Category Archives: Supplier Information Management

Risk Management and Suppliers: How Banks can Comply with the OCC’s Guidelines on Third-Party Relationships

Today’s guest post is from Rebecca Lorden, Business Development and Marketing Manager of Source One Management Services, LLC.

In October of 2013, the Office of the Comptroller of the Currency released specific guidelines to banks and federal savings associations that outline how their companies should assess and manage risks associated with third-party relationships. The OCC’s reason behind these guidelines was mainly due to the fact that “the quality of risk management over third-party relationships may not be keeping pace with the level of risk and complexity of these relationships“. (OCC Bulletin 2013-29, October 2013).

It is true that third-parties pose a threat if their own security protocols are not up to par with that of a major financial institution. In fact, in March of 2013, Bank of America became quite aware of this when they announced that a hack into TEKsystems, a third-party security firm they contracted, was the reason their internal emails were released to the public. These emails were no ordinary messages, but documented proof that Bank of America was monitoring hacktivist groups. Furthermore, the hacking group, known as Anonymous, later revealed that data was not retrieved from a traditional, time intensive and difficult hack, but “stored on a misconfigured server and basically open for grabs“. (“Bank Of America Says Data Breach Occurred At Third Party”, Computer World, February 2013). The scandal was not only damaging to Bank of America’s reputation, but also an obvious indication that banks needed to manage supplier risk more effectively.

The OCC’s guidelines outline eight key phases that should be considered when developing risk management processes. These phases include planning, third-party selection, contract negotiations, monitoring, termination, accountability, reporting and reviews. As clear as that might be, banks are still struggling on how to properly implement controls around these factors. That is where supplier relationship management can play a significant role.

Supplier relationship management, otherwise known as SRM, is the actual practice of strategic planning and managing all interactions with third-parties to maximize their value. Many think of SRM as a way to reduce spend. SRM processes can reduce quality issues and delays with suppliers that, in turn, can translate into cost savings. More importantly, however, SRM can function as a main component in reducing a bank’s risk with suppliers. Supply chain experts feel as though SRM offers a “solid framework” that can provide companies with a “formal risk and control process to follow“. (Building The Case For Supplier Relationship Management, May 2014).

For those that already have an SRM program in place, or believe SRM is just a sales tactic for supply chain consultants, now may be the time to reevaluate. First, suppliers can be neglected over the course of their contract. Even if the relationship started off on a good foot, the value from a supplier can diminish pretty quickly, especially if the supplier or the bank is faced with turnover or a redirection in initiatives. SRM dictates a process that continually communicates and supports the relationship, helping build supplier engagement no matter what changes are on the horizon. Secondly, for those non-believers, consider this: if managing suppliers is now a major priority set by the OCC, what better way to adhere to these guidelines than to build a solid foundation on which to base all third-party relationships on?

It certainly seems that these OCC guidelines are a daunting task for banks to tackle. Managing supplier risks and enforcing compliance is not something that can be done overnight. Banks, however, have a secure solution in supplier relationship management. SRM can be the catalyst to successful third-party relationship management, ensuring that the risks are minimized to the best of a bank’s ability.

Thanks, Rebecca.

HICX Solutions Wants To Buy You A Shiny New Pair of Shoes! Part III

In Part II of this series we not only noted that HICX, which stands for Harmonize, Integrate, Control, and eXchange, is a relatively new SIM offering on the market (even though it has been in development since 2004), addresses the classic SIM sweet-spots, but also hits a few new ones. Not only does it include on-boarding and an integrated supplier portal like classic SIM, and more than adequately address Performance and Compliance Management — mainstays of current SIM platforms, but also goes beyond to offer a complete Master Data Management (MDM) solution for your Supply Management operation.

But that isn’t the only trick it offers. As hinted at in Part I, it not only allows a user to define, and redefine, data models as necessary but define, and redefine, workflows as necessary to allow an organization to not only accommodate new product demands but adapt to new technologies and new business requirements as they arise. These new tricks are not to be underestimated. While a number of platforms allow you to extend and augment the data model, most do not allow the data model to be extended after the fact, and those that do require all existing elements to have the new property defined, or at least defaulted (to a default or a value that represents a not-yet-defined value).

In contrast, the HICX platform allows the data model for any element to be updated at any time by any user with authority, and since the HICX platform supports versioning with all data elements of the data model, no existing elements are impacted or need to be updated since the data (element) model is loaded with each data element and each data element is validated against the (element) model it was created with. (Once the data element is loaded, the user can add any additional elements required to update the associated data model, if desired.)

