Category Archives: Risk Management

the doctor’s Seven Grand Challenges for Supply & Spend Management

Seven deadly sins
Seven ways to win
Seven holy paths to hell
And your trip begins

Seven downward slopes
Seven bloodied hopes
Seven are your burning fires
Seven your desires….
  Adrian Smith / Bruce Dickinson

In my last post, which announced the cross-blog series that this post is officially kicking off, I reviewed the seven grand challenges for IT over the next twenty-five years, as laid out by Gartner back in the spring. Although they ranged from the ridiculous to the sublime, and contained a fair amount of overlap when closely analyzed, it’s a worthwhile exercise to undertake every now and again, because in order to develop a useful solution, you need to identify what is needed and the path you should be on.

This inspired me to propose a set of “seven grand challenges” for supply and spend management, in the hopes that it would get you, dear reader, to think about what is important, what problems should be solved, and where we should go. Considering how important supply management is in these troubled times, I hope that all of my fellow bloggers chime in with their ideas on what’s good, what’s bad, and, what’s downright ugly in supply chain today — because the first step in solving a problem is properly identifying it.

So, without further ado, to kick off this cross-blog series, here are the doctor‘s proposals for the seven grand supply and spend management challenges:

  • Optimization
    There are a number of challenges here. The first challenge is getting people to use solutions that are already out there. There are currently a number of offerings that address strategic sourcing decision optimization, distribution network optimization, and freight optimization quite well, and that, when properly applied, can save the average company up to 12% above and beyond the best solution obtained with auctions. The second challenge is integrating the different problems (sourcing optimization, freight optimization, network optimization, etc.) into a common framework that allows the tradeoff effects of each decision to be adequately modeled and understood in the big picture. The third problem is addressing the emerging non-quantitative regulatory and compliance requirements such as RoHS, WEEE, and GHG emission limits in a consistent and value-oriented manner within the optimization model.
  • Supplier Enablement
    This is something we still don’t have a good handle on. Beyond “supplier enablement is the provision of technology based solutions that enable the supplier to be more productive and better serve the buyer”, there isn’t yet a general consensus of what this technology needs to be, as most companies have not yet embraced B2B 3.0. I’ve argued before that, today, it’s a combination of catalogs, networks, e-Document exchange and management, and supplier portal technology, and I still think that is a good start, but enablement should go beyond enabling the exchange of information, it should improve the supplier’s operations overall.
  • Integration of the Physical, Information, & Financial Chains
    For most companies, these are three different chains. Some companies that have embraced RFID, GPS, and e-document management have taken the first steps to integrating the physical and information flows, but the technology is still emerging, the integration isn’t smooth without extensive integration and customization between a number of different solutions (and only Fortune 500 companies can even afford to consider this), and we have only started to look at the financial supply chain and how to best integrate it with the information supply chain. I think it will be a while before solutions that truly support a holistic view will emerge, especially considering that even the gorillas in the space don’t have end-to-end sourcing and procurement.
  • Solution Globalization
    Let’s face it … supply chains today are truly global, but the solutions are not. Most “internationalized” solutions are only available in a smattering of languages, most “internationalized” solutions are not plugged into real-time currency exchange feeds — and few developers have thought about the need to maintain/display multiple conversions (including the rate at the time of purchase, the projected rate, the current rate, etc.), and most “internationalized” solutions don’t help you understand how to do business with the country of interest.
  • GHG Tracking and Reduction
    Most enlightened countries have woken up to the fact that, even though we don’t know precisely how damaging each ton of GHG and / or carbon we emit is, we do know that it’s damaging and that we have to reduce our emissions. The first step is to get a baseline of the emissions produced by your operations, but for many companies, this is a multi-year effort. Better product and service solutions are needed. Also, although there are multiple proposals on the table to reduce emissions, there are few total value management models out there to help us select the right ones.
  • Risk Prevention
    Not only is risk not going away, but it’s getting worse by the year. Supply chains are getting more complex by the year, and the likelihood of something going wrong is steadily increasing. Solutions that can help a company identify risks, in real time, and identify possible mitigations and actions required to implement them, are desperately needed.
  • Opportunity Analysis
    Costs are skyrocketing, but consumer discretionary spending is stagnant at best. They key to a successful supply chain is cost reduction and avoidance, and this requires continual opportunity analysis. I envision this starting with modern spend analysis, but it needs to go beyond true spend analysis to continual innovation, since the greatest cost reductions will come from true revolutions, and not just the shrewd identification of category-based overspending. I envision that this will start with the integration of PLM with Life Cycle Analysis and Next Generation Analytics and then morph into something that none of us can envision today.

