The Risks of Eluding Risk

Even if you think you’re doing all you can to mitigate risk, you’re probably not. Shockingly, some companies won’t go the extra mile—and it will cost big.

Getty Images 924927516

The supply chain is more spread out than ever before, with more actors and less visibility into what they’re doing," acccording to Tony Pelli, a supply chain risk consultant at BSI, a London-based supply chain standards and intelligence company.

“It’s a constantly shifting supply chain,” he says. 

And yet, not everyone is onboard with being proactive. The Haslam College of Business at the University of Tennessee surveyed more than 150 supply chain executives and conducted six face-to-face interviews with senior executives from six prominent companies. The results range from surprising to disturbing. 

None of those surveyed use outside expertise in assessing risk for their supply chains. Ninety percent of firms do not quantify risk when outsourcing production, and while 66 percent had risk managers in their firms—either in legal or compliance—virtually all of those internal functions ignored supply chain risk 

Most surprising of all, 100 percent of the supply chain executives acknowledged insurance as a highly effective risk mitigation tool, but it was not on their radar screen, nor in their purview. 

Lead author of the survey J. Paul Dittmann, executive director of The Global Supply Chain Institute at Haslam, wrote that the lack of appreciation for proper insurance was “perplexing, particularly since insurance providers offer solutions to circumvent, protect against, or ultimately help companies financially recover from many of these risks.” 

One interviewee even said that, although he knows risk management is necessary, it’s not encouraged or rewarded. “Maybe that’s at the heart of the problem,” Dittmann wrote. “Few executives are compensated or incentivized in their day-to-day job to rigorously manage risks.” 

Human Nature

Like the guy in the insurance commercial, Greg Schlegel has seen it all in his 30-plus years of supply chain experience. He teaches graduate-level supply chain risk management classes at Lehigh and Villanova Universities. Schlegel also founded the 20-company Supply Chain Risk Consortium that provides education, assessment tools and consulting services in support of supply chain risk management projects and enterprise-wide risk management. 

So, why don’t companies take the proper risk mitigation steps? 

“Why? It’s a puzzlement,” Schlegel says. “My first thought, and I’m not trying to be glib, is that it’s in the human DNA to procrastinate. We will wait until the very, very, very last moment in this arena. That’s the rationale.” 

The No. 1 reason is human nature, he adds. And No. 2 is the extra cost. “Where’s my ROI (return on investment)? That’s the rough part. A Stanford professor once said, ‘Listen, no one ever gets promoted for good cost avoidance.’ 

“As a faculty member, we train our MBA (students) to understand 15-20 KPIs (key performance indicator), then we send them out [and they ask] where’s the money? They want a hard ROI. How do you measure the risk mitigation techniques when it doesn’t hit the fan?” 

That goes all the way up to the C-suite. Even if operational supply chain people see risk, they’re often handicapped by their own skills, Schlegel notes. “Your own executives assume that you and your team are so good at supply chain operations that you’ll know what to do if any event ever happens.” 

It all comes down to change management, he adds. “People hire us to do a four-week project. We map the supply chain and find the risk. We assess it as to small, medium and large. Then, we give them mitigation to will eliminate the risks [80 percent are tactical], and they do nothing. They say, ‘Thank you, you’ve done a great job.’ It’s an academic exercise. Nine out of 10 won’t do any of the mitigation. Why? Culture kicks in. It’s change management, and nobody likes change management. If they’re risk adverse they won’t do anything; they’re just checking off boxes. It’s all about culture.” 

For example, Schlegel and his team told one large client that a couple of their factories needed changes. The cost of the fix, he says, would have been around $150,000, but the client chose not to act. About six months later, “a weather event knocked them out. Instead of the $150,000 it would have cost to do the mitigation, they lost $50 million while the factories were down. Yes, heads rolled and executives were fired, but all that could have been fixed for $150,000." 

Can We Talk?

It probably sounds like a cliché: break down the silos. Talk to each other. But clichés are clichés because they’re true. 

“The biggest thing you can do,” BSI’s Pelli advises, “is bring together, as much as possible, teams on the supply chain. Just get a current list of suppliers and form a risk working group. Screen first and look for warning signs like child labor and forced labor.” 

Even technology won’t help without communication. “There’s a lot of talk about predictive analytics,” Pelli says. “But if teams aren’t linked up to respond, it doesn’t matter. There has to be a foundation, multiple groups working together, and risk should guide it. Link up efforts within the company—no gaps.” That means you can’t think of natural disasters, but forget about strikes, or child labor, cargo theft or any of the other risk categories out there. 

Coordination and collaboration, along with visibility, are a must, advises Gary Barraco, director, global product marketing at Amber Road. “Know the risk [that is] coming at you,” he says. “Where are we today? Are there new risks next week? Ask, ‘What are we doing to see risk?’ 

