that their organisation had no structured assessment of supplier criticality or impact.
Having no such assessment means organisations are at times putting their fate in the control of someone’s best guess. Organisations must have clear visibility into their supply chain, including which suppliers have the greatest potential impact, so they can refocus resources on reducing risk and preparing for a crisis.
Organisations must be better equipped to mitigate emerging threats
While being able to identify potential risk is a crucial procurement workflow, having the ability to act on that information and mitigate evolving threats is equally, if not more, important.
Only slightly more than 20 per cent of study respondents indicated they have plans in place. An additional 27 per cent indicated that no such plans exist and 53 per cent indicated that there were only partial plans in place. These numbers demonstrate how difficult it is to evolve into a mature organisation when it comes to prioritising risk because businesses lack the necessary level of stakeholder collaboration.
Supply chains will never be free of risks, but an organisation’s ability to prepare for, identify and mitigate emerging threats will set them apart from the competition. Procurement teams can’t possibly make well-informed business decisions without a risk management strategy in place. As the number of risks continues to increase in this environment, the need for accurate, actionable insights will only become more critical.
When it comes to risk management, companies need to consistently be moving forward as the current threats will only continue to evolve.
If you can’t take the heat get out of the resolution room! Or invite Watson!
We’ve all been there. Something’s gone terribly wrong with a major customer delivery. Emails are flying around and there are rumours from HQ that “heads are going to roll”. Everyone concerned has been summoned to “THE meeting” in order to resolve the supply chain issue.
We know what happens next; fists slamming, red faces, an embarrassing lack of data and a lot of verbal ping, pong. Eventually, a resolution is found.
But what happens when Watson is in the resolution room? Could this take the heat out of your supply chain disputes?
What is a Resolution Room?
A Resolution Room provides the organisation the ability to collaborate quickly to resolve supply disruptions. Users can discuss and resolve issues with other colleagues, business partners, or their suppliers. What distinguishes Resolution Rooms from all other collaboration platforms is Watson.
What does it mean to have Watson in the resolution room?
The big benefit of Watson being in the resolution room is that it recommends experts, provides insight from all data and actionable advice based on learned best practices. Over time, it leverages Watson’s capability to develop a body of knowledge by learning how issues were best addressed in the past. This enables greater speed and accuracy in responding to future events.
“Watson provides the opportunity to deliver business value and insights from all of these data insights – structured and unstructured, data from weather patterns, news, D&B and supplier IQ,” explains Joanne Wright, Chief Supply Chain Officer, IBM.
“It does this with speed and accuracy. No more are we saying ‘OK…let’s get the data and meet again tomorrow’ because Watson takes my team’s input and incorporates that into the next iteration as we go.”
Watson In The Resolution Room: A Case Study
IBM Watson is always a room participant, so you can draw on Watson’s expertise using natural language to ask a question, for example: @Watson what is the status of order ABC123?
Imagine the following scenario; A Late Shipment alert in the Ops Center reveals that orders of your most popular drone are in jeopardy because the shortage of the entire supply of a critical part, a lithium battery, has been delayed. You create a Resolution Room to manage the incident collectively.
Watson is in the room.
Whilst your team discusses how best to manage the problem you have the ease of asking Watson questions such as:
Which customer has the most sales dollars that will be late?
What are the financial impacts of any late orders?
Have we experienced this problem before? Who are the experts who have worked on these similar issues in the past?
Are there any alternate suppliers for part number 46001?
Why is there a shortage of lithium batteries?
Watson can provide answers to questions such as these based on the data available in the data model and in other Resolution Rooms. Learning over time, it becomes smarter and able to provide better insights about your supply chain.
Nothing says Procurement quite like a classic trifle; it’s intricate, it’s complicated, but if you get it right… everyone wants a piece of it!
As the holidays descend upon us, it’s time to start winding down the gears to relax and – inevitably – reflect on the year that was!
Time with family and friends for me is synonymous with food! Because I almost always spend this time of year in the southern hemisphere, it’s a summer menu. It’s more about prawns and pavlova than pork and pancetta (although the latter does make it onto table anyway!) But, of course, that other p … the “p” we all love – procurement – is never far from mind and always on the menu for discussion!
During the year I have been fortunate to speak to procurement and supply chain audiences around the world about the trends we are seeing on Procurious and the impending impact of Industry 4.0 on our profession. In order to provide a framework for thinking through all the challenges and opportunities, I have been sharing a rather quirky analogy by comparing the well-loved English pudding – the trifle – to procurement and supply chain today. Putting up a giant image of a pudding on the big screen at a conference is also a great way to get your audience’s attention!