But that’s not the best trick that the HICX platform has to offer. The best trick is that the platform allows the workflow to be updated at any time by any user with the authority to do so, even if the workflow is being used in an initiative currently in progress — such as an on-boarding, compliance, or performance improvement initiative. This is because the platform not only versions data models, but workflows that drive the product and initiatives. If, during an event, the event administrator notices that that the workflow is causing problems for the suppliers and can be simplified, or notices that the information being collected is not what was expected, the administrator can simplify the workflow or add additional, mandatory, data requests. Suppliers who have already started the workflow will be able to finish the current workflow, and can then be sent a request for additional information by the administrator (who can limit the request to suppliers on the older version of the workflow) but suppliers who did not begin the initiative before the update will start on the new workflow.

But the real power of the workflow management capability is the ability to change registration, data collection, and performance measurement workflows (and associated data element models) when suppliers change, products change, and evaluation methods change. Traditional SIM platforms decline in usage because they can’t keep up with changing business requirements and user needs. But with the ability to update workflows to match the business needs at any time, using an integrated visual workflow designer, the HICX platform insures that SIM is always relevant and current. It’s the new trick that most SIM platforms have been missing.

Other tricks include:

  • Dynamic Dashboards

    like any good SIM product, the HICX platform supports user dashboards, but doesn’t stop at one dashboard per user — the user can create as many dashboards as he or she wants and customize them to specific purposes — compliance, performance improvement, on-boarding, insurance, etc.; the tool includes a sophisticated dashboard designer that allows a knowledgeable user to design a dashboard that is actually relevant to the initiative at hand (which can be focussed on non-compliance, non-performance etc. — since we all know that dashboards that report success are dangerous and dysfunctional)

  • Advanced Search

    that allows the user to search for any data element using any fields, and filter using any set of fixed values (lists) and related elements; these searches can be used to define supplier sets for initiatives, using as many dimensions as necessary to get it right

  • User Defined Escalations

    that allow the user to define multiple levels of automated escalation during initiatives, where each escalation can occur at a different interval and be targeted to a different group or individual

These aren’t all the tricks the platform has to offer, but they are most of the tricks of note that serve to distinguish the HICX platform from the other SIM products on the market. If you’re on the market for a SIM solution, you should definitely take a look. The name and website might be a bit non-descriptive, but the tool certainly isn’t.

HICX Solutions Wants To Buy You A Shiny New Pair of Shoes! Part II

In Part I we noted that, despite the fact that SIM (Supplier Information Management) was old news and a mature Supply Management solution offering (as the early leaders in this space were formed as early as 2000), it may still have a few tricks up its sleeves and the acquisition of the right technology platform might just get the acquirer a shiny new pair of shoes that are as coveted as Dorothy’s Ruby Slippers. (Of course, the acquisition of the wrong technology might get the acquirer a pink slip.)

We also noted in Part I that HICX, which stands for Harmonize, Integrate, Control, and eXchange, a relatively new SIM offering on the market (even though it has been in development since 2004), not only addresses the classic SIM sweet-spots, but also hits a few new ones that can bring significant value to your organization if properly implemented and utilized as it brings with it a new bag of tricks. How does it do this?

Let’s start with the five major areas of SIM covered in Part I:

  • Onboarding

    The HICX platform not only allows the entire process to be automated, but allows the workflow to be customized to each supplier according to the supplier type (sub-contractor, one-off vendor, product, service, importer, government agency, etc.), the region the supplier is in, the business unit(s) the supplier deals with, the products or services the supplier offers, the languages the supplier uses, and the data that is required for performance, compliance, or other initiatives that involve the supplier. The customized process insures that the supplier is only asked for data that is needed, and that the supplier can designate the appropriate personnel to provide that data. The portal can be configured to include a significant number of data checks to not only make sure that the data is of the right type (numeric, alpha-numeric, attachment, etc.) but that the data provided makes sense (is in range, is from a pre-defined set of answers, etc.) — which prevents a lot of typos (which can result in bad scorecards and unnecessary alerts in an exception management setup, which the platform also supports). In addition, known supplier data can be pre-populated for review, and can even come from supplier directories (including the D&B directory). It’s very easy for the user doing the onboarding to customize this process as that user can customize the process by simply selecting the supplier type, region, business unit, products, services, languages, etc. of relevance to each supplier and the system does the rest. The user then has the option to add or remove additional requirements for individual suppliers, and override any and all defaults (that they have the authority to override as per the fine-grained permissions and securities models).

