Category Archives: Supply Chain

Source-to-Pay+ Part 4A: Third Party Risk, Part 1

In Part 1 we noted that Risk Management went much beyond Supplier Risk, and the primitive Supplier “Risk” Management application (that we prefer to call Supplier “Uncertainty” Management) that is bundled in many S2P suites. Then, in Part 2, we noted that there are risks in every supply chain entity; with the people and materials used; and with the locales they operate in. Then, in Part 3, we discussed inwardly focussed Corporate Risk Management, which some companies offer partial solutions to in the form of GRC (Governance, Risk, and Compliance) solutions.

Today we are going to talk about some of the third party risks and outline the function specific baseline capabilities that such a solution should possess. Before we get started on the risks, we should note that a third party risk management (TPRM) can also be used for Supplier Management as a supplier, in addition to being a second party, could also be one of the many “third parties” an organization has to worry about if it is a sub-tier provider contracted by another primary, first-tier, supplier of the organization and a good TPRM solution will contain all of the functionality in an average Supplier Risk/Uncertainty Management module in a Source-to-Pay solution and much, much more.

We’ll continue in yesterday’s format, outlining some of the key capabilities and what that may mean solution-wise. There are quite a few key capabilities. So many, in fact, that, as you may we’re actually breaking this article up into 2 parts.

Capability Description
Customizable Assessments No matter how many capabilities come out of the box, every organization is going to need to do a customized assessment of a third party at some point. Thus, any TPRM system must support the creation of customized assessments with arbitrary questions, multiple forms of answers (multi-select, numeric, free-form, etc.), customizable weighting systems (that also support group-based weightings using averages, medium, or weightings based on role) and customizable reporting on the results.

In addition, the system should come with a slew of starting, customizable assessments out-of-the-box on every area covered in the application, whether or not there are third party data feeds and assessments that can be sucked into the application for use by the client. (This is because most third party feeds and assessments come with a cost, which may not be worth it to the organization if that aspect is only relevant to a few suppliers or doesn’t cover all of the aspects an organization needs.)
Reputation/Brand As we noted in our last article, a significant risk to the company is its reputation/brand, and that includes reputation/brand risks that come from being associated with third parties with reputation/brand risks. As a result, an organization needs to keep on top of the reputation/brand of its suppliers and partners.

Thus, it needs a platform that can monitor news sources and social media and look for stories about all of its suppliers and partners that could blow up, sentiment that could propagate, and events that could cause repercussions through the supply chain.
Regulatory Compliance Organizations need to be compliant with regulations in every geography in which the organization does business, which means that it needs its core suppliers and key partners to also be compliant with those regulations. As a result, it needs to monitor all of its suppliers and their suppliers/partners for compliance with the regulations that are relevant to those suppliers/partners.

This may mean tracking certifications, tracking raw material inputs, tracking human resources assigned to projects, tracking carbon/GHG reports from the third party, and other key pieces of information. It may mean asking suppliers for additional (self) assessments, getting (temporary) access to third party data feeds, and having third party do compliance audits for you.
Ownership/Financials Just like your company cannot be associated with sanctioned entities, you need to be careful not to do business with suppliers who are (partially) owned or controlled by sanctioned entities as well or who are doing business with sanctioned entities to support your organization. In addition, you don’t want to be doing business with suppliers or third parties who are financially unstable, as their bankruptcy could negatively impact your business.

Thus, this system must tie into all sanctioned and denied party lists of every country it operates in, cross-reference the ownership and partners of all suppliers/third parties the company does business with against the sanction list, and monitor ownership changes as they occur. In addition, it should tie into systems that monitor financials of public companies as well as systems that judge the financial stability of private companies.
Human/Labour Rights Legislation has been introduced and/or is being considered in many jurisdictions around the world that make your organization responsible for any abuses of human or labour rights in the supply chain. It’s important to have systems that can monitor for human/labour rights in the supply chain, even if this is only through integrations with third parties that do (independent) on-site assessments.

This should also make use of the brand/reputation monitoring module that monitors news sources, events, and related data feeds to scan for anything that could indicate a human/labour rights violation.

Come back tomorrow for Part 4B as we continue our discussion of Third Party Risk.

Source-to-Pay+ Part 1: The Beginning.

Once upon a time
not so long ago …

SI ran The 39 Steps … err … The 39 Clues … err … The 39 Part Series to Help You Figure Out Where to Start with Source-to-Pay and helped you understand what each of the six core technologies in Source-to-Pay do, how to evaluate them, and the order of implementation necessary to maximize short-term results (which is the only thing the CFO cutting the check for the systems cares about). Not that it should be hard, given that, as the doctor explained, if your organization is a mid market, the answer to Per Year, How Much Should You Outlay for Source to Pay? 120K! (because Yes Mid-Markets, 120K is More Than Enough for Source-to-Pay!). That’s cheap, and if you can’t get a 10X ROI on that, the doctor would be surprised. (Yes, you’ll need some integrations and some services, and that will double or triple the price and you may only see a 5X or 7X ROI, but still.)