For the uninitiated, constructing an English trifle involves carefully layering sponge, jelly, custard, fruit, cream, and often garnishing with a heavy sprinkling of nuts.
Yet each layer remains distinct, and that’s how I think of procurement today – a series of self-supporting layers that feed into and out of each other. To manage our roles, we need to understand the strengths and weaknesses or the “setting points”, of those layers if we’re to stay ahead.
Let’s think through some of those layers.
Navigating the Nuts
Let’s start with the top layer of nuts. A generous sprinkling of the unexpected! This is how I think about the Black Swan events that seem to occur with alarming regularity these days. We need to be thinking about these unthinkables – hurricanes like Harvey that de-commission whole cities, man-made catastrophes like the Tianjin port disaster, not to mention recent terrorist attacks. If we can’t predict them, we can at least prepare for the unexpected, take pre-emptive action against disasters that could destroy our supply chains and analyse areas of high-risk.
Brexit is just one example of how our supply chain forward planning can become somewhat suspended by macroeconomic and geopolitical changes. In Europe, the UK’s decision to activate Brexit is having clear ramifications including a rise in nationalism that’s reflected across Europe. Currency fluctuation and workforce migration also impact procurement and supply chain. The costs to import goods within supply chains will increase; there could be a loss in freedom of movement both in goods and services for UK and EU businesses, and procurement talent could also be considerably affected if the talent pool is reduced.
The Fruits of Progress
We all have front row seats at the parade of new and exciting technologies that are driving the 4th industrial revolution. The rise of the Internet of Things, robotics, blockchain and artificial intelligence will create what we are calling Procurement 4.0.
Cognitive procurement & supply chains are the most exciting developments to happen during my 20-year career. These innovations will enthuse a whole new generation of procurement professionals to join our ranks, but we need to be flexible, agile and able to foster a culture of continuous invention to stay on the leading edge and avoid extinction.
The Foundation Layer
Finally there’s the layer in which we hold the power: Procurement.
Procurement is the sponge at the bottom of the trifle. No matter how many unstable layers of fruit and jelly and custard are piled on top of us, we remain intact. We successfully juggle with the events and changes over which our stakeholders and suppliers have only limited control.
Fortunately, social media helps. I don’t know about you, but when my phone is pinging through the night with texts and emails from the other side of the globe, I’m often tempted to turn it off. But I don’t, because for all the downsides of being constantly online, the benefits of being connected are immense.
Three out of four of our respondents to our Gen Next Survey believed that being well-connected online actually improved on-the-job performance. By using resources like Procurious, not only can we maintain the layers of our trifle by staying aware of these constant changes, but we can also gain access to an enormous diversity of ideas and enthuse the next generation of procurement talent.
The Cream of Procurement Talent
To meet the challenge posed by the top layers of the trifle – unthinkable events, geopolitical earthquakes and disruptive technology – attracting the best and brightest to the profession is vital to our success.
To do that, we need to think hard about how we are bringing on Generation Next, and giving them every opportunity so their impact is not just local, but global.
While we’re talking about talent, here’s another “unthinkable” to ponder – our Gen Next survey also discovered that over 70% of our 500+ survey takers intend to leave their organisation within the next five years. How can we respond to this? The worst thing to do is to keep up the pretense that every member of your team will be sitting at the same desk in ten years’ time. Instead, it’s time to throw away the retention plan and accept the reality that today’s workforce is increasingly mobile.
But this doesn’t mean giving up on developing your team. If you’re known as a supportive manager who gives others the opportunity to go on to a stellar career, you’ll become a talent magnet in the profession. Just image the level of superstar talent that you’ll attract if you develop a reputation as someone who produces future CPOs!
Cutting Through The Complexity
Change management is such an integral part of every senior procurement professionals’ role, and often involves driving change within your organisation and amongst suppliers on a global scale.
The good news is that we’re exactly the right people for the job. Procurement’s position as the conduit of supplier intelligence, our ever-growing level of influence in our organisations, and our keenly-honed negotiation and communication skills make us natural change-management gurus.
Remember that trifle?
The challenge for today’s procurement leaders to deftly cut through all those quivering layers of economic, social, political and technological complexity to serve up a slice of procurement solutions in such a way that your audience will devour your change agenda with gusto!
U.S. sanctions are being applied more vigorously than ever to perceived foreign foes. What risks do these sanctions pose to our supply chains and what Mitigation Strategies Can be Used?
The United States (U.S.) had $2.21 trillion Dollars in exports in 2016 according to the U.S. Department of Commerce (D.O.C)i, and an estimated 10.7 million U.S. jobs supported by exports ii. Yet U.S. unilateral sanctions are being applied more vigorously than ever to perceived foreign foes, negatively affecting trade balances.