  • Master Data Management

    Not only does the MDM solution provide you with numerous “out-of-the-box” data models, standards, and validations that you can customize as needed, but it recognizes that MDM systems have to integrate with downstream ERP/MRP systems, upstream sourcing and procurement systems, and even overarching BI, Spend Analysis, and Reporting systems that cross and connect the streams. (Supply Management streams are not dematerializers — sometimes it is beneficial if the streams cross.) As a result, it has out-of-the-box integrations with a number of upstream, downstream, and mid-stream systems and can push, pull, and sync data as required according to any number of user-defined rules. Plus, it allows certain aspects of master data, including bank master data, to be handled separately (and stored in separate, heavily encrypted, and highly secure data sources).

  • Performance Management

    The performance management component, as expected, allows the user to build scorecards around business goals and use whatever information is required, whether it is supplier provided, internal or third-party and whether it comes from the SIM solution, upstream solutions, downstream solutions, or cross-stream solutions. It also supports a very dynamic and flexible scoring mechanism that can support whatever formulae the user feels is necessary to construct an adequate scorecard.

  • Compliance Management

    The compliance module allows the user to create and manage compliance initiatives across one or more suppliers for one or more projects. This can be as simple as collecting raw material data to insure that the products your suppliers are manufacturing do not contain any restricted substances under RoHS or other directives, or as complex as collecting all data relating to sustainability initiatives to directly and indirectly support your organization-wide Corporate Social Responsibility (CSR) initiative.

  • Integrated Supplier Portal

    As per our coverage of the on-boarding solution, the portal is streamlined so that the supplier is only asked for data that is needed, all aspects of the portal provide the supplier with a consistent experience, and the supplier can designate the appropriate personnel to provide and maintain the data that is needed on a data type, product, or initiative basis.

But this is not all that the HICX solution has to offer. Come back for Part III.

HICX Solutions Wants To Buy You A Shiny New Pair of Shoes! Part I

Last week we asked if SIM was old news or a shiny new pair of shoes. We noted that SIM (Supplier Information Management) was a mature and stable technology with a large number of solution providers not only providing the tools and best practices to manage supplier life-cycles, but to manage risk, compliance, receivables and even spend repositories for spend management. It’s almost a commodity in the Supply Management space, and, thus, an acquisition thereof is not likely to get baby that new pair of shoes anytime soon. Unless, of course, the solution has some new tricks not found in most current solutions.

What tricks? Tricks that provide added value to your organization. What might these tricks look like? As per our last post on the issue, if the SIM product not only allowed a user to define, and redefine, data models as necessary but define, and redefine, workflows as necessary to allow an organization to not only accommodate new product demands but adapt to new technologies and new business requirements as they arise, then this would qualify as new tricks as many classic SIM products have rather fixed data models and inflexible workflows. It’s not the only new trick that would have value, but it is a new trick. And it’s a new trick that HICX Solutions brings to the table with their SIM solution. More on this later.

HICX, which stands for Harmonize, Integrate, Control, and eXchange, is a relatively new SIM offering (even though it has been in development since 2004) that not only addresses the classic SIM sweet-spots, but also hits a few new ones that can bring significant value to your organization if properly implemented and utilized. But let’s back up a bit.

In addition to classic SIM, the HICX SIM platform addresses each of the following areas, which, with the exception of MDM, are all addressed by most current SIM platforms:

  • OnboardingHICX is not the first SIM provider to have a comprehensive on-boarding solution, and won’t be the last, but they are one of the few that recognizes the absolute criticality of a good on-boarding process as effective SIM is 100% dependent on good, complete supplier data — which is dependent on the supplier providing that data to you on a timely basis. This is, of course, dependent on getting the supplier on-board not only with your efforts but the systems you use to collect the data. As a result, effective on-boarding is key.
  • Master Data ManagementWhile many SIM solutions manage data, most can’t serve as your MDM (Master Data Management) repository. However, the HICX solution can. This is important since most Supply Management solutions outside of the ERP space do not have MDM capabilities. But MDM is the key to good supplier and supply management initiatives as every initiative — analysis, modelling, payments, reporting — requires good data. And since the ERP is usually so tightly locked down, and such a mess, you rarely get the good data you need out of it.
  • Performance ManagementThe whole point of collecting good information is to help the organization effectively manage the supply base and improve both organization and supplier performance. As such, this was the first major piece of functionality offered by SIM providers and one of the staples that should be offered by every SIM provider.
  • Compliance ManagementA critical part of performance management is compliance management. It doesn’t matter if your supplier can produce the product 10% cheaper if they do so using a chemical that is banned under RoHS and your product would be confiscated if you tried to import it. Compliance is critical. Compliance with regulations and directives. Compliance with agreed to processes. Compliance with ethics. So you definitely need good compliance management capabilities.
  • Integrated Supplier PortalThe best way to get the data is directly from the supplier, and the supplier is only going to buy-in if the portal is easy to use and integrated. If the supplier has to go to a separate page for each request, with a different login, workflow and UI, the supplier is going to start boycotting your tools and your initiatives faster than the hammer drops.

