Category Archives: Risk Management

Risk 2011: Technology

In our last post, we indicated that the World Economic Forum had recently released its 6th annual Global Risks report, it’s 2011 edition. This report was filled with risk, thirty-seven types of risk divided into five categories to be precise. Today, we are going to discuss what Sourcing Innovation thinks are the top three technology risks from a Supply Management perspective.

03: Threats from New Technology

Your business depends on its profit margins. Its profit margins depend on keeping revenues up and costs down. Revenue often depends on having the best product for your target customers at the best price point. Keeping costs down usually depends on a lean, streamlined process which, in turn, often depends on leading-edge technology to keep it running as efficiently as possible.

If your competitor identifies, latches onto, and implements a new technology before you do, then your competitor may be able to lower its production and operating costs well below your production and operating costs. If this happens, it will be able to lower its price point, and increase its revenue at the expense of yours. Then your organization will face declining revenues with higher costs. Profits will quickly disappear. Given the rapid pace of progress in many technology verticals, this could happen overnight if your organization doesn’t at least keep up, if not stay ahead of, the curve.

02: Online Data and Information Security

Every week we hear about another data breach at another retailer. What we don’t often hear about, because consumers aren’t directly affected, is yet another network intrusion at a Global 3000. While the average hacker might want your credit card, the average hacker employed by organizations that resort to corporate espionage wants your data – and your Supply Management related data in particular. What are you making? What are the specifications? Where? With who? When are you shipping? From Where? With what carrier? If any of this data finds its way to your competition before you’re ready to release a new product, the losses could be crippling. What if your competitor is able to use your plans to jump-start their development of a better version and beat you to market? What if thieves intercept your critical shipments and sell your product on the black market? While a consumer’s financial solvency depends on her credit card information being kept secure, your organization’s financial solvency often depends on your Supply Management data being kept secure.

01: Critical Information Infrastructure Breakdown

Let’s face it, it’s impossible to manage a global supply chain without modern supply management systems and the information infrastructure that supports them. What happens if your primary data centre gets taken out? What happens if your headquarters loses power for 48 hours? What happens if the land lines fail and the one satellite that carries cellular signals for your (remote) location stops responding? The minute your internet goes down, your business stops. Literally. And since your information infrastructure could breakdown as the result of a (power) grid overload, a data centre failure, an environmental disaster, or a terrorist action, all of which can not be predicted (or prevented in many situations), this is a significant risk that requires risk mitigation plans be in place and ready to go at a moment’s notice.

Risk, Risk, Risk: 2011 Did Not Improve Matters Any

The World Economic Forum recently released it’s 6th Global Risks report, 2011 edition, and it’s filled with economic, environmental, societal, geopolitical, and technological risks that are plaguing global supply chains across the globe. Some of these have not changed since SI first reviewed the 2nd edition back in 2007, and some are new. However, they all have the potential to bring your supply chain to a grinding halt. In this series, we will review each category of risk, focus on a few risks of immediate relevance and discuss how they could impact an average supply chain.

At a high level, the risks identified were:

Environmental

  • Air Pollution
  • Biodiversity Loss
  • Climate Change
  • Earthquakes & Volcanic Eruptions
  • Flooding
  • Ocean Governance
  • Storms & Cyclones
Technological

  • Critical Information Infrastructure Breakdown
  • Online Data and Information Security
  • Threats from New Technology
Societal

  • Chronic Disease
  • Demographic Challenges
  • Economic Disparity
  • Food Security
  • Infectious Diseases
  • Migration
  • Water Security
Economic

  • Asset Price Collapse
  • Extreme Commodity Price Volatility
  • Extreme Consumer Price Volatility
  • Extreme Energy Price Volatility
  • Fiscal Crisis
  • Global Imbalances & Currency Volatility
  • Infrastructure Fragility
  • Liquidity / Credit Crunch
  • Regulatory Failures
  • Retrenchment from Globalization
  • Slowing Chinese Economy (<6%)
Geopolitical

  • Corruption
  • Fragile States
  • Geopolitical Conflict
  • Global Governance Failures
  • Illicit Trade
  • Organized Crime
  • Space Security
  • Terrorism
  • Weapons of Mass Destruction

That’s a lot of risk to consider, spread across five categories and thirty-seven risk types, each of which could manifest in dozens, or hundreds, of ways across your global supply chain. In the next five posts we’ll discuss what SI thinks are the top risks in each category and why.

