September/October 2012, eSide Supply Management Vol. 5, No. 5
The most effective programs are systematic, cross-functional, supplier-endorsed, accountable and fueled by financial data.
In today's turbulent economy, understanding the risks posed by your suppliers is critical. If a supplier isn't financially healthy, its potential inability to fulfill its obligations can have major repercussions for your own organization's financial health.
So, what does an effective supplier risk management initiative look like, in practice?
It's systematic. A one-time assessment won't do the job. To be effective, the process must be continual and integrated into your company's business processes.
It's cross-functional. Managing supplier risk is a cross-functional responsibility. It requires participation by individuals across the enterprise — from the supply chain/procurement team, to logistics, to quality and manufacturing, to compliance or regulatory staff, to financial or treasury officers. Supplier risk management can't be just procurement's or finance's responsibility.
It's supplier-endorsed. Supplier engagement is the most critical driver of an effective supplier risk management program. Conducting a risk assessment of a supplier represents an opportunity to build a strategic, collaborative partnership. In doing so, it's important to be open, honest and direct with your supplier. Together, during supplier meetings, discuss potential areas of risk.
As noted, effective supplier risk management is an ongoing process. To this end, be prepared to jointly develop a plan with each supplier. And, don't assume your work is done once a plan is in place; it will require continuous follow-up and monitoring.
It has "boots on the ground." Conducting site visits is a great opportunity to really understand what's happening at a supplier's site. Have recent layoffs occurred? Has a portion of the facility recently been mothballed due to a loss of business? Is the parking lot only half full?
Simple observations — only obtainable by being onsite- can provide immediate insights. They can also signify the need to ask additional questions of a supplier.
As you begin assessing risk among your supply base, due diligence enables your company to understand its suppliers in terms of their ownership and management structures. Ask:
How many of our suppliers are public? How many are private? On average, a supply base may be as much as 80 percent private.
Where are our suppliers' facilities located? Geographies prone to natural disasters or political unrest can pose a threat to their operations. Such factors should be noted.
Does your organization require its suppliers to provide financials? If so, are they willing to impart this information?
Setting the policy for financial disclosure by suppliers is up to your company. It can request — or even require — that suppliers provide financials. Or, it can offer incentives for sharing these data. (Alternatively, of course, it can do both.)
When attempting to secure financial data from new or potential suppliers, how your organization positions its need for this information will be critical. A standardized corporate risk management initiative will prove essential will prove essential in these cases.
For potential suppliers: Your company might choose to include disclosure requirements in contracts before it embarks on business relationships with its suppliers. If it's your company's policy, let the suppliers know that financial disclosure will be required for business dealings to move forward. Of course, you must be willing to forego those relationships altogether if suppliers refuse to provide this information. When a supplier refuses to disclose its financials, it's critical for your organization to understand why — and be able to address those concerns accordingly.
For private suppliers: When attempting to gain financial information from longer-term, long-standing suppliers, your organization might opt to phase in these policies over time, as it can be particularly challenging to obtain these data. For confidentiality reasons, many private suppliers are reluctant to disclose financial information. They'll want to know what your company plans to do with the information. Be honest about your company's intentions.
Private suppliers probably will also want to know how this financial data might affect how they're being evaluated by your company. It's a good idea to proactively educate them about the financial data collection process. Encourage honest, transparent, two-way dialogue.
To ensure your supplier risk management plans are effective, individual suppliers must be held accountable — and understand the consequences for noncompliance.
At the same time, this exchange shouldn't be confrontational; it must be framed as an opportunity for collaboration. Emphasize that the establishment of a risk management program represents an opportunity to enhance a new or existing relationship. Urge suppliers to regard the process as a chance to develop a strategic partnership between your organization and theirs.
Open dialogue will prove critical here, as well. Setting this tone helps your organization understand the risks a supplier poses. And, ultimately, it encourages stronger financial health across your entire supply chain.
The following steps are worth considering as you embark on building better, more productive, more collaborative supplier relationships:
Laying the groundwork for an effective risk management initiative with your suppliers requires a systematic, cross-functional approach — one that's supported with supplier buy-in. Site visits and simple questions can get you on your way; but, gaining access to often-elusive financial data and establishing accountability (in a nonconfrontational way) delivers the real payoffs.
Armed with these tenets, your organization should be able to get the ball rolling on a supplier risk management initiative today.
Rose Kelly-Falls is senior vice president, supply chain risk management at Rapid Ratings International Inc. in New York. To contact this author, please send an email to firstname.lastname@example.org.
Take me to the eSide home page.