Moreover, in a few of these areas, and MDM in particular, the HICX solution adds a few tricks of its own. What tricks? Come back for Part II.

Supplier Satisfaction

Originally posted on the Synertrade blog in December, 2017.

Supplier satisfaction is critical to your success. By this we don’t mean your satisfaction with the supplier and its performance, we mean the supplier’s satisfaction with you and your performance.

Why is this so critical? Ultimately, your success depends on your supply chain’s success, and the success of your supplier’s. Think of all the major product and service lines you sell. How many of these could be truly successful without top tier support from a key supplier? The answer is, if you haven’t figured it out already, 0. Even if you are a consulting organization offering pure IP services and delivering only talks, workshops, and paper, you are still depending on one more suppliers to do that. Either couriers to deliver the paper or the internet provider to deliver the email. If they fail, you fail. And if you are delivering products, or product-supported services, you are relying on many more suppliers and sometimes relying on them 100%.

So why do your suppliers have to be satisfied when, theoretically, as a big important buyer you could just give your business to someone else? Because, in reality, you often can’t — at least not quickly. Think about it. Even if there are three other suppliers who can supply that more-or-less commodity item – they need to be qualified and contracted, then they need to produce and ship, and then it needs to hit your store rooms or shelves. Depending on the category, that is weeks to months. If it is a custom manufactured product, it could take weeks to months just for a new supplier to setup and configure a new production line.

Basically, for strategic products and services, which, to be honest, include any products or services that cannot be interchanged with products and services from another on-contract supplier as-is, your organization is ultimately dependent on one or more supplier organizations, and their performance is your performance. And that, in a nutshell, is why you need them to be satisfied.

Quality, on-time delivery, and product/service support are entirely up to your supplier, whose personnel are overworked, whose carriers have limited capacity, and whose attention is being simultaneously requested by all of their customers, including your competitors. If you want to be sure that, when time is crunched, it’s your product shipment that is subjected to the expected (and contracted) quality tests, it’s your product shipped out on time, and your support calls that are answered, you need to be a customer of choice. And the only way to be a customer of choice is to be a customer that the organization is satisfied with. It doesn’t matter how much you spend, it doesn’t matter what language is in the contract, and it doesn’t matter how important your customers are. If the supplier doesn’t like you, you’re not a customer of choice.

This is becoming especially critical now that your chance of not being subject to a supply chain disruption in any given 12 month period is 10% or less, now that news stories about not only lack of quality (testing) but faked quality tests are becoming common, and now that complex products are requiring more support from the supply base.

So how do you satisfy a supplier?

While it’s hard to give a hard and fast rule that will work in all cases, starting with the following three recommendations will go a long way to satisfying your supplier and making you a customer of choice.

1. Pay on Time

And, more importantly, pay on time under reasonable payment terms. Even if the locality will let you get away with 60, or even 90, day payment terms, don’t do it. Just don’t. Chances are your supplier has a worse credit rating than you, has less cash in the bank, and if they have to borrow, has to borrow at a higher rate than you. So pay them in 30 days, or less, every single time. You’ll be pleasantly surprised how far this alone will put you above the average customer.

2. Create 360-degree scorecards, listen to feedback, and implement corrective action plans internally as well.

Think about it. Would you like to be constantly assessed, compared against your peers, and forced to undergo corrective action plans without ever having the opportunity to provide feedback? Would you feel it fair if every time something went wrong, you were always assumed to be the root cause and you had to do all the work? You wouldn’t — and your supplier feels the same way. Make them a part of a complete, open, and transparent process where, if you determine that you are partly to blame for a failure, you force your people to undergo a corrective action process and to create a plan to do better. Even if your organization struggles to improve, this will still earn you a deep respect from the supplier who will, in turn, be willing to give a bit more since you do.

3. Create, and undertake supplier development plans regularly.

Chances are your organization is a more mature organization in Procurement, project planning, lean implementation, six sigma analysis, and so on. And, chances are, your CFO is demanding cost reductions even when raw material prices are going through the roof, currency conversion is not in your favour, and oil, and thus fuel prices, are insane. The only way you are going to get those savings is if the supplier becomes leaner and meaner and reduces production costs. Chances are that your supplier needs help to do that. So, if your organization is the one to help them, they will be forever in your debt — or at least in need of your services, again making you a preferred customer as they will be more than satisfied with your performance as a customer.

The reality is that it’s usually not that hard to keep your suppliers satisfied. It just takes fairness, a bit of effort, and the willingness to work together to make both parties better. So go and satisfy your suppliers. Your customers will thank you for it.