Managing Supply Chain and Third Party Risk Management

MANAGING-SUPPLY-CHAIN-AND-THIRD-PARTY-RISK-MANAGEMENT

@ the IERP® Global Conference, August 2024

Anij Janardhanan, Senior Director of Dayforce Inc., peppered his presentation with industry quips and relevant examples, turning what could have been a dull session into one which radiated relevance and reflected extensive, hands-on industrial expertise. Starting with the supply chain triangle’s three components – cost, cash and service – he said bluntly, “Sales are vanity, profit is sanity, but cash is the reality. Companies die because they run out of cash. Sales is important, profit is important but ultimately, if you don’t have cash…that’s when companies suffer.”

Supply chain management is essentially the balance of cost, cash and service, and is a micro-representation of the organisation’s entire strategy. A supply chain management programme must be integrated with the organisation’s financial objectives and broader strategies for it to be successful. “You cannot treat your supply chain as a separate thing from your organisation’s overall management,” he stressed. “We all use vendors or suppliers. We all have customers, even non-profit organisations.”

But while the supply chain can be a strength, advantage, opportunity and market differentiator, it could also be a big risk. For instance, your supplier may do something at a lower cost, allowing you to focus better on what you do, but this could create some dependencies that ultimately affect your products and services. There are many benefits to outsourcing, and numerous reasons to manage the risks that come with it. One is the Butterfly Effect; a minor disruption or risk, or a seemingly isolated incident, which creates significant, far-reaching impacts on supply chain management.

“It could be just a delay in receiving raw materials, or a shipping delay in one place that impacts your entire supply chain,” he said. “It could be worse if you have interdependencies between suppliers where one supplier sends a component to another which assembles it, then sends it to you or another supplier. This impact could be more pronounced in more complex/interdependent supply relationship networks.” The 2011 earthquake in Japan which caused the Fukushima nuclear plant meltdown, was an example.

He said this event not only affected certain parts of the country, but it had a far-reaching, global impact, even causing Ford, the American automobile manufacturing giant, to cut back production. “A lot of components and semiconductors used in automotive manufacturing were actually coming from Japan,” he explained. “That industry was disrupted. What started as a local natural disaster created a global ripple, or butterfly effect, bringing a crisis to the automotive and electronics industry because Japan is a major supplier.” Many companies started to consider diversification, after this event.

An event in Asia or Africa can create an unimaginable impact in another part of the world. Rarer than the Butterfly Effect are Black Swan events, which are unpredictable and can cause severe, widespread supply chain breakdowns. “With something so rare, it is difficult to predict because there is not enough data,” he said. “You can prepare only based on assumptions.” An example of this was the Covid-19 pandemic, which nobody was prepared for. But even this had an ‘up’ side of sorts: the rapid uptake of digitalisation among organisations which had been dragging their feet.

“We had a running joke that the digitalisation of companies was driven not by CEOs, CIOs or CTOs, but by a virus,” he said. “The Covid-19 virus made a significant impact on all of us. It changed the way we worked, overnight.” From a supply chain perspective, it caused delays in everything. Pre-Covid, staff worked on desktops in the office. When Covid hit, everybody had to work from home on laptops – and there was a shortage of laptops. This underscored the significant impacts on the supply chain and people’s ability to work on a global scale.

The concept of supply chain risk must be integrated into the enterprise risk management programme. There are also other factors to consider, such as the geopolitical situation, outsourcing at the risk of losing the organisation’s inherent skills, innovation capability, quality issues, strategic vulnerability, and leadership. “You may benefit from a very good vendor, but you may suffer if you do not sustainably invest in your own capabilities,” he said. “If you have interconnected vendors or supply networks, you need to assess risks holistically.”

Also, having too many suppliers may not permit full visibility across the organisation, which could lead to strategic vulnerabilities. Stressing the importance of leadership, he stated that without leadership support, any programme will not be able to access the necessary resources, attention or investment for implementation. “Leadership’s commitment to what you have defined as objectives, and their agreement to what you have elaborated as specifics, is absolutely indispensable,” he said. Training and awareness will also be necessary.

This will be not just for the vendors who know what is to be delivered, but also for the organisation’s own staff managing that area. Urging the development of a comprehensive supplier assessment process, he said that the more comprehensive the assessment process, the more trust you can have in your business partners – and trust is an integral component of the business relationship. In business, it should come from objective assessment. “Risk assessment of suppliers and the supply chain must feed into the ERM programme,” he said.

“If it is not connected to the ERM programme, it will not give you a holistic view of the supply chain. It will give a fragmented view.” Supply risk assessment is effective if done before onboarding of new suppliers, on a periodic basis, and combined with regular performance monitoring. On emerging risks in supply chain management, he pointed to AI-driven attacks which were targeting supply chain vulnerabilities. “There are no human threat actors; all are AI-based programmes that actively scan systems and initiate attacks,” he said.

Data privacy and security is another area of emerging risk. “When you involve suppliers with data you have to make sure that the supplier has a secure system,” he said. “Your supply chain is a strategic asset that can give you leads provided it is correctly managed. Comprehensive, holistic risk management is necessary. A supply chain programme should be integrated with an ERM programme. Do not develop something that is isolated or in a silo. Trust but verify; maintain accountability. Do onboarding at the initial stage as well as on a regular basis. Collectively learn better.”

Share the Post

Upcoming Events

Tea Talk – 8 November 2024

Nov 8, 2024

Latest Articles

Share the Post

Subscribe to our weekly newsletter
and stay connected!

Subscribe to our weekly newsletter and stay connected!

Receive the latest update on our risk management program, industry news, events and more!

Subscribe to our weekly newsletter