“From the global supply chain side, folks are realizing the highest risk is in variability,” he adds. “Consumer buying and behavior all feeds into vulnerability of risk. As manufacturing improves, exporters need to know so much. Who’s manufacturing it? Shipping it? Buying it? They have to know about trade sanctions and embargoes.” 

What Do We Know?

When it comes to insurance, we don’t know much, Schlegel says. “We—supply chain and operations professionals—don’t know anything about insurance. We run factories, supply chains. Finance people know about it. They buy hazard insurance, but that just mitigates risk to the bottom line. It’s property insurance, not disasters. And neither of these [departments] talk to each other except at quarterly meetings. 

“These two disciplines in a large manufacturing company are the two most powerful disciplines in the company,” he adds. “Supply chain handles 80-90 percent of the goods, and finance is driving income. We’ve got to get these two disciplines talking. If they’re sharing information, it can lead to a competitive advantage.” 

The correct insurance can help mitigate supply chain risk. It can augment anything you do as operations under supply chain risk, so explore what your insurance providers and others have. Here are some things you should know: 

  • First-party commercial insurance covers profits that would have been earned. Few businesses could survive the loss of all or even a significant percentage of their personal property or real property without being compensated for that loss. 
  • Business interruption coverage pays for some ancillary costs associated with disruption. After all, when an event happens, revenue goes to zero, but costs still occur.
  • Cargo insurance covers loss and damage while goods are in transit.
  • Trade disruption insurance provides even more coverage, such as lost profits while cleaning up.
  • Cyber insurance is getting bigger and bigger for supply chain. Remember, when your IT goes down, so does your supply chain. 

“There are new product packages coming out of the insurance industry, which is growing this line by leaps and bounds,” Schlegel says. “It’s on top of the [basic] premium you pay, so you still have to sell it to the executives.” 

Going Global

Global trade is in the news. E-commerce has changed everything. What’s going to happen with NAFTA? Will Britain’s exit from the European Union (EU) cause lingering disruptions? 

Risk is a key element in all of it and it’s a lot to keep an eye on. Global trade is accelerating in volume and complexity. The World Trade Organization (WTO) revised its most recent trade forecast to show improved growth in world merchandise trade volume. The number of tons shipped by ocean containers, for example, has multiplied almost 17 times from 102 million tons in 1980 to 1,720 million tons in 2016. 

Barraco asks the question: “Where are you sourcing today, because you may not get it tomorrow? There’s definitely a shift in sourcing back in the United States. Get the parts and manufacture it here.” 

The U.S. government has, of course, rules and regulations for importers and exporters. These restricted party screenings include a restriction on doing business with entities the government deems a danger to U.S. interests. Restricted party lists are directories of organizations, companies or individuals that various U.S. agencies—and other foreign governments—have identified as parties that one can’t do business. 

In the United States, the primary restricted party lists are published by the Department of CommerceDepartment of State and Department of Treasury. However, several other agencies produce lists as well. These agencies recommend that companies perform restricted party screening periodically and repeatedly throughout the movement of goods in the supply chain. 

Scouring those lists—and Barraco says there are about 580 worldwide—is vital. 

It’s easy to slip up. According to a filing with the Securities and Exchange Commission, Amazon processed and delivered more than $24,000 worth of consumer goods to an Iranian embassy, as well as to an individual “who may have committed, threatened to commit or supported terrorism.” 

E-commerce Around the Globe

One way to help avoid risk is having boots on the ground, advises Pelli. “Taking out the traditional middlemen and going directly to the manufacturer in China and other countries. Small companies pop up to work with the factory in China—it’s just like a storefront. It’s another vulnerability. 

“We’re seeing growing consumer demand in China, Brazil and India. They have more money and companies are rushing into those markets. But compliance and other risk functions can make it difficult in emerging markets,” he says, adding that many companies fail to factor in the additional risks—and therefore additional costs—with doing business in those emerging markets. 

A risk assessment or audit can help. There are a lot of rules to know. There are child labor laws and conflict mineral regulations. There’s the Food Safety Modernization Act (FSMA). “You’re looking for greater visibility,” Pelli says. “Where’s the product coming from? Who’s touching your product where?” 

Sometimes, he adds, companies try to be too comprehensive, employing a one-size-fits-all approach. “If you’re dealing with a supplier in Sweden, you won’t [necessarily] see what happens in India or China.” 

Nope, it’s not easy.

Barry Hochfelder is a freelance journalist who has covered a variety of industries in his career, including supply chain. He also served as the former editor of Supply & Demand Chain Executive. Hochfelder is based in Arlington Heights, Illinois.