Category Archives: Risk Management

Risk Management in Migration to Low-Cost Countries, Part I

Today’s guest post is from Diego De La Garza, Senior Project Manager at Source Once Management Services, LLC, and Source One’s expert on sourcing in Latin America.

A few decades back, corporations started to talk about migrating costs to low-cost countries. These discussions were driven by the inherent advantages that locations in East Asia, Eastern Europe, and Latin America presented. Today, this is no longer merely a strategic notion but a well-established commercial trend. Efficient migration to low-cost countries has become a necessary, competitive trait.

One of the primary reasons companies decided to migrate to low-cost countries in the first place was precisely to mitigate risk, whether by reducing cost or by decreasing the probability of supply chain or operational disruption. Eventually, this strategy became so popular that companies understood that without implementing structural changes to reduce their cost base, they could perish. Consequently, as the trend evolved into a global practice, it became clear that ignoring low-cost country sourcing within the corporate agenda was a risk itself. Today, the global sourcing paradigm is complex, and in many cases, world class organizations are now even moving out from well-known countries in Asia to “nearshore” locations in Latin America.

However, as ironic as it may be, low-cost country sourcing is so intricate that it carries significant risks if improperly managed. This preamble sets the tone to our main discussion, as risks factors, whether known or strange, will present themselves regardless of the low-cost country strategy.

Common sense dictates that risk mitigation must begin with proactive and diligent research on risk potential before setting a comprehensive strategy for the migration process. Surprisingly enough, many corporations overlook this first step because foreign market research can be both expensive and time consuming. Regardless of how arduous the efforts are, some risk factors will not be identified easily or early enough. Thorough research and preparedness will always prevail as the first risk mitigation strategy. That said, many risks of low-cost country sourcing today are well-known, and best practices will facilitate managing risk from the initial stages of the migration process.

Typically, low-cost countries are surrounded by some level of both reputation and myth. Getting to know the real landscape is paramount when migrating costs. The first premise that comes to mind is that low-cost is associated with low quality. Generally speaking, this is not true, especially when we understand the strong industries in the markets we pursue. The likelihood is that where there’s expertise and a well-established industry, quality will not be an issue. What we need to determine instead is whether the location in scope has the adequate environment to sustain and develop the industry in the long-term. Beyond generating an understanding on local suppliers, labor rates, and raw materials, corporations must consider multiple areas of risk and audit the local market itself.

This is particularly important because any company migrating a manufacturing process or even a service should determine if the local market itself would be receptive to it and support regional demand. This step would mitigate risk by reducing costs and opening new markets, making the location an efficient link within the supply chain and a source of revenue.

However, quality is just one concern that needs to be considered when outsourcing to a local market. In Part II, we will explore some of the other risks that need to be addressed.

Thanks, Diego.

Geo-Political Risk


Today’s guest post is from Nick Ford, Director of Customer Service & Delivery, EMEA, Xchanging (which also owns MM4 and Spikes Cavell and which has built up a fairly extensive S2P suite over the past couple of years).

The news is dominated by geopolitical events from around the world — the spread of Ebola, the conflict in Syria, the unrest in Ferguson, ISIS and just about anything that happens in North Korea. Most people will read a few articles, watch the evening news, form an opinion, feel mad, feel glad, feel nothing. Some people will take action. They will be driven to help where they can by donating their voice, their time or their money. Then there are the people who have to leave their emotions, their political affiliations and their prejudices at the door and when disaster strikes, they have to think about business.

As procurement spreads across more and more geographical boundaries, organisations are being exposed to more and more geopolitical risk. In order to ensure the safety of their company, CPOs and Procurement Directors must proactively consider the implications of these events on the running of their businesses. They need to take into account where they are doing business, where their suppliers are doing business and where their manufacturers are located. What is the volatility of that location? What is the political stability, the currency stability and the stability of the work force within that location? How does that affect your business? Some more progressive organisations are taking this further down the supply chain and looking at where their suppliers’ suppliers are doing business.