Now, I realize that these are pretty much the same problems we have been facing for the last five to ten years, but I suspect that it will be quite a while before they are solved due to the overwhelming complexity of today’s supply chains.

When the series is done, I’ll compile the “master list” of challenges and, if any of my fellow bloggers can convince me there are bigger challenges out there, revise my list.

Equipment Breakdown Risk Management

At risk of sounding like a broken record (or a scratched CD, for you young twitterers), your supply chain is fraught with risk! However, the more risks you’re aware of, the more risks you can mitigate, especially if someone gives you some tips on how to identify and mitigate those risks. That’s why I enjoyed a recent article in Industry Week by Anthony J. Trivella of The Hartford Steam Boiler Inspection and Insurance Company on “Mitigating Equipment Breakdown Risks”.

In his article, Anthony notes that the most vulnerable part of many businesses is the equipment that keeps them up and running — and if the equipment, or the underlying infrastructure that supports it, breaks down, commerce usually comes to a stop and profits vanish as customers go elsewhere for their products and services. Furthermore, risks are being exacerbated as four trends are converging to drive risk to higher levels than ever before: infrastructure is aging; demand for equipment is increasing globally; energy demands, and costs, are rising rapidly; and technology is proliferating faster than Fibonacci’s rabbits.

The Aging Infrastructure and the Data Explosion

The U.S. infrastructure, and the power grid in particular, is being strained by the proliferation of power-hungry technology. (Data centers are now sucking up close to 20% of all energy produced in the US! [IT: The Biggest Threat to Our Energy Future]) Much of the current system was developed over half-a-century ago, and was not designed for today’s energy needs. In addition, many equipment owners neglect to install adequate surge protection, and place their business activities at increased, unnecessary, risk.

The Global Battleground for New Equipment

As the GDP of developing nations that we have been outsourcing to for most of the decade continues to grow, so do their middle class – who now want what Americans want. China and India account for 40% of the global population, and by some estimates, their middle class is now larger than the US population. However, worldwide production hasn’t increased at the same pace, so in addition to a fight for easily made DVD players, there’s also a fight for the modern equipment needed to build skyscrapers, road, bridges, and power grids.

Rising Energy Demands and Costs

Peak demand for electricity in the US is expected to increase by 18% in the next 10 years while committed power generation is projected to rise a mere 8.4%. Considering the total annual energy demand of the US, that’s a huge differential. Can you say “rolling blackouts”? I hope so, because that’s looking more and more likely every year! (So, start greening your roofs, using geothermal to cool your buildings, installing those solar panels and wind mills, and watching that fuel cell technology … because, if uninterrupted power is critical to your business, generating your own power is the only way you’re going to insure you have power when you need it.)

Technology Proliferation

Just look at your average worker who needs a utility belt to hold all of his iPhones, iPods, iFaxes, iBooks, etc. etc. etc. and you can see that we have become slaves to technology. (It’s a damn good thing we’re still not close to achieving artificial intelligence!) How many computer systems do you have? Really? Better count again … between desktops, laptops, servers, backup-servers, backup machines, machines in repair, etc. – I bet you have three times as many machines as you think you have. (And yes, that’s one of the reasons your energy bill is going through the roof!) Then there are all of the different enterprise software systems that you use to manage your business. And your mobile devices. Point of Sale devices. etc. etc. etc.

