A few years ago, a large organisation was mentioned on television news, being one of the biggest
customers of a cleaning company, accused of underpaying and exploiting its staff. The cleaning company was subsequently investigated for potential violation of the Modern Slavery Act. The organisation wanted to terminate the contract immediately. However, the cleaning contractor has been in this post for seven years, and the transition would take a long time.

Similar to the above scenario, your organisation is susceptible to many supplier risks. Does your organisation have effective supplier risk management?

A survey by Gartner shows that 89% of companies experienced a supplier risk event in the last few
years, yet company awareness and plans to mitigate it lack maturity. The previous three years of the
pandemic revealed that most organisations are still in a reactive mode, lacking expertise, data and tools
for effective supplier risk management.

Many stakeholders point directly to procurement for ownership and call for action. However, many
procurement organisations struggle to implement effective and comprehensive supplier risk
management strategies. Research shows that almost two-thirds of companies do not immediately
become aware of the issue and only react with delay.

So how do you improve your supplier risk management? You may begin with these 3 steps:

1. Assess

Knowing your current situation is the beginning of the journey. Data back a realistic assessment. If you
have no data to use, it indicates that your organisation doesn’t have a high-risk awareness and appetite. When risks are not well-defined, decisions are usually individualised, reactive, ineffective and
misaligned.

An article published by PWC listed a few questions that you may ask to assess your organisation:

• Do you have clear visibility of all stages and suppliers in your supply chain?
• Does management routinely require suppliers to provide details of their own sourcing/outsourcing and offshoring arrangements?
• Do you regularly monitor the operational, ethical and financial risk and performance of your suppliers?
• How are you assured that your supply chain complies with the relevant regulatory and legal requirements?
• Does management take a risk-based approach to assess and manage supply chain risk?
• How are you assured by management that you are operating within your supplier/offshoring/outsourcing risk appetite?
• Are you confident you can respond to any supply chain disruption without unacceptable loss?
• Are you confident that you are not being defrauded by employees and/or suppliers?
• Do you receive robust assurance that all key risks are managed in your supply chain?

2. Engage

Own the process and start engaging the stakeholders to develop supplier risk management strategies.
With a faster-paced global economy with more interdependencies and higher complexities across value
chains, it is increasingly important to have well-defined supplier risk strategies. Form a risk committee
with a cross-functional team. A core responsibility of the risk committee is to provide proactive and
predictive measures and reaction plans before an event occurs.

3. Build a Framework

Design a supplier risk identification and monitoring process that enables the procurement team and the
stakeholders to make proactive and effective decisions, especially during volatile times. Your framework should include the following risks type:

• Reputational risk. The risk to your organisation’s reputation due to a service or supply interruption, a supplier safety or quality failure, or a supplier’s business practices.
• Resilience risk. The risk that a supplier failure results in an interruption of customer service – sometimes immediately.
• Information security and privacy. The risk that sensitive data, including customer data, is compromised by a cyber-security breach or failure in a supplier company.
• Regulatory risk. The risk of non-compliance with the regulatory requirements or the commercial undertakings associated with sourcing, outsourcing or offshoring arrangements in the jurisdictions you operate.
• Commercial risk. The risk of financial loss or cost overruns from poorly managed sourcing arrangements or supplier failures and inaccurate billing from outsourced parties.

If you have an existing framework, review its effectiveness. Unless your supplier risk management
framework has evolved, you could face unexpected risks and not capitalise on the potential benefits.

In SuRe Procurement, we always think of solutions through technology. Undoubtedly, by utilising
technology, the steps outlined above will increase the effectiveness of your supplier risk management.

Technology has proven to be a catalyst for improved risk management. As risks evolve and new threats
emerge with increased complexity and impact, compliance monitoring tools are essential in every
organisation. An increasing number of tools are becoming available in the market, especially for
procurement monitoring, supplier financial risk assessment and risk factors.

Does your organisation have a supplier risk and compliance management tool that is simple to use and
governance-proof?

If you need an easy-to-use, intuitive tool with the best-in-class Supplier Compliance functionality, please contact us today.

References:

Gartner for Supply Chain, 2020, Increase Supply Chain Risk Awareness , Gartner, viewed 10 August 2022, < https://www.gartner.com/en/supply-chain/trends/supply-chain-risk-awareness >.

Leong J and Huang A, 2016, Supplier Risk Management, PWC, viewed 19 August 2022, < https://www.pwc.com/sg/en/industries/assets/supplier-risk-management.pdf >