One of the most important and sensitive supply chain risks for private and public organisations is how to manage U.S. unilateral sanctions. The U.S. Treasury Department Office of Foreign Assets Control (OFAC) is responsible for administering U.S. sanctions. OFAC also distinguishes between primary and secondary sanctions, with the former prohibiting U.S. persons from engaging with sanctioned entities, and the latter targeting non-U.S. persons, outside U.S. jurisdiction, engaged in activities with the sanctioned entity either directly or in an ancillary fashion. Potentially affected businesses and individuals, therefore, must regularly consult the Department of Treasury’s online resources, or engage lawyers with OFAC compliance experience, to ensure they are not exposing themselves to significant penalties (or jail time) from U.S. authorities. For international or multi-lateral organisations, unilateral sanctions risks are particularly tricky because both the U.S. and the sanctioned country, or countries, may be among their members. This article will focus on U.S. unilateral sanctions risks affecting International Organisation deals.
Why Is This A Problem?
Nearly all international organisations have clauses prohibiting contracts, transfers of goods, or even technical cooperation engagements with vendors or countries subject to sanctions imposed by the United Nations Security Council. However, these organisations are not required by international law to adhere to unilateral sanctions of any one member country against another, due to the privileges and immunities conveyed upon them by international conventions.iii In theory this means that if the U.S. imposes sanctions on Iran for example (both member countries of the U.N. since 1945), but the United Nations itself does not impose sanctions on Iran, then U.N. agencies and similarly, non-U.N. multi-lateral organisations, could continue doing business with Iran and not have to abide by the U.S.’s unilateral action. In practice however, multi-lateral agencies may find it difficult to ignore the U.S.’s persuasive sanctions arguments, despite the detriment unilateral sanctions may cause another member. Why? The United States is a major actor on the world stage, and it has considerable influence. It can wield its tremendous political and economic clout as a powerful member of nearly every international organisation in the world, to ensure its objectives are met, and that any transgressions by suppliers or international agencies, are swiftly discouraged.
What Are The Supply Chain Risks?
Supply interruption – U.S. unilateral sanctions can be applied overnight because the surprise element is very powerful in coercing the sanctioned party to comply with U.S. demands iv. Because sanctions may be implemented quickly and unexpectedly, their enactment can trigger immediate supply interruption of goods and services. All members of the supply chain can become subject to rigorous product or service inquiry to determine continued eligibility, and re-negotiation of terms is a real possibility. Suppliers may find themselves scrambling to ensure their contract doesn’t involve activities or persons that expose them to secondary sanctions.
Payment restrictions – Cash flow can also become a problem, especially if suppliers negotiate special payment terms in certain currencies. If an international agency engages a supplier to provide goods or services, and that supplier is somehow involved with a sanctioned entity, directly or indirectly, payments or advance cash transfers may get tied up by banks who suspect the transfer may reach an entity subject to U.S. unilateral sanctions. This can lead suppliers to struggle to meet contract targets or cease delivery altogether. It can also make repatriation of payments back to a payer more difficult.
Reputational Impact – Although the U.N., other multi-laterals, and their staff enjoy immunity from legal processv, suppliers do not enjoy the same protections. Sanctions can bring additional costs they hadn’t expected and they may attempt to secure compensation when things go awry. Even when the relevant law and jurisdiction for disputes is determined by the international agency, suppliers may still aggressively pursue disputes and the reputational risk for the agency if it does not comply or compensate for a presumed breach, is high. Diplomatic and political resources often prevail in settling such disputes away from the prying eyes of the press and public, however, coming to a satisfactory resolution involves time, money, and uncertainty.
What Mitigation Strategies Can be Used?
The answer is…. “It depends.” First, it’s important to understand that navigating unilateral sanctions can be a political minefield for an international organisation! Unlike private entities, there is no clear system in place to manage unilateral foreign policy objectives of one sovereign member state against another. Second, although international agencies monitor political developments of member countries, and no doubt try to avoid dealings that would disturb the delicate balance within these structures, it is not within their purview to implement unilateral sanctions against a member, unless there is consensus among all members to do so. Third, supply chain risks are inherently unpredictable. Supplier audits and screenings only show a snapshot of current relationships, not entanglements with sub-contractors or third party beneficiaries. Although parties can attempt strong due diligence and even stronger government compliance, knowing the rules to follow when caught in the web of unilateral sanctions actions is challenging.
