Expecting the Unexpected
Achilles is a Business Reporter client.
How data helps organizations build resilient and sustainable supply chains and manage unexpected risks.
Over the past two years, businesses of all kinds have experienced major disruptions to their supply chains: the Suez Canal blockage, the war in Ukraine, the pandemic, Hurricane Ida and a shortage of truck drivers, among other factors. And these disruptions seem to be continuous and unremitting.
All organizations are dependent on third parties to supply them with goods and services. When supplies are uncertain, this dependency on suppliers is a significant risk to operations and profitability.
Using the wrong suppliers can lead to reputational risks, such as accusations of benefiting from modern slavery. Operational risks include privacy failures when suppliers are used by hackers to steal customer data. And there are financial risks, such as the $200 billion revenue loss experienced by the car industry in 2021 because of the shortage of computer chips.
Supply chain risk is damaging, and it is also very complex. A single finished product can involve dozens or even hundreds of suppliers, and most organizations have multiple supply chains, which can make managing their risk very challenging. Identifying and mitigating even the main risks in the most critical supply chains requires considerable time and effort. But, above all, managing supply chain risk requires data.
Managing known risks
Doing business involves taking risks, and these risks are often well known, such as production bottlenecks or supplier bankruptcy. Many of these “resting” risks can be reduced by choosing the right suppliers.
For that to happen, organizations need sufficient data about potential suppliers so that they can understand the risks. Almost all these risks are related in some way to the environmental, social and governance (ESG) criteria that are increasingly important to business globally. Data regarding ESG risks is therefore particularly important.
ESG is about more than just sustainability, and it has a real impact on the operational and financial agility and resilience of organizations. There are five main pillars to consider:
- Environmental: Impacts of a business and its suppliers on green issues, including pollution, climate change and resource use.
- Social: Effects on wider society, such as human rights (including trafficking and slavery) and justice (including bribery and corruption).
- Health and safety: Effects on the physical, mental and financial well-being of employees and operational partners such as contractors.
- Governance: Degree to which compliance with standards and regulations is ensured, strong management systems are in place and an ethical approach to business is followed.
- Financial: Overall financial security of a business and its impact on the way ESG considerations are handled.
Suppliers and potential suppliers need to be evaluated against all these important areas to provide accurate and comprehensive insights into the risks that each supplier poses.
For example, the importance of having the right ESG data was shown when supply chain risk management specialist Achilles helped a leading renewable energy company vet and avoid working with a high-risk supplier. Through a comprehensive and validated data-collection process, Achilles identified that the work injury rate at this supplier was 25 times higher than the industry average. An on-site accident is a considerable operational and financial risk.
Achilles also found that many of the company’s existing suppliers had no policies aimed at preventing modern slavery. This represented a high compliance risk to the energy company, as it would to any organization based in, for example, the UK, Germany or Norway, where legislation requires due diligence related to the eradication of modern slavery in supply chains.
It is possible to considerably reduce resting risk by collecting and analyzing data about companies in the supply chain. However, risk reduction can only go so far because you don’t always know what the risks are. So, as well as needing processes to manage known supply chain risks, there is also a need for processes to react to unexpected risks.
Managing unexpected risks
With the right preparation, managing even unexpected risks becomes possible. Managing these “reactive” risks requires an organization to identify its most important processes and strengthen them.
For example, in any business-critical process, key suppliers should be identified and alternatives found. Negotiations can then take place that put the client organization in a stronger position if it has to shift to the alternative supplier, and outcomes might include retainers or secondary supply contracts with options to increase quantities on short notice. An alternative option might be to simplify or shorten the supply chain, perhaps by onshoring some elements and combining others.
Both options may increase costs. But, like insurance, they are also ways of reducing risk. The amount of risk (and cost) you are prepared to endure is a business decision rather than a purely financial one.
A key consideration here is that organizations must manage reactive risk before they need to react, prior to the point of disruption; once the disruption has taken place, it’s far harder to do anything about it. For instance, finding and negotiating a new source of an important raw material takes time. You need to act preemptively to be enabled to buy a disrupted raw material at a reasonable price when all your competitors are trying to do the same.
Data-driven risk management
To manage both resting risk and reactive risk, it’s crucial to have the right data. While organizations typically collect lots of data about their suppliers, this data isn’t always the right kind or in the right format to facilitate risk management.
For example, many different teams in a procurement process may ask a supplier for the same information about quality management. This isn’t just frustrating for the supplier; it can lead to data being submitted in different formats that can be hard to harmonize and analyze. Two teams asking, “What is your quality management process?” might come up with very different descriptions containing a good deal of irrelevant information.
It’s preferable to use simpler, closed and semi-closed questions such as, “Do you have a quality management process?” and, “Is your quality management process compliant with a standard, and if so which one?” Answers to such questions are easier to validate and analyze.
Data-driven risk management requires trustworthy data that is capable of being compared, quantified and collected in a consistent and timely manner. Once you have that data, you can use it to inform supply chain decisions that reduce risk, and plan for potential issues to minimize their possible impact.
Building a holistic mindset
Business leaders must take a holistic view of their business that includes the supply chain. Procurement is closely linked with strategic issues such as compliance and the ability to attract investment and talent. Because of this, the supply chain is as much a C-suite issue as the financial success of the business. This requires leaders to have access to the right data to manage supply chain risk.
Business leaders must also ensure that procurement professionals have access to the data they need to identify supply chain risks. Seeking out and analyzing relevant data from across the business—HR, IT, marketing, operations—is essential for procurement teams to do their jobs effectively.
Achilles works with organizations and their suppliers to reduce supply chain risk. The Achilles Supply Chain Resilience Index measures underlying supply chain risks and provides insight into trends impacting supply chains globally.
This article originally appeared in Business Reporter.
Image: iStock id1325334284
