Organizations today, regardless of type, are complex adaptive systems: “a system in which a perfect understanding of the individual parts does not automatically convey a perfect understanding of the whole system’s behavior.”
They depend on entities other than themselves. Who the organization buys from can have important implications for its success.
Purchase from the wrong supplier or have hidden reliance on a chain of sub-contractors who fail to deliver and there can be cascading, supply-chain disruptive consequences for the buyer’s ability to deliver value.
The best way to assess supplier risk is direct visibility into who they are and what they are doing. The sourcing process kicks off this supplier risk management, by vetting vendors and only letting ones through who pass tests related to quality and sustainability.
As this article from Spend Matters puts it, “Supply risk management is essentially about protecting supply performance outcomes. Depending on what’s most important, that will drive what risk types and mitigation approaches to consider.”
PwC has a good catalog of supplier risks. At a high level, these include reputational risk, resilience risk, information security and privacy risk, regulatory risk, and commercial risk.
Would you want to buy a fleet of electric cars from a company that was financially distressed? What does that mean for ongoing service if the company is sold or liquidated? What if the car company was skimping on the quality of parts it purchased from its supplier base to save money? Or, purchasing parts from a company overseas that used child labor? If the car company is collecting information digitally about where your employees use the cars, what happens if the vendor has a security breach? If the car company gets sanctioned by a regulatory agency for one thing, how do you know that they aren’t breaking the rules elsewhere? Do you have any kind of visibility into whether they are current with their sub-contractors financially? Or, are they themselves vulnerable to supply chain disruption?
Before buyers put together an RFP, they conduct market research. But, much of that market research is either indirect or lacking in independence. Indirect market research typically involves paying for third-party assessments of the target sector. Direct market research usually starts (and often ends) with asking suppliers for their self-serving marketing information, sometimes in the form of Requests for Information.
According to the BCI Supply Chain Resilience Report 2016, 66% of respondent companies “do not have full visibility of supply chains” while 70% “experienced at least 1 supply chain disruption.” Consequences of disruption include “loss of productivity … increased cost of working … damage to brand reputation or image … customer complaints received … service outcome impaired … loss of revenue.”
Whether they realize it or not, buyers are self-insuring themselves against supplier risk and their underwriting practices leave something to be desired.
To truly understand supplier risk, on an ongoing basis, but certainly at the inception of the relationship, buyers need to have independent information about supplier performance and supplier risk, combined with visibility into the vendor’s own supply chain.
At EdgeworthBox, our network-based sourcing™ model gives buyers additional tools to understand supplier risk: data, connections, and a platform for visibility. Data, in the form of live and historical RFPs and contracts information, enables buyers to see who other buyers have selected. Connections, through our social networking, means that purchasing officers from one organization can speak with buyers in other organizations who have experience of individual suppliers to get unbrokered references. The supplier may not know of these conversations. Finally, to the extent that buyers can encourage their suppliers to use EdgeworthBox transparently to show their own sourcing with sub-contractors, buyers can obtain visibility for themselves into their supply chains. Let’s talk about how we can help you.