But the reality is, especially in today’s turbulent times (where me and my wine is not enough), even full Source-to-Pay is not enough. Risks abound, and even if your Supplier Management Platform has an Uncertainty (Risk) module, there’s more than supplier risk to worry about. There’s third party, supply chain, logistics, geographic, natural disaster, and many other risks that Supplier Risk Management, which we prefer to call Supplier Uncertainty Management (due to the lack of depth, action management, support for mitigation planning, etc. we prefer NOT to call these Risk modules), applications in Source-to-Pay typically don’t address.

Then we have Corporate Social Responsibility (CSR), Environmental & Social Governance (ESG), and Carbon / Scope 1,2,3. Today, a non-responsible company that buys from suppliers who are particularly environmentally unfriendly, don’t treat their workers well, or, even worse, use forced or slave labour is the one that gets the consumer backlash, and possibly the civil AND criminal liability (with certain jurisdictions introducing laws making the last company down the chain responsible). A company that just hoards profit and doesn’t make an effort to give back is frowned upon. And a company that stays on dirty power when there is an alternative, wastefully uses fresh water, or unnecessarily consumes non-recyclable resources in its day to day operations is just being dumb. Moreover, when you consider that Carbon Tracking is Important — But a Calculator or a Credit is Not A Solution! but What You’re Really Concerned About is YOUR e-Liability, that it’s not just about tracking, but reducing where possible, and that there are real baselines given that it’s impossible to mine, process, produce, ship, or consume without emitting carbon, it’s not easy to figure out what you need.

When you are buying direct, you have to consider the supply chain as well as the implications of a change in the supply base. The ink on the contract is when the fun truly begins. The product has to arrive on time, on budget, damage free, at the right location. This requires logistics coordination, and if the contract will change the supply base configuration, this is something that should be considered up front. So logistics/network analysis is creeping into Sourcing.

Then there is the issue of T&E — what happens when it’s put on the card, because its too small to bother with a Procurement effort (it never is, although it’s not always worth the time of a Procurement Pro, and that’s why you need an appropriate T&E/Tail Spend system to make sure the end buyer gets it right) or someone is trying to bury something that they know is not truly needed, off contract, or shouldn’t be expensed.

Plus, at the end of the day, you have to pay … and most Source-to-Pay end at the OK-to-Pay. What do you do when it’s time to pay?

And so it goes.

As such, it’s time to start another multi-part series to help you, dear reader, understand the extended Procurement landscape and what you should be looking for in such systems. We’re not going to attempt to tell you what to implement first, as that will depend upon what your biggest need is, which will usually depend on what the biggest risks are to the organization at the current time — unidentified spend, risk of supply, breaks in the supply network, forthcoming legislation, global payments, and so on. We’re just going to take an area and explore it, for as many articles as it takes. More to come. Much More.

Don’t Overlook the Network (that Corresponds to the Award)

According to a recent Forbes article on Supply Chain Software’s Best Return on Investment, per $1 Billion in company revenues, no supply chain application has a better return on investment (ROI) than network design! And the doctor couldn’t agree more.

Just like strategic sourcing decision optimization is the best bang for the buck in Source to Pay, with documented, average returns of up to 12% year-over-year (by multiple analyst firms) as it can minimize total landed cost, and even total cost of ownership in some cases (including internal inventory costs, waste costs, etc.) and not just bids, while ensuring all business constraints are adhered to, an optimization-backed network design application can help minimize overall organizational supply chain costs. This is because a supply chain network optimization platform can minimize transportation costs, intermediate warehousing costs, tariffs, waste, emergency replenishment in the case of an unexpected stock-out, carbon/GHG, etc.

Plus, as the article notes:

  • network design solutions are absolutely necessary to uncover business value when the production-distribution infrastructure is large (and not just because you just can’t model that infrastructure in a spreadsheet)
  • network design solutions can look at Total Cost to Serve (TCTS) across a wide-range of fixed and marginal costs (and identify unintended circumstances of network design changes that could cause marginal costs to skyrocket)
  • network solutions can allow for multiple scenarios to be defined and multiple models to be run and cross-model and cross-scenario Pareto analysis to be run, trade-offs to be analyzed, and the best decisions to be made

One point that should not be overlooked is that projects will take some time, and it’s not because of the complexity of the network modelling or the time it takes to run the scenarios (as modern computing architectures are super powerful and modern algorithms highly optimized to be efficient and take advantage of massively parallel processing), it’s because you need a lot of good, clean, data. It can take months (and months) just to identify, collect, clean, and enrich the data required for global supply network optimization. But once you do that, the ROI will be beyond the expectations you have for every other supply chain solution.

The article, which describes a project to redesign the spare parts supply chain for a global automotive manufacturer, resulted in a redesign that immediately reduced network costs by 4% and identified transportation cost reduction opportunities through consolidation and re-allocating of routes to a smaller set of 3PLs that will save another 2.5% at contract renewal time. In today’s climate, especially in direct supply chains, a savings of 6%+ across the entire supply chain, and not just one category, is phenomenal!