This widespread use of electrical and electronic equipment, which is highly vulnerable to power surges and other disturbances, is creating equipment and business risks for commercial operations whose owners may not understand their exposures. Moreover, technology is advancing so rapidly that much of it becomes obsolete quickly, making it difficult to repair or find replacement parts. In many cases, if key components are unavailable, it must be completely replaced.

Unprecedented Risks Require Unprecedented Mitigations

Equipment owners need to assess their risk exposure, improve maintenance and operation procedures accordingly, develop contingency plans, and insure they have appropriate insurance protection. Some specific things that can be done include:

  • the life-span of large transformers can be maximized via dissolved gas analysis and other tests that can identify defects and necessary repairs before the transformer breaks down
  • key data systems and servers can be backed up by redundant surge-protected uninterruptable power supplies
  • on-site power generation systems can be installed to not only provide emergency backup, but reduce the amount of power the business needs to draw from the grid at peak times

(Supply Chain) Risk is on the Rise … But You Can Do Something About It

A couple of months ago Marsh released a research report on “Stemming the Rising Tide of Supply Chain Risks: How Risk Managers’ Roles and Responsibilities are Changing”. Although it started off by telling us what we already know, that risk has risen substantially in global supply chains over the last three years, it served to quantify the extreme degree to which risk has risen, with 73% of companies experiencing an increased supply chain risk level and 71% of companies experiencing an increased financial impact from supply chain disruptions (based on a survey of 110 risk management professionals in January and February of 2008).

Furthermore, even though 35% reported that supply chain risk management was moderately effective at their company, not a single respondent said that their risk management practices were highly effective. And 24% said that they still have no formal process to address risk! Considering that a single supply chain disaster could force a company to file for bankruptcy (or at least bankruptcy protection) in today’s market, this is not a good situation!

In addition, the study did a good job of pointing out that natural disasters are not your biggest risk factors. According to the study, the four biggest risk factors were pricing risks, supplier (& supplier delay) risks, risks within your own plants, warehouses, and stores (which, I’d like to remind you, includes fraud risks), and logistics disruptions. Natural disasters are always a threat, but they’re relatively rare, whereas all of the other types of risk are constant.

But there are things you can do. You can:

  • take a strategic role in mobilizing the company against risks,
  • work with risk managers to ensure risk processes are designed cross-functionality and end-to-end (like good end-to-end e-Procurement), and
  • innovate.

And since innovators tend to be top performers, it’s always a great strategy. For more strategies for success, as well as steps you can take to become a top performer, I recommend checking out the full report (registration required). It’s definitely worth a read.

And for more information on risk management, be sure to check out the other posts on the topic here on the Sourcing Innovation blog, over on e-Sourcing Forum, and the wiki-paper on the e-Sourcing Wiki.

Stop Fraud Before It Stops You!

Hopefully after Tuesday’s post that asked does trouble-free mean fraud-free you realize that it doesn’t and that if you’re not watching, there’s a very good chance that fraud is occurring somewhere in your supply chain. It might not be in your four walls, but it still affects you – because every dollar lost by your supplier, or your supplier’s supplier, results in increased costs to you. However, knowing that, more often than not, a deep dive into a large corporation’s spend data by an expert will, at the very least, result in the identification of spend that violates policy, if not spend that is outright fraudulent, and knowing the statistics on just how many products have hit North America in recent years that violate safety requirements and pose serious health hazards, I’d be willing to bet that if you’re international, and you’re a mid-size business or larger, there’s fraud somewhere in your supply chain. Relatively speaking, it might not be on the scale where entire truckloads of product go missing or where fraudulent employees are siphoning millions of dollars out of your operations, but even minor frauds that result in a loss of only a few thousand dollars will add up.

So what can you do? How can you stop something you don’t know about – especially when you can’t monitor everyone in your supply chain every minute of every hour of every day? When you can’t afford to secure everything? When fraud is only one risk that you have to deal with on a daily basis?

The answer is simple – visibility and oversight. If you monitor your supply chain, it’s going to be a lot harder for fraud to occur without you knowing about it. And if you implement mechanisms that insure that the actions of each individual with authority are monitored and reviewed, they’ll know that if they commit fraud, they’ll likely be caught, the risk will outweigh the reward, and they’ll take their illicit schemes elsewhere. (Unless they’re really dumb, in which case you’ll catch them.)