The Risk of Being a MultiNational

A recent article over on ChiefExecutive.net for those who “want to be a multinational” did a great job of pointing out many of the risks that a company has to prepare for in order to become a multi-national. It zeroed in on the following seven risks:

  1. Country Risk
    Third parties from countries with less mature corporate governance laws/regulations are more likely to create a compliance breach for a multinational firm.
  2. Industry Risk
    Some industries are riskier than others. For example, food distribution — the risk of contaminants from unknown factories or partners with less rigorous quality control could be high and exposure you as the importer to massive liabilities and lawsuits. Defence is risky as well. Maybe only non-controlled components are being outsourced, but one accidentally exposed document can lead to very serious repercussions to the company and the executives, who could be held personally liable.
  3. Spend Exposure Risk
    If a single vendor accounts for 80% or more of a specific business unit spend and something happens to that vendor, negating the ability of the vendor to meet its commitment, the entire business unit is then at risk.
  4. Compliance Risk
    Failure to comply with import or governing regulations in the importing country from a product perspective can lead to entire shipments being size and destroyed. This is particularly bad in Europe where certain chemicals have been severely restricted or banned by RoHS, WEE, or similar EU directives. It’s also becoming a problem in North America, where substances such as BPA are finally being restricted or banned.
  5. Discovered Exposure Risk
    The supplier, who may not be corrupt today, may have been corrupt in the past — and the corruption could come to light during the time in which your organization is doing business with the supplier. This could be devastating as it could bring your firm under investigation.
  6. Partner Disruption Risk
    If the supplier is supplying a critical part or service, and is the only (significant) source of such product or service, it could jeopardize an entire product or service line and bring significant financial risk to organization as a whole, even if the spend on the supplier is less than 20%. (This risk is complementary to the Spend Exposure Risk.)
  7. Dependency Risk
    If the organization cannot function without the supplier, then each of the above risks that apply to the relationship increases substantially. The financial risk could escalate from significant financial loss to bankruptcy as significant supply chain failures, as chronicled in Supply Chain Digest’s 11 Worst Supply Chain Disasters, can bankrupt even a multi-billion dollar organization.

And it mentioned the following risk, which is buried under discovered exposure risk, that should probably be front and centre:

  • FCPA and Bribery Act Risk
    Your subsidiaries or partners could violate the US FCPA or UK Bribery Act in the course of doing normal business in the country in which they are operating. Although both acts allow for a form of facilitation payments, as that is just the way business is done in some parts of the world, there’s a difference between a facilitation payment and an outright bribe and, in some countries, while they still exist, facilitation payments are not as common as they used to be as they adjust to doing business with the West. (Of course, they find new ways to extract blood from your stone, but I will leave that discussion to a global trade expert.)More importantly, especially under the UK bribery act, even relatively inexpensive gifts — such as business dinners, sports tickets, or Christmas Party invitations — can be construed as bribes. Extra care has to be taken, especially if such gifts go to the winning party.

There can be great rewards to being a multinational that taps the opportunities in emerging markets from both a supply, and demand, perspective, but there are similarly great risks. Is your organization prepared? And more importantly, is your supply chain?

Should Your Contracts Be Based on Alternate Dispute Resolution?