Plus, as the article notes, in the age of sustainability, reduced transportation mileage and fuller trucks also equate to significant reductions in carbon emissions. WHAT A BONUS!

Will a Circular Economy Work with Leakage?

Sustainability is one of the big buzzwords, and the biggest verbal pushes, in today’s Procurement. (In practicality, most organizations won’t put their money where their mouth is and if the more sustainable solution is more than a point or two more cost-wise, environmentally damaging sweat-shop production, here we come!) We need to get there, because only an idiot would deny global warming (the last 13 years have seen 10 of the hottest year on record), and no one can deny the correlation between carbon emission, atmospheric carbon increase, and global warming. (You can argue just how much is due to carbon emission and how much due to other factors, many of which are indirectly caused by warming, but not that carbon is a problem.) Thus, even though we don’t know how much carbon reduction will help, we know it will, so we need to get there.

One big way to reduce carbon is to reduce production, which can done by reducing waste, which can be done through more refurbishment, repair, re-use, recycling, and reclamation — which are all part of the circular economy. Which is where we really need to get to (because waste is a problem — in addition to overflowing landfills that can pollute nearby water suppliers and make nearby land unfarmable, and even uninhabitable, think of the great pacific garbage patch and the containers of e-waste being sent to India, which has been a problem for well over a decade, see this 2010 article on the Times of India, and you start to get a grip on the magnitude of the problem).

But how efficient does the circular economy have to be to be effective? Theoretically, anything more that we do is one step better than what we are doing today, but, given that most products weren’t designed for recycle and reclamation, technologies for recycling and reclamation are immature and possibly carbon/generating themselves (especially if the answer is extract what we can, bury or burn the rest), and that there are breaks in the chain, is this leading to new waste that could possibly offset (or exceed) the expected (carbon) savings?

It’s a question Karolina Safarzynska, Lorenzo Di Domenico, and Marco Raberto recently tackled in an open-access paper on how the leakage effect may undermine the circular economy efforts available on nature.com. In the paper, the authors examine the impact of the circular economy on global resource extraction by way of an input-output analysis using an agent-based model of the capital sector. Through a detailed analysis they find that an appropriately structured circular economy economy can significantly reduce the extraction of iron, aluminum, and nonferrous metals if
implemented globally but the leakage effect may also cause some metal-intensive industries to relocate outside the EU, offsetting the circular economy efforts because an overlooked requirement for the circular economy is not just a reduction of waste, but a reduction of transport as transportation (air, rail, truck, and ship) contributes a significant amount of global carbon. In fact, if you go to Our World in Data, in the United States, the transportation sector accounts, like the energy (electricity and heat) sector, for approximately 30% of transportation emissions. The statistics right now are similar for the EU (24% for transportation and 28% for energy). So, if all of a sudden products need to be shipped halfway around the world to be recycled and reclaimed and the core materials shipped back, transportation-based emissions would increase significantly and possibly even overtake the extraction and raw material processing emissions!

In all fairness, we should note that the paper is pretty technical and metric heavy, and this is a bit of a simplification, but it’s the core idea we need to be aware of. It’s not an improvement if the carbon you take out of one segment is exceeded by changes in another. Just like we need to home/near-source for anything we can grow/mine/make at/near home, we also need to home/near reduce/reuse/refurbish/remanufacture/recycle whatever we can. It might be that the rare earths can only be mined in certain areas, but that doesn’t mean they have to be reclaimed and re-used there.

Strengthening Supply Chains is Simple …

It just takes proper people, planning, processes, and platforms. But let’s backtrack.

Forbes recently ran an article on how companies can improve supply chain management to strengthen business operations in 2023 which gave some great advice on various ways a business can improve their supply chain management, which included the following suggestions:

  • align partnerships to prepare for supply chain disruptions,
  • prioritize Learning & Development when it comes to automation in quality-focussed procurement, and
  • look ahead

… and these are really great suggestions, but they skip the starting point — and if an organization does not start off right

  • you’ll never be able to align the wrong partnerships,
  • no Learning & Development program will deliver fast enough if your people don’t have the right educational and experiential background, and
  • looking ahead will be impossible without the right platform.

You see, before you can jump into partnerships and learning and development, you have to go back and make sure you get the basics rights.

  1. Define proper procurement processes, including what will be strategically vs. tactically purchased, this will help you
  2. Hire the right people with the right backgrounds for the categories — not necessarily experienced buyers, but possibly experienced engineers with the insights to know what is needed, what makes a supplier who can meet the needs, when the cost models/quotes are accurate, etc. as it’s often easier to teach an engineer proper purchasing than teach a business grad the basics of electrical engineering
  3. Select the right platforms, which will allow you to qualify and select the right suppliers with whom you can build productive partnerships and
  4. Build the right models, which will allow you to do proper predictive analytics for demand, supply, and related planning

When you get the foundations right, it’s easy to build on those with partnerships and advanced training (to make your good buyers even better), but if you don’t have the foundations right, any attempts to polish partnerships and buildup better buyers will be for naught. (For more on foundations, see past articles on this blog, including The 39 Part Series to Help You Figure Out Where to Start with Source-to-Pay.)