How–to Measure Geopolitical Risk

Historically, supplier risk has ignored location factors and has instead been focused almost entirely on financial performance. This made risk a very binary exercise but the deeper and broader you go into operational risk the less it becomes about numbers and absolute answers. To truly understand a supplier’s risk profile, you must undergo stress testing and what–if scenario planning. What if war broke out in a region in which you operate? What if, suddenly, a fire broke out in a supplier’s factory and destroyed everything? Where would you transfer that work to, and quickly? What impact would that have on your lead times or your payments? What impact would that have on your customer contracts? You could come up with any number of scenarios and run them through your supply chain operating model to see what impact they could potentially have on your delivery to your customers. Once you understand what impact these events could have, you can start to defend against them.

How Geopolitical Risk Has Changed

Due to technology and access to the internet, the world is becoming a much smaller place. World news is immediate. You’re able to monitor events and changes automatically. Organisations now have an abundance of information available to them. There’s always been political unrest and risk in certain regions but now there is a far better understanding as to what’s changing on a daily basis which allows CPOs to begin to proactively safeguard against them.

The Cost of Geopolitical Risk

Reducing geopolitical risk is about supply chain analysis, disaster recovery, your ability to move to a different supply chain supply environment and how quickly you can do that should a situation arise. The other aspect of geopolitical risk to consider is the cost. From a risk perspective, in the short-term, it costs more to work with a supplier out of China than it does to buy from someone down the road. In most companies, there’s not enough emphasis placed on the increased organisational risks that occur when working with some of these low-cost suppliers. The harm done to the business should something go wrong could be irreparable. The Ebola outbreak, for instance, could have a huge negative impact on Western organisations if they are no longer allowed to import from affected countries or if new trade restrictions, regulations, or possible quarantines are implemented. When selecting suppliers, procurement teams need to take a total cost of ownership approach.

The Cost of Managing Geopolitical Risk

A total cost of ownership approach looks beyond the direct price and takes into account all of the indirect costs of using a supplier, risk and risk management included. For example, based on your risk profiling, you may want to use a double supply scenario to cover areas where you think the geographical or political risks are high. Organisations currently importing from Ebola affected sub-Saharan African may take this approach. That of course, will add to the cost of the good or service. It’s the procurement team’s job then to convince the board that although it may cost a little more, at the end of the day, it lowers the risk profile of the organisation

Supplier risks haven’t changed in the past 10 years — as far as I know there’s always been risk of war, disease or disaster — but the increase of global supply chains have left companies more exposed. Thankfully, there has also been an increase of available information to help prepare and defend against these risks. Strategic CPOs and Procurement Directors know that the best offence is a strong defence and are thus making risk management and disaster recovery a priority — even if it costs a bit more. You get what you pay for.

Supplier Risk: The Tip of the Iceberg


Today’s guest post is from Nick Ford, Director of Customer Service & Delivery, EMEA, Xchanging (which also owns MM4 and Spikes Cavell and which has built up a fairly extensive S2P suite over the past couple of years).

Titanic, the ship not the film, has more in common with your business than you probably realise. Both are massive entities, run by people with years of experience, moving full steam ahead, in a sea of risk, assuming that they’ll be able to see and manoeuvre around any danger that presents itself. The problem, with both your business and Titanic, is the unseen danger — the risks below the surface. Titanic, as we all know, was taken down by an iceberg — sliced open along the hull by the ice beneath the surface of the ocean. If your business isn’t careful, the same thing could happen. I’m talking about supplier risk.

Supplier risk is an iceberg. The tip of the iceberg, that visible 10%, is the financial risk. A supplier’s financial performance is well documented and publicly available. It’s easy to understand their financial position, to monitor their reports and turnover and make an assessment on their viability. Traditionally, this has been the primary way organisations have measured supplier risk but it’s not the whole picture. Underneath the surface lies an absolute plethora of ‘other’ risks that need to be monitored and measured — just like an iceberg — and, just like and iceberg they have the potential to sink your business.

There are three main categories of supplier risk: financial, supply chain and corporate social responsibility — and then there are multiple tiers within each of those categories, across multiple dimensions. It’s those multiple levels, as you move further and further down the supply chain, where the bulk of risk sits. When you consider executive changes, geographical risks, political risks, disaster planning, and stress testing, to name just a few factors, you begin to see supplier risk as an enormous subject.