The dispute resolution solution of choice in most large contracts is litigation — you reserve the right to tell the other party that I’ll Sue Ya if anything goes wrong. Given the large judgements that have been awarded in some of the more famous legal battles, it seems like it should be the dispute resolution of choice when millions of dollars are on the line. But should it really? The reality is that court is time consuming, costly, and, as all court cases are public domain, damaging to your reputation and irreparably harmful to your business relationship. All it does it take a bad situation and make it much, much worse.

There are other options, and, as described in this recent CPO agenda article on “taking the alternate route”, they include:

  • mediation,
  • arbitration, and
  • adjudication.

And your procurement organization should be acutely aware of them, because each and every contract signed needs a dispute resolution procedure — as it cannot be predicted when something will go (horribly) wrong and when the organization will have to deal with it quickly, and effectively. And as the article notes, if you do have a dispute and you don’t have adequate dispute resolution provision, it can make the resolution of the dispute significantly disadvantageous for one party or another, depending on the circumstances. And you don’t want to risk the resolution being disadvantageous to your organization, considering it is Supply Management’s job to be leaders in contract creation and negotiation.

So why consider ADR? As the author notes: the overriding advantage of using ADR is that it enables both parties to preserve the commercial relationship while maintaining control of resolving the dispute. So which ADR option do you choose? It depends on what you need.

  • Mediation
    is a method that may allow parties to reach an amicable agreement and maintain on-going relations. The focus of the process is on the interests of the parties, rather than on their legal rights alone, which allows other factors such as commercial pressures to be taken into account. If the goal is to reach a mutual settlement, this is often the best bet.
  • Arbitration
    is particularly valuable with international contracts where parties are based in different countries, since court judgments accepted in one country are difficult to enforce internationally. Arbitration awards are easily enforced all over the world under the New York Convention. If the goal is to reach an enforceable settlement, this is often the best bet.
  • Adjucation
    is hugely popular because it provides a quick answer and the resolver is likely to be a subject matter expert from the industry. And the answer, while not always the one sought, is usually one the parties can live with. This allows the parties to deal with the problem and move on. If the goal is to get a quick resolution, this is often the best bet.

And while the best option may not always be clear cut, chances are it won’t always be litigation. Keep this in mind when determining your dispute resolution methodology of choice.

Another Lesson In The Peril of Spreadsheets

A recent article in Supply and Demand Chain Executive on why you should NOT “Let This Happen To You” had some scary lessons on why spreadsheets should be tossed out of your operations management process forever and ever.

  • a high-volume software company unwittingly threw 20 Million annually into the scrap bin because of a hidden, devastating, logical spreadsheet error that systematically triggered over-ordering of seasonal printed materials
  • a financial services firm underestimated support centre demand by over 250 agents, roughly 25 percent of total demand because of formula errors and inappropriate assumptions
  • a national build-out of a digital service network was beset with months of delays and millions of dollars in lost revenue because spreadsheet-based material planning and execution tools were overwhelmed with the size and complexity of the job

And, as the article pointed out, management is usually unaware of the issues until crisis is upon the company. Spreadsheets might “get the job done” when a quick and dirty calculation is needed for an estimate, but calamities incubate when an application is extended to problems that are too large or complex and eventually significant error creeps in that could devastate your business.

This is especially true in Supply Management. As the author notes, the high-volume software company that lost 20 Million annually relied on spreadsheets that not only included forecasting information, but that extended all the way into the Procurement of materials. The authors neglected to include materials already on order as part of supply requirements. As a result, every time the spreadsheet was reviewed, another unnecessary buy was signalled.

And it’s true in Service Management. The financial services firm that underestimated support centre demand used a spreadsheet that assumed demand would stay constant with a major service platform roll-out.

For any calculation that goes beyond an initial estimate, the repeated use, alteration of, and reliance on spreadsheets quickly leads to manual error. And for any calculation that is large (in value) or complex, it isn’t long before a scenario arises where consequences and execution risk become very high — and costly.

So ditch the spreadsheets and put in place proper financial, enterprise planning, data analysis, and supply management tools. The corporate bank account will thank you.