So how do you get that visibility? The first step is to map out your supply chain. Steven Belli provided a good description of this process over on The Strategic Sourceror in his recent post that asked how much are you betting and what are the chances of losing. Once you have the map, the next step is to identify potential areas where fraud may be occurring. Start by identifying areas where:

  • there are pain points such as quality issues, frequent re-orders, serious delays, etc.
  • your proprietary technologies or expensive fixed assets are used
  • tasks that should probably be separate overlap
    such as the same individual or team being responsible for vendor selection and quality control

Then, and this is the key step, perform a supply chain audit. This starts by identifying what should be happening at each stage of the supply chain, how tasks should be separated, how much responsibility is required for each task, and who has ultimate responsibility for each task and hand-off. Then, audit your people, information, technology, and, most importantly, processes. Make sure that your people don’t have more authority or access to your systems or bank accounts than they need. Make sure your information is complete and accurate. Make sure your technology is doing what you need it to do. And make sure you have processes that are appropriate. They should insure visibility and accountability. If your processes don’t, then that’s fraud just waiting to happen.

If you’re wondering how to start, or wondering where you can get outside help on a fraud audit (and you should bring in an expert, and possibly someone with a Certified Fraud Examiner or equivalent designation, because you’re not likely to catch what you’re already overlooking – and consultants are cheap), one company you can look to is Katzscan and their Supply Chain Fraud services. (And, at the very least, check out the supply chain fraud site. It’s a good resource.)

The Economist and The Fragility of Perfection

It’s nice to see a major publication like the Economist tackle supply chain, even if the picture painted isn’t all that rosy, as in The Fragility of Perfection. The article, which starts off “ONLY Connect”, the words of the novelist E.M. Forster that tidily sums up globalization today, notes that an international company may buy its software from California, send its data to India, purchase its electronic equipment from China and staff its canteen with workers from eastern Europe. And that this specialization is all fine and dandy, but it depends on one critical factor: the reliability of supply.

This dependence on supply reliability is a vulnerability of the global industrial system, but how bad is it? And more importantly, how bad does it have to be? The article quotes David Bowers of Absolute Strategy Research who draws an analogy between today’s supply chains and the recent boom in structure finance which saw banks distribute risk to specialist vehicles like conduits. These banks worried less about the creditworthiness of borrowers, but the risks ended up back on the banks’ balance sheets when the sub-prime crisis broke. Mr. Bowers believes that just as the banks mispriced credit risk, so companies have misjudged strategic risk. And I have to agree. Way too many companies are single sourcing or running their global supply chains too lean when there are dozens of things that can go wrong. (Why? Some companies don’t understand the risk, and some don’t know how to make good sourcing decisions when multiple companies are involved. But there’s no excuse for either, especially when there are good strategic sourcing decision optimization tools on the market to help a company, by way of constraints, mitigate risks AND save money.)

However, what I really liked about the article is Mr. Bowers’ belief that loose monetary policy in America is leading, via the currency markets, to inflation in developing countries. This, in turn, undermines the cost advantages of outsourcing, as the prices of raw materials and labor rise. I’m sure my fellow blogger over at Spend Matters would agree that poor monetary policies, like free trade restrictions, will only hurt the economy.

Furthermore, disruption to the supply chain is a huge strategic risk. Supply chain disasters have bankrupted companies in the past. Remember Aris Isotoner, Webvan, or Foxmeyer? No? Well, they were destroyed by supply chain fiascos. Although just-in-time inventory levels create savings opportunities, they also cause huge losses when suppliers do not deliver in time. The reality is that the more independence there is in the system, the wider the effects of disruption in any one part of it will be felt. A disruption anywhere in the world could prove catastrophic in dozens of countries simultaneously, as the recent earthquake in China might just do if certain factories stay offline for too long. And the resulting losses could be far greater than the fallout of the recent subprime-mortgage crisis.