Achilles is a Business Reporter client
How data helps organisations build resilient and sustainable supply chains and manage unexpected risks
The Suez Canal blockage, the war in Ukraine, the pandemic, Hurricane Ida and a shortage of truck drivers: over the past two years, businesses of all kinds have experienced major disruption to their supply chains. And this disruption seems to be continuous and unremitting.
All organisations are dependent on third parties to supply them with goods and services. When supplies are uncertain, this dependency on suppliers is a significant risk to operational effectiveness and profitability.
Using the wrong suppliers can lead to reputational risks, such as accusations of benefiting from modern slavery. There are also operational risks, such as privacy failures when suppliers are used by hackers to steal customer data. And there are financial risks, such as the $200 billion revenue loss experienced by the car industry because of the shortage of computer chips throughout 2021.
Supply chain risk is damaging. It is also very complex. A single finished product can involve dozens or even hundreds of suppliers, and most organisations have multiple supply chains. This makes managing supply chain risk very challenging: identifying and mitigating even just the main risks in the most critical supply chains requires considerable time and talent. But above all, managing supply chain risk requires data.
Managing known risks
Doing business involves taking risks. Often these risks are well known, such as production bottlenecks or supplier bankruptcy. Many of these “resting” risks can be reduced by choosing the right suppliers.
For that to happen, organisations need sufficient data about potential suppliers so that they can understand the risks. Almost all these risks are related in some way to the environmental, social and governance (ESG) criteria that are increasingly important to business globally. Data about these risks is therefore particularly important.
ESG is more than just sustainability. It has a real impact on the operational and financial agility and resilience of organisations. There are five main pillars to consider:
- Environmental: the impacts of a business and its suppliers on green issues, including pollution, climate change and scarce resources
- Social: the effects on wider society, such as human rights (including slavery) and justice (including bribery)
- Health and safety: the effects on the physical, mental and financial wellbeing of employees and operational partners such as contractors
- Governance: the degree to which compliance with standards and regulations is ensured, strong management systems are in place and an ethical approach to business is followed
- Financial: the overall financial security of a business and its impact on the way ESG considerations are handled
These are all important areas. Suppliers and potential suppliers need to be evaluated against them to provide accurate and comprehensive insights into the risks that each one poses.
The importance of having the right ESG data was shown when supply chain risk management specialists Achilles helped a leading renewable energy company to avoid working with a high-risk supplier. Through a detailed and validated data-collection process, Achilles identified that the rate for injuries at work at this supplier was 25 times higher than the industry average. Collaborating could significantly increase the risk of an accident on site – a considerable operational and financial risk.
In the same project, Achilles also found that many existing suppliers had no policies aimed at preventing modern slavery. This represented a high compliance risk to the energy company, as it would to any organisation based in the UK, Germany or Norway, where legislation requires due diligence related to the eradication of modern slavery in supply chains.
It is possible to reduce resting risk considerably by collecting and analysing data about companies in the supply chain. However, risk reduction can only go so far because you don’t always know what the risks are. So as well as having processes to manage known supply chain risks, there is also a need for processes to react to unexpected risks.
Managing unexpected risks
With the right preparation, managing even unexpected risks becomes possible. Managing these “reactive” risks requires an organisation to identify its most important processes and strengthen them.
For example, in any business-critical process, key suppliers should be identified and alternatives found. Initial negotiations that put the client organisation in a stronger position should they have to shift to the alternative supplier can then take place and outcomes might include retainers or secondary supply contracts with options to increase quantities at short notice. An alternative option might be to simplify or shorten the supply chain, perhaps by onshoring some elements and combining others.
Both options may increase costs. But, like insurance, they are also ways of reducing risk. The amount of risk (and cost) you are prepared to endure is a business decision rather than an outright financial one.
A key consideration here is that organisations must manage reactive risk before they need to react – prior to the point of disruption. Once the disruption has taken place, it’s going to be far harder to do anything about it. For instance, finding and negotiating a new source of an important raw material takes time. You need to act pre-emptively if you are going to be able to buy a disrupted raw material at a reasonable price and everyone else is trying to do the same.
Data-driven risk management
For managing both resting risk and reactive risk, it’s crucial to have the right data. And while it’s true that organisations typically collect lots of data about their suppliers, this data isn’t always the right kind or in the right format.
For example, different teams in a procurement process may all ask for the same information about, say, quality management. This isn’t just frustrating for the supplier. It can lead to data being submitted in different formats that can be hard to analyse. Two teams answering the question “What is your quality management process?” might come up with very different descriptions containing a good deal of irrelevant information.
It’s preferable to use simpler closed and semi-closed questions such as “Do you have a quality management process?” and “Is your quality management process compliant with a standard, and if so which one?”. These are easier to validate and analyse.
Data-driven risk management requires trustworthy data, capable of being compared, quantified and collected in a consistent and timely manner. And once you have that data, you can use it to inform supply chain decisions that will reduce risk, plan for potential issues and minimise their impact.
Building a holistic mindset
Business leaders must take a holistic view of their business that includes the supply chain. Procurement is closely linked with strategic issues such as compliance and the ability to attract investment and talent. Because of this, the supply chain is as much a C-suite issue as the financial success of the business. This requires leaders to have access to the data that is an essential tool to manage supply chain risk.
Business leaders must also ensure that procurement professionals have access to the data they need to identify supply chain risks. Seeking out and analysing relevant data from across the business – HR, IT, marketing, operations – will be essential if procurement teams are to do their job effectively.
Achilles works with organisations and their suppliers to reduce supply chain risk. The Achilles Supply Chain Resilience Index measures underlying supply chain risks and provides insight into trends impacting supply chains globally.
Originally published on Business Reporter