i U.S. International Trade Administration, Department of Commerce 2016 Exports Fact Sheet, https://ibc- static.broad.msu.edu/sites/DEC/images/resources/1159b5b1-8a59-47a1-b988-4bb1836c9904us-exports- factsheet.pdf
ii U.S. Office of Trade and Economic Analysis, Department of Commerce Jobs Supported by Exports 2016 https://www.trade.gov/mas/ian/build/groups/public/@tg_ian/documents/webcontent/tg_ian_005543.pdf
iii Convention on the Privileges and Immunities of the United Nations (the “Convention”), adopted by the General Assembly of the United Nations February 13, 1946, and which set out specific privileges and immunities for the UN and its staff subject to waiver only by the Secretary General in certain situations.
iv U.S. implemented changes to Cuba sanctions rules announced officially November 8, 2017 and taking effect on November 9, 2017, see U.S. Treasury Press Release https://www.treasury.gov/press-center/press- releases/Pages/sm0209.aspx
What debt conditions, putting pressure on our global economy , should procurement pros make themselves familiar with? And how can we mitigate supplier risk?
This blog was written by William B. Danner
Two leading authorities on corporate financial health, Dr. Edward Altman, Professor of Finance, Emeritus, at New York University’s Stern School of Business and creator of the Altman Score, and CreditRiskMonitor Founder and CEO Jerry Flum, recently presented a webinar to hundreds of supply chain and credit professionals about today’s mammoth corporate debt problem.
As the primary point of contact between their company and suppliers – not to mention a first line of defense against third party risk – procurement and supply chain professionals should be concerned with the degree to which public companies are leveraged today.
Dr. Altman and Jerry Flum identified three unprecedented debt-related conditions, putting pressure on the global economy today that procurement should be aware of from a risk mitigation perspective:
1. Compare debt to GDP
One of the best ways to put debt levels into perspective is to compare debt to GDP. In the U.S., total debt is currently at a historically huge 3.5 times GDP. Of this total, corporate debt is large and growing. Overall debt levels are so large we must be concerned about the investors who own this debt, not just the borrowers. A 10% decline in value would destroy wealth equivalent to 35% of GDP, with a major effect on spending. Junk debt (high-yield bonds and leveraged loans) has soared to $2.5 – 3.0 trillion world-wide.
2. Benign credit cycle
Now in the 8th year of what is usually a 4-7 “benign credit cycle”, many executive teams have let their guard down, forgetting the lessons of the past. As Dr. Altman explained in the webinar, a ‘benign credit cycle’ has four characteristics:
Low default rates
High recovery rates when bonds default
Low interest rates, yields, and spreads
In other words, credit is cheap and easily available to publicly traded companies, which leads many companies to take on more debt. A great deal of debt has been issued to pay dividends and buy back stock, making corporations riskier.
3. Corporate valuations
Corporate valuations are inflated, with market values far higher than historical norms. Private equity firms are paying as much as 10 to 11 times cash flow for acquisitions. High stock prices make corporations less risky, but stock prices can fall.
Whether companies give in to the mania or make a disciplined choice to break free from the pack, procurement and supply chain professionals can take action to mitigate supplier risk and prepare their companies to handle the downturn when the next recession inevitably comes.
Suggested Steps for Supply Chain Professionals to Mitigate Supplier Risk :
1. Build in a monitoring process
Don’t stop with an initial vendor screening. Companies’ financial health can change and even a periodic review simply isn’t good enough. Avoid surprises and react quickly to change.
2. Get to know the vendors you do business with well
Ask questions such as:
“Who is the corporation we are paying? Is it under a different name?”
“Are they actually manufacturing the product or is someone else?”
“Where are their operations?”
Be cautious, especially if you are not getting clear answers.
3. Don’t over-do it
Not all your vendors will present a problem if they enter financial risk. Ask yourself:
“Is the commodity/product easy to replace? Is this a one-time contract?”
“Or, could this vendor create a major issue with our ability to ship on time, the quality of our product, or with our customer satisfaction?”
Only if you find that it’s a “yes” to the second question do you need extensive review.
4. Incorporate financial analysis in your key vendor review process
Be sure to include multiple periods of financial statements in your review to see trends. If you are finding it difficult to get financial information, be wary.
5. Compare your vendors with the financial condition of their peers
You may find more secure sources of supply.
6. When appropriate, take a hard look at the financial stability of your vendor’s suppliers
They are part of your supply chain and could be a significant exposure.
7. Have an open and honest communications process
You’ll want to explore with your vendor the performance factors that directly impact you such as shipping reliability, product quality, etc. but also financial stability. Knowledge is power and knowing all the facts gives you the time to identify and prepare alternative source(s) of supply.