What some of the more progressive organisations are doing now, is looking at the next 4 or 5 levels of supplier risk. They’re doing this via a structured process in order to understand what their true supplier risk profiles are and to be able to measure and monitor them on a quarterly basis. Procurement should be about managing risk proactively rather than just protecting the suppliers and services that come into your organisation.

Currently, however, most organisations aren’t doing a sufficient amount of supplier risk management, they’re just doing the basics. What’s happening in procurement departments is they are doing what is appropriate to the risk appetite of the organisation. If there’s a very strong appetite within the organisation to manage operational risk, then you’ll tend to find that risk is also higher up the agenda for the CPO or Procurement Director. It’s very high on the agenda in financial services and the oil and gas industry for example, less so in retail and manufacturing. Supplier risk management is reactive at the moment, but I think that will change over the next 5-10 years. It has to.

Along with increased appetite for risk, I think there will be a lot more investment in technology in this area over the next 5-10 years. There’s been a lot of investment in the area of supplier relationship management over the past few years. Going forward, I can see those tools extending dramatically into the risk area. There will be a proliferation of supply risk management tools that come onto the market which bring together the more basic areas of risk, like financial performance and revenue, with all of these other, deeper areas of risk, creating a dashboard that allows you to see your complete risk position — the whole iceberg — at any point in time. Currently, outside of the oil and gas sector, there isn’t really a demand for this type of tool but as risk moves up the procurement agenda, CPOs will reach a point where they’ll need this level of in-depth supplier visibility.

You can find very good data now on the financial risk of suppliers. Executive changes, stock holding changes and financial performance, are all public knowledge and very binary — you either have it or you don’t. The tip of the iceberg is pretty much under control for most procurement departments. When you move below the surface and begin to look at the more strategic and proactive areas of supplier risk, that’s where organisations are currently leaving themselves open to damage. Effective risk management requires creativity. It means stress-testing your supply chain, assessing your suppliers’ suppliers, executing scenario and what-if planning. Unfortunately, it will probably take a few disasters to truly move risk higher up the corporate agenda — it took the sinking of the Titanic to make supplying enough lifeboats for everyone on board law — but if procurement wants to be seen as a strategic function, they’ll need to start addressing the rest of the iceberg.

The Dirty Dozen (A 101 Damnations Preamble)

No, we are not referring to the 1967 Robert Aldrich war film based on E.M. Nathanson’s 1965 novel about 12 prisoners who are recruited for an attack on a chateau on the night before the D-Day invasion of June 6, but instead the 12 types of damnations that plague you and your Procurement organization on a daily basis.

As we indicated in yesterday’s post, there are dozens upon dozens of challenges being thrown at us on a daily basis. And whether or not they are hurled at us with malicious intent is irrelevant — they still cause us nothing but grief and agony and divert our attention away from strategic planning, (should-cost) modelling, and supply assurance.

In fact, as our upcoming series will unveil, there are (at least) 101 damnations that we have to contend with on a daily basis. And that’s too many to address without some sort of framework. That’s why we have the dirty dozen — the 12 factions of risk, stress, and, in some cases, even malice that attempt to thwart us at every turn and hasten our decline from the order we create with our awards and partnerships into the chaos that, in the end, brings about the downfall of every organization.
Need we remind you that three of the most profitable companies ever, adjusted for inflation, were the Dutch East India Company, the South Sea Company, and the Mississippi Company (which were worth approximately 7.4 Trillion, 4 Trillion, and 6 Trillion in 2012 dollars) are now defunct? Like the Microsoft, Apple, and Exxon-Mobil’s of today, they were worth more than many countries, but corruption, uncontrolled speculation, and the bursting of a real-estate bubble brought each of these companies to ruin.

In the series that follows we will address each of the primary damnations in each of these categories. However, before we begin, will define each of these categories so that you may get a glimpse of the terror within.

