Today’s guest post is from Nick Ford, Director of Customer Service & Delivery, EMEA, Xchanging (which also owns MM4 and Spikes Cavell and which has built up a fairly extensive S2P suite over the past couple of years).
Titanic, the ship not the film, has more in common with your business than you probably realise. Both are massive entities, run by people with years of experience, moving full steam ahead, in a sea of risk, assuming that they’ll be able to see and manoeuvre around any danger that presents itself. The problem, with both your business and Titanic, is the unseen danger — the risks below the surface. Titanic, as we all know, was taken down by an iceberg — sliced open along the hull by the ice beneath the surface of the ocean. If your business isn’t careful, the same thing could happen. I’m talking about supplier risk.
Supplier risk is an iceberg. The tip of the iceberg, that visible 10%, is the financial risk. A supplier’s financial performance is well documented and publicly available. It’s easy to understand their financial position, to monitor their reports and turnover and make an assessment on their viability. Traditionally, this has been the primary way organisations have measured supplier risk but it’s not the whole picture. Underneath the surface lies an absolute plethora of ‘other’ risks that need to be monitored and measured — just like an iceberg — and, just like and iceberg they have the potential to sink your business.
There are three main categories of supplier risk: financial, supply chain and corporate social responsibility — and then there are multiple tiers within each of those categories, across multiple dimensions. It’s those multiple levels, as you move further and further down the supply chain, where the bulk of risk sits. When you consider executive changes, geographical risks, political risks, disaster planning, and stress testing, to name just a few factors, you begin to see supplier risk as an enormous subject.
What some of the more progressive organisations are doing now, is looking at the next 4 or 5 levels of supplier risk. They’re doing this via a structured process in order to understand what their true supplier risk profiles are and to be able to measure and monitor them on a quarterly basis. Procurement should be about managing risk proactively rather than just protecting the suppliers and services that come into your organisation.
Currently, however, most organisations aren’t doing a sufficient amount of supplier risk management, they’re just doing the basics. What’s happening in procurement departments is they are doing what is appropriate to the risk appetite of the organisation. If there’s a very strong appetite within the organisation to manage operational risk, then you’ll tend to find that risk is also higher up the agenda for the CPO or Procurement Director. It’s very high on the agenda in financial services and the oil and gas industry for example, less so in retail and manufacturing. Supplier risk management is reactive at the moment, but I think that will change over the next 5-10 years. It has to.
Along with increased appetite for risk, I think there will be a lot more investment in technology in this area over the next 5-10 years. There’s been a lot of investment in the area of supplier relationship management over the past few years. Going forward, I can see those tools extending dramatically into the risk area. There will be a proliferation of supply risk management tools that come onto the market which bring together the more basic areas of risk, like financial performance and revenue, with all of these other, deeper areas of risk, creating a dashboard that allows you to see your complete risk position — the whole iceberg — at any point in time. Currently, outside of the oil and gas sector, there isn’t really a demand for this type of tool but as risk moves up the procurement agenda, CPOs will reach a point where they’ll need this level of in-depth supplier visibility.
You can find very good data now on the financial risk of suppliers. Executive changes, stock holding changes and financial performance, are all public knowledge and very binary — you either have it or you don’t. The tip of the iceberg is pretty much under control for most procurement departments. When you move below the surface and begin to look at the more strategic and proactive areas of supplier risk, that’s where organisations are currently leaving themselves open to damage. Effective risk management requires creativity. It means stress-testing your supply chain, assessing your suppliers’ suppliers, executing scenario and what-if planning. Unfortunately, it will probably take a few disasters to truly move risk higher up the corporate agenda — it took the sinking of the Titanic to make supplying enough lifeboats for everyone on board law — but if procurement wants to be seen as a strategic function, they’ll need to start addressing the rest of the iceberg.