8. Look at more radical options if a vendor looks too weak
Make vs. buy decision
Engineer a stronger vendor into the supply chain
Buy the troubled vendor, or
Help arrange for a preferred vendor to purchase the troubled vendor.
The fact of the matter is that today’s debt situation is historically unprecedented. We can’t be certain of the timing of a change in the financial markets, or what will serve as the trigger, but a shift is coming – so now is the time to prepare and put your processes and procedures in place.
William B. Danner has been president of CreditRiskMonitor since May 2007. Bill has more than 35 years of financial and information services experience.
Prior to CreditRiskMonitor he worked in brand strategy and business development consulting for financial services clients at his own firm, Danner Marketing. Previously he was at Citigate Albert Frank, a marketing communications company in New York City, where he worked on a variety of leading financial services accounts including Reuters Instinet and the CFA Institute. From 1997 to 2001, Bill was Vice President of Market Development at MetLife’s employee-benefits business. Before joining MetLife, he was at Dun & Bradstreet, most recently as VP Strategic Planning. He spent the first decade of his career at GE Information Services and GE Capital.
Bill earned a BA in economics from Harvard College and an MBA from Harvard Business School.
If your business is engaged in international commerce, you’re probably struggling to toe the line with supplier risk management. Automation, alerts, and third-party data are your best defence.
Managing supply chain risk is no walk in the park. Exogenous events like the recent terrorist attacks in Barcelona have drawn attention to the EU’s rules to combat terrorism financing through stricter anti-money laundering (AML) regulations. These rules impact many companies that are increasingly added to the law’s scope: possibly yours.
Meanwhile, modern slavery violations can surprise even the most astute contract or supply chain managers who may have unknowingly relied on invalid or falsified information. In the U.K., The Modern Slavery Act 2015 includes a Transparency in Supply Chains clause, which requires companies operating in the U.K. to address modern slavery in their supply chains. If you’re at a big company, you’re probably on the hook to comply.
Once you add in the more common types of risk, such as the financial or credit health of your suppliers, changing markets, and natural disasters, the sense of how challenging it is to manage them all—in the age of digital disruption with fast-paced change and volatility—can quickly become overwhelming.
Fortunately, there is technology and automation to help you maintain control, gain visibility into your supply chain, and mitigate much of these risks. The right technology can help you proactively steer your organization clear of minefields that can damage everything from reputation to sales. And it’s only getting better.
Start with real-time monitoring and alerts
The first step is to identify the most likely disruptions to the supply chain, like a natural disaster or a work stoppage at a supplier’s supplier. One way to deal with this type of risk is with real-time monitoring. Real-time monitoring of your suppliers means that you can receive an alert whenever there is a potential for disruption. Such alerts can help you find an alternative source of supply, maintain production, and avoid missed deliveries or even a plant shutdown.
Real-time alerts should be an extension of an overall solution consisting of a platform and business network. This is the ideal foundation to set up, monitor, and manage a portfolio of suppliers to ensure that all essential documentation about labor practices, certifications, certificates of insurance, and so on, is in place before you start doing business.
Integrate third-party data sources
Documentation and data about your suppliers can come from many sources, not just what you gather during an onboarding, contracting, or surveying exercise. There are plenty of third-party sources that have standalone solutions and open APIs or integrations into supplier management platforms that let you address various dimensions of supplier risk and to set up corresponding alerts.
If your company is engaged in trade and has a 10,000-euro or more money transfer in any way, it will need to comply with the EU 4th AML Directive. In addition to digitally onboarding your supplier base, you may want to automate KYC / KYB (know-your-customer, /-business), AML (anti-money-laundering), and EDD (enhanced due diligence) requirements. These steps will help you comply with the directive
One provider that is using cutting edge technology like distributed ledgers is Austria-based Kompany. Their counterparty verification data allows users to streamline the supplier verification process at the point of onboarding (and continually) with up-to-the-minute alerts on any material changes to supplier vitals. Their information comes directly from the commercial registers. Kompany even includes PEP (politically exposed person) screening and sanction lists.
Who says you can’t manage what you can’t see?
Other popular sources of company and industry data include Moody’s (credit ratings), EcoVadis (sustainability scorecards and ratings), riskmethods (transparency into risk exposures in 1-n tier supply chains), and Made in a Free World (visibility into modern slavery), to name a few. These data sources can help you continuously monitor for risks and evaluate your risk portfolio during the sourcing process.
Through technology and regulatory technology systems like those described above, you can design an automated, customized, and intelligent risk management strategy. In turn, this can boost trust between you and your suppliers and you can plan more confidently in an environment full of uncertainty.