Derisking your supply chain: preventing risks influenced by internal systems

January 2, 2020

It doesn’t take much searching to find the latest story about supply chain risk. It is everywhere. Supply chain risks come in many forms, from natural disasters to hackers, labor strikes and more. Supply chain professionals must always be anticipating and preventing the next million-dollar disruption. Modern supply chain risks come from so many different, diverse angles that it can be tough to know where to begin. To evaluate and come up with a plan to prevent supply chain risks, we’re breaking them down into two different categories—risks that directly relate to internal systems and risks that are subject to external forces. Today, we explore three risks that are influenced by internal systems: cyber risk, financial risk, and human capital risk.

Cyber risk

Cybersecurity Ventures predicted that by 2021, cybercrime would cost the world $6 trillion, which is up from $3 trillion in 2015. $6 trillion dollars would be equivalent to the greatest transfer of economic wealth in history, it threatens the incentives for innovation and investment, and would be more profitable than the global trade of all major illegal drugs combined.

Supply chains have many layers so there are many different levels of the supply chain that need to be protected. Many breaches can come through lower levels of the supply chain like small suppliers, service providers, and even agents. As such, the first step towards preventing cyber risk is to hold your suppliers accountable. This means that from the very beginning of your due diligence process with a new supplier, cybersecurity must be a part of the conversation. Every supplier and company within a supply chain must be held accountable for its cybersecurity methods. It doesn’t matter how big or small the company, if they don't maintain proper cybersecurity protocol then the supply chain is at risk.

Every new supplier contract must have three different aspects of protection, including supplier insurance, limitation of liability and indemnification. It is important to note that indemnities and limitations of liability are often contained in different sections of an agreement or contract, but they should always be reviewed in tandem because they are closely related.

Another important aspect of cybersecurity is ensuring that your security systems are robust and up to date. Procurement and supply chains develop and store large amounts of data to do things like identify cost-saving opportunities through spend analysis. They are also responsible for the storage of financial information, contracts and other transactions that take place in the P2P. To prevent cyberattacks on these systems, it is imperative that they collaborate with their IT departments to monitor systems, maintain internal policies, and make sure all software is updated. Since these departments also interact with many external vendors, the supply chain must work with suppliers to maintain and build a robust cybersecurity plan to strengthen IT infrastructure and cybersecurity resilience.

The bottom line when it comes to security is that no one is immune to cybersecurity threats, from the smallest vendor to large Fortune 500 companies. Everyone must ensure that they are protected legally, employees are trained, and that IT systems are maintained and robust.

Financial risk

Identifying financial issues before they come to the surface naturally is always a challenge. However, a unique challenge for the supply chain is that each supplier presents its own distinctive financial risk. Financial issues like poor credit, limited cash flow, bankruptcy, and credit limits are not always reported to buyers in a timely manner. Therefore, a buyer may not be truly aware of a supplier's financial situation until it’s too late to take action. This is especially true with private companies who are not required to release their financial statements. Even with the best supplier relationships and full-disclosure, financial reports from private companies can be opaque at best. In order to minimize financial risk taken on by each additional supplier, there are certain preventative measures that can be taken.

First and foremost, buyers can prevent a good deal of risk by staying informed and current on business and economic conditions. These are trends that can directly impact both the supply chain and greater business. This includes subscribing to services that can keep buyers and supply chain managers apprised to potential financial issues with suppliers.

Beyond considering the greater economic forces at play, having a clear understanding of your supplier landscape is incredibly important in minimizing risk. This includes identifying sole-source suppliers and staying well-acquainted with their financial condition. To diversify your supplier portfolio and minimize risk, you may consider taking on a secondary supplier for whatever goods or services they provide. Equally important is being aware of any supplier where you are a high-value buyer or make up a significant portion of their business. If someone is fully dependent on your business to maintain profitability, most of the time the risk exceeds the reward. Finally, it’s important that you maintain clear standards on supplier performance. A missed or delayed delivery may be indicative of a larger financial problem. Lastly, encourage your suppliers to report any financial issues that may directly impact you.

Workforce risk

Human capital or workforce is another significant risk to the greater supply chain. Disruptions related to workers can include workplace safety, labor regulations, fluctuations in employment rates and demand, employee turnover, union strikes and more. Workforce risk management is something that should be monitored collaboratively with your human resources and operations departments as workforce issues impact the company at large. However, supply chain executives should be consistent in monitoring their employment projections and any other forces at play that could influence the number of workers available to them.

Changes such as the rise of automation impacts all aspects of the workforce, including a need for more skilled labor. Supply chain managers must pay attention to their employee pipeline to ensure that they don’t end up with a talent shortage on their hands. A growing number of retiring baby boomers and the unemployment rate being at an all-time low are two examples of economic forces impacting the employee pipeline currently.

Another step towards minimizing workforce risk is always being aware of regulations, laws and regulatory changes related to workers. This includes maintaining an updated and relevant employee manual and addressing legal and human capital concerns such as wages and hours, employee job classification, and more.

Workplace safety is another highly regulated area of workforce management but also presents a significant risk to employee retention. Depending on the industry, this may be closely related to union workers. Union management is a large part of maintaining an effective and available workforce. When employing union workers, education and open communication are key. It’s important to pay attention to employee needs and be open to working with any relevant third parties. Ultimately, maintaining a workplace that is safe and has high job satisfaction not only promotes productivity but also minimizes supply chain risk.

Stay tuned for the next portion of our de-risking your supply chain blog, where we will dive into risks such as natural disasters, geopolitical issues, and market forces.

Expert procurement and supply-chain tips sent straight to your inbox.