  • Economic
    Everything the economy can throw at you from fiscal crisis to currency shocks to employment swings and the shocks they bring to your supply chain.
  • Infrastructural
    Planes, Trains, and Automobiles; the tracks and roads they travel on; and the services (water, energy, waste, etc.) infrastructure we all rely on.
  • Environmental
    Resource shortages, waste and pollution, and the fury of mother earth.
  • Geopolitical
    Governmental spats, global treaties and embargoes, and political unrest.
  • Regulatory
    Taxes, trade requirements, material bans, and labeling requirements.
  • Societal
    Crime, piracy, fraud, corruption, education, talent, worker’s right, unionization and the whims of the masses.
  • Technological
    Production technology, cyberspace, 3-D printing, robotics, IP & patents, and quantum leaps.
  • Influential
    Analysts, pundits, consortiums, and conferences. Where does the pied piper lead the rats?
  • Organizational
    Engineering, Marketing, Sales, Legal, and every other department (that might be out to get you).

  • Authoritative
    Shareholders, the Board, and your activist investors.
  • Providers
    Suppliers, carriers, BPOs/GPOs, and everyone else who can pull the supply chain rug from under your feet.
  • Consumers
    Governments, corporations, end consumers and the dollars you depend on.

Integration Point: A Global Content Provider

When we last covered Integration Point (in 2008 and 2010), we discussed their solutions for customs, security, and product classification; for free / secure trade zones and for regulatory compliance.

We talked about how their SaaS solutions helped companies with product classification under HS codes, advance notification (as required by 10+2), denied party screening (through integration with the US denied party lists), free trade / special economic zones (and identification of associated agreements), and the creation of necessary documents as well as the creation of surveys to determine if the supply base was compliant.

It was a good all-around solution, but it wasn’t a one-stop shop. While the import and export management solutions were extensive, the supply chain compliance solutions were limited; free trade was primarily ECCN, entry visibility, and country of origin; there was no automatic HS or country of origin classification; and content was primarily limited to HS/HTS codes, common import documentation, custom compliance documentation, and FTA summaries.

However, recognizing that their entire solution was dependent on good content, Integration Point, which now has twenty (20) offices across six (6) continents (and which promises an Antartica office as soon as the penguins start trading), started working on a Content Repository ten years ago and over the last decade has grown that content repository into a Global Content Repository with relevant trade data for over 185 countries. This include HS Codes, Tariff Schedules, Import/Export documentation requirements, rulings, free trade agreements, free trade and special economic zones, customs compliance programs, denied parties, sanctions and embargoes, and relevant trade acts, such as Lacey. The repository, which is maintained by a team of over 200 people globally, contains millions of base documents and millions of codings and mappings and is updated daily.

Daily updates is a critical part of a trade content repository. While some countries only update their tariff schedules a few times a year, others update their schedules monthly, and some update their schedules weekly (or more as Brazil once updated its schedules 80 times in one year). In addition, as trade relations improve or break down between countries, new trade restrictions / sanctions / embargoes are created almost overnight, denied parties get added to the list daily, and new regulations and rulings also come out on a daily basis. Correct classification, coding, and documentation is the difference between trouble-free trade and having your shipment held up for days, weeks, or months. And not shipping a restricted product to a denied party is the difference between smooth sailing and being federally investigated and fined millions of dollars. In both cases, your logistics and trade managers can only insure properly documented, legal, trade if they are on the ball with up-to-date data.

Since Integration Point has a global team, Integration Point, which sells access to its content repository as well as its trade management solutions on a subscription basis, is able to keep its repository current, which is no mean feat considering there have been over 2M updates to HS classifications alone on a global basis so far this year and over 1M updates to the import / export document database were required to capture regulation updates, trade agreement updates, form updates, and new rulings.

Integration Point now has one of the best and most complete Global Content Solutions out there and should be included in your list of content solution providers as you endeavour to get your compliance under control because Content is a Cornerstone of Compliance.

Plus, based on this content, Integration Point is now able to offer innovative solutions around country of origin determination, product classification, tariff analysis, and supply chain costing. We will cover these in future posts in early 2015.