Supplier risk management (SRM) is an evolving discipline in operations management for manufacturers, retailers, financial services companies and government agencies where the organization is highly dependent on suppliers to achieve business objectives.
The complexity and globally outsourced nature of today’s supply chains combined with the practice of optimization techniques such as lean and just-in-time manufacturing in order to improve efficiency has increased supply chain vulnerabilities to even minor supply disruptions. While these models have allowed companies to reduce overall costs and expand quickly into new markets, they also expose the company to the risk of a supplier suddenly going bankrupt, closing operations, data breach or being acquired. Among the several types of supply disruptions, most severe are those that have a relatively low probability of occurrence with a very high severity of impact when they do occur. While such risks cannot be eliminated, however, its severity can be reduced.
To overcome these challenges, companies mitigate supply chain interruptions and reduce risk with strategies and tactics that address supplier-centric risk at multiple stages in the relationship:
- On boarding: Bringing suppliers into the operation with registration that includes:
- A centralized supplier registration portal
- Integration of third party performance, financial data and predictive indicators into the supplier profile
- Monitoring for stability beyond financial data, including:
- Criminal and terrorists (i.e. Office of Foreign Assets Control) ties and operational performance
- Visibility into potential disruptions caused by geopolitical threats, acts of nature, etc.
- Cultivating strategic supplier relationships for the long-term:
- Leverage supplier scorecards for continuous improvement
- Establish and use benchmarks for measuring supplier performance
- Creating a system for collaboration and supplier development
- Establish control across the extended enterprise:
- Create integrated supplier networks
- Extend performance management benchmarks to second and third tier suppliers
Supplier risk in recession and recovery
In 2008-2009, manufacturers experienced the startling speed at which suppliers can move from stability to shutting down operations. The devastating impact of a crucial supplier failure has moved risk management from add-on service to mission-critical. With a new focus on risk management, manufacturers have seen value whether the economy is stagnant or thriving.
With a transparent, accessible and comprehensive set of supplier information, manufacturers have been able to monitor suppliers for behavioral changes which contribute to overall stability, including:
- Changes in the supplier’s management team
- EPA violations
- OSHA incidents
- Quality issues
- Noticeable lags in response time to inquiries
- OFAC violations
Changes in any of these conditions can be defined as parameters for raising an alert. For example, a financially stable supplier may in fact be about to lose it CEO to retirement – which may cause issues within the management team. Early visibility into that change gives the manufacturer time to ensure it doesn’t negatively affect customers.
Based on the criticality of the supplier and the nature of the alert received, the manufacturer can then choose to take necessary action, such as calling or visiting the supplier, increasing monitoring, or moving towards terminating the relationship with the supplier and finding a replacement.
Reducing supplier risk can:
- Give insight to manufacturers to create defensive and offensive strategies that turn risk into a competitive advantage.
- Help determine whether or not it is beneficial for a company to conduct a customer intervention and know in advance what the potential outcomes might be for an intervention.
- Improve competitive position in the market.
- Lower supplier costs.
- Position manufacturers to better address customer needs by addressing supplier vulnerabilities before they become apparent.
- Prevent loss of customer’s trust due to data exposure or systems being hacked.
- ^“Third Party Vendors Could Be Your Greatest Cyber Risk – Preparis”. www.preparis.com. Retrieved 2017-07-31.
- Understanding Risk: Avoiding Supply Chain Disruption, IndustryWeek, May 11, 2009