Business has boomed on the back of supply chains. Look, for example, at Apple, the world’s largest company by market value, which has risen to success in part by outsourcing the vast majority of its manufacturing to suppliers in the Asia. This trend has seen companies entrust more of their value to increasingly complex supply chains, dispersed across remote geographies around the world. As this complexity increases, so does the difficulty of keeping track of what can go wrong.
Meanwhile, there is growing awareness that businesses face a broader set of risks. Once, the focus was simply on operations, continuity and quality. Though these remain complex and costly enough, they have been joined by ethical, environmental and legal risks.
Toby Duthie, co-founder of the Forensic Risk Alliance, says: “All corporates should undertake appropriate due diligence of new business partners and implement robust [ongoing] compliance programmes. Should they fail to do so, they risk losing out on lucrative contracts and suffering reputational damage in the increasingly public sphere of business ethics.”
For example, bribery legislation on both sides of the Atlantic present businesses with particularly challenging legal risks. “The [bribery] transaction doesn’t even need to have been carried out by your company,” Duthie says. “It could have been carried out by one of your third-party suppliers.
“As a result, businesses are increasingly focused on managing their supply base against standards far wider than price, quality and location. They are implementing safer and stronger business models which set the foundations for success in the world of transparency and best practice in order to safeguard their reputations,” he says.
A network of risks
Companies are also focused on creating policies to avoid the use of conflict minerals, as well as the inhumane use of bonded or child labour and other forms of modern-day slavery, dangerous work environments and environmental sustainability practices. Paying attention to these issues across the supply chain is not only the right thing to do, but it also pays dividends in the form of meeting corporate social responsibility goals and expectations, thereby enhancing respect for a company’s brand.
Matt Elkington, head of enterprise risk management in the UK with advisory firm PwC, says supply chains have become extended through global outsourcing and offshoring. At the same time, businesses have been continually pushing for ever greater efficiency – for example, by using the ‘lean’ model. “The issue is, both of these factors can come at a cost and contribute to fragility. Through their supply chains, businesses are facing a broad gamut of risk: macro-economic, geopolitical, reputational and legal,” Elkington says.
“This, together with the nature of global sourcing and the tiering of the supply chains, creates complexity in developing insight into risk.”
Mitigating all the right risks
Elkington argues that the majority of effort in mitigating supply chain risk has been focused on due diligence for finance, quality, delivery and key performance indicators. “Broader risks can be a bit of an afterthought,” he says.
However, more organisations are paying attention to a greater range of potential risk factors – such as those that might adversely affect corporate social responsibility strategies or cause reputational damage – when creating more efficient and scalable supplier on-boarding processes. “We are starting to see those get baked into the initial analysis in some companies but it’s by no means across the board,” Elkington says.
Neither is it a ‘do it once and forget it’ exercise – it clearly has to be an ongoing process of monitoring and evaluation. What’s perhaps less obvious, however, is the effect that such processes can have on improving suppliers’ behaviour. “That’s the value-added part of this – the success of seeing other companies bring on and enhance their own practices,” says Michelle Albanese, manager, procurement corporate responsibility at TD Bank Group.
Nick Wildgoose, global supply chain product leader with insurance firm Zurich, says that while different teams within a buying organisation may look at risk, there can be a tendency not to share information.
“A lot of organisations will carry out a financial appraisal of suppliers, through, say Dun & Bradstreet, and think that is supply chain risk management. But what about legal risk or labour practice? There is a lack of joined up thinking,” says Wildgoose.
When different professional teams take alternative approaches to managing risk, it creates a ‘silo effect’ that means businesses often lack a single view of risk across the business, he says. This can create the danger that risk data about suppliers can be incorrect, incomplete and out-of-date without a single team being responsible for maintaining it.
Tiers of risks
Research carried out by Zurich and the Business Continuity Institute found that 74 per cent of organisations reported at least one instance of supply chain disruption in the last 12 months. Half said the disruption occurred beyond the first tier in the supply chain, while 31 per cent said they did not analyse where the cause of the supply chain disruption took place, according to the survey of 500 managers from across the globe.
“Not all of those disruptions occur at tier 1, which is where procurement teams have traditionally focused,” Wildgoose says.
He adds that procurement should make a board-level case for a more comprehensive approach to risk by taking the company’s most profitable product and showing just how much profit or brand reputation can be jeopardised by supplier failure or malpractice.
Alan Day, chairman and founder of procurement consultancy State of Flux, says procurement itself should be more aware of the risk it itself can create. “For example, the length of a contract can have positive and negative effects on risk. All the things that purchasing does can create risk and that tends to get overlooked.”
But some supply chain systems are helping to create holistic view of risk, he says. “We [use them] to see what you need to manage the relationship, performance and risk.”
Businesses are increasingly aware of the broader range of risks they face, and the need to manage that in large-scale, global supply chains. Supported by software tools, there are efforts to integrate supply chain risk management across the business. The variety of stakeholders, and complexity of supply chains, mean challenges still remain, but once they are harnessed together and their goals aligned, then the result will be significant value-enhancement for the organization.
This article has been written by an experienced journalist, commissioned by Procurement Leaders. It is part of a sponsored editorial product, published in partnership with SAP Ariba. Commissioned by